src/server/daemon/webserver.c

Thu, 09 May 2013 19:41:11 +0200

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Thu, 09 May 2013 19:41:11 +0200
changeset 62
c47e081b6c0f
parent 60
feb2f1e115c6
child 63
66442f81f823
permissions
-rw-r--r--

added keyfile based authentication

/*
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 *
 * Copyright 2013 Olaf Wintermann. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 *   1. Redistributions of source code must retain the above copyright
 *      notice, this list of conditions and the following disclaimer.
 *
 *   2. Redistributions in binary form must reproduce the above copyright
 *      notice, this list of conditions and the following disclaimer in the
 *      documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */


#ifdef __gnu_linux__
#define _GNU_SOURCE
#endif

#include <stdio.h>
#include <stdlib.h>
#include <dlfcn.h> 
#include <grp.h>
#include <sys/types.h>
#include <sys/stat.h>

#include "../public/nsapi.h"
#include "../public/auth.h"
#include "../util/systhr.h"
#include "../util/io.h"
#include "../util/util.h"

#include "func.h"
#include "config.h"
#include "configmanager.h"
#include "httplistener.h"
#include "webserver.h"
#include "log.h"


extern struct FuncStruct webserver_funcs[];


int webserver_init() {
    // init NSPR
    systhread_init("webserver");
    
    // init NSAPI functions
    func_init();
    add_functions(webserver_funcs);
    
    // load init.conf
    if(load_init_conf("config/init.conf")) {
        return -1;
    }

    // load server.conf
    init_configuration_manager();
    if(cfgmgr_load_config() != 0) {
        fprintf(stderr, "Cannot load configuration\n");
        return -1;
    }
    
    // create tmp dir and pid file
    ServerConfiguration *cfg = cfgmgr_get_server_config();
    char *mkdir_cmd = NULL;
    asprintf(&mkdir_cmd, "mkdir -p %s", cfg->tmp.ptr);
    system(mkdir_cmd);
    free(mkdir_cmd);

    char *pid_file_path = NULL;
    asprintf(&pid_file_path, "%s/pid", cfg->tmp.ptr);
    FILE *pidfile = fopen(pid_file_path, "w");
    pid_t pid = getpid();
    fprintf(pidfile, "%d", pid);
    fclose(pidfile);
    free(pid_file_path);
    
    // set global vars
    conf_global_vars_s *vars = conf_getglobals();
    
    if(cfg->user.ptr) {
        char *pwbuf = malloc(DEF_PWBUF);
        vars->Vuserpw = malloc(sizeof(struct passwd));
        // open user database
        setpwent();
        if(!util_getpwnam(cfg->user.ptr, vars->Vuserpw, pwbuf, DEF_PWBUF)) {
            log_ereport(
                    LOG_MISCONFIG,
                    "user %s does not exist!",
                    cfg->user.ptr);
            free(vars->Vuserpw);
            vars->Vuserpw = NULL;
        }
        free(pwbuf);
        endpwent();
    }

    // change uid
    if(vars->Vuserpw && geteuid() == 0) {
        // a webserver user is set and we are root
        
        if(setgid(vars->Vuserpw->pw_gid) != 0) {
            log_ereport(
                    LOG_FAILURE,
                    "setgid(%d) failed",
                    vars->Vuserpw->pw_gid);
        } else {
            // setgid was successful
            // we need to call initgroups to have all group permissions
            if(initgroups(vars->Vuserpw->pw_name, vars->Vuserpw->pw_gid)!=0) {
                log_ereport(LOG_FAILURE, "initgroups failed");
            }
        }
        
        // change the uid
        if(setuid(vars->Vuserpw->pw_uid)) {
            log_ereport(
                    LOG_FAILURE,
                    "setuid(%d) failed",
                    vars->Vuserpw->pw_uid);
        }
    } else if(vars->Vuserpw) {
        log_ereport(
                    LOG_WARN,
                    "server must be started as root to change uid");
    }
   
    return 0;
}

int webserver_run() {
    printf("webserver_run\n");

    // start all http listener
    if(start_all_listener() != 0) {
        fprintf(stderr, "Error: Cannot start http listener\n");
    }

    return 0;
}


void webserver_atrestart(void (*fn)(void *), void *data) {
    /*
     * TODO: implement later
     * only for mod_jk at this time
     */
}

mercurial