ant-http/httpd.c


#include <dirent.h>
#include "http_server.h"
#include "libs/ini.h"
static  antd_scheduler_t scheduler;
static int server_sock = -1;

#ifdef USE_OPENSSL
static int ssl_session_ctx_id = 1;
SSL_CTX *ctx;
void init_openssl()
{ 
    SSL_load_error_strings();	
    OpenSSL_add_ssl_algorithms();
}

void cleanup_openssl()
{
    EVP_cleanup();
}

SSL_CTX *create_context()
{
    const SSL_METHOD *method;
    SSL_CTX *ctx;

    method = SSLv23_server_method();

    ctx = SSL_CTX_new(method);
    if (!ctx) {
		perror("Unable to create SSL context");
		ERR_print_errors_fp(stderr);
		exit(EXIT_FAILURE);
    }

    return ctx;
}

void configure_context(SSL_CTX *ctx)
{
#if defined(SSL_CTX_set_ecdh_auto)
    SSL_CTX_set_ecdh_auto(ctx, 1);
#else
    SSL_CTX_set_tmp_ecdh(ctx, EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
#endif
    //SSL_CTX_set_ecdh_auto(ctx, 1);
	/* Set some options and the session id.
     * SSL_OP_NO_SSLv2: SSLv2 is insecure, disable it.
     * SSL_OP_NO_TICKET: We don't want TLS tickets used because this is an SSL server caching example.
     *                   It should be fine to use tickets in addition to server side caching.
     */
    SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_TICKET);
    SSL_CTX_set_session_id_context(ctx, (void *)&ssl_session_ctx_id, sizeof(ssl_session_ctx_id));
    /* Set the key and cert */
	/* use the full chain bundle of certificate */
    //if (SSL_CTX_use_certificate_file(ctx, server_config->sslcert, SSL_FILETYPE_PEM) <= 0) {
	if (SSL_CTX_use_certificate_chain_file(ctx, config()->sslcert) <= 0) {
	    ERR_print_errors_fp(stderr);
		exit(EXIT_FAILURE);
    }

    if (SSL_CTX_use_PrivateKey_file(ctx, config()->sslkey, SSL_FILETYPE_PEM) <= 0 ) {
        ERR_print_errors_fp(stderr);
		exit(EXIT_FAILURE);
    }
	if (!SSL_CTX_check_private_key(ctx)) {
        LOG("Failed to validate cert \n");
        ERR_print_errors_fp(stderr);
		exit(EXIT_FAILURE);
    }
}

#endif

void stop_serve(int dummy) {
	UNUSED(dummy);
	sigset_t mask;
	sigemptyset(&mask);	
	//Blocks the SIG_IGN signal (by adding SIG_IGN to newMask)
	sigaddset(&mask, SIGINT);
	sigaddset(&mask, SIGPIPE);
	sigaddset(&mask, SIGABRT);
	sigprocmask(SIG_BLOCK, &mask, NULL);
	antd_scheduler_destroy(&scheduler);
	unload_all_plugin();
	destroy_config(); 
#ifdef USE_OPENSSL
	FIPS_mode_set(0);
	SSL_CTX_free(ctx);
	FIPS_mode_set(0);
	CONF_modules_unload(1);
	EVP_cleanup();
	ENGINE_cleanup();
	CRYPTO_cleanup_all_ex_data();
	ERR_remove_state(0);
	ERR_free_strings();
#endif
	close(server_sock);
	sigprocmask(SIG_UNBLOCK, &mask, NULL); 
}
int main(int argc, char* argv[])
{
// load the config first
	if(argc==1)
		load_config(CONFIG);
	else
		load_config(argv[1]);
	unsigned port = config()->port;
	int client_sock = -1;
	struct sockaddr_in client_name;
	socklen_t client_name_len = sizeof(client_name);
	char* client_ip = NULL;
	// ignore the broken PIPE error when writing 
	//or reading to/from a closed socked connection
	signal(SIGPIPE, SIG_IGN);
	signal(SIGABRT, SIG_IGN);
	signal(SIGINT, stop_serve);

#ifdef USE_OPENSSL
	if( config()->usessl == 1 )
	{
		init_openssl();
    	ctx = create_context();

    	configure_context(ctx);
	}
    
#endif
	server_sock = startup(&port);
	LOG("httpd running on port %d\n", port);
	// default to 4 workers
	antd_scheduler_init(&scheduler, config()->n_workers);
    set_nonblock(server_sock);
	while (scheduler.status)
	{
		antd_task_schedule(&scheduler);
		client_sock = accept(server_sock,(struct sockaddr *)&client_name,&client_name_len);
		if (client_sock == -1)
		{
			//perror("Cannot accept client request\n");
			continue;
		}
		antd_client_t* client = (antd_client_t*)malloc(sizeof(antd_client_t));
		antd_request_t* request = (antd_request_t*)malloc(sizeof(*request));
		request->client = client;
		request->request = dict();
		/*
			get the remote IP
		*/
		client->ip = NULL;
		if (client_name.sin_family == AF_INET)
		{
			client_ip =  inet_ntoa(client_name.sin_addr);
			client->ip = strdup(client_ip);
			LOG("Client IP: %s\n", client_ip);
			//LOG("socket: %d\n", client_sock);
		}

		// set timeout to socket
		set_nonblock(client_sock);
		/*struct timeval timeout;      
		timeout.tv_sec = 0;
		timeout.tv_usec = 5000;

		if (setsockopt (client_sock, SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout,sizeof(timeout)) < 0)
			perror("setsockopt failed\n");

		if (setsockopt (client_sock, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout,sizeof(timeout)) < 0)
			perror("setsockopt failed\n");
		*/
		client->sock = client_sock;
#ifdef USE_OPENSSL
		client->ssl = NULL;
		client->status = 0;
		if(config()->usessl == 1)
		{
			client->ssl = (void*)SSL_new(ctx);
			if(!client->ssl) continue;
        	SSL_set_fd((SSL*)client->ssl, client->sock);

        	/*if (SSL_accept((SSL*)client->ssl) <= 0) {
				LOG("EROOR accept\n");
            	ERR_print_errors_fp(stderr);
				antd_close(client);
				continue;
        	}*/
		}
#endif
		// create callback for the server
		antd_add_task(&scheduler, antd_create_task(accept_request,(void*)request, finish_request ));
	}

	close(server_sock);

	return(0);
}
the mainline http server 2015-10-22 11:39:11 +02:00
			`#include <dirent.h>`
			`#include "http_server.h"`
add ssl, rename plugins source tree 2018-02-09 13:13:11 +01:00			`#include "libs/ini.h"`
use async for server 2018-10-03 23:42:42 +02:00			`static antd_scheduler_t scheduler;`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`static int server_sock = -1;`
the mainline http server 2015-10-22 11:39:11 +02:00
bug every where 2018-02-10 11:22:41 +01:00			`#ifdef USE_OPENSSL`
add ssl session cache 2018-02-10 16:57:21 +01:00			`static int ssl_session_ctx_id = 1;`
fix memory leak 2018-03-02 19:04:00 +01:00			`SSL_CTX *ctx;`
bug every where 2018-02-10 11:22:41 +01:00			`void init_openssl()`
			`{`
			`SSL_load_error_strings();`
			`OpenSSL_add_ssl_algorithms();`
			`}`

			`void cleanup_openssl()`
			`{`
			`EVP_cleanup();`
			`}`

			`SSL_CTX *create_context()`
			`{`
			`const SSL_METHOD *method;`
			`SSL_CTX *ctx;`

			`method = SSLv23_server_method();`

			`ctx = SSL_CTX_new(method);`
			`if (!ctx) {`
request body can be decode directly or delegated to plugin 2018-10-08 19:32:23 +02:00			`perror("Unable to create SSL context");`
			`ERR_print_errors_fp(stderr);`
			`exit(EXIT_FAILURE);`
bug every where 2018-02-10 11:22:41 +01:00			`}`

			`return ctx;`
			`}`

			`void configure_context(SSL_CTX *ctx)`
			`{`
fix new ssl version linking bug 2018-03-19 12:06:22 +01:00			`#if defined(SSL_CTX_set_ecdh_auto)`
bug every where 2018-02-10 11:22:41 +01:00			`SSL_CTX_set_ecdh_auto(ctx, 1);`
fix new ssl version linking bug 2018-03-19 12:06:22 +01:00			`#else`
			`SSL_CTX_set_tmp_ecdh(ctx, EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));`
			`#endif`
			`//SSL_CTX_set_ecdh_auto(ctx, 1);`
add ssl session cache 2018-02-10 16:57:21 +01:00			`/* Set some options and the session id.`
			`* SSL_OP_NO_SSLv2: SSLv2 is insecure, disable it.`
			`* SSL_OP_NO_TICKET: We don't want TLS tickets used because this is an SSL server caching example.`
			`* It should be fine to use tickets in addition to server side caching.`
			`*/`
			`SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2\|SSL_OP_NO_TICKET);`
			`SSL_CTX_set_session_id_context(ctx, (void *)&ssl_session_ctx_id, sizeof(ssl_session_ctx_id));`
bug every where 2018-02-10 11:22:41 +01:00			`/* Set the key and cert */`
fix 2018-06-26 13:40:53 +02:00			`/* use the full chain bundle of certificate */`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`//if (SSL_CTX_use_certificate_file(ctx, server_config->sslcert, SSL_FILETYPE_PEM) <= 0) {`
			`if (SSL_CTX_use_certificate_chain_file(ctx, config()->sslcert) <= 0) {`
fix 2018-06-26 13:40:53 +02:00			`ERR_print_errors_fp(stderr);`
add ssl session cache 2018-02-10 16:57:21 +01:00			`exit(EXIT_FAILURE);`
bug every where 2018-02-10 11:22:41 +01:00			`}`

fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`if (SSL_CTX_use_PrivateKey_file(ctx, config()->sslkey, SSL_FILETYPE_PEM) <= 0 ) {`
bug every where 2018-02-10 11:22:41 +01:00			`ERR_print_errors_fp(stderr);`
add ssl session cache 2018-02-10 16:57:21 +01:00			`exit(EXIT_FAILURE);`
			`}`
			`if (!SSL_CTX_check_private_key(ctx)) {`
			`LOG("Failed to validate cert \n");`
			`ERR_print_errors_fp(stderr);`
			`exit(EXIT_FAILURE);`
bug every where 2018-02-10 11:22:41 +01:00			`}`
			`}`

			`#endif`

add release handler to unload all running plugin 2015-10-22 23:13:53 +02:00			`void stop_serve(int dummy) {`
use async for server 2018-10-03 23:42:42 +02:00			`UNUSED(dummy);`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`sigset_t mask;`
			`sigemptyset(&mask);`
			`//Blocks the SIG_IGN signal (by adding SIG_IGN to newMask)`
			`sigaddset(&mask, SIGINT);`
			`sigaddset(&mask, SIGPIPE);`
			`sigaddset(&mask, SIGABRT);`
			`sigprocmask(SIG_BLOCK, &mask, NULL);`
first working but buggy version 2018-10-04 19:47:31 +02:00			`antd_scheduler_destroy(&scheduler);`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`unload_all_plugin();`
			`destroy_config();`
fix memory leak 2018-03-02 19:04:00 +01:00			`#ifdef USE_OPENSSL`
open ssl still leak memory 2018-10-09 12:15:48 +02:00			`FIPS_mode_set(0);`
fix memory leak 2018-03-02 19:04:00 +01:00			`SSL_CTX_free(ctx);`
open ssl still leak memory 2018-10-09 12:15:48 +02:00			`FIPS_mode_set(0);`
			`CONF_modules_unload(1);`
			`EVP_cleanup();`
			`ENGINE_cleanup();`
			`CRYPTO_cleanup_all_ex_data();`
			`ERR_remove_state(0);`
			`ERR_free_strings();`
fix memory leak 2018-03-02 19:04:00 +01:00			`#endif`
			`close(server_sock);`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`sigprocmask(SIG_UNBLOCK, &mask, NULL);`
add release handler to unload all running plugin 2015-10-22 23:13:53 +02:00			`}`
the mainline http server 2015-10-22 11:39:11 +02:00			`int main(int argc, char* argv[])`
			`{`
			`// load the config first`
			`if(argc==1)`
			`load_config(CONFIG);`
			`else`
			`load_config(argv[1]);`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`unsigned port = config()->port;`
the mainline http server 2015-10-22 11:39:11 +02:00			`int client_sock = -1;`
			`struct sockaddr_in client_name;`
			`socklen_t client_name_len = sizeof(client_name);`
add remote IP logging 2018-03-14 10:51:46 +01:00			`char* client_ip = NULL;`
the mainline http server 2015-10-22 11:39:11 +02:00			`// ignore the broken PIPE error when writing`
			`//or reading to/from a closed socked connection`
			`signal(SIGPIPE, SIG_IGN);`
Ignore sigabort 2015-10-22 13:31:35 +02:00			`signal(SIGABRT, SIG_IGN);`
add release handler to unload all running plugin 2015-10-22 23:13:53 +02:00			`signal(SIGINT, stop_serve);`
bug every where 2018-02-10 11:22:41 +01:00
			`#ifdef USE_OPENSSL`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`if( config()->usessl == 1 )`
bug every where 2018-02-10 11:22:41 +01:00			`{`
			`init_openssl();`
			`ctx = create_context();`

			`configure_context(ctx);`
			`}`

			`#endif`
the mainline http server 2015-10-22 11:39:11 +02:00			`server_sock = startup(&port);`
			`LOG("httpd running on port %d\n", port);`
use async for server 2018-10-03 23:42:42 +02:00			`// default to 4 workers`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`antd_scheduler_init(&scheduler, config()->n_workers);`
			`set_nonblock(server_sock);`
use async for server 2018-10-03 23:42:42 +02:00			`while (scheduler.status)`
the mainline http server 2015-10-22 11:39:11 +02:00			`{`
use async for server 2018-10-03 23:42:42 +02:00			`antd_task_schedule(&scheduler);`
the mainline http server 2015-10-22 11:39:11 +02:00			`client_sock = accept(server_sock,(struct sockaddr *)&client_name,&client_name_len);`
			`if (client_sock == -1)`
			`{`
use async for server 2018-10-03 23:42:42 +02:00			`//perror("Cannot accept client request\n");`
the mainline http server 2015-10-22 11:39:11 +02:00			`continue;`
			`}`
use async for server 2018-10-03 23:42:42 +02:00			`antd_client_t* client = (antd_client_t*)malloc(sizeof(antd_client_t));`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`antd_request_t* request = (antd_request_t)malloc(sizeof(request));`
			`request->client = client;`
			`request->request = dict();`
add remote IP logging 2018-03-14 10:51:46 +01:00			`/*`
			`get the remote IP`
			`*/`
fix zoombie process & rename plugin handle method 2018-09-12 11:06:19 +02:00			`client->ip = NULL;`
add remote IP logging 2018-03-14 10:51:46 +01:00			`if (client_name.sin_family == AF_INET)`
			`{`
			`client_ip = inet_ntoa(client_name.sin_addr);`
fix zoombie process & rename plugin handle method 2018-09-12 11:06:19 +02:00			`client->ip = strdup(client_ip);`
add remote IP logging 2018-03-14 10:51:46 +01:00			`LOG("Client IP: %s\n", client_ip);`
request body can be decode directly or delegated to plugin 2018-10-08 19:32:23 +02:00			`//LOG("socket: %d\n", client_sock);`
add remote IP logging 2018-03-14 10:51:46 +01:00			`}`
fix 2018-05-03 15:10:44 +02:00
			`// set timeout to socket`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`set_nonblock(client_sock);`
			`/*struct timeval timeout;`
			`timeout.tv_sec = 0;`
			`timeout.tv_usec = 5000;`
fix 2018-05-03 15:10:44 +02:00
			`if (setsockopt (client_sock, SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout,sizeof(timeout)) < 0)`
			`perror("setsockopt failed\n");`

			`if (setsockopt (client_sock, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout,sizeof(timeout)) < 0)`
			`perror("setsockopt failed\n");`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`*/`
fix socket close 2018-03-08 12:38:53 +01:00			`client->sock = client_sock;`
bug every where 2018-02-10 11:22:41 +01:00			`#ifdef USE_OPENSSL`
ssl alpha support 2018-02-10 12:24:01 +01:00			`client->ssl = NULL;`
fix open ssl bug 2018-10-07 01:03:05 +02:00			`client->status = 0;`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`if(config()->usessl == 1)`
bug every where 2018-02-10 11:22:41 +01:00			`{`
ssl alpha support 2018-02-10 12:24:01 +01:00			`client->ssl = (void*)SSL_new(ctx);`
fix ssl initialisation bug 2018-03-14 16:47:39 +01:00			`if(!client->ssl) continue;`
fix open ssl bug 2018-10-07 01:03:05 +02:00			`SSL_set_fd((SSL*)client->ssl, client->sock);`
bug every where 2018-02-10 11:22:41 +01:00
fix open ssl bug 2018-10-07 01:03:05 +02:00			`/if (SSL_accept((SSL)client->ssl) <= 0) {`
			`LOG("EROOR accept\n");`
bug every where 2018-02-10 11:22:41 +01:00			`ERR_print_errors_fp(stderr);`
limit number of connection at a time 2018-03-08 11:39:44 +01:00			`antd_close(client);`
bug every where 2018-02-10 11:22:41 +01:00			`continue;`
fix open ssl bug 2018-10-07 01:03:05 +02:00			`}*/`
bug every where 2018-02-10 11:22:41 +01:00			`}`
			`#endif`
use async for server 2018-10-03 23:42:42 +02:00			`// create callback for the server`
fix memory leak on the new non blocking system 2018-10-05 19:01:39 +02:00			`antd_add_task(&scheduler, antd_create_task(accept_request,(void*)request, finish_request ));`
the mainline http server 2015-10-22 11:39:11 +02:00			`}`
fix memory leak 2018-03-02 19:04:00 +01:00
the mainline http server 2015-10-22 11:39:11 +02:00			`close(server_sock);`

			`return(0);`
			`}`