Commit graph

270 commits

Author SHA1 Message Date
Nihal Jere
8ccef4b27a
Make host parameters optional
For me at least, the first valid configuration found by getaddrinfo
works fine most of the time. Obviously if this isn't the configuration
you want, you can specify the host explicitly.
2020-04-21 17:04:52 +02:00
Laslo Hunhold
48e74a5982
Properly HTML-escape names in dirlistings
Based on a patch by guysv. We now make sure that the valid
path-characters ", ', <, >, & can not be used for XSS on a target, for
example with a file called

   "><img src="blabla" onerror="alert(1)"

by properly HTML-escaping these characters.

Signed-off-by: Laslo Hunhold <dev@frign.de>
2020-03-25 14:07:17 +01:00
Laslo Hunhold
5ee8c07e7e
Fix unveil(2) usage
Thanks to the feedback by z0lqLA! I forgot that unveil(NULL, NULL)
only locks further unveil calls when there has been at least _one_ prior
call to unveil!

To fix this, we reorder the calls and also make sure to call unveil()
before we disallow unveils via pledge.

Signed-off-by: Laslo Hunhold <dev@frign.de>
2020-03-20 20:35:34 +01:00
Laslo Hunhold
3c7049e906
Use pledge(2) and unveil(2) on OpenBSD
It has been on my todo-list for a long time. I tested it on
OpenBSD 6.5.

Thanks Richard Ulmer for the reminder.

Signed-off-by: Laslo Hunhold <dev@frign.de>
2019-09-23 16:56:28 +02:00
Laslo Hunhold
32223c96bd
Use compound literals and explicit initialization
I didn't really like the use of a "yes"-variable for setsockopt().
A better way is to use compound literals (part of C99).

Another point are the structs. Instead of memsetting to zero we make
use of the standard which guarantees that "unmentioned" fields
are set to zero anyways. Just to note it here: The use of memset()
also sets padding to zero, which is not guaranteed with the method
of "unmentioned" fields.

Signed-off-by: Laslo Hunhold <dev@frign.de>
2019-05-30 23:15:47 +02:00
Laslo Hunhold
33def953e9
Improve tokenization for m- and v-flag parsing
I wasn't happy with the tokenizer for the m- and v-flags, because it
was handling space-separated input and there was no way to have spaces
within the tokens themselves. This is a fine detail, but I didn't want
to impose this restriction where it could be solved (path prefixes or
folder names can very well contain spaces).

Given it's a bit quirky to handle multiple arguments to a single flag
in the command line, especially when parameters are optional, this
alternative wasn't further considered and I instead implemented a
tokenizer that allows escaping spaces with '\'.

While at it, I clarified the manual regarding this point.

Signed-off-by: Laslo Hunhold <dev@frign.de>
2019-02-24 21:50:39 +01:00
Laslo Hunhold
065394cb64
Change target prefix mapping argument order
Put the chost-specification at the end and make it optional. This makes
more sense than having to give an arbitrary useless name in case you
weren't using virtual hosts in the first place.

While at it, clear up the wording in the manpage.

Signed-off-by: Laslo Hunhold <dev@frign.de>
2019-02-24 00:53:03 +01:00
Laslo Hunhold
48ddb8fefb
Sort flag-switch alphabetically
Signed-off-by: Laslo Hunhold <dev@frign.de>
2019-02-23 13:50:59 +01:00
Laslo Hunhold
f2afbc4dd7
Add a space after the number in the Xr mandoc macro
Detected with the mandoc(1)-linter.

Signed-off-by: Laslo Hunhold <dev@frign.de>
2019-02-18 23:44:12 +01:00
Laslo Hunhold
e299e186ed
Don't replace '+' with ' ' when decoding URLs
After the initial report by Platon Ryzhikov, I couldn't validate this
behaviour with the given RFC 3986[0], which only speaks of percent encoding
for reserved characters.

[0]:https://tools.ietf.org/html/rfc3986

Signed-off-by: Laslo Hunhold <dev@frign.de>
2019-01-10 22:02:23 +01:00
Laslo Hunhold
bbd47e1427
Specify UTF-8 for non-binary content-types
If charset is unspecified, the encoding falls back to ISO 8859-1 or
something else that is defined in HTTP/1.1.

Given there is no reason not to use UTF-8 nowadays[0] and one can convert
legacy encodings to UTF-8 easily, if the case comes up, it is a sane
default to specify it in the config.def.h.

[0]: https://utf8everywhere.org/

Signed-off-by: Laslo Hunhold <dev@frign.de>
2019-01-02 17:04:23 +01:00
Aaron Burrow
d2013a6337 Fix one byte NULL stack overflow
Don't append a forward slash if the length of a folder is PATH_MAX-1. This can
happen if HEADER_MAX is larger than PATH_MAX or if the `-m` option is used to
increase the path length.
2018-07-16 22:48:20 +02:00
Laslo Hunhold
72b309bbe4 Correct arg.h license
Credit where credit is due.
2018-07-16 11:49:51 +02:00
Laslo Hunhold
9ff3f780e1 Send a relative redirection header wherever possible
This makes quark much more flexible when it is run behind a network
filter or other kind of tunnel. Only send an absolute redirection when
we are handling vhosts.
2018-07-02 18:43:06 +02:00
Laslo Hunhold
34189e0a1f Use sizeof() - 1 rather than strlen()
I know, most compiler probably optimize this anyway, but why not do it
right in the first place?
2018-07-02 18:41:29 +02:00
Laslo Hunhold
b354ffb238 Add Dominik Schmidt to license 2018-07-02 07:15:19 +02:00
Dominik Schmidt
094c8ba814 Open a new process group before setting up signal handler
When cleaning up after a caught signal, quark forwards the signal to all
processes in the process group with `kill(0, ...)`. If we do not open up a new
process group in the parent process, quarks parent will be sent a SIG... too,
resulting it to shut down (especially considering that the parent process might
run as root).

As a result, if we set up the service with djb's excellent daemontools,
`svc -d quark` will terminate the svscan-process and tear all other services
down with it.

See also <https://cr.yp.to/daemontools/faq/create.html#pgrphack>.
2018-07-02 07:14:00 +02:00
Laslo Hunhold
ba38b0969f Give an indication of the time zone in the log
We use Zulu-time (aka UTC) for the log timestamps.
2018-04-03 01:23:00 +02:00
Laslo Hunhold
3ff82c514b Clean up request host properly
We all agree that the IPv6 address format is a big clusterfuck and only
an insane person would've come up with it given the double colons
interfere with the way one actually appends a port to a normal IPv4 address.

To counteract in this issue, the RFC specifies that one should enclose
IPv6-addresses in square brackets to make the disctinction possible,
i.e.

	host: ::1
	port: 80

	--> [::1]:80

The host field can contain both a port suffix and, of course by the RFC,
have the address enclosed in square brackets. Given I personally see
this as a "transport enclosure" I'd rather like to see it gone as soon
as possible and thus implement this cleanup in the http-header-parser so
the output is nice and clean and we don't have to deal with this garbage
later on.

Thanks to Josuah Demangeon <mail@josuah.net> for his wonderful input and
his dedication to read the RFCs 3986 and 2732 in such great detail.
2018-04-03 01:03:03 +02:00
Josuah Demangeon
c3ddb2dd14 permit prefix to be empty in -v format string
The previous parsing of the -v vhosts made sure there were 4 tokens.
If there was no prefix specified, usage() is called.  Now, it only
checks for the firsts 3, with .prefix set to null if there are only
3 tokens.
2018-04-02 09:57:58 +02:00
Josuah Demangeon
69bb7710eb fix segfault on parsing of -v and -m
The length is initially 0 so it needs to be incremented before
reallocarray to avoid ...alloc(0); and keep some space for the element
to insert.
2018-04-02 09:53:41 +02:00
Laslo Hunhold
6770dc06e6 Add netinet/in.h to sock.c
It was missing but necessary for some defines.
2018-03-05 10:24:46 +01:00
Laslo Hunhold
a20136fa18 Update the documentation to reflect the new flag-centric usage 2018-03-05 09:51:29 +01:00
Hiltjo Posthuma
444b8f5b32 http_send_response: fix undefined behaviour for copying the target string
... the format string and buffer were the same (undefined behaviour).
2018-03-05 01:21:14 +01:00
Laslo Hunhold
ed8b7e8954 Fix a logic error
We want to xor s.host and udsname, so it especially errors out when none
are given.
2018-03-05 01:04:51 +01:00
Hiltjo Posthuma
01ed0dac83 util: don't initialize server, it's already done in main()
... this removes a stupid compiler warning too.
2018-03-05 01:00:50 +01:00
Laslo Hunhold
c8401c591f Add esnprintf() and refactor some code
The (size_t) discards the case where the return value of snprintf is < 0. This
is rather unlikely, but we'll keep it in mind anyway.
2018-03-05 00:59:37 +01:00
Laslo Hunhold
1879e14e79 Be extra pedantic again and remove all warnings
Since now config.def.h has been reduced we don't have any more unused
variables and thus the manual fiddling with error-levels is no longer
necessary.
To get a completely clean result though we have to still cast some
variables here and there.
2018-03-05 00:30:53 +01:00
Quentin Rameau
3ff3e5ea6e Add some missing headers and interface visibility macro
strings.h for strncasecmp
time.h for strptime
2018-03-05 00:21:54 +01:00
Laslo Hunhold
6b55e36036 Introduce flag-centric usage
The config.h-interface has proven to be very effective for a lot of
suckless tools, but it just does not make too much sense for a web
server like quark.

 $ quark

If you run multiple instances of it, you want to see in the command line
(or top) what it does, and given the amount of options it's logical to
just express them as options given in the command line.
It also is a problem if you can modify quark via the config.h,
contradicting the manual. Just saying "Well, then don't touch config.h"
is also not good, as the vhost and map options were only exposed via
this interface.

What is left in config.h are mime-types and two constants relating to
the incoming HTTP-header-limits.

In order to introduce these changes, some structs and safe utility
functions were added and imported from OpenBSD respectively.
2018-03-05 00:14:25 +01:00
Laslo Hunhold
b40b11a40e Fix the regex in the example
Thanks Hiltjo!
2018-02-27 13:00:23 +01:00
Laslo Hunhold
7b7f166dd5 Add target prefix mapping
This allows e.g. to redirect when a directory has been moved.
2018-02-27 12:43:05 +01:00
Laslo Hunhold
02d6ae5a57 Add support for adding a prefix to a target when matching vhosts
This makes quark's vhost-handling very powerful while still being
simple.

Imagine you have a website with a subdomain you really want
to move back to your main domain.
Say the subdomain is called "old.example.org" and you want to serve it
under "example.org" but in the subdirectory "old/", i.e. you want to
redirect a request "old.example.org/subdir/" to "example.org/old/subdir".

For a vhost-handler that only takes 4 arguments for each vhost this is
actually pretty powerful.
2018-02-27 11:36:24 +01:00
Laslo Hunhold
4948053bee Use scheme-relative (aka protocol-relative) URLs for redirects
This ensures that quark really does not care if the incoming connection
is plain HTTP or relayed TLS-traffic from a proxy or tunnel. Depending
on the previous negotiation, the client will make the right decision on
which scheme to use in a given context.
2018-02-27 03:38:55 +01:00
Laslo Hunhold
72aa1646f6 If fork fails, close the incoming socket 2018-02-23 22:40:47 +01:00
Laslo Hunhold
53c3963497 Actually exit the child process once finished serving
Thanks Rodrigo S. Cañibano for noticing this!
2018-02-23 22:29:00 +01:00
Josuah Demangeon
55d7f000cd add headers to make it compile under OpenBSD
- 'struct in6_addr' is defined in <netinet/in.h>
- 'AF_INET6' is defined in <sys/socket.h>
2018-02-12 20:35:37 +01:00
Laslo Hunhold
f6f98c9e64 Remove server-architecture specifics from serve() and add them to main()
To make the code a bit more flexible, let's get rid of the forking-code
in serve() and do it in main(). This way, we are more liberal in the
future to possibly handle it in a different way.
2018-02-05 17:15:29 +01:00
Laslo Hunhold
e35d3e1287 Refine manpage concerning the UNIX-domain socket file 2018-02-05 17:15:05 +01:00
Laslo Hunhold
33d3d85f4f Refine error messages
I forgot that they can fail with errno = 0, which indicates that the
given entry was not found.
2018-02-04 21:40:51 +01:00
Laslo Hunhold
2c74631df9 Update LICENSE 2018-02-04 21:33:33 +01:00
Laslo Hunhold
ccdb51b96d Refactor the single source file into multiple modules
And many other things, too many to list here. For example, it now
properly logs uds instead of erroring out.
Separating concerns in many places definitely improves the readability.
2018-02-04 21:27:33 +01:00
Laslo Hunhold
d480539e3e Homogenize license statement 2017-08-30 23:33:11 +02:00
Hiltjo Posthuma
5defa985db config.mk: improve feature test macros and compatibility
- add missing header netinet/in.h for socket declarations (POSIX).
- rename sendfile to responsefile, sendfile(2) is a syscall on FreeBSD.
- remove _XOPEN_SOURCE: this will give a warning about strptime on Linux
  glibc, but unbreaks the build on NetBSD and FreeBSD.

thanks also to josuah and quinq for testing!
2017-08-30 23:30:58 +02:00
Laslo Hunhold
7e199ee04d Don't default to clang 2017-08-14 00:06:26 +02:00
Laslo Hunhold
bf23f53b12 Update MANPREFIX according to FHS
http://www.pathname.com/fhs/2.2/fhs-4.11.html
2017-08-13 23:30:13 +02:00
Laslo Hunhold
bed475cef1 Make sure we flush the buffers before leaving 2017-08-08 22:06:21 +02:00
Laslo Hunhold
0b1c60eea2 Rename _i,_argused to i_,argused_
Thanks Michael Forney for reporting this! We cannot use identifiers
beginning with an underscore, says the C99-standard, section 7.1.3:

"All identifiers that begin with an underscore are always reserved for
use as identifiers with file scope in both the ordinary and tag name
spaces."

We go around this by putting the underscore at the end.
2017-08-04 17:57:58 +02:00
Laslo Hunhold
3a7c6ec0b9 Change the license formatting a bit to be in line with the OSI
The (c)-symbol has become more of a remnant after the Berne convention
has been signed. Given the ISC exploits some simplifications introduced
with the Berne convention, it just makes sense to drop this relict as
well and just state our Copyright without much ado about nothing.

https://opensource.org/licenses/ISC
2017-08-04 17:14:02 +02:00
Laslo Hunhold
08ef9966b5 Import updated arg.h from farbfeld 2017-08-04 17:12:54 +02:00