1 /* 2 * Copyright (c) 2013-2021 Joris Vink <joris@coders.se> 3 * 4 * Permission to use, copy, modify, and distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 */ 16 17 #ifndef __H_KORE_H 18 #define __H_KORE_H 19 20 #if defined(__APPLE__) 21 #define daemon portability_is_king 22 #endif 23 24 #include <sys/param.h> 25 #include <sys/types.h> 26 #include <sys/time.h> 27 #include <sys/queue.h> 28 #include <sys/un.h> 29 30 #include <netinet/in.h> 31 #include <arpa/inet.h> 32 33 #include <openssl/err.h> 34 #include <openssl/dh.h> 35 #include <openssl/ssl.h> 36 37 #include <errno.h> 38 #include <regex.h> 39 #include <stdarg.h> 40 #include <stdlib.h> 41 #include <stdio.h> 42 #include <signal.h> 43 #include <string.h> 44 #include <syslog.h> 45 #include <unistd.h> 46 #include <stdarg.h> 47 48 #if defined(__cplusplus) 49 extern "C" { 50 #endif 51 52 #if defined(__APPLE__) 53 #undef daemon 54 extern int daemon(int, int); 55 #define st_mtim st_mtimespec 56 #endif 57 58 #if !defined(KORE_NO_SENDFILE) 59 #if defined(__MACH__) || defined(__FreeBSD_version) || defined(__linux__) 60 #define KORE_USE_PLATFORM_SENDFILE 1 61 #endif 62 #endif 63 64 /* 65 * Figure out what type of OpenSSL API we are dealing with. 66 */ 67 #if defined(LIBRESSL_VERSION_NUMBER) 68 #if LIBRESSL_VERSION_NUMBER >= 0x3000000fL 69 #define KORE_OPENSSL_NEWER_API 1 70 #endif 71 72 #if LIBRESSL_VERSION_NUMBER >= 0x3020200fL 73 #define TLS1_3_VERSION 0x0304 74 #endif 75 76 #else 77 #if OPENSSL_VERSION_NUMBER >= 0x10100000L 78 #define KORE_OPENSSL_NEWER_API 1 79 #endif 80 #endif 81 82 #if defined(__OpenBSD__) 83 #define KORE_USE_PLATFORM_PLEDGE 1 84 #endif 85 86 #define KORE_RSAKEY_BITS 4096 87 88 #define KORE_RESULT_ERROR 0 89 #define KORE_RESULT_OK 1 90 #define KORE_RESULT_RETRY 2 91 92 #define KORE_TLS_VERSION_1_3 0 93 #define KORE_TLS_VERSION_1_2 1 94 #define KORE_TLS_VERSION_BOTH 2 95 96 #define KORE_BASE64_RAW 0x0001 97 98 #define KORE_WAIT_INFINITE (u_int64_t)-1 99 #define KORE_RESEED_TIME (1800 * 1000) 100 101 #define errno_s strerror(errno) 102 #define ssl_errno_s ERR_error_string(ERR_get_error(), NULL) 103 104 #define KORE_DOMAINNAME_LEN 255 105 #define KORE_PIDFILE_DEFAULT "kore.pid" 106 #define KORE_DEFAULT_CIPHER_LIST "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!kRSA:!kDSA" 107 108 #if defined(KORE_DEBUG) 109 #define kore_debug(...) \ 110 if (kore_debug) \ 111 kore_debug_internal(__FILE__, __LINE__, __VA_ARGS__) 112 #else 113 #define kore_debug(...) 114 #endif 115 116 #define NETBUF_RECV 0 117 #define NETBUF_SEND 1 118 #define NETBUF_SEND_PAYLOAD_MAX 8192 119 #define SENDFILE_PAYLOAD_MAX (1024 * 1024 * 10) 120 121 #define NETBUF_LAST_CHAIN 0 122 #define NETBUF_BEFORE_CHAIN 1 123 124 #define NETBUF_CALL_CB_ALWAYS 0x01 125 #define NETBUF_FORCE_REMOVE 0x02 126 #define NETBUF_MUST_RESEND 0x04 127 #define NETBUF_IS_STREAM 0x10 128 #define NETBUF_IS_FILEREF 0x20 129 130 #define KORE_X509_COMMON_NAME_ONLY 0x0001 131 132 #define KORE_PEM_CERT_CHAIN 1 133 #define KORE_DER_CERT_DATA 2 134 135 /* XXX hackish. */ 136 #if !defined(KORE_NO_HTTP) 137 struct http_request; 138 struct http_redirect; 139 #endif 140 141 #define KORE_FILEREF_SOFT_REMOVED 0x1000 142 143 struct kore_fileref { 144 int cnt; 145 int flags; 146 int ontls; 147 off_t size; 148 char *path; 149 u_int64_t mtime; 150 time_t mtime_sec; 151 u_int64_t expiration; 152 void *base; 153 int fd; 154 TAILQ_ENTRY(kore_fileref) list; 155 }; 156 157 struct netbuf { 158 u_int8_t *buf; 159 size_t s_off; 160 size_t b_len; 161 size_t m_len; 162 u_int8_t type; 163 u_int8_t flags; 164 165 struct kore_fileref *file_ref; 166 off_t fd_off; 167 off_t fd_len; 168 169 struct connection *owner; 170 void *extra; 171 int (*cb)(struct netbuf *); 172 173 TAILQ_ENTRY(netbuf) list; 174 }; 175 176 TAILQ_HEAD(netbuf_head, netbuf); 177 178 #define KORE_TYPE_LISTENER 1 179 #define KORE_TYPE_CONNECTION 2 180 #define KORE_TYPE_PGSQL_CONN 3 181 #define KORE_TYPE_TASK 4 182 #define KORE_TYPE_PYSOCKET 5 183 #define KORE_TYPE_CURL_HANDLE 6 184 185 #define CONN_STATE_UNKNOWN 0 186 #define CONN_STATE_TLS_SHAKE 1 187 #define CONN_STATE_ESTABLISHED 2 188 #define CONN_STATE_DISCONNECTING 3 189 190 #define CONN_PROTO_UNKNOWN 0 191 #define CONN_PROTO_HTTP 1 192 #define CONN_PROTO_WEBSOCKET 2 193 #define CONN_PROTO_MSG 3 194 #define CONN_PROTO_ACME_ALPN 200 195 196 #define KORE_EVENT_READ 0x01 197 #define KORE_EVENT_WRITE 0x02 198 #define KORE_EVENT_ERROR 0x04 199 200 #define CONN_IDLE_TIMER_ACT 0x0001 201 #define CONN_CLOSE_EMPTY 0x0002 202 #define CONN_WS_CLOSE_SENT 0x0004 203 #define CONN_IS_BUSY 0x0008 204 #define CONN_LOG_TLS_FAILURE 0x0020 205 #define CONN_TLS_ALPN_ACME_SEEN 0x0040 206 #define CONN_TLS_SNI_SEEN 0x0080 207 208 #define KORE_IDLE_TIMER_MAX 5000 209 210 #define WEBSOCKET_OP_CONT 0x00 211 #define WEBSOCKET_OP_TEXT 0x01 212 #define WEBSOCKET_OP_BINARY 0x02 213 #define WEBSOCKET_OP_CLOSE 0x08 214 #define WEBSOCKET_OP_PING 0x09 215 #define WEBSOCKET_OP_PONG 0x0a 216 217 #define WEBSOCKET_BROADCAST_LOCAL 1 218 #define WEBSOCKET_BROADCAST_GLOBAL 2 219 220 #define KORE_TIMER_ONESHOT 0x01 221 #define KORE_TIMER_FLAGS (KORE_TIMER_ONESHOT) 222 223 #define KORE_CONNECTION_PRUNE_DISCONNECT 0 224 #define KORE_CONNECTION_PRUNE_ALL 1 225 226 struct kore_event { 227 int type; 228 int flags; 229 void (*handle)(void *, int); 230 } __attribute__((packed)); 231 232 struct connection { 233 struct kore_event evt; 234 int fd; 235 u_int8_t state; 236 u_int8_t proto; 237 struct listener *owner; 238 X509 *cert; 239 SSL *ssl; 240 char *tls_sni; 241 int tls_reneg; 242 u_int16_t flags; 243 void *hdlr_extra; 244 245 int (*handle)(struct connection *); 246 void (*disconnect)(struct connection *); 247 int (*read)(struct connection *, size_t *); 248 int (*write)(struct connection *, size_t, size_t *); 249 250 int family; 251 union { 252 struct sockaddr_in ipv4; 253 struct sockaddr_in6 ipv6; 254 struct sockaddr_un sun; 255 } addr; 256 257 struct { 258 u_int64_t length; 259 u_int64_t start; 260 } idle_timer; 261 262 struct netbuf_head send_queue; 263 struct netbuf *snb; 264 struct netbuf *rnb; 265 266 #if !defined(KORE_NO_HTTP) 267 u_int64_t http_start; 268 u_int64_t http_timeout; 269 struct kore_runtime_call *ws_connect; 270 struct kore_runtime_call *ws_message; 271 struct kore_runtime_call *ws_disconnect; 272 TAILQ_HEAD(, http_request) http_requests; 273 #endif 274 275 TAILQ_ENTRY(connection) list; 276 }; 277 278 TAILQ_HEAD(connection_list, connection); 279 extern struct connection_list connections; 280 extern struct connection_list disconnected; 281 282 #define KORE_RUNTIME_NATIVE 0 283 #define KORE_RUNTIME_PYTHON 1 284 285 struct kore_runtime { 286 int type; 287 #if !defined(KORE_NO_HTTP) 288 int (*http_request)(void *, struct http_request *); 289 int (*validator)(void *, struct http_request *, const void *); 290 void (*wsconnect)(void *, struct connection *); 291 void (*wsdisconnect)(void *, struct connection *); 292 void (*wsmessage)(void *, struct connection *, 293 u_int8_t, const void *, size_t); 294 #endif 295 void (*execute)(void *); 296 int (*onload)(void *, int); 297 void (*connect)(void *, struct connection *); 298 void (*configure)(void *, int, char **); 299 }; 300 301 struct kore_runtime_call { 302 void *addr; 303 struct kore_runtime *runtime; 304 }; 305 306 struct kore_domain { 307 u_int16_t id; 308 int logerr; 309 u_int64_t logwarn; 310 int accesslog; 311 312 char *domain; 313 struct kore_buf *logbuf; 314 struct kore_server *server; 315 316 #if defined(KORE_USE_ACME) 317 int acme; 318 int acme_challenge; 319 void *acme_cert; 320 size_t acme_cert_len; 321 #endif 322 char *cafile; 323 char *crlfile; 324 char *certfile; 325 char *certkey; 326 SSL_CTX *ssl_ctx; 327 int x509_verify_depth; 328 #if !defined(KORE_NO_HTTP) 329 TAILQ_HEAD(, kore_module_handle) handlers; 330 TAILQ_HEAD(, http_redirect) redirects; 331 #endif 332 TAILQ_ENTRY(kore_domain) list; 333 }; 334 335 TAILQ_HEAD(kore_domain_h, kore_domain); 336 337 extern struct kore_runtime kore_native_runtime; 338 339 struct listener { 340 struct kore_event evt; 341 int fd; 342 int family; 343 char *port; 344 char *host; 345 struct kore_server *server; 346 struct kore_runtime_call *connect; 347 348 LIST_ENTRY(listener) list; 349 }; 350 351 struct kore_server { 352 int tls; 353 char *name; 354 struct kore_domain_h domains; 355 LIST_HEAD(, listener) listeners; 356 LIST_ENTRY(kore_server) list; 357 }; 358 359 LIST_HEAD(kore_server_list, kore_server); 360 361 #if !defined(KORE_NO_HTTP) 362 363 #define KORE_PARAMS_QUERY_STRING 0x0001 364 365 struct kore_handler_params { 366 char *name; 367 int flags; 368 u_int8_t method; 369 struct kore_validator *validator; 370 371 TAILQ_ENTRY(kore_handler_params) list; 372 }; 373 374 #define KORE_AUTH_TYPE_COOKIE 1 375 #define KORE_AUTH_TYPE_HEADER 2 376 #define KORE_AUTH_TYPE_REQUEST 3 377 378 struct kore_auth { 379 u_int8_t type; 380 char *name; 381 char *value; 382 char *redirect; 383 struct kore_validator *validator; 384 385 TAILQ_ENTRY(kore_auth) list; 386 }; 387 388 #define HANDLER_TYPE_STATIC 1 389 #define HANDLER_TYPE_DYNAMIC 2 390 391 #endif /* !KORE_NO_HTTP */ 392 393 #define KORE_MODULE_LOAD 1 394 #define KORE_MODULE_UNLOAD 2 395 396 #define KORE_MODULE_NATIVE 0 397 #define KORE_MODULE_PYTHON 1 398 399 struct kore_module; 400 401 struct kore_module_functions { 402 void (*free)(struct kore_module *); 403 void (*reload)(struct kore_module *); 404 int (*callback)(struct kore_module *, int); 405 void (*load)(struct kore_module *); 406 void *(*getsym)(struct kore_module *, const char *); 407 }; 408 409 struct kore_module { 410 void *handle; 411 char *path; 412 char *onload; 413 int type; 414 struct kore_runtime_call *ocb; 415 416 struct kore_module_functions *fun; 417 struct kore_runtime *runtime; 418 419 TAILQ_ENTRY(kore_module) list; 420 }; 421 422 #if !defined(KORE_NO_HTTP) 423 424 struct kore_module_handle { 425 char *path; 426 char *func; 427 int type; 428 int errors; 429 regex_t rctx; 430 struct kore_domain *dom; 431 struct kore_runtime_call *rcall; 432 struct kore_auth *auth; 433 int methods; 434 TAILQ_HEAD(, kore_handler_params) params; 435 TAILQ_ENTRY(kore_module_handle) list; 436 }; 437 #endif 438 439 /* 440 * The workers get a 128KB log buffer per worker, and parent will fetch their 441 * logs when it reached at least 75% of that or if its been > 1 second since 442 * it was last synced. 443 */ 444 #define KORE_ACCESSLOG_BUFLEN 131072U 445 #define KORE_ACCESSLOG_SYNC 98304U 446 447 struct kore_alog_header { 448 u_int16_t domain; 449 u_int16_t loglen; 450 } __attribute__((packed)); 451 452 struct kore_worker { 453 u_int16_t id; 454 u_int16_t cpu; 455 int running; 456 #if defined(__linux__) 457 int tracing; 458 #endif 459 pid_t pid; 460 int pipe[2]; 461 struct connection *msg[2]; 462 u_int8_t has_lock; 463 int restarted; 464 u_int64_t time_locked; 465 struct kore_module_handle *active_hdlr; 466 467 /* Used by the workers to store accesslogs. */ 468 struct { 469 int lock; 470 size_t offset; 471 char buf[KORE_ACCESSLOG_BUFLEN]; 472 } lb; 473 }; 474 475 #if !defined(KORE_NO_HTTP) 476 477 #define KORE_VALIDATOR_TYPE_REGEX 1 478 #define KORE_VALIDATOR_TYPE_FUNCTION 2 479 480 struct kore_validator { 481 u_int8_t type; 482 char *name; 483 char *arg; 484 regex_t rctx; 485 struct kore_runtime_call *rcall; 486 487 TAILQ_ENTRY(kore_validator) list; 488 }; 489 #endif /* !KORE_NO_HTTP */ 490 491 #define KORE_BUF_OWNER_API 0x0001 492 493 struct kore_buf { 494 u_int8_t *data; 495 int flags; 496 size_t length; 497 size_t offset; 498 }; 499 500 #define KORE_JSON_TYPE_OBJECT 0x0001 501 #define KORE_JSON_TYPE_ARRAY 0x0002 502 #define KORE_JSON_TYPE_STRING 0x0004 503 #define KORE_JSON_TYPE_NUMBER 0x0008 504 #define KORE_JSON_TYPE_LITERAL 0x0010 505 #define KORE_JSON_TYPE_INTEGER 0x0020 506 #define KORE_JSON_TYPE_INTEGER_U64 0x0040 507 508 #define KORE_JSON_FALSE 0 509 #define KORE_JSON_TRUE 1 510 #define KORE_JSON_NULL 2 511 512 #define KORE_JSON_DEPTH_MAX 10 513 514 #define KORE_JSON_ERR_NONE 0 515 #define KORE_JSON_ERR_INVALID_OBJECT 1 516 #define KORE_JSON_ERR_INVALID_ARRAY 2 517 #define KORE_JSON_ERR_INVALID_STRING 3 518 #define KORE_JSON_ERR_INVALID_NUMBER 4 519 #define KORE_JSON_ERR_INVALID_LITERAL 5 520 #define KORE_JSON_ERR_DEPTH 6 521 #define KORE_JSON_ERR_EOF 7 522 #define KORE_JSON_ERR_INVALID_JSON 8 523 #define KORE_JSON_ERR_INVALID_SEARCH 9 524 #define KORE_JSON_ERR_NOT_FOUND 10 525 #define KORE_JSON_ERR_TYPE_MISMATCH 11 526 #define KORE_JSON_ERR_LAST KORE_JSON_ERR_TYPE_MISMATCH 527 528 #define kore_json_find_object(j, p) \ 529 kore_json_find(j, p, KORE_JSON_TYPE_OBJECT) 530 531 #define kore_json_find_array(j, p) \ 532 kore_json_find(j, p, KORE_JSON_TYPE_ARRAY) 533 534 #define kore_json_find_string(j, p) \ 535 kore_json_find(j, p, KORE_JSON_TYPE_STRING) 536 537 #define kore_json_find_number(j, p) \ 538 kore_json_find(j, p, KORE_JSON_TYPE_NUMBER) 539 540 #define kore_json_find_integer(j, p) \ 541 kore_json_find(j, p, KORE_JSON_TYPE_INTEGER) 542 543 #define kore_json_find_integer_u64(j, p) \ 544 kore_json_find(j, p, KORE_JSON_TYPE_INTEGER_U64) 545 546 #define kore_json_find_literal(j, p) \ 547 kore_json_find(j, p, KORE_JSON_TYPE_LITERAL) 548 549 #define kore_json_create_object(o, n) \ 550 kore_json_create_item(o, n, KORE_JSON_TYPE_OBJECT) 551 552 #define kore_json_create_array(o, n) \ 553 kore_json_create_item(o, n, KORE_JSON_TYPE_ARRAY) 554 555 #define kore_json_create_string(o, n, v) \ 556 kore_json_create_item(o, n, KORE_JSON_TYPE_STRING, v) 557 558 #define kore_json_create_number(o, n, v) \ 559 kore_json_create_item(o, n, KORE_JSON_TYPE_NUMBER, v) 560 561 #define kore_json_create_integer(o, n, v) \ 562 kore_json_create_item(o, n, KORE_JSON_TYPE_INTEGER, v) 563 564 #define kore_json_create_integer_u64(o, n, v) \ 565 kore_json_create_item(o, n, KORE_JSON_TYPE_INTEGER_U64, v) 566 567 #define kore_json_create_literal(o, n, v) \ 568 kore_json_create_item(o, n, KORE_JSON_TYPE_LITERAL, v) 569 570 struct kore_json { 571 const u_int8_t *data; 572 int depth; 573 int error; 574 size_t length; 575 size_t offset; 576 577 struct kore_buf tmpbuf; 578 struct kore_json_item *root; 579 }; 580 581 struct kore_json_item { 582 u_int32_t type; 583 char *name; 584 struct kore_json_item *parent; 585 586 union { 587 TAILQ_HEAD(, kore_json_item) items; 588 char *string; 589 double number; 590 int literal; 591 int64_t s64; 592 u_int64_t u64; 593 } data; 594 595 int (*parse)(struct kore_json *, 596 struct kore_json_item *); 597 598 TAILQ_ENTRY(kore_json_item) list; 599 }; 600 601 struct kore_pool_region { 602 void *start; 603 size_t length; 604 LIST_ENTRY(kore_pool_region) list; 605 }; 606 607 struct kore_pool_entry { 608 u_int8_t state; 609 struct kore_pool_region *region; 610 LIST_ENTRY(kore_pool_entry) list; 611 }; 612 613 struct kore_pool { 614 size_t elen; 615 size_t slen; 616 size_t elms; 617 size_t inuse; 618 size_t growth; 619 volatile int lock; 620 char *name; 621 622 LIST_HEAD(, kore_pool_region) regions; 623 LIST_HEAD(, kore_pool_entry) freelist; 624 }; 625 626 struct kore_timer { 627 u_int64_t nextrun; 628 u_int64_t interval; 629 int flags; 630 void *arg; 631 void (*cb)(void *, u_int64_t); 632 633 TAILQ_ENTRY(kore_timer) list; 634 }; 635 636 /* 637 * Keymgr process is worker index 0, but id 2000. 638 * Acme process is worker index 1, but id 2001. 639 */ 640 #define KORE_WORKER_KEYMGR_IDX 0 641 #define KORE_WORKER_ACME_IDX 1 642 #define KORE_WORKER_BASE 2 643 #define KORE_WORKER_KEYMGR 2000 644 #define KORE_WORKER_ACME 2001 645 #define KORE_WORKER_MAX UCHAR_MAX 646 647 #define KORE_WORKER_POLICY_RESTART 1 648 #define KORE_WORKER_POLICY_TERMINATE 2 649 650 /* Reserved message ids, registered on workers. */ 651 #define KORE_MSG_WEBSOCKET 1 652 #define KORE_MSG_KEYMGR_REQ 2 653 #define KORE_MSG_KEYMGR_RESP 3 654 #define KORE_MSG_SHUTDOWN 4 655 #define KORE_MSG_ENTROPY_REQ 5 656 #define KORE_MSG_ENTROPY_RESP 6 657 #define KORE_MSG_CERTIFICATE 7 658 #define KORE_MSG_CERTIFICATE_REQ 8 659 #define KORE_MSG_CRL 9 660 #define KORE_MSG_ACCEPT_AVAILABLE 10 661 #define KORE_PYTHON_SEND_OBJ 11 662 #define KORE_MSG_ACME_BASE 100 663 664 /* messages for applications should start at 201. */ 665 #define KORE_MSG_APP_BASE 200 666 667 /* Predefined message targets. */ 668 #define KORE_MSG_PARENT 1000 669 #define KORE_MSG_WORKER_ALL 1001 670 671 struct kore_msg { 672 u_int8_t id; 673 u_int16_t src; 674 u_int16_t dst; 675 size_t length; 676 }; 677 678 struct kore_keyreq { 679 int padding; 680 char domain[KORE_DOMAINNAME_LEN + 1]; 681 size_t data_len; 682 u_int8_t data[]; 683 }; 684 685 struct kore_x509_msg { 686 char domain[KORE_DOMAINNAME_LEN + 1]; 687 size_t data_len; 688 u_int8_t data[]; 689 }; 690 691 #if !defined(KORE_SINGLE_BINARY) 692 extern char *config_file; 693 #endif 694 695 extern pid_t kore_pid; 696 extern int kore_quiet; 697 extern int kore_debug; 698 extern int skip_chroot; 699 extern int skip_runas; 700 extern int kore_foreground; 701 702 extern char *kore_pidfile; 703 extern char *kore_root_path; 704 extern char *kore_runas_user; 705 extern char *kore_tls_cipher_list; 706 707 extern volatile sig_atomic_t sig_recv; 708 709 extern int tls_version; 710 extern DH *tls_dhparam; 711 extern char *rand_file; 712 extern int keymgr_active; 713 extern char *keymgr_runas_user; 714 extern char *keymgr_root_path; 715 extern char *acme_runas_user; 716 extern char *acme_root_path; 717 718 extern u_int8_t nlisteners; 719 extern u_int16_t cpu_count; 720 extern u_int8_t worker_count; 721 extern const char *kore_version; 722 extern int worker_policy; 723 extern u_int8_t worker_set_affinity; 724 extern u_int32_t worker_rlimit_nofiles; 725 extern u_int32_t worker_max_connections; 726 extern u_int32_t worker_active_connections; 727 extern u_int32_t worker_accept_threshold; 728 extern u_int64_t kore_websocket_maxframe; 729 extern u_int64_t kore_websocket_timeout; 730 extern u_int32_t kore_socket_backlog; 731 732 extern struct kore_worker *worker; 733 extern struct kore_pool nb_pool; 734 extern struct kore_domain *primary_dom; 735 extern struct kore_server_list kore_servers; 736 737 void kore_signal(int); 738 void kore_shutdown(void); 739 void kore_signal_setup(void); 740 void kore_proctitle(const char *); 741 void kore_default_getopt(int, char **); 742 743 void kore_worker_reap(void); 744 void kore_worker_init(void); 745 void kore_worker_make_busy(void); 746 void kore_worker_shutdown(void); 747 void kore_worker_dispatch_signal(int); 748 void kore_worker_privdrop(const char *, const char *); 749 void kore_worker_spawn(u_int16_t, u_int16_t, u_int16_t); 750 int kore_worker_keymgr_response_verify(struct kore_msg *, 751 const void *, struct kore_domain **); 752 753 void kore_worker_entry(struct kore_worker *) __attribute__((noreturn)); 754 755 struct kore_worker *kore_worker_data(u_int8_t); 756 757 void kore_platform_init(void); 758 void kore_platform_sandbox(void); 759 void kore_platform_event_init(void); 760 void kore_platform_event_cleanup(void); 761 void kore_platform_disable_read(int); 762 void kore_platform_disable_write(int); 763 void kore_platform_enable_accept(void); 764 void kore_platform_disable_accept(void); 765 void kore_platform_event_wait(u_int64_t); 766 void kore_platform_event_all(int, void *); 767 void kore_platform_event_level_all(int, void *); 768 void kore_platform_event_level_read(int, void *); 769 void kore_platform_proctitle(const char *); 770 void kore_platform_schedule_read(int, void *); 771 void kore_platform_schedule_write(int, void *); 772 void kore_platform_event_schedule(int, int, int, void *); 773 void kore_platform_worker_setcpu(struct kore_worker *); 774 775 #if defined(KORE_USE_PLATFORM_SENDFILE) 776 int kore_platform_sendfile(struct connection *, struct netbuf *); 777 #endif 778 779 #if defined(KORE_USE_PLATFORM_PLEDGE) 780 void kore_platform_pledge(void); 781 void kore_platform_add_pledge(const char *); 782 #endif 783 784 void kore_accesslog_init(u_int16_t); 785 void kore_accesslog_worker_init(void); 786 void kore_accesslog_run(void *, u_int64_t); 787 void kore_accesslog_gather(void *, u_int64_t, int); 788 789 #if !defined(KORE_NO_HTTP) 790 int kore_auth_run(struct http_request *, struct kore_auth *); 791 int kore_auth_cookie(struct http_request *, struct kore_auth *); 792 int kore_auth_header(struct http_request *, struct kore_auth *); 793 int kore_auth_request(struct http_request *, struct kore_auth *); 794 void kore_auth_init(void); 795 int kore_auth_new(const char *); 796 struct kore_auth *kore_auth_lookup(const char *); 797 #endif 798 799 void kore_timer_init(void); 800 void kore_timer_run(u_int64_t); 801 u_int64_t kore_timer_next_run(u_int64_t); 802 void kore_timer_remove(struct kore_timer *); 803 struct kore_timer *kore_timer_add(void (*cb)(void *, u_int64_t), 804 u_int64_t, void *, int); 805 806 void kore_server_closeall(void); 807 void kore_server_cleanup(void); 808 void kore_server_free(struct kore_server *); 809 void kore_server_finalize(struct kore_server *); 810 811 struct kore_server *kore_server_create(const char *); 812 struct kore_server *kore_server_lookup(const char *); 813 814 void kore_listener_accept(void *, int); 815 struct listener *kore_listener_lookup(const char *); 816 void kore_listener_free(struct listener *); 817 struct listener *kore_listener_create(struct kore_server *); 818 int kore_listener_init(struct listener *, int, const char *); 819 820 int kore_sockopt(int, int, int); 821 int kore_server_bind_unix(struct kore_server *, 822 const char *, const char *); 823 int kore_server_bind(struct kore_server *, 824 const char *, const char *, const char *); 825 826 int kore_tls_sni_cb(SSL *, int *, void *); 827 void kore_tls_info_callback(const SSL *, int, int); 828 829 void kore_connection_init(void); 830 void kore_connection_cleanup(void); 831 void kore_connection_prune(int); 832 struct connection *kore_connection_new(void *); 833 void kore_connection_event(void *, int); 834 int kore_connection_nonblock(int, int); 835 void kore_connection_check_timeout(u_int64_t); 836 int kore_connection_handle(struct connection *); 837 void kore_connection_remove(struct connection *); 838 void kore_connection_disconnect(struct connection *); 839 void kore_connection_start_idletimer(struct connection *); 840 void kore_connection_stop_idletimer(struct connection *); 841 void kore_connection_check_idletimer(u_int64_t, 842 struct connection *); 843 int kore_connection_accept(struct listener *, 844 struct connection **); 845 846 u_int64_t kore_time_ms(void); 847 void kore_log_init(void); 848 849 #if defined(KORE_USE_PYTHON) 850 int kore_configure_setting(const char *, char *); 851 #endif 852 853 void *kore_malloc(size_t); 854 void kore_parse_config(void); 855 void kore_parse_config_file(FILE *); 856 void *kore_calloc(size_t, size_t); 857 void *kore_realloc(void *, size_t); 858 void kore_free(void *); 859 void kore_mem_init(void); 860 void kore_mem_cleanup(void); 861 void kore_mem_untag(void *); 862 void *kore_mem_lookup(u_int32_t); 863 void kore_mem_tag(void *, u_int32_t); 864 void *kore_malloc_tagged(size_t, u_int32_t); 865 866 void *kore_pool_get(struct kore_pool *); 867 void kore_pool_put(struct kore_pool *, void *); 868 void kore_pool_init(struct kore_pool *, const char *, 869 size_t, size_t); 870 void kore_pool_cleanup(struct kore_pool *); 871 872 char *kore_time_to_date(time_t); 873 char *kore_strdup(const char *); 874 time_t kore_date_to_time(const char *); 875 void kore_log(int, const char *, ...) 876 __attribute__((format (printf, 2, 3))); 877 u_int64_t kore_strtonum64(const char *, int, int *); 878 size_t kore_strlcpy(char *, const char *, const size_t); 879 void kore_server_disconnect(struct connection *); 880 int kore_split_string(char *, const char *, char **, size_t); 881 void kore_strip_chars(char *, const char, char **); 882 int kore_snprintf(char *, size_t, int *, const char *, ...); 883 long long kore_strtonum(const char *, int, long long, long long, int *); 884 double kore_strtodouble(const char *, long double, long double, int *); 885 int kore_base64_encode(const void *, size_t, char **); 886 int kore_base64_decode(const char *, u_int8_t **, size_t *); 887 int kore_base64url_encode(const void *, size_t, char **, int); 888 int kore_base64url_decode(const char *, u_int8_t **, size_t *, int); 889 void *kore_mem_find(void *, size_t, const void *, size_t); 890 char *kore_text_trim(char *, size_t); 891 char *kore_read_line(FILE *, char *, size_t); 892 893 EVP_PKEY *kore_rsakey_load(const char *); 894 EVP_PKEY *kore_rsakey_generate(const char *); 895 int kore_x509_subject_name(struct connection *, char **, int); 896 897 #if !defined(KORE_NO_HTTP) 898 void kore_websocket_handshake(struct http_request *, 899 const char *, const char *, const char *); 900 int kore_websocket_send_clean(struct netbuf *); 901 void kore_websocket_send(struct connection *, 902 u_int8_t, const void *, size_t); 903 void kore_websocket_broadcast(struct connection *, 904 u_int8_t, const void *, size_t, int); 905 #endif 906 907 void kore_msg_init(void); 908 void kore_msg_worker_init(void); 909 void kore_msg_parent_init(void); 910 void kore_msg_unregister(u_int8_t); 911 void kore_msg_parent_add(struct kore_worker *); 912 void kore_msg_parent_remove(struct kore_worker *); 913 void kore_msg_send(u_int16_t, u_int8_t, const void *, size_t); 914 int kore_msg_register(u_int8_t, 915 void (*cb)(struct kore_msg *, const void *)); 916 917 #if !defined(KORE_NO_HTTP) 918 void kore_filemap_init(void); 919 void kore_filemap_resolve_paths(void); 920 int kore_filemap_create(struct kore_domain *, const char *, 921 const char *); 922 extern char *kore_filemap_ext; 923 extern char *kore_filemap_index; 924 #endif 925 926 void kore_fileref_init(void); 927 struct kore_fileref *kore_fileref_get(const char *, int); 928 struct kore_fileref *kore_fileref_create(struct kore_server *, 929 const char *, int, off_t, struct timespec *); 930 void kore_fileref_release(struct kore_fileref *); 931 932 struct kore_domain *kore_domain_new(const char *); 933 934 void kore_domain_init(void); 935 void kore_domain_cleanup(void); 936 void kore_domain_free(struct kore_domain *); 937 void kore_module_init(void); 938 void kore_module_cleanup(void); 939 void kore_module_reload(int); 940 void kore_module_onload(void); 941 int kore_module_loaded(void); 942 void kore_domain_closelogs(void); 943 void *kore_module_getsym(const char *, struct kore_runtime **); 944 void kore_domain_load_crl(void); 945 void kore_domain_keymgr_init(void); 946 void kore_domain_callback(void (*cb)(struct kore_domain *)); 947 int kore_domain_attach(struct kore_domain *, struct kore_server *); 948 void kore_domain_tlsinit(struct kore_domain *, int, 949 const void *, size_t); 950 void kore_domain_crl_add(struct kore_domain *, const void *, size_t); 951 #if !defined(KORE_NO_HTTP) 952 int kore_module_handler_new(struct kore_domain *, const char *, 953 const char *, const char *, int); 954 void kore_module_handler_free(struct kore_module_handle *); 955 struct kore_module_handle *kore_module_handler_find(struct http_request *, 956 struct kore_domain *); 957 #endif 958 959 struct kore_runtime_call *kore_runtime_getcall(const char *); 960 struct kore_module *kore_module_load(const char *, 961 const char *, int); 962 963 void kore_runtime_execute(struct kore_runtime_call *); 964 int kore_runtime_onload(struct kore_runtime_call *, int); 965 void kore_runtime_configure(struct kore_runtime_call *, int, char **); 966 void kore_runtime_connect(struct kore_runtime_call *, struct connection *); 967 #if !defined(KORE_NO_HTTP) 968 int kore_runtime_http_request(struct kore_runtime_call *, 969 struct http_request *); 970 int kore_runtime_validator(struct kore_runtime_call *, 971 struct http_request *, const void *); 972 void kore_runtime_wsconnect(struct kore_runtime_call *, struct connection *); 973 void kore_runtime_wsdisconnect(struct kore_runtime_call *, 974 struct connection *); 975 void kore_runtime_wsmessage(struct kore_runtime_call *, 976 struct connection *, u_int8_t, const void *, size_t); 977 #endif 978 979 struct kore_domain *kore_domain_byid(u_int16_t); 980 struct kore_domain *kore_domain_lookup(struct kore_server *, const char *); 981 982 #if !defined(KORE_NO_HTTP) 983 void kore_validator_init(void); 984 void kore_validator_reload(void); 985 int kore_validator_add(const char *, u_int8_t, const char *); 986 int kore_validator_run(struct http_request *, const char *, char *); 987 int kore_validator_check(struct http_request *, 988 struct kore_validator *, const void *); 989 struct kore_validator *kore_validator_lookup(const char *); 990 #endif 991 992 void fatal(const char *, ...) __attribute__((noreturn)); 993 void fatalx(const char *, ...) __attribute__((noreturn)); 994 995 const char *kore_worker_name(int); 996 void kore_debug_internal(char *, int, const char *, ...); 997 998 u_int16_t net_read16(u_int8_t *); 999 u_int32_t net_read32(u_int8_t *); 1000 u_int64_t net_read64(u_int8_t *); 1001 void net_write16(u_int8_t *, u_int16_t); 1002 void net_write32(u_int8_t *, u_int32_t); 1003 void net_write64(u_int8_t *, u_int64_t); 1004 1005 void net_init(void); 1006 void net_cleanup(void); 1007 struct netbuf *net_netbuf_get(void); 1008 int net_send(struct connection *); 1009 int net_send_flush(struct connection *); 1010 int net_recv_flush(struct connection *); 1011 int net_read(struct connection *, size_t *); 1012 int net_read_tls(struct connection *, size_t *); 1013 int net_write(struct connection *, size_t, size_t *); 1014 int net_write_tls(struct connection *, size_t, size_t *); 1015 void net_recv_reset(struct connection *, size_t, 1016 int (*cb)(struct netbuf *)); 1017 void net_remove_netbuf(struct connection *, struct netbuf *); 1018 void net_recv_queue(struct connection *, size_t, int, 1019 int (*cb)(struct netbuf *)); 1020 void net_recv_expand(struct connection *c, size_t, 1021 int (*cb)(struct netbuf *)); 1022 void net_send_queue(struct connection *, const void *, size_t); 1023 void net_send_stream(struct connection *, void *, 1024 size_t, int (*cb)(struct netbuf *), struct netbuf **); 1025 void net_send_fileref(struct connection *, struct kore_fileref *); 1026 1027 void kore_buf_free(struct kore_buf *); 1028 struct kore_buf *kore_buf_alloc(size_t); 1029 void kore_buf_init(struct kore_buf *, size_t); 1030 void kore_buf_append(struct kore_buf *, const void *, size_t); 1031 u_int8_t *kore_buf_release(struct kore_buf *, size_t *); 1032 void kore_buf_reset(struct kore_buf *); 1033 void kore_buf_cleanup(struct kore_buf *); 1034 1035 char *kore_buf_stringify(struct kore_buf *, size_t *); 1036 void kore_buf_appendf(struct kore_buf *, const char *, ...); 1037 void kore_buf_appendv(struct kore_buf *, const char *, va_list); 1038 void kore_buf_replace_string(struct kore_buf *, 1039 const char *, const void *, size_t); 1040 1041 int kore_json_parse(struct kore_json *); 1042 void kore_json_cleanup(struct kore_json *); 1043 void kore_json_item_free(struct kore_json_item *); 1044 void kore_json_init(struct kore_json *, const void *, size_t); 1045 void kore_json_item_tobuf(struct kore_json_item *, struct kore_buf *); 1046 1047 const char *kore_json_strerror(struct kore_json *); 1048 struct kore_json_item *kore_json_find(struct kore_json_item *, 1049 const char *, u_int32_t); 1050 struct kore_json_item *kore_json_create_item(struct kore_json_item *, 1051 const char *, u_int32_t, ...); 1052 1053 void kore_keymgr_run(void); 1054 void kore_keymgr_cleanup(int); 1055 1056 #if defined(__cplusplus) 1057 } 1058 #endif 1059 1060 #endif /* !__H_KORE_H */ 1061