2022-09-19 19:13:40 +00:00
|
|
|
/* snac - A simple, minimalistic ActivityPub instance */
|
2023-07-28 09:34:18 +00:00
|
|
|
/* copyright (c) 2022 - 2023 grunfink et al. / MIT license */
|
2022-09-19 18:47:22 +00:00
|
|
|
|
|
|
|
#define XS_IMPLEMENTATION
|
|
|
|
|
|
|
|
#include "xs.h"
|
|
|
|
#include "xs_io.h"
|
2023-05-09 12:18:15 +00:00
|
|
|
#include "xs_unicode.h"
|
2022-09-19 18:47:22 +00:00
|
|
|
#include "xs_json.h"
|
|
|
|
#include "xs_curl.h"
|
|
|
|
#include "xs_openssl.h"
|
|
|
|
#include "xs_socket.h"
|
2023-09-25 16:25:09 +00:00
|
|
|
#include "xs_url.h"
|
2022-09-19 18:47:22 +00:00
|
|
|
#include "xs_httpd.h"
|
2022-09-25 19:02:47 +00:00
|
|
|
#include "xs_mime.h"
|
2022-09-27 08:51:50 +00:00
|
|
|
#include "xs_regex.h"
|
2022-09-28 08:27:01 +00:00
|
|
|
#include "xs_set.h"
|
2022-10-02 07:27:17 +00:00
|
|
|
#include "xs_time.h"
|
2022-10-03 09:18:49 +00:00
|
|
|
#include "xs_glob.h"
|
2023-06-05 16:29:25 +00:00
|
|
|
#include "xs_random.h"
|
2023-09-17 00:52:44 +00:00
|
|
|
#include "xs_match.h"
|
2023-10-17 18:02:08 +00:00
|
|
|
#include "xs_fcgi.h"
|
2022-09-19 18:47:22 +00:00
|
|
|
|
|
|
|
#include "snac.h"
|
|
|
|
|
2022-09-19 20:19:14 +00:00
|
|
|
#include <sys/time.h>
|
2022-09-25 05:28:42 +00:00
|
|
|
#include <sys/stat.h>
|
2022-09-19 20:19:14 +00:00
|
|
|
|
2023-06-05 16:22:04 +00:00
|
|
|
xs_str *srv_basedir = NULL;
|
|
|
|
xs_dict *srv_config = NULL;
|
|
|
|
xs_str *srv_baseurl = NULL;
|
2022-09-19 19:13:40 +00:00
|
|
|
|
|
|
|
int dbglevel = 0;
|
|
|
|
|
|
|
|
|
2023-02-07 08:25:01 +00:00
|
|
|
int mkdirx(const char *pathname)
|
|
|
|
/* creates a directory with special permissions */
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
|
2023-07-09 18:23:38 +00:00
|
|
|
if ((ret = mkdir(pathname, DIR_PERM)) != -1) {
|
|
|
|
/* try to the set the setgid bit, to allow system users
|
|
|
|
to create files in these directories using the
|
|
|
|
command-line tool. This may fail in some restricted
|
|
|
|
environments, but it's of no use there anyway */
|
|
|
|
chmod(pathname, DIR_PERM_ADD);
|
|
|
|
}
|
2023-02-07 08:25:01 +00:00
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2022-10-26 04:43:47 +00:00
|
|
|
int valid_status(int status)
|
|
|
|
/* is this HTTP status valid? */
|
|
|
|
{
|
|
|
|
return status >= 200 && status <= 299;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2023-06-05 16:22:04 +00:00
|
|
|
xs_str *tid(int offset)
|
2022-09-19 20:19:14 +00:00
|
|
|
/* returns a time-based Id */
|
|
|
|
{
|
|
|
|
struct timeval tv;
|
|
|
|
|
2022-10-15 21:43:09 +00:00
|
|
|
gettimeofday(&tv, NULL);
|
2022-09-19 20:19:14 +00:00
|
|
|
|
2022-09-20 10:00:13 +00:00
|
|
|
return xs_fmt("%10d.%06d", tv.tv_sec + offset, tv.tv_usec);
|
2022-09-19 20:19:14 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2022-09-28 15:18:30 +00:00
|
|
|
double ftime(void)
|
|
|
|
/* returns the UNIX time as a float */
|
|
|
|
{
|
|
|
|
xs *ntid = tid(0);
|
|
|
|
|
|
|
|
return atof(ntid);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2022-12-04 20:14:18 +00:00
|
|
|
int validate_uid(const char *uid)
|
2022-09-25 05:28:42 +00:00
|
|
|
/* returns if uid is a valid identifier */
|
|
|
|
{
|
2023-10-13 04:33:12 +00:00
|
|
|
if (!uid || *uid == '\0')
|
|
|
|
return 0;
|
|
|
|
|
2022-09-25 05:28:42 +00:00
|
|
|
while (*uid) {
|
|
|
|
if (!(isalnum(*uid) || *uid == '_'))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
uid++;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2023-09-27 11:19:46 +00:00
|
|
|
void srv_log(xs_str *str)
|
2022-09-19 19:30:19 +00:00
|
|
|
/* logs a debug message */
|
2022-09-19 19:13:40 +00:00
|
|
|
{
|
2022-12-14 03:55:47 +00:00
|
|
|
if (xs_str_in(str, srv_basedir) != -1) {
|
2022-09-24 08:18:34 +00:00
|
|
|
/* replace basedir with ~ */
|
2022-12-14 03:55:47 +00:00
|
|
|
str = xs_replace_i(str, srv_basedir, "~");
|
2022-09-24 08:18:34 +00:00
|
|
|
}
|
|
|
|
|
2023-09-27 11:19:46 +00:00
|
|
|
xs *tm = xs_str_localtime(0, "%H:%M:%S");
|
|
|
|
fprintf(stderr, "%s %s\n", tm, str);
|
|
|
|
|
|
|
|
/* if the ~/log/ folder exists, also write to a file there */
|
|
|
|
xs *dt = xs_str_localtime(0, "%Y-%m-%d");
|
|
|
|
xs *lf = xs_fmt("%s/log/%s.log", srv_basedir, dt);
|
|
|
|
FILE *f;
|
|
|
|
if ((f = fopen(lf, "a")) != NULL) {
|
|
|
|
fprintf(f, "%s %s\n", tm, str);
|
|
|
|
fclose(f);
|
2022-09-19 19:30:19 +00:00
|
|
|
}
|
2022-12-14 03:55:47 +00:00
|
|
|
|
|
|
|
xs_free(str);
|
2022-09-19 19:13:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2023-09-27 11:19:46 +00:00
|
|
|
void snac_log(snac *snac, xs_str *str)
|
2022-09-19 20:23:33 +00:00
|
|
|
/* prints a user debugging information */
|
|
|
|
{
|
2022-09-24 08:12:26 +00:00
|
|
|
xs *o_str = str;
|
2023-06-05 16:22:04 +00:00
|
|
|
xs_str *msg = xs_fmt("[%s] %s", snac->uid, o_str);
|
2022-09-19 20:23:33 +00:00
|
|
|
|
2022-09-24 08:22:30 +00:00
|
|
|
if (xs_str_in(msg, snac->basedir) != -1) {
|
2022-09-24 08:18:34 +00:00
|
|
|
/* replace long basedir references with ~ */
|
2022-09-27 08:20:33 +00:00
|
|
|
msg = xs_replace_i(msg, snac->basedir, "~");
|
2022-09-24 08:18:34 +00:00
|
|
|
}
|
|
|
|
|
2023-09-27 11:19:46 +00:00
|
|
|
srv_log(msg);
|
2022-09-19 20:23:33 +00:00
|
|
|
}
|
2022-09-19 20:58:27 +00:00
|
|
|
|
|
|
|
|
2023-06-05 16:22:04 +00:00
|
|
|
xs_str *hash_password(const char *uid, const char *passwd, const char *nonce)
|
2022-09-19 20:58:27 +00:00
|
|
|
/* hashes a password */
|
|
|
|
{
|
|
|
|
xs *d_nonce = NULL;
|
|
|
|
xs *combi;
|
|
|
|
xs *hash;
|
|
|
|
|
2022-12-14 03:55:47 +00:00
|
|
|
if (nonce == NULL) {
|
2023-06-05 16:29:25 +00:00
|
|
|
unsigned int r;
|
|
|
|
xs_rnd_buf(&r, sizeof(r));
|
|
|
|
d_nonce = xs_fmt("%08x", r);
|
2022-12-14 03:55:47 +00:00
|
|
|
nonce = d_nonce;
|
|
|
|
}
|
2022-09-19 20:58:27 +00:00
|
|
|
|
|
|
|
combi = xs_fmt("%s:%s:%s", nonce, uid, passwd);
|
|
|
|
hash = xs_sha1_hex(combi, strlen(combi));
|
|
|
|
|
|
|
|
return xs_fmt("%s:%s", nonce, hash);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2022-12-04 20:14:18 +00:00
|
|
|
int check_password(const char *uid, const char *passwd, const char *hash)
|
2022-09-19 20:58:27 +00:00
|
|
|
/* checks a password */
|
|
|
|
{
|
|
|
|
int ret = 0;
|
2022-09-19 21:08:59 +00:00
|
|
|
xs *spl = xs_split_n(hash, ":", 1);
|
2022-09-19 20:58:27 +00:00
|
|
|
|
|
|
|
if (xs_list_len(spl) == 2) {
|
|
|
|
xs *n_hash = hash_password(uid, passwd, xs_list_get(spl, 0));
|
|
|
|
|
|
|
|
ret = (strcmp(hash, n_hash) == 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|