| [98] | 1 | package soju
|
|---|
| [1] | 2 |
|
|---|
| 3 | import (
|
|---|
| 4 | "fmt"
|
|---|
| [37] | 5 | "log"
|
|---|
| [1] | 6 | "net"
|
|---|
| [323] | 7 | "net/http"
|
|---|
| [24] | 8 | "sync"
|
|---|
| [323] | 9 | "sync/atomic"
|
|---|
| [67] | 10 | "time"
|
|---|
| [1] | 11 |
|
|---|
| 12 | "gopkg.in/irc.v3"
|
|---|
| [323] | 13 | "nhooyr.io/websocket"
|
|---|
| [370] | 14 |
|
|---|
| 15 | "git.sr.ht/~emersion/soju/config"
|
|---|
| [1] | 16 | )
|
|---|
| 17 |
|
|---|
| [67] | 18 | // TODO: make configurable
|
|---|
| [71] | 19 | var retryConnectMinDelay = time.Minute
|
|---|
| [206] | 20 | var connectTimeout = 15 * time.Second
|
|---|
| [205] | 21 | var writeTimeout = 10 * time.Second
|
|---|
| [67] | 22 |
|
|---|
| [9] | 23 | type Logger interface {
|
|---|
| 24 | Print(v ...interface{})
|
|---|
| 25 | Printf(format string, v ...interface{})
|
|---|
| 26 | }
|
|---|
| 27 |
|
|---|
| [21] | 28 | type prefixLogger struct {
|
|---|
| 29 | logger Logger
|
|---|
| 30 | prefix string
|
|---|
| 31 | }
|
|---|
| 32 |
|
|---|
| 33 | var _ Logger = (*prefixLogger)(nil)
|
|---|
| 34 |
|
|---|
| 35 | func (l *prefixLogger) Print(v ...interface{}) {
|
|---|
| 36 | v = append([]interface{}{l.prefix}, v...)
|
|---|
| 37 | l.logger.Print(v...)
|
|---|
| 38 | }
|
|---|
| 39 |
|
|---|
| 40 | func (l *prefixLogger) Printf(format string, v ...interface{}) {
|
|---|
| 41 | v = append([]interface{}{l.prefix}, v...)
|
|---|
| 42 | l.logger.Printf("%v"+format, v...)
|
|---|
| 43 | }
|
|---|
| 44 |
|
|---|
| [10] | 45 | type Server struct {
|
|---|
| [370] | 46 | Hostname string
|
|---|
| 47 | Logger Logger
|
|---|
| 48 | RingCap int
|
|---|
| 49 | HistoryLimit int
|
|---|
| 50 | LogPath string
|
|---|
| 51 | Debug bool
|
|---|
| 52 | HTTPOrigins []string
|
|---|
| 53 | AcceptProxyIPs config.IPSet
|
|---|
| [22] | 54 |
|
|---|
| [77] | 55 | db *DB
|
|---|
| 56 |
|
|---|
| [172] | 57 | lock sync.Mutex
|
|---|
| 58 | users map[string]*user
|
|---|
| [10] | 59 | }
|
|---|
| 60 |
|
|---|
| [77] | 61 | func NewServer(db *DB) *Server {
|
|---|
| [37] | 62 | return &Server{
|
|---|
| [319] | 63 | Logger: log.New(log.Writer(), "", log.LstdFlags),
|
|---|
| 64 | RingCap: 4096,
|
|---|
| 65 | HistoryLimit: 1000,
|
|---|
| 66 | users: make(map[string]*user),
|
|---|
| 67 | db: db,
|
|---|
| [37] | 68 | }
|
|---|
| 69 | }
|
|---|
| 70 |
|
|---|
| [5] | 71 | func (s *Server) prefix() *irc.Prefix {
|
|---|
| 72 | return &irc.Prefix{Name: s.Hostname}
|
|---|
| 73 | }
|
|---|
| 74 |
|
|---|
| [77] | 75 | func (s *Server) Run() error {
|
|---|
| 76 | users, err := s.db.ListUsers()
|
|---|
| 77 | if err != nil {
|
|---|
| 78 | return err
|
|---|
| 79 | }
|
|---|
| [71] | 80 |
|
|---|
| [77] | 81 | s.lock.Lock()
|
|---|
| [378] | 82 | for i := range users {
|
|---|
| 83 | s.addUserLocked(&users[i])
|
|---|
| [71] | 84 | }
|
|---|
| [37] | 85 | s.lock.Unlock()
|
|---|
| 86 |
|
|---|
| [77] | 87 | select {}
|
|---|
| [10] | 88 | }
|
|---|
| 89 |
|
|---|
| [329] | 90 | func (s *Server) createUser(user *User) (*user, error) {
|
|---|
| 91 | s.lock.Lock()
|
|---|
| 92 | defer s.lock.Unlock()
|
|---|
| 93 |
|
|---|
| 94 | if _, ok := s.users[user.Username]; ok {
|
|---|
| 95 | return nil, fmt.Errorf("user %q already exists", user.Username)
|
|---|
| 96 | }
|
|---|
| 97 |
|
|---|
| 98 | err := s.db.StoreUser(user)
|
|---|
| 99 | if err != nil {
|
|---|
| 100 | return nil, fmt.Errorf("could not create user in db: %v", err)
|
|---|
| 101 | }
|
|---|
| 102 |
|
|---|
| [378] | 103 | return s.addUserLocked(user), nil
|
|---|
| [329] | 104 | }
|
|---|
| 105 |
|
|---|
| [38] | 106 | func (s *Server) getUser(name string) *user {
|
|---|
| 107 | s.lock.Lock()
|
|---|
| 108 | u := s.users[name]
|
|---|
| 109 | s.lock.Unlock()
|
|---|
| 110 | return u
|
|---|
| 111 | }
|
|---|
| 112 |
|
|---|
| [378] | 113 | func (s *Server) addUserLocked(user *User) *user {
|
|---|
| 114 | s.Logger.Printf("starting bouncer for user %q", user.Username)
|
|---|
| 115 | u := newUser(s, user)
|
|---|
| 116 | s.users[u.Username] = u
|
|---|
| 117 |
|
|---|
| 118 | go func() {
|
|---|
| 119 | u.run()
|
|---|
| 120 |
|
|---|
| 121 | s.lock.Lock()
|
|---|
| 122 | delete(s.users, u.Username)
|
|---|
| 123 | s.lock.Unlock()
|
|---|
| 124 | }()
|
|---|
| 125 |
|
|---|
| 126 | return u
|
|---|
| 127 | }
|
|---|
| 128 |
|
|---|
| [323] | 129 | var lastDownstreamID uint64 = 0
|
|---|
| 130 |
|
|---|
| [347] | 131 | func (s *Server) handle(ic ircConn) {
|
|---|
| [323] | 132 | id := atomic.AddUint64(&lastDownstreamID, 1)
|
|---|
| [347] | 133 | dc := newDownstreamConn(s, ic, id)
|
|---|
| [323] | 134 | if err := dc.runUntilRegistered(); err != nil {
|
|---|
| 135 | dc.logger.Print(err)
|
|---|
| 136 | } else {
|
|---|
| 137 | dc.user.events <- eventDownstreamConnected{dc}
|
|---|
| 138 | if err := dc.readMessages(dc.user.events); err != nil {
|
|---|
| 139 | dc.logger.Print(err)
|
|---|
| 140 | }
|
|---|
| 141 | dc.user.events <- eventDownstreamDisconnected{dc}
|
|---|
| 142 | }
|
|---|
| 143 | dc.Close()
|
|---|
| 144 | }
|
|---|
| 145 |
|
|---|
| [3] | 146 | func (s *Server) Serve(ln net.Listener) error {
|
|---|
| [1] | 147 | for {
|
|---|
| [323] | 148 | conn, err := ln.Accept()
|
|---|
| [1] | 149 | if err != nil {
|
|---|
| 150 | return fmt.Errorf("failed to accept connection: %v", err)
|
|---|
| 151 | }
|
|---|
| 152 |
|
|---|
| [347] | 153 | go s.handle(newNetIRCConn(conn))
|
|---|
| [1] | 154 | }
|
|---|
| 155 | }
|
|---|
| [323] | 156 |
|
|---|
| 157 | func (s *Server) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|---|
| 158 | conn, err := websocket.Accept(w, req, &websocket.AcceptOptions{
|
|---|
| 159 | OriginPatterns: s.HTTPOrigins,
|
|---|
| [348] | 160 | Subprotocols: []string{"irc"},
|
|---|
| [323] | 161 | })
|
|---|
| 162 | if err != nil {
|
|---|
| 163 | s.Logger.Printf("failed to serve HTTP connection: %v", err)
|
|---|
| 164 | return
|
|---|
| 165 | }
|
|---|
| [345] | 166 |
|
|---|
| [370] | 167 | isProxy := false
|
|---|
| [345] | 168 | if host, _, err := net.SplitHostPort(req.RemoteAddr); err == nil {
|
|---|
| 169 | if ip := net.ParseIP(host); ip != nil {
|
|---|
| [370] | 170 | isProxy = s.AcceptProxyIPs.Contains(ip)
|
|---|
| [345] | 171 | }
|
|---|
| 172 | }
|
|---|
| 173 |
|
|---|
| [370] | 174 | // Only trust X-Forwarded-* header fields if this is a trusted proxy IP
|
|---|
| [345] | 175 | // to prevent users from spoofing the remote address
|
|---|
| [344] | 176 | remoteAddr := req.RemoteAddr
|
|---|
| 177 | forwardedHost := req.Header.Get("X-Forwarded-For")
|
|---|
| 178 | forwardedPort := req.Header.Get("X-Forwarded-Port")
|
|---|
| [370] | 179 | if isProxy && forwardedHost != "" && forwardedPort != "" {
|
|---|
| [344] | 180 | remoteAddr = net.JoinHostPort(forwardedHost, forwardedPort)
|
|---|
| 181 | }
|
|---|
| [345] | 182 |
|
|---|
| [347] | 183 | s.handle(newWebsocketIRCConn(conn, remoteAddr))
|
|---|
| [323] | 184 | }
|
|---|
