| [98] | 1 | package soju
|
|---|
| [1] | 2 |
|
|---|
| 3 | import (
|
|---|
| 4 | "fmt"
|
|---|
| [37] | 5 | "log"
|
|---|
| [472] | 6 | "mime"
|
|---|
| [1] | 7 | "net"
|
|---|
| [323] | 8 | "net/http"
|
|---|
| [24] | 9 | "sync"
|
|---|
| [323] | 10 | "sync/atomic"
|
|---|
| [67] | 11 | "time"
|
|---|
| [1] | 12 |
|
|---|
| 13 | "gopkg.in/irc.v3"
|
|---|
| [323] | 14 | "nhooyr.io/websocket"
|
|---|
| [370] | 15 |
|
|---|
| 16 | "git.sr.ht/~emersion/soju/config"
|
|---|
| [1] | 17 | )
|
|---|
| 18 |
|
|---|
| [67] | 19 | // TODO: make configurable
|
|---|
| [398] | 20 | var retryConnectDelay = time.Minute
|
|---|
| [206] | 21 | var connectTimeout = 15 * time.Second
|
|---|
| [205] | 22 | var writeTimeout = 10 * time.Second
|
|---|
| [398] | 23 | var upstreamMessageDelay = 2 * time.Second
|
|---|
| 24 | var upstreamMessageBurst = 10
|
|---|
| [67] | 25 |
|
|---|
| [9] | 26 | type Logger interface {
|
|---|
| 27 | Print(v ...interface{})
|
|---|
| 28 | Printf(format string, v ...interface{})
|
|---|
| 29 | }
|
|---|
| 30 |
|
|---|
| [21] | 31 | type prefixLogger struct {
|
|---|
| 32 | logger Logger
|
|---|
| 33 | prefix string
|
|---|
| 34 | }
|
|---|
| 35 |
|
|---|
| 36 | var _ Logger = (*prefixLogger)(nil)
|
|---|
| 37 |
|
|---|
| 38 | func (l *prefixLogger) Print(v ...interface{}) {
|
|---|
| 39 | v = append([]interface{}{l.prefix}, v...)
|
|---|
| 40 | l.logger.Print(v...)
|
|---|
| 41 | }
|
|---|
| 42 |
|
|---|
| 43 | func (l *prefixLogger) Printf(format string, v ...interface{}) {
|
|---|
| 44 | v = append([]interface{}{l.prefix}, v...)
|
|---|
| 45 | l.logger.Printf("%v"+format, v...)
|
|---|
| 46 | }
|
|---|
| 47 |
|
|---|
| [10] | 48 | type Server struct {
|
|---|
| [370] | 49 | Hostname string
|
|---|
| 50 | Logger Logger
|
|---|
| 51 | HistoryLimit int
|
|---|
| 52 | LogPath string
|
|---|
| 53 | Debug bool
|
|---|
| 54 | HTTPOrigins []string
|
|---|
| 55 | AcceptProxyIPs config.IPSet
|
|---|
| [385] | 56 | Identd *Identd // can be nil
|
|---|
| [22] | 57 |
|
|---|
| [531] | 58 | db Database
|
|---|
| [449] | 59 | stopWG sync.WaitGroup
|
|---|
| [77] | 60 |
|
|---|
| [449] | 61 | lock sync.Mutex
|
|---|
| 62 | listeners map[net.Listener]struct{}
|
|---|
| 63 | users map[string]*user
|
|---|
| [10] | 64 | }
|
|---|
| 65 |
|
|---|
| [531] | 66 | func NewServer(db Database) *Server {
|
|---|
| [37] | 67 | return &Server{
|
|---|
| [319] | 68 | Logger: log.New(log.Writer(), "", log.LstdFlags),
|
|---|
| 69 | HistoryLimit: 1000,
|
|---|
| [449] | 70 | db: db,
|
|---|
| 71 | listeners: make(map[net.Listener]struct{}),
|
|---|
| [319] | 72 | users: make(map[string]*user),
|
|---|
| [37] | 73 | }
|
|---|
| 74 | }
|
|---|
| 75 |
|
|---|
| [5] | 76 | func (s *Server) prefix() *irc.Prefix {
|
|---|
| 77 | return &irc.Prefix{Name: s.Hostname}
|
|---|
| 78 | }
|
|---|
| 79 |
|
|---|
| [449] | 80 | func (s *Server) Start() error {
|
|---|
| [77] | 81 | users, err := s.db.ListUsers()
|
|---|
| 82 | if err != nil {
|
|---|
| 83 | return err
|
|---|
| 84 | }
|
|---|
| [71] | 85 |
|
|---|
| [77] | 86 | s.lock.Lock()
|
|---|
| [378] | 87 | for i := range users {
|
|---|
| 88 | s.addUserLocked(&users[i])
|
|---|
| [71] | 89 | }
|
|---|
| [37] | 90 | s.lock.Unlock()
|
|---|
| 91 |
|
|---|
| [449] | 92 | return nil
|
|---|
| [10] | 93 | }
|
|---|
| 94 |
|
|---|
| [449] | 95 | func (s *Server) Shutdown() {
|
|---|
| 96 | s.lock.Lock()
|
|---|
| 97 | for ln := range s.listeners {
|
|---|
| 98 | if err := ln.Close(); err != nil {
|
|---|
| 99 | s.Logger.Printf("failed to stop listener: %v", err)
|
|---|
| 100 | }
|
|---|
| 101 | }
|
|---|
| 102 | for _, u := range s.users {
|
|---|
| 103 | u.events <- eventStop{}
|
|---|
| 104 | }
|
|---|
| 105 | s.lock.Unlock()
|
|---|
| 106 |
|
|---|
| 107 | s.stopWG.Wait()
|
|---|
| [599] | 108 |
|
|---|
| 109 | if err := s.db.Close(); err != nil {
|
|---|
| 110 | s.Logger.Printf("failed to close DB: %v", err)
|
|---|
| 111 | }
|
|---|
| [449] | 112 | }
|
|---|
| 113 |
|
|---|
| [329] | 114 | func (s *Server) createUser(user *User) (*user, error) {
|
|---|
| 115 | s.lock.Lock()
|
|---|
| 116 | defer s.lock.Unlock()
|
|---|
| 117 |
|
|---|
| 118 | if _, ok := s.users[user.Username]; ok {
|
|---|
| 119 | return nil, fmt.Errorf("user %q already exists", user.Username)
|
|---|
| 120 | }
|
|---|
| 121 |
|
|---|
| 122 | err := s.db.StoreUser(user)
|
|---|
| 123 | if err != nil {
|
|---|
| 124 | return nil, fmt.Errorf("could not create user in db: %v", err)
|
|---|
| 125 | }
|
|---|
| 126 |
|
|---|
| [378] | 127 | return s.addUserLocked(user), nil
|
|---|
| [329] | 128 | }
|
|---|
| 129 |
|
|---|
| [563] | 130 | func (s *Server) forEachUser(f func(*user)) {
|
|---|
| 131 | s.lock.Lock()
|
|---|
| 132 | for _, u := range s.users {
|
|---|
| 133 | f(u)
|
|---|
| 134 | }
|
|---|
| 135 | s.lock.Unlock()
|
|---|
| 136 | }
|
|---|
| 137 |
|
|---|
| [38] | 138 | func (s *Server) getUser(name string) *user {
|
|---|
| 139 | s.lock.Lock()
|
|---|
| 140 | u := s.users[name]
|
|---|
| 141 | s.lock.Unlock()
|
|---|
| 142 | return u
|
|---|
| 143 | }
|
|---|
| 144 |
|
|---|
| [378] | 145 | func (s *Server) addUserLocked(user *User) *user {
|
|---|
| 146 | s.Logger.Printf("starting bouncer for user %q", user.Username)
|
|---|
| 147 | u := newUser(s, user)
|
|---|
| 148 | s.users[u.Username] = u
|
|---|
| 149 |
|
|---|
| [449] | 150 | s.stopWG.Add(1)
|
|---|
| 151 |
|
|---|
| [378] | 152 | go func() {
|
|---|
| 153 | u.run()
|
|---|
| 154 |
|
|---|
| 155 | s.lock.Lock()
|
|---|
| 156 | delete(s.users, u.Username)
|
|---|
| 157 | s.lock.Unlock()
|
|---|
| [449] | 158 |
|
|---|
| 159 | s.stopWG.Done()
|
|---|
| [378] | 160 | }()
|
|---|
| 161 |
|
|---|
| 162 | return u
|
|---|
| 163 | }
|
|---|
| 164 |
|
|---|
| [323] | 165 | var lastDownstreamID uint64 = 0
|
|---|
| 166 |
|
|---|
| [347] | 167 | func (s *Server) handle(ic ircConn) {
|
|---|
| [323] | 168 | id := atomic.AddUint64(&lastDownstreamID, 1)
|
|---|
| [347] | 169 | dc := newDownstreamConn(s, ic, id)
|
|---|
| [323] | 170 | if err := dc.runUntilRegistered(); err != nil {
|
|---|
| 171 | dc.logger.Print(err)
|
|---|
| 172 | } else {
|
|---|
| 173 | dc.user.events <- eventDownstreamConnected{dc}
|
|---|
| 174 | if err := dc.readMessages(dc.user.events); err != nil {
|
|---|
| 175 | dc.logger.Print(err)
|
|---|
| 176 | }
|
|---|
| 177 | dc.user.events <- eventDownstreamDisconnected{dc}
|
|---|
| 178 | }
|
|---|
| 179 | dc.Close()
|
|---|
| 180 | }
|
|---|
| 181 |
|
|---|
| [3] | 182 | func (s *Server) Serve(ln net.Listener) error {
|
|---|
| [449] | 183 | s.lock.Lock()
|
|---|
| 184 | s.listeners[ln] = struct{}{}
|
|---|
| 185 | s.lock.Unlock()
|
|---|
| 186 |
|
|---|
| 187 | s.stopWG.Add(1)
|
|---|
| 188 |
|
|---|
| 189 | defer func() {
|
|---|
| 190 | s.lock.Lock()
|
|---|
| 191 | delete(s.listeners, ln)
|
|---|
| 192 | s.lock.Unlock()
|
|---|
| 193 |
|
|---|
| 194 | s.stopWG.Done()
|
|---|
| 195 | }()
|
|---|
| 196 |
|
|---|
| [1] | 197 | for {
|
|---|
| [323] | 198 | conn, err := ln.Accept()
|
|---|
| [601] | 199 | if isErrClosed(err) {
|
|---|
| [449] | 200 | return nil
|
|---|
| 201 | } else if err != nil {
|
|---|
| [1] | 202 | return fmt.Errorf("failed to accept connection: %v", err)
|
|---|
| 203 | }
|
|---|
| 204 |
|
|---|
| [347] | 205 | go s.handle(newNetIRCConn(conn))
|
|---|
| [1] | 206 | }
|
|---|
| 207 | }
|
|---|
| [323] | 208 |
|
|---|
| 209 | func (s *Server) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|---|
| 210 | conn, err := websocket.Accept(w, req, &websocket.AcceptOptions{
|
|---|
| [597] | 211 | Subprotocols: []string{"text.ircv3.net"}, // non-compliant, fight me
|
|---|
| [323] | 212 | OriginPatterns: s.HTTPOrigins,
|
|---|
| 213 | })
|
|---|
| 214 | if err != nil {
|
|---|
| 215 | s.Logger.Printf("failed to serve HTTP connection: %v", err)
|
|---|
| 216 | return
|
|---|
| 217 | }
|
|---|
| [345] | 218 |
|
|---|
| [370] | 219 | isProxy := false
|
|---|
| [345] | 220 | if host, _, err := net.SplitHostPort(req.RemoteAddr); err == nil {
|
|---|
| 221 | if ip := net.ParseIP(host); ip != nil {
|
|---|
| [370] | 222 | isProxy = s.AcceptProxyIPs.Contains(ip)
|
|---|
| [345] | 223 | }
|
|---|
| 224 | }
|
|---|
| 225 |
|
|---|
| [474] | 226 | // Only trust the Forwarded header field if this is a trusted proxy IP
|
|---|
| [345] | 227 | // to prevent users from spoofing the remote address
|
|---|
| [344] | 228 | remoteAddr := req.RemoteAddr
|
|---|
| [472] | 229 | if isProxy {
|
|---|
| 230 | forwarded := parseForwarded(req.Header)
|
|---|
| [473] | 231 | if forwarded["for"] != "" {
|
|---|
| 232 | remoteAddr = forwarded["for"]
|
|---|
| [472] | 233 | }
|
|---|
| [344] | 234 | }
|
|---|
| [345] | 235 |
|
|---|
| [347] | 236 | s.handle(newWebsocketIRCConn(conn, remoteAddr))
|
|---|
| [323] | 237 | }
|
|---|
| [472] | 238 |
|
|---|
| 239 | func parseForwarded(h http.Header) map[string]string {
|
|---|
| 240 | forwarded := h.Get("Forwarded")
|
|---|
| 241 | if forwarded == "" {
|
|---|
| [474] | 242 | return map[string]string{
|
|---|
| 243 | "for": h.Get("X-Forwarded-For"),
|
|---|
| 244 | "proto": h.Get("X-Forwarded-Proto"),
|
|---|
| 245 | "host": h.Get("X-Forwarded-Host"),
|
|---|
| 246 | }
|
|---|
| [472] | 247 | }
|
|---|
| 248 | // Hack to easily parse header parameters
|
|---|
| 249 | _, params, _ := mime.ParseMediaType("hack; " + forwarded)
|
|---|
| 250 | return params
|
|---|
| 251 | }
|
|---|
