ladybird/Userland/Services/RequestServer/main.cpp

/*
 * Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
 *
 * SPDX-License-Identifier: BSD-2-Clause
 */

#include <AK/OwnPtr.h>
#include <LibCore/EventLoop.h>
#include <LibCore/LocalServer.h>
#include <LibCore/System.h>
#include <LibIPC/SingleServer.h>
#include <LibMain/Main.h>
#include <LibTLS/Certificate.h>
#include <RequestServer/ConnectionFromClient.h>
#include <RequestServer/GeminiProtocol.h>
#include <RequestServer/HttpProtocol.h>
#include <RequestServer/HttpsProtocol.h>
#include <signal.h>

ErrorOr<int> serenity_main(Main::Arguments)
{
    if constexpr (TLS_SSL_KEYLOG_DEBUG)
        TRY(Core::System::pledge("stdio inet accept unix cpath wpath rpath sendfd recvfd sigaction"));
    else
        TRY(Core::System::pledge("stdio inet accept unix rpath sendfd recvfd sigaction"));

#ifdef SIGINFO
    signal(SIGINFO, [](int) { RequestServer::ConnectionCache::dump_jobs(); });
#endif

    if constexpr (TLS_SSL_KEYLOG_DEBUG)
        TRY(Core::System::pledge("stdio inet accept unix cpath wpath rpath sendfd recvfd"));
    else
        TRY(Core::System::pledge("stdio inet accept unix rpath sendfd recvfd"));

    // Ensure the certificates are read out here.
    // FIXME: Allow specifying extra certificates on the command line, or in other configuration.
    [[maybe_unused]] auto& certs = DefaultRootCACertificates::the();

    Core::EventLoop event_loop;
    // FIXME: Establish a connection to LookupServer and then drop "unix"?
    TRY(Core::System::unveil("/tmp/portal/lookup", "rw"));
    TRY(Core::System::unveil("/etc/timezone", "r"));
    if constexpr (TLS_SSL_KEYLOG_DEBUG)
        TRY(Core::System::unveil("/home/anon", "rwc"));
    TRY(Core::System::unveil(nullptr, nullptr));

    [[maybe_unused]] auto gemini = make<RequestServer::GeminiProtocol>();
    [[maybe_unused]] auto http = make<RequestServer::HttpProtocol>();
    [[maybe_unused]] auto https = make<RequestServer::HttpsProtocol>();

    auto client = TRY(IPC::take_over_accepted_client_from_system_server<RequestServer::ConnectionFromClient>());

    auto result = event_loop.exec();

    // FIXME: We exit instead of returning, so that protocol destructors don't get called.
    //        The Protocol base class should probably do proper de-registration instead of
    //        just VERIFY_NOT_REACHED().
    exit(result);
}
Meta: Add license header to source files As suggested by Joshua, this commit adds the 2-clause BSD license as a comment block to the top of every source file. For the first pass, I've just added myself for simplicity. I encourage everyone to add themselves as copyright holders of any file they've added or modified in some significant way. If I've added myself in error somewhere, feel free to replace it with the appropriate copyright holder instead. Going forward, all new source files should include a license header. 2020-01-18 11:38:21 +03:00			`/*`
			`* Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>`
			`*`
Everything: Move to SPDX license identifiers in all files. SPDX License Identifiers are a more compact / standardized way of representing file license information. See: https://spdx.dev/resources/use/#identifiers This was done with the `ambr` search and replace tool. ambr --no-parent-ignore --key-from-file --rep-from-file key.txt rep.txt * 2021-04-22 11:24:48 +03:00			`* SPDX-License-Identifier: BSD-2-Clause`
Meta: Add license header to source files As suggested by Joshua, this commit adds the 2-clause BSD license as a comment block to the top of every source file. For the first pass, I've just added myself for simplicity. I encourage everyone to add themselves as copyright holders of any file they've added or modified in some significant way. If I've added myself in error somewhere, feel free to replace it with the appropriate copyright holder instead. Going forward, all new source files should include a license header. 2020-01-18 11:38:21 +03:00			`*/`

RequestServer: Use smart pointers for allocating protocols 2021-08-31 11:19:20 +03:00			`#include <AK/OwnPtr.h>`
LibCore: Remove leading C from filenames 2020-02-06 17:04:03 +03:00			`#include <LibCore/EventLoop.h>`
			`#include <LibCore/LocalServer.h>`
LibCore+LibSystem: Move syscall wrappers from LibSystem to LibCore With this change, System::foo() becomes Core::System::foo(). Since LibCore builds on other systems than SerenityOS, we now have to make sure that wrappers work with just a standard C library underneath. 2021-11-23 12:59:50 +03:00			`#include <LibCore/System.h>`
LibIPC: Add IPC::take_over_accepted_client_from_system_server<Client>() This is an encapsulation of the common work done by all of our single-client IPC servers on startup: 1. Create a Core::LocalSocket, taking over an accepted fd. 2. Create an application-specific ClientConnection object, wrapping the socket. It's not a huge change in terms of lines saved, but I do feel that it improves expressiveness. :^) 2021-12-06 20:11:05 +03:00			`#include <LibIPC/SingleServer.h>`
RequestServer: Port to LibMain :^) 2021-11-23 12:41:57 +03:00			`#include <LibMain/Main.h>`
LibProtocol+LibGemini+LibHTTP: Provide root certificates to LibTLS Now we (almost) verify all the sites we browse. Certificate verification failures should not be unexpected, as the existing CA certificates are likely not complete. 2020-10-30 11:27:32 +03:00			`#include <LibTLS/Certificate.h>`
Userland: Rename IPC ClientConnection => ConnectionFromClient This was done with CLion's automatic rename feature and with: find . -name ClientConnection.h \| rename 's/ClientConnection\.h/ConnectionFromClient.h/' find . -name ClientConnection.cpp \| rename 's/ClientConnection\.cpp/ConnectionFromClient.cpp/' 2022-02-25 13:18:30 +03:00			`#include <RequestServer/ConnectionFromClient.h>`
Services: Rename ProtocolServer to RequestServer The current ProtocolServer was really only used for requests, and with the recent introduction of the WebSocket service, long-lasting connections with another server are not part of it. To better reflect this, this commit renames it to RequestServer. This commit also changes the existing 'protocol' portal to 'request', the existing 'protocol' user and group to 'request', and most mentions of the 'download' aspect of the request to 'request' when relevant, to make everything consistent across the system. Note that LibProtocol still exists as-is, but the more generic Client class and the more specific Download class have both been renamed to a more accurate RequestClient and Request to match the new names. This commit only change names, not behaviors. 2021-04-23 23:45:52 +03:00			`#include <RequestServer/GeminiProtocol.h>`
			`#include <RequestServer/HttpProtocol.h>`
			`#include <RequestServer/HttpsProtocol.h>`
LibIPC: Add missing <signal.h> include 2021-10-23 22:42:07 +03:00			`#include <signal.h>`
ProtocolServer+LibProtocol: Introduce a server for handling downloads This patch adds ProtocolServer, a server that handles network requests on behalf of its clients. The first protocol implemented is HTTP. The idea here is to use a plug-in architecture where any number of protocols can be added and implemented without having to mess around with each client program that wants to use the protocol. A simple client API is provided through LibProtocol::Client. :^) 2019-11-23 23:45:33 +03:00
RequestServer: Port to LibMain :^) 2021-11-23 12:41:57 +03:00			`ErrorOr<int> serenity_main(Main::Arguments)`
ProtocolServer+LibProtocol: Introduce a server for handling downloads This patch adds ProtocolServer, a server that handles network requests on behalf of its clients. The first protocol implemented is HTTP. The idea here is to use a plug-in architecture where any number of protocols can be added and implemented without having to mess around with each client program that wants to use the protocol. A simple client API is provided through LibProtocol::Client. :^) 2019-11-23 23:45:33 +03:00			`{`
LibTLS+RequestServer: Add an option to dump TLS keys to a log file This file allows us to decrypt TLS messages in wireshark, which can help immensely in debugging network stuff :^) 2022-02-09 22:42:56 +03:00			`if constexpr (TLS_SSL_KEYLOG_DEBUG)`
			`TRY(Core::System::pledge("stdio inet accept unix cpath wpath rpath sendfd recvfd sigaction"));`
			`else`
			`TRY(Core::System::pledge("stdio inet accept unix rpath sendfd recvfd sigaction"));`

RequestServer: Only attach SIGINFO signal handler if SIGINFO is defined 2022-07-04 19:04:00 +03:00			`#ifdef SIGINFO`
RequestServer: Don't hide the SIGINFO state dump behind a debug macro Until we're confident that RequestServer doesn't need this runtime debug dump helper, it's much nicer if everyone has it built in, so they can simply send a SIGINFO if they see it acting up. 2021-10-01 20:59:51 +03:00			`signal(SIGINFO, [](int) { RequestServer::ConnectionCache::dump_jobs(); });`
RequestServer: Only attach SIGINFO signal handler if SIGINFO is defined 2022-07-04 19:04:00 +03:00			`#endif`
LibTLS+RequestServer: Add an option to dump TLS keys to a log file This file allows us to decrypt TLS messages in wireshark, which can help immensely in debugging network stuff :^) 2022-02-09 22:42:56 +03:00
			`if constexpr (TLS_SSL_KEYLOG_DEBUG)`
			`TRY(Core::System::pledge("stdio inet accept unix cpath wpath rpath sendfd recvfd"));`
			`else`
			`TRY(Core::System::pledge("stdio inet accept unix rpath sendfd recvfd"));`
RequestServer: Don't hide the SIGINFO state dump behind a debug macro Until we're confident that RequestServer doesn't need this runtime debug dump helper, it's much nicer if everyone has it built in, so they can simply send a SIGINFO if they see it acting up. 2021-10-01 20:59:51 +03:00
LibProtocol+LibGemini+LibHTTP: Provide root certificates to LibTLS Now we (almost) verify all the sites we browse. Certificate verification failures should not be unexpected, as the existing CA certificates are likely not complete. 2020-10-30 11:27:32 +03:00			`// Ensure the certificates are read out here.`
RequestServer+LibTLS: Allow applications to specify multiple root certs 2024-02-05 19:34:51 +03:00			`// FIXME: Allow specifying extra certificates on the command line, or in other configuration.`
Everywhere: Switch from (void) to [[maybe_unused]] (#4473) Problem: - `(void)` simply casts the expression to void. This is understood to indicate that it is ignored, but this is really a compiler trick to get the compiler to not generate a warning. Solution: - Use the `[[maybe_unused]]` attribute to indicate the value is unused. Note: - Functions taking a `(void)` argument list have also been changed to `()` because this is not needed and shows up in the same grep command. 2020-12-21 02:09:48 +03:00			`[[maybe_unused]] auto& certs = DefaultRootCACertificates::the();`
LibProtocol+LibGemini+LibHTTP: Provide root certificates to LibTLS Now we (almost) verify all the sites we browse. Certificate verification failures should not be unexpected, as the existing CA certificates are likely not complete. 2020-10-30 11:27:32 +03:00
LibCore: Put all classes in the Core namespace and remove the leading C I've been wanting to do this for a long time. It's time we start being consistent about how this stuff works. The new convention is: - "LibFoo" is a userspace library that provides the "Foo" namespace. That's it :^) This was pretty tedious to convert and I didn't even start on LibGUI yet. But it's coming up next. 2020-02-02 14:34:39 +03:00			`Core::EventLoop event_loop;`
Kernel: Add "accept" pledge promise for accepting incoming connections This patch adds a new "accept" promise that allows you to call accept() on an already listening socket. This lets programs set up a socket for for listening and then dropping "inet" and/or "unix" so that only incoming (and existing) connections are allowed from that point on. No new outgoing connections or listening server sockets can be created. In addition to accept() it also allows getsockopt() with SOL_SOCKET and SO_PEERCRED, which is used to find the PID/UID/GID of the socket peer. This is used by our IPC library when creating shared buffers that should only be accessible to a specific peer process. This allows us to drop "unix" in WindowServer and LookupServer. :^) It also makes the debugging/introspection RPC sockets in CEventLoop based programs work again. 2020-01-17 13:12:06 +03:00			`// FIXME: Establish a connection to LookupServer and then drop "unix"?`
LibCore+LibSystem: Move syscall wrappers from LibSystem to LibCore With this change, System::foo() becomes Core::System::foo(). Since LibCore builds on other systems than SerenityOS, we now have to make sure that wrappers work with just a standard C library underneath. 2021-11-23 12:59:50 +03:00			`TRY(Core::System::unveil("/tmp/portal/lookup", "rw"));`
RequestServer: Unveil /etc/timezone for date-time usage 2022-01-23 20:01:59 +03:00			`TRY(Core::System::unveil("/etc/timezone", "r"));`
LibTLS+RequestServer: Add an option to dump TLS keys to a log file This file allows us to decrypt TLS messages in wireshark, which can help immensely in debugging network stuff :^) 2022-02-09 22:42:56 +03:00			`if constexpr (TLS_SSL_KEYLOG_DEBUG)`
			`TRY(Core::System::unveil("/home/anon", "rwc"));`
LibCore+LibSystem: Move syscall wrappers from LibSystem to LibCore With this change, System::foo() becomes Core::System::foo(). Since LibCore builds on other systems than SerenityOS, we now have to make sure that wrappers work with just a standard C library underneath. 2021-11-23 12:59:50 +03:00			`TRY(Core::System::unveil(nullptr, nullptr));`
ProtocolServer: Use unveil() 2020-05-04 19:48:20 +03:00
RequestServer: Use smart pointers for allocating protocols 2021-08-31 11:19:20 +03:00			`[[maybe_unused]] auto gemini = make<RequestServer::GeminiProtocol>();`
			`[[maybe_unused]] auto http = make<RequestServer::HttpProtocol>();`
			`[[maybe_unused]] auto https = make<RequestServer::HttpsProtocol>();`
ProtocolServer: Turn this into a multi-instance service Everyone who connects to ProtocolServer now gets his own instance. This means that different users can no longer talk to the same exact ProtocolServer process, enhanching security and stability. 2020-07-06 14:27:25 +03:00
Userland: Rename IPC ClientConnection => ConnectionFromClient This was done with CLion's automatic rename feature and with: find . -name ClientConnection.h \| rename 's/ClientConnection\.h/ConnectionFromClient.h/' find . -name ClientConnection.cpp \| rename 's/ClientConnection\.cpp/ConnectionFromClient.cpp/' 2022-02-25 13:18:30 +03:00			`auto client = TRY(IPC::take_over_accepted_client_from_system_server<RequestServer::ConnectionFromClient>());`
LibIPC: Add IPC::take_over_accepted_client_from_system_server<Client>() This is an encapsulation of the common work done by all of our single-client IPC servers on startup: 1. Create a Core::LocalSocket, taking over an accepted fd. 2. Create an application-specific ClientConnection object, wrapping the socket. It's not a huge change in terms of lines saved, but I do feel that it improves expressiveness. :^) 2021-12-06 20:11:05 +03:00
RequestServer: Exit early to avoid executing protocol destructors I broke this when I made the protocol objects be wrapped by smart pointers to appease static analysis. The Protocol base class currently VERIFY's that it's never called. So to have the best of both worlds until someone actually fixes the code to do proper de-registration, just call `exit(..)` so the smart pointers never go out of scope. 2021-09-05 20:31:39 +03:00			`auto result = event_loop.exec();`

			`// FIXME: We exit instead of returning, so that protocol destructors don't get called.`
			`// The Protocol base class should probably do proper de-registration instead of`
			`// just VERIFY_NOT_REACHED().`
			`exit(result);`
ProtocolServer+LibProtocol: Introduce a server for handling downloads This patch adds ProtocolServer, a server that handles network requests on behalf of its clients. The first protocol implemented is HTTP. The idea here is to use a plug-in architecture where any number of protocols can be added and implemented without having to mess around with each client program that wants to use the protocol. A simple client API is provided through LibProtocol::Client. :^) 2019-11-23 23:45:33 +03:00			`}`