haven/hid/main.go

2025 lines
50 KiB
Go
Raw Normal View History

//
// Copyright (c) 2014 - 2018, Přemysl Janouch <p@janouch.name>
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
//
// hid is a straight-forward port of kike IRCd from C.
package main
import (
"bufio"
"crypto/sha256"
"crypto/tls"
"encoding/hex"
"flag"
"fmt"
"io"
"log"
"net"
"os"
"os/signal"
"os/user"
"path/filepath"
"regexp"
"strconv"
"strings"
"syscall"
"time"
)
var debugMode = false
const (
projectName = "hid"
// TODO: Consider using the same version number for all subprojects.
projectVersion = "0"
)
// --- Utilities ---------------------------------------------------------------
// Split a string by a set of UTF-8 delimiters, optionally ignoring empty items.
func splitString(s, delims string, ignoreEmpty bool) (result []string) {
for {
end := strings.IndexAny(s, delims)
if end < 0 {
break
}
if !ignoreEmpty || end != 0 {
result = append(result, s[:end])
}
s = s[end+1:]
}
if !ignoreEmpty || s != "" {
result = append(result, s)
}
return
}
func findTildeHome(username string) string {
if username != "" {
if u, _ := user.Lookup(username); u != nil {
return u.HomeDir
}
} else if u, _ := user.Current(); u != nil {
return u.HomeDir
} else if v, ok := os.LookupEnv("HOME"); ok {
return v
}
return "~" + username
}
// Tries to expand the tilde in paths, leaving it as-is on error.
func expandTilde(path string) string {
if path[0] != '~' {
return path
}
var n int
for n = 0; n < len(path); n++ {
if path[n] == '/' {
break
}
}
return findTildeHome(path[1:n]) + path[n:]
}
func getXDGHomeDir(name, def string) string {
env := os.Getenv(name)
if env != "" && env[0] == '/' {
return env
}
home := ""
if v, ok := os.LookupEnv("HOME"); ok {
home = v
} else if u, _ := user.Current(); u != nil {
home = u.HomeDir
}
return filepath.Join(home, def)
}
// Retrieve all XDG base directories for configuration files.
func getXDGConfigDirs() (result []string) {
home := getXDGHomeDir("XDG_CONFIG_HOME", ".config")
if home != "" {
result = append(result, home)
}
dirs := os.Getenv("XDG_CONFIG_DIRS")
if dirs == "" {
dirs = "/etc/xdg"
}
for _, path := range strings.Split(dirs, ":") {
if path != "" {
result = append(result, path)
}
}
return
}
//
// Trivial SSL/TLS autodetection. The first block of data returned by Recvfrom
// must be at least three octets long for this to work reliably, but that should
// not pose a problem in practice. We might try waiting for them.
//
// SSL2: 1xxx xxxx | xxxx xxxx | <1>
// (message length) (client hello)
// SSL3/TLS: <22> | <3> | xxxx xxxx
// (handshake)| (protocol version)
//
func detectTLS(sysconn syscall.RawConn) (isTLS bool) {
sysconn.Read(func(fd uintptr) (done bool) {
var buf [3]byte
n, _, err := syscall.Recvfrom(int(fd), buf[:], syscall.MSG_PEEK)
switch {
case n == 3:
isTLS = buf[0]&0x80 != 0 && buf[2] == 1
fallthrough
case n == 2:
isTLS = buf[0] == 22 && buf[1] == 3
case n == 1:
isTLS = buf[0] == 22
case err == syscall.EAGAIN:
return false
}
return true
})
return isTLS
}
// --- Configuration -----------------------------------------------------------
// XXX: Do we really want to support default nil values?
var config = []struct {
key string // INI key
def []rune // default value, may be nil
description string // documentation
}{
// XXX: I'm not sure if Go will cooperate here.
{"pid_file", nil, "Path or name of the PID file"},
{"bind", []rune(":6667"), "Address of the IRC server"},
}
/*
// Read a configuration file with the given basename w/o extension.
func readConfigFile(name string, output interface{}) error {
var suffix = filepath.Join(projectName, name+".json")
for _, path := range getXDGConfigDirs() {
full := filepath.Join(path, suffix)
file, err := os.Open(full)
if err != nil {
if !os.IsNotExist(err) {
return err
}
continue
}
defer file.Close()
// TODO: We don't want to use JSON.
decoder := json.NewDecoder(file)
err = decoder.Decode(output)
if err != nil {
return fmt.Errorf("%s: %s", full, err)
}
return nil
}
return errors.New("configuration file not found")
}
*/
// --- Rate limiter ------------------------------------------------------------
type floodDetector struct {
interval uint // interval for the limit in seconds
limit uint // maximum number of events allowed
timestamps []int64 // timestamps of last events
pos uint // index of the oldest event
}
func newFloodDetector(interval, limit uint) *floodDetector {
return &floodDetector{
interval: interval,
limit: limit,
timestamps: make([]int64, limit+1),
pos: 0,
}
}
func (fd *floodDetector) check() bool {
now := time.Now().UnixNano()
fd.timestamps[fd.pos] = now
fd.pos++
if fd.pos > fd.limit {
fd.pos = 0
}
var count uint
begin := now - int64(time.Second)*int64(fd.interval)
for _, ts := range fd.timestamps {
if ts >= begin {
count++
}
}
return count <= fd.limit
}
// --- IRC protocol ------------------------------------------------------------
//go:generate sh -c "./hid-gen-replies.sh > hid-replies.go < hid-replies"
func ircToLower(c byte) byte {
switch c {
case '[':
return '{'
case ']':
return '}'
case '\\':
return '|'
case '~':
return '^'
}
if c >= 'A' && c <= 'Z' {
return c + ('a' - 'A')
}
return c
}
func ircToUpper(c byte) byte {
switch c {
case '{':
return '['
case '}':
return ']'
case '|':
return '\\'
case '^':
return '~'
}
if c >= 'a' && c <= 'z' {
return c - ('a' - 'A')
}
return c
}
// Convert identifier to a canonical form for case-insensitive comparisons.
// ircToUpper is used so that statically initialized maps can be in uppercase.
func ircToCanon(ident string) string {
var canon []byte
for _, c := range []byte(ident) {
canon = append(canon, ircToUpper(c))
}
return string(canon)
}
func ircEqual(s1, s2 string) bool {
return ircToCanon(s1) == ircToCanon(s2)
}
func ircFnmatch(pattern string, s string) bool {
pattern, s = ircToCanon(pattern), ircToCanon(s)
// FIXME: This should not support [] ranges and handle '/' specially.
// We could translate the pattern to a regular expression.
matched, _ := filepath.Match(pattern, s)
return matched
}
// TODO: We will need to add support for IRCv3 tags.
var reMsg = regexp.MustCompile(
`^(?::([^! ]*)(?:!([^@]*)@([^ ]*))? +)?([^ ]+)(.*)?$`)
var reArgs = regexp.MustCompile(`:.*| [^: ][^ ]*`)
type message struct {
nick string // optional nickname
user string // optional username
host string // optional hostname or IP address
command string // command name
params []string // arguments
}
// Everything as per RFC 2812
const (
ircMaxNickname = 9
ircMaxHostname = 63
ircMaxChannelName = 50
ircMaxMessageLength = 510
)
// TODO: Port the IRC token validation part as needed.
const reClassSpecial = "\\[\\]\\\\`_^{|}"
var (
// Extending ASCII to the whole range of Unicode letters.
reNickname = regexp.MustCompile(
`^[\pL` + reClassSpecial + `][\pL` + reClassSpecial + `0-9-]*$`)
// Notably, this won't match invalid UTF-8 characters, although the
// behaviour seems to be unstated in the documentation.
reUsername = regexp.MustCompile(`^[^\0\r\n @]+$`)
reChannelName = regexp.MustCompile(`^[^\0\7\r\n ,:]+$`)
)
func ircIsValidNickname(nickname string) bool {
return len(nickname) <= ircMaxNickname && reNickname.MatchString(nickname)
}
func ircIsValidUsername(username string) bool {
// XXX: We really should put a limit on this
// despite the RFC not mentioning one.
return reUsername.MatchString(username)
}
func ircIsValidChannelName(name string) bool {
return len(name) <= ircMaxChannelName && reChannelName.MatchString(name)
}
// --- Clients (equals users) --------------------------------------------------
type connCloseWrite interface {
net.Conn
CloseWrite() error
}
const ircSupportedUserModes = "aiwros"
const (
ircUserModeInvisible = 1 << iota
ircUserModeRxWallops
ircUserModeRestricted
ircUserModeOperator
ircUserModeRxServerNotices
)
const (
ircCapMultiPrefix = 1 << iota
ircCapInviteNotify
ircCapEchoMessage
ircCapUserhostInNames
ircCapServerTime
)
type client struct {
transport net.Conn // underlying connection
tls *tls.Conn // TLS, if detected
conn connCloseWrite // high-level connection
recvQ []byte // unprocessed input
sendQ []byte // unprocessed output
reading bool // whether a reading goroutine is running
writing bool // whether a writing goroutine is running
closing bool // whether we're closing the connection
killTimer *time.Timer // hard kill timeout
opened int64 // when the connection was opened
nSentMessages uint // number of sent messages total
sentBytes int // number of sent bytes total
nReceivedMessages uint // number of received messages total
receivedBytes int // number of received bytes total
hostname string // hostname or IP shown to the network
port string // port of the peer as a string
address string // full network address
pingTimer *time.Timer // we should send a PING
timeoutTimer *time.Timer // connection seems to be dead
registered bool // the user has registered
capNegotiating bool // negotiating capabilities
capsEnabled uint // enabled capabilities
capVersion uint // CAP protocol version
tlsCertFingerprint string // client certificate fingerprint
nickname string // IRC nickname (main identifier)
username string // IRC username
realname string // IRC realname (or e-mail)
mode uint // user's mode
awayMessage string // away message
lastActive int64 // last PRIVMSG, to get idle time
invites map[string]bool // channel invitations by operators
antiflood floodDetector // flood detector
}
// --- Channels ----------------------------------------------------------------
const ircSupportedChanModes = "ov" + "beI" + "imnqpst" + "kl"
const (
ircChanModeInviteOnly = 1 << iota
ircChanModeModerated
ircChanModeNoOutsideMsgs
ircChanModeQuiet
ircChanModePrivate
ircChanModeSecret
ircChanModeProtectedTopic
ircChanModeOperator
ircChanModeVoice
)
type channel struct {
name string // channel name
modes uint // channel modes
key string // channel key
userLimit int // user limit or -1
created int64 // creation time
topic string // channel topic
topicWho string // who set the topic
topicTime int64 // when the topic was set
userModes map[*client]uint // modes for all channel users
banList []string // ban list
exceptionList []string // exceptions from bans
inviteList []string // exceptions from +I
}
func newChannel() *channel {
return &channel{userLimit: -1}
}
// TODO: Port struct channel methods.
// --- IRC server context ------------------------------------------------------
type whowasInfo struct {
nickname, username, realname, hostname string
}
func newWhowasInfo(c *client) *whowasInfo {
return &whowasInfo{
nickname: c.nickname,
username: c.username,
realname: c.realname,
hostname: c.hostname,
}
}
// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
type ircCommand struct {
requiresRegistration bool
handler func(*message, *client)
nReceived uint // number of commands received
bytesReceived int // number of bytes received total
}
type preparedEvent struct {
client *client
host string // client's hostname or literal IP address
isTLS bool // the client seems to use TLS
}
type readEvent struct {
client *client
data []byte // new data from the client
err error // read error
}
type writeEvent struct {
client *client
written int // amount of bytes written
err error // write error
}
// TODO: Port server_context. Maybe we want to keep it in a struct?
// XXX: Beware that maps with identifier keys need to be indexed correctly.
// We might want to enforce accessor functions for users and channels.
var (
started int64 // when has the server been started
users map[string]*client // maps nicknames to clients
channels map[string]*channel // maps channel names to data
whowas map[string]*whowasInfo // WHOWAS registry
serverName string // our server name
pingInterval uint // ping interval in seconds
maxConnections int // max connections allowed or 0
motd []string // MOTD (none if empty)
operators map[string]bool // TLS certificate fingerprints for IRCops
)
var (
sigs = make(chan os.Signal, 1)
conns = make(chan net.Conn)
prepared = make(chan preparedEvent)
reads = make(chan readEvent)
writes = make(chan writeEvent)
timeouts = make(chan *client)
tlsConf *tls.Config
clients = make(map[*client]bool)
listener net.Listener
quitting bool
quitTimer <-chan time.Time
)
// Forcefully tear down all connections.
func forceQuit(reason string) {
if !quitting {
log.Fatalln("forceQuit called without initiateQuit")
}
log.Printf("forced shutdown (%s)\n", reason)
for c := range clients {
// initiateQuit has already unregistered the client.
c.kill("Shutting down")
}
}
// Initiate a clean shutdown of the whole daemon.
func initiateQuit() {
log.Println("shutting down")
if err := listener.Close(); err != nil {
log.Println(err)
}
for c := range clients {
c.closeLink("Shutting down")
}
quitTimer = time.After(5 * time.Second)
quitting = true
}
// TODO: ircChannelCreate
func ircChannelDestroyIfEmpty(ch *channel) {
// TODO
}
func ircSendToRoommates(c *client, message string) {
// TODO
}
// --- Clients (continued) -----------------------------------------------------
func ircAppendClientModes(m uint, mode []byte) []byte {
if 0 != m&ircUserModeInvisible {
mode = append(mode, 'i')
}
if 0 != m&ircUserModeRxWallops {
mode = append(mode, 'w')
}
if 0 != m&ircUserModeRestricted {
mode = append(mode, 'r')
}
if 0 != m&ircUserModeOperator {
mode = append(mode, 'o')
}
if 0 != m&ircUserModeRxServerNotices {
mode = append(mode, 's')
}
return mode
}
func (c *client) getMode() string {
var mode []byte
if c.awayMessage != "" {
mode = append(mode, 'a')
}
return string(ircAppendClientModes(c.mode, mode))
}
func (c *client) send(line string) {
if c.conn == nil || c.closing {
return
}
oldSendQLen := len(c.sendQ)
// So far there's only one message tag we use, so we can do it simple;
// note that a 1024-character limit applies to messages with tags on.
if 0 != c.capsEnabled&ircCapServerTime {
c.sendQ = time.Now().UTC().
AppendFormat(c.sendQ, "@time=2006-01-02T15:04:05.000Z ")
}
bytes := []byte(line)
if len(bytes) > ircMaxMessageLength {
bytes = bytes[:ircMaxMessageLength]
}
// TODO: Kill the connection above some "SendQ" threshold (careful!)
c.sendQ = append(c.sendQ, bytes...)
c.sendQ = append(c.sendQ, "\r\n"...)
c.flushSendQ()
// Technically we haven't sent it yet but that's a minor detail
c.nSentMessages++
c.sentBytes += len(c.sendQ) - oldSendQLen
}
func (c *client) sendf(format string, a ...interface{}) {
c.send(fmt.Sprintf(format, a...))
}
func (c *client) addToWhowas() {
// Only keeping one entry for each nickname.
// TODO: Make sure this list doesn't get too long, for example by
// putting them in a linked list ordered by time.
whowas[ircToCanon(c.nickname)] = newWhowasInfo(c)
}
func (c *client) nicknameOrStar() string {
if c.nickname == "" {
return "*"
}
return c.nickname
}
func (c *client) unregister(reason string) {
if !c.registered {
return
}
ircSendToRoommates(c, fmt.Sprintf(":%s!%s@%s QUIT :%s",
c.nickname, c.username, c.hostname, reason))
// The eventual QUIT message will take care of state at clients.
for _, ch := range channels {
delete(ch.userModes, c)
ircChannelDestroyIfEmpty(ch)
}
c.addToWhowas()
delete(users, ircToCanon(c.nickname))
c.nickname = ""
c.registered = false
}
// Close the connection and forget about the client.
func (c *client) kill(reason string) {
if reason == "" {
reason = "Client exited"
}
c.unregister(reason)
// TODO: Log the address; seems like we always have c.address.
log.Println("client destroyed")
// Try to send a "close notify" alert if the TLS object is ready,
// otherwise just tear down the transport.
if c.conn != nil {
_ = c.conn.Close()
} else {
_ = c.transport.Close()
}
// Clean up the goroutine, although a spurious event may still be sent.
// TODO: Other timers if needed.
if c.killTimer != nil {
c.killTimer.Stop()
}
delete(clients, c)
}
// Tear down the client connection, trying to do so in a graceful manner.
func (c *client) closeLink(reason string) {
// Let's just cut the connection, the client can try again later.
// We also want to avoid accidentally writing to the socket before
// address resolution has finished.
if c.conn == nil {
c.kill(reason)
return
}
if c.closing {
return
}
// We push an "ERROR" message to the write buffer and let the writer send
// it, with some arbitrary timeout. The "closing" state makes sure
// that a/ we ignore any successive messages, and b/ that the connection
// is killed after the write buffer is transferred and emptied.
// (Since we send this message, we don't need to call CloseWrite here.)
c.sendf("ERROR :Closing link: %s[%s] (%s)",
c.nicknameOrStar(), c.hostname /* TODO host IP? */, reason)
c.closing = true
c.unregister(reason)
c.killTimer = time.AfterFunc(3*time.Second, func() {
timeouts <- c
})
}
func (c *client) inMaskList(masks []string) bool {
client := fmt.Sprintf("%s!%s@%s", c.nickname, c.username, c.hostname)
for _, mask := range masks {
if ircFnmatch(mask, client) {
return true
}
}
return false
}
func (c *client) getTLSCertFingerprint() string {
if c.tls == nil {
return ""
}
peerCerts := c.tls.ConnectionState().PeerCertificates
if len(peerCerts) == 0 {
return ""
}
hash := sha256.Sum256(peerCerts[0].Raw)
return hex.EncodeToString(hash[:])
}
// --- Timers ------------------------------------------------------------------
// TODO
// --- IRC command handling ----------------------------------------------------
// XXX: ap doesn't really need to be a slice.
func (c *client) makeReply(id int, ap []interface{}) string {
s := fmt.Sprintf(":%s %03d %s ", serverName, id, c.nicknameOrStar())
a := fmt.Sprintf(defaultReplies[id], ap...)
return s + a
}
// XXX: This way we cannot typecheck the arguments, so we must be careful.
func (c *client) sendReply(id int, args ...interface{}) {
c.send(c.makeReply(id, args))
}
/// Send a space-separated list of words across as many replies as needed.
func (c *client) sendReplyVector(id int, items []string, args ...interface{}) {
common := c.makeReply(id, args)
// We always send at least one message (there might be a client that
// expects us to send this message at least once).
for len(items) > 0 {
// If not even a single item fits in the limit (which may happen,
// in theory) it just gets cropped. We could also skip it.
reply := append([]byte(common), items[0]...)
// Append as many items as fits in a single message.
for len(items) > 0 &&
len(reply)+1+len(items[0]) <= ircMaxMessageLength {
reply = append(reply, ' ')
reply = append(reply, items[0]...)
items = items[1:]
}
c.send(string(reply))
}
}
func (c *client) sendMOTD() {
if len(motd) == 0 {
c.sendReply(ERR_NOMOTD)
return
}
c.sendReply(RPL_MOTDSTART, serverName)
for _, line := range motd {
c.sendReply(RPL_MOTD, line)
}
c.sendReply(RPL_ENDOFMOTD)
}
func (c *client) sendLUSERS() {
nUsers, nServices, nOpers, nUnknown := 0, 0, 0, 0
for c := range clients {
if c.registered {
nUsers++
} else {
nUnknown++
}
if 0 != c.mode&ircUserModeOperator {
nOpers++
}
}
nChannels := 0
for _, ch := range channels {
if 0 != ch.modes&ircChanModeSecret {
nChannels++
}
}
c.sendReply(RPL_LUSERCLIENT, nUsers, nServices, 1 /* servers total */)
if nOpers != 0 {
c.sendReply(RPL_LUSEROP, nOpers)
}
if nUnknown != 0 {
c.sendReply(RPL_LUSERUNKNOWN, nUnknown)
}
if nChannels != 0 {
c.sendReply(RPL_LUSERCHANNELS, nChannels)
}
c.sendReply(RPL_LUSERME, nUsers+nServices+nUnknown, 0 /* peer servers */)
}
func isThisMe(target string) bool {
// Target servers can also be matched by their users
if ircFnmatch(target, serverName) {
return true
}
_, ok := users[ircToCanon(target)]
return ok
}
func (c *client) sendISUPPORT() {
// Only # channels, +e supported, +I supported, unlimited arguments to MODE
c.sendReply(RPL_ISUPPORT, "CHANTYPES=# EXCEPTS INVEX MODES"+
" TARGMAX=WHOIS:,LIST:,NAMES:,PRIVMSG:1,NOTICE:1,KICK:"+
" NICKLEN=%d CHANNELLEN=%d", ircMaxNickname, ircMaxChannelName)
}
func (c *client) tryFinishRegistration() {
if c.registered || c.capNegotiating {
return
}
if c.nickname == "" || c.username == "" {
return
}
c.registered = true
c.sendReply(RPL_WELCOME, c.nickname, c.username, c.hostname)
c.sendReply(RPL_YOURHOST, serverName, projectVersion)
// The purpose of this message eludes me.
c.sendReply(RPL_CREATED, time.Unix(started, 0).Format("Mon, 02 Jan 2006"))
c.sendReply(RPL_MYINFO, serverName, projectVersion,
ircSupportedUserModes, ircSupportedChanModes)
c.sendISUPPORT()
c.sendLUSERS()
c.sendMOTD()
if mode := c.getMode(); mode != "" {
c.sendf(":%s MODE %s :+%s", c.nickname, c.nickname, mode)
}
c.tlsCertFingerprint = c.getTLSCertFingerprint()
if c.tlsCertFingerprint != "" {
c.sendf(":%s NOTICE %s :Your TLS client certificate fingerprint is %s",
serverName, c.nickname, c.tlsCertFingerprint)
}
delete(whowas, ircToCanon(c.nickname))
}
// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
// IRCv3 capability negotiation. See http://ircv3.org for details.
type ircCapArgs struct {
subcommand string // the subcommand being processed
fullParams string // whole parameter string
params []string // split parameters
target string // target parameter for replies
}
var ircCapTable = []struct {
flag uint // flag
name string // name of the capability
}{
{ircCapMultiPrefix, "multi-prefix"},
{ircCapInviteNotify, "invite-notify"},
{ircCapEchoMessage, "echo-message"},
{ircCapUserhostInNames, "userhost-in-names"},
{ircCapServerTime, "server-time"},
}
func (c *client) handleCAPLS(a *ircCapArgs) {
if len(a.params) == 1 {
if ver, err := strconv.ParseUint(a.params[0], 10, 32); err != nil {
c.sendReply(ERR_INVALIDCAPCMD, a.subcommand,
"Ignoring invalid protocol version number")
} else {
c.capVersion = uint(ver)
}
}
c.capNegotiating = true
c.sendf(":%s CAP %s LS :multi-prefix invite-notify echo-message"+
" userhost-in-names server-time", serverName, a.target)
}
func (c *client) handleCAPLIST(a *ircCapArgs) {
caps := []string{}
for _, cap := range ircCapTable {
if 0 != c.capsEnabled&cap.flag {
caps = append(caps, cap.name)
}
}
c.sendf(":%s CAP %s LIST :%s", serverName, a.target,
strings.Join(caps, " "))
}
func ircDecodeCapability(name string) uint {
for _, cap := range ircCapTable {
if cap.name == name {
return cap.flag
}
}
return 0
}
func (c *client) handleCAPREQ(a *ircCapArgs) {
c.capNegotiating = true
newCaps := c.capsEnabled
ok := true
for _, param := range a.params {
removing := false
name := param
if name[:1] == "-" {
removing = true
name = name[1:]
}
if cap := ircDecodeCapability(name); cap == 0 {
ok = false
} else if removing {
newCaps &= ^cap
} else {
newCaps |= cap
}
}
if ok {
c.capsEnabled = newCaps
c.sendf(":%s CAP %s ACK :%s", serverName, a.target, a.fullParams)
} else {
c.sendf(":%s CAP %s NAK :%s", serverName, a.target, a.fullParams)
}
}
func (c *client) handleCAPACK(a *ircCapArgs) {
if len(a.params) > 0 {
c.sendReply(ERR_INVALIDCAPCMD, a.subcommand,
"No acknowledgable capabilities supported")
}
}
func (c *client) handleCAPEND(a *ircCapArgs) {
c.capNegotiating = false
c.tryFinishRegistration()
}
// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
var ircCapHandlers = map[string]func(*client, *ircCapArgs){
"LS": (*client).handleCAPLS,
"LIST": (*client).handleCAPLIST,
"REQ": (*client).handleCAPREQ,
"ACK": (*client).handleCAPACK,
"END": (*client).handleCAPEND,
}
// XXX: Maybe these also deserve to be methods for client? They operato on
// global state, though.
func ircHandleCAP(msg *message, c *client) {
if len(msg.params) < 1 {
c.sendReply(ERR_NEEDMOREPARAMS, msg.command)
return
}
args := &ircCapArgs{
target: c.nicknameOrStar(),
subcommand: msg.params[0],
fullParams: "",
params: []string{},
}
if len(msg.params) > 1 {
args.fullParams = msg.params[1]
args.params = splitString(args.fullParams, " ", true)
}
if fn, ok := ircCapHandlers[ircToCanon(args.subcommand)]; !ok {
c.sendReply(ERR_INVALIDCAPCMD, args.subcommand,
"Invalid CAP subcommand")
} else {
fn(c, args)
}
}
func ircHandlePASS(msg *message, c *client) {
if c.registered {
c.sendReply(ERR_ALREADYREGISTERED)
} else if len(msg.params) < 1 {
c.sendReply(ERR_NEEDMOREPARAMS, msg.command)
}
// We have TLS client certificates for this purpose; ignoring.
}
func ircHandleNICK(msg *message, c *client) {
if len(msg.params) < 1 {
c.sendReply(ERR_NONICKNAMEGIVEN)
return
}
nickname := msg.params[0]
if !ircIsValidNickname(nickname) {
c.sendReply(ERR_ERRONEOUSNICKNAME, nickname)
return
}
nicknameCanon := ircToCanon(nickname)
if client, ok := users[nicknameCanon]; ok && client != c {
c.sendReply(ERR_NICKNAMEINUSE, nickname)
return
}
if c.registered {
c.addToWhowas()
message := fmt.Sprintf(":%s!%s@%s NICK :%s",
c.nickname, c.username, c.hostname, nickname)
ircSendToRoommates(c, message)
c.send(message)
}
// Release the old nickname and allocate a new one.
if c.nickname != "" {
delete(users, ircToCanon(c.nickname))
}
c.nickname = nickname
users[nicknameCanon] = c
c.tryFinishRegistration()
}
func ircHandleUSER(msg *message, c *client) {
if c.registered {
c.sendReply(ERR_ALREADYREGISTERED)
return
}
if len(msg.params) < 4 {
c.sendReply(ERR_NEEDMOREPARAMS, msg.command)
return
}
username, mode, realname := msg.params[0], msg.params[1], msg.params[3]
// Unfortunately, the protocol doesn't give us any means of rejecting it.
if !ircIsValidUsername(username) {
username = "*"
}
c.username = username
c.realname = realname
c.mode = 0
if m, err := strconv.ParseUint(mode, 10, 32); err != nil {
if 0 != m&4 {
c.mode |= ircUserModeRxWallops
}
if 0 != m&8 {
c.mode |= ircUserModeInvisible
}
}
c.tryFinishRegistration()
}
func ircHandleUSERHOST(msg *message, c *client) {
if len(msg.params) < 1 {
c.sendReply(ERR_NEEDMOREPARAMS, msg.command)
return
}
var reply []byte
for i := 0; i < 5 && i < len(msg.params); i++ {
nick := msg.params[i]
target := users[ircToCanon(nick)]
if target == nil {
continue
}
if i != 0 {
reply = append(reply, ' ')
}
reply = append(reply, nick...)
if 0 != target.mode&ircUserModeOperator {
reply = append(reply, '*')
}
if target.awayMessage != "" {
reply = append(reply, "=-"...)
} else {
reply = append(reply, "=+"...)
}
reply = append(reply, (target.username + "@" + target.hostname)...)
}
c.sendReply(RPL_USERHOST, string(reply))
}
func ircHandleLUSERS(msg *message, c *client) {
if len(msg.params) > 1 && !isThisMe(msg.params[1]) {
c.sendReply(ERR_NOSUCHSERVER, msg.params[1])
return
}
c.sendLUSERS()
}
func ircHandleMOTD(msg *message, c *client) {
if len(msg.params) > 0 && !isThisMe(msg.params[0]) {
c.sendReply(ERR_NOSUCHSERVER, msg.params[1])
return
}
c.sendMOTD()
}
func ircHandlePING(msg *message, c *client) {
// XXX: The RFC is pretty incomprehensible about the exact usage.
if len(msg.params) > 1 && !isThisMe(msg.params[1]) {
c.sendReply(ERR_NOSUCHSERVER, msg.params[1])
} else if len(msg.params) < 1 {
c.sendReply(ERR_NOORIGIN)
} else {
c.sendf(":%s PONG :%s", serverName, msg.params[0])
}
}
func ircHandlePONG(msg *message, c *client) {
// We are the only server, so we don't have to care too much.
if len(msg.params) < 1 {
c.sendReply(ERR_NOORIGIN)
return
}
// Set a new timer to send another PING
// TODO
}
func ircHandleQUIT(msg *message, c *client) {
reason := c.nickname
if len(msg.params) > 0 {
reason = msg.params[0]
}
c.closeLink("Quit: " + reason)
}
func ircHandleTIME(msg *message, c *client) {
if len(msg.params) > 0 && !isThisMe(msg.params[0]) {
c.sendReply(ERR_NOSUCHSERVER, msg.params[0])
return
}
c.sendReply(RPL_TIME, serverName,
time.Now().Format("Mon Jan _2 2006 15:04:05"))
}
func ircHandleVERSION(msg *message, c *client) {
if len(msg.params) > 0 && !isThisMe(msg.params[0]) {
c.sendReply(ERR_NOSUCHSERVER, msg.params[0])
return
}
postVersion := 0
if debugMode {
postVersion = 1
}
c.sendReply(RPL_VERSION, projectVersion, postVersion, serverName,
projectName+" "+projectVersion)
c.sendISUPPORT()
}
func ircChannelMulticast(ch *channel, msg string, except *client) {
for c := range ch.userModes {
if c != except {
c.send(msg)
}
}
}
/*
func ircModifyMode(mask *uint, mode uint, add bool) bool {
orig := *mask
if add {
*mask |= mode
} else {
*mask &= ^mode
}
return *mask != orig
}
func ircUpdateUserMode(c *client, newMode uint) {
// TODO: Port, as well as all the other kike functions.
}
*/
func ircHandleMODE(msg *message, c *client) {
if len(msg.params) < 1 {
c.sendReply(ERR_NEEDMOREPARAMS, msg.command)
return
}
// TODO
target := msg.params[0]
client := users[ircToCanon(target)]
ch := users[ircToCanon(target)]
if client != nil {
// TODO
if ircEqual(target, c.nickname) {
}
} else if ch != nil {
// TODO
}
}
func ircHandleUserMessage(msg *message, c *client,
command string, allowAwayReply bool) {
if len(msg.params) < 1 {
c.sendReply(ERR_NORECIPIENT, msg.command)
return
}
if len(msg.params) < 2 || msg.params[1] == "" {
c.sendReply(ERR_NOTEXTTOSEND)
return
}
target, text := msg.params[0], msg.params[1]
message := fmt.Sprintf(":%s!%s@%s %s %s :%s",
c.nickname, c.username, c.hostname, command, target, text)
if client := users[ircToCanon(target)]; client != nil {
client.send(message)
if allowAwayReply && client.awayMessage != "" {
c.sendReply(RPL_AWAY, target, client.awayMessage)
}
// Acknowledging a message from the client to itself would be silly.
if client != c && (0 != c.capsEnabled&ircCapEchoMessage) {
c.send(message)
}
} else if ch := channels[ircToCanon(target)]; ch != nil {
modes, present := ch.userModes[c]
outsider := !present && 0 != ch.modes&ircChanModeNoOutsideMsgs
moderated := 0 != ch.modes&ircChanModeModerated &&
0 == modes&(ircChanModeVoice|ircChanModeOperator)
banned := c.inMaskList(ch.banList) && !c.inMaskList(ch.exceptionList)
if outsider || moderated || banned {
c.sendReply(ERR_CANNOTSENDTOCHAN, target)
return
}
except := c
if 0 != c.capsEnabled&ircCapEchoMessage {
except = nil
}
ircChannelMulticast(ch, message, except)
} else {
c.sendReply(ERR_NOSUCHNICK, target)
}
}
func ircHandlePRIVMSG(msg *message, c *client) {
ircHandleUserMessage(msg, c, "PRIVMSG", true /* allowAwayReply */)
// Let's not care too much about success or failure.
c.lastActive = time.Now().UnixNano()
}
func ircHandleNOTICE(msg *message, c *client) {
ircHandleUserMessage(msg, c, "NOTICE", false /* allowAwayReply */)
}
func ircHandleLIST(msg *message, c *client) {
if len(msg.params) > 1 && !isThisMe(msg.params[1]) {
c.sendReply(ERR_NOSUCHSERVER, msg.params[1])
return
}
// XXX: Maybe we should skip ircUserModeInvisible from user counts.
if len(msg.params) == 0 {
for _, ch := range channels {
if _, present := ch.userModes[c]; present ||
0 == ch.modes&(ircChanModePrivate|ircChanModeSecret) {
c.sendReply(RPL_LIST, ch.name, len(ch.userModes), ch.topic)
}
}
} else {
for _, target := range splitString(msg.params[0], ",", true) {
if ch := channels[ircToCanon(target)]; ch != nil &&
0 == ch.modes&ircChanModeSecret {
c.sendReply(RPL_LIST, ch.name, len(ch.userModes), ch.topic)
}
}
}
c.sendReply(RPL_LISTEND)
}
func ircAppendPrefixes(c *client, modes uint, buf []byte) []byte {
var all []byte
if 0 != modes&ircChanModeOperator {
all = append(all, '@')
}
if 0 != modes&ircChanModeVoice {
all = append(all, '+')
}
if len(all) > 0 {
if 0 != c.capsEnabled&ircCapMultiPrefix {
buf = append(buf, all...)
} else {
buf = append(buf, all[0])
}
}
return buf
}
func ircMakeRPLNAMREPLYItem(c, target *client, modes uint) string {
result := string(ircAppendPrefixes(c, modes, nil)) + target.nickname
if 0 != c.capsEnabled&ircCapUserhostInNames {
result += fmt.Sprintf("!%s@%s", target.username, target.hostname)
}
return result
}
// TODO: Consider using *client instead of string as the map key.
func ircSendRPLNAMREPLY(c *client, ch *channel, usedNicks map[string]bool) {
kind := '='
if 0 != ch.modes&ircChanModeSecret {
kind = '@'
} else if 0 != ch.modes&ircChanModePrivate {
kind = '*'
}
_, present := ch.userModes[c]
var nicks []string
for client, modes := range ch.userModes {
if !present && 0 != client.mode&ircUserModeInvisible {
continue
}
if usedNicks != nil {
usedNicks[ircToCanon(client.nickname)] = true
}
nicks = append(nicks, ircMakeRPLNAMREPLYItem(c, client, modes))
}
c.sendReplyVector(RPL_NAMREPLY, nicks, kind, ch.name, "")
}
func ircSendDisassociatedNames(c *client, usedNicks map[string]bool) {
var nicks []string
for canonNickname, client := range users {
if 0 == client.mode&ircUserModeInvisible && !usedNicks[canonNickname] {
nicks = append(nicks, ircMakeRPLNAMREPLYItem(c, client, 0))
}
}
if len(nicks) > 0 {
c.sendReplyVector(RPL_NAMREPLY, nicks, '*', "*", "")
}
}
func ircHandleNAMES(msg *message, c *client) {
if len(msg.params) > 1 && !isThisMe(msg.params[1]) {
c.sendReply(ERR_NOSUCHSERVER, msg.params[1])
return
}
if len(msg.params) == 0 {
usedNicks := make(map[string]bool)
for _, ch := range channels {
if _, present := ch.userModes[c]; present ||
0 == ch.modes&(ircChanModePrivate|ircChanModeSecret) {
ircSendRPLNAMREPLY(c, ch, usedNicks)
}
}
// Also send all visible users we haven't listed yet.
ircSendDisassociatedNames(c, usedNicks)
c.sendReply(RPL_ENDOFNAMES, "*")
} else {
for _, target := range splitString(msg.params[0], ",", true) {
if ch := channels[ircToCanon(target)]; ch == nil {
} else if _, present := ch.userModes[c]; present ||
0 == ch.modes&ircChanModeSecret {
ircSendRPLNAMREPLY(c, ch, nil)
c.sendReply(RPL_ENDOFNAMES, target)
}
}
}
}
func ircSendRPLWHOREPLY(c *client, ch *channel, target *client) {
var chars []byte
if target.awayMessage != "" {
chars = append(chars, 'G')
} else {
chars = append(chars, 'H')
}
if 0 != target.mode&ircUserModeOperator {
chars = append(chars, '*')
}
channelName := "*"
if ch != nil {
channelName = ch.name
if modes, present := ch.userModes[target]; present {
chars = ircAppendPrefixes(c, modes, chars)
}
}
c.sendReply(RPL_WHOREPLY, channelName,
target.username, target.hostname, serverName,
target.nickname, string(chars), 0 /* hop count */, target.realname)
}
func ircMatchSendRPLWHOREPLY(c, target *client, mask string) {
isRoommate := false
for _, ch := range channels {
_, presentClient := ch.userModes[c]
_, presentTarget := ch.userModes[target]
if presentClient && presentTarget {
isRoommate = true
break
}
}
if !isRoommate && 0 != target.mode&ircUserModeInvisible {
return
}
if !ircFnmatch(mask, target.hostname) &&
!ircFnmatch(mask, target.nickname) &&
!ircFnmatch(mask, target.realname) &&
!ircFnmatch(mask, serverName) {
return
}
// Try to find a channel they're on that's visible to us.
var userCh *channel
for _, ch := range channels {
_, presentClient := ch.userModes[c]
_, presentTarget := ch.userModes[target]
if presentTarget && (presentClient ||
0 == ch.modes&(ircChanModePrivate|ircChanModeSecret)) {
userCh = ch
break
}
}
ircSendRPLWHOREPLY(c, userCh, target)
}
func ircHandleWHO(msg *message, c *client) {
onlyOps := len(msg.params) > 1 && msg.params[1] == "o"
shownMask, usedMask := "*", "*"
if len(msg.params) > 0 {
shownMask = msg.params[0]
if shownMask != "0" {
usedMask = shownMask
}
}
if ch := channels[ircToCanon(usedMask)]; ch != nil {
_, present := ch.userModes[c]
if present || 0 == ch.modes&ircChanModeSecret {
for client := range ch.userModes {
if (present || 0 == client.mode&ircUserModeInvisible) &&
(!onlyOps || 0 != client.mode&ircUserModeOperator) {
ircSendRPLWHOREPLY(c, ch, client)
}
}
}
} else {
for _, client := range users {
if !onlyOps || 0 != client.mode&ircUserModeOperator {
ircMatchSendRPLWHOREPLY(c, client, usedMask)
}
}
}
c.sendReply(RPL_ENDOFWHO, shownMask)
}
func ircSendWHOISReply(c, target *client) {
nick := target.nickname
c.sendReply(RPL_WHOISUSER, nick,
target.username, target.hostname, target.realname)
c.sendReply(RPL_WHOISSERVER, nick,
serverName, "TODO server_info from configuration")
if 0 != target.mode&ircUserModeOperator {
c.sendReply(RPL_WHOISOPERATOR, nick)
}
c.sendReply(RPL_WHOISIDLE, nick,
(time.Now().UnixNano()-target.lastActive)/int64(time.Second))
if target.awayMessage != "" {
c.sendReply(RPL_AWAY, nick, target.awayMessage)
}
var chans []string
for _, ch := range channels {
_, presentClient := ch.userModes[c]
modes, presentTarget := ch.userModes[target]
if presentTarget && (presentClient ||
0 == ch.modes&(ircChanModePrivate|ircChanModeSecret)) {
// TODO: Deduplicate, ircAppendPrefixes just also cuts prefixes.
var all []byte
if 0 != modes&ircChanModeOperator {
all = append(all, '@')
}
if 0 != modes&ircChanModeVoice {
all = append(all, '+')
}
chans = append(chans, string(all)+ch.name)
}
}
c.sendReplyVector(RPL_WHOISCHANNELS, chans, nick, "")
c.sendReply(RPL_ENDOFWHOIS, nick)
}
func ircHandleWHOIS(msg *message, c *client) {
if len(msg.params) < 1 {
c.sendReply(ERR_NEEDMOREPARAMS, msg.command)
return
}
if len(msg.params) > 1 && !isThisMe(msg.params[0]) {
c.sendReply(ERR_NOSUCHSERVER, msg.params[0])
return
}
masksStr := msg.params[0]
if len(msg.params) > 1 {
masksStr = msg.params[1]
}
for _, mask := range splitString(masksStr, ",", true /* ignoreEmpty */) {
if strings.IndexAny(mask, "*?") < 0 {
if target := users[ircToCanon(mask)]; target == nil {
c.sendReply(ERR_NOSUCHNICK, mask)
} else {
ircSendWHOISReply(c, target)
}
} else {
found := false
for _, target := range users {
if ircFnmatch(mask, target.nickname) {
ircSendWHOISReply(c, target)
found = true
}
}
if !found {
c.sendReply(ERR_NOSUCHNICK, mask)
}
}
}
}
func ircHandleWHOWAS(msg *message, c *client) {
if len(msg.params) < 1 {
c.sendReply(ERR_NEEDMOREPARAMS, msg.command)
return
}
if len(msg.params) > 2 && !isThisMe(msg.params[2]) {
c.sendReply(ERR_NOSUCHSERVER, msg.params[2])
return
}
// The "count" parameter is ignored, we only store one entry for a nick.
for _, nick := range splitString(msg.params[0], ",", true) {
if info := whowas[ircToCanon(nick)]; info == nil {
c.sendReply(ERR_WASNOSUCHNICK, nick)
} else {
c.sendReply(RPL_WHOWASUSER, nick,
info.username, info.hostname, info.realname)
c.sendReply(RPL_WHOISSERVER, nick,
serverName, "TODO server_info from configuration")
}
c.sendReply(RPL_ENDOFWHOWAS, nick)
}
}
func ircSendRPLTOPIC(c *client, ch *channel) {
if ch.topic == "" {
c.sendReply(RPL_NOTOPIC, ch.name)
} else {
c.sendReply(RPL_TOPIC, ch.name, ch.topic)
c.sendReply(RPL_TOPICWHOTIME,
ch.name, ch.topicWho, ch.topicTime/int64(time.Second))
}
}
func ircHandleTOPIC(msg *message, c *client) {
if len(msg.params) < 1 {
c.sendReply(ERR_NEEDMOREPARAMS, msg.command)
return
}
target := msg.params[0]
ch := channels[ircToCanon(target)]
if ch == nil {
c.sendReply(ERR_NOSUCHCHANNEL, target)
return
}
if len(msg.params) < 2 {
ircSendRPLTOPIC(c, ch)
return
}
modes, present := ch.userModes[c]
if !present {
c.sendReply(ERR_NOTONCHANNEL, target)
return
}
if 0 != ch.modes&ircChanModeProtectedTopic &&
0 == modes&ircChanModeOperator {
c.sendReply(ERR_CHANOPRIVSNEEDED, target)
return
}
ch.topic = msg.params[1]
ch.topicWho = fmt.Sprintf("%s@%s@%s", c.nickname, c.username, c.hostname)
ch.topicTime = time.Now().UnixNano()
message := fmt.Sprintf(":%s!%s@%s TOPIC %s :%s",
c.nickname, c.username, c.hostname, target, ch.topic)
ircChannelMulticast(ch, message, nil)
}
// TODO: All the various real command handlers.
func ircHandleX(msg *message, c *client) {
if len(msg.params) < 1 {
c.sendReply(ERR_NEEDMOREPARAMS, msg.command)
return
}
}
func ircHandleSUMMON(msg *message, c *client) {
c.sendReply(ERR_SUMMONDISABLED)
}
func ircHandleUSERS(msg *message, c *client) {
c.sendReply(ERR_USERSDISABLED)
}
// -----------------------------------------------------------------------------
// TODO: Add an index for IRC_ERR_NOSUCHSERVER validation?
// TODO: Add a minimal parameter count?
// TODO: Add a field for oper-only commands?
var ircHandlers = map[string]*ircCommand{
"CAP": {false, ircHandleCAP, 0, 0},
"PASS": {false, ircHandlePASS, 0, 0},
"NICK": {false, ircHandleNICK, 0, 0},
"USER": {false, ircHandleUSER, 0, 0},
"USERHOST": {true, ircHandleUSERHOST, 0, 0},
"LUSERS": {true, ircHandleLUSERS, 0, 0},
"MOTD": {true, ircHandleMOTD, 0, 0},
"PING": {true, ircHandlePING, 0, 0},
"PONG": {false, ircHandlePONG, 0, 0},
"QUIT": {false, ircHandleQUIT, 0, 0},
"TIME": {true, ircHandleTIME, 0, 0},
"VERSION": {true, ircHandleVERSION, 0, 0},
"USERS": {true, ircHandleUSERS, 0, 0},
"SUMMON": {true, ircHandleSUMMON, 0, 0},
"MODE": {true, ircHandleMODE, 0, 0},
"PRIVMSG": {true, ircHandlePRIVMSG, 0, 0},
"NOTICE": {true, ircHandleNOTICE, 0, 0},
"TOPIC": {true, ircHandleTOPIC, 0, 0},
"LIST": {true, ircHandleLIST, 0, 0},
"NAMES": {true, ircHandleNAMES, 0, 0},
"WHO": {true, ircHandleWHO, 0, 0},
"WHOIS": {true, ircHandleWHOIS, 0, 0},
"WHOWAS": {true, ircHandleWHOWAS, 0, 0},
}
func ircProcessMessage(c *client, msg *message, raw string) {
if c.closing {
return
}
c.nReceivedMessages++
c.receivedBytes += len(raw) + 2
if !c.antiflood.check() {
c.closeLink("Excess flood")
return
}
if cmd, ok := ircHandlers[ircToCanon(msg.command)]; !ok {
c.sendReply(ERR_UNKNOWNCOMMAND, msg.command)
} else {
cmd.nReceived++
cmd.bytesReceived += len(raw) + 2
if cmd.requiresRegistration && !c.registered {
c.sendReply(ERR_NOTREGISTERED)
} else {
cmd.handler(msg, c)
}
}
}
// --- ? -----------------------------------------------------------------------
// Handle the results from initializing the client's connection.
func (c *client) onPrepared(host string, isTLS bool) {
if isTLS {
c.tls = tls.Server(c.transport, tlsConf)
c.conn = c.tls
} else {
c.conn = c.transport.(connCloseWrite)
}
c.hostname = host
c.address = net.JoinHostPort(host, c.port)
// TODO: If we've tried to send any data before now, we need to flushSendQ.
go read(c)
c.reading = true
}
// Handle the results from trying to read from the client connection.
func (c *client) onRead(data []byte, readErr error) {
if !c.reading {
// Abusing the flag to emulate CloseRead and skip over data, see below.
return
}
c.recvQ = append(c.recvQ, data...)
for {
// XXX: This accepts even simple LF newlines, even though they're not
// really allowed by the protocol.
advance, token, _ := bufio.ScanLines(c.recvQ, false /* atEOF */)
if advance == 0 {
break
}
c.recvQ = c.recvQ[advance:]
line := string(token)
log.Printf("-> %s\n", line)
m := reMsg.FindStringSubmatch(line)
if m == nil {
log.Println("error: invalid line")
continue
}
msg := message{m[1], m[2], m[3], m[4], nil}
for _, x := range reArgs.FindAllString(m[5], -1) {
msg.params = append(msg.params, x[1:])
}
// XXX: And since it accepts LF, we miscalculate receivedBytes within.
ircProcessMessage(c, &msg, line)
}
if readErr != nil {
c.reading = false
if readErr != io.EOF {
log.Println(readErr)
c.kill(readErr.Error())
} else if c.closing {
// Disregarding whether a clean shutdown has happened or not.
log.Println("client finished shutdown")
c.kill("TODO")
} else {
log.Println("client EOF")
c.closeLink("")
}
} else if len(c.recvQ) > 8192 {
log.Println("client recvQ overrun")
c.closeLink("recvQ overrun")
// tls.Conn doesn't have the CloseRead method (and it needs to be able
// to read from the TCP connection even for writes, so there isn't much
// sense in expecting the implementation to do anything useful),
// otherwise we'd use it to block incoming packet data.
c.reading = false
}
}
// Spawn a goroutine to flush the sendQ if possible and necessary.
func (c *client) flushSendQ() {
if !c.writing && c.conn != nil {
go write(c, c.sendQ)
c.writing = true
}
}
// Handle the results from trying to write to the client connection.
func (c *client) onWrite(written int, writeErr error) {
c.sendQ = c.sendQ[written:]
c.writing = false
if writeErr != nil {
log.Println(writeErr)
c.kill(writeErr.Error())
} else if len(c.sendQ) > 0 {
c.flushSendQ()
} else if c.closing {
if c.reading {
c.conn.CloseWrite()
} else {
c.kill("TODO")
}
}
}
// --- Worker goroutines -------------------------------------------------------
func accept(ln net.Listener) {
for {
if conn, err := ln.Accept(); err != nil {
// TODO: Consider specific cases in error handling, some errors
// are transitional while others are fatal.
log.Println(err)
break
} else {
conns <- conn
}
}
}
func prepare(client *client) {
conn := client.transport
host, _, err := net.SplitHostPort(conn.RemoteAddr().String())
if err != nil {
// In effect, we require TCP/UDP, as they have port numbers.
log.Fatalln(err)
}
// The Cgo resolver doesn't pthread_cancel getnameinfo threads, so not
// bothering with pointless contexts.
ch := make(chan string, 1)
go func() {
defer close(ch)
if names, err := net.LookupAddr(host); err != nil {
log.Println(err)
} else {
ch <- names[0]
}
}()
// While we can't cancel it, we still want to set a timeout on it.
select {
case <-time.After(5 * time.Second):
case resolved, ok := <-ch:
if ok {
host = resolved
}
}
// Note that in this demo application the autodetection prevents non-TLS
// clients from receiving any messages until they send something.
isTLS := false
if sysconn, err := conn.(syscall.Conn).SyscallConn(); err != nil {
// This is just for the TLS detection and doesn't need to be fatal.
log.Println(err)
} else {
isTLS = detectTLS(sysconn)
}
// FIXME: When the client sends no data, we still initialize its conn.
prepared <- preparedEvent{client, host, isTLS}
}
func read(client *client) {
// A new buffer is allocated each time we receive some bytes, because of
// thread-safety. Therefore the buffer shouldn't be too large, or we'd
// need to copy it each time into a precisely sized new buffer.
var err error
for err == nil {
var (
buf [512]byte
n int
)
n, err = client.conn.Read(buf[:])
reads <- readEvent{client, buf[:n], err}
}
}
// Flush sendQ, which is passed by parameter so that there are no data races.
func write(client *client, data []byte) {
// We just write as much as we can, the main goroutine does the looping.
n, err := client.conn.Write(data)
writes <- writeEvent{client, n, err}
}
// --- Main --------------------------------------------------------------------
func processOneEvent() {
select {
case <-sigs:
if quitting {
forceQuit("requested by user")
} else {
initiateQuit()
}
case <-quitTimer:
forceQuit("timeout")
case conn := <-conns:
log.Println("accepted client connection")
// In effect, we require TCP/UDP, as they have port numbers.
address := conn.RemoteAddr().String()
host, port, err := net.SplitHostPort(address)
if err != nil {
log.Fatalln(err)
}
c := &client{
transport: conn,
address: address,
hostname: host,
port: port,
}
clients[c] = true
go prepare(c)
case ev := <-prepared:
log.Println("client is ready:", ev.host)
if _, ok := clients[ev.client]; ok {
ev.client.onPrepared(ev.host, ev.isTLS)
}
case ev := <-reads:
log.Println("received data from client")
if _, ok := clients[ev.client]; ok {
ev.client.onRead(ev.data, ev.err)
}
case ev := <-writes:
log.Println("sent data to client")
if _, ok := clients[ev.client]; ok {
ev.client.onWrite(ev.written, ev.err)
}
case c := <-timeouts:
if _, ok := clients[c]; ok {
log.Println("client timeouted")
c.kill("TODO")
}
}
}
func main() {
flag.BoolVar(&debugMode, "debug", false, "debug mode")
version := flag.Bool("version", false, "show version and exit")
flag.Parse()
if *version {
fmt.Printf("%s %s\n", projectName, projectVersion)
return
}
// TODO: Configuration--create an INI parser, probably.
if len(flag.Args()) != 3 {
log.Fatalf("usage: %s KEY CERT ADDRESS\n", os.Args[0])
}
cert, err := tls.LoadX509KeyPair(flag.Arg(1), flag.Arg(0))
if err != nil {
log.Fatalln(err)
}
tlsConf = &tls.Config{
Certificates: []tls.Certificate{cert},
ClientAuth: tls.RequestClientCert,
SessionTicketsDisabled: true,
}
listener, err = net.Listen("tcp", flag.Arg(2))
if err != nil {
log.Fatalln(err)
}
go accept(listener)
signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM)
for !quitting || len(clients) > 0 {
processOneEvent()
}
}