1 |
use Coro; |
2 |
use Coro::Semaphore; |
3 |
use Coro::Event; |
4 |
use Coro::Socket; |
5 |
|
6 |
no utf8; |
7 |
use bytes; |
8 |
|
9 |
# at least on my machine, this thingy serves files |
10 |
# quite a bit faster than apache, ;) |
11 |
# and quite a bit slower than thttpd :( |
12 |
|
13 |
$SIG{PIPE} = 'IGNORE'; |
14 |
|
15 |
sub slog { |
16 |
my $level = shift; |
17 |
my $format = shift; |
18 |
printf "---: $format\n", @_; |
19 |
} |
20 |
|
21 |
my $connections = new Coro::Semaphore $MAX_CONNECTS; |
22 |
|
23 |
my @newcons; |
24 |
my @pool; |
25 |
|
26 |
# one "execution thread" |
27 |
sub handler { |
28 |
while () { |
29 |
my $new = pop @newcons; |
30 |
if ($new) { |
31 |
eval { |
32 |
conn->new(@$new)->handle; |
33 |
}; |
34 |
slog 1, "$@" if $@ && !ref $@; |
35 |
$connections->up; |
36 |
} else { |
37 |
last if @pool >= $MAX_POOL; |
38 |
push @pool, $Coro::current; |
39 |
schedule; |
40 |
} |
41 |
} |
42 |
} |
43 |
|
44 |
my $http_port = new Coro::Socket |
45 |
LocalAddr => $SERVER_HOST, |
46 |
LocalPort => $SERVER_PORT, |
47 |
ReuseAddr => 1, |
48 |
Listen => 50, |
49 |
or die "unable to start server"; |
50 |
|
51 |
push @listen_sockets, $http_port; |
52 |
|
53 |
# the "main thread" |
54 |
async { |
55 |
slog 1, "accepting connections"; |
56 |
while () { |
57 |
$connections->down; |
58 |
push @newcons, [$http_port->accept]; |
59 |
#slog 3, "accepted @$connections ".scalar(@pool); |
60 |
$::NOW = time; |
61 |
if (@pool) { |
62 |
(pop @pool)->ready; |
63 |
} else { |
64 |
async \&handler; |
65 |
} |
66 |
|
67 |
} |
68 |
}; |
69 |
|
70 |
package conn; |
71 |
|
72 |
use Socket; |
73 |
use HTTP::Date; |
74 |
use Convert::Scalar 'weaken'; |
75 |
|
76 |
our %conn; # $conn{ip}{fh} => connobj |
77 |
our %blocked; |
78 |
our %mimetype; |
79 |
|
80 |
sub read_mimetypes { |
81 |
local *M; |
82 |
if (open M, "<mime_types") { |
83 |
while (<M>) { |
84 |
if (/^([^#]\S+)\t+(\S+)$/) { |
85 |
$mimetype{lc $1} = $2; |
86 |
} |
87 |
} |
88 |
} else { |
89 |
print "cannot open mime_types\n"; |
90 |
} |
91 |
} |
92 |
|
93 |
read_mimetypes; |
94 |
|
95 |
sub new { |
96 |
my $class = shift; |
97 |
my $peername = shift; |
98 |
my $fh = shift; |
99 |
my $self = bless { fh => $fh }, $class; |
100 |
my (undef, $iaddr) = unpack_sockaddr_in $peername |
101 |
or $self->err(500, "unable to decode peername"); |
102 |
|
103 |
$self->{remote_addr} = inet_ntoa $iaddr; |
104 |
$self->{time} = $::NOW; |
105 |
|
106 |
# enter ourselves into various lists |
107 |
weaken ($conn{$self->{remote_addr}}{$self*1} = $self); |
108 |
|
109 |
$::conns++; |
110 |
|
111 |
$self; |
112 |
} |
113 |
|
114 |
sub DESTROY { |
115 |
my $self = shift; |
116 |
|
117 |
$::conns--; |
118 |
|
119 |
delete $conn{$self->{remote_addr}}{$self*1}; |
120 |
delete $uri{$self->{remote_addr}}{$self->{uri}}{$self*1}; |
121 |
} |
122 |
|
123 |
sub slog { |
124 |
my $self = shift; |
125 |
main::slog($_[0], "$self->{remote_addr}> $_[1]"); |
126 |
} |
127 |
|
128 |
sub response { |
129 |
my ($self, $code, $msg, $hdr, $content) = @_; |
130 |
my $res = "HTTP/1.0 $code $msg\015\012"; |
131 |
|
132 |
$res .= "Connection: close\015\012"; |
133 |
$res .= "Date: ".(time2str $::NOW)."\015\012"; # slow? nah. :( |
134 |
|
135 |
while (my ($h, $v) = each %$hdr) { |
136 |
$res .= "$h: $v\015\012" |
137 |
} |
138 |
$res .= "\015\012"; |
139 |
|
140 |
$res .= $content if defined $content and $self->{method} ne "HEAD"; |
141 |
|
142 |
print STDERR "$self->{remote_addr} \"$self->{uri}\" $code ".$hdr->{"Content-Length"}." \"$self->{h}{referer}\"\n";#d# |
143 |
|
144 |
$self->{written} += |
145 |
print {$self->{fh}} $res; |
146 |
} |
147 |
|
148 |
sub err { |
149 |
my $self = shift; |
150 |
my ($code, $msg, $hdr, $content) = @_; |
151 |
|
152 |
unless (defined $content) { |
153 |
$content = "$code $msg"; |
154 |
$hdr->{"Content-Type"} = "text/plain"; |
155 |
$hdr->{"Content-Length"} = length $content; |
156 |
} |
157 |
|
158 |
$self->response($code, $msg, $hdr, $content); |
159 |
|
160 |
die bless {}, err::; |
161 |
} |
162 |
|
163 |
sub err_blocked { |
164 |
my $self = shift; |
165 |
my $ip = $self->{remote_addr}; |
166 |
my $time = time2str $blocked{$ip} = $::NOW + $::BLOCKTIME; |
167 |
|
168 |
$self->err(403, "too many connections", |
169 |
{ |
170 |
"Content-Type" => "text/html", |
171 |
"Retry-After" => $::BLOCKTIME |
172 |
}, |
173 |
<<EOF); |
174 |
<html><p> |
175 |
You have been blocked because you opened too many connections. You |
176 |
may retry at</p> |
177 |
|
178 |
<p><blockquote>$time.</blockquote></p> |
179 |
|
180 |
<p>Until then, each new access will renew the block. You might want to have a |
181 |
look at the <a href="http://www.goof.com/pcg/marc/animefaq.html">FAQ</a>.</p> |
182 |
</html> |
183 |
EOF |
184 |
} |
185 |
|
186 |
sub handle { |
187 |
my $self = shift; |
188 |
my $fh = $self->{fh}; |
189 |
|
190 |
#while() { |
191 |
$self->{h} = {}; |
192 |
|
193 |
# read request and parse first line |
194 |
$fh->timeout($::REQ_TIMEOUT); |
195 |
my $req = $fh->readline("\015\012\015\012"); |
196 |
$fh->timeout($::RES_TIMEOUT); |
197 |
|
198 |
defined $req or |
199 |
$self->err(408, "request timeout"); |
200 |
|
201 |
my $ip = $self->{remote_addr}; |
202 |
|
203 |
if ($blocked{$ip}) { |
204 |
$self->err_blocked($blocked{$ip}) |
205 |
if $blocked{$ip} > $::NOW; |
206 |
|
207 |
delete $blocked{$ip}; |
208 |
} |
209 |
|
210 |
if (%{$conn{$ip}} > $::MAX_CONN_IP) { |
211 |
$self->slog(2, "blocked ip $ip"); |
212 |
$self->err_blocked; |
213 |
} |
214 |
|
215 |
$req =~ /^(?:\015\012)? |
216 |
(GET|HEAD) \040+ |
217 |
([^\040]+) \040+ |
218 |
HTTP\/([0-9]+\.[0-9]+) |
219 |
\015\012/gx |
220 |
or $self->err(403, "method not allowed", { Allow => "GET,HEAD" }); |
221 |
|
222 |
$2 ne "1.0" |
223 |
or $self->err(506, "http protocol version not supported"); |
224 |
|
225 |
$self->{method} = $1; |
226 |
$self->{uri} = $2; |
227 |
|
228 |
# parse headers |
229 |
{ |
230 |
my (%hdr, $h, $v); |
231 |
|
232 |
$hdr{lc $1} .= ",$2" |
233 |
while $req =~ /\G |
234 |
([^:\000-\040]+): |
235 |
[\008\040]* |
236 |
((?: [^\015\012]+ | \015\012[\008\040] )*) |
237 |
\015\012 |
238 |
/gxc; |
239 |
|
240 |
$req =~ /\G\015\012$/ |
241 |
or $self->err(400, "bad request"); |
242 |
|
243 |
$self->{h}{$h} = substr $v, 1 |
244 |
while ($h, $v) = each %hdr; |
245 |
} |
246 |
|
247 |
$self->{server_port} = $self->{h}{host} =~ s/:([0-9]+)$// ? $1 : 80; |
248 |
|
249 |
weaken ($uri{$self->{remote_addr}}{$self->{uri}}{$self*1} = $self); |
250 |
|
251 |
$self->map_uri; |
252 |
$self->respond; |
253 |
#} |
254 |
} |
255 |
|
256 |
# uri => path mapping |
257 |
sub map_uri { |
258 |
my $self = shift; |
259 |
my $host = $self->{h}{host} || "default"; |
260 |
my $uri = $self->{uri}; |
261 |
|
262 |
# some massaging, also makes it more secure |
263 |
$uri =~ s/%([0-9a-fA-F][0-9a-fA-F])/chr hex $1/ge; |
264 |
$uri =~ s%//+%/%g; |
265 |
$uri =~ s%/\.(?=/|$)%%g; |
266 |
1 while $uri =~ s%/[^/]+/\.\.(?=/|$)%%; |
267 |
|
268 |
$uri =~ m%^/?\.\.(?=/|$)% |
269 |
and $self->err(400, "bad request"); |
270 |
|
271 |
$self->{name} = $uri; |
272 |
|
273 |
# now do the path mapping |
274 |
$self->{path} = "$::DOCROOT/$host$uri"; |
275 |
|
276 |
$self->access_check; |
277 |
} |
278 |
|
279 |
sub server_address { |
280 |
my $self = shift; |
281 |
my ($port, $iaddr) = unpack_sockaddr_in $self->{fh}->getsockname |
282 |
or $self->err(500, "unable to get socket name"); |
283 |
((inet_ntoa $iaddr), $port); |
284 |
} |
285 |
|
286 |
sub server_host { |
287 |
my $self = shift; |
288 |
if (exists $self->{h}{host}) { |
289 |
return $self->{h}{host}; |
290 |
} else { |
291 |
return (($self->server_address)[0]); |
292 |
} |
293 |
} |
294 |
|
295 |
sub server_hostport { |
296 |
my $self = shift; |
297 |
my ($host, $port); |
298 |
if (exists $self->{h}{host}) { |
299 |
($host, $port) = ($self->{h}{host}, $self->{server_port}); |
300 |
} else { |
301 |
($host, $port) = $self->server_address; |
302 |
} |
303 |
$port = $port == 80 ? "" : ":$port"; |
304 |
$host.$port; |
305 |
} |
306 |
|
307 |
sub _cgi { |
308 |
my $self = shift; |
309 |
my $path = shift; |
310 |
my $fh; |
311 |
|
312 |
# no two-way xxx supported |
313 |
if (0 == fork) { |
314 |
open STDOUT, ">&".fileno($self->{fh}); |
315 |
if (chdir $::DOCROOT) { |
316 |
$ENV{SERVER_SOFTWARE} = "thttpd-myhttpd"; # we are thttpd-alike |
317 |
$ENV{HTTP_HOST} = $self->server_host; |
318 |
$ENV{HTTP_PORT} = $self->{server_host}; |
319 |
$ENV{SCRIPT_NAME} = $self->{name}; |
320 |
exec $path; |
321 |
} |
322 |
Coro::State::_exit(0); |
323 |
} else { |
324 |
} |
325 |
} |
326 |
|
327 |
sub respond { |
328 |
my $self = shift; |
329 |
my $path = $self->{path}; |
330 |
|
331 |
stat $path |
332 |
or $self->err(404, "not found"); |
333 |
|
334 |
$self->{stat} = [stat _]; |
335 |
|
336 |
# idiotic netscape sends idiotic headers AGAIN |
337 |
my $ims = $self->{h}{"if-modified-since"} =~ /^([^;]+)/ |
338 |
? str2time $1 : 0; |
339 |
|
340 |
if (-d _ && -r _) { |
341 |
# directory |
342 |
if ($path !~ /\/$/) { |
343 |
# create a redirect to get the trailing "/" |
344 |
my $host = $self->server_hostport; |
345 |
$self->err(301, "moved permanently", { Location => "http://$host$self->{uri}/" }); |
346 |
} else { |
347 |
$ims < $self->{stat}[9] |
348 |
or $self->err(304, "not modified"); |
349 |
|
350 |
if ($self->{method} eq "GET") { |
351 |
if (-r "$path/index.html") { |
352 |
$self->{path} .= "/index.html"; |
353 |
$self->handle_file; |
354 |
} else { |
355 |
$self->handle_dir; |
356 |
} |
357 |
} |
358 |
} |
359 |
} elsif (-f _ && -r _) { |
360 |
-x _ and $self->err(403, "forbidden"); |
361 |
$self->handle_file; |
362 |
} else { |
363 |
$self->err(404, "not found"); |
364 |
} |
365 |
} |
366 |
|
367 |
sub handle_dir { |
368 |
my $self = shift; |
369 |
my $idx = $self->diridx; |
370 |
|
371 |
$self->response(200, "ok", |
372 |
{ |
373 |
"Content-Type" => "text/html", |
374 |
"Content-Length" => length $idx, |
375 |
}, |
376 |
$idx); |
377 |
} |
378 |
|
379 |
sub handle_file { |
380 |
my $self = shift; |
381 |
my $length = -s _; |
382 |
my $hdr = { |
383 |
"Last-Modified" => time2str ((stat _)[9]), |
384 |
}; |
385 |
|
386 |
my @code = (200, "ok"); |
387 |
my ($l, $h); |
388 |
|
389 |
if ($self->{h}{range} =~ /^bytes=(.*)$/) { |
390 |
for (split /,/, $1) { |
391 |
if (/^-(\d+)$/) { |
392 |
($l, $h) = ($length - $1, $length - 1); |
393 |
} elsif (/^(\d+)-(\d*)$/) { |
394 |
($l, $h) = ($1, ($2 ne "" || $2 >= $length) ? $2 : $length - 1); |
395 |
} else { |
396 |
($l, $h) = (0, $length - 1); |
397 |
goto ignore; |
398 |
} |
399 |
goto satisfiable if $l >= 0 && $l < $length && $h >= 0 && $h > $l; |
400 |
} |
401 |
$hdr->{"Content-Range"} = "bytes */$length"; |
402 |
$self->err(416, "not satisfiable", $hdr); |
403 |
|
404 |
satisfiable: |
405 |
# check for segmented downloads |
406 |
if ($l && $::NO_SEGMENTED) { |
407 |
if (%{$uri{$self->{remote_addr}}{$self->{uri}}} > 1) { |
408 |
$self->err(400, "segmented downloads are not allowed"); |
409 |
} |
410 |
} |
411 |
|
412 |
$hdr->{"Content-Range"} = "bytes $l-$h/$length"; |
413 |
@code = (206, "partial content"); |
414 |
$length = $h - $l + 1; |
415 |
|
416 |
ignore: |
417 |
} else { |
418 |
($l, $h) = (0, $length - 1); |
419 |
} |
420 |
|
421 |
$self->{path} =~ /\.([^.]+)$/; |
422 |
$hdr->{"Content-Type"} = $mimetype{lc $1} || "application/octet-stream"; |
423 |
$hdr->{"Content-Length"} = $length; |
424 |
|
425 |
$self->response(@code, $hdr, ""); |
426 |
|
427 |
if ($self->{method} eq "GET") { |
428 |
my ($fh, $buf); |
429 |
open $fh, "<", $self->{path} |
430 |
or die "$self->{path}: late open failure ($!)"; |
431 |
|
432 |
if ($l) { |
433 |
sysseek $fh, $l, 0 |
434 |
or die "$self->{path}: cannot seek to $l ($!)"; |
435 |
} |
436 |
|
437 |
$h -= $l - 1; |
438 |
|
439 |
while ($h > 0) { |
440 |
$h -= sysread $fh, $buf, $h > $::BUFSIZE ? $::BUFSIZE : $h; |
441 |
my $w = $self->{fh}->syswrite($buf) |
442 |
or last; |
443 |
$::written += $w; |
444 |
$self->{written} += $w; |
445 |
} |
446 |
} |
447 |
|
448 |
close $fh; |
449 |
} |
450 |
|
451 |
1; |