2020-03-13 17:13:03 +00:00
|
|
|
package soju
|
2020-02-04 09:46:22 +00:00
|
|
|
|
|
|
|
import (
|
2021-10-18 17:15:15 +00:00
|
|
|
"context"
|
2021-10-29 14:18:34 +00:00
|
|
|
"errors"
|
2020-02-04 09:46:22 +00:00
|
|
|
"fmt"
|
2021-10-29 14:18:34 +00:00
|
|
|
"io"
|
2020-02-07 10:36:42 +00:00
|
|
|
"log"
|
2021-03-18 11:08:25 +00:00
|
|
|
"mime"
|
2020-02-04 09:46:22 +00:00
|
|
|
"net"
|
2020-04-23 20:25:43 +00:00
|
|
|
"net/http"
|
2021-11-15 20:40:17 +00:00
|
|
|
"runtime/debug"
|
2020-02-06 20:30:44 +00:00
|
|
|
"sync"
|
2020-04-23 20:25:43 +00:00
|
|
|
"sync/atomic"
|
2020-02-18 16:26:17 +00:00
|
|
|
"time"
|
2020-02-04 09:46:22 +00:00
|
|
|
|
2021-11-27 10:48:10 +00:00
|
|
|
"github.com/SherClockHolmes/webpush-go"
|
2021-11-15 18:25:32 +00:00
|
|
|
"github.com/prometheus/client_golang/prometheus"
|
2021-11-15 19:36:14 +00:00
|
|
|
"github.com/prometheus/client_golang/prometheus/promauto"
|
2022-11-14 11:06:58 +00:00
|
|
|
"gopkg.in/irc.v4"
|
2020-04-23 20:25:43 +00:00
|
|
|
"nhooyr.io/websocket"
|
2020-07-22 15:03:01 +00:00
|
|
|
|
2022-09-11 13:45:28 +00:00
|
|
|
"git.sr.ht/~emersion/soju/auth"
|
2020-07-22 15:03:01 +00:00
|
|
|
"git.sr.ht/~emersion/soju/config"
|
2022-05-09 10:34:43 +00:00
|
|
|
"git.sr.ht/~emersion/soju/database"
|
2022-05-09 14:36:54 +00:00
|
|
|
"git.sr.ht/~emersion/soju/identd"
|
2020-02-04 09:46:22 +00:00
|
|
|
)
|
2023-01-20 14:51:09 +00:00
|
|
|
|
2023-08-26 19:39:34 +00:00
|
|
|
var (
|
|
|
|
retryConnectMinDelay = time.Minute
|
|
|
|
retryConnectMaxDelay = 10 * time.Minute
|
|
|
|
retryConnectJitter = time.Minute
|
|
|
|
connectTimeout = 15 * time.Second
|
|
|
|
writeTimeout = 10 * time.Second
|
|
|
|
upstreamMessageDelay = 2 * time.Second
|
|
|
|
upstreamMessageBurst = 10
|
|
|
|
backlogTimeout = 10 * time.Second
|
|
|
|
handleDownstreamMessageTimeout = 10 * time.Second
|
|
|
|
downstreamRegisterTimeout = 30 * time.Second
|
|
|
|
webpushCheckSubscriptionDelay = 24 * time.Hour
|
|
|
|
webpushPruneSubscriptionDelay = 30 * 24 * time.Hour
|
|
|
|
chatHistoryLimit = 1000
|
|
|
|
backlogLimit = 4000
|
|
|
|
)
|
2020-02-18 16:26:17 +00:00
|
|
|
|
2021-11-27 10:48:10 +00:00
|
|
|
var errWebPushSubscriptionExpired = fmt.Errorf("Web Push subscription expired")
|
|
|
|
|
2020-02-06 14:50:46 +00:00
|
|
|
type Logger interface {
|
|
|
|
Printf(format string, v ...interface{})
|
2021-12-06 17:35:49 +00:00
|
|
|
Debugf(format string, v ...interface{})
|
|
|
|
}
|
|
|
|
|
|
|
|
type logger struct {
|
|
|
|
*log.Logger
|
|
|
|
debug bool
|
|
|
|
}
|
|
|
|
|
|
|
|
func (l logger) Debugf(format string, v ...interface{}) {
|
|
|
|
if !l.debug {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
l.Logger.Printf(format, v...)
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewLogger(out io.Writer, debug bool) Logger {
|
|
|
|
return logger{
|
2022-08-02 08:09:36 +00:00
|
|
|
Logger: log.New(out, "", log.LstdFlags),
|
2021-12-06 17:35:49 +00:00
|
|
|
debug: debug,
|
|
|
|
}
|
2020-02-06 14:50:46 +00:00
|
|
|
}
|
|
|
|
|
2020-02-06 19:25:37 +00:00
|
|
|
type prefixLogger struct {
|
|
|
|
logger Logger
|
|
|
|
prefix string
|
|
|
|
}
|
|
|
|
|
|
|
|
var _ Logger = (*prefixLogger)(nil)
|
|
|
|
|
|
|
|
func (l *prefixLogger) Printf(format string, v ...interface{}) {
|
|
|
|
v = append([]interface{}{l.prefix}, v...)
|
|
|
|
l.logger.Printf("%v"+format, v...)
|
|
|
|
}
|
|
|
|
|
2021-12-06 17:35:49 +00:00
|
|
|
func (l *prefixLogger) Debugf(format string, v ...interface{}) {
|
|
|
|
v = append([]interface{}{l.prefix}, v...)
|
|
|
|
l.logger.Debugf("%v"+format, v...)
|
|
|
|
}
|
|
|
|
|
2021-11-15 19:48:00 +00:00
|
|
|
type int64Gauge struct {
|
|
|
|
v int64 // atomic
|
|
|
|
}
|
|
|
|
|
|
|
|
func (g *int64Gauge) Add(delta int64) {
|
|
|
|
atomic.AddInt64(&g.v, delta)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (g *int64Gauge) Value() int64 {
|
|
|
|
return atomic.LoadInt64(&g.v)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (g *int64Gauge) Float64() float64 {
|
|
|
|
return float64(g.Value())
|
|
|
|
}
|
|
|
|
|
2022-01-19 21:35:46 +00:00
|
|
|
type retryListener struct {
|
|
|
|
net.Listener
|
|
|
|
Logger Logger
|
|
|
|
|
|
|
|
delay time.Duration
|
|
|
|
}
|
|
|
|
|
2022-05-09 14:36:54 +00:00
|
|
|
func NewRetryListener(ln net.Listener) net.Listener {
|
|
|
|
return &retryListener{Listener: ln}
|
|
|
|
}
|
|
|
|
|
2022-01-19 21:35:46 +00:00
|
|
|
func (ln *retryListener) Accept() (net.Conn, error) {
|
|
|
|
for {
|
|
|
|
conn, err := ln.Listener.Accept()
|
|
|
|
if ne, ok := err.(net.Error); ok && ne.Temporary() {
|
|
|
|
if ln.delay == 0 {
|
|
|
|
ln.delay = 5 * time.Millisecond
|
|
|
|
} else {
|
|
|
|
ln.delay *= 2
|
|
|
|
}
|
|
|
|
if max := 1 * time.Second; ln.delay > max {
|
|
|
|
ln.delay = max
|
|
|
|
}
|
|
|
|
if ln.Logger != nil {
|
|
|
|
ln.Logger.Printf("accept error (retrying in %v): %v", ln.delay, err)
|
|
|
|
}
|
|
|
|
time.Sleep(ln.delay)
|
|
|
|
} else {
|
|
|
|
ln.delay = 0
|
|
|
|
return conn, err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-11-15 23:38:04 +00:00
|
|
|
type Config struct {
|
2023-01-26 15:57:07 +00:00
|
|
|
Hostname string
|
|
|
|
Title string
|
2023-05-23 09:23:38 +00:00
|
|
|
MsgStoreDriver string
|
|
|
|
MsgStorePath string
|
2023-01-26 15:57:07 +00:00
|
|
|
HTTPOrigins []string
|
|
|
|
AcceptProxyIPs config.IPSet
|
|
|
|
MaxUserNetworks int
|
|
|
|
MOTD string
|
|
|
|
UpstreamUserIPs []*net.IPNet
|
|
|
|
DisableInactiveUsersDelay time.Duration
|
2023-01-26 18:51:35 +00:00
|
|
|
EnableUsersOnAuth bool
|
2022-10-14 08:44:32 +00:00
|
|
|
Auth auth.Authenticator
|
2021-11-15 23:38:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type Server struct {
|
2021-11-15 18:25:32 +00:00
|
|
|
Logger Logger
|
2022-05-09 14:36:54 +00:00
|
|
|
Identd *identd.Identd // can be nil
|
2021-11-15 18:25:32 +00:00
|
|
|
MetricsRegistry prometheus.Registerer // can be nil
|
2020-03-04 17:22:58 +00:00
|
|
|
|
2021-11-15 19:48:00 +00:00
|
|
|
config atomic.Value // *Config
|
2022-05-09 10:34:43 +00:00
|
|
|
db database.Database
|
2021-11-15 19:48:00 +00:00
|
|
|
stopWG sync.WaitGroup
|
2023-01-26 15:57:07 +00:00
|
|
|
stopCh chan struct{}
|
2020-02-06 20:11:35 +00:00
|
|
|
|
2021-02-09 16:34:46 +00:00
|
|
|
lock sync.Mutex
|
|
|
|
listeners map[net.Listener]struct{}
|
|
|
|
users map[string]*user
|
2022-09-18 19:37:45 +00:00
|
|
|
shutdown bool
|
2021-11-15 19:48:00 +00:00
|
|
|
|
|
|
|
metrics struct {
|
|
|
|
downstreams int64Gauge
|
2021-11-15 19:58:36 +00:00
|
|
|
upstreams int64Gauge
|
2021-11-15 20:11:23 +00:00
|
|
|
|
|
|
|
upstreamOutMessagesTotal prometheus.Counter
|
|
|
|
upstreamInMessagesTotal prometheus.Counter
|
|
|
|
downstreamOutMessagesTotal prometheus.Counter
|
|
|
|
downstreamInMessagesTotal prometheus.Counter
|
2021-12-02 10:15:51 +00:00
|
|
|
|
|
|
|
upstreamConnectErrorsTotal prometheus.Counter
|
2023-06-02 09:02:23 +00:00
|
|
|
workerPanicsTotal prometheus.Counter
|
2021-11-15 19:48:00 +00:00
|
|
|
}
|
2021-11-27 10:48:10 +00:00
|
|
|
|
|
|
|
webPush *database.WebPushConfig
|
2020-02-07 10:36:42 +00:00
|
|
|
}
|
|
|
|
|
2022-05-09 10:34:43 +00:00
|
|
|
func NewServer(db database.Database) *Server {
|
2021-10-13 08:58:34 +00:00
|
|
|
srv := &Server{
|
2021-12-06 17:35:49 +00:00
|
|
|
Logger: NewLogger(log.Writer(), true),
|
2021-11-15 23:38:04 +00:00
|
|
|
db: db,
|
|
|
|
listeners: make(map[net.Listener]struct{}),
|
|
|
|
users: make(map[string]*user),
|
2023-01-26 15:57:07 +00:00
|
|
|
stopCh: make(chan struct{}),
|
2020-02-07 10:36:42 +00:00
|
|
|
}
|
2021-11-17 10:41:11 +00:00
|
|
|
srv.config.Store(&Config{
|
|
|
|
Hostname: "localhost",
|
|
|
|
MaxUserNetworks: -1,
|
2022-09-11 13:45:28 +00:00
|
|
|
Auth: auth.NewInternal(),
|
2021-11-17 10:41:11 +00:00
|
|
|
})
|
2021-10-13 08:58:34 +00:00
|
|
|
return srv
|
2020-02-04 17:56:07 +00:00
|
|
|
}
|
2020-02-04 09:46:22 +00:00
|
|
|
|
2020-02-04 17:56:07 +00:00
|
|
|
func (s *Server) prefix() *irc.Prefix {
|
2021-11-15 23:38:04 +00:00
|
|
|
return &irc.Prefix{Name: s.Config().Hostname}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Server) Config() *Config {
|
|
|
|
return s.config.Load().(*Config)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Server) SetConfig(cfg *Config) {
|
|
|
|
s.config.Store(cfg)
|
2020-02-04 17:56:07 +00:00
|
|
|
}
|
2020-02-04 10:25:53 +00:00
|
|
|
|
2021-02-09 16:34:46 +00:00
|
|
|
func (s *Server) Start() error {
|
2021-11-15 19:36:14 +00:00
|
|
|
s.registerMetrics()
|
|
|
|
|
2021-11-27 10:48:10 +00:00
|
|
|
if err := s.loadWebPushConfig(context.TODO()); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2021-10-18 17:15:15 +00:00
|
|
|
users, err := s.db.ListUsers(context.TODO())
|
2020-03-04 17:22:58 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
2020-03-03 14:26:19 +00:00
|
|
|
}
|
2020-02-07 10:36:42 +00:00
|
|
|
|
|
|
|
s.lock.Lock()
|
2020-08-07 13:31:07 +00:00
|
|
|
for i := range users {
|
|
|
|
s.addUserLocked(&users[i])
|
2020-02-06 15:03:07 +00:00
|
|
|
}
|
2020-03-04 17:22:58 +00:00
|
|
|
s.lock.Unlock()
|
|
|
|
|
2023-01-26 15:57:07 +00:00
|
|
|
s.stopWG.Add(1)
|
|
|
|
go func() {
|
|
|
|
defer s.stopWG.Done()
|
|
|
|
s.disableInactiveUsersLoop()
|
|
|
|
}()
|
|
|
|
|
2021-02-09 16:34:46 +00:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2021-11-15 19:36:14 +00:00
|
|
|
func (s *Server) registerMetrics() {
|
|
|
|
factory := promauto.With(s.MetricsRegistry)
|
|
|
|
|
|
|
|
factory.NewGaugeFunc(prometheus.GaugeOpts{
|
|
|
|
Name: "soju_users_active",
|
|
|
|
Help: "Current number of active users",
|
|
|
|
}, func() float64 {
|
|
|
|
s.lock.Lock()
|
|
|
|
n := len(s.users)
|
|
|
|
s.lock.Unlock()
|
|
|
|
return float64(n)
|
|
|
|
})
|
|
|
|
|
|
|
|
factory.NewGaugeFunc(prometheus.GaugeOpts{
|
|
|
|
Name: "soju_downstreams_active",
|
|
|
|
Help: "Current number of downstream connections",
|
2021-11-15 19:48:00 +00:00
|
|
|
}, s.metrics.downstreams.Float64)
|
2021-11-15 19:58:36 +00:00
|
|
|
|
|
|
|
factory.NewGaugeFunc(prometheus.GaugeOpts{
|
|
|
|
Name: "soju_upstreams_active",
|
|
|
|
Help: "Current number of upstream connections",
|
|
|
|
}, s.metrics.upstreams.Float64)
|
2021-11-15 20:11:23 +00:00
|
|
|
|
|
|
|
s.metrics.upstreamOutMessagesTotal = factory.NewCounter(prometheus.CounterOpts{
|
|
|
|
Name: "soju_upstream_out_messages_total",
|
|
|
|
Help: "Total number of outgoing messages sent to upstream servers",
|
|
|
|
})
|
|
|
|
|
|
|
|
s.metrics.upstreamInMessagesTotal = factory.NewCounter(prometheus.CounterOpts{
|
|
|
|
Name: "soju_upstream_in_messages_total",
|
|
|
|
Help: "Total number of incoming messages received from upstream servers",
|
|
|
|
})
|
|
|
|
|
|
|
|
s.metrics.downstreamOutMessagesTotal = factory.NewCounter(prometheus.CounterOpts{
|
|
|
|
Name: "soju_downstream_out_messages_total",
|
|
|
|
Help: "Total number of outgoing messages sent to downstream clients",
|
|
|
|
})
|
|
|
|
|
|
|
|
s.metrics.downstreamInMessagesTotal = factory.NewCounter(prometheus.CounterOpts{
|
|
|
|
Name: "soju_downstream_in_messages_total",
|
|
|
|
Help: "Total number of incoming messages received from downstream clients",
|
|
|
|
})
|
2021-12-02 10:15:51 +00:00
|
|
|
|
|
|
|
s.metrics.upstreamConnectErrorsTotal = factory.NewCounter(prometheus.CounterOpts{
|
|
|
|
Name: "soju_upstream_connect_errors_total",
|
|
|
|
Help: "Total number of upstream connection errors",
|
|
|
|
})
|
2023-06-02 09:02:23 +00:00
|
|
|
|
|
|
|
s.metrics.workerPanicsTotal = factory.NewCounter(prometheus.CounterOpts{
|
|
|
|
Name: "soju_worker_panics_total",
|
|
|
|
Help: "Total number of panics in worker goroutines",
|
|
|
|
})
|
2021-11-15 19:36:14 +00:00
|
|
|
}
|
|
|
|
|
2021-11-27 10:48:10 +00:00
|
|
|
func (s *Server) loadWebPushConfig(ctx context.Context) error {
|
|
|
|
configs, err := s.db.ListWebPushConfigs(ctx)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("failed to list Web push configs: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(configs) > 1 {
|
|
|
|
return fmt.Errorf("expected zero or one Web push config, got %v", len(configs))
|
|
|
|
} else if len(configs) == 1 {
|
|
|
|
s.webPush = &configs[0]
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
s.Logger.Printf("generating Web push VAPID key pair")
|
|
|
|
priv, pub, err := webpush.GenerateVAPIDKeys()
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("failed to generate Web push VAPID key pair: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
config := new(database.WebPushConfig)
|
|
|
|
config.VAPIDKeys.Public = pub
|
|
|
|
config.VAPIDKeys.Private = priv
|
|
|
|
if err := s.db.StoreWebPushConfig(ctx, config); err != nil {
|
|
|
|
return fmt.Errorf("failed to store Web push config: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
s.webPush = config
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Server) sendWebPush(ctx context.Context, sub *webpush.Subscription, vapidPubKey string, msg *irc.Message) error {
|
|
|
|
ctx, cancel := context.WithTimeout(ctx, 15*time.Second)
|
|
|
|
defer cancel()
|
|
|
|
|
2022-08-17 14:04:11 +00:00
|
|
|
var urgency webpush.Urgency
|
|
|
|
switch msg.Command {
|
|
|
|
case "PRIVMSG", "NOTICE", "INVITE":
|
|
|
|
urgency = webpush.UrgencyHigh
|
|
|
|
default:
|
|
|
|
urgency = webpush.UrgencyNormal
|
|
|
|
}
|
|
|
|
|
2021-11-27 10:48:10 +00:00
|
|
|
options := webpush.Options{
|
2023-03-16 22:31:39 +00:00
|
|
|
HTTPClient: &http.Client{
|
|
|
|
Transport: userAgentHTTPTransport("soju"),
|
|
|
|
},
|
2021-11-27 10:48:10 +00:00
|
|
|
VAPIDPublicKey: s.webPush.VAPIDKeys.Public,
|
|
|
|
VAPIDPrivateKey: s.webPush.VAPIDKeys.Private,
|
|
|
|
Subscriber: "https://soju.im",
|
|
|
|
TTL: 7 * 24 * 60 * 60, // seconds
|
2022-08-17 14:04:11 +00:00
|
|
|
Urgency: urgency,
|
2021-11-27 10:48:10 +00:00
|
|
|
RecordSize: 2048,
|
|
|
|
}
|
|
|
|
|
|
|
|
if vapidPubKey != options.VAPIDPublicKey {
|
|
|
|
return fmt.Errorf("unknown VAPID public key %q", vapidPubKey)
|
|
|
|
}
|
|
|
|
|
|
|
|
payload := []byte(msg.String())
|
|
|
|
resp, err := webpush.SendNotificationWithContext(ctx, payload, sub, &options)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
resp.Body.Close()
|
|
|
|
|
|
|
|
// 404 means the subscription has expired as per RFC 8030 section 7.3
|
|
|
|
if resp.StatusCode == http.StatusNotFound {
|
|
|
|
return errWebPushSubscriptionExpired
|
|
|
|
} else if resp.StatusCode/100 != 2 {
|
|
|
|
return fmt.Errorf("HTTP error: %v", resp.Status)
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2021-02-09 16:34:46 +00:00
|
|
|
func (s *Server) Shutdown() {
|
2022-09-18 19:43:31 +00:00
|
|
|
s.Logger.Printf("shutting down server")
|
|
|
|
|
2023-01-26 15:57:07 +00:00
|
|
|
close(s.stopCh)
|
|
|
|
|
2021-02-09 16:34:46 +00:00
|
|
|
s.lock.Lock()
|
2022-09-18 19:37:45 +00:00
|
|
|
s.shutdown = true
|
2021-02-09 16:34:46 +00:00
|
|
|
for ln := range s.listeners {
|
|
|
|
if err := ln.Close(); err != nil {
|
|
|
|
s.Logger.Printf("failed to stop listener: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
for _, u := range s.users {
|
|
|
|
u.events <- eventStop{}
|
|
|
|
}
|
|
|
|
s.lock.Unlock()
|
|
|
|
|
2022-09-18 19:43:31 +00:00
|
|
|
s.Logger.Printf("waiting for users to finish")
|
2021-02-09 16:34:46 +00:00
|
|
|
s.stopWG.Wait()
|
2021-10-05 09:53:38 +00:00
|
|
|
|
|
|
|
if err := s.db.Close(); err != nil {
|
|
|
|
s.Logger.Printf("failed to close DB: %v", err)
|
|
|
|
}
|
2020-02-06 15:03:07 +00:00
|
|
|
}
|
|
|
|
|
2022-05-09 10:34:43 +00:00
|
|
|
func (s *Server) createUser(ctx context.Context, user *database.User) (*user, error) {
|
2020-06-06 23:30:27 +00:00
|
|
|
s.lock.Lock()
|
|
|
|
defer s.lock.Unlock()
|
|
|
|
|
|
|
|
if _, ok := s.users[user.Username]; ok {
|
|
|
|
return nil, fmt.Errorf("user %q already exists", user.Username)
|
|
|
|
}
|
|
|
|
|
2021-11-08 19:29:14 +00:00
|
|
|
err := s.db.StoreUser(ctx, user)
|
2020-06-06 23:30:27 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("could not create user in db: %v", err)
|
|
|
|
}
|
|
|
|
|
2020-08-07 13:31:07 +00:00
|
|
|
return s.addUserLocked(user), nil
|
2020-06-06 23:30:27 +00:00
|
|
|
}
|
|
|
|
|
2021-06-23 17:21:18 +00:00
|
|
|
func (s *Server) forEachUser(f func(*user)) {
|
|
|
|
s.lock.Lock()
|
|
|
|
for _, u := range s.users {
|
|
|
|
f(u)
|
|
|
|
}
|
|
|
|
s.lock.Unlock()
|
|
|
|
}
|
|
|
|
|
2020-02-07 10:39:56 +00:00
|
|
|
func (s *Server) getUser(name string) *user {
|
|
|
|
s.lock.Lock()
|
|
|
|
u := s.users[name]
|
|
|
|
s.lock.Unlock()
|
|
|
|
return u
|
|
|
|
}
|
|
|
|
|
2022-05-09 10:34:43 +00:00
|
|
|
func (s *Server) addUserLocked(user *database.User) *user {
|
2020-08-07 13:31:07 +00:00
|
|
|
s.Logger.Printf("starting bouncer for user %q", user.Username)
|
|
|
|
u := newUser(s, user)
|
|
|
|
s.users[u.Username] = u
|
|
|
|
|
2021-02-09 16:34:46 +00:00
|
|
|
s.stopWG.Add(1)
|
|
|
|
|
2020-08-07 13:31:07 +00:00
|
|
|
go func() {
|
2021-11-15 20:40:17 +00:00
|
|
|
defer func() {
|
|
|
|
if err := recover(); err != nil {
|
2022-04-04 07:54:48 +00:00
|
|
|
s.Logger.Printf("panic serving user %q: %v\n%v", user.Username, err, string(debug.Stack()))
|
2023-06-02 09:02:23 +00:00
|
|
|
s.metrics.workerPanicsTotal.Inc()
|
2021-11-15 20:40:17 +00:00
|
|
|
}
|
|
|
|
|
2021-12-08 14:00:02 +00:00
|
|
|
s.lock.Lock()
|
|
|
|
delete(s.users, u.Username)
|
|
|
|
s.lock.Unlock()
|
2020-08-07 13:31:07 +00:00
|
|
|
|
2021-12-08 14:00:02 +00:00
|
|
|
s.stopWG.Done()
|
|
|
|
}()
|
2021-02-09 16:34:46 +00:00
|
|
|
|
2021-12-08 14:00:02 +00:00
|
|
|
u.run()
|
2020-08-07 13:31:07 +00:00
|
|
|
}()
|
|
|
|
|
|
|
|
return u
|
|
|
|
}
|
|
|
|
|
2022-04-04 07:59:16 +00:00
|
|
|
var lastDownstreamID uint64
|
2020-04-23 20:25:43 +00:00
|
|
|
|
2023-01-20 14:51:09 +00:00
|
|
|
func (s *Server) Handle(ic ircConn) {
|
2021-11-15 20:40:17 +00:00
|
|
|
defer func() {
|
|
|
|
if err := recover(); err != nil {
|
2022-08-07 20:38:13 +00:00
|
|
|
s.Logger.Printf("panic serving downstream %q: %v\n%v", ic.RemoteAddr(), err, string(debug.Stack()))
|
2021-11-15 20:40:17 +00:00
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
2022-09-18 19:37:45 +00:00
|
|
|
s.lock.Lock()
|
|
|
|
shutdown := s.shutdown
|
|
|
|
s.lock.Unlock()
|
|
|
|
|
2021-11-15 19:48:00 +00:00
|
|
|
s.metrics.downstreams.Add(1)
|
2023-04-05 13:11:36 +00:00
|
|
|
defer s.metrics.downstreams.Add(-1)
|
|
|
|
|
2020-04-23 20:25:43 +00:00
|
|
|
id := atomic.AddUint64(&lastDownstreamID, 1)
|
2020-07-01 15:02:37 +00:00
|
|
|
dc := newDownstreamConn(s, ic, id)
|
2023-04-05 13:11:36 +00:00
|
|
|
defer dc.Close()
|
|
|
|
|
2022-09-18 19:37:45 +00:00
|
|
|
if shutdown {
|
2023-04-06 11:23:20 +00:00
|
|
|
dc.SendMessage(context.TODO(), &irc.Message{
|
2022-09-18 19:37:45 +00:00
|
|
|
Command: "ERROR",
|
|
|
|
Params: []string{"Server is shutting down"},
|
|
|
|
})
|
2023-04-05 13:11:36 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := dc.runUntilRegistered(); err != nil {
|
2021-10-29 14:03:04 +00:00
|
|
|
if !errors.Is(err, io.EOF) {
|
2021-12-06 17:27:36 +00:00
|
|
|
dc.logger.Printf("%v", err)
|
2021-10-29 14:03:04 +00:00
|
|
|
}
|
2023-04-05 13:11:36 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2023-04-05 14:54:55 +00:00
|
|
|
user, err := s.getOrCreateUser(context.TODO(), dc.registration.authUsername)
|
|
|
|
if err != nil {
|
2023-04-06 11:23:20 +00:00
|
|
|
dc.SendMessage(context.TODO(), &irc.Message{
|
2023-04-05 14:54:55 +00:00
|
|
|
Command: "ERROR",
|
|
|
|
Params: []string{"Internal server error"},
|
|
|
|
})
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
user.events <- eventDownstreamConnected{dc}
|
|
|
|
if err := dc.readMessages(user.events); err != nil {
|
2023-04-05 13:11:36 +00:00
|
|
|
dc.logger.Printf("%v", err)
|
2020-04-23 20:25:43 +00:00
|
|
|
}
|
2023-04-05 14:54:55 +00:00
|
|
|
user.events <- eventDownstreamDisconnected{dc}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Server) getOrCreateUser(ctx context.Context, username string) (*user, error) {
|
|
|
|
user := s.getUser(username)
|
|
|
|
if user != nil {
|
|
|
|
return user, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if _, err := s.db.GetUser(ctx, username); err == nil {
|
|
|
|
return nil, fmt.Errorf("user %q exists in the DB but hasn't been loaded by the bouncer -- a restart may help", username)
|
|
|
|
}
|
|
|
|
|
|
|
|
if !s.Config().EnableUsersOnAuth {
|
|
|
|
return nil, fmt.Errorf("cannot find user %q in the DB", username)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Can't find the user in the DB -- try to create it
|
2023-10-31 22:57:35 +00:00
|
|
|
record := database.NewUser(username)
|
|
|
|
user, err := s.createUser(ctx, record)
|
2023-04-05 14:54:55 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("failed to automatically create user %q after successful authentication: %v", username, err)
|
|
|
|
}
|
|
|
|
return user, nil
|
2020-04-23 20:25:43 +00:00
|
|
|
}
|
|
|
|
|
2023-01-20 14:51:09 +00:00
|
|
|
func (s *Server) HandleAdmin(ic ircConn) {
|
|
|
|
defer func() {
|
|
|
|
if err := recover(); err != nil {
|
|
|
|
s.Logger.Printf("panic serving admin client %q: %v\n%v", ic.RemoteAddr(), err, string(debug.Stack()))
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
s.lock.Lock()
|
|
|
|
shutdown := s.shutdown
|
|
|
|
s.lock.Unlock()
|
|
|
|
|
|
|
|
ctx := context.TODO()
|
|
|
|
remoteAddr := ic.RemoteAddr().String()
|
|
|
|
logger := &prefixLogger{s.Logger, fmt.Sprintf("admin %q: ", remoteAddr)}
|
|
|
|
c := newConn(s, ic, &connOptions{Logger: logger})
|
|
|
|
defer c.Close()
|
|
|
|
|
|
|
|
if shutdown {
|
|
|
|
c.SendMessage(ctx, &irc.Message{
|
|
|
|
Command: "ERROR",
|
|
|
|
Params: []string{"Server is shutting down"},
|
|
|
|
})
|
|
|
|
return
|
|
|
|
}
|
|
|
|
for {
|
|
|
|
msg, err := c.ReadMessage()
|
|
|
|
if errors.Is(err, io.EOF) {
|
|
|
|
break
|
|
|
|
} else if err != nil {
|
|
|
|
logger.Printf("failed to read IRC command: %v", err)
|
|
|
|
break
|
|
|
|
}
|
|
|
|
switch msg.Command {
|
|
|
|
case "BOUNCERSERV":
|
|
|
|
if len(msg.Params) < 1 {
|
|
|
|
c.SendMessage(ctx, &irc.Message{
|
|
|
|
Command: irc.ERR_NEEDMOREPARAMS,
|
|
|
|
Params: []string{
|
|
|
|
"*",
|
|
|
|
msg.Command,
|
|
|
|
"Not enough parameters",
|
|
|
|
},
|
|
|
|
})
|
|
|
|
break
|
|
|
|
}
|
|
|
|
err := handleServicePRIVMSG(&serviceContext{
|
|
|
|
Context: ctx,
|
|
|
|
srv: s,
|
|
|
|
admin: true,
|
|
|
|
print: func(text string) {
|
|
|
|
c.SendMessage(ctx, &irc.Message{
|
|
|
|
Prefix: s.prefix(),
|
|
|
|
Command: "PRIVMSG",
|
|
|
|
Params: []string{"*", text},
|
|
|
|
})
|
|
|
|
},
|
|
|
|
}, msg.Params[0])
|
|
|
|
if err != nil {
|
|
|
|
c.SendMessage(ctx, &irc.Message{
|
|
|
|
Prefix: s.prefix(),
|
|
|
|
Command: "FAIL",
|
|
|
|
Params: []string{msg.Command, err.Error()},
|
|
|
|
})
|
|
|
|
} else {
|
|
|
|
c.SendMessage(ctx, &irc.Message{
|
|
|
|
Prefix: s.prefix(),
|
|
|
|
Command: msg.Command,
|
|
|
|
Params: []string{"OK"},
|
|
|
|
})
|
|
|
|
}
|
|
|
|
default:
|
|
|
|
c.SendMessage(ctx, &irc.Message{
|
|
|
|
Prefix: s.prefix(),
|
|
|
|
Command: irc.ERR_UNKNOWNCOMMAND,
|
|
|
|
Params: []string{
|
|
|
|
"*",
|
|
|
|
msg.Command,
|
|
|
|
"Unknown command",
|
|
|
|
},
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Server) Serve(ln net.Listener, handler func(ircConn)) error {
|
2022-01-19 21:35:46 +00:00
|
|
|
ln = &retryListener{
|
|
|
|
Listener: ln,
|
|
|
|
Logger: &prefixLogger{logger: s.Logger, prefix: fmt.Sprintf("listener %v: ", ln.Addr())},
|
|
|
|
}
|
|
|
|
|
2021-02-09 16:34:46 +00:00
|
|
|
s.lock.Lock()
|
|
|
|
s.listeners[ln] = struct{}{}
|
|
|
|
s.lock.Unlock()
|
|
|
|
|
|
|
|
s.stopWG.Add(1)
|
|
|
|
|
|
|
|
defer func() {
|
|
|
|
s.lock.Lock()
|
|
|
|
delete(s.listeners, ln)
|
|
|
|
s.lock.Unlock()
|
|
|
|
|
|
|
|
s.stopWG.Done()
|
|
|
|
}()
|
|
|
|
|
2020-02-04 09:46:22 +00:00
|
|
|
for {
|
2020-04-23 20:25:43 +00:00
|
|
|
conn, err := ln.Accept()
|
2023-02-23 09:32:36 +00:00
|
|
|
if errors.Is(err, net.ErrClosed) {
|
2021-02-09 16:34:46 +00:00
|
|
|
return nil
|
|
|
|
} else if err != nil {
|
2020-02-04 09:46:22 +00:00
|
|
|
return fmt.Errorf("failed to accept connection: %v", err)
|
|
|
|
}
|
|
|
|
|
2023-01-20 14:51:09 +00:00
|
|
|
go handler(newNetIRCConn(conn))
|
2020-04-23 20:25:43 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Server) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
|
|
|
conn, err := websocket.Accept(w, req, &websocket.AcceptOptions{
|
2021-09-28 19:25:06 +00:00
|
|
|
Subprotocols: []string{"text.ircv3.net"}, // non-compliant, fight me
|
2021-11-15 23:38:04 +00:00
|
|
|
OriginPatterns: s.Config().HTTPOrigins,
|
2020-04-23 20:25:43 +00:00
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
s.Logger.Printf("failed to serve HTTP connection: %v", err)
|
|
|
|
return
|
2020-02-04 09:46:22 +00:00
|
|
|
}
|
2020-06-29 16:33:23 +00:00
|
|
|
|
2020-07-22 15:03:01 +00:00
|
|
|
isProxy := false
|
2020-06-29 16:33:23 +00:00
|
|
|
if host, _, err := net.SplitHostPort(req.RemoteAddr); err == nil {
|
|
|
|
if ip := net.ParseIP(host); ip != nil {
|
2021-11-15 23:38:04 +00:00
|
|
|
isProxy = s.Config().AcceptProxyIPs.Contains(ip)
|
2020-06-29 16:33:23 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-03-18 12:22:28 +00:00
|
|
|
// Only trust the Forwarded header field if this is a trusted proxy IP
|
2020-06-29 16:33:23 +00:00
|
|
|
// to prevent users from spoofing the remote address
|
2020-06-29 16:27:43 +00:00
|
|
|
remoteAddr := req.RemoteAddr
|
2021-03-18 11:08:25 +00:00
|
|
|
if isProxy {
|
|
|
|
forwarded := parseForwarded(req.Header)
|
2021-03-18 12:21:38 +00:00
|
|
|
if forwarded["for"] != "" {
|
|
|
|
remoteAddr = forwarded["for"]
|
2021-03-18 11:08:25 +00:00
|
|
|
}
|
2020-06-29 16:27:43 +00:00
|
|
|
}
|
2020-06-29 16:33:23 +00:00
|
|
|
|
2023-01-20 14:51:09 +00:00
|
|
|
s.Handle(newWebsocketIRCConn(conn, remoteAddr))
|
2020-02-04 09:46:22 +00:00
|
|
|
}
|
2021-03-18 11:08:25 +00:00
|
|
|
|
|
|
|
func parseForwarded(h http.Header) map[string]string {
|
|
|
|
forwarded := h.Get("Forwarded")
|
|
|
|
if forwarded == "" {
|
2021-03-18 12:22:28 +00:00
|
|
|
return map[string]string{
|
|
|
|
"for": h.Get("X-Forwarded-For"),
|
|
|
|
"proto": h.Get("X-Forwarded-Proto"),
|
|
|
|
"host": h.Get("X-Forwarded-Host"),
|
|
|
|
}
|
2021-03-18 11:08:25 +00:00
|
|
|
}
|
|
|
|
// Hack to easily parse header parameters
|
|
|
|
_, params, _ := mime.ParseMediaType("hack; " + forwarded)
|
|
|
|
return params
|
|
|
|
}
|
2021-10-05 17:12:25 +00:00
|
|
|
|
|
|
|
type ServerStats struct {
|
|
|
|
Users int
|
|
|
|
Downstreams int64
|
2021-11-15 19:58:36 +00:00
|
|
|
Upstreams int64
|
2021-10-05 17:12:25 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Server) Stats() *ServerStats {
|
|
|
|
var stats ServerStats
|
|
|
|
s.lock.Lock()
|
|
|
|
stats.Users = len(s.users)
|
|
|
|
s.lock.Unlock()
|
2021-11-15 19:48:00 +00:00
|
|
|
stats.Downstreams = s.metrics.downstreams.Value()
|
2021-11-15 19:58:36 +00:00
|
|
|
stats.Upstreams = s.metrics.upstreams.Value()
|
2021-10-05 17:12:25 +00:00
|
|
|
return &stats
|
|
|
|
}
|
2023-01-26 15:57:07 +00:00
|
|
|
|
|
|
|
func (s *Server) disableInactiveUsersLoop() {
|
|
|
|
ticker := time.NewTicker(4 * time.Hour)
|
|
|
|
defer ticker.Stop()
|
|
|
|
|
|
|
|
for {
|
|
|
|
select {
|
|
|
|
case <-s.stopCh:
|
|
|
|
return
|
|
|
|
case <-ticker.C:
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := s.disableInactiveUsers(context.TODO()); err != nil {
|
|
|
|
s.Logger.Printf("failed to disable inactive users: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Server) disableInactiveUsers(ctx context.Context) error {
|
|
|
|
delay := s.Config().DisableInactiveUsersDelay
|
|
|
|
if delay == 0 {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
ctx, cancel := context.WithTimeout(ctx, time.Minute)
|
|
|
|
defer cancel()
|
|
|
|
|
|
|
|
usernames, err := s.db.ListInactiveUsernames(ctx, time.Now().Add(-delay))
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("failed to list inactive users: %v", err)
|
|
|
|
} else if len(usernames) == 0 {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Filter out users with active downstream connections
|
|
|
|
var users []*user
|
|
|
|
s.lock.Lock()
|
|
|
|
for _, username := range usernames {
|
|
|
|
u := s.users[username]
|
|
|
|
if u == nil {
|
|
|
|
// TODO: disable the user in the DB
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
if n := u.numDownstreamConns.Load(); n > 0 {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
users = append(users, u)
|
|
|
|
}
|
|
|
|
s.lock.Unlock()
|
|
|
|
|
|
|
|
if len(users) == 0 {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
s.Logger.Printf("found %v inactive users", len(users))
|
|
|
|
for _, u := range users {
|
|
|
|
done := make(chan error, 1)
|
|
|
|
enabled := false
|
|
|
|
event := eventUserUpdate{
|
|
|
|
enabled: &enabled,
|
|
|
|
done: done,
|
|
|
|
}
|
|
|
|
select {
|
|
|
|
case <-ctx.Done():
|
|
|
|
return ctx.Err()
|
|
|
|
case u.events <- event:
|
|
|
|
// Event was sent, let's wait for the reply
|
|
|
|
}
|
|
|
|
|
|
|
|
select {
|
|
|
|
case <-ctx.Done():
|
|
|
|
return ctx.Err()
|
|
|
|
case err := <-done:
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
} else {
|
|
|
|
s.Logger.Printf("deleted inactive user %q", u.Username)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
2023-03-16 22:31:39 +00:00
|
|
|
|
|
|
|
type userAgentHTTPTransport string
|
|
|
|
|
|
|
|
func (ua userAgentHTTPTransport) RoundTrip(req *http.Request) (*http.Response, error) {
|
|
|
|
req.Header.Set("User-Agent", string(ua))
|
|
|
|
return http.DefaultTransport.RoundTrip(req)
|
|
|
|
}
|