Commit graph

466 commits

Author SHA1 Message Date
996356832e Define TLS API, update HttpClient to support optional TLS.
Also added a LibreSSL TLS implementation. Client is verified to work;
server has not been tested yet.
2023-03-22 00:41:21 +00:00
2a92d0de7e Fix bit flag check. 2023-03-22 00:11:24 +00:00
4a27f50538 Remove calls to pledge(), unveil(), and chroot().
Not only does this make us more POSIX, it actually makes things a lot
easier because TLS implementations will need to be able to access the
trusted certificates file, which most likely will not live in the
data directory.
2023-03-20 19:23:37 +00:00
6c9e939b9f Fix broken IoVprintf().
You can't call vsnprintf() on the same va_list more than once! I learned
this the hard way with StreamVprintf().
2023-03-18 14:55:04 +00:00
5289c16e2b Convert all code to new Stream API.
Also made a number of improvmements to tt, making it compatible with more
shells.
2023-03-18 14:32:09 +00:00
a97a593f21 Format code. 2023-03-16 16:53:18 +00:00
27b3b6cdc6 Add StreamPuts(), don't make StreamVprintf() defer to IoVprintf(). 2023-03-16 16:51:41 +00:00
8539a03d5b Add StreamFile() convenience method. 2023-03-16 16:25:24 +00:00
e0a3760a37 Don't buffer in IoWrite(), indicate that fwrite() returns size_t, not ssize_t. 2023-03-16 14:17:04 +00:00
6ee1857f5f Format source code. 2023-03-16 12:29:38 +00:00
7d9770fc12 Add some convenience functions for working with Io and Stream.
Also broke out IoFd into it's own file, and did the same with IoFile.
2023-03-16 12:28:55 +00:00
65f4c90df3 Rename HttpStream() to HttpServerStream() to match HttpClientStream() 2023-03-16 02:17:48 +00:00
ab4755240a Add IoCopy() and StreamCopy()
Both do buffered reads and writes, but IoCopy() uses IoRead() and
IoWrite() directly, whereas StreamCopy() relies on StreamGetc() and
StreamPutc(), which manipulate the stream buffers.
2023-03-15 17:14:16 +00:00
92da3542a6 Move low-level fopencookie()/funopen() functionality to Io API.
The Stream API now provides the buffered I/O functionality analogous to
the C standard library.
2023-03-15 16:47:34 +00:00
5dbaf3c223 Apply #65, remove printf() in Db, and make tt show login messages. 2023-03-15 13:36:49 +00:00
afc7667737 Begin prototyping Stream API. 2023-03-15 02:40:23 +00:00
ae97d8116c Apply #64: Registration tokens. 2023-03-14 00:37:24 +00:00
76bfa120ee Fix CPU pin if clients don't shutdown() their socket properly.
If we haven't read any bytes yet, then we try a few times a few ms apart
to see if we get anything. If not, treat it as an EOF. Otherwise, read
bytes until we get an EOF or EAGAIN. EAGAIN after a consistent read of
bytes is treaded as an EOF immediately.
2023-03-12 15:08:50 +00:00
62cd1cdc98 Misc changes. 2023-03-12 03:37:57 +00:00
7fa982a16f Fix bug in Uia 2023-03-12 03:36:40 +00:00
3037f12907 Add tt and http-debug-server tools. 2023-03-10 18:48:52 +00:00
2d9b706f38 Fix I/O in JsonConsumeWhitespace() and UtilStreamCopy().
These functions previously operated on the assumption that fgetc() would
block; however it will not block on HttpServer streams because those are
non-blocking. They now check error conditions properly before failing
prematurely.
2023-03-10 18:46:03 +00:00
8ead9cc93a Apply #63, make some general bug fixes. 2023-03-10 03:24:04 +00:00
3af2d3d12b Format code, update TODO items. 2023-03-09 03:35:40 +00:00
ca053a12b1 Break out main() into Main.c, fix some compile warnings on Cygwin. 2023-03-09 02:46:04 +00:00
76413f834e Make json use ^ for removing fields, instead of !
Room IDs start with '!', we want to be able to access these.
2023-03-08 22:47:07 +00:00
7b22fb02a2 Implement pretty-printing option in Json.
Telodendria itself doesn't use it, but the json CLI tool does.
2023-03-08 17:15:43 +00:00
8d75d8a023 Add simple HTTP CLI tool that uses the HttpClient API.
You might be asking why I would just write a simple curl replacement
when curl does the job just fine. Well, the most immediate reason is
to test the HttpClient API, but since Telodendria's goal is to not
be dependent on any third-party code if at all possible, it makes
sense to have a simple HTTP client to use not only for testing
Telodendria, but also for configuring it. When we move the
configuration to the database, we'll ship a script that uses this
tool to allow admins to easily submit API requests.

Do not be concerned that HttpClient does not support TLS yet. TLS
support is necessary for federation to work, so it is coming
eventually.
2023-03-08 03:30:36 +00:00
7e144ae488 Clean up a few bugs in HttpClient and Uri 2023-03-08 02:53:47 +00:00
3e42da279c Make improvements to HttpClient, add Uri 2023-03-08 01:54:33 +00:00
313f0e2e73 Add HttpClient API 2023-03-07 23:10:06 +00:00
04bf8ca1a1 Document Uia API. 2023-03-07 00:28:52 +00:00
f1e565ef7b Update Json man page. 2023-03-06 22:21:56 +00:00
0ac21d430a Document User API 2023-03-06 22:09:57 +00:00
0cbdb5f615 Multi-stage flows should theoretically work now. 2023-03-04 01:53:33 +00:00
e4ec250d8f Apply modified #57: Implement logout all. 2023-03-03 22:49:37 +00:00
5d590df83d Remove DB_MIN_CACHE because that's dumb.
You should be able to totally disable the cache if you so please. This
should ensure Telodendria uses less memory on constrained systems.
2023-03-03 14:26:10 +00:00
1770789333 Fix leak in DbList() 2023-03-03 03:11:49 +00:00
676d6f4c61 Basic formatting. 2023-03-02 22:32:47 +00:00
d899a836b6 Apply #54 2023-03-02 22:06:33 +00:00
f4838f8211 Remove non-standard use of d_type 2023-03-02 02:53:43 +00:00
d6f96757bc Apply #52: d_namlen is non-standard. 2023-03-01 21:39:22 +00:00
7a951c980f Cleanup old user interactive auth sessions. 2023-03-01 19:52:44 +00:00
8c4e6aa594 Implement DbList() 2023-03-01 19:33:25 +00:00
ce6d483135 Implement static login page. 2023-03-01 19:03:42 +00:00
e7d1c0d951 Cross-platform code improvements. 2023-03-01 01:55:26 +00:00
334a711b02 Fix compile error. 2023-03-01 01:23:52 +00:00
2747660473 Add a TODO in Uia 2023-02-28 18:48:43 +00:00
63634407d4 Update TODO.txt, add stub functions in Db. 2023-02-28 18:44:02 +00:00
16c31b63d7 Begin work on static login page. 2023-02-28 17:52:09 +00:00
36169181dd Build basic framework for creating static pages.
The login fallback, as well as the user-interactive authentication
fallbacks, are static HTML pages.
2023-02-28 16:51:40 +00:00
fae9eb4473 Implement password-based user interactive authentication. 2023-02-28 15:17:11 +00:00
e2806bc810 Add UserIdParse() and UserIdFree() functions.
The spec says that a username can be either just the localpart, or a
localpart and a server. This commit now ensures that the login endpoint
actually handles usernames properly by calling the proper parsing
functions.
2023-02-28 13:44:34 +00:00
6ce6cb4525 Implement flow handling in Uia API.
This commit should fix user interactive authentication for dummy flows,
but I still have to implement a few more flows, including passwords and
refresh token. I also have to fix the cleanup logic: when do we purge
UIA sessions?
2023-02-27 15:39:12 +00:00
7703405c70 Fix bugs in Json API. 2023-02-26 15:07:46 +00:00
adea499813 Add UiaFlowsFree() function, and clean up some memory issues. 2023-02-24 14:40:21 +00:00
d517b66316 Also delete refrsh token if present for device. 2023-02-24 01:06:02 +00:00
b60cac53e5 Make JsonValueString() call StrDuplicate(); refactor code to behave properly. 2023-02-24 00:17:56 +00:00
8c96fd8d7d Begin the great StrDuplicate() refactor. 2023-02-23 23:19:23 +00:00
b99e8bd1cd Apply modified #50 and fix some misc. bugs. 2023-02-23 15:13:39 +00:00
9e9b5c9cda Fix a write-out-of-bounds error in Json. 2023-02-23 03:46:05 +00:00
3bbff5379f [WIP] Replace UserInteractiveAuth with a new Uia API.
Uia is a lot less characters to type. Do note that this API is far from
complete and this commit breaks user interactive authentication entirely.
2023-02-19 14:58:56 +00:00
fa88fc3323 Format source code. 2023-02-17 03:23:25 +00:00
ff879e715f Finish implementing token refresh.
This implementation just keeps the refresh token and only updates the
access token. The spec says that this is allowed. There's really no
reason to do this, other than the fact that it's easier.
2023-02-17 03:20:49 +00:00
4b336de171 Build out the User API a bit more. 2023-02-17 03:18:24 +00:00
46fe667988 Add HashMapGetKey() so we can free bucket keys before deleting them. 2023-02-17 03:14:43 +00:00
feb11de6b0 Fix some compile warnings. I'll get back to this eventually. 2023-02-16 18:51:10 +00:00
72405a94f6 Add JsonGet(), JsonSet(), and JsonCreate() for convenience. 2023-02-16 18:49:19 +00:00
d255ce1a21 Begin working on refresh route. 2023-02-16 17:22:59 +00:00
c78dc3bd31 Fix a memory bug in StrRandom() with RandIntN().
We're storing integers in this buffer, so we have to allocate enough
memory for them. An integer is usually more than one byte.
2023-02-16 13:10:09 +00:00
38438c297e Looks like Matrix v1.6 is out. 2023-02-16 02:09:57 +00:00
85380efa3c [#48] Fix bug in MatrixGetAccessToken() 2023-02-16 01:33:46 +00:00
6a593ab8a0 [#48] Add Rand API and make StrRandom() use it. 2023-02-16 00:31:13 +00:00
f7d581538d Begin documenting Str. 2023-02-14 11:56:22 +00:00
5fef788053 Begin documenting User API 2023-02-12 02:31:14 +00:00
2443c91bba Fix bug in HashMap that would allow iterating over deleted values. 2023-02-11 00:15:49 +00:00
8b8873103d Handle standard library quirks of non-conforming systems and compilers. 2023-02-05 14:20:12 +00:00
dc972385ea Don't shadow variables. 2023-02-05 14:19:07 +00:00
5b77236e82 Fix -v option 2023-01-17 21:38:39 +00:00
e0f7c133d1 Add a non-JSON landing page. This is the basis for other HTML pages. 2023-01-17 20:29:16 +00:00
b0b2f11158 Refactor endpoint authentication flow.
Instead of one MatrixAuthenticate() function, we'll do
MatrixGetAccessToken(), and then UserAuthenticate(). This allows us to
give different error messages depending on what the user provided and what
the server state is.
2023-01-17 01:36:22 +00:00
1e02971a7e Implement login route. 2023-01-17 00:02:50 +00:00
cc95c10f44 Move client well-known generation to MatrixClientWellKnown() function.
We'll be using this for client login.
2023-01-16 22:02:08 +00:00
121682c006 Implement user login. 2023-01-16 21:17:44 +00:00
bd88c01c26 Don't read the timestamp after it's freed. 2023-01-16 03:57:01 +00:00
c0309c1ea8 Fix memory leak when log timestamp is not set in the config. 2023-01-16 03:21:59 +00:00
a4364dbb68 Fix use after free. 2023-01-10 00:38:47 +00:00
599fa1a740 Document MemoryHexDump() and DbExists() 2023-01-09 21:39:59 +00:00
b8ce4c9239 Lock database in DbExists() to prevent race conditions. 2023-01-09 19:25:49 +00:00
c5bce0b14f Apply #43 with modifications. 2023-01-09 19:22:09 +00:00
1421c478fd Fix bug where malformed requests cause Db locks that are never unlocked. 2023-01-09 19:16:12 +00:00
90a74c3b0a Don't accept connections if the connection queue is full. 2023-01-09 17:44:12 +00:00
1d9ed5dcbf Fix invalid read in HttpParamDecode(). 2023-01-09 15:48:56 +00:00
9358264add Fix some invalid write errors. 2023-01-09 15:18:59 +00:00
30c3690287 Renamed String.h to Str.h because Windows is dumb. 2023-01-08 04:38:06 +00:00
56105c8a61 Fix logic error 2023-01-07 18:24:16 +00:00
f365f94389 Define User struct. 2023-01-07 16:15:11 +00:00
08b36c071c Begin prototyping User.h 2023-01-07 15:51:56 +00:00
0f661f435f Whoops, forgot to update the header. 2023-01-07 04:40:12 +00:00
0a29aa7f5a Move string related functions to a new String API.
I think we have accumulated enough string functions that they should
have their own API. This shortens the function names a bit too.
2023-01-07 04:33:32 +00:00
2ce09f8632 Convert UtilStringConcat() into a varargs function.
This allows us to concatenate an arbitrary amount of strings without
having to maintain a bunch of pointers or leak memory when nesting calls.
2023-01-07 03:17:06 +00:00
8323eb38c9 Make UtilRandomString() more secure.
Two ways this is more secure:

1. The seed is only generated once, not every time the function is called.
2. All threads share the same seed, which means timing attacks aren't
   possible.

Because we are using a mutex, performance may suffer slightly.
2023-01-07 00:18:44 +00:00
ea1828e95e Fix warning in RouteRegister.c 2023-01-06 21:54:33 +00:00
7bda319f39 Format code 2023-01-06 21:18:44 +00:00
1282371680 Fix "bad pointer" warnings. 2023-01-06 18:50:31 +00:00
8e2399e648 Fix bug on some platforms that use unsigned characters. 2023-01-02 18:22:04 +00:00
d969f4d053 Fix visual bugs in MemoryHexDump() 2023-01-02 04:12:12 +00:00
5c5aab71d8 Fix bug in UserInteractiveAuth() 2023-01-02 03:56:27 +00:00
e9aebab221 Move hex dump logic to Memory API. 2023-01-01 22:10:23 +00:00
d9d88eb028 Periodically purge old user interactive auth sessions.
Keeping them around is going to take up a lot of storage. If it takes more
than a half hour for a client to complete the auth, make him start over.
2022-12-28 15:52:19 +00:00
fbd7bf5944 Fix memory leak in DbDelete() 2022-12-28 15:44:21 +00:00
1a43ea6470 Fix bugs in Cron 2022-12-26 16:28:58 +00:00
3c8d89a52e Update copyright year 2022-12-26 15:52:52 +00:00
c9e42ff813 Break out UserInteractiveAuth into its own header.
We'll need this because user interactive auth will get complicated and
messy very soon.
2022-12-26 15:48:21 +00:00
4f48f9a5cc Document Cron 2022-12-24 23:07:46 +00:00
c18a9a96e6 Add job scheduler.
This will be used for expiring sessions and tokens, among other things that
need to happen periodically.
2022-12-24 21:49:37 +00:00
be2e267064 Turns out I don't need to do that. 2022-12-24 01:31:22 +00:00
61e9cdbea3 Check INT_WIDTH and LONG_WIDTH... stupid GNU libc. 2022-12-24 01:00:36 +00:00
eeabe93e3f Revert using _POSIX_C_SOURCE.
It didn't fix the issue.
2022-12-24 00:51:49 +00:00
2d1bfd8b74 Define _POSIX_C_SOURCE again. 2022-12-23 22:53:48 +00:00
25dcff06a8 Fix type issues. 2022-12-19 23:25:37 +00:00
72bfa34bcd Fix overflow on some platforms 2022-12-19 22:25:49 +00:00
b8027e1aaf Fix compiler warning on some platforms. 2022-12-19 22:21:24 +00:00
94493e6ad8 Add Sha2 2022-12-19 22:15:41 +00:00
88a11650cf Formatting. 2022-12-19 21:54:01 +00:00
c0bd70a391 Add MatrixUserValidate() and MatrixHistoricalUserValidate() 2022-12-18 20:20:08 +00:00
c15895ae06 Username is technically optional. 2022-12-17 02:12:04 +00:00
70c3d01125 Finish route param and request body validation 2022-12-17 00:08:31 +00:00
f837988156 Begin work on validating registration request. 2022-12-16 22:56:35 +00:00
836b61dc42 Begin implementing a few helper functions 2022-12-16 22:06:01 +00:00
fb06d17b16 Abstract user interactive auth out to function. 2022-12-16 20:08:16 +00:00
7ee31ad36b Copy diagram from scrap paper into code for clarity. 2022-12-15 22:14:16 +00:00
1273d87df9 Finish user interactive logic (still need to abstract it out) 2022-12-15 22:04:30 +00:00
f475cac601 More validation in user-interactive API 2022-12-15 21:47:08 +00:00
7d8cec8185 Persist session IDs for future calls. 2022-12-15 20:41:56 +00:00
449851a67e Format code 2022-12-15 20:31:51 +00:00
bee07d90fc Fix memory leaks in database. 2022-12-15 20:29:19 +00:00
c3618488f2 Hexdump leaked memory to the log for debugging. 2022-12-15 20:18:12 +00:00
cc6ae2dbd3 Prevent directory traversals by replacing dots and slashes. 2022-12-15 16:07:45 +00:00
de6a857ce7 Format code. 2022-12-15 03:43:40 +00:00
4f2f7cd966 Add random string generator 2022-12-15 03:41:59 +00:00
c8cd2cebb7 Implement DbDelete() 2022-12-15 02:39:58 +00:00
abb4a9cf20 More work on registration endpoint. 2022-12-15 01:48:49 +00:00
d48b6fc456 Add username check logic 2022-12-14 21:23:20 +00:00
5080d066ab Remove some debug statements; make route error more specific. 2022-12-14 18:41:01 +00:00
e37e6f1bb8 Fix some memory bugs. 2022-12-14 18:19:20 +00:00
5880cf3ea0 Check paths for /available and /(email|msisdn)/requestToken 2022-12-14 16:21:01 +00:00
0305ef183d Begin work on RouteRegister 2022-12-14 15:40:23 +00:00
e7e25cade5 Fix an instance of setting response headers after they were sent. 2022-12-14 15:02:10 +00:00
708a840ec0 Fix memory leak when attempting to parse something that isn't JSON. 2022-12-14 14:54:06 +00:00
ede060ef59 Add ASCII logo! 2022-12-13 17:09:05 +00:00
aaa97f8752 Format code 2022-12-13 13:24:54 +00:00
e17b64dcb2 Document Routes 2022-12-12 17:34:59 +00:00
e7030ec57a Document Matrix.h 2022-12-12 16:59:13 +00:00
fe2c4de1b6 Remove unused variable. I thought I'd use it but I probably won't. 2022-12-11 00:19:17 +00:00
d56aaa921d Fully abstract route paths, move them to Routes.h. 2022-12-11 00:14:22 +00:00
323dad1f8b Document TelodendriaConfig 2022-12-10 23:34:32 +00:00
152d444e32 Fix /_matrix/client/versions and remove logging in RouteLogin 2022-12-10 16:01:58 +00:00
8acc21db7c Add RouteLogin() 2022-12-10 15:41:33 +00:00
3b636a9d22 Update routing slightly, apply #35 to new RouteLogin 2022-12-10 15:41:19 +00:00
fb5a8e4587 Convert configuration file to JSON 2022-12-09 23:57:30 +00:00
d0c81a8136 Fix potential memory leak if duplicate keys exist in a JSON object. 2022-12-06 21:26:33 +00:00
01a6d71101 Remove Constants.h 2022-11-30 18:30:39 +00:00
5771e615d7 Document CanonicalJson 2022-11-30 18:23:25 +00:00
439e14a410 Format header 2022-11-30 17:59:19 +00:00
5610cafe46 Document Json 2022-11-30 17:54:10 +00:00
6900d0649e Begin working on Util man page 2022-11-25 21:54:57 +00:00
8045c583ba Write man page for Log 2022-11-25 16:40:47 +00:00
70bdf81df7 Fix references to old LOG_ constants 2022-11-24 18:51:07 +00:00
399939654a Fix a few areas where obscure compilers sometimes choke 2022-11-23 17:31:57 +00:00
7544a97c7d Format source code, add .exrc 2022-11-23 14:56:31 +00:00
84f311ae09 Don't make assumptions about where the config file is. 2022-11-23 14:31:05 +00:00
520b062dbb Should probably make sure this succeeds. 2022-11-23 00:44:29 +00:00
b155d0dbe4 ftruncate() technically lives in unistd.h
It should be included to prevent warnings on some compilers.
2022-11-22 22:31:36 +00:00
7f883fc92e Remove debugging statements... whoops!
I'm usually pretty good about this.
2022-11-21 21:09:05 +00:00
973e826e57 Fix bug in floating objects to mostRecent 2022-11-21 21:07:40 +00:00
40e5c1ef2a Fix some bugs in DbCreate() regarding UtilMkdir() 2022-11-21 20:59:22 +00:00
789baf33a1 Make Db interfaces take varargs.
This makes it much more flexible, at the expense of making it a little
more fragile. I can think of a number of scenarios where we'll have
paths that have variables in multiple spots, and I don't want to do
sprintf() magic every time I need to access an object at one of those
paths.
2022-11-21 20:31:37 +00:00
a0304f4062 Move where we open the database 2022-11-21 16:39:38 +00:00
0c6c1e5b19 Notify the user about the minimum max-cache instead of silently setting it. 2022-11-21 16:22:50 +00:00
cd584c1e93 Lock objects on disk if they're locked in memory.
This requires hanging onto an open file handle, and doesn't require
explicit unlocking, because POSIX says files are unlocked when their
descriptors are closed.
2022-11-21 16:13:11 +00:00
0fa2da8177 Don't chroot() on OpenBSD (pledge() causes it to trap here) 2022-11-20 13:19:56 +00:00
07f4ecd2d7 Make a number of improvements to cache handling.
- Items that are too big for the cache are now no longer immediately
  evicted; everything else is. This is probably not desirable, but it is
  not unexpected.
- Multithreading now should work as expected; DbRefs are locked before
  they are updated from the disk, and they are not evicted from the cache
  if they are locked by another thread.
- The cache may be no smaller than 1024 bytes. Previously the caller of
  DbOpen() could choose to disable the cache, and provisions were made in
  the code to support this, but this is now no longer possible because
  without the cache, there would be no way to know what files were open,
  which could lead to a race condition if two threads open the same file.
2022-11-18 22:17:56 +00:00
045c6d8644 Cache eviction 2022-11-18 20:42:08 +00:00
e7ad166877 Fix some memory leaks in Db 2022-11-18 19:36:15 +00:00
f6851de75f Fix a few bugs in JsonDecode(). It should now properly decode objects. 2022-11-18 14:51:44 +00:00
2e6c129263 Fix a mutex bug in Db and some memory errors in Json 2022-11-17 23:51:45 +00:00
d26fad4619 Add UtilMkdir() to recursively make directories 2022-11-17 22:57:29 +00:00
9597894356 Fix some warnings on GCC.
These aren't really anything to be concerned about, but making GCC feel good
about my code makes me feel better about my code.
2022-11-17 19:33:59 +00:00
46cc1df385 Do some Db work 2022-11-15 18:20:05 +00:00
a356403cfd Finish DbComputeSize() 2022-11-12 18:26:31 +00:00
8e71cc833c Change behavior of "id" configuration directive. 2022-11-08 17:53:01 +00:00
efbbf42a6e Fix memory and connection closing errors. 2022-11-08 01:05:28 +00:00
37ee7700f4 Start writing a function to compute the in-memory size of an object. 2022-11-06 00:47:17 +00:00
0a4c9f3751 Apply part of #32 (Thanks LDA <lda@devhonk.tk) 2022-11-05 01:29:20 +00:00
84abff7fb8 Tune the memory table size a little bit.
No idea if this hurts or helps, actually, but now we have a tunable
constant, instead of a magic number.
2022-11-02 16:46:22 +00:00
a8beded518 Fix occasional "Bad Request" response by waiting for data to be sent.
This also makes UtilGetDelim() and UtilGetLine() thread safe in that it
isn't setting a global errno. Of course, errno should be thread safe
already, but this makes it much less ambiguous.
2022-11-02 16:21:03 +00:00
92cc2206a1 Fix a few things to make Telodendria compile and run on Cygwin. 2022-11-02 15:20:37 +00:00
6992f36c86 Fix segfault in fclose() on Linux. 2022-11-02 00:35:05 +00:00
5af229a86e Apply #31 2022-11-02 00:18:13 +00:00