connection.c 45.5 KB
Newer Older
1 2 3 4 5
/* Icecast
 *
 * This program is distributed under the GNU General Public License, version 2.
 * A copy of this license is included with this source.
 *
6
 * Copyright 2000-2004, Jack Moffitt <jack@xiph.org,
7 8 9 10
 *                      Michael Smith <msmith@xiph.org>,
 *                      oddsock <oddsock@xiph.org>,
 *                      Karl Heyes <karl@xiph.org>
 *                      and others (see AUTHORS for details).
Philipp Schafft's avatar
Philipp Schafft committed
11 12
 * Copyright 2011,      Dave 'justdave' Miller <justdave@mozilla.com>,
 * Copyright 2011-2014, Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>,
13 14
 */

15
/* -*- c-basic-offset: 4; indent-tabs-mode: nil; -*- */
16 17 18 19
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

Jack Moffitt's avatar
Jack Moffitt committed
20 21
#include <stdio.h>
#include <stdlib.h>
22
#include <errno.h>
Jack Moffitt's avatar
Jack Moffitt committed
23
#include <string.h>
24 25 26
#ifdef HAVE_POLL
#include <sys/poll.h>
#endif
27
#include <sys/types.h>
28 29

#ifndef _WIN32
Jack Moffitt's avatar
Jack Moffitt committed
30 31
#include <sys/socket.h>
#include <netinet/in.h>
32
#else
33
#include <winsock2.h>
34
#endif
Jack Moffitt's avatar
Jack Moffitt committed
35

36
#include "compat.h"
Jack Moffitt's avatar
Jack Moffitt committed
37

Marvin Scholz's avatar
Marvin Scholz committed
38 39 40 41
#include "common/thread/thread.h"
#include "common/avl/avl.h"
#include "common/net/sock.h"
#include "common/httpp/httpp.h"
Jack Moffitt's avatar
Jack Moffitt committed
42

43
#include "cfgfile.h"
Jack Moffitt's avatar
Jack Moffitt committed
44 45 46 47 48 49 50
#include "global.h"
#include "util.h"
#include "connection.h"
#include "refbuf.h"
#include "client.h"
#include "stats.h"
#include "logging.h"
51
#include "xslt.h"
52
#include "fserve.h"
53
#include "sighandler.h"
54 55

#include "yp.h"
Jack Moffitt's avatar
Jack Moffitt committed
56
#include "source.h"
Michael Smith's avatar
Michael Smith committed
57
#include "format.h"
58
#include "format_mp3.h"
59
#include "admin.h"
Michael Smith's avatar
Michael Smith committed
60
#include "auth.h"
61
#include "matchfile.h"
62
#include "tls.h"
Jack Moffitt's avatar
Jack Moffitt committed
63 64 65

#define CATMODULE "connection"

66 67 68 69 70 71 72 73 74 75 76 77 78 79 80
/* Two different major types of source authentication.
   Shoutcast style is used only by the Shoutcast DSP
   and is a crazy version of HTTP.  It looks like :
     Source Client -> Connects to port + 1
     Source Client -> sends encoder password (plaintext)\r\n
     Icecast -> reads encoder password, if ok, sends OK2\r\n, else disconnects
     Source Client -> reads OK2\r\n, then sends http-type request headers
                      that contain the stream details (icy-name, etc..)
     Icecast -> reads headers, stores them
     Source Client -> starts sending MP3 data
     Source Client -> periodically updates metadata via admin.cgi call

   Icecast auth style uses HTTP and Basic Authorization.
*/

81 82 83 84 85
typedef struct client_queue_tag {
    client_t *client;
    int offset;
    int stream_offset;
    int shoutcast;
86
    char *shoutcast_mount;
87 88
    struct client_queue_tag *next;
} client_queue_t;
Jack Moffitt's avatar
Jack Moffitt committed
89 90

typedef struct _thread_queue_tag {
91 92
    thread_type *thread_id;
    struct _thread_queue_tag *next;
Jack Moffitt's avatar
Jack Moffitt committed
93 94
} thread_queue_t;

95
static spin_t _connection_lock; // protects _current_id, _con_queue, _con_queue_tail
96
static volatile unsigned long _current_id = 0;
Jack Moffitt's avatar
Jack Moffitt committed
97 98
static int _initialized = 0;

99 100
static volatile client_queue_t *_req_queue = NULL, **_req_queue_tail = &_req_queue;
static volatile client_queue_t *_con_queue = NULL, **_con_queue_tail = &_con_queue;
101
static int ssl_ok;
102
static tls_ctx_t *tls_ctx;
103

104
/* filtering client connection based on IP */
105
static matchfile_t *banned_ip, *allowed_ip;
106

107
rwlock_t _source_shutdown_rwlock;
Jack Moffitt's avatar
Jack Moffitt committed
108

109
static void _handle_connection(void);
Jack Moffitt's avatar
Jack Moffitt committed
110 111 112

void connection_initialize(void)
{
Marvin Scholz's avatar
Marvin Scholz committed
113 114
    if (_initialized)
        return;
115

116
    thread_spin_create (&_connection_lock);
117
    thread_mutex_create(&move_clients_mutex);
118
    thread_rwlock_create(&_source_shutdown_rwlock);
119
    thread_cond_create(&global.shutdown_cond);
120 121 122 123
    _req_queue = NULL;
    _req_queue_tail = &_req_queue;
    _con_queue = NULL;
    _con_queue_tail = &_con_queue;
Jack Moffitt's avatar
Jack Moffitt committed
124

125
    _initialized = 1;
Jack Moffitt's avatar
Jack Moffitt committed
126 127 128 129
}

void connection_shutdown(void)
{
Marvin Scholz's avatar
Marvin Scholz committed
130 131
    if (!_initialized)
        return;
132

133
    tls_ctx_unref(tls_ctx);
134 135 136
    matchfile_release(banned_ip);
    matchfile_release(allowed_ip);
 
137
    thread_cond_destroy(&global.shutdown_cond);
138
    thread_rwlock_destroy(&_source_shutdown_rwlock);
139
    thread_spin_destroy (&_connection_lock);
140
    thread_mutex_destroy(&move_clients_mutex);
Jack Moffitt's avatar
Jack Moffitt committed
141

142
    _initialized = 0;
Jack Moffitt's avatar
Jack Moffitt committed
143 144 145 146
}

static unsigned long _next_connection_id(void)
{
147
    unsigned long id;
Jack Moffitt's avatar
Jack Moffitt committed
148

149
    thread_spin_lock(&_connection_lock);
150
    id = _current_id++;
151
    thread_spin_unlock(&_connection_lock);
Jack Moffitt's avatar
Jack Moffitt committed
152

153
    return id;
Jack Moffitt's avatar
Jack Moffitt committed
154 155
}

156 157

#ifdef HAVE_OPENSSL
Marvin Scholz's avatar
Marvin Scholz committed
158
static void get_ssl_certificate(ice_config_t *config)
159
{
160
    config->tls_ok = ssl_ok = 0;
161

162 163 164 165
    tls_ctx_unref(tls_ctx);
    tls_ctx = tls_ctx_new(config->cert_file, config->cert_file, config->cipher_list);
    if (!tls_ctx) {
        ICECAST_LOG_INFO("No TLS capability on any configured ports");
166
        return;
167 168 169
    }

    config->tls_ok = ssl_ok = 1;
170 171 172 173 174 175
}


/* handlers for reading and writing a connection_t when there is ssl
 * configured on the listening port
 */
Marvin Scholz's avatar
Marvin Scholz committed
176
static int connection_read_ssl(connection_t *con, void *buf, size_t len)
177
{
178
    ssize_t bytes = tls_read(con->tls, buf, len);
179

Marvin Scholz's avatar
Marvin Scholz committed
180
    if (bytes < 0) {
181
        if (tls_want_io(con->tls) > 0)
182
            return -1;
183 184 185 186 187
        con->error = 1;
    }
    return bytes;
}

Marvin Scholz's avatar
Marvin Scholz committed
188
static int connection_send_ssl(connection_t *con, const void *buf, size_t len)
189
{
190
    ssize_t bytes = tls_write(con->tls, buf, len);
191

Marvin Scholz's avatar
Marvin Scholz committed
192
    if (bytes < 0) {
193 194
        if (tls_want_io(con->tls) > 0)
            return -1;
195
        con->error = 1;
Marvin Scholz's avatar
Marvin Scholz committed
196
    } else {
197
        con->sent_bytes += bytes;
Marvin Scholz's avatar
Marvin Scholz committed
198
    }
199 200 201 202 203
    return bytes;
}
#else

/* SSL not compiled in, so at least log it */
204
static void get_ssl_certificate(ice_config_t *config)
205 206
{
    ssl_ok = 0;
207 208
    ICECAST_LOG_INFO("No TLS capability. "
                     "Rebuild Icecast with openSSL support to enable this.");
209 210 211 212 213 214 215
}
#endif /* HAVE_OPENSSL */


/* handlers (default) for reading and writing a connection_t, no encrpytion
 * used just straight access to the socket
 */
Marvin Scholz's avatar
Marvin Scholz committed
216
static int connection_read(connection_t *con, void *buf, size_t len)
217
{
Marvin Scholz's avatar
Marvin Scholz committed
218
    int bytes = sock_read_bytes(con->sock, buf, len);
219 220
    if (bytes == 0)
        con->error = 1;
Marvin Scholz's avatar
Marvin Scholz committed
221
    if (bytes == -1 && !sock_recoverable(sock_error()))
222 223 224 225
        con->error = 1;
    return bytes;
}

Marvin Scholz's avatar
Marvin Scholz committed
226
static int connection_send(connection_t *con, const void *buf, size_t len)
227
{
Marvin Scholz's avatar
Marvin Scholz committed
228 229 230
    int bytes = sock_write_bytes(con->sock, buf, len);
    if (bytes < 0) {
        if (!sock_recoverable(sock_error()))
231
            con->error = 1;
Marvin Scholz's avatar
Marvin Scholz committed
232
    } else {
233
        con->sent_bytes += bytes;
Marvin Scholz's avatar
Marvin Scholz committed
234
    }
235 236 237
    return bytes;
}

238 239
connection_t *connection_create (sock_t sock, sock_t serversock, char *ip)
{
240
    connection_t *con;
241
    con = (connection_t *)calloc(1, sizeof(connection_t));
Marvin Scholz's avatar
Marvin Scholz committed
242 243
    if (con) {
        con->sock       = sock;
244
        con->serversock = serversock;
Marvin Scholz's avatar
Marvin Scholz committed
245 246 247 248 249
        con->con_time   = time(NULL);
        con->id         = _next_connection_id();
        con->ip         = ip;
        con->read       = connection_read;
        con->send       = connection_send;
250
    }
Michael Smith's avatar
Michael Smith committed
251

252
    return con;
253 254
}

255 256
/* prepare connection for interacting over a SSL connection
 */
257
void connection_uses_ssl(connection_t *con)
258 259
{
#ifdef HAVE_OPENSSL
260
    if (con->tls)
261 262
        return;

263 264
    con->read = connection_read_ssl;
    con->send = connection_send_ssl;
265 266 267
    con->tls = tls_new(tls_ctx);
    tls_set_incoming(con->tls);
    tls_set_socket(con->tls, con->sock);
268 269 270
#endif
}

271 272 273 274 275
ssize_t connection_read_bytes(connection_t *con, void *buf, size_t len)
{
    return con->read(con, buf, len);
}

276
static sock_t wait_for_serversock(int timeout)
277 278
{
#ifdef HAVE_POLL
279
    struct pollfd ufds [global.server_sockets];
280 281 282 283 284 285 286 287 288 289
    int i, ret;

    for(i=0; i < global.server_sockets; i++) {
        ufds[i].fd = global.serversock[i];
        ufds[i].events = POLLIN;
        ufds[i].revents = 0;
    }

    ret = poll(ufds, global.server_sockets, timeout);
    if(ret < 0) {
290
        return SOCK_ERROR;
Marvin Scholz's avatar
Marvin Scholz committed
291
    } else if(ret == 0) {
292
        return SOCK_ERROR;
Marvin Scholz's avatar
Marvin Scholz committed
293
    } else {
294
        int dst;
295
        for(i=0; i < global.server_sockets; i++) {
296
            if(ufds[i].revents & POLLIN)
297
                return ufds[i].fd;
Marvin Scholz's avatar
Marvin Scholz committed
298 299
            if(ufds[i].revents & (POLLHUP|POLLERR|POLLNVAL)) {
                if (ufds[i].revents & (POLLHUP|POLLERR)) {
300
                    sock_close (global.serversock[i]);
301
                    ICECAST_LOG_WARN("Had to close a listening socket");
302
                }
303
                global.serversock[i] = SOCK_ERROR;
304
            }
305
        }
306
        /* remove any closed sockets */
Marvin Scholz's avatar
Marvin Scholz committed
307
        for(i=0, dst=0; i < global.server_sockets; i++) {
308
            if (global.serversock[i] == SOCK_ERROR)
309
            continue;
310
            if (i!=dst)
311
            global.serversock[dst] = global.serversock[i];
312 313 314
            dst++;
        }
        global.server_sockets = dst;
315
        return SOCK_ERROR;
316 317 318 319 320
    }
#else
    fd_set rfds;
    struct timeval tv, *p=NULL;
    int i, ret;
321
    sock_t max = SOCK_ERROR;
322 323 324 325 326

    FD_ZERO(&rfds);

    for(i=0; i < global.server_sockets; i++) {
        FD_SET(global.serversock[i], &rfds);
327
        if (max == SOCK_ERROR || global.serversock[i] > max)
328 329 330 331 332
            max = global.serversock[i];
    }

    if(timeout >= 0) {
        tv.tv_sec = timeout/1000;
333
        tv.tv_usec = (timeout % 1000) * 1000;
334 335 336 337 338
        p = &tv;
    }

    ret = select(max+1, &rfds, NULL, NULL, p);
    if(ret < 0) {
339
        return SOCK_ERROR;
Marvin Scholz's avatar
Marvin Scholz committed
340
    } else if(ret == 0) {
341
        return SOCK_ERROR;
Marvin Scholz's avatar
Marvin Scholz committed
342
    } else {
343 344 345 346
        for(i=0; i < global.server_sockets; i++) {
            if(FD_ISSET(global.serversock[i], &rfds))
                return global.serversock[i];
        }
347
        return SOCK_ERROR; /* Should be impossible, stop compiler warnings */
348 349 350 351
    }
#endif
}

352
static connection_t *_accept_connection(int duration)
Jack Moffitt's avatar
Jack Moffitt committed
353
{
354
    sock_t sock, serversock;
355
    char *ip;
Jack Moffitt's avatar
Jack Moffitt committed
356

357
    serversock = wait_for_serversock (duration);
358
    if (serversock == SOCK_ERROR)
359
        return NULL;
Jack Moffitt's avatar
Jack Moffitt committed
360

361 362
    /* malloc enough room for a full IP address (including ipv6) */
    ip = (char *)malloc(MAX_ADDR_LEN);
Jack Moffitt's avatar
Jack Moffitt committed
363

364
    sock = sock_accept(serversock, ip, MAX_ADDR_LEN);
Marvin Scholz's avatar
Marvin Scholz committed
365
    if (sock != SOCK_ERROR) {
366
        connection_t *con = NULL;
367
        /* Make any IPv4 mapped IPv6 address look like a normal IPv4 address */
Marvin Scholz's avatar
Marvin Scholz committed
368 369
        if (strncmp(ip, "::ffff:", 7) == 0)
            memmove(ip, ip+7, strlen (ip+7)+1);
Jack Moffitt's avatar
Jack Moffitt committed
370

371 372
        if (matchfile_match_allow_deny(allowed_ip, banned_ip, ip))
            con = connection_create (sock, serversock, ip);
373 374
        if (con)
            return con;
Marvin Scholz's avatar
Marvin Scholz committed
375 376 377
        sock_close(sock);
    } else {
        if (!sock_recoverable(sock_error())) {
378
            ICECAST_LOG_WARN("accept() failed with error %d: %s", sock_error(), strerror(sock_error()));
Marvin Scholz's avatar
Marvin Scholz committed
379
            thread_sleep(500000);
380
        }
381 382 383
    }
    free(ip);
    return NULL;
Jack Moffitt's avatar
Jack Moffitt committed
384 385 386
}


387 388 389 390
/* add client to connection queue. At this point some header information
 * has been collected, so we now pass it onto the connection thread for
 * further processing
 */
391
static void _add_connection(client_queue_t *node)
Jack Moffitt's avatar
Jack Moffitt committed
392
{
393
    thread_spin_lock(&_connection_lock);
394
    *_con_queue_tail = node;
395 396
    _con_queue_tail = (volatile client_queue_t **) &node->next;
    thread_spin_unlock(&_connection_lock);
Jack Moffitt's avatar
Jack Moffitt committed
397 398 399
}


400 401 402 403 404 405
/* this returns queued clients for the connection thread. headers are
 * already provided, but need to be parsed.
 */
static client_queue_t *_get_connection(void)
{
    client_queue_t *node = NULL;
Jack Moffitt's avatar
Jack Moffitt committed
406

Marvin Scholz's avatar
Marvin Scholz committed
407
    thread_spin_lock(&_connection_lock);
408

Marvin Scholz's avatar
Marvin Scholz committed
409
    if (_con_queue){
410 411 412 413
        node = (client_queue_t *)_con_queue;
        _con_queue = node->next;
        if (_con_queue == NULL)
            _con_queue_tail = &_con_queue;
414
        node->next = NULL;
415
    }
416

Marvin Scholz's avatar
Marvin Scholz committed
417
    thread_spin_unlock(&_connection_lock);
418 419
    return node;
}
Jack Moffitt's avatar
Jack Moffitt committed
420 421


422
/* run along queue checking for any data that has come in or a timeout */
423
static void process_request_queue (void)
424 425
{
    client_queue_t **node_ref = (client_queue_t **)&_req_queue;
Marvin Scholz's avatar
Marvin Scholz committed
426
    ice_config_t *config = config_get_config();
427 428
    int timeout = config->header_timeout;
    config_release_config();
Jack Moffitt's avatar
Jack Moffitt committed
429

Marvin Scholz's avatar
Marvin Scholz committed
430
    while (*node_ref) {
431 432 433 434
        client_queue_t *node = *node_ref;
        client_t *client = node->client;
        int len = PER_CLIENT_REFBUF_SIZE - 1 - node->offset;
        char *buf = client->refbuf->data + node->offset;
Jack Moffitt's avatar
Jack Moffitt committed
435

Marvin Scholz's avatar
Marvin Scholz committed
436 437
        if (len > 0) {
            if (client->con->con_time + timeout <= time(NULL)) {
438
                len = 0;
Marvin Scholz's avatar
Marvin Scholz committed
439 440 441
            } else {
                len = client_read_bytes(client, buf, len);
            }
442
        }
Jack Moffitt's avatar
Jack Moffitt committed
443

Marvin Scholz's avatar
Marvin Scholz committed
444
        if (len > 0) {
445 446 447
            int pass_it = 1;
            char *ptr;

448 449
            /* handle \n, \r\n and nsvcap which for some strange reason has
             * EOL as \r\r\n */
450
            node->offset += len;
Marvin Scholz's avatar
Marvin Scholz committed
451 452 453
            client->refbuf->data[node->offset] = '\000';
            do {
                if (node->shoutcast == 1) {
454
                    /* password line */
455 456
                    if (strstr (client->refbuf->data, "\r\r\n") != NULL)
                        break;
457 458 459 460 461 462 463
                    if (strstr (client->refbuf->data, "\r\n") != NULL)
                        break;
                    if (strstr (client->refbuf->data, "\n") != NULL)
                        break;
                }
                /* stream_offset refers to the start of any data sent after the
                 * http style headers, we don't want to lose those */
Marvin Scholz's avatar
Marvin Scholz committed
464 465
                ptr = strstr(client->refbuf->data, "\r\r\n\r\r\n");
                if (ptr) {
466 467 468
                    node->stream_offset = (ptr+6) - client->refbuf->data;
                    break;
                }
Marvin Scholz's avatar
Marvin Scholz committed
469 470
                ptr = strstr(client->refbuf->data, "\r\n\r\n");
                if (ptr) {
471 472 473
                    node->stream_offset = (ptr+4) - client->refbuf->data;
                    break;
                }
Marvin Scholz's avatar
Marvin Scholz committed
474 475
                ptr = strstr(client->refbuf->data, "\n\n");
                if (ptr) {
476 477 478 479 480
                    node->stream_offset = (ptr+2) - client->refbuf->data;
                    break;
                }
                pass_it = 0;
            } while (0);
Jack Moffitt's avatar
Jack Moffitt committed
481

Marvin Scholz's avatar
Marvin Scholz committed
482
            if (pass_it) {
483 484 485 486
                if ((client_queue_t **)_req_queue_tail == &(node->next))
                    _req_queue_tail = (volatile client_queue_t **)node_ref;
                *node_ref = node->next;
                node->next = NULL;
Marvin Scholz's avatar
Marvin Scholz committed
487
                _add_connection(node);
488
                continue;
489
            }
Marvin Scholz's avatar
Marvin Scholz committed
490 491
        } else {
            if (len == 0 || client->con->error) {
492 493 494
                if ((client_queue_t **)_req_queue_tail == &node->next)
                    _req_queue_tail = (volatile client_queue_t **)node_ref;
                *node_ref = node->next;
Marvin Scholz's avatar
Marvin Scholz committed
495 496
                client_destroy(client);
                free(node);
497 498 499 500
                continue;
            }
        }
        node_ref = &node->next;
501
    }
502
    _handle_connection();
Jack Moffitt's avatar
Jack Moffitt committed
503 504
}

505

506 507 508
/* add node to the queue of requests. This is where the clients are when
 * initial http details are read.
 */
Marvin Scholz's avatar
Marvin Scholz committed
509
static void _add_request_queue(client_queue_t *node)
510 511 512
{
    *_req_queue_tail = node;
    _req_queue_tail = (volatile client_queue_t **)&node->next;
Jack Moffitt's avatar
Jack Moffitt committed
513 514
}

515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541
static client_queue_t *create_client_node(client_t *client)
{
    client_queue_t *node = calloc (1, sizeof (client_queue_t));
    ice_config_t *config;
    listener_t *listener;

    if (!node)
        return NULL;

    node->client = client;

    config = config_get_config();
    listener = config_get_listen_sock(config, client->con);

    if (listener) {
        if (listener->shoutcast_compat)
            node->shoutcast = 1;
        if (listener->ssl && ssl_ok)
            connection_uses_ssl(client->con);
        if (listener->shoutcast_mount)
            node->shoutcast_mount = strdup(listener->shoutcast_mount);
    }

    config_release_config();

    return node;
}
542

543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561
void connection_queue(connection_t *con)
{
    client_queue_t *node;
    client_t *client = NULL;

    global_lock();
    if (client_create(&client, con, NULL) < 0) {
        global_unlock();
        client_send_error(client, 403, 1, "Icecast connection limit reached");
        /* don't be too eager as this is an imposed hard limit */
        thread_sleep(400000);
        return;
    }

    /* setup client for reading incoming http */
    client->refbuf->data[PER_CLIENT_REFBUF_SIZE-1] = '\000';

    if (sock_set_blocking(client->con->sock, 0) || sock_set_nodelay(client->con->sock)) {
        global_unlock();
562
        ICECAST_LOG_WARN("Failed to set tcp options on client connection, dropping");
563 564 565 566 567 568 569 570 571 572 573 574 575 576 577
        client_destroy(client);
        return;
    }
    node = create_client_node(client);
    global_unlock();

    if (node == NULL) {
        client_destroy(client);
        return;
    }

    _add_request_queue(node);
    stats_event_inc(NULL, "connections");
}

Marvin Scholz's avatar
Marvin Scholz committed
578
void connection_accept_loop(void)
Jack Moffitt's avatar
Jack Moffitt committed
579
{
580
    connection_t *con;
581
    ice_config_t *config;
582
    int duration = 300;
583

Marvin Scholz's avatar
Marvin Scholz committed
584 585 586
    config = config_get_config();
    get_ssl_certificate(config);
    config_release_config();
Jack Moffitt's avatar
Jack Moffitt committed
587

Marvin Scholz's avatar
Marvin Scholz committed
588
    while (global.running == ICECAST_RUNNING) {
589
        con = _accept_connection (duration);
590

Marvin Scholz's avatar
Marvin Scholz committed
591
        if (con) {
592
            connection_queue(con);
593
            duration = 5;
Marvin Scholz's avatar
Marvin Scholz committed
594
        } else {
595 596
            if (_req_queue == NULL)
                duration = 300; /* use longer timeouts when nothing waiting */
597
        }
Marvin Scholz's avatar
Marvin Scholz committed
598
        process_request_queue();
599
    }
Jack Moffitt's avatar
Jack Moffitt committed
600

601 602 603
    /* Give all the other threads notification to shut down */
    thread_cond_broadcast(&global.shutdown_cond);

604 605 606
    /* wait for all the sources to shutdown */
    thread_rwlock_wlock(&_source_shutdown_rwlock);
    thread_rwlock_unlock(&_source_shutdown_rwlock);
Jack Moffitt's avatar
Jack Moffitt committed
607 608
}

609 610 611

/* Called when activating a source. Verifies that the source count is not
 * exceeded and applies any initial parameters.
612
 */
Marvin Scholz's avatar
Marvin Scholz committed
613
int connection_complete_source(source_t *source, int response)
614
{
615
    ice_config_t *config;
616

Marvin Scholz's avatar
Marvin Scholz committed
617
    global_lock();
618
    ICECAST_LOG_DEBUG("sources count is %d", global.sources);
619

620
    config = config_get_config();
Marvin Scholz's avatar
Marvin Scholz committed
621
    if (global.sources < config->source_limit) {
622
        const char *contenttype;
623
        mount_proxy *mountinfo;
624 625 626 627
        format_type_t format_type;

        /* setup format handler */
        contenttype = httpp_getvar (source->parser, "content-type");
Marvin Scholz's avatar
Marvin Scholz committed
628 629
        if (contenttype != NULL) {
            format_type = format_get_type(contenttype);
630

Marvin Scholz's avatar
Marvin Scholz committed
631
            if (format_type == FORMAT_ERROR) {
632
                config_release_config();
633
                global_unlock();
634
                if (response) {
635
                    client_send_error(source->client, 403, 1, "Content-type not supported");
636 637
                    source->client = NULL;
                }
638
                ICECAST_LOG_WARN("Content-type \"%s\" not supported, dropping source", contenttype);
639 640
                return -1;
            }
641 642 643 644
        } else if (source->parser->req_type == httpp_req_put) {
            config_release_config();
            global_unlock();
            if (response) {
645
                client_send_error(source->client, 403, 1, "No Content-type given");
646 647 648 649 650 651 652 653
                source->client = NULL;
            }
            ICECAST_LOG_ERROR("Content-type not given in PUT request, dropping source");
            return -1;
        } else {
            ICECAST_LOG_ERROR("No content-type header, falling back to backwards compatibility mode "
                    "for icecast 1.x relays. Assuming content is mp3. This behaviour is deprecated "
                    "and the source client will NOT work with future Icecast versions!");
654
            format_type = FORMAT_TYPE_GENERIC;
655 656
        }

Marvin Scholz's avatar
Marvin Scholz committed
657
        if (format_get_plugin (format_type, source) < 0) {
658 659
            global_unlock();
            config_release_config();
Marvin Scholz's avatar
Marvin Scholz committed
660
            if (response) {
661
                client_send_error(source->client, 403, 1, "internal format allocation problem");
662 663
                source->client = NULL;
            }
664
            ICECAST_LOG_WARN("plugin format failed for \"%s\"", source->mount);
665 666 667
            return -1;
        }

668
        global.sources++;
Marvin Scholz's avatar
Marvin Scholz committed
669
        stats_event_args(NULL, "sources", "%d", global.sources);
670
        global_unlock();
671

672
        source->running = 1;
Marvin Scholz's avatar
Marvin Scholz committed
673 674
        mountinfo = config_find_mount(config, source->mount, MOUNT_TYPE_NORMAL);
        source_update_settings(config, source, mountinfo);
675
        config_release_config();
676
        slave_rebuild_mounts();
677 678

        source->shutdown_rwlock = &_source_shutdown_rwlock;
679
        ICECAST_LOG_DEBUG("source is ready to start");
680 681 682

        return 0;
    }
683
    ICECAST_LOG_WARN("Request to add source when maximum source limit "
Marvin Scholz's avatar
Marvin Scholz committed
684
        "reached %d", global.sources);
685 686 687 688

    global_unlock();
    config_release_config();

Marvin Scholz's avatar
Marvin Scholz committed
689
    if (response) {
690
        client_send_error(source->client, 403, 1, "too many sources connected");
691 692
        source->client = NULL;
    }
693 694 695 696

    return -1;
}

Marvin Scholz's avatar
Marvin Scholz committed
697
static inline void source_startup(client_t *client, const char *uri)
698 699
{
    source_t *source;
Marvin Scholz's avatar
Marvin Scholz committed
700
    source = source_reserve(uri);
701

Marvin Scholz's avatar
Marvin Scholz committed
702
    if (source) {
703
        source->client = client;
704 705
        source->parser = client->parser;
        source->con = client->con;
Marvin Scholz's avatar
Marvin Scholz committed
706 707 708
        if (connection_complete_source(source, 1) < 0) {
            source_clear_source(source);
            source_free_source(source);
709 710 711
            return;
        }
        client->respcode = 200;
Philipp Schafft's avatar
Philipp Schafft committed
712 713 714 715 716
        if (client->protocol == ICECAST_PROTOCOL_SHOUTCAST) {
            client->respcode = 200;
            /* send this non-blocking but if there is only a partial write
             * then leave to header timeout */
            sock_write (client->con->sock, "OK2\r\nicy-caps:11\r\n\r\n");
717
            source->shoutcast_compat = 1;
Marvin Scholz's avatar
Marvin Scholz committed
718
            source_client_callback(client, source);
Philipp Schafft's avatar
Philipp Schafft committed
719
        } else {
Marvin Scholz's avatar
Marvin Scholz committed
720
            refbuf_t *ok = refbuf_new(PER_CLIENT_REFBUF_SIZE);
721
            const char *expectcontinue;
722
            const char *transfer_encoding;
723 724
            int status_to_send = 200;

725 726 727 728 729 730 731 732 733
            transfer_encoding = httpp_getvar(source->parser, "transfer-encoding");
            if (transfer_encoding && strcasecmp(transfer_encoding, HTTPP_ENCODING_IDENTITY) != 0) {
                client->encoding = httpp_encoding_new(transfer_encoding);
                if (!client->encoding) {
                    client_send_error(client, 501, 1, "Unimplemented");
                    return;
                }
            }

734 735 736 737 738 739 740
            /* For PUT support we check for 100-continue and send back a 100 to stay in spec */
            expectcontinue = httpp_getvar (source->parser, "expect");

            if (expectcontinue != NULL) {
#ifdef HAVE_STRCASESTR
                if (strcasestr (expectcontinue, "100-continue") != NULL)
#else
741
                ICECAST_LOG_WARN("OS doesn't support case insensitive substring checks...");
742 743 744 745 746 747 748
                if (strstr (expectcontinue, "100-continue") != NULL)
#endif
                {
                    status_to_send = 100;
                }
            }

749
            client->respcode = 200;
750
            util_http_build_header(ok->data, PER_CLIENT_REFBUF_SIZE, 0, 0, status_to_send, NULL, NULL, NULL, "", NULL, client);
Marvin Scholz's avatar
Marvin Scholz committed
751
            ok->len = strlen(ok->data);
752 753 754
            /* we may have unprocessed data read in, so don't overwrite it */
            ok->associated = client->refbuf;
            client->refbuf = ok;
Marvin Scholz's avatar
Marvin Scholz committed
755
            fserve_add_client_callback(client, source_client_callback, source);
756
        }
Marvin Scholz's avatar
Marvin Scholz committed
757
    } else {
758
        client_send_error(client, 403, 1, "Mountpoint in use");
759
        ICECAST_LOG_WARN("Mountpoint %s in use", uri);
760
    }
761 762
}

Philipp Schafft's avatar
Philipp Schafft committed
763
/* only called for native icecast source clients */
Marvin Scholz's avatar
Marvin Scholz committed
764
static void _handle_source_request(client_t *client, const char *uri)
Jack Moffitt's avatar
Jack Moffitt committed
765
{
766 767
    ICECAST_LOG_INFO("Source logging in at mountpoint \"%s\" from %s as role %s",
        uri, client->con->ip, client->role);
768

Marvin Scholz's avatar
Marvin Scholz committed
769
    if (uri[0] != '/') {
Philipp Schafft's avatar
Philipp Schafft committed
770 771
        ICECAST_LOG_WARN("source mountpoint not starting with /");
        client_send_error(client, 400, 1, "source mountpoint not starting with /");
772
        return;
773
    }
774

Philipp Schafft's avatar
Philipp Schafft committed
775 776 777 778
    source_startup(client, uri);
}


Marvin Scholz's avatar
Marvin Scholz committed
779
static void _handle_stats_request(client_t *client, char *uri)
Philipp Schafft's avatar
Philipp Schafft committed
780 781 782
{
    stats_event_inc(NULL, "stats_connections");

783
    client->respcode = 200;
784
    snprintf (client->refbuf->data, PER_CLIENT_REFBUF_SIZE,
Marvin Scholz's avatar
Marvin Scholz committed
785 786 787
        "HTTP/1.0 200 OK\r\n\r\n");
    client->refbuf->len = strlen(client->refbuf->data);
    fserve_add_client_callback(client, stats_callback, NULL);
788 789
}

Philipp Schafft's avatar
Philipp Schafft committed
790 791 792
/* if 0 is returned then the client should not be touched, however if -1
 * is returned then the caller is responsible for handling the client
 */
Marvin Scholz's avatar
Marvin Scholz committed
793
static int __add_listener_to_source(source_t *source, client_t *client)
794
{
Philipp Schafft's avatar
Philipp Schafft committed
795
    size_t loop = 10;
Michael Smith's avatar
Michael Smith committed
796

Marvin Scholz's avatar
Marvin Scholz committed
797
    do {
Philipp Schafft's avatar
Philipp Schafft committed
798
        ICECAST_LOG_DEBUG("max on %s is %ld (cur %lu)", source->mount,
Marvin Scholz's avatar
Marvin Scholz committed
799
            source->max_listeners, source->listeners);
Philipp Schafft's avatar
Philipp Schafft committed
800 801 802 803
        if (source->max_listeners == -1)
            break;
        if (source->listeners < (unsigned long)source->max_listeners)
            break;
804

Marvin Scholz's avatar
Marvin Scholz committed
805
        if (loop && source->fallback_when_full && source->fallback_mount) {
Philipp Schafft's avatar
Philipp Schafft committed
806 807 808
            source_t *next = source_find_mount (source->fallback_mount);
            if (!next) {
                ICECAST_LOG_ERROR("Fallback '%s' for full source '%s' not found",
Marvin Scholz's avatar
Marvin Scholz committed
809
                    source->mount, source->fallback_mount);
Philipp Schafft's avatar
Philipp Schafft committed
810 811
                return -1;
            }
812
            ICECAST_LOG_INFO("stream full, trying %s", next->mount);
Philipp Schafft's avatar
Philipp Schafft committed
813 814 815 816 817 818 819 820 821 822 823
            source = next;
            loop--;
            continue;
        }
        /* now we fail the client */
        return -1;
    } while (1);

    client->write_to_client = format_generic_write_to_client;
    client->check_buffer = format_check_http_buffer;
    client->refbuf->len = PER_CLIENT_REFBUF_SIZE;
Marvin Scholz's avatar
Marvin Scholz committed
824
    memset(client->refbuf->data, 0, PER_CLIENT_REFBUF_SIZE);
Philipp Schafft's avatar
Philipp Schafft committed
825 826

    /* lets add the client to the active list */
Marvin Scholz's avatar
Marvin Scholz committed
827 828 829
    avl_tree_wlock(source->pending_tree);
    avl_insert(source->pending_tree, client);
    avl_tree_unlock(source->pending_tree);
Philipp Schafft's avatar
Philipp Schafft committed
830

Marvin Scholz's avatar
Marvin Scholz committed
831
    if (source->running == 0 && source->on_demand) {
Philipp Schafft's avatar
Philipp Schafft committed
832 833 834
        /* enable on-demand relay to start, wake up the slave thread */
        ICECAST_LOG_DEBUG("kicking off on-demand relay");
        source->on_demand_req = 1;
835
    }
Philipp Schafft's avatar
Philipp Schafft committed
836 837 838
    ICECAST_LOG_DEBUG("Added client to %s", source->mount);
    return 0;
}
839

Philipp Schafft's avatar
Philipp Schafft committed
840 841 842 843 844 845 846 847 848 849 850 851
/* count the number of clients on a mount with same username and same role as the given one */
static inline ssize_t __count_user_role_on_mount (source_t *source, client_t *client) {
    ssize_t ret = 0;
    avl_node *node;

    avl_tree_rlock(source->client_tree);
    node = avl_get_first(source->client_tree);
    while (node) {
        client_t *existing_client = (client_t *)node->key;
        if (existing_client->username && client->username &&
            strcmp(existing_client->username, client->username) == 0 &&
            existing_client->role && client->role &&
Marvin Scholz's avatar
Marvin Scholz committed
852
            strcmp(existing_client->role, client->role) == 0) {
Philipp Schafft's avatar
Philipp Schafft committed
853
            ret++;
Marvin Scholz's avatar
Marvin Scholz committed
854
        }
Philipp Schafft's avatar
Philipp Schafft committed
855
        node = avl_get_next(node);
856
    }
Philipp Schafft's avatar
Philipp Schafft committed
857 858 859 860
    avl_tree_unlock(source->client_tree);

    avl_tree_rlock(source->pending_tree);
    node = avl_get_first(source->pending_tree);
Marvin Scholz's avatar
Marvin Scholz committed
861
    while (node) {
Philipp Schafft's avatar
Philipp Schafft committed
862 863 864 865
        client_t *existing_client = (client_t *)node->key;
        if (existing_client->username && client->username &&
            strcmp(existing_client->username, client->username) == 0 &&
            existing_client->role && client->role &&
Marvin Scholz's avatar
Marvin Scholz committed
866
            strcmp(existing_client->role, client->role) == 0){
Philipp Schafft's avatar
Philipp Schafft committed
867
            ret++;
Marvin Scholz's avatar
Marvin Scholz committed
868
        }
Philipp Schafft's avatar
Philipp Schafft committed
869
        node = avl_get_next(node);
870
    }
Philipp Schafft's avatar
Philipp Schafft committed
871 872 873 874
    avl_tree_unlock(source->pending_tree);
    return ret;
}

Marvin Scholz's avatar
Marvin Scholz committed
875
static void _handle_get_request(client_t *client, char *uri) {
Philipp Schafft's avatar
Philipp Schafft committed
876 877 878 879 880 881 882 883 884
    source_t *source = NULL;

    ICECAST_LOG_DEBUG("Got client %p with URI %H", client, uri);

    /* there are several types of HTTP GET clients
     * media clients, which are looking for a source (eg, URI = /stream.ogg),
     * stats clients, which are looking for /admin/stats.xml and
     * fserve clients, which are looking for static files.
     */
885 886

    stats_event_inc(NULL, "client_connections");
887

888
    /* Dispatch all admin requests */
889 890
    if ((strcmp(uri, "/admin.cgi") == 0) ||
        (strncmp(uri, "/admin/", 7) == 0)) {
Philipp Schafft's avatar
Philipp Schafft committed
891
        ICECAST_LOG_DEBUG("Client %p requesting admin interface.", client);
892
        admin_handle_request(client, uri);
Michael Smith's avatar
Michael Smith committed
893 894
        return;
    }
Philipp Schafft's avatar
Philipp Schafft committed
895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923

    /* this is a web/ request. let's check if we are allowed to do that. */
    if (acl_test_web(client->acl) != ACL_POLICY_ALLOW) {
        /* doesn't seem so, sad client :( */
        if (client->protocol == ICECAST_PROTOCOL_SHOUTCAST) {
            client_destroy(client);
        } else {
            client_send_error(client, 401, 1, "You need to authenticate\r\n");
        }
        return;
    }

    if (util_check_valid_extension(uri) == XSLT_CONTENT) {
        /* If the file exists, then transform it, otherwise, write a 404 */
        ICECAST_LOG_DEBUG("Stats request, sending XSL transformed stats");
        stats_transform_xslt(client, uri);
        return;
    }

    avl_tree_rlock(global.source_tree);
    /* let's see if this is a source or just a random fserve file */
    source = source_find_mount(uri);
    if (source) {
        /* true mount */
        int in_error = 0;
        ssize_t max_connections_per_user = acl_get_max_connections_per_user(client->acl);
        /* check for duplicate_logins */
        if (max_connections_per_user > 0) { /* -1 = not set (-> default=unlimited), 0 = unlimited */
            if (max_connections_per_user <= __count_user_role_on_mount(source, client)) {
Marvin Scholz's avatar
Marvin Scholz committed
924 925
                client_send_error(client, 403, 1, "Reached limit of concurrent "
                    "connections on those credentials");
Philipp Schafft's avatar
Philipp Schafft committed
926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953
                in_error = 1;
            }
        }


        /* Set max listening duration in case not already set. */
        if (!in_error && client->con->discon_time == 0) {
            time_t connection_duration = acl_get_max_connection_duration(client->acl);
            if (connection_duration == -1) {
                ice_config_t *config = config_get_config();
                mount_proxy *mount = config_find_mount(config, source->mount, MOUNT_TYPE_NORMAL);
                if (mount && mount->max_listener_duration)
                    connection_duration = mount->max_listener_duration;
                config_release_config();
            }

            if (connection_duration > 0) /* -1 = not set (-> default=unlimited), 0 = unlimited */
                client->con->discon_time = connection_duration + time(NULL);
        }
        if (!in_error && __add_listener_to_source(source, client) == -1) {
            client_send_error(client, 403, 1, "Rejecting client for whatever reason");
        }
        avl_tree_unlock(global.source_tree);
    } else {
        /* file */
        avl_tree_unlock(global.source_tree);
        fserve_client_create(client, uri);
    }
954 955
}

Marvin Scholz's avatar
Marvin Scholz committed
956
static void _handle_shoutcast_compatible(client_queue_t *node)
957
{
958 959 960
    char *http_compliant;
    int http_compliant_len = 0;
    http_parser_t *parser;
Philipp Schafft's avatar
Philipp Schafft committed
961
    const char *shoutcast_mount;
962
    client_t *client = node->client;
Philipp Schafft's avatar
Philipp Schafft committed
963
    ice_config_t *config;
964

965 966
    if (node->shoutcast == 1)
    {
Philipp Schafft's avatar
Philipp Schafft committed
967
        char *ptr, *headers;
968 969

        /* Get rid of trailing \r\n or \n after password */
Marvin Scholz's avatar
Marvin Scholz committed
970 971
        ptr = strstr(client->refbuf->data, "\r\r\n");
        if (ptr) {
972
            headers = ptr+3;
Marvin Scholz's avatar
Marvin Scholz committed
973 974 975
        } else {
            ptr = strstr(client->refbuf->data, "\r\n");
            if (ptr) {
976
                headers = ptr+2;
Marvin Scholz's avatar
Marvin Scholz committed
977 978
            } else {
                ptr = strstr(client->refbuf->data, "\n");
979 980 981
                if (ptr)
                    headers = ptr+1;
            }
982
        }
983

Marvin Scholz's avatar
Marvin Scholz committed
984 985 986 987
        if (ptr == NULL){
            client_destroy(client);
            free(node->shoutcast_mount);
            free(node);
988 989 990 991
            return;
        }
        *ptr = '\0';

Philipp Schafft's avatar
Philipp Schafft committed
992 993
        client->password = strdup(client->refbuf->data);
        node->offset -= (headers - client->refbuf->data);
Marvin Scholz's avatar
Marvin Scholz committed
994
        memmove(client->refbuf->data, headers, node->offset+1);
Philipp Schafft's avatar
Philipp Schafft committed
995 996
        node->shoutcast = 2;
        /* we've checked the password, now send it back for reading headers */
Marvin Scholz's avatar
Marvin Scholz committed
997
        _add_request_queue(node);