Mercurial > hg > rlgwebd
comparison rlgwebd.js @ 8:ad0a31e52007
Call the dgl replacement rlgwebd instead of webttyd.
author | John "Elwin" Edwards <elwin@sdf.org> |
---|---|
date | Mon, 07 May 2012 16:08:59 -0700 |
parents | webttyd.js@bd412f63ce0d |
children | ef6127ed6da3 |
comparison
equal
deleted
inserted
replaced
7:d1b3c3af34d6 | 8:ad0a31e52007 |
---|---|
1 #!/usr/bin/env node | |
2 | |
3 // If you can't quite trust node to find it on its own | |
4 var localModules = '/usr/local/lib/node_modules/'; | |
5 var http = require('http'); | |
6 var url = require('url'); | |
7 var path = require('path'); | |
8 var fs = require('fs'); | |
9 var child_process = require('child_process'); | |
10 var daemon = require(path.join(localModules, "daemon")); | |
11 | |
12 var chrootDir = "/var/dgl/"; | |
13 var dropToUID = 501; | |
14 var dropToGID = 501; | |
15 var serveStaticRoot = "/var/www/"; // inside the chroot | |
16 var passwdfile = "/dgldir/dgl-login"; | |
17 var sessions = {}; | |
18 | |
19 var games = { | |
20 "rogue3": { | |
21 "name": "Rogue V3", | |
22 "uname": "rogue3", | |
23 "path": "/bin/rogue3" | |
24 }, | |
25 "rogue4": { | |
26 "name": "Rogue V4", | |
27 "uname": "rogue4", | |
28 "path": "/bin/rogue4" | |
29 }, | |
30 "rogue5": { | |
31 "name": "Rogue V5", | |
32 "uname": "rogue5", | |
33 "path": "/bin/rogue5" | |
34 }, | |
35 "srogue": { | |
36 "name": "Super-Rogue", | |
37 "uname": "srogue", | |
38 "path": "/bin/srogue" | |
39 } | |
40 }; | |
41 | |
42 /* Constructor for TermSessions. Note that it opens the terminal and | |
43 * adds itself to the sessions dict. It currently assumes the user has | |
44 * been authenticated. | |
45 */ | |
46 function TermSession(game, user, files) { | |
47 /* First make sure starting the game will work. */ | |
48 if (!(game in games)) { | |
49 // TODO: throw an exception instead | |
50 return null; | |
51 } | |
52 /* This order seems to best avoid race conditions... */ | |
53 this.alive = false; | |
54 this.sessid = randkey(); | |
55 while (this.sessid in sessions) { | |
56 this.sessid = randkey(); | |
57 } | |
58 /* Grab a spot in the sessions table. */ | |
59 sessions[this.sessid] = this; | |
60 /* TODO handle tty-opening errors */ | |
61 /* TODO make argument-finding into a method */ | |
62 args = [games[game].path, "-n", user.toString()]; | |
63 this.child = child_process.spawn("/bin/ptyhelper", args); | |
64 var ss = this; | |
65 this.alive = true; | |
66 this.data = []; | |
67 this.lock = files[0]; | |
68 fs.writeFile(this.lock, this.child.pid.toString() + '\n80\n24\n', "utf8"); | |
69 this.record = fs.createWriteStream(files[1], { mode: 0664 }); | |
70 /* END setup */ | |
71 function ttyrec_chunk(buf) { | |
72 var ts = new Date(); | |
73 var chunk = new Buffer(buf.length + 12); | |
74 /* TTYREC headers */ | |
75 chunk.writeUInt32LE(Math.floor(ts.getTime() / 1000), 0); | |
76 chunk.writeUInt32LE(1000 * (ts.getTime() % 1000), 4); | |
77 chunk.writeUInt32LE(buf.length, 8); | |
78 buf.copy(chunk, 12); | |
79 ss.data.push(chunk); | |
80 ss.record.write(chunk); | |
81 } | |
82 this.child.stdout.on("data", ttyrec_chunk); | |
83 this.child.stderr.on("data", ttyrec_chunk); | |
84 this.child.on("exit", function (code, signal) { | |
85 ss.exitcode = (code != null ? code : 255); | |
86 ss.alive = false; | |
87 fs.unlink(ss.lock); | |
88 /* Wait for all the data to get collected */ | |
89 setTimeout(ss.cleanup, 1000); | |
90 }); | |
91 this.write = function (data) { | |
92 if (this.alive) | |
93 this.child.stdin.write(data); | |
94 /* Otherwise, throw some kind of exception? */ | |
95 }; | |
96 this.read = function () { | |
97 if (this.data.length == 0) | |
98 return null; | |
99 var pos = 0; | |
100 var i = 0; | |
101 for (i = 0; i < this.data.length; i++) | |
102 pos += this.data[i].length - 12; | |
103 var nbuf = new Buffer(pos); | |
104 var tptr; | |
105 pos = 0; | |
106 while (this.data.length > 0) { | |
107 tptr = this.data.shift(); | |
108 tptr.copy(nbuf, pos, 12); | |
109 pos += tptr.length - 12; | |
110 } | |
111 return nbuf; | |
112 }; | |
113 this.close = function () { | |
114 if (this.alive) | |
115 this.child.kill('SIGHUP'); | |
116 }; | |
117 this.cleanup = function () { | |
118 /* Call this when the child is dead. */ | |
119 if (this.alive) | |
120 return; | |
121 ss.record.end(); | |
122 /* Give the client a chance to read any leftover data. */ | |
123 if (ss.data.length > 0) | |
124 setTimeout(ss.remove, 8000); | |
125 else | |
126 ss.remove(); | |
127 }; | |
128 this.remove = function () { | |
129 delete sessions[ss.sessid]; | |
130 console.log("Session " + this.sessid + " removed."); | |
131 }; | |
132 } | |
133 | |
134 /* A few utility functions */ | |
135 function timestamp() { | |
136 dd = new Date(); | |
137 sd = dd.toISOString(); | |
138 sd = sd.slice(0, sd.indexOf(".")); | |
139 return sd.replace("T", "."); | |
140 } | |
141 | |
142 function randkey() { | |
143 rnum = Math.floor(Math.random() * 65536 * 65536); | |
144 hexstr = rnum.toString(16); | |
145 while (hexstr.length < 8) | |
146 hexstr = "0" + hexstr; | |
147 return hexstr; | |
148 } | |
149 | |
150 /* Returns a list of the cookies in the request, obviously. */ | |
151 function getCookies(req) { | |
152 cookies = []; | |
153 if ("cookie" in req.headers) { | |
154 cookstrs = req.headers["cookie"].split("; "); | |
155 for (var i = 0; i < cookstrs.length; i++) { | |
156 eqsign = cookstrs[i].indexOf("="); | |
157 if (eqsign > 0) { | |
158 name = cookstrs[i].slice(0, eqsign).toLowerCase(); | |
159 val = cookstrs[i].slice(eqsign + 1); | |
160 cookies[name] = val; | |
161 } | |
162 else if (eqsign < 0) | |
163 cookies[cookstrs[i]] = null; | |
164 } | |
165 } | |
166 return cookies; | |
167 } | |
168 | |
169 function urlDec(encstr) { | |
170 var decstr = ""; | |
171 var tnum; | |
172 for (var i = 0; i < encstr.length; i++) | |
173 { | |
174 if (encstr.charAt(i) == "+") | |
175 decstr += " "; | |
176 else if (encstr.charAt(i) == "%") | |
177 { | |
178 tnum = Number("0x" + encstr.slice(i + 1, 2)); | |
179 if (!isNaN(tnum) && tnum >= 0) | |
180 decstr += String.fromCharCode(tnum); | |
181 i += 2; | |
182 } | |
183 else | |
184 decstr += encstr.charAt(i); | |
185 } | |
186 return decstr; | |
187 } | |
188 | |
189 /* Returns the contents of a form */ | |
190 function getFormValues(formtext) { | |
191 var pairstrs = formtext.split("&"); | |
192 var data = {}; | |
193 for (var i = 0; i < pairstrs.length; i++) | |
194 { | |
195 var eqsign = pairstrs[i].indexOf("="); | |
196 if (eqsign > 0) { | |
197 rawname = pairstrs[i].slice(0, eqsign); | |
198 rawval = pairstrs[i].slice(eqsign + 1); | |
199 name = urlDec(rawname); | |
200 val = urlDec(rawval); | |
201 if (!(name in data)) | |
202 data[name] = []; | |
203 data[name].push(val); | |
204 } | |
205 } | |
206 return data; | |
207 } | |
208 | |
209 function auth(username, password) { | |
210 // Real authentication not implemented | |
211 return true; | |
212 } | |
213 | |
214 function login(req, res, formdata) { | |
215 if (!("game" in formdata)) { | |
216 sendError(res, 2, "No game specified."); | |
217 return; | |
218 } | |
219 else if (!("name" in formdata)) { | |
220 sendError(res, 2, "Username not given."); | |
221 return; | |
222 } | |
223 else if (!("pw" in formdata)) { | |
224 sendError(res, 2, "Password not given."); | |
225 return; | |
226 } | |
227 var username = formdata["name"][0]; | |
228 var password = formdata["pw"][0]; | |
229 var gname = formdata["game"][0]; | |
230 if (!(gname in games)) { | |
231 sendError(res, 2, "No such game: " + gname); | |
232 console.log("Request for nonexistant game \"" + gname + "\""); | |
233 return; | |
234 } | |
235 var progressdir = "/dgldir/inprogress-" + games[gname].uname; | |
236 | |
237 // This sets up the game once starting is approved. | |
238 function startgame() { | |
239 var ts = timestamp(); | |
240 var lockfile = path.join(progressdir, username + ":node:" + ts + ".ttyrec"); | |
241 var ttyrec = path.join("/dgldir/ttyrec", username, gname, ts + ".ttyrec"); | |
242 var nsession = new TermSession(gname, username, [lockfile, ttyrec]); | |
243 if (nsession) { | |
244 /* Technically there's a race condition for the "lock"file, but since | |
245 * it requires the user deliberately starting two games at similar times, | |
246 * it's not too serious. We can't get O_EXCL in Node anyway. */ | |
247 res.writeHead(200, {'Content-Type': 'text/plain'}); | |
248 res.write("l1\n" + nsession.sessid + "\n"); | |
249 res.end(); | |
250 console.log("%s playing %s (key %s, pid %d)", username, gname, | |
251 nsession.sessid, nsession.child.pid); | |
252 } | |
253 else { | |
254 sendError(res, 5, "Failed to open TTY"); | |
255 console.log("Unable to allocate TTY for " + gname); | |
256 } | |
257 } | |
258 function checkit(code, signal) { | |
259 // check the password | |
260 if (code != 0) { | |
261 sendError(res, 3); | |
262 console.log("Password check failed for user " + username); | |
263 return; | |
264 } | |
265 // check for an existing game | |
266 fs.readdir(progressdir, function(err, files) { | |
267 if (!err) { | |
268 var fre = RegExp("^" + username + ":"); | |
269 for (var i = 0; i < files.length; i++) { | |
270 if (files[i].match(fre)) { | |
271 sendError(res, 4, null); | |
272 return; | |
273 } | |
274 } | |
275 } | |
276 // If progressdir isn't readable, start a new game anyway. | |
277 startgame(); | |
278 }); | |
279 } | |
280 /* Look for the user in the password file */ | |
281 fs.readFile(passwdfile, "utf8", function(err, data) { | |
282 if (err) { | |
283 sendError(res, 3); | |
284 console.log("Can't authenticate: " + err.toString()); | |
285 return; | |
286 } | |
287 var dlines = data.split('\n'); | |
288 for (var n = 0; n < dlines.length; n++) { | |
289 var fields = dlines[n].split(':'); | |
290 if (fields[0] == username) { | |
291 // check the password with the quickrypt utility | |
292 checker = require('child_process').spawn("/bin/quickrypt") | |
293 checker.on("exit", checkit); | |
294 checker.stdin.end(password + '\n' + fields[2] + '\n', "utf8"); | |
295 return; | |
296 } | |
297 } | |
298 sendError(res, 3); | |
299 console.log("Attempted login by nonexistent user " + username); | |
300 }); | |
301 return; | |
302 } | |
303 | |
304 function logout(term, res) { | |
305 if (!term.alive) { | |
306 sendError(res, 1, null); | |
307 return; | |
308 } | |
309 cterm.close(); | |
310 var resheaders = {'Content-Type': 'text/plain'}; | |
311 res.writeHead(200, resheaders); | |
312 res.write("q1\n\n"); | |
313 res.end(); | |
314 return; | |
315 } | |
316 | |
317 function findTermSession(formdata) { | |
318 if ("id" in formdata) { | |
319 var sessid = formdata["id"][0]; | |
320 if (sessid in sessions) { | |
321 return sessions[sessid]; | |
322 } | |
323 } | |
324 return null; | |
325 } | |
326 | |
327 function serveStatic(req, res, fname) { | |
328 var nname = path.normalize(fname); | |
329 if (nname == "" || nname == "/") | |
330 nname = "index.html"; | |
331 if (nname.match(/\/$/)) | |
332 path.join(nname, "index.html"); /* it was a directory */ | |
333 var realname = path.join(serveStaticRoot, nname); | |
334 var extension = path.extname(realname); | |
335 path.exists(realname, function (exists) { | |
336 var resheaders = {}; | |
337 if (!exists || !extension || extension == ".html") | |
338 resheaders["Content-Type"] = "text/html"; | |
339 else if (extension == ".png") | |
340 resheaders["Content-Type"] = "image/png"; | |
341 else if (extension == ".css") | |
342 resheaders["Content-Type"] = "text/css"; | |
343 else if (extension == ".js") | |
344 resheaders["Content-Type"] = "text/javascript"; | |
345 else if (extension == ".svg") | |
346 resheaders["Content-Type"] = "image/svg+xml"; | |
347 else | |
348 resheaders["Content-Type"] = "application/octet-stream"; | |
349 if (exists) { | |
350 fs.readFile(realname, function (error, data) { | |
351 if (error) { | |
352 res.writeHead(500, {}); | |
353 res.end(); | |
354 } | |
355 else { | |
356 res.writeHead(200, resheaders); | |
357 res.write(data); | |
358 res.end(); | |
359 } | |
360 }); | |
361 } | |
362 else { | |
363 res.writeHead(404, resheaders); | |
364 res.write("<html><head><title>" + nname + "</title></head>\n<body><h1>" + nname + " Not Found</h1></body></html>\n"); | |
365 res.end(); | |
366 } | |
367 }); | |
368 return; | |
369 } | |
370 | |
371 function readFeed(res, term) { | |
372 if (term) { | |
373 var result = term.read(); | |
374 res.writeHead(200, { "Content-Type": "text/plain" }); | |
375 if (result == null) | |
376 resultstr = ""; | |
377 else | |
378 resultstr = result.toString("hex"); | |
379 if (result == null && !term.alive) { | |
380 /* Child has terminated and data is flushed. */ | |
381 res.write("q1\n\n"); | |
382 } | |
383 else | |
384 res.write("d" + resultstr.length.toString() + "\n" + resultstr + "\n"); | |
385 res.end(); | |
386 } | |
387 else { | |
388 //console.log("Where's the term?"); | |
389 sendError(res, 1, null); | |
390 } | |
391 } | |
392 | |
393 var errorcodes = [ "Generic Error", "Not logged in", "Invalid data", | |
394 "Login failed", "Already playing", "Game launch failed" ]; | |
395 | |
396 function sendError(res, ecode, msg) { | |
397 res.writeHead(200, { "Content-Type": "text/plain" }); | |
398 if (ecode < errorcodes.length && ecode > 0) { | |
399 var emsg = errorcodes[ecode]; | |
400 if (msg) | |
401 emsg += ": " + msg; | |
402 res.write("E" + ecode + '\n' + emsg + '\n'); | |
403 } | |
404 else | |
405 res.write("E0\nGeneric Error\n"); | |
406 res.end(); | |
407 } | |
408 | |
409 function handler(req, res) { | |
410 /* default headers for the response */ | |
411 var resheaders = {'Content-Type': 'text/html'}; | |
412 /* The request body will be added to this as it arrives. */ | |
413 var reqbody = ""; | |
414 var formdata; | |
415 | |
416 /* Register a listener to get the body. */ | |
417 function moredata(chunk) { | |
418 reqbody += chunk; | |
419 } | |
420 req.on('data', moredata); | |
421 | |
422 /* This will send the response once the whole request is here. */ | |
423 function respond() { | |
424 formdata = getFormValues(reqbody); | |
425 var target = url.parse(req.url).pathname; | |
426 var cterm = findTermSession(formdata); | |
427 /* First figure out if the client is POSTing to a command interface. */ | |
428 if (req.method == 'POST') { | |
429 if (target == '/feed') { | |
430 if (!cterm) { | |
431 sendError(res, 1, null); | |
432 return; | |
433 } | |
434 if ("quit" in formdata) { | |
435 /* The client wants to terminate the process. */ | |
436 logout(cterm, res); | |
437 } | |
438 else if (formdata["keys"]) { | |
439 /* process the keys */ | |
440 hexstr = formdata["keys"][0].replace(/[^0-9a-f]/gi, ""); | |
441 if (hexstr.length % 2 != 0) { | |
442 sendError(res, 2, "incomplete byte"); | |
443 return; | |
444 } | |
445 keybuf = new Buffer(hexstr, "hex"); | |
446 cterm.write(keybuf); | |
447 } | |
448 readFeed(res, cterm); | |
449 } | |
450 else if (target == "/login") { | |
451 login(req, res, formdata); | |
452 } | |
453 else { | |
454 res.writeHead(405, resheaders); | |
455 res.end(); | |
456 } | |
457 } | |
458 else if (req.method == 'GET' || req.method == 'HEAD') { | |
459 if (target == '/feed') { | |
460 if (!cterm) { | |
461 sendError(res, 1, null); | |
462 return; | |
463 } | |
464 readFeed(res, cterm); | |
465 } | |
466 /* Default page, create a new term */ | |
467 /* FIXME New term not created anymore, is a special case still needed? */ | |
468 else if (target == '/') { | |
469 serveStatic(req, res, "/"); | |
470 } | |
471 else /* Go look for it in the filesystem */ | |
472 serveStatic(req, res, target); | |
473 } | |
474 else { /* Some other method */ | |
475 res.writeHead(501, resheaders); | |
476 res.write("<html><head><title>501</title></head>\n<body><h1>501 Not Implemented</h1></body></html>\n"); | |
477 res.end(); | |
478 } | |
479 return; | |
480 } | |
481 req.on('end', respond); | |
482 | |
483 } | |
484 | |
485 process.on("exit", function () { | |
486 for (var sessid in sessions) { | |
487 if (sessions[sessid].alive) | |
488 sessions[sessid].child.kill('SIGHUP'); | |
489 } | |
490 console.log("Quitting..."); | |
491 return; | |
492 }); | |
493 | |
494 /* Initialization STARTS HERE */ | |
495 process.env["TERM"] = "xterm-256color"; | |
496 | |
497 if (process.getuid() != 0) { | |
498 console.log("Not running as root, cannot chroot."); | |
499 process.exit(1); | |
500 } | |
501 try { | |
502 process.chdir(chrootDir); | |
503 } | |
504 catch (err) { | |
505 console.log("Cannot enter " + chrootDir + " : " + err); | |
506 process.exit(1); | |
507 } | |
508 try { | |
509 daemon.chroot(chrootDir); | |
510 } | |
511 catch (err) { | |
512 console.log("chroot to " + chrootDir + " failed: " + err); | |
513 process.exit(1); | |
514 } | |
515 try { | |
516 // drop gid first, that requires UID=0 | |
517 process.setgid(dropToGID); | |
518 process.setuid(dropToUID); | |
519 } | |
520 catch (err) { | |
521 console.log("Could not drop permissions: " + err); | |
522 process.exit(1); | |
523 } | |
524 | |
525 http.createServer(handler).listen(8080, "127.0.0.1"); | |
526 console.log('rlgwebd running at http://127.0.0.1:8080/'); |