RLGWebD: webttyd.js comparison

comparison webttyd.js @ 0:bd412f63ce0d

Put this project under version control, finally.

author	John "Elwin" Edwards <elwin@sdf.org>
date	Sun, 06 May 2012 08:45:40 -0700
parents
children

comparison

equal deleted inserted replaced

--1:000000000000
+:bd412f63ce0d
+#!/usr/bin/env node
+// If you can't quite trust node to find it on its own
+var localModules = '/usr/local/lib/node_modules/';
+var http = require('http');
+var url = require('url');
+var path = require('path');
+var fs = require('fs');
+//var tty = require("tty");
+var child_process = require('child_process');
+var daemon = require(path.join(localModules, "daemon"));
+var chrootDir = "/var/dgl/";
+var dropToUID = 501;
+var dropToGID = 501;
+var serveStaticRoot = "/var/www/"; // inside the chroot
+var passwdfile = "/dgldir/dgl-login";
+var sessions = {};
+var games = {
+"rogue3": {
+"name": "Rogue V3",
+"uname": "rogue3",
+"path": "/bin/rogue3"
+},
+"rogue4": {
+"name": "Rogue V4",
+"uname": "rogue4",
+"path": "/bin/rogue4"
+},
+"rogue5": {
+"name": "Rogue V5",
+"uname": "rogue5",
+"path": "/bin/rogue5"
+},
+"srogue": {
+"name": "Super-Rogue",
+"uname": "srogue",
+"path": "/bin/srogue"
+}
+};
+/* Constructor for TermSessions.  Note that it opens the terminal and
+* adds itself to the sessions dict. It currently assumes the user has
+* been authenticated.
+*/
+function TermSession(game, user, files) {
+/* First make sure starting the game will work. */
+if (!(game in games)) {
+// TODO: throw an exception instead
+return null;
+}
+/* This order seems to best avoid race conditions... */
+this.alive = false;
+this.sessid = randkey();
+while (this.sessid in sessions) {
+this.sessid = randkey();
+}
+/* Grab a spot in the sessions table. */
+sessions[this.sessid] = this;
+/* TODO handle tty-opening errors */
+//var pterm = tty.open(games[game].path, ["-n", user.toString()]);
+/* TODO make argument-finding into a method */
+args = [games[game].path, "-n", user.toString()];
+this.child = child_process.spawn("/bin/ptyhelper", args);
+var ss = this;
+//this.ptmx = pterm[0];
+//this.child = pterm[1];
+this.alive = true;
+this.data = [];
+this.lock = files[0];
+fs.writeFile(this.lock, this.child.pid.toString() + '\n80\n24\n', "utf8");
+this.record = fs.createWriteStream(files[1], { mode: 0664 });
+/* END setup */
+function ttyrec_chunk(buf) {
+var ts = new Date();
+var chunk = new Buffer(buf.length + 12);
+/* TTYREC headers */
+chunk.writeUInt32LE(Math.floor(ts.getTime() / 1000), 0);
+chunk.writeUInt32LE(1000 * (ts.getTime() % 1000), 4);
+chunk.writeUInt32LE(buf.length, 8);
+buf.copy(chunk, 12);
+ss.data.push(chunk);
+ss.record.write(chunk);
+}
+this.child.stdout.on("data", ttyrec_chunk);
+this.child.stderr.on("data", ttyrec_chunk);
+this.child.on("exit", function (code, signal) {
+ss.exitcode = (code != null ? code : 255);
+ss.alive = false;
+fs.unlink(ss.lock);
+/* Wait for all the data to get collected */
+setTimeout(ss.cleanup, 1000);
+});
+this.write = function (data) {
+if (this.alive)
+this.child.stdin.write(data);
+/* Otherwise, throw some kind of exception? */
+};
+this.read = function () {
+if (this.data.length == 0)
+return null;
+var pos = 0;
+var i = 0;
+for (i = 0; i < this.data.length; i++)
+pos += this.data[i].length - 12;
+var nbuf = new Buffer(pos);
+var tptr;
+pos = 0;
+while (this.data.length > 0) {
+tptr = this.data.shift();
+tptr.copy(nbuf, pos, 12);
+pos += tptr.length - 12;
+}
+return nbuf;
+};
+this.close = function () {
+if (this.alive)
+this.child.kill('SIGHUP');
+};
+this.cleanup = function () {
+/* Call this when the child is dead. */
+if (this.alive)
+return;
+//ss.ptmx.destroy();
+ss.record.end();
+/* Give the client a chance to read any leftover data. */
+if (ss.data.length > 0)
+setTimeout(ss.remove, 8000);
+else
+ss.remove();
+};
+this.remove = function () {
+delete sessions[ss.sessid];
+console.log("Session " + this.sessid + " removed.");
+};
+}
+/* A few utility functions */
+function timestamp() {
+dd = new Date();
+sd = dd.toISOString();
+sd = sd.slice(0, sd.indexOf("."));
+return sd.replace("T", ".");
+}
+function randkey() {
+rnum = Math.floor(Math.random() * 65536 * 65536);
+hexstr = rnum.toString(16);
+while (hexstr.length < 8)
+hexstr = "0" + hexstr;
+return hexstr;
+}
+/* Returns a list of the cookies in the request, obviously. */
+function getCookies(req) {
+cookies = [];
+if ("cookie" in req.headers) {
+cookstrs = req.headers["cookie"].split("; ");
+for (var i = 0; i < cookstrs.length; i++) {
+eqsign = cookstrs[i].indexOf("=");
+if (eqsign > 0) {
+name = cookstrs[i].slice(0, eqsign).toLowerCase();
+val = cookstrs[i].slice(eqsign + 1);
+cookies[name] = val;
+}
+else if (eqsign < 0)
+cookies[cookstrs[i]] = null;
+}
+}
+return cookies;
+}
+function urlDec(encstr) {
+var decstr = "";
+var tnum;
+for (var i = 0; i < encstr.length; i++)
+{
+if (encstr.charAt(i) == "+")
+decstr += " ";
+else if (encstr.charAt(i) == "%")
+{
+tnum = Number("0x" + encstr.slice(i + 1, 2));
+if (!isNaN(tnum) && tnum >= 0)
+decstr += String.fromCharCode(tnum);
+i += 2;
+}
+else
+decstr += encstr.charAt(i);
+}
+return decstr;
+}
+/* Returns the contents of a form */
+function getFormValues(formtext) {
+var pairstrs = formtext.split("&");
+var data = {};
+for (var i = 0; i < pairstrs.length; i++)
+{
+var eqsign = pairstrs[i].indexOf("=");
+if (eqsign > 0) {
+rawname = pairstrs[i].slice(0, eqsign);
+rawval = pairstrs[i].slice(eqsign + 1);
+name = urlDec(rawname);
+val = urlDec(rawval);
+if (!(name in data))
+data[name] = [];
+data[name].push(val);
+}
+}
+return data;
+}
+function auth(username, password) {
+// Real authentication not implemented
+return true;
+}
+function login(req, res, formdata) {
+if (!("game" in formdata)) {
+sendError(res, 2, "No game specified.");
+return;
+}
+else if (!("name" in formdata)) {
+sendError(res, 2, "Username not given.");
+return;
+}
+else if (!("pw" in formdata)) {
+sendError(res, 2, "Password not given.");
+return;
+}
+var username = formdata["name"][0];
+var password = formdata["pw"][0];
+var gname = formdata["game"][0];
+if (!(gname in games)) {
+sendError(res, 2, "No such game: " + gname);
+console.log("Request for nonexistant game \"" + gname + "\"");
+return;
+}
+var progressdir = "/dgldir/inprogress-" + games[gname].uname;
+// This sets up the game once starting is approved.
+function startgame() {
+var ts = timestamp();
+var lockfile = path.join(progressdir, username + ":node:" + ts + ".ttyrec");
+var ttyrec = path.join("/dgldir/ttyrec", username, gname, ts + ".ttyrec");
+var nsession = new TermSession(gname, username, [lockfile, ttyrec]);
+if (nsession) {
+/* Technically there's a race condition for the "lock"file, but since
+* it requires the user deliberately starting two games at similar times,
+* it's not too serious. We can't get O_EXCL in Node anyway. */
+res.writeHead(200, {'Content-Type': 'text/plain'});
+res.write("l1\n" + nsession.sessid + "\n");
+res.end();
+console.log("%s playing %s (key %s, pid %d)", username, gname,
+nsession.sessid, nsession.child.pid);
+}
+else {
+sendError(res, 5, "Failed to open TTY");
+console.log("Unable to allocate TTY for " + gname);
+}
+}
+function checkit(code, signal) {
+// check the password
+if (code != 0) {
+sendError(res, 3);
+console.log("Password check failed for user " + username);
+return;
+}
+// check for an existing game
+fs.readdir(progressdir, function(err, files) {
+if (!err) {
+var fre = RegExp("^" + username + ":");
+for (var i = 0; i < files.length; i++) {
+if (files[i].match(fre)) {
+sendError(res, 4, null);
+return;
+}
+}
+}
+// If progressdir isn't readable, start a new game anyway.
+startgame();
+});
+}
+/* Look for the user in the password file */
+fs.readFile(passwdfile, "utf8", function(err, data) {
+if (err) {
+sendError(res, 3);
+console.log("Can't authenticate: " + err.toString());
+return;
+}
+var dlines = data.split('\n');
+for (var n = 0; n < dlines.length; n++) {
+var fields = dlines[n].split(':');
+if (fields[0] == username) {
+// check the password with the quickrypt utility
+checker = require('child_process').spawn("/bin/quickrypt")
+checker.on("exit", checkit);
+checker.stdin.end(password + '\n' + fields[2] + '\n', "utf8");
+return;
+}
+}
+sendError(res, 3);
+console.log("Attempted login by nonexistent user " + username);
+});
+return;
+}
+function logout(term, res) {
+if (!term.alive) {
+sendError(res, 1, null);
+return;
+}
+cterm.close();
+var resheaders = {'Content-Type': 'text/plain'};
+res.writeHead(200, resheaders);
+res.write("q1\n\n");
+res.end();
+return;
+}
+function findTermSession(formdata) {
+if ("id" in formdata) {
+var sessid = formdata["id"][0];
+if (sessid in sessions) {
+return sessions[sessid];
+}
+}
+return null;
+}
+function serveStatic(req, res, fname) {
+var nname = path.normalize(fname);
+if (nname == "" || nname == "/")
+nname = "index.html";
+if (nname.match(/\/$/))
+path.join(nname, "index.html"); /* it was a directory */
+var realname = path.join(serveStaticRoot, nname);
+var extension = path.extname(realname);
+path.exists(realname, function (exists) {
+var resheaders = {};
+if (!exists || !extension || extension == ".html")
+resheaders["Content-Type"] = "text/html";
+else if (extension == ".png")
+resheaders["Content-Type"] = "image/png";
+else if (extension == ".css")
+resheaders["Content-Type"] = "text/css";
+else if (extension == ".js")
+resheaders["Content-Type"] = "text/javascript";
+else if (extension == ".svg")
+resheaders["Content-Type"] = "image/svg+xml";
+else
+resheaders["Content-Type"] = "application/octet-stream";
+if (exists) {
+fs.readFile(realname, function (error, data) {
+if (error) {
+res.writeHead(500, {});
+res.end();
+}
+else {
+res.writeHead(200, resheaders);
+res.write(data);
+res.end();
+}
+});
+}
+else {
+res.writeHead(404, resheaders);
+res.write("<html><head><title>" + nname + "</title></head>\n<body><h1>" + nname + " Not Found</h1></body></html>\n");
+res.end();
+}
+});
+return;
+}
+function readFeed(res, term) {
+if (term) {
+var result = term.read();
+res.writeHead(200, { "Content-Type": "text/plain" });
+if (result == null)
+resultstr = "";
+else
+resultstr = result.toString("hex");
+if (result == null && !term.alive) {
+/* Child has terminated and data is flushed. */
+res.write("q1\n\n");
+}
+else
+res.write("d" + resultstr.length.toString() + "\n" + resultstr + "\n");
+res.end();
+}
+else {
+//console.log("Where's the term?");
+sendError(res, 1, null);
+}
+}
+var errorcodes = [ "Generic Error", "Not logged in", "Invalid data",
+"Login failed", "Already playing", "Game launch failed" ];
+function sendError(res, ecode, msg) {
+res.writeHead(200, { "Content-Type": "text/plain" });
+if (ecode < errorcodes.length && ecode > 0) {
+var emsg = errorcodes[ecode];
+if (msg)
+emsg += ": " + msg;
+res.write("E" + ecode + '\n' + emsg + '\n');
+}
+else
+res.write("E0\nGeneric Error\n");
+res.end();
+}
+function handler(req, res) {
+/* default headers for the response */
+var resheaders = {'Content-Type': 'text/html'};
+/* The request body will be added to this as it arrives. */
+var reqbody = "";
+var formdata;
+/* Register a listener to get the body. */
+function moredata(chunk) {
+reqbody += chunk;
+}
+req.on('data', moredata);
+/* This will send the response once the whole request is here. */
+function respond() {
+formdata = getFormValues(reqbody);
+var target = url.parse(req.url).pathname;
+var cterm = findTermSession(formdata);
+/* First figure out if the client is POSTing to a command interface. */
+if (req.method == 'POST') {
+if (target == '/feed') {
+if (!cterm) {
+sendError(res, 1, null);
+return;
+}
+if ("quit" in formdata) {
+/* The client wants to terminate the process. */
+logout(cterm, res);
+}
+else if (formdata["keys"]) {
+/* process the keys */
+hexstr = formdata["keys"][0].replace(/[^0-9a-f]/gi, "");
+if (hexstr.length % 2 != 0) {
+sendError(res, 2, "incomplete byte");
+return;
+}
+keybuf = new Buffer(hexstr, "hex");
+cterm.write(keybuf);
+}
+readFeed(res, cterm);
+}
+else if (target == "/login") {
+login(req, res, formdata);
+}
+else {
+res.writeHead(405, resheaders);
+res.end();
+}
+}
+else if (req.method == 'GET' || req.method == 'HEAD') {
+if (target == '/feed') {
+if (!cterm) {
+sendError(res, 1, null);
+return;
+}
+readFeed(res, cterm);
+}
+/* Default page, create a new term */
+/* FIXME New term not created anymore, is a special case still needed? */
+else if (target == '/') {
+serveStatic(req, res, "/");
+}
+else /* Go look for it in the filesystem */
+serveStatic(req, res, target);
+}
+else { /* Some other method */
+res.writeHead(501, resheaders);
+res.write("<html><head><title>501</title></head>\n<body><h1>501 Not Implemented</h1></body></html>\n");
+res.end();
+}
+return;
+}
+req.on('end', respond);
+}
+process.on("exit", function () {
+for (var sessid in sessions) {
+if (sessions[sessid].alive)
+sessions[sessid].child.kill('SIGHUP');
+}
+console.log("Quitting...");
+return;
+});
+/* Initialization STARTS HERE */
+process.env["TERM"] = "xterm-256color";
+if (process.getuid() != 0) {
+console.log("Not running as root, cannot chroot.");
+process.exit(1);
+}
+try {
+process.chdir(chrootDir);
+}
+catch (err) {
+console.log("Cannot enter " + chrootDir + " : " + err);
+process.exit(1);
+}
+try {
+daemon.chroot(chrootDir);
+}
+catch (err) {
+console.log("chroot to " + chrootDir + " failed: " + err);
+process.exit(1);
+}
+try {
+// drop gid first, that requires UID=0
+process.setgid(dropToGID);
+process.setuid(dropToUID);
+}
+catch (err) {
+console.log("Could not drop permissions: " + err);
+process.exit(1);
+}
+http.createServer(handler).listen(8080, "127.0.0.1");
+console.log('webttyd running at http://127.0.0.1:8080/');