view webttyd.js @ 1:9bef0941c6dd

Add a few comments.
author John "Elwin" Edwards <elwin@sdf.org>
date Sun, 06 May 2012 09:04:14 -0700
parents bd412f63ce0d
children
line wrap: on
line source

#!/usr/bin/env node

// If you can't quite trust node to find it on its own
var localModules = '/usr/local/lib/node_modules/';
var http = require('http');
var url = require('url');
var path = require('path');
var fs = require('fs');
//var tty = require("tty");
var child_process = require('child_process');
var daemon = require(path.join(localModules, "daemon"));

var chrootDir = "/var/dgl/";
var dropToUID = 501;
var dropToGID = 501;
var serveStaticRoot = "/var/www/"; // inside the chroot
var passwdfile = "/dgldir/dgl-login";
var sessions = {};

var games = {
  "rogue3": {
    "name": "Rogue V3",
    "uname": "rogue3",
    "path": "/bin/rogue3"
  },
  "rogue4": {
    "name": "Rogue V4",
    "uname": "rogue4",
    "path": "/bin/rogue4"
  },
  "rogue5": {
    "name": "Rogue V5",
    "uname": "rogue5",
    "path": "/bin/rogue5"
  },
  "srogue": {
    "name": "Super-Rogue",
    "uname": "srogue",
    "path": "/bin/srogue"
  }
};

/* Constructor for TermSessions.  Note that it opens the terminal and 
 * adds itself to the sessions dict. It currently assumes the user has
 * been authenticated.
 */
function TermSession(game, user, files) {
  /* First make sure starting the game will work. */
  if (!(game in games)) {
    // TODO: throw an exception instead
    return null;
  }
  /* This order seems to best avoid race conditions... */
  this.alive = false;
  this.sessid = randkey();
  while (this.sessid in sessions) {
    this.sessid = randkey();
  }
  /* Grab a spot in the sessions table. */
  sessions[this.sessid] = this;
  /* TODO handle tty-opening errors */
  //var pterm = tty.open(games[game].path, ["-n", user.toString()]);
  /* TODO make argument-finding into a method */
  args = [games[game].path, "-n", user.toString()];
  this.child = child_process.spawn("/bin/ptyhelper", args);
  var ss = this;
  //this.ptmx = pterm[0];
  //this.child = pterm[1];
  this.alive = true;
  this.data = [];
  this.lock = files[0];
  fs.writeFile(this.lock, this.child.pid.toString() + '\n80\n24\n', "utf8"); 
  this.record = fs.createWriteStream(files[1], { mode: 0664 });
  /* END setup */
  function ttyrec_chunk(buf) {
    var ts = new Date();
    var chunk = new Buffer(buf.length + 12);
    /* TTYREC headers */
    chunk.writeUInt32LE(Math.floor(ts.getTime() / 1000), 0);
    chunk.writeUInt32LE(1000 * (ts.getTime() % 1000), 4);
    chunk.writeUInt32LE(buf.length, 8);
    buf.copy(chunk, 12);
    ss.data.push(chunk);
    ss.record.write(chunk);
  }
  this.child.stdout.on("data", ttyrec_chunk);
  this.child.stderr.on("data", ttyrec_chunk);
  this.child.on("exit", function (code, signal) {
    ss.exitcode = (code != null ? code : 255);
    ss.alive = false;
    fs.unlink(ss.lock);
    /* Wait for all the data to get collected */
    setTimeout(ss.cleanup, 1000);
  });
  this.write = function (data) {
    if (this.alive)
      this.child.stdin.write(data);
    /* Otherwise, throw some kind of exception? */
  };
  this.read = function () {
    if (this.data.length == 0)
      return null;
    var pos = 0;
    var i = 0;
    for (i = 0; i < this.data.length; i++)
      pos += this.data[i].length - 12;
    var nbuf = new Buffer(pos);
    var tptr;
    pos = 0;
    while (this.data.length > 0) {
      tptr = this.data.shift();
      tptr.copy(nbuf, pos, 12);
      pos += tptr.length - 12;
    }
    return nbuf;
  };
  this.close = function () {
    if (this.alive)
      this.child.kill('SIGHUP');
  };
  this.cleanup = function () {
    /* Call this when the child is dead. */
    if (this.alive)
      return;
    //ss.ptmx.destroy();
    ss.record.end();
    /* Give the client a chance to read any leftover data. */
    if (ss.data.length > 0)
      setTimeout(ss.remove, 8000);
    else
      ss.remove();
  };
  this.remove = function () {
    delete sessions[ss.sessid];
    console.log("Session " + this.sessid + " removed.");
  };
}

/* A few utility functions */
function timestamp() {
  dd = new Date();
  sd = dd.toISOString();
  sd = sd.slice(0, sd.indexOf("."));
  return sd.replace("T", ".");
}

function randkey() {
  rnum = Math.floor(Math.random() * 65536 * 65536);
  hexstr = rnum.toString(16);
  while (hexstr.length < 8)
    hexstr = "0" + hexstr;
  return hexstr;
}

/* Returns a list of the cookies in the request, obviously. */
function getCookies(req) {
  cookies = [];
  if ("cookie" in req.headers) {
    cookstrs = req.headers["cookie"].split("; ");
    for (var i = 0; i < cookstrs.length; i++) {
      eqsign = cookstrs[i].indexOf("=");
      if (eqsign > 0) {
        name = cookstrs[i].slice(0, eqsign).toLowerCase();
        val = cookstrs[i].slice(eqsign + 1);
        cookies[name] = val;
      }
      else if (eqsign < 0)
        cookies[cookstrs[i]] = null;
    }
  }
  return cookies;
}

function urlDec(encstr) {
  var decstr = "";
  var tnum;
  for (var i = 0; i < encstr.length; i++)
  {
    if (encstr.charAt(i) == "+")
      decstr += " ";
    else if (encstr.charAt(i) == "%")
    {
      tnum = Number("0x" + encstr.slice(i + 1, 2));
      if (!isNaN(tnum) && tnum >= 0)
        decstr += String.fromCharCode(tnum);
      i += 2;
    }
    else
      decstr += encstr.charAt(i);
  }
  return decstr;
}

/* Returns the contents of a form */
function getFormValues(formtext) {
  var pairstrs = formtext.split("&");
  var data = {};
  for (var i = 0; i < pairstrs.length; i++)
  {
    var eqsign = pairstrs[i].indexOf("=");
    if (eqsign > 0) {
      rawname = pairstrs[i].slice(0, eqsign);
      rawval = pairstrs[i].slice(eqsign + 1);
      name = urlDec(rawname);
      val = urlDec(rawval);
      if (!(name in data))
        data[name] = [];
      data[name].push(val);
    }
  }
  return data;
}

function auth(username, password) {
  // Real authentication not implemented
  return true;
}

function login(req, res, formdata) {
  if (!("game" in formdata)) {
    sendError(res, 2, "No game specified.");
    return;
  }
  else if (!("name" in formdata)) {
    sendError(res, 2, "Username not given.");
    return;
  }
  else if (!("pw" in formdata)) {
    sendError(res, 2, "Password not given.");
    return;
  }
  var username = formdata["name"][0];
  var password = formdata["pw"][0];
  var gname = formdata["game"][0];
  if (!(gname in games)) {
    sendError(res, 2, "No such game: " + gname);
    console.log("Request for nonexistant game \"" + gname + "\"");
    return;
  }
  var progressdir = "/dgldir/inprogress-" + games[gname].uname;

  // This sets up the game once starting is approved.
  function startgame() {
    var ts = timestamp();
    var lockfile = path.join(progressdir, username + ":node:" + ts + ".ttyrec");
    var ttyrec = path.join("/dgldir/ttyrec", username, gname, ts + ".ttyrec");
    var nsession = new TermSession(gname, username, [lockfile, ttyrec]);
    if (nsession) {
      /* Technically there's a race condition for the "lock"file, but since 
       * it requires the user deliberately starting two games at similar times, 
       * it's not too serious. We can't get O_EXCL in Node anyway. */
      res.writeHead(200, {'Content-Type': 'text/plain'});
      res.write("l1\n" + nsession.sessid + "\n");
      res.end();
      console.log("%s playing %s (key %s, pid %d)", username, gname, 
                  nsession.sessid, nsession.child.pid);
    }
    else {
      sendError(res, 5, "Failed to open TTY");
      console.log("Unable to allocate TTY for " + gname);
    }
  }
  function checkit(code, signal) {
    // check the password
    if (code != 0) {
      sendError(res, 3);
      console.log("Password check failed for user " + username);
      return;
    }
    // check for an existing game
    fs.readdir(progressdir, function(err, files) {
      if (!err) {
        var fre = RegExp("^" + username + ":");
        for (var i = 0; i < files.length; i++) {
          if (files[i].match(fre)) {
            sendError(res, 4, null);
            return;
          }
        }
      }
      // If progressdir isn't readable, start a new game anyway.
      startgame();
    });
  }
  /* Look for the user in the password file */
  fs.readFile(passwdfile, "utf8", function(err, data) {
    if (err) {
      sendError(res, 3);
      console.log("Can't authenticate: " + err.toString());
      return;
    }
    var dlines = data.split('\n');
    for (var n = 0; n < dlines.length; n++) {
      var fields = dlines[n].split(':');
      if (fields[0] == username) {
        // check the password with the quickrypt utility
        checker = require('child_process').spawn("/bin/quickrypt")
        checker.on("exit", checkit);
        checker.stdin.end(password + '\n' + fields[2] + '\n', "utf8");
        return;
      }
    }
    sendError(res, 3);
    console.log("Attempted login by nonexistent user " + username);
  });
  return;
}

function logout(term, res) {
  if (!term.alive) {
    sendError(res, 1, null);
    return;
  }
  cterm.close();
  var resheaders = {'Content-Type': 'text/plain'};
  res.writeHead(200, resheaders);
  res.write("q1\n\n");
  res.end();
  return;
}

function findTermSession(formdata) {
  if ("id" in formdata) {
    var sessid = formdata["id"][0];
    if (sessid in sessions) {
      return sessions[sessid];
    }
  }
  return null;
}

function serveStatic(req, res, fname) {
  var nname = path.normalize(fname);
  if (nname == "" || nname == "/")
    nname = "index.html";
  if (nname.match(/\/$/))
    path.join(nname, "index.html"); /* it was a directory */
  var realname = path.join(serveStaticRoot, nname);
  var extension = path.extname(realname);
  path.exists(realname, function (exists) {
    var resheaders = {};
    if (!exists || !extension || extension == ".html")
      resheaders["Content-Type"] = "text/html";
    else if (extension == ".png")
      resheaders["Content-Type"] = "image/png";
    else if (extension == ".css")
      resheaders["Content-Type"] = "text/css";
    else if (extension == ".js")
      resheaders["Content-Type"] = "text/javascript";
    else if (extension == ".svg")
      resheaders["Content-Type"] = "image/svg+xml";
    else
      resheaders["Content-Type"] = "application/octet-stream";
    if (exists) {
      fs.readFile(realname, function (error, data) {
        if (error) {
          res.writeHead(500, {});
          res.end();
        }
        else {
          res.writeHead(200, resheaders);
          res.write(data);
          res.end();
        }
      });
    }
    else {
      res.writeHead(404, resheaders);
      res.write("<html><head><title>" + nname + "</title></head>\n<body><h1>" + nname + " Not Found</h1></body></html>\n");
      res.end();
    }
  });
  return;
}

function readFeed(res, term) {
  if (term) {
    var result = term.read();
    res.writeHead(200, { "Content-Type": "text/plain" });
    if (result == null)
      resultstr = "";
    else
      resultstr = result.toString("hex");
    if (result == null && !term.alive) {
      /* Child has terminated and data is flushed. */
      res.write("q1\n\n");
    }
    else
      res.write("d" + resultstr.length.toString() + "\n" + resultstr + "\n");
    res.end();
  }
  else {
    //console.log("Where's the term?");
    sendError(res, 1, null);
  }
}

var errorcodes = [ "Generic Error", "Not logged in", "Invalid data", 
        "Login failed", "Already playing", "Game launch failed" ];

function sendError(res, ecode, msg) {
  res.writeHead(200, { "Content-Type": "text/plain" });
  if (ecode < errorcodes.length && ecode > 0) {
    var emsg = errorcodes[ecode];
    if (msg)
      emsg += ": " + msg;
    res.write("E" + ecode + '\n' + emsg + '\n');
  }
  else
    res.write("E0\nGeneric Error\n");
  res.end();
}

function handler(req, res) {
  /* default headers for the response */
  var resheaders = {'Content-Type': 'text/html'};
  /* The request body will be added to this as it arrives. */
  var reqbody = "";
  var formdata;

  /* Register a listener to get the body. */
  function moredata(chunk) {
    reqbody += chunk;
  }
  req.on('data', moredata);

  /* This will send the response once the whole request is here. */
  function respond() {
    formdata = getFormValues(reqbody);
    var target = url.parse(req.url).pathname;
    var cterm = findTermSession(formdata);
    /* First figure out if the client is POSTing to a command interface. */
    if (req.method == 'POST') {
      if (target == '/feed') {
        if (!cterm) {
          sendError(res, 1, null);
          return;
        }
        if ("quit" in formdata) {
          /* The client wants to terminate the process. */
          logout(cterm, res);
        }
        else if (formdata["keys"]) {
          /* process the keys */
          hexstr = formdata["keys"][0].replace(/[^0-9a-f]/gi, "");
          if (hexstr.length % 2 != 0) {
            sendError(res, 2, "incomplete byte");
            return;
          }
          keybuf = new Buffer(hexstr, "hex");
          cterm.write(keybuf);
        }
        readFeed(res, cterm);
      }
      else if (target == "/login") {
        login(req, res, formdata);
      }
      else {
        res.writeHead(405, resheaders);
        res.end();
      }
    }
    else if (req.method == 'GET' || req.method == 'HEAD') {
      if (target == '/feed') {
        if (!cterm) {
          sendError(res, 1, null);
          return;
        }
        readFeed(res, cterm);
      }
      /* Default page, create a new term */
      /* FIXME New term not created anymore, is a special case still needed? */
      else if (target == '/') {
        serveStatic(req, res, "/");
      }
      else /* Go look for it in the filesystem */
        serveStatic(req, res, target);
    }
    else { /* Some other method */
      res.writeHead(501, resheaders);
      res.write("<html><head><title>501</title></head>\n<body><h1>501 Not Implemented</h1></body></html>\n");
      res.end();
    }
    return;
  }
  req.on('end', respond);

}

process.on("exit", function () {
  for (var sessid in sessions) {
    if (sessions[sessid].alive)
      sessions[sessid].child.kill('SIGHUP');
  }
  console.log("Quitting...");
  return;
});

/* Initialization STARTS HERE */
process.env["TERM"] = "xterm-256color";

if (process.getuid() != 0) {
  console.log("Not running as root, cannot chroot.");
  process.exit(1);
}
try {
  process.chdir(chrootDir); 
}
catch (err) {
  console.log("Cannot enter " + chrootDir + " : " + err);
  process.exit(1);
}
try {
  daemon.chroot(chrootDir);
}
catch (err) {
  console.log("chroot to " + chrootDir + " failed: " + err);
  process.exit(1);
}
try {
  // drop gid first, that requires UID=0
  process.setgid(dropToGID);
  process.setuid(dropToUID);
}
catch (err) {
  console.log("Could not drop permissions: " + err);
  process.exit(1);
}

http.createServer(handler).listen(8080, "127.0.0.1");
console.log('webttyd running at http://127.0.0.1:8080/');