rlgwebd/rlgwebd.js

#!/usr/bin/env node

// If you can't quite trust node to find it on its own
var localModules = '/usr/local/lib/node_modules/';
var http = require('http');
var net = require('net');
var url = require('url');
var path = require('path');
var fs = require('fs');
var child_process = require('child_process');
var daemon = require(path.join(localModules, "daemon"));

/* Configuration variables */
// These first two files are NOT in the chroot.
var ctlsocket = "/var/local/rlgwebd/ctl";
var logfile = "/var/local/rlgwebd/log";
var httpPort = 8080;
var chrootDir = "/var/dgl/";
var dropToUID = 501;
var dropToGID = 501;
var serveStaticRoot = "/var/www/"; // inside the chroot
var playtimeout = 3600000; // Idle time before games are autosaved, in ms

/* Data on the games available. */
var games = {
  "rogue3": {
    "name": "Rogue V3",
    "uname": "rogue3",
    "suffix": ".r3sav",
    "path": "/bin/rogue3"
  },
  "rogue4": {
    "name": "Rogue V4",
    "uname": "rogue4",
    "suffix": ".r4sav",
    "path": "/bin/rogue4"
  },
  "rogue5": {
    "name": "Rogue V5",
    "uname": "rogue5",
    "suffix": ".r5sav",
    "path": "/bin/rogue5"
  },
  "srogue": {
    "name": "Super-Rogue",
    "uname": "srogue",
    "suffix": ".srsav",
    "path": "/bin/srogue"
  }
};

/* Global state */
var logins = {};
var sessions = {};
var allowlogin = true;

/* Constructor for TermSessions.  Note that it opens the terminal and 
 * adds itself to the sessions dict. It currently assumes the user has
 * been authenticated.
 */
/* TODO take a callback, or emit success/err events. */
function TermSession(game, user, dims) {
  /* First make sure starting the game will work. */
  if (game in games) {
    this.game = games[game];
  }
  else {
    // TODO: throw an exception instead
    return null;
  }
  this.player = String(user);
  /* This order seems to best avoid race conditions... */
  this.alive = false;
  this.sessid = randkey(2);
  while (this.sessid in sessions) {
    this.sessid = randkey(2);
  }
  /* Grab a spot in the sessions table. */
  sessions[this.sessid] = this;
  /* State for messaging. */
  this.nsend = 0;
  this.nrecv = 0;
  this.msgQ = []
  this.Qtimeout = null;
  /* Set up the sizes. */
  this.w = Math.floor(Number(dims[1]));
  if (!(this.w > 0 && this.w < 256))
    this.w = 80;
  this.h = Math.floor(Number(dims[0]));
  if (!(this.h > 0 && this.h < 256))
    this.h = 24;
  /* Environment. */
  var childenv = {};
  for (var key in process.env) {
    childenv[key] = process.env[key];
  }
  childenv["PTYHELPER"] = String(this.h) + "x" + String(this.w);
  /* TODO handle tty-opening errors */
  /* TODO make argument-finding into a method */
  args = [this.game.path, "-n", user.toString()];
  this.child = child_process.spawn("/bin/ptyhelper", args, {"env": childenv});
  var ss = this;
  this.alive = true;
  this.data = [];
  /* Set up the lockfile and ttyrec */
  var ts = timestamp();
  var progressdir = "/dgldir/inprogress-" + this.game.uname;
  this.lock = path.join(progressdir, this.player + ":node:" + ts + ".ttyrec");
  var lmsg = this.child.pid.toString() + '\n' + this.w + '\n' + this.h + '\n'; 
  fs.writeFile(this.lock, lmsg, "utf8"); 
  var ttyrec = path.join("/dgldir/ttyrec", this.player, this.game.uname, 
               ts + ".ttyrec");
  this.record = fs.createWriteStream(ttyrec, { mode: 0664 });
  /* END setup */
  function ttyrec_chunk(buf) {
    var ts = new Date();
    var chunk = new Buffer(buf.length + 12);
    /* TTYREC headers */
    chunk.writeUInt32LE(Math.floor(ts.getTime() / 1000), 0);
    chunk.writeUInt32LE(1000 * (ts.getTime() % 1000), 4);
    chunk.writeUInt32LE(buf.length, 8);
    buf.copy(chunk, 12);
    ss.data.push(chunk);
    ss.record.write(chunk);
  }
  this.child.stdout.on("data", ttyrec_chunk);
  this.child.stderr.on("data", ttyrec_chunk);
  this.child.on("exit", function (code, signal) {
    ss.exitcode = (code != null ? code : 255);
    ss.alive = false;
    fs.unlink(ss.lock);
    /* Wait for all the data to get collected */
    setTimeout(ss.cleanup, 1000);
  });
  this.write = function (data, n) {
    if (!this.alive || typeof (n) != "number") {
      return;
    }
    //console.log("Got message " + n);
    var oindex = n - this.nrecv;
    if (oindex === 0) {
      //console.log("Writing message " + n);
      this.child.stdin.write(data);
      this.nrecv++;
      var next;
      while ((next = this.msgQ.shift()) !== undefined) {
        //console.log("Writing message " + this.nrecv);
        this.child.stdin.write(next);
        this.nrecv++;
      }
      if (this.msgQ.length == 0 && this.Qtimeout) {
        clearTimeout(this.Qtimeout);
        this.Qtimeout = null;
      }
    }
    else if (oindex > 0 && oindex <= 1024) {
      tslog("Stashing message %d at %d", n, oindex - 1);
      this.msgQ[oindex - 1] = data;
      if (!this.Qtimeout) {
        var nextn = this.nrecv + this.msgQ.length + 1;
        this.Qtimeout = setTimeout(this.flushQ, 30000, this, nextn);
      }
    }
    /* Otherwise, discard it */
    return;
  };
  this.flushQ = function (session, n) {
    /* Callback for when an unreceived message times out.
     * n is the first empty space that will not be given up on. */
    if (!session.alive)
      return;
    session.nrecv++;
    var next;
    /* Clear the queue up to n */
    while (session.nrecv < n) {
      next = session.msgQ.shift();
      if (next !== undefined)
        session.child.stdin.write(next);
      session.nrecv++;
    }
    /* Clear out anything that's ready. */
    while ((next = session.msgQ.shift()) !== undefined) {
      session.child.stdin.write(next);
      session.nrecv++;
    }
    /* Now set another timeout if necessary. */
    if (session.msgQ.length != 0) {
      var nextn = session.nrecv + session.msgQ.length + 1;
      session.Qtimeout = setTimeout(session.flushQ, 30000, session, nextn);
    }
    tslog("Flushing queue for session %s", session.sessid);
  };
  this.read = function () {
    if (this.data.length == 0)
      return null;
    var pos = 0;
    var i = 0;
    for (i = 0; i < this.data.length; i++)
      pos += this.data[i].length - 12;
    var nbuf = new Buffer(pos);
    var tptr;
    pos = 0;
    while (this.data.length > 0) {
      tptr = this.data.shift();
      tptr.copy(nbuf, pos, 12);
      pos += tptr.length - 12;
    }
    return nbuf;
  };
  this.close = function () {
    if (this.alive)
      this.child.kill('SIGHUP');
  };
  this.cleanup = function () {
    /* Call this when the child is dead. */
    if (ss.alive)
      return;
    ss.record.end();
    /* Give the client a chance to read any leftover data. */
    if (ss.data.length > 0)
      setTimeout(ss.remove, 8000);
    else
      ss.remove();
  };
  this.remove = function () {
    var id = ss.sessid;
    delete sessions[id];
    tslog("Session %s removed.", id);
  };
}

function checkprogress(user, game, callback, args) {
  var progressdir = "/dgldir/inprogress-" + game.uname;
  fs.readdir(progressdir, function(err, files) {
    if (err) {
      args.unshift(err, null);
      callback.apply(null, args);
      return;
    }
    var fre = RegExp("^" + user + ":");
    for (var i = 0; i < files.length; i++) {
      if (files[i].match(fre)) {
        args.unshift(null, files[i]);
        callback.apply(null, args);
        return;
      }
    }
    args.unshift(null, false);
    callback.apply(null, args);
  });
}

function checksaved(user, game, callback, args) {
  var savedirc = game.uname + "save";
  var basename = String(dropToUID) + "-" + user + game.suffix;
  var savefile = path.join("/var/games/roguelike", savedirc, basename);
  path.exists(savefile, function (exist) {
    args.unshift(exist);
    callback.apply(null, args);
  });
}

function playerstatus(user, callback) {
  var sdata = {};
  function finishp() {
    for (var gname in games) {
      if (!(gname in sdata))
        return;
    }
    callback(sdata);
  }
  function regsaved(exists, game) {
    if (exists)
      sdata[game.uname] = "s";
    else
      sdata[game.uname] = "0";
    finishp();
  }
  function regactive(err, filename, game) {
    if (!err && filename) {
      sdata[game.uname] = "p";
      finishp();
    }
    else
      checksaved(user, game, regsaved, [game]);
  }
  for (var gname in games) {
    checkprogress(user, games[gname], regactive, [games[gname]]);
  }
}

/* A few utility functions */
function timestamp() {
  dd = new Date();
  sd = dd.toISOString();
  sd = sd.slice(0, sd.indexOf("."));
  return sd.replace("T", ".");
}

function randkey(words) {
  if (!words || !(words > 0))
    words = 1;
  function rand32() {
    rnum = Math.floor(Math.random() * 65536 * 65536);
    hexstr = rnum.toString(16);
    while (hexstr.length < 8)
      hexstr = "0" + hexstr;
    return hexstr;
  }
  var key = "";
  for (var i = 0; i < words; i++)
    key += rand32();
  return key;
}

function tslog() {
  arguments[0] = new Date().toISOString() + ": " + String(arguments[0]);
  console.log.apply(console, arguments);
}

/* Returns a list of the cookies in the request, obviously. */
function getCookies(req) {
  cookies = [];
  if ("cookie" in req.headers) {
    cookstrs = req.headers["cookie"].split("; ");
    for (var i = 0; i < cookstrs.length; i++) {
      eqsign = cookstrs[i].indexOf("=");
      if (eqsign > 0) {
        name = cookstrs[i].slice(0, eqsign).toLowerCase();
        val = cookstrs[i].slice(eqsign + 1);
        cookies[name] = val;
      }
      else if (eqsign < 0)
        cookies[cookstrs[i]] = null;
    }
  }
  return cookies;
}

function getMsg(posttext) {
  var jsonobj;
  if (!posttext)
    return {};
  try {
    jsonobj = JSON.parse(posttext);
  }
  catch (e) {
    if (e instanceof SyntaxError)
      return {};
  }
  if (typeof(jsonobj) != "object")
    return {};
  return jsonobj;
}

function reaper() {
  var now = new Date();
  function reapcheck(session) {
    if (!session.alive)
      return;
    fs.fstat(session.record.fd, function (err, stats) {
      if (!err && now - stats.mtime > playtimeout) {
        tslog("Reaping %s", session.sessid);
        session.close();
      }
    });
  }
  for (var sessid in sessions) {
    reapcheck(sessions[sessid]);
  }
}

function login(req, res, formdata) {
  if (!allowlogin) {
    sendError(res, 6, null);
    return;
  }
  if (!("name" in formdata)) {
    sendError(res, 2, "Username not given.");
    return;
  }
  else if (!("pw" in formdata)) {
    sendError(res, 2, "Password not given.");
    return;
  }
  var username = String(formdata["name"]);
  var password = String(formdata["pw"]);
  function checkit(code, signal) {
    /* Checks the exit status, see sqlickrypt.c for details. */
    if (code != 0) {
      sendError(res, 3);
      if (code == 1)
        tslog("Password check failed for user %s", username);
      else if (code == 2)
        tslog("Attempted login by nonexistent user %s", username);
      else
        tslog("Login failed: sqlickrypt error %d", code);
      return;
    }
    var lkey = randkey(2);
    while (lkey in logins)
      lkey = randkey(2);
    logins[lkey] = {"name": username, "ts": new Date()};
    res.writeHead(200, {'Content-Type': 'application/json'});
    var reply = {"t": "l", "k": lkey, "u": username};
    res.write(JSON.stringify(reply));
    res.end();
    tslog("%s has logged in (key %s)", username, lkey);
    return;
  }
  /* Launch the sqlickrypt utility to check the password. */
  var pwchecker = child_process.spawn("/bin/sqlickrypt", ["check"]);
  pwchecker.on("exit", checkit);
  pwchecker.stdin.end(username + '\n' + password + '\n', "utf8");
  return;
}

function startgame(req, res, formdata) {
  if (!allowlogin) {
    sendError(res, 6, null);
    return;
  }
  if (!("key" in formdata)) {
    sendError(res, 2, "No key given.");
    return;
  }
  else if (!("game" in formdata)) {
    sendError(res, 2, "No game specified.");
    return;
  }
  var lkey = String(formdata["key"]);
  if (!(lkey in logins)) {
    sendError(res, 1, null);
    return;
  }
  else {
    logins[lkey].ts = new Date();
  }
  var username = logins[lkey].name;
  var gname = formdata["game"];
  var dims = [formdata["h"], formdata["w"]];
  if (!(gname in games)) {
    sendError(res, 2, "No such game: " + gname);
    tslog("Request for nonexistant game \"%s\"", gname);
    return;
  }
  // A callback to pass to the game-in-progress checker.
  var launch = function(err, fname) {
    if (fname) {
      sendError(res, 4, null);
      tslog("%s is already playing %s", username, gname);
      return;
    }
    // Game starting has been approved.
    var nsession = new TermSession(gname, username, dims);
    if (nsession) {
      res.writeHead(200, {'Content-Type': 'application/json'});
      var reply = {"t": "l", "id": nsession.sessid, "w": nsession.w, "h": 
                   nsession.h};
      res.write(JSON.stringify(reply));
      res.end();
      tslog("%s playing %s (key %s, pid %d)", username, gname, 
                  nsession.sessid, nsession.child.pid);
    }
    else {
      sendError(res, 5, "Failed to open TTY");
      tslog("Unable to allocate TTY for %s", gname);
    }
  }
  checkprogress(username, games[gname], launch, []);
}

/* Sets things up for a new user, like dgamelaunch's commands[register] */
function regsetup(username) {
  function regsetup_l2(err) {
    for (var g in games) {
      fs.mkdir(path.join("/dgldir/ttyrec", username, games[g].uname), 0755);
    }
  }
  fs.mkdir(path.join("/dgldir/userdata", username), 0755);
  fs.mkdir(path.join("/dgldir/ttyrec/", username), 0755, regsetup_l2);
}

function register(req, res, formdata) {
  var uname, passwd, email;
  if (typeof (formdata.name) != "string" || formdata.name === "") {
    sendError(res, 2, "No name given.");
    return;
  }
  else
    uname = formdata["name"];
  if (typeof (formdata.pw) != "string" || formdata.pw === "") {
    sendError(res, 2, "No password given.");
    return;
  }
  else
    passwd = formdata["pw"];
  if (typeof (formdata.email) != "string" || formdata.email === "") {
    /* E-mail is optional */
    email = "nobody@nowhere.not";
  }
  else
    email = formdata["email"];
  function checkreg(code, signal) {
    if (code === 0) {
      var lkey = randkey(2);
      while (lkey in logins)
        lkey = randkey(2);
      logins[lkey] = {"name": uname, "ts": new Date()};
      var reply = {"t": "r", "k": lkey, "u": uname};
      res.writeHead(200, {'Content-Type': 'application/json'});
      res.write(JSON.stringify(reply));
      res.end();
      tslog("Added new user: %s", uname);
      regsetup(uname);
    }
    else if (code == 4) {
      sendError(res, 2, "Invalid characters in name or email.");
      tslog("Attempted registration: %s %s", uname, email);
    }
    else if (code == 1) {
      sendError(res, 2, "Username " + uname + " is already being used.");
      tslog("Attempted duplicate registration: %s", uname);
    }
    else {
      sendError(res, 0, null);
      tslog("sqlickrypt register failed with code %d", code);
    }
  }
  var child_adder = child_process.spawn("/bin/sqlickrypt", ["register"]);
  child_adder.on("exit", checkreg);
  child_adder.stdin.end(uname + '\n' + passwd + '\n' + email + '\n', "utf8");
  return;
}

function endgame(term, res) {
  if (!term.alive) {
    sendError(res, 7, null);
    return;
  }
  term.close();
  var resheaders = {'Content-Type': 'application/json'};
  res.writeHead(200, resheaders);
  res.write(JSON.stringify({"t": "q"}));
  res.end();
  return;
}

function findTermSession(formdata) {
  if (typeof(formdata) != "object")
    return null;
  if ("id" in formdata) {
    var sessid = formdata["id"];
    if (sessid in sessions) {
      return sessions[sessid];
    }
  }
  return null;
}

function serveStatic(req, res, fname) {
  var nname = path.normalize(fname);
  if (nname == "" || nname == "/")
    nname = "index.html";
  if (nname.match(/\/$/))
    path.join(nname, "index.html"); /* it was a directory */
  var realname = path.join(serveStaticRoot, nname);
  var extension = path.extname(realname);
  path.exists(realname, function (exists) {
    var resheaders = {};
    if (!exists || !extension || extension == ".html")
      resheaders["Content-Type"] = "text/html; charset=utf-8";
    else if (extension == ".png")
      resheaders["Content-Type"] = "image/png";
    else if (extension == ".css")
      resheaders["Content-Type"] = "text/css";
    else if (extension == ".js")
      resheaders["Content-Type"] = "text/javascript";
    else if (extension == ".svg")
      resheaders["Content-Type"] = "image/svg+xml";
    else
      resheaders["Content-Type"] = "application/octet-stream";
    if (exists) {
      fs.readFile(realname, function (error, data) {
        if (error) {
          res.writeHead(500, {});
          res.end();
        }
        else {
          res.writeHead(200, resheaders);
          if (req.method != 'HEAD')
            res.write(data);
          res.end();
        }
      });
    }
    else {
      res.writeHead(404, resheaders);
      if (req.method != 'HEAD') {
        res.write("<html><head><title>" + nname + "</title></head>\n<body><h1>"
                  + nname + " Not Found</h1></body></html>\n");
      }
      res.end();
    }
  });
  return;
}

function readFeed(res, term) {
  if (term) {
    var reply = {};
    var result = term.read();
    if (result == null) {
      if (term.alive)
        reply.t = "n";
      else {
        if (allowlogin)
          reply.t = "q";
        else {
          sendError(res, 6, null);
          return;
        }
      }
    }
    else {
      reply.t = "d";
      reply.n = term.nsend++;
      reply.d = result.toString("hex");
    }
    res.writeHead(200, { "Content-Type": "application/json" });
    res.write(JSON.stringify(reply));
    res.end();
  }
  else {
    sendError(res, 7, null);
  }
}

function statusmsg(req, res) {
  var reply = {"s": allowlogin, "g": []};
  for (var sessid in sessions) {
    if (sessions[sessid].alive) {
      var gamedesc = {};
      gamedesc["p"] = sessions[sessid].player;
      gamedesc["g"] = sessions[sessid].game.name;
      reply["g"].push(gamedesc);
    }
  }
  res.writeHead(200, { "Content-Type": "application/json" });
  if (req.method != 'HEAD')
    res.write(JSON.stringify(reply));
  res.end();
}

function pstatusmsg(req, res) {
  if (req.method == 'HEAD') {
    res.writeHead(200, { "Content-Type": "application/json" });
    res.end();
    return;
  }
  var target = url.parse(req.url).pathname;
  var pmatch = target.match(/^\/pstatus\/(.*)/);
  if (pmatch && pmatch[1])
    var pname = pmatch[1];
  else {
    sendError(res, 2, "No name given.");
    return;
  }
  var reply = {"name": pname};
  playerstatus(pname, function (pdata) {
    reply["stat"] = pdata;
    res.writeHead(200, { "Content-Type": "application/json" });
    res.write(JSON.stringify(reply));
    res.end();
  });
}

var errorcodes = [ "Generic Error", "Not logged in", "Invalid data", 
        "Login failed", "Already playing", "Game launch failed",
        "Server shutting down", "Game not in progress" ];

function sendError(res, ecode, msg) {
  res.writeHead(200, { "Content-Type": "application/json" });
  var edict = {"t": "E"};
  if (!(ecode < errorcodes.length && ecode > 0))
    ecode = 0;
  edict["c"] = ecode;
  edict["s"] = errorcodes[ecode];
  if (msg)
    edict["s"] += ": " + msg;
  res.write(JSON.stringify(edict));
  res.end();
}

function webHandler(req, res) {
  /* default headers for the response */
  var resheaders = {'Content-Type': 'text/html'};
  /* The request body will be added to this as it arrives. */
  var reqbody = "";
  var formdata;

  /* Register a listener to get the body. */
  function moredata(chunk) {
    reqbody += chunk;
  }
  req.on('data', moredata);

  /* This will send the response once the whole request is here. */
  function respond() {
    formdata = getMsg(reqbody);
    var target = url.parse(req.url).pathname;
    var cterm = findTermSession(formdata);
    /* First figure out if the client is POSTing to a command interface. */
    if (req.method == 'POST') {
      if (target == '/feed') {
        if (!cterm) {
          sendError(res, 7, null);
          return;
        }
        if (formdata.t == "q") {
          /* The client wants to terminate the process. */
          endgame(cterm, res);
        }
        else if (formdata.t == "d" && typeof(formdata.d) == "string") {
          /* process the keys */
          hexstr = formdata.d.replace(/[^0-9a-f]/gi, "");
          if (hexstr.length % 2 != 0) {
            sendError(res, 2, "incomplete byte");
            return;
          }
          keybuf = new Buffer(hexstr, "hex");
          /* TODO OoO correction */
          cterm.write(keybuf, formdata.n);
        }
        readFeed(res, cterm);
      }
      else if (target == "/login") {
        login(req, res, formdata);
      }
      else if (target == "/addacct") {
        register(req, res, formdata);
      }
      else if (target == "/play") {
        startgame(req, res, formdata);
      }
      else {
        res.writeHead(405, resheaders);
        res.end();
      }
    }
    else if (req.method == 'GET' || req.method == 'HEAD') {
      if (target == '/feed') {
        if (req.method == 'HEAD') {
          res.writeHead(200, {"Content-Type": "application/json"});
          res.end();
          return;
        }
        if (!cterm) {
          sendError(res, 7, null);
          return;
        }
        readFeed(res, cterm);
      }
      else if (target == '/status') {
        statusmsg(req, res);
      }
      else if (target.match(/^\/pstatus\//)) {
        pstatusmsg(req, res);
      }
      else /* Go look for it in the filesystem */
        serveStatic(req, res, target);
    }
    else { /* Some other method */
      res.writeHead(501, resheaders);
      res.write("<html><head><title>501</title></head>\n<body><h1>501 Not Implemented</h1></body></html>\n");
      res.end();
    }
    return;
  }
  req.on('end', respond);

}

function shutdown () {
  httpServer.close();
  httpServer.removeAllListeners('request');
  ctlServer.close();
  tslog("Shutting down...");
  process.exit();
}

function conHandler(chunk) {
  var msg = chunk.toString().split('\n')[0];
  if (msg == "quit") {
    allowlogin = false;
    tslog("Disconnecting...");
    for (var sessid in sessions) {
      sessions[sessid].close();
    }
    setTimeout(shutdown, 10000);
  }
}

process.on("exit", function () {
  for (var sessid in sessions) {
    if (sessions[sessid].alive)
      sessions[sessid].child.kill('SIGHUP');
  }
  tslog("Quitting...");
  return;
});

/* Initialization STARTS HERE */
process.env["TERM"] = "xterm-256color";

if (process.getuid() != 0) {
  tslog("Not running as root, cannot chroot.");
  process.exit(1);
}

var httpServer; // declare here so shutdown() can find it

/* Open the control socket before chrooting where it can't be found */
var ctlServer = net.createServer(function (sock) {
  sock.on('data', conHandler);
});
ctlServer.listen(ctlsocket, function () {
  /* fork off and die */
  try {
    daemon.start(logfile);
  }
  catch (err) {
    tslog("Daemonization failed: %s", err);
    process.exit(1);
  }
  /* chroot and drop permissions.  daemon.chroot() does chdir() itself. */
  try {
    daemon.chroot(chrootDir);
  }
  catch (err) {
    tslog("chroot to %s failed: %s", chrootDir, err);
    process.exit(1);
  }
  try {
    // drop gid first, that requires UID=0
    process.setgid(dropToGID);
    process.setuid(dropToUID);
  }
  catch (err) {
    tslog("Could not drop permissions: %s", err);
    process.exit(1);
  }
  httpServer = http.createServer(webHandler);
  httpServer.listen(httpPort);
  tslog('rlgwebd running on port %d', httpPort); 
  setInterval(reaper, playtimeout / 4);
});