X-Git-Url: https://git.sesse.net/?p=cubemap;a=blobdiff_plain;f=config.cpp;h=47118b48612e18bce0966c7bb696326532cf277e;hp=cce70e927e18ba93125af303f0ac151d5c5c5e39;hb=16a03b9858752fae9e81af261821a2a22855fde3;hpb=afb6264b5c56ce9e8c85b336bd247caa55b97478 diff --git a/config.cpp b/config.cpp index cce70e9..47118b4 100644 --- a/config.cpp +++ b/config.cpp @@ -5,12 +5,15 @@ #include #include #include +#include #include #include #include #include #include +#include "tlse.h" + #include "acceptor.h" #include "config.h" #include "log.h" @@ -18,7 +21,7 @@ using namespace std; -#define DEFAULT_BACKLOG_SIZE 1048576 +#define DEFAULT_BACKLOG_SIZE 10485760 struct ConfigLine { string keyword; @@ -132,7 +135,10 @@ bool read_config(const string &filename, vector *lines) lines->push_back(line); } - fclose(fp); + if (fclose(fp) == EOF) { + log_perror(filename.c_str()); + return false; + } return true; } @@ -170,6 +176,104 @@ bool fetch_config_int(const vector &config, const string &keyword, i return false; } +bool load_file_to_string(const string &filename, size_t max_size, string *contents) +{ + contents->clear(); + + FILE *fp = fopen(filename.c_str(), "r"); + if (fp == NULL) { + log_perror(filename.c_str()); + return false; + } + + char buf[4096]; + while (!feof(fp)) { + size_t ret = fread(buf, 1, sizeof(buf), fp); + if (ret > 0) { + contents->append(buf, buf + ret); + } else { + if (ferror(fp)) { + log_perror(filename.c_str()); + fclose(fp); + return false; + } + assert(feof(fp)); + break; + } + + if (contents->size() > max_size) { + log(ERROR, "%s was longer than the maximum allowed %zu bytes", filename.c_str(), max_size); + fclose(fp); + return false; + } + } + fclose(fp); + return true; +} + +bool parse_tls_parameters(const map ¶meters, AcceptorConfig *acceptor) +{ + bool has_cert = false, has_key = false; + + map::const_iterator tls_cert_it = parameters.find("tls_cert"); + if (tls_cert_it != parameters.end()) { + if (!load_file_to_string(tls_cert_it->second, 1048576, &acceptor->certificate_chain)) { + return false; + } + + // Verify that the certificate is valid. + bool is_server = true; + TLSContext *server_context = tls_create_context(is_server, TLS_V12); + int num_cert = tls_load_certificates( + server_context, + reinterpret_cast(acceptor->certificate_chain.data()), + acceptor->certificate_chain.size()); + if (num_cert < 0) { + log_tls_error(tls_cert_it->second.c_str(), num_cert); + tls_destroy_context(server_context); + return false; + } else if (num_cert == 0) { + log(ERROR, "%s did not contain any certificates", tls_cert_it->second.c_str()); + return false; + } + tls_destroy_context(server_context); + has_cert = true; + } + + map::const_iterator tls_key_it = parameters.find("tls_key"); + if (tls_key_it != parameters.end()) { + if (!load_file_to_string(tls_key_it->second, 1048576, &acceptor->private_key)) { + return false; + } + + // Verify that the key is valid. + bool is_server = true; + TLSContext *server_context = tls_create_context(is_server, TLS_V12); + int num_keys = tls_load_private_key( + server_context, + reinterpret_cast(acceptor->private_key.data()), + acceptor->private_key.size()); + if (num_keys < 0) { + log_tls_error(tls_key_it->second.c_str(), num_keys); + tls_destroy_context(server_context); + return false; + } else if (num_keys == 0) { + log(ERROR, "%s did not contain any private keys", tls_key_it->second.c_str()); + return false; + } + tls_destroy_context(server_context); + has_key = true; + } + + if (has_cert != has_key) { + log(ERROR, "Only one of tls_cert= and tls_key= was given, needs zero or both"); + return false; + } + + return true; +} + + bool parse_port(const ConfigLine &line, Config *config) { if (line.arguments.size() != 1) { @@ -184,8 +288,11 @@ bool parse_port(const ConfigLine &line, Config *config) } AcceptorConfig acceptor; - acceptor.addr = CreateAnyAddress(port); + acceptor.addr = create_any_address(port); + if (!parse_tls_parameters(line.parameters, &acceptor)) { + return false; + } config->acceptors.push_back(acceptor); return true; } @@ -201,64 +308,13 @@ bool parse_listen(const ConfigLine &line, Config *config) if (!parse_hostport(line.arguments[0], &acceptor.addr)) { return false; } + if (!parse_tls_parameters(line.parameters, &acceptor)) { + return false; + } config->acceptors.push_back(acceptor); return true; } -int allocate_mark_pool(int from, int to, Config *config) -{ - int pool_index = -1; - - // Reuse mark pools if an identical one exists. - // Otherwise, check if we're overlapping some other mark pool. - for (size_t i = 0; i < config->mark_pools.size(); ++i) { - const MarkPoolConfig &pool = config->mark_pools[i]; - if (from == pool.from && to == pool.to) { - pool_index = i; - } else if ((from >= pool.from && from < pool.to) || - (to >= pool.from && to < pool.to)) { - log(WARNING, "Mark pool %d-%d partially overlaps with %d-%d, you may get duplicate marks." - "Mark pools must either be completely disjunct, or completely overlapping.", - from, to, pool.from, pool.to); - } - } - - if (pool_index != -1) { - return pool_index; - } - - // No match to existing pools. - MarkPoolConfig pool; - pool.from = from; - pool.to = to; - config->mark_pools.push_back(pool); - - return config->mark_pools.size() - 1; -} - -bool parse_mark_pool(const string &mark_str, int *from, int *to) -{ - size_t split = mark_str.find_first_of('-'); - if (split == string::npos) { - log(ERROR, "Invalid mark specification '%s' (expected 'X-Y').", - mark_str.c_str()); - return false; - } - - string from_str(mark_str.begin(), mark_str.begin() + split); - string to_str(mark_str.begin() + split + 1, mark_str.end()); - *from = atoi(from_str.c_str()); - *to = atoi(to_str.c_str()); - - if (*from <= 0 || *from >= 65536 || *to <= 0 || *to >= 65536) { - log(ERROR, "Mark pool range %d-%d is outside legal range [1,65536>.", - *from, *to); - return false; - } - - return true; -} - bool parse_stream(const ConfigLine &line, Config *config) { if (line.arguments.size() != 1) { @@ -285,7 +341,14 @@ bool parse_stream(const ConfigLine &line, Config *config) stream.backlog_size = atoi(backlog_it->second.c_str()); } - // Parse encoding. + map::const_iterator prebuffer_it = line.parameters.find("force_prebuffer"); + if (prebuffer_it == line.parameters.end()) { + stream.prebuffering_bytes = 0; + } else { + stream.prebuffering_bytes = atoi(prebuffer_it->second.c_str()); + } + + // Parse output encoding. map::const_iterator encoding_parm_it = line.parameters.find("encoding"); if (encoding_parm_it == line.parameters.end() || encoding_parm_it->second == "raw") { @@ -297,16 +360,16 @@ bool parse_stream(const ConfigLine &line, Config *config) return false; } - // Parse marks, if so desired. - map::const_iterator mark_parm_it = line.parameters.find("mark"); - if (mark_parm_it == line.parameters.end()) { - stream.mark_pool = -1; + // Parse input encoding. + map::const_iterator src_encoding_parm_it = line.parameters.find("src_encoding"); + if (src_encoding_parm_it == line.parameters.end() || + src_encoding_parm_it->second == "metacube") { + stream.src_encoding = StreamConfig::STREAM_ENCODING_METACUBE; + } else if (src_encoding_parm_it->second == "raw") { + stream.src_encoding = StreamConfig::STREAM_ENCODING_RAW; } else { - int from, to; - if (!parse_mark_pool(mark_parm_it->second, &from, &to)) { - return false; - } - stream.mark_pool = allocate_mark_pool(from, to, config); + log(ERROR, "Parameter 'src_encoding' must be either 'raw' or 'metacube' (default)"); + return false; } // Parse the pacing rate, converting from kilobits to bytes as needed. @@ -345,18 +408,6 @@ bool parse_udpstream(const ConfigLine &line, Config *config) // TODO: Verify that the URL is parseable? } - // Parse marks, if so desired. - map::const_iterator mark_parm_it = line.parameters.find("mark"); - if (mark_parm_it == line.parameters.end()) { - udpstream.mark_pool = -1; - } else { - int from, to; - if (!parse_mark_pool(mark_parm_it->second, &from, &to)) { - return false; - } - udpstream.mark_pool = allocate_mark_pool(from, to, config); - } - // Parse the pacing rate, converting from kilobits to bytes as needed. map::const_iterator pacing_rate_it = line.parameters.find("pacing_rate_kbit"); if (pacing_rate_it == line.parameters.end()) { @@ -365,10 +416,50 @@ bool parse_udpstream(const ConfigLine &line, Config *config) udpstream.pacing_rate = atoi(pacing_rate_it->second.c_str()) * 1024 / 8; } + // Parse the TTL. The same value is used for unicast and multicast. + map::const_iterator ttl_it = line.parameters.find("ttl"); + if (ttl_it == line.parameters.end()) { + udpstream.ttl = -1; + } else { + udpstream.ttl = atoi(ttl_it->second.c_str()); + } + + // Parse the multicast interface index. + map::const_iterator multicast_iface_it = line.parameters.find("multicast_output_interface"); + if (multicast_iface_it == line.parameters.end()) { + udpstream.multicast_iface_index = -1; + } else { + udpstream.multicast_iface_index = if_nametoindex(multicast_iface_it->second.c_str()); + if (udpstream.multicast_iface_index == 0) { + log(ERROR, "Interface '%s' does not exist", multicast_iface_it->second.c_str()); + return false; + } + } + config->udpstreams.push_back(udpstream); return true; } +bool parse_gen204(const ConfigLine &line, Config *config) +{ + if (line.arguments.size() != 1) { + log(ERROR, "'gen204' takes exactly one argument"); + return false; + } + + Gen204Config gen204; + gen204.url = line.arguments[0]; + + // Parse the CORS origin, if it exists. + map::const_iterator allow_origin_it = line.parameters.find("allow_origin"); + if (allow_origin_it != line.parameters.end()) { + gen204.allow_origin = allow_origin_it->second; + } + + config->pings.push_back(gen204); + return true; +} + bool parse_error_log(const ConfigLine &line, Config *config) { if (line.arguments.size() != 0) { @@ -470,6 +561,10 @@ bool parse_config(const string &filename, Config *config) if (!parse_udpstream(line, config)) { return false; } + } else if (line.keyword == "gen204") { + if (!parse_gen204(line, config)) { + return false; + } } else if (line.keyword == "error_log") { if (!parse_error_log(line, config)) { return false;