erdgeist 5a3d6b4029 We now answer as soon as the first \n is seen
We do not copy input buffer to socket's input array anymore, if we find \n in first buffer
We simplified parsing of input string
We removed asserts that were needed to debug negative seeder counts
We split static input and output buffers for obvious reasons
We enlarged static output buffer to prepare multi scrape functionality
We removed -lm from Makefile, this lib was only needed, when our random algorithm worked on floats
We close fds now that come with an empty iocookie into write loop, those don't make sense
We documented query string parser in opentracker.c a lot better to help auditing
2007-01-29 02:02:03 +00:00

617 lines
20 KiB

/* This software was written by Dirk Engling <>
It is considered beerware. Prost. Skol. Cheers or whatever.
Some of the stuff below is stolen from Fefes example libowfat httpd.
#include "socket.h"
#include "io.h"
#include "iob.h"
#include "buffer.h"
#include "array.h"
#include "byte.h"
#include "case.h"
#include "fmt.h"
#include "str.h"
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <stdlib.h>
#include <errno.h>
#include <signal.h>
#include <stdio.h>
#include "trackerlogic.h"
#include "scan_urlencoded_query.h"
/* Globals */
static unsigned int ot_overall_connections = 0;
static unsigned int ot_overall_successfulannounces = 0;
static time_t ot_start_time;
static const size_t SUCCESS_HTTP_HEADER_LENGTH = 80;
static const size_t SUCCESS_HTTP_SIZE_OFF = 17;
/* To always have space for error messages ;) */
static char static_inbuf[8192];
static char static_outbuf[8192*4];
static char debug_request[8192];
struct http_data {
union {
array request;
io_batch batch;
unsigned char ip[4];
/* Prototypes */
int main( int argc, char **argv );
static void httperror( const int64 s, const char *title, const char *message );
static void httpresponse( const int64 s, char *data );
static void sendmallocdata( const int64 s, char *buffer, const size_t size );
static void senddata( const int64 s, char *buffer, const size_t size );
static void server_mainloop( const int64 serversocket );
static void handle_timeouted( void );
static void handle_accept( const int64 serversocket );
static void handle_read( const int64 clientsocket );
static void handle_write( const int64 clientsocket );
static void usage( char *name );
static void help( char *name );
static void carp( const char *routine );
static void panic( const char *routine );
static void graceful( int s );
#define HTTPERROR_400 return httperror( s, "400 Invalid Request", "This server only understands GET." )
#define HTTPERROR_400_PARAM return httperror( s, "400 Invalid Request", "Invalid parameter" )
#define HTTPERROR_400_COMPACT return httperror( s, "400 Invalid Request", "This server only delivers compact results." )
#define HTTPERROR_404 return httperror( s, "404 Not Found", "No such file or directory." )
#define HTTPERROR_500 return httperror( s, "500 Internal Server Error", "A server error has occured. Please retry later." )
/* End of prototypes */
static void carp( const char *routine ) {
buffer_puts( buffer_2, routine );
buffer_puts( buffer_2, ": " );
buffer_puterror( buffer_2 );
buffer_putnlflush( buffer_2 );
static void panic( const char *routine ) {
carp( routine );
exit( 111 );
static void httperror( const int64 s, const char *title, const char *message ) {
size_t reply_size = sprintf( static_outbuf, "HTTP/1.0 %s\r\nContent-Type: text/html\r\nConnection: close\r\nContent-Length: %zd\r\n\r\n<title>%s</title>\n",
title, strlen(message)+strlen(title)+16-4,title+4);
fprintf( stderr, "DEBUG: invalid request was: %s\n", debug_request );
static void sendmallocdata( const int64 s, char *buffer, size_t size ) {
struct http_data *h = io_getcookie( s );
char *header;
size_t header_size;
tai6464 t;
if( !h )
return free( buffer );
array_reset( &h->request );
header = malloc( SUCCESS_HTTP_HEADER_LENGTH );
if( !header ) {
free( buffer );
header_size = sprintf( header, "HTTP/1.0 200 OK\r\nContent-Type: text/plain\r\nContent-Length: %zd\r\n\r\n", size );
iob_reset( &h->batch );
iob_addbuf_free( &h->batch, header, header_size );
iob_addbuf_free( &h->batch, buffer, size );
/* writeable sockets just have a tcp timeout */
taia_uint( &t, 0 ); io_timeout( s, t );
io_dontwantread( s );
io_wantwrite( s );
static void senddata( const int64 s, char *buffer, size_t size ) {
struct http_data *h = io_getcookie( s );
size_t written_size;
/* whoever sends data is not interested in its input-array */
if( h )
array_reset( &h->request );
written_size = write( s, buffer, size );
if( ( written_size < 0 ) || ( written_size == size ) ) {
free( h ); io_close( s );
} else {
char * outbuf = malloc( size - written_size );
tai6464 t;
if( !outbuf ) {
free(h); io_close( s );
iob_reset( &h->batch );
memmove( outbuf, buffer + written_size, size - written_size );
iob_addbuf_free( &h->batch, outbuf, size - written_size );
/* writeable sockets just have a tcp timeout */
taia_uint( &t, 0 ); io_timeout( s, t );
io_dontwantread( s );
io_wantwrite( s );
static void httpresponse( const int64 s, char *data ) {
char *c, *reply;
ot_peer peer;
ot_torrent *torrent;
ot_hash *hash = NULL;
int numwant, tmp, scanon, mode;
unsigned short port = htons(6881);
time_t t;
size_t reply_size = 0, reply_off;
memcpy( debug_request, data, sizeof( debug_request ) );
/* This one implicitely tests strlen < 5, too -- remember, it is \n terminated */
if( byte_diff( data, 5, "GET /") ) HTTPERROR_400;
/* Query string MUST terminate with SP -- we know that theres at least a '\n' where this search terminates */
for( c = data + 5; *c!=' ' && *c != '\t' && *c != '\n' && *c != '\r'; ++c ) ;
if( *c != ' ' ) HTTPERROR_400;
/* Skip leading '/' */
for( c = data+4; *c == '/'; ++c);
switch( scan_urlencoded_query( &c, data = c, SCAN_PATH ) ) {
case 4: /* sync ? */
if( byte_diff( data, 4, "sync") ) HTTPERROR_404;
scanon = 1;
while( scanon ) {
switch( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_PARAM ) ) {
case -2: scanon = 0; break; /* TERMINATOR */
case 9:
if(byte_diff(data,9,"info_hash")) {
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
/* ignore this, when we have less than 20 bytes */
if( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ) != 20 ) HTTPERROR_400_PARAM;
hash = (ot_hash*)data; /* Fall through intended */
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
if( !hash ) HTTPERROR_400_PARAM;
if( ( reply_size = return_sync_for_torrent( hash, &reply ) ) <= 0 ) HTTPERROR_500;
return sendmallocdata( s, reply, reply_size );
case 5: /* stats ? */
if( byte_diff(data,5,"stats")) HTTPERROR_404;
scanon = 1;
mode = STATS_MRTG;
while( scanon ) {
switch( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_PARAM ) ) {
case -2: scanon = 0; break; /* TERMINATOR */
default: scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE ); break;
case 4:
if( byte_diff(data,4,"mode")) {
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE );
if( len <= 0 ) HTTPERROR_400_PARAM;
if( !byte_diff(data,4,"mrtg"))
mode = STATS_MRTG;
else if( !byte_diff(data,4,"top5"))
mode = STATS_TOP5;
/* Enough for http header + whole scrape string */
if( ( reply_size = return_stats_for_tracker( SUCCESS_HTTP_HEADER_LENGTH + static_outbuf, mode ) ) <= 0 ) HTTPERROR_500;
case 6: /* scrape ? */
if( byte_diff( data, 6, "scrape") ) HTTPERROR_404;
scanon = 1;
while( scanon ) {
switch( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_PARAM ) ) {
case -2: scanon = 0; break; /* TERMINATOR */
default: scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE ); break;
case 9:
if(byte_diff(data,9,"info_hash")) {
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
/* ignore this, when we have less than 20 bytes */
if( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ) != 20 ) HTTPERROR_400_PARAM;
hash = (ot_hash*)data; /* Fall through intended */
/* Scanned whole query string, no hash means full scrape... you might want to limit that */
if( !hash ) {
if( ( reply_size = return_fullscrape_for_tracker( &reply ) ) <= 0 ) HTTPERROR_500;
return sendmallocdata( s, reply, reply_size );
/* Enough for http header + whole scrape string */
if( ( reply_size = return_scrape_for_torrent( hash, SUCCESS_HTTP_HEADER_LENGTH + static_outbuf ) ) <= 0 ) HTTPERROR_500;
case 8:
if( byte_diff(data,8,"announce")) HTTPERROR_404;
OT_SETIP( &peer, ((struct http_data*)io_getcookie( s ))->ip);
OT_SETPORT( &peer, &port );
OT_FLAG( &peer ) = 0;
numwant = 50;
scanon = 1;
while( scanon ) {
switch( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_PARAM ) ) {
case -2: scanon = 0; break; /* TERMINATOR */
default: scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE ); break;
case 2:
if(!byte_diff(data,2,"ip")) {
size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE );
unsigned char ip[4];
if( ( len <= 0 ) || scan_fixed_ip( data, len, ip ) ) HTTPERROR_400_PARAM;
OT_SETIP( &peer, ip );
} else
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
case 4:
if(!byte_diff(data,4,"port")) {
size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE );
if( ( len <= 0 ) || scan_fixed_int( data, len, &tmp ) || ( tmp > 0xffff ) ) HTTPERROR_400_PARAM;
port = htons( tmp ); OT_SETPORT( &peer, &port );
} else if(!byte_diff(data,4,"left")) {
size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE );
if( len <= 0 ) HTTPERROR_400_PARAM;
if( scan_fixed_int( data, len, &tmp ) ) tmp = 0;
if( !tmp ) OT_FLAG( &peer ) |= PEER_FLAG_SEEDING;
} else
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
case 5:
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
else switch( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ) ) {
case -1:
case 7:
if(!byte_diff(data,7,"stopped")) OT_FLAG( &peer ) |= PEER_FLAG_STOPPED;
case 9:
if(!byte_diff(data,9,"completed")) OT_FLAG( &peer ) |= PEER_FLAG_COMPLETED;
default: /* Fall through intended */
case 7:
if(!byte_diff(data,7,"numwant")) {
size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE );
if( ( len <= 0 ) || scan_fixed_int( data, len, &numwant ) ) HTTPERROR_400_PARAM;
if( numwant > 200 ) numwant = 200;
} else if(!byte_diff(data,7,"compact")) {
size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE );
if( ( len <= 0 ) || scan_fixed_int( data, len, &tmp ) ) HTTPERROR_400_PARAM;
if( !tmp ) HTTPERROR_400_COMPACT;
} else
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
case 9:
if(byte_diff(data,9,"info_hash")) {
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
/* ignore this, when we have less than 20 bytes */
if( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ) != 20 ) HTTPERROR_400_PARAM;
hash = (ot_hash*)data;
/* Scanned whole query string */
if( !hash ) HTTPERROR_400_PARAM;
if( OT_FLAG( &peer ) & PEER_FLAG_STOPPED ) {
remove_peer_from_torrent( hash, &peer );
reply_size = sprintf( static_outbuf + SUCCESS_HTTP_HEADER_LENGTH, "d8:completei0e10:incompletei0e8:intervali%ie5:peers0:e", OT_CLIENT_REQUEST_INTERVAL_RANDOM );
} else {
torrent = add_peer_to_torrent( hash, &peer );
if( !torrent || ( reply_size = return_peers_for_torrent( torrent, numwant, SUCCESS_HTTP_HEADER_LENGTH + static_outbuf ) ) <= 0 ) HTTPERROR_500;
case 10:
if( byte_diff(data,10,"scrape.php")) HTTPERROR_404;
case 11:
if( byte_diff(data,11,"mrtg_scrape")) HTTPERROR_404;
t = time( NULL ) - ot_start_time;
reply_size = sprintf( static_outbuf + SUCCESS_HTTP_HEADER_LENGTH,
"%i\n%i\nUp: %i seconds (%i hours)\nPretuned by german engineers, currently handling %i connections per second.",
ot_overall_connections, ot_overall_successfulannounces, (int)t, (int)(t / 3600), (int)ot_overall_connections / ( (int)t ? (int)t : 1 ) );
case 12:
if( byte_diff(data,12,"announce.php")) HTTPERROR_404;
default: /* neither *scrape nor announce */
if( reply_size <= 0 ) HTTPERROR_500;
/* This one is rather ugly, so I take you step by step through it.
1. In order to avoid having two buffers, one for header and one for content, we allow all above functions from trackerlogic to
write to a fixed location, leaving SUCCESS_HTTP_HEADER_LENGTH bytes in our static buffer, which is enough for the static string
plus dynamic space needed to expand our Content-Length value. We reserve SUCCESS_HTTP_SIZE_OFF for it expansion and calculate
the space NOT needed to expand in reply_off
reply_off = SUCCESS_HTTP_SIZE_OFF - snprintf( static_outbuf, 0, "%zd", reply_size );
/* 2. Now we sprintf our header so that sprintf writes its terminating '\0' exactly one byte before content starts. Complete
packet size is increased by size of header plus one byte '\n', we will copy over '\0' in next step */
reply_size += 1 + sprintf( static_outbuf + reply_off, "HTTP/1.0 200 OK\r\nContent-Type: text/plain\r\nContent-Length: %zd\r\n\r", reply_size );
/* 3. Finally we join both blocks neatly */
static_outbuf[ SUCCESS_HTTP_HEADER_LENGTH - 1 ] = '\n';
senddata( s, static_outbuf + reply_off, reply_size );
static void graceful( int s ) {
if( s == SIGINT ) {
signal( SIGINT, SIG_IGN);
exit( 0 );
static void usage( char *name ) {
fprintf( stderr, "Usage: %s [-i serverip] [-p serverport] [-d serverdirectory]"
" [-oc]"
" [-bB]"
"\n", name );
static void help( char *name ) {
usage( name );
fprintf( stderr, "\t-i serverip\tspecify ip to bind to (default: *)\n"
"\t-p serverport\tspecify port to bind to (default: 6969)\n"
"\t-d serverdir\tspecify directory containing white- or black listed torrent info_hashes (default: \".\")\n"
"\t-o\t\tmake tracker an open tracker, e.g. do not check for white list (default: off)\n"
"\t-c\t\tmake tracker a closed tracker, e.g. check each announced torrent against white list (default: on)\n"
"\t-b\t\tmake tracker check its black list, e.g. check each announced torrent against black list (default: on)\n"
"\t-B\t\tmake tracker check its black list, e.g. check each announced torrent against black list (default: off)\n"
"\n* To white list a torrent, touch a file inside serverdir with info_hash hex string.\n"
"* To white list a torrent, touch a file inside serverdir with info_hash hex string, preprended by '-'.\n"
static void handle_read( const int64 clientsocket ) {
struct http_data* h = io_getcookie( clientsocket );
size_t l;
if( ( l = io_tryread( clientsocket, static_inbuf, sizeof static_inbuf ) ) <= 0 ) {
if( h ) {
array_reset( &h->request );
free( h );
io_close( clientsocket );
memcpy( debug_request, "500!\0", 5 );
/* If we get the whole request in one packet, handle it without copying */
if( !array_start( &h->request ) ) {
if( memchr( static_inbuf, '\n', l ) )
return httpresponse( clientsocket, static_inbuf );
return array_catb( &h->request, static_inbuf, l );
array_catb( &h->request, static_inbuf, l );
if( array_failed( &h->request ) )
httperror( clientsocket, "500 Server Error", "Request too long.");
else if( array_bytes( &h->request ) > 8192 )
httperror( clientsocket, "500 request too long", "You sent too much headers");
else if( memchr( array_start( &h->request ), '\n', array_length( &h->request, 1 ) ) )
httpresponse( clientsocket, array_start( &h->request ) );
static void handle_write( const int64 clientsocket ) {
struct http_data* h=io_getcookie( clientsocket );
if( !h || ( iob_send( clientsocket, &h->batch ) <= 0 ) ) {
iob_reset( &h->batch );
io_close( clientsocket );
free( h );
static void handle_accept( const int64 serversocket ) {
struct http_data *h;
unsigned char ip[4];
uint16 port;
tai6464 t;
int64 i;
while( ( i = socket_accept4( serversocket, (char*)ip, &port) ) != -1 ) {
if( !io_fd( i ) ||
!( h = (struct http_data*)malloc( sizeof( struct http_data ) ) ) ) {
io_close( i );
io_wantread( i );
byte_zero(h,sizeof(struct http_data));
if( errno==EAGAIN )
io_eagain( serversocket );
static void handle_timeouted( void ) {
int64 i;
while( ( i = io_timeouted() ) != -1 ) {
struct http_data* h=io_getcookie( i );
if( h ) {
array_reset( &h->request );
free( h );
static void server_mainloop( const int64 serversocket ) {
tai6464 t, next_timeout_check;
io_wantread( serversocket );
taia_now( &next_timeout_check );
for( ; ; ) {
int64 i;
taia_now( &t );
io_waituntil( t );
while( ( i = io_canread( ) ) != -1 ) {
if( i == serversocket )
handle_accept( i );
handle_read( i );
while( ( i = io_canwrite( ) ) != -1 )
handle_write( i );
taia_now( &t );
if( taia_less( &next_timeout_check, &t ) ) {
handle_timeouted( );
taia_now( &next_timeout_check );
taia_addsec( &next_timeout_check, &next_timeout_check, OT_CLIENT_TIMEOUT_CHECKINTERVAL);
int main( int argc, char **argv ) {
int64 s = socket_tcp4( );
char *serverip = NULL;
char *serverdir = ".";
uint16 port = 6969;
int scanon = 1;
while( scanon ) {
switch( getopt( argc, argv, ":i:p:d:ocbBh" ) ) {
case -1 : scanon = 0; break;
case 'i': serverip = optarg; break;
case 'p': port = (uint16)atol( optarg ); break;
case 'd': serverdir = optarg; break;
case 'h': help( argv[0] ); exit( 0 );
case 'o': g_closedtracker = 0; break;
case 'c': g_closedtracker = 1; break;
case 'b': g_check_blacklist = 1; break;
case 'B': g_check_blacklist = 0; break;
case '?': usage( argv[0] ); exit( 1 );
if( socket_bind4_reuse( s, serverip, port ) == -1 )
panic( "socket_bind4_reuse" );
setegid( (gid_t)-2 ); setuid( (uid_t)-2 );
setgid( (gid_t)-2 ); seteuid( (uid_t)-2 );
if( socket_listen( s, SOMAXCONN) == -1 )
panic( "socket_listen" );
if( !io_fd( s ) )
panic( "io_fd" );
signal( SIGPIPE, SIG_IGN );
signal( SIGINT, graceful );
if( init_logic( serverdir ) == -1 )
panic( "Logic not started" );
ot_start_time = time( NULL );
server_mainloop( s );
return 0;