7 use Digest::SHA qw(sha256_hex);
11 ###--------------------------------------------------------------------------
14 sub merge_hash (\%%) {
15 my ($hashref, %defaults) = @_;
16 for my $k (keys %defaults)
17 { $hashref->{$k} = $defaults{$k} unless exists $hashref->{$k}; }
20 ###--------------------------------------------------------------------------
23 our $DSN = "dbi:Pg(pg_enable_utf8=>1):host=db";
25 our @BACKOFF = (0.1, 10, 1.5, 0.5, 2.0);
27 our $BASEURL = "http://odin.gg/";
28 our $STATIC = "http://odin.gg/";
30 our $SHORTURL_PATH = "u";
31 our $PASTEBIN_PATH = "p";
33 our $URLMAXLEN = 1024;
38 our $PASTEMAXLEN = 1024*1024;
40 our %COOKIE_DEFAULTS = (
45 our $ALPHA = "abcdefghijklmnopqrstuvwxyz";
46 our $NUM = "0123456789";
47 our $SAFECH = qr/^[-\w_.+]*$/;
51 our %MAILDOM_POLICY = ();
54 our @MAIL_DEFGEN = "chars";
55 our $MAIL_MAXGENTRY = 32;
57 our $MAIL_DEFDOMAIN = "odin.gg";
58 our $MAIL_ADDRMAX_LIVE = 16384;
59 our $MAIL_ADDRMAX_RESV = 32;
60 our $MAIL_AGEMAX_RESV = 3600;
62 our ($SCHEME, $DOMAIN, $BASEPATH);
63 our ($SHORTURL, $PASTEBIN);
65 ###--------------------------------------------------------------------------
66 ### Miscellaneous utilities.
69 sub update_now () { $NOW = time; }
72 (our $PROG = $0) =~ s:^.*/::;
74 sub fail_cmdline ($$%) {
75 my ($msg, $label, %args) = @_;
76 print STDERR "$PROG: $msg\n";
80 our $FAILPROC = \&fail_cmdline;
83 my ($msg, $label, %args) = @_;
84 $FAILPROC->($msg, $label, %args);
87 sub set_mason_failproc ($) {
90 my ($msg, $label, %args) = @_;
92 $m->comp($label, %args);
105 "s" => 1, "m" => 60, "h" => 3600,
106 "d" => 86400, "w" => 604800
110 return undef unless defined $date;
111 if ($date =~ /^\+\s*(\d+)\s*([smhdw]?)\s*$/)
112 { return $NOW + $1 * $TIMEUNIT{$2}; }
113 my $t = str2time($date);
114 defined $t or Odin::fail "invalid time `$date'";
118 sub print_columns (@) {
119 my @col = reverse @_;
122 while (@col && $col[1] eq "") { splice @col, 0, 2; }
123 my ($wd, $v) = splice @col, 0, 2;
124 push @fmt, "%s"; push @val, $v;
126 my ($wd, $v) = splice @col, 0, 2;
127 push @fmt, "%-${wd}s";
130 printf join(" ", reverse @fmt) . "\n", reverse @val;
135 return $t == -1 ? "--" : strftime "%Y-%m-%d %H:%M:%S %z", localtime $t;
138 ###--------------------------------------------------------------------------
139 ### Database utilities.
143 my $db = DBI->connect_cached($DSN, undef, undef, {
149 my $drv = $db->{Driver}{Name};
151 $db->{private_odin_retry_p} = sub { $db->state =~ /^40[0P]01$/ };
152 } elsif ($drv eq "SQLite") {
153 $db->{private_odin_retry_p} = sub { $db->err == 5 };
155 $db->{private_odin_retry_p} = sub { 0 };
162 my ($body, $db) = @_;
166 my ($sleep, $maxsleep, $mult, $minvar, $maxvar) = @BACKOFF;
167 for (my $i = 0; $i < $RETRY; $i++) {
169 eval { @rv = $body->(); $db->commit; };
171 return @rv unless $exc;
172 my $retryp = $db->{private_odin_retry_p}();
173 eval { $db->rollback; };
174 die $exc unless $retryp;
175 my $t = $sleep * ($minvar + rand($maxvar - $minvar));
176 $sleep *= $mult; $sleep = $max if $sleep > $max;
177 select undef, undef, undef, $t;
182 sub insert_record ($$%) {
183 my ($db, $table, %fields) = @_;
187 for my $v (keys %fields) {
189 push @val, $fields{$v};
191 $db->do("INSERT INTO $table (" . join(", ", @var) . ")
192 VALUES (" . join(", ", map { "?" } @var) . ")", undef, @val);
195 ###--------------------------------------------------------------------------
196 ### Sequence numbers and tagging.
199 my ($db, $table) = @_;
200 my ($seq) = $db->selectrow_array("SELECT seq FROM $table");
201 die "no sequence number in $table" unless defined $seq;
202 $db->do("UPDATE $table SET seq = ?", undef, $seq + 1);
207 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
208 my $NALPHA = length $ALPHABET;
214 $tag .= substr($ALPHABET, $seq % $NALPHA, 1);
215 $seq = int $seq/$NALPHA;
220 ###--------------------------------------------------------------------------
224 sub fetch_cookies ($) {
228 my $cookies = $r->header_in("Cookie");
229 if (defined $cookies) {
230 for my $kv (split /;/, $cookies) {
231 my ($k, $v) = split /=/, $kv, 2;
232 $k =~ s/^\s*(|\S|\S.*\S)\s*$/$1/;
233 $v =~ s/^\s*(|\S|\S.*\S)\s*$/$1/;
235 $v =~ s/\%([0-9a-f][0-9a-f])/chr hex $1/eg;
241 sub bake_cookie ($$%) {
242 my ($r, $cookie, %attr) = @_;
243 merge_hash %attr, %COOKIE_DEFAULTS;
245 my $v = $attr{$_}; tr/_-/-/d;
246 defined $v ? "$_=$v" : $_
248 $r->headers_out->add("Set-Cookie", join "; ", $cookie, @attr);
253 return $ENV{PATH_INFO} // $r->path_info;
256 ###--------------------------------------------------------------------------
259 sub escapify ($$;$) {
260 my ($m, $s, $mode) = @_;
261 return $m->interp->apply_escapes($s, $mode // "h");
264 ###--------------------------------------------------------------------------
267 our ($WHO, $WHOSURE);
268 our ($WHOMATCH, $WHOCMP, $WHOPAT);
272 my $raddr = $ENV{REMOTE_ADDR} // $r->connection->remote_ip;
273 $WHO = ":NET-$raddr"; $WHOSURE = 0;
274 $WHOMATCH = "LIKE"; $WHOCMP = ":NET-\%"; $WHOPAT = qr/^:NET-/;
278 $WHO = $ENV{USERV_USER}
279 // ($< == $> && $ENV{USER})
280 // @{[getpwuid $<]}[0]
281 // die "nameless user";
282 $WHOMATCH = "="; $WHOCMP = $WHO; $WHOPAT = qr/^\Q$WHO\E$/;
287 open my $fh, "/dev/urandom" or die "open urandom: $!";
288 sysread $fh, my $rand, 16;
289 (my $edit = encode_base64 $rand) =~ tr:+/=\n:.-:d;
290 return $edit, sha256_hex $edit;
293 ###--------------------------------------------------------------------------
296 sub get_shorturl ($) {
300 my ($url) = $db->selectrow_array
301 ("SELECT url FROM odin_shorturl WHERE tag = ?", undef, $tag);
302 fail "tag `$tag' not found", ".notfound", tag => $tag unless defined $url;
306 sub valid_url_p ($) {
309 length $url < $URLMAXLEN &&
310 scalar grep { $url =~ /$_/ } @URLPAT;
313 sub new_shorturl ($) {
316 valid_url_p $url or fail "invalid url", ".badurl", u => $url;
321 ($tag) = $db->selectrow_array
322 ("SELECT tag FROM odin_shorturl WHERE owner $WHOMATCH ? AND url = ?",
323 undef, $WHOCMP, $url);
324 unless (defined $tag) {
325 $tag = encode_tag(next_seq($db, "odin_shorturl_seq"));
326 insert_record $db, "odin_shorturl",
327 tag => $tag, stamp => $NOW, owner => $WHO, url => $url;
333 sub check_shorturl_owner ($$) {
336 my ($owner) = $db->selectrow_array
337 ("SELECT owner FROM odin_shorturl WHERE tag = ?", undef, $tag);
338 fail "tag `$tag' not found", ".notfound", tag => $tag
339 unless defined $owner;
340 fail "not owner of `$tag'", ".notowner", tag => $tag
341 unless $owner =~ /$WHOPAT/;
344 sub update_shorturl ($$) {
345 my ($tag, $url) = @_;
349 check_shorturl_owner $db, $tag;
350 $db->do("UPDATE odin_shorturl SET url = ? WHERE tag = ?",
355 sub delete_shorturl (@) {
360 for my $tag (@tags) {
361 check_shorturl_owner $db, $tag;
362 $db->do("DELETE FROM odin_shorturl WHERE tag = ?", undef, $tag);
367 ###--------------------------------------------------------------------------
370 our %PASTEBIN_DEFAULTS = (
371 title => "(untitled)",
375 our @PASTEBIN_PROPS = keys %PASTEBIN_DEFAULTS;
376 our $PASTEBIN_PROPCOLS = join ", ", @PASTEBIN_PROPS;
377 our $PASTEBIN_PROPPLACES = join ", ", map "?", @PASTEBIN_PROPS;
379 sub new_pastebin (\%) {
383 my ($editkey, $hash) = new_editkey;
386 merge_hash %$new, %PASTEBIN_DEFAULTS;
388 $tag = encode_tag next_seq $db, "odin_pastebin_seq";
389 insert_record $db, "odin_pastebin",
390 tag => $tag, stamp => $NOW, edithash => $hash, owner => $WHO,
393 return $tag, $editkey;
396 sub get_pastebin ($$\%) {
397 my ($db, $tag, $props) = @_;
399 (my $owner, my $hash, @{$props}{@PASTEBIN_PROPS}) =
400 $db->selectrow_array("SELECT owner, edithash, $PASTEBIN_PROPCOLS
401 FROM odin_pastebin WHERE tag = ?",
403 fail "tag `$tag' not found", ".notfound", tag => $tag
404 unless defined $owner;
405 return $owner, $hash;
408 sub get_pastebin_check_owner ($$\%) {
409 my ($db, $tag, $props) = @_;
411 my ($owner, $hash) = get_pastebin $db, $tag, %$props;
412 fail "not owner of `$tag'", ".notowner", tag => $tag
413 unless $WHOSURE && $WHO eq $owner;
416 sub get_pastebin_check_editkey_or_owner ($$$\%) {
417 my ($db, $tag, $editkey, $props) = @_;
419 if (!defined $editkey) { get_pastebin_check_owner $db, $tag, %$props; }
421 my ($owner, $hash) = get_pastebin $db, $tag, %$props;
422 fail "incorrect edit key for `$tag'", ".badhash", tag => $tag
423 unless $hash eq sha256_hex $editkey;
427 sub rekey_pastebin ($) {
433 get_pastebin_check_owner $db, $tag, my %hunoz;
434 ($editkey, my $hash) = new_editkey;
435 $db->do("UPDATE odin_pastebin SET edithash = ? WHERE tag = ?",
441 sub claim_pastebin ($$) {
442 my ($tag, $editkey) = @_;
445 $WHOSURE or fail "you can't claim pastes", ".notsure";
447 get_pastebin_check_editkey_or_owner $db, $tag, $editkey, my %hunoz;
448 $db->do("UPDATE odin_pastebin SET owner = ? WHERE tag = ?",
453 sub update_pastebin ($$\%) {
454 my ($tag, $editkey, $new) = @_;
459 get_pastebin_check_editkey_or_owner $db, $tag, $editkey, my %old;
460 for my $p (@PASTEBIN_PROPS) {
461 if (!defined $new->{$p}) { $new->{$p} = $old{$p}; }
463 $db->do("UPDATE odin_pastebin SET $p = ? WHERE tag = ?",
464 undef, $new->{$p}, $tag)
465 unless $new->{$p} eq $old{$p};
473 sub delete_pastebin (@) {
478 (my $tag, my $editkey, @a) = @a;
479 get_pastebin_check_editkey_or_owner $db, $tag, $editkey, my %hunoz;
480 $db->do("DELETE FROM odin_pastebin WHERE tag = ?", undef, $tag);
485 sub tidy_pastebin_content ($) {
487 return undef unless defined $content;
488 $content =~ tr/\r//d;
489 $content =~ s/([^\n])\z/$1\n/;
490 length $content <= $PASTEMAXLEN or
491 fail "invalid paste content", ".badpaste";
495 ###--------------------------------------------------------------------------
496 ### Mail redirection utilities.
498 sub redir_query ($$$;$@) {
499 my ($db, $dom, $owner, $cond, @args) = @_;
500 return @{$db->selectall_arrayref
501 ("SELECT lpart, expire, recip, comment
502 FROM odin_mailredir WHERE dom = ? AND owner = ?" .
503 (defined $cond ? " AND $cond" : "") . " " .
504 "ORDER BY expire, lpart", undef, $dom, $owner, @args)};
507 sub clear_redir_reservations ($) {
509 $db->do("DELETE FROM odin_mailredir WHERE
510 st = 'reserved' AND expire < ?", undef,
512 $db->do("UPDATE odin_mailredir SET st = 'dormant', expire = -1
513 WHERE st = 'live' AND expire <> -1 AND expire < ?", undef, $NOW);
516 sub check_redir_limits ($) {
518 my %h = map { $_->[0] => $_->[1] }
519 @{ $db->selectall_arrayref("SELECT st, COUNT(*) FROM odin_mailredir
520 WHERE owner = ? GROUP BY st", undef,
522 for my $st (qw(live dormant reserved)) { $h{$st} //= 0; }
523 $h{live} + $h{dormant} + $h{reserved} <= $MAIL_ADDRMAX_LIVE or
524 Odin::fail "too many addresses claimed (see your sysadmin)";
525 $h{reserved} <= $MAIL_ADDRMAX_RESV or
526 Odin::fail "too many addresses reserved (time to release some)";
531 return $GENMAP{$g} // die "configuration error: no generator class `$g'";
534 sub default_generator_class ($) {
537 my $g = $MAILDOM_POLICY{$dom}{gen}[0] // $MAIL_DEFGEN[0];
541 sub get_generator_class ($$) {
544 grep { $_ eq $g } @{$MAILDOM_POLICY{$dom}{gen} // \@MAIL_DEFGEN}
545 or fail "domain `$dom' doesn't allow generator `$g'";
549 sub gen_redir_name ($$) {
552 for (my $try = 0; $try < $MAIL_MAXGENTRY; $try++) {
553 my $l = lc $gen->gen;
555 unless $db->selectrow_arrayref
556 ("SELECT 1 FROM odin_mailredir WHERE lpart = ? AND dom = ?",
559 Odin::fail "failed to find unique local part";
562 sub qualify_recip ($) {
565 return $r =~ /\@/ || !defined $MAIL_QUALDOM ? $r : "$r\@$MAIL_QUALDOM";
568 sub check_fixup_redir ($) {
571 if (exists $r->{recip}) {
572 $r->{recip} =~ /^[!-~]+$/ or fail "invalid recipient name `$r->{recip}'";
573 $r->{recip} = qualify_recip $r->{recip};
577 sub new_redir ($$\%;$) {
578 my ($dom, $gen, $r, $n) = @_;
583 check_fixup_redir $r;
585 clear_redir_reservations $db;
587 my $l = Odin::gen_redir_name $db, $gen;
588 insert_record $db, "odin_mailredir",
589 lpart => $l, dom => $dom, st => 'live',
590 owner => $WHO, creator => $WHO,
591 recip => $r->{recip} // qualify_recip $Odin::WHO,
592 expire => $r->{expire} // -1,
593 comment => $r->{comment} // "";
596 check_redir_limits $db;
601 sub reserve_redir ($$$) {
602 my ($dom, $gen, $n) = @_;
607 clear_redir_reservations $db;
609 for (my $i = 0; $i < $n; $i++) { push @l, gen_redir_name $db, $gen; }
611 insert_record $db, "odin_mailredir",
612 lpart => $l, dom => $dom, owner => $WHO,
613 st => 'reserved', expire => $NOW + $MAIL_AGEMAX_RESV;
615 check_redir_limits $db;
620 sub release_all_redir ($) {
624 my $st = $db->prepare("DELETE FROM odin_mailredir
625 WHERE dom = ? AND owner = ? AND st = 'reserved'");
627 $st->execute($dom, $WHO);
628 $st->rows or Odin::fail "no reserved addresses";
632 sub release_redir ($@) {
636 my $st = $db->prepare("DELETE FROM odin_mailredir
637 WHERE lpart = ? AND dom = ? AND
638 owner = ? AND st = 'reserved'");
640 clear_redir_reservations $db;
642 $st->execute($l, $dom, $WHO);
643 Odin::fail "local part `$l' not reserved" unless $st->rows;
648 sub disable_redir ($$) {
652 my $st = $db->prepare("UPDATE odin_mailredir
653 SET st = 'dormant', expire = -1
654 WHERE lpart = ? AND dom = ? AND
655 owner = ? AND st = 'live'");
657 clear_redir_reservations $db;
659 $st->execute($l, $dom, $WHO);
660 Odin::fail "local part `$l' not live" unless $st->rows;
665 sub modify_redir ($\%@) {
666 my ($dom, $r, @l) = @_;
669 check_fixup_redir $r;
671 clear_redir_reservations $db;
674 my ($recip, $st) = $db->selectrow_array
675 ("SELECT recip, st FROM odin_mailredir
676 WHERE lpart = ? AND dom = ? AND owner = ?", undef,
678 if (!defined $recip) { Odin::fail "unknown local part `$l'"; }
679 elsif ($recip eq "") { $r{recip} //= qualify_recip $WHO; }
680 if ($st ne "live") { $r{st} = "live"; $r{expire} //= -1; }
683 for my $v (keys %r) {
687 @var or fail "nothing to change";
688 $db->do("UPDATE odin_mailredir SET " .
689 join(", ", map { "$_ = ?" } @var) . " " .
690 "WHERE lpart = ? AND dom = ?", undef,
696 ###--------------------------------------------------------------------------
697 ### Simple option parser.
699 package Odin::OptParse;
702 my ($cls, @args) = @_;
713 if (!length $me->{cur}) {
714 my $args = $me->{args};
715 if (!@$args) { return undef; }
716 elsif ($args->[0] =~ /^[^-]|^-$/) { return undef; }
717 elsif ($args->[0] eq "--") { shift @$args; return undef; }
718 $me->{cur} = substr shift @$args, 1;
720 my $o = $me->{opt} = substr $me->{cur}, 0, 1;
721 $me->{cur} = substr $me->{cur}, 1;
728 if (length $me->{cur}) { $a = $me->{cur}; $me->{cur} = ""; }
729 elsif (@{$me->{args}}) { $a = shift @{$me->{args}}; }
730 else { $a = undef; $me->err("option `-$me->{opt}' requires an argument"); }
735 my ($me, $what, $min, $max) = @_;
736 $what //= "option `-$me->{opt}'";
737 defined (my $a = $me->arg) or return undef;
738 if ($a !~ /^[-+]?\d+$/ ||
739 (defined $min && $a < $min) ||
740 (defined $max && $a > $max)) {
741 $me->err("invalid value `$a' for $what");
747 sub rest { return @{$_[0]->{args}}; }
748 sub ok { return $_[0]->{ok}; }
749 sub bad { $_[0]->{ok} = 0; }
750 sub err { $_[0]->bad; print STDERR "$PROG: $_[1]\n"; }
751 sub unk { $_[0]->err("unknown option `-$_[0]->{opt}'"); }
753 ###--------------------------------------------------------------------------
754 ### Parameter objects.
757 sub dflt { return $_[0]->{dflt}; }
759 package Odin::Param::Int;
760 @ISA = qw(Odin::Param);
763 my ($cls, $dflt, $min, $max) = @_;
764 return bless { dflt => $dflt, min => $min, max => $max }, $cls;
770 $v =~ /^[-+]?\d+$/ &&
771 (!defined $me->{min} || $v >= $me->{min}) &&
772 (!defined $me->{max} || $v <= $me->{max});
776 package Odin::Param::Str;
777 @ISA = qw(Odin::Param);
780 my ($cls, $dflt, $rx, $minlen, $maxlen) = @_;
783 rx => defined $rx ? qr/$rx/ : qr//,
793 (!defined $me->{minlen} || length $v >= $me->{minlen}) &&
794 (!defined $me->{maxlen} || length $v <= $me->{maxlen});
798 ###--------------------------------------------------------------------------
803 use Scalar::Util qw(blessed);
809 or open $me->{rand}, "/dev/urandom"
810 or die "open random: $!";
812 my $nb = 1; my $max = 255;
813 while ($lim > $max) { $nb++; $max = ($max << 8) | 255; }
814 my $thresh = $max - ($max%$lim);
817 sysread $me->{rand}, my $b, $nb
818 or die "read random: $!";
820 for (my $i = 0; $i < $nb; $i++)
821 { $r = ($r << 255) | ord substr $b, $i, 1; }
822 return $r%$lim if $r < $thresh;
827 my ($cls, $dom, $param) = @_;
829 for my $p (split /::/, $cls) { $pkg = \%{$pkg->{"${p}::"}}; }
831 my $label = ${$pkg->{LABEL}};
832 my $plist = \@{$pkg->{PARAM}};
833 my $gtmpl = $GENPARAM{$label};
834 my $dtmpl = $MAILDOM_POLICY{$dom}{$label};
837 for my $p (@$plist) {
839 my $t = $dtmpl->{$p} // $gtmpl->{$p};
840 if (blessed $t && $t->isa("Odin::Param")) {
841 if (!exists $param->{$p}) { $param->{$p} = $t->dflt; }
843 my $v = $t->check($param->{$p});
844 Odin::fail "bad value `$param->{$p}' for $label parameter `$p'"
849 if (exists $param->{$p})
850 { Odin::fail "not allowed to set $label parameter `$p'"; }
852 { $param->{$p} = $t; }
855 for my $p (keys %$param) {
856 if (!$pp->{$p}) { Odin::fail "unknown $label parameter `$p'"; }
859 my $me = bless { %$param }, $cls;
864 package Odin::Gen::Chars;
865 @ISA = qw(Odin::Gen);
868 @PARAM = qw(ichars mchars echars len);
870 $GENMAP{chars} = "Odin::Gen::Chars";
872 ichars => Odin::Param::Str->new($ALPHA, $SAFECH, 1, 255),
873 mchars => Odin::Param::Str->new($ALPHA . $NUM, $SAFECH, 2, 255),
874 echars => Odin::Param::Str->new($ALPHA . $NUM, $SAFECH, 2, 255),
875 len => Odin::Param::Int->new(6, 2, 16)
879 my ($me, $chars) = @_;
880 return substr $chars, $me->random(length $chars), 1;
889 if ($n) { $s .= $me->_pick($me->{ichars}); $n--; }
890 while ($n > 1) { $s .= $me->_pick($me->{mchars}); $n--; }
891 if ($n) { $s .= $me->_pick($me->{echars}); $n--; }
892 if ($n) { die "INTERNAL can't count"; }
896 package Odin::Gen::Words;
897 @ISA = qw(Odin::Gen);
900 @PARAM = qw(wordlist delim nwords);
902 $GENMAP{words} = "Odin::Gen::Words";
904 wordlist => "etc/words",
905 delim => Odin::Param::Str->new(".", qr/^[-_.+]*$/, 1, 1),
906 nwords => Odin::Param::Int->new(3, 2, 16)
913 if (!exists $me->{words}) {
914 open my $f, $me->{wordlist} or die "open wordlist: $!";
915 $me->{words} = [grep chomp, <$f>];
916 close $f or die "close/read wordlist: $!";
919 for (my $i = 0; $i < $me->{nwords}; $i++)
920 { push @w, $me->{words}[$me->random(scalar @{$me->{words}})]; }
921 return join $me->{delim}, @w;
924 ###--------------------------------------------------------------------------
925 ### Final configuration.
931 ($SCHEME, $DOMAIN, $BASEPATH) = $BASEURL =~ m!^([^:]+)://([^/]+)(/.*)$!;
932 merge_hash %COOKIE_DEFAULTS, -domain => $DOMAIN, -path => $BASEPATH;
933 merge_hash %COOKIE_DEFAULTS, -secure => undef if $SCHEME eq "https";
935 $MAIL_QUALDOM //= $MAIL_DEFDOMAIN;
937 $SHORTURL = "$BASEURL$SHORTURL_PATH";
938 $PASTEBIN = "$BASEURL$PASTEBIN_PATH";
940 ###----- That's all, folks --------------------------------------------------
~mdw / odin-cgi / blob