7 use Digest::SHA qw(sha256_hex);
11 ###--------------------------------------------------------------------------
14 sub merge_hash (\%%) {
15 my ($hashref, %defaults) = @_;
16 for my $k (keys %defaults)
17 { $hashref->{$k} = $defaults{$k} unless exists $hashref->{$k}; }
20 ###--------------------------------------------------------------------------
23 our $DSN = "dbi:Pg(pg_enable_utf8=>1):host=db";
25 our @BACKOFF = (0.1, 10, 1.5, 0.5, 2.0);
27 our $BASEURL = "http://odin.gg/";
28 our $STATIC = "http://odin.gg/";
30 our $SHORTURL_PATH = "u";
31 our $PASTEBIN_PATH = "p";
33 our $URLMAXLEN = 1024;
38 our $PASTEMAXLEN = 1024*1024;
40 our %COOKIE_DEFAULTS = (
45 our $ALPHA = "abcdefghijklmnopqrstuvwxyz";
46 our $NUM = "0123456789";
47 our $SAFECH = qr/^[-\w_.+]*$/;
51 our %MAILDOM_POLICY = ();
54 our @MAIL_DEFGEN = "chars";
55 our $MAIL_MAXGENTRY = 32;
57 our $MAIL_DEFDOMAIN = "odin.gg";
58 our $MAIL_ADDRMAX_LIVE = 16384;
59 our $MAIL_ADDRMAX_RESV = 32;
60 our $MAIL_AGEMAX_RESV = 3600;
62 our ($SCHEME, $DOMAIN, $BASEPATH);
63 our ($SHORTURL, $PASTEBIN);
65 ###--------------------------------------------------------------------------
66 ### Miscellaneous utilities.
69 sub update_now () { $NOW = time; }
72 (our $PROG = $0) =~ s:^.*/::;
74 sub fail_cmdline ($$%) {
75 my ($msg, $label, %args) = @_;
76 print STDERR "$PROG: $msg\n";
80 our $FAILPROC = \&fail_cmdline;
83 my ($msg, $label, %args) = @_;
84 $FAILPROC->($msg, $label, %args);
87 sub set_mason_failproc ($) {
90 my ($msg, $label, %args) = @_;
92 $m->comp($label, %args);
105 "s" => 1, "m" => 60, "h" => 3600,
106 "d" => 86400, "w" => 604800
110 return undef unless defined $date;
111 if ($date =~ /^\+\s*(\d+)\s*([smhdw]?)\s*$/)
112 { return $NOW + $1 * $TIMEUNIT{$2}; }
113 my $t = str2time($date);
114 defined $t or Odin::fail "invalid time `$date'";
118 sub print_columns (@) {
119 my @col = reverse @_;
122 while (@col && $col[1] eq "") { splice @col, 0, 2; }
123 my ($wd, $v) = splice @col, 0, 2;
124 push @fmt, "%s"; push @val, $v;
126 my ($wd, $v) = splice @col, 0, 2;
127 push @fmt, "%-${wd}s";
130 printf join(" ", reverse @fmt) . "\n", reverse @val;
135 return $t == -1 ? "--" : strftime "%Y-%m-%d %H:%M:%S %z", localtime $t;
138 ###--------------------------------------------------------------------------
139 ### Database utilities.
143 my $db = DBI->connect_cached($DSN, undef, undef, {
149 my $drv = $db->{Driver}{Name};
151 $db->{private_odin_retry_p} = sub { $db->state =~ /^40[0P]01$/ };
152 } elsif ($drv eq "SQLite") {
153 $db->{private_odin_retry_p} = sub { $db->err == 5 };
155 $db->{private_odin_retry_p} = sub { 0 };
162 my ($body, $db) = @_;
166 my ($sleep, $maxsleep, $mult, $minvar, $maxvar) = @BACKOFF;
167 for (my $i = 0; $i < $RETRY; $i++) {
169 eval { @rv = $body->(); $db->commit; };
171 return @rv unless $exc;
172 my $retryp = $db->{private_odin_retry_p}();
173 eval { $db->rollback; };
174 die $exc unless $retryp;
175 my $t = $sleep * ($minvar + rand($maxvar - $minvar));
176 $sleep *= $mult; $sleep = $max if $sleep > $max;
177 select undef, undef, undef, $t;
182 sub insert_record ($$%) {
183 my ($db, $table, %fields) = @_;
187 for my $v (keys %fields) {
189 push @val, $fields{$v};
191 $db->do("INSERT INTO $table (" . join(", ", @var) . ")
192 VALUES (" . join(", ", map { "?" } @var) . ")", undef, @val);
195 ###--------------------------------------------------------------------------
196 ### Sequence numbers and tagging.
199 my ($db, $table) = @_;
200 my ($seq) = $db->selectrow_array("SELECT seq FROM $table");
201 die "no sequence number in $table" unless defined $seq;
202 $db->do("UPDATE $table SET seq = ?", undef, $seq + 1);
207 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
208 my $NALPHA = length $ALPHABET;
214 $tag .= substr($ALPHABET, $seq % $NALPHA, 1);
215 $seq = int $seq/$NALPHA;
220 ###--------------------------------------------------------------------------
224 sub fetch_cookies ($) {
228 my $cookies = $r->header_in("Cookie");
229 if (defined $cookies) {
230 for my $kv (split /;/, $cookies) {
231 my ($k, $v) = split /=/, $kv, 2;
232 $k =~ s/^\s*(|\S|\S.*\S)\s*$/$1/;
233 $v =~ s/^\s*(|\S|\S.*\S)\s*$/$1/;
235 $v =~ s/\%([0-9a-f][0-9a-f])/chr hex $1/eg;
241 sub bake_cookie ($$%) {
242 my ($r, $cookie, %attr) = @_;
243 merge_hash %attr, %COOKIE_DEFAULTS;
245 my $v = $attr{$_}; tr/_-/-/d;
246 defined $v ? "$_=$v" : $_
248 $r->headers_out->add("Set-Cookie", join "; ", $cookie, @attr);
253 return $ENV{PATH_INFO} // $r->path_info;
256 ###--------------------------------------------------------------------------
259 sub escapify ($$;$) {
260 my ($m, $s, $mode) = @_;
261 return $m->interp->apply_escapes($s, $mode // "h");
264 ###--------------------------------------------------------------------------
267 our ($WHO, $WHOSURE);
268 our ($WHOMATCH, $WHOCMP, $WHOPAT);
272 my $raddr = $ENV{REMOTE_ADDR} // $r->connection->remote_ip;
273 $WHO = ":NET-$raddr"; $WHOSURE = 0;
274 $WHOMATCH = "LIKE"; $WHOCMP = ":NET-\%"; $WHOPAT = qr/^:NET-/;
278 $WHO = $ENV{USERV_USER}
279 // ($< == $> && $ENV{USER})
280 // @{[getpwuid $<]}[0]
281 // die "nameless user";
282 $WHOMATCH = "="; $WHOCMP = $WHO; $WHOPAT = qr/^\Q$WHO\E$/;
287 open my $fh, "/dev/urandom" or die "open urandom: $!";
288 sysread $fh, my $rand, 16;
289 (my $edit = encode_base64 $rand) =~ tr:+/=\n:.-:d;
290 return $edit, sha256_hex $edit;
293 ###--------------------------------------------------------------------------
296 sub get_shorturl ($) {
300 my ($url) = $db->selectrow_array
301 ("SELECT url FROM odin_shorturl WHERE tag = ?", undef, $tag);
302 fail "tag `$tag' not found", ".notfound", tag => $tag unless defined $url;
306 sub valid_url_p ($) {
309 length $url < $URLMAXLEN &&
310 scalar grep { $url =~ /$_/ } @URLPAT;
313 sub new_shorturl ($) {
316 valid_url_p $url or fail "invalid url", ".badurl", u => $url;
321 ($tag) = $db->selectrow_array
322 ("SELECT tag FROM odin_shorturl WHERE owner $WHOMATCH ? AND url = ?",
323 undef, $WHOCMP, $url);
324 unless (defined $tag) {
325 $tag = encode_tag(next_seq($db, "odin_shorturl_seq"));
326 insert_record $db, "odin_shorturl",
327 tag => $tag, stamp => $NOW, owner => $WHO, url => $url;
333 sub check_shorturl_owner ($$) {
336 my ($owner) = $db->selectrow_array
337 ("SELECT owner FROM odin_shorturl WHERE tag = ?", undef, $tag);
338 fail "tag `$tag' not found", ".notfound", tag => $tag
339 unless defined $owner;
340 fail "not owner of `$tag'", ".notowner", tag => $tag
341 unless $owner =~ /$WHOPAT/;
344 sub update_shorturl ($$) {
345 my ($tag, $url) = @_;
349 check_shorturl_owner $db, $tag;
350 $db->do("UPDATE odin_shorturl SET url = ? WHERE tag = ?",
355 sub delete_shorturl (@) {
360 for my $tag (@tags) {
361 check_shorturl_owner $db, $tag;
362 $db->do("DELETE FROM odin_shorturl WHERE tag = ?", undef, $tag);
367 ###--------------------------------------------------------------------------
370 our %PASTEBIN_DEFAULTS = (
371 title => "(untitled)",
375 our @PASTEBIN_PROPS = keys %PASTEBIN_DEFAULTS;
376 our $PASTEBIN_PROPCOLS = join ", ", @PASTEBIN_PROPS;
377 our $PASTEBIN_PROPPLACES = join ", ", map "?", @PASTEBIN_PROPS;
379 sub new_pastebin (\%) {
383 my ($editkey, $hash) = new_editkey;
386 merge_hash %$new, %PASTEBIN_DEFAULTS;
388 $tag = encode_tag next_seq $db, "odin_pastebin_seq";
389 insert_record $db, "odin_pastebin",
390 tag => $tag, stamp => $NOW, edithash => $hash, owner => $WHO,
393 return $tag, $editkey;
396 sub get_pastebin ($$\%) {
397 my ($db, $tag, $props) = @_;
399 (my $owner, my $hash, @{$props}{@PASTEBIN_PROPS}) =
400 $db->selectrow_array("SELECT owner, edithash, $PASTEBIN_PROPCOLS
401 FROM odin_pastebin WHERE tag = ?",
403 fail "tag `$tag' not found", ".notfound", tag => $tag
404 unless defined $owner;
405 return $owner, $hash;
408 sub get_pastebin_check_owner ($$\%) {
409 my ($db, $tag, $props) = @_;
411 my ($owner, $hash) = get_pastebin $db, $tag, %$props;
412 fail "not owner of `$tag'", ".notowner", tag => $tag
413 unless $WHOSURE && $WHO eq $owner;
416 sub get_pastebin_check_editkey_or_owner ($$$\%) {
417 my ($db, $tag, $editkey, $props) = @_;
419 if (!defined $editkey) { get_pastebin_check_owner $db, $tag, %$props; }
421 my ($owner, $hash) = get_pastebin $db, $tag, %$props;
422 fail "incorrect edit key for `$tag'", ".badhash", tag => $tag
423 unless $hash eq sha256_hex $editkey;
427 sub rekey_pastebin ($) {
433 get_pastebin_check_owner $db, $tag, my %hunoz;
434 ($editkey, my $hash) = new_editkey;
435 $db->do("UPDATE odin_pastebin SET edithash = ? WHERE tag = ?",
441 sub claim_pastebin ($$) {
442 my ($tag, $editkey) = @_;
445 $WHOSURE or fail "you can't claim pastes", ".notsure";
447 get_pastebin_check_editkey_or_owner $db, $tag, $editkey, my %hunoz;
448 $db->do("UPDATE odin_pastebin SET owner = ? WHERE tag = ?",
453 sub update_pastebin ($$\%) {
454 my ($tag, $editkey, $new) = @_;
459 get_pastebin_check_editkey_or_owner $db, $tag, $editkey, my %old;
460 for my $p (@PASTEBIN_PROPS) {
461 if (!defined $new->{$p}) { $new->{$p} = $old{$p}; }
463 $db->do("UPDATE odin_pastebin SET $p = ? WHERE tag = ?",
464 undef, $new->{$p}, $tag)
465 unless $new->{$p} eq $old{$p};
473 sub delete_pastebin (@) {
478 (my $tag, my $editkey, @a) = @a;
479 get_pastebin_check_editkey_or_owner $db, $tag, $editkey, my %hunoz;
480 $db->do("DELETE FROM odin_pastebin WHERE tag = ?", undef, $tag);
485 sub tidy_pastebin_content ($) {
487 return undef unless defined $content;
488 $content =~ tr/\r//d;
489 $content =~ s/([^\n])\z/$1\n/;
490 length $content <= $PASTEMAXLEN or
491 fail "invalid paste content", ".badpaste";
495 ###--------------------------------------------------------------------------
496 ### Mail redirection utilities.
498 sub redir_query ($$$;$@) {
499 my ($db, $dom, $owner, $cond, @args) = @_;
500 return @{$db->selectall_arrayref
501 ("SELECT lpart, expire, recip, comment
502 FROM odin_mailredir WHERE dom = ? AND owner = ?" .
503 (defined $cond ? " AND $cond" : "") . " " .
504 "ORDER BY expire", undef, $dom, $owner, @args)};
507 sub clear_redir_reservations ($) {
509 $db->do("DELETE FROM odin_mailredir WHERE
510 st = 'reserved' AND expire < ?", undef,
512 $db->do("UPDATE odin_mailredir SET st = 'dormant', expire = -1
513 WHERE st = 'live' AND expire <> -1 AND expire < ?", undef, $NOW);
516 sub check_redir_limits ($) {
518 my %h = map { $_->[0] => $_->[1] }
519 @{ $db->selectall_arrayref("SELECT st, COUNT(*) FROM odin_mailredir
520 WHERE owner = ? GROUP BY st", undef,
522 for my $st (qw(live dormant reserved)) { $h{$st} //= 0; }
523 $h{live} + $h{dormant} + $h{reserved} <= $MAIL_ADDRMAX_LIVE or
524 Odin::fail "too many addresses claimed (see your sysadmin)";
525 $h{reserved} <= $MAIL_ADDRMAX_RESV or
526 Odin::fail "too many addresses reserved (time to release some)";
531 return $GENMAP{$g} // die "configuration error: no generator class `$g'";
534 sub default_generator_class ($) {
537 my $g = $MAILDOM_POLICY{$dom}{gen}[0] // $MAIL_DEFGEN[0];
541 sub get_generator_class ($$) {
544 grep { $_ eq $g } @{$MAILDOM_POLICY{$dom}{gen} // \@MAIL_DEFGEN}
545 or fail "domain `$dom' doesn't allow generator `$g'";
549 sub gen_redir_name ($$) {
552 for (my $try = 0; $try < $MAIL_MAXGENTRY; $try++) {
555 unless $db->selectrow_arrayref
556 ("SELECT 1 FROM odin_mailredir WHERE lpart = ? AND dom = ?",
559 Odin::fail "failed to find unique local part";
562 sub qualify_recip ($) {
565 return $r =~ /\@/ || !defined $MAIL_QUALDOM ? $r : "$r\@$MAIL_QUALDOM";
568 sub check_fixup_redir ($) {
571 if (exists $r->{recip}) {
572 $r->{recip} =~ /^[!-~]+$/ or fail "invalid recipient name `$r->{recip}'";
573 $r->{recip} = qualify_recip $r->{recip};
577 sub new_redir ($$\%) {
578 my ($dom, $gen, $r) = @_;
582 check_fixup_redir $r;
584 clear_redir_reservations $db;
585 $l = Odin::gen_redir_name $db, $gen;
586 insert_record $db, "odin_mailredir",
587 lpart => $l, dom => $dom, owner => $WHO, st => 'live',
588 recip => $r->{recip} // qualify_recip $Odin::WHO,
589 expire => $r->{expire} // -1,
590 comment => $r->{comment} // "";
591 check_redir_limits $db;
596 sub reserve_redir ($$$) {
597 my ($dom, $gen, $n) = @_;
602 clear_redir_reservations $db;
604 for (my $i = 0; $i < $n; $i++) { push @l, gen_redir_name $db, $gen; }
606 insert_record $db, "odin_mailredir",
607 lpart => $l, dom => $dom, owner => $WHO,
608 st => 'reserved', expire => $NOW + $MAIL_AGEMAX_RESV;
610 check_redir_limits $db;
615 sub release_all_redir ($) {
619 my $st = $db->prepare("DELETE FROM odin_mailredir
620 WHERE dom = ? AND owner = ? AND st = 'reserved'");
622 $st->execute($dom, $WHO);
623 $st->rows or Odin::fail "no reserved addresses";
627 sub release_redir ($@) {
631 my $st = $db->prepare("DELETE FROM odin_mailredir
632 WHERE lpart = ? AND dom = ? AND
633 owner = ? AND st = 'reserved'");
635 clear_redir_reservations $db;
637 $st->execute($l, $dom, $WHO);
638 Odin::fail "local part `$l' not reserved" unless $st->rows;
643 sub disable_redir ($$) {
647 my $st = $db->prepare("UPDATE odin_mailredir
648 SET st = 'dormant', expire = -1
649 WHERE lpart = ? AND dom = ? AND
650 owner = ? AND st = 'live'");
652 clear_redir_reservations $db;
654 $st->execute($l, $dom, $WHO);
655 Odin::fail "local part `$l' not live" unless $st->rows;
660 sub modify_redir ($$\%) {
661 my ($dom, $l, $r) = @_;
664 check_fixup_redir $r;
666 clear_redir_reservations $db;
667 my ($recip, $st) = $db->selectrow_array
668 ("SELECT recip, st FROM odin_mailredir
669 WHERE lpart = ? AND dom = ? AND owner = ?", undef,
671 if (!defined $recip) { Odin::fail "unknown local part `$l'"; }
672 elsif ($recip eq "") { $r->{recip} //= qualify_recip $WHO; }
673 if ($st ne "live") { $r->{st} = "live"; $r->{expire} //= -1; }
676 for my $v (keys %$r) {
680 @var or fail "nothing to change";
681 $db->do("UPDATE odin_mailredir SET " .
682 join(", ", map { "$_ = ?" } @var) . " " .
683 "WHERE lpart = ? AND dom = ?", undef,
688 ###--------------------------------------------------------------------------
689 ### Simple option parser.
691 package Odin::OptParse;
694 my ($cls, @args) = @_;
705 if (!length $me->{cur}) {
706 my $args = $me->{args};
707 if (!@$args) { return undef; }
708 elsif ($args->[0] =~ /^[^-]|^-$/) { return undef; }
709 elsif ($args->[0] eq "--") { shift @$args; return undef; }
710 $me->{cur} = substr shift @$args, 1;
712 my $o = $me->{opt} = substr $me->{cur}, 0, 1;
713 $me->{cur} = substr $me->{cur}, 1;
720 if (length $me->{cur}) { $a = $me->{cur}; $me->{cur} = ""; }
721 elsif (@{$me->{args}}) { $a = shift @{$me->{args}}; }
722 else { $a = undef; $me->err("option `-$me->{opt}' requires an argument"); }
727 my ($me, $what, $min, $max) = @_;
728 $what //= "option `-$me->{opt}'";
729 defined (my $a = $me->arg) or return undef;
730 if ($a !~ /^[-+]?\d+$/ ||
731 (defined $min && $a < $min) ||
732 (defined $max && $a > $max)) {
733 $me->err("invalid value `$a' for $what");
739 sub rest { return @{$_[0]->{args}}; }
740 sub ok { return $_[0]->{ok}; }
741 sub bad { $_[0]->{ok} = 0; }
742 sub err { $_[0]->bad; print STDERR "$PROG: $_[1]\n"; }
743 sub unk { $_[0]->err("unknown option `-$_[0]->{opt}'"); }
745 ###--------------------------------------------------------------------------
746 ### Parameter objects.
749 sub dflt { return $_[0]->{dflt}; }
751 package Odin::Param::Int;
752 @ISA = qw(Odin::Param);
755 my ($cls, $dflt, $min, $max) = @_;
756 return bless { dflt => $dflt, min => $min, max => $max }, $cls;
762 $v =~ /^[-+]?\d+$/ &&
763 (!defined $me->{min} || $v >= $me->{min}) &&
764 (!defined $me->{max} || $v <= $me->{max});
768 package Odin::Param::Str;
769 @ISA = qw(Odin::Param);
772 my ($cls, $dflt, $rx, $minlen, $maxlen) = @_;
775 rx => defined $rx ? qr/$rx/ : qr//,
785 (!defined $me->{minlen} || length $v >= $me->{minlen}) &&
786 (!defined $me->{maxlen} || length $v <= $me->{maxlen});
790 ###--------------------------------------------------------------------------
795 use Scalar::Util qw(blessed);
801 or open $me->{rand}, "/dev/urandom"
802 or die "open random: $!";
804 my $nb = 1; my $max = 255;
805 while ($lim > $max) { $nb++; $max = ($max << 8) | 255; }
806 my $thresh = $max - ($max%$lim);
809 sysread $me->{rand}, my $b, $nb
810 or die "read random: $!";
812 for (my $i = 0; $i < $nb; $i++)
813 { $r = ($r << 255) | ord substr $b, $i, 1; }
814 return $r%$lim if $r < $thresh;
819 my ($cls, $dom, $param) = @_;
821 for my $p (split /::/, $cls) { $pkg = \%{$pkg->{"${p}::"}}; }
823 my $label = ${$pkg->{LABEL}};
824 my $plist = \@{$pkg->{PARAM}};
825 my $gtmpl = $GENPARAM{$label};
826 my $dtmpl = $MAILDOM_POLICY{$dom}{$label};
829 for my $p (@$plist) {
831 my $t = $dtmpl->{$p} // $gtmpl->{$p};
832 if (blessed $t && $t->isa("Odin::Param")) {
833 if (!exists $param->{$p}) { $param->{$p} = $t->dflt; }
835 my $v = $t->check($param->{$p});
836 Odin::fail "bad value `$param->{$p}' for $label parameter `$p'"
841 if (exists $param->{$p})
842 { Odin::fail "not allowed to set $label parameter `$p'"; }
844 { $param->{$p} = $t; }
847 for my $p (keys %$param) {
848 if (!$pp->{$p}) { Odin::fail "unknown $label parameter `$p'"; }
851 my $me = bless { %$param }, $cls;
856 package Odin::Gen::Chars;
857 @ISA = qw(Odin::Gen);
860 @PARAM = qw(ichars mchars echars len);
862 $GENMAP{chars} = "Odin::Gen::Chars";
864 ichars => Odin::Param::Str->new($ALPHA, $SAFECH, 1, 255),
865 mchars => Odin::Param::Str->new($ALPHA . $NUM, $SAFECH, 2, 255),
866 echars => Odin::Param::Str->new($ALPHA . $NUM, $SAFECH, 2, 255),
867 len => Odin::Param::Int->new(6, 2, 16)
871 my ($me, $chars) = @_;
872 return substr $chars, $me->random(length $chars), 1;
881 if ($n) { $s .= $me->_pick($me->{ichars}); $n--; }
882 while ($n > 1) { $s .= $me->_pick($me->{mchars}); $n--; }
883 if ($n) { $s .= $me->_pick($me->{echars}); $n--; }
884 if ($n) { die "INTERNAL can't count"; }
888 package Odin::Gen::Words;
889 @ISA = qw(Odin::Gen);
892 @PARAM = qw(wordlist delim nwords);
894 $GENMAP{words} = "Odin::Gen::Words";
896 wordlist => "etc/words",
897 delim => Odin::Param::Str->new(".", qr/^[-_.+]*$/, 1, 1),
898 nwords => Odin::Param::Int->new(3, 2, 16)
905 if (!exists $me->{words}) {
906 open my $f, $me->{wordlist} or die "open wordlist: $!";
907 $me->{words} = [grep chomp, <$f>];
908 close $f or die "close/read wordlist: $!";
911 for (my $i = 0; $i < $me->{nwords}; $i++)
912 { push @w, $me->{words}[$me->random(scalar @{$me->{words}})]; }
913 return join $me->{delim}, @w;
916 ###--------------------------------------------------------------------------
917 ### Final configuration.
923 ($SCHEME, $DOMAIN, $BASEPATH) = $BASEURL =~ m!^([^:]+)://([^/]+)(/.*)$!;
924 merge_hash %COOKIE_DEFAULTS, -domain => $DOMAIN, -path => $BASEPATH;
925 merge_hash %COOKIE_DEFAULTS, -secure => undef if $SCHEME eq "https";
927 $MAIL_QUALDOM //= $MAIL_DEFDOMAIN;
929 $SHORTURL = "$BASEURL$SHORTURL_PATH";
930 $PASTEBIN = "$BASEURL$PASTEBIN_PATH";
932 ###----- That's all, folks --------------------------------------------------
~mdw / odin-cgi / blob