"GOT", but the "O" is a cute, smiling pufferfish. Index | Thread | Search

From:
Stefan Sperling <stsp@stsp.name>
Subject:
gotwebd.conf global address settings
To:
gameoftrees@openbsd.org
Date:
Sat, 20 Aug 2022 05:49:04 +0200

Download raw body.

Thread
It doesn't seem useful to me to have socket configuration data in
the global gotwebd context. These settings should be per-server,
with implicit defaults if not specified.

With the patch below, the only remaining global config items in
gotwebd.conf are the pre-fork count and the chroot directory path.

This means admins may have to specify addresses redundantly.
The following syntax no longer works:

  fcgi_socket yes
  listen on 127.0.0.1
  port 9999
  server foo { }
  server bar { }

Instead, the above would now need to be written as:

  server foo {
    fcgi_socket yes
    listen on 127.0.0.1
    port 9999
  }
  server bar {
    fcgi_socket yes
    listen on 127.0.0.1
    port 9999
  }

Which seems better to me because it is much easier to understand.
And listing IPs per server instance makes it less likely that a server
instance would accidentally be exposed via the wrong IP address.

Going forward, I think we should be able to remove the 'fcgi_socket'
toggle, and set this toggle implicitly when a "listen on" statement
appears. But that is left for a later patch.

ok?

diff 026ac2c462910064c5c9143a96b17a920e6bbc58 6d22ddcbe3fad88cb86835fb75bb5e83511c81dd
commit - 026ac2c462910064c5c9143a96b17a920e6bbc58
commit + 6d22ddcbe3fad88cb86835fb75bb5e83511c81dd
blob - 4a98f544d07275e73edfe3df1b42a22bc24af9c0
blob + f9c4cfd4e7cf5b57181a4e04590cfc540f2cf5aa
--- gotwebd/gotwebd.h
+++ gotwebd/gotwebd.h
@@ -333,13 +333,6 @@ struct gotwebd {
 	int		 server_cnt;
 
 	char		 httpd_chroot[PATH_MAX];
-
-	int		 unix_socket;
-	char		 unix_socket_name[PATH_MAX];
-
-	int		 fcgi_socket;
-	char		 fcgi_socket_bind[GOTWEBD_MAXTEXT];
-	in_port_t	 fcgi_socket_port;
 };
 
 struct querystring {
blob - 601286fd54eb92e666ed42a52b7d7a851eb91940
blob + 5e0cace3988998b75c7ea3fce9383982b42a2465
--- gotwebd/parse.y
+++ gotwebd/parse.y
@@ -188,29 +188,6 @@ main		: PREFORK NUMBER {
 			}
 			free($2);
 		}
-		| FCGI_SOCKET boolean {
-			gotwebd->fcgi_socket = $2;
-		}
-		| FCGI_SOCKET boolean  {
-			gotwebd->fcgi_socket = $2;
-		} '{' optnl socketopts4 '}'
-		| UNIX_SOCKET boolean {
-			gotwebd->unix_socket = $2;
-		}
-		| UNIX_SOCKET_NAME STRING {
-			n = snprintf(gotwebd->unix_socket_name,
-			    sizeof(gotwebd->unix_socket_name), "%s%s",
-			    strlen(gotwebd->httpd_chroot) ?
-			    gotwebd->httpd_chroot : D_HTTPD_CHROOT, $2);
-			if (n < 0 ||
-			    (size_t)n >= sizeof(gotwebd->unix_socket_name)) {
-				yyerror("%s: unix_socket_name truncated",
-				    __func__);
-				free($2);
-				YYERROR;
-			}
-			free($2);
-		}
 		;
 
 server		: SERVER STRING {
@@ -414,26 +391,6 @@ socketopts2	: socketopts2 socketopts1 nl
 		| socketopts1 optnl
 		;
 
-socketopts3	: LISTEN ON STRING {
-			n = strlcpy(gotwebd->fcgi_socket_bind, $3,
-			    sizeof(gotwebd->fcgi_socket_bind));
-			if (n >= sizeof(gotwebd->fcgi_socket_bind)) {
-				yyerror("%s: fcgi_socket_bind truncated",
-				    __func__);
-				free($3);
-				YYERROR;
-			}
-			free($3);
-		}
-		| PORT fcgiport {
-			gotwebd->fcgi_socket_port = $2;
-		}
-		;
-
-socketopts4	: socketopts4 socketopts3 nl
-		| socketopts3 optnl
-		;
-
 nl		: '\n' optnl
 		;
 
@@ -879,7 +836,6 @@ struct server *
 conf_new_server(const char *name)
 {
 	struct server *srv = NULL;
-	int val;
 
 	srv = calloc(1, sizeof(*srv));
 	if (srv == NULL)
@@ -920,9 +876,7 @@ conf_new_server(const char *name)
 	if (n >= sizeof(srv->custom_css))
 		fatalx("%s: strlcpy", __func__);
 
-	val = getservice(D_FCGI_PORT);
-	srv->fcgi_socket_port = gotwebd->fcgi_socket_port ?
-	    gotwebd->fcgi_socket_port: val;
+	srv->fcgi_socket_port = getservice(D_FCGI_PORT);
 
 	srv->show_site_owner = D_SHOWSOWNER;
 	srv->show_repo_owner = D_SHOWROWNER;
@@ -934,8 +888,9 @@ conf_new_server(const char *name)
 	srv->max_commits_display = D_MAXCOMMITDISP;
 	srv->max_repos = D_MAXREPO;
 
+	/* Unix socket is the default. */
 	srv->unix_socket = 1;
-	srv->fcgi_socket = gotwebd->fcgi_socket ? gotwebd->fcgi_socket : 0;
+	srv->fcgi_socket = 0;
 
 	TAILQ_INIT(&srv->al);
 	TAILQ_INSERT_TAIL(&gotwebd->servers, srv, entry);