gemcap/src/Network/Gemini/Capsule.hs

{-|

Module      : Network.Gemini.Capsule
Description : Gemini capsule stuff
Copyright   : (C) Jonathan Lamothe
License     : AGPL-3.0-or-later
Maintainer  : jonathan@jlamothe.net
Stability   : experimental
Portability : POSIX

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public
License along with this program.  If not, see
<https://www.gnu.org/licenses/>.

-}

{-# LANGUAGE LambdaCase, ScopedTypeVariables #-}

module Network.Gemini.Capsule (
  runGemCapsule
) where

import Control.Concurrent (forkIO)
import Control.Exception (SomeException, try)
import Control.Exception.Base (bracket, finally)
import Control.Monad (void)
import qualified Data.Connection as C
import Data.IORef (IORef, newIORef, readIORef, writeIORef)
import Data.TLSSetting (makeServerParams)
import Data.X509 (Certificate, CertificateChain (..), getSigned, signedObject)
import qualified Network.Socket as S
import Network.TLS (ServerParams, onClientCertificate, serverHooks)
import System.IO.Streams.TCP (bindAndListen)
import System.IO.Streams.TLS (accept)

import Network.Gemini.Capsule.Internal
import Network.Gemini.Capsule.Types

-- | Builds and runs a Gemini capsule
runGemCapsule
  :: GemCapSettings
  -- ^ The capsule settings
  -> GemHandler
  -- ^ The handler
  -> IO a
runGemCapsule settings handler = bracket
  ( bindAndListen
    (capConnections settings)
    (fromIntegral $ capPort settings)
  )
  S.close
  ( \sock -> do
    params <- makeServerParams
      (capCert settings)
      (capCertChain settings)
      (capKey settings)
    listenLoop sock params handler
  )

listenLoop :: S.Socket -> ServerParams -> GemHandler -> IO a
listenLoop sock params handler = do
  certRef <- newIORef Nothing
  let params' = adjustServerParams certRef params
  try (accept params' sock) >>= \case
    Left (_::SomeException) -> return ()
    Right conn            -> void $ forkIO $ finally
      (readIORef certRef >>= runConnection conn handler)
      (C.close conn)
  listenLoop sock params handler

adjustServerParams
  :: IORef (Maybe Certificate)
  -> ServerParams
  -> ServerParams
adjustServerParams certRef params = let
  hooks    = serverHooks params
  certHook = onClientCertificate hooks

  certHook' chain = do
    case chain of
      CertificateChain []     -> return ()
      CertificateChain (se:_) -> do
        let cert = signedObject $ getSigned se
        writeIORef certRef (Just cert)
    certHook chain

  hooks' = hooks { onClientCertificate = certHook' }
  in params { serverHooks = hooks' }

--jl
create Network.GemServ module 2021-10-22 12:49:03 -04:00			`{-\|`

renamed project to gemcap It was brought to my attention that there is a rust package named gemserv. I changed the name to avoid any potential confusion. 2021-11-17 13:15:36 -05:00			`Module : Network.Gemini.Capsule`
			`Description : Gemini capsule stuff`
create Network.GemServ module 2021-10-22 12:49:03 -04:00			`Copyright : (C) Jonathan Lamothe`
			`License : AGPL-3.0-or-later`
			`Maintainer : jonathan@jlamothe.net`
			`Stability : experimental`
			`Portability : POSIX`

			`This program is free software: you can redistribute it and/or modify`
			`it under the terms of the GNU Affero General Public License as`
			`published by the Free Software Foundation, either version 3 of the`
			`License, or (at your option) any later version.`

			`This program is distributed in the hope that it will be useful, but`
			`WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU`
			`Affero General Public License for more details.`

			`You should have received a copy of the GNU Affero General Public`
			`License along with this program. If not, see`
			`<https://www.gnu.org/licenses/>.`

			`-}`

implemented basic logic for readURL 2021-11-18 20:00:52 -05:00			`{-# LANGUAGE LambdaCase, ScopedTypeVariables #-}`
implemented unescapeString 2021-10-24 12:47:37 -04:00
renamed project to gemcap It was brought to my attention that there is a rust package named gemserv. I changed the name to avoid any potential confusion. 2021-11-17 13:15:36 -05:00			`module Network.Gemini.Capsule (`
implemented basic logic for readURL 2021-11-18 20:00:52 -05:00			`runGemCapsule`
implemented encodeRequest Note: this does not yet handle percent-escaped characters 2021-10-22 14:29:15 -04:00			`) where`

implemented more logic for runGemServer 2021-11-05 20:56:15 -04:00			`import Control.Concurrent (forkIO)`
catch any exception `listenLoop` was crashing when the client closed the connection during the handshake. How this doesn't qualify as an `IOException` is beyond me. 2023-01-01 11:36:46 -05:00			`import Control.Exception (SomeException, try)`
implemented runConnection logic 2021-11-10 15:04:00 -05:00			`import Control.Exception.Base (bracket, finally)`
implemented more logic for runGemServer 2021-11-05 20:56:15 -04:00			`import Control.Monad (void)`
implemented runConnection logic 2021-11-10 15:04:00 -05:00			`import qualified Data.Connection as C`
make runConnection take a certificate as a parameter 2021-11-10 14:06:20 -05:00			`import Data.IORef (IORef, newIORef, readIORef, writeIORef)`
implemented more logic for runGemServer 2021-11-05 20:56:15 -04:00			`import Data.TLSSetting (makeServerParams)`
			`import Data.X509 (Certificate, CertificateChain (..), getSigned, signedObject)`
implemented runConnection logic 2021-11-10 15:04:00 -05:00			`import qualified Network.Socket as S`
implemented more logic for runGemServer 2021-11-05 20:56:15 -04:00			`import Network.TLS (ServerParams, onClientCertificate, serverHooks)`
WIP: partially implemented runGemServer 2021-10-28 20:50:20 -04:00			`import System.IO.Streams.TCP (bindAndListen)`
runConnection can now accept any type of Connection 2021-11-13 11:26:15 -05:00			`import System.IO.Streams.TLS (accept)`
implemented encodeRequest Note: this does not yet handle percent-escaped characters 2021-10-22 14:29:15 -04:00
renamed project to gemcap It was brought to my attention that there is a rust package named gemserv. I changed the name to avoid any potential confusion. 2021-11-17 13:15:36 -05:00			`import Network.Gemini.Capsule.Internal`
			`import Network.Gemini.Capsule.Types`
implemented encodeRequest Note: this does not yet handle percent-escaped characters 2021-10-22 14:29:15 -04:00
name changes changed names of certain functions and types to use the term "capsule" instead of "server" 2021-11-17 15:32:39 -05:00			`-- \| Builds and runs a Gemini capsule`
			`runGemCapsule`
			`:: GemCapSettings`
			`-- ^ The capsule settings`
WIP: partially implemented runGemServer 2021-10-28 20:50:20 -04:00			`-> GemHandler`
			`-- ^ The handler`
implemented more logic for runGemServer 2021-11-05 20:56:15 -04:00			`-> IO a`
name changes changed names of certain functions and types to use the term "capsule" instead of "server" 2021-11-17 15:32:39 -05:00			`runGemCapsule settings handler = bracket`
WIP: partially implemented runGemServer 2021-10-28 20:50:20 -04:00			`( bindAndListen`
name changes changed names of certain functions and types to use the term "capsule" instead of "server" 2021-11-17 15:32:39 -05:00			`(capConnections settings)`
			`(fromIntegral $ capPort settings)`
WIP: partially implemented runGemServer 2021-10-28 20:50:20 -04:00			`)`
implemented runConnection logic 2021-11-10 15:04:00 -05:00			`S.close`
implemented more logic for runGemServer 2021-11-05 20:56:15 -04:00			`( \sock -> do`
			`params <- makeServerParams`
name changes changed names of certain functions and types to use the term "capsule" instead of "server" 2021-11-17 15:32:39 -05:00			`(capCert settings)`
			`(capCertChain settings)`
			`(capKey settings)`
implemented more logic for runGemServer 2021-11-05 20:56:15 -04:00			`listenLoop sock params handler`
			`)`
WIP: partially implemented runGemServer 2021-10-28 20:50:20 -04:00
implemented runConnection logic 2021-11-10 15:04:00 -05:00			`listenLoop :: S.Socket -> ServerParams -> GemHandler -> IO a`
implemented more logic for runGemServer 2021-11-05 20:56:15 -04:00			`listenLoop sock params handler = do`
			`certRef <- newIORef Nothing`
			`let params' = adjustServerParams certRef params`
			`try (accept params' sock) >>= \case`
catch any exception `listenLoop` was crashing when the client closed the connection during the handshake. How this doesn't qualify as an `IOException` is beyond me. 2023-01-01 11:36:46 -05:00			`Left (_::SomeException) -> return ()`
implemented basic logic for readURL 2021-11-18 20:00:52 -05:00			`Right conn -> void $ forkIO $ finally`
implemented runConnection logic 2021-11-10 15:04:00 -05:00			`(readIORef certRef >>= runConnection conn handler)`
			`(C.close conn)`
implemented more logic for runGemServer 2021-11-05 20:56:15 -04:00			`listenLoop sock params handler`

			`adjustServerParams`
			`:: IORef (Maybe Certificate)`
			`-> ServerParams`
			`-> ServerParams`
			`adjustServerParams certRef params = let`
			`hooks = serverHooks params`
			`certHook = onClientCertificate hooks`

refactored adjustServerParams 2021-11-12 19:52:09 -05:00			`certHook' chain = do`
			`case chain of`
			`CertificateChain [] -> return ()`
			`CertificateChain (se:_) -> do`
			`let cert = signedObject $ getSigned se`
			`writeIORef certRef (Just cert)`
			`certHook chain`
implemented more logic for runGemServer 2021-11-05 20:56:15 -04:00
			`hooks' = hooks { onClientCertificate = certHook' }`
			`in params { serverHooks = hooks' }`

create Network.GemServ module 2021-10-22 12:49:03 -04:00			`--jl`