Refactor error handling, add socket activation

lf- · lf- · commit f8a6a6b0fc98 · 2020-09-25T03:08:46.000-07:00
Socket activation is necessary to make it easier to use systemd to sandbox this service, since it's basically one big SSRF vector if not sandboxed away from localhost and any local services whatsoever. Also adds a hack per rust-lang/cargo#8075 (comment) so you can run `cargo clippy --features clippy`.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -28,3 +28,7 @@ ical = "0.6.0"
 serde = "1.0.114"
 serde_json = "1.0.55"
 regex = "1.3.9"
+listenfd = "0.3.3"
+
+[features]
+clippy = []
diff --git a/src/filter.rs b/src/filter.rs
@@ -2,13 +2,23 @@ use regex::Regex;
 use serde::de;
 use std::fmt;
 
-type MyError = Box<dyn std::error::Error>;
-
+// this lint is falsely triggering on this, which is *not* interior mutable
+#[allow(clippy::declare_interior_mutable_const)]
 pub const TRUE_FILTER: Filter = Filter {
     invert: false,
     operator: FilterOperator::True,
 };
 
+#[derive(Debug)]
+pub enum FilterErrorKind {
+    MissingColon,
+    OperatorParse,
+    RegexError(regex::Error),
+}
+
+#[derive(Debug)]
+pub struct FilterError(String, FilterErrorKind);
+
 #[derive(Debug)]
 enum FilterOperator {
     Equals(String),
@@ -27,15 +37,15 @@ pub struct Filter {
 
 impl FilterOperator {
     /// Parses a stringified filter operator into a [`FilterOperator`](enum.FilterOperator.html)
-    fn parse(s: &str, content: String) -> Result<FilterOperator, MyError> {
+    fn parse(s: &str, content: String) -> Result<FilterOperator, FilterError> {
         match s {
             "equals" => Ok(FilterOperator::Equals(content)),
             "startsWith" => Ok(FilterOperator::StartsWith(content)),
             "endsWith" => Ok(FilterOperator::EndsWith(content)),
             "contains" => Ok(FilterOperator::Contains(content)),
             "true" => Ok(FilterOperator::True),
-            "regex" => Ok(FilterOperator::Regex(Regex::new(&content)?)),
-            _ => Err("unknown filter operator; options are equals, startsWith, endsWith, contains, true, regex".into()),
+            "regex" => Ok(FilterOperator::Regex(Regex::new(&content).map_err(|e| FilterError(content, FilterErrorKind::RegexError(e)))?)),
+            _ => Err(FilterError("unknown filter operator; options are equals, startsWith, endsWith, contains, true, regex".to_owned(), FilterErrorKind::OperatorParse)),
         }
     }
 
@@ -55,11 +65,13 @@ impl FilterOperator {
 
 impl Filter {
     /// Parses a filter into a Filter struct.
-    fn parse(s: &str) -> Result<Filter, MyError> {
+    fn parse(s: &str) -> Result<Filter, FilterError> {
         let invert = s.starts_with('!');
         let s = if invert { &s[1..] } else { s };
 
-        let colon = s.find(":").ok_or_else(|| "missing colon in filter")?;
+        let colon = s
+            .find(':')
+            .ok_or_else(|| FilterError(s.to_owned(), FilterErrorKind::MissingColon))?;
         let (operator, text) = s.split_at(colon);
         // chop off colon
         let text = &text[1..];
@@ -98,8 +110,8 @@ where
             E: de::Error,
         {
             let mut filters = Vec::new();
-            for filt in v.split("~") {
-                let parsed = Filter::parse(filt).map_err(E::custom)?;
+            for filt in v.split('~') {
+                let parsed = Filter::parse(filt).map_err(|e| E::custom(format!("{:?}", e)))?;
                 filters.push(parsed);
             }
 
diff --git a/src/main.rs b/src/main.rs
@@ -10,6 +10,7 @@ use actix_web::{
 use chrono::{DateTime, Utc};
 use chrono_tz::{Tz, UTC};
 use filter::Filter;
+use listenfd::ListenFd;
 use serde::{Deserialize, Serialize};
 
 pub mod env;
@@ -53,7 +54,7 @@ impl std::convert::From<Event> for ics::Event<'_> {
 
 async fn compute_events<'a>(
     url: &str,
-    filters: &'a Vec<Filter>,
+    filters: &'a [Filter],
 ) -> Result<impl Iterator<Item = Result<impl Iterator<Item = Result<Event>> + 'a>>> {
     let calendars = upstream::get_calendars(url).await?;
 
@@ -126,7 +127,7 @@ async fn compute_events<'a>(
     }))
 }
 
-async fn collect_events(url: &str, filters: &Vec<Filter>) -> Result<Vec<Event>> {
+async fn collect_events(url: &str, filters: &[Filter]) -> Result<Vec<Event>> {
     let iter = compute_events(url, filters).await?;
 
     let mut res = Vec::new();
@@ -186,17 +187,22 @@ async fn main() -> std::io::Result<()> {
 
     let configuration = env::get_conf().unwrap();
     let socketaddr = configuration.socketaddr;
+    let mut listenfd = ListenFd::from_env();
 
-    HttpServer::new(move || {
+    let server = HttpServer::new(move || {
         let configuration = configuration.clone();
 
         App::new()
             .wrap(Logger::default())
             .data(configuration)
             .service(web::resource("/v1/json").to(get_json))
             .service(web::resource("/v1/ical").to(get_ical))
-    })
-    .bind(socketaddr)?
-    .run()
-    .await
+    });
+
+    let server = if let Some(listener) = listenfd.take_tcp_listener(0)? {
+        server.listen(listener)?
+    } else {
+        server.bind(socketaddr)?
+    };
+    server.run().await
 }
