ascii-chat Server Mode Entry Point Header More...
Data Structures
struct	server_context_t
	Server context - encapsulates all server state. More...
Typedefs
typedef struct server_context_t	server_context_t
	Server context - encapsulates all server state.
Functions
int	server_main (void)
	Server mode entry point for unified binary.
Variables
rate_limiter_t *	g_rate_limiter
	Global connection rate limiter.
Detailed Description

ascii-chat Server Mode Entry Point Header
This header exposes the server mode entry point for the unified binary architecture. The unified binary dispatches to server_main() when invoked as ascii-chat server.
Unified Binary Architecture

The ascii-chat application uses a single binary with multiple operating modes:
ascii-chat server - Run as server (multi-client connection manager)
ascii-chat client - Run as client (connects to server, streams video/audio)
This design provides several benefits:
Simplified distribution (single binary to install)
Reduced disk space (shared library code)
Easier testing (one binary to build and deploy)
Consistent versioning across modes
Mode Entry Point Contract

Each mode entry point (server_main, client_main) must:
Accept no arguments: int mode_main(void)
Options are already parsed by main dispatcher (available via global opt_* variables)
Return 0 on success, non-zero error code on failure
Perform mode-specific initialization and main loop
Perform complete cleanup before returning
Implementation Notes

The server_main() function is the original main() from src/server/main.c, adapted to the new dispatcher pattern. Common initialization (options parsing, logging setup, lock debugging) now happens in src/main.c before dispatch.
Author: Zachary Fogg me@zf.nosp@m.o.gg
Date: 2025
Version: 2.0
Definition in file server/main.h.
Function Documentation

◆ server_main()

int server_main ( void )
Server mode entry point for unified binary.
This function implements the complete server lifecycle including:
Server-specific initialization (crypto, shutdown callback)
Network socket setup and binding
Main connection accept loop
Client lifecycle management
Graceful shutdown and cleanup
Options are already parsed by the main dispatcher before this function is called, so they are available via global opt_* variables.
Returns: 0 on success, non-zero error code on failure
Example: # Invoked by dispatcher after options are parsed:

ascii-chat server --port 8080

# Options parsed in main.c, then server_main() called
Definition at line 1160 of file server/main.c.
                      {
  // Common initialization (options, logging, lock debugging) now happens in main.c before dispatch
  // This function focuses on server-specific initialization
 
  // Register shutdown check callback for library code
  shutdown_register_callback(check_shutdown);
 
  // Initialize crypto after logging is ready
  log_info("Initializing crypto...");
  if (init_server_crypto() != 0) {
    // Print detailed error context if available
    LOG_ERRNO_IF_SET("Crypto initialization failed");
    FATAL(ERROR_CRYPTO, "Crypto initialization failed");
  }
  log_info("Crypto initialized successfully");
 
  // Handle quiet mode - disable terminal output when GET_OPTION(quiet) is enabled
  log_set_terminal_output(!GET_OPTION(quiet));
 
  log_info("ASCII Chat server starting...");
 
  // log_info("SERVER: Options initialized, using log file: %s", log_filename);
  int port = strtoint_safe(GET_OPTION(port));
  if (port == INT_MIN) {
    log_error("Invalid port configuration: %s", GET_OPTION(port));
    FATAL(ERROR_CONFIG, "Invalid port configuration: %s", GET_OPTION(port));
  }
 
  ascii_simd_init();
  precalc_rgb_palettes(weight_red, weight_green, weight_blue);
 
  // Simple signal handling (temporarily disable complex threading signal handling)
  log_debug("Setting up simple signal handlers...");
 
  // Handle Ctrl+C for cleanup
  platform_signal(SIGINT, sigint_handler);
  // Handle termination signal (SIGTERM is defined with limited support on Windows)
  platform_signal(SIGTERM, sigterm_handler);
  // Handle lock debugging trigger signal
#ifndef _WIN32
  platform_signal(SIGUSR1, sigusr1_handler);
#else
  UNUSED(sigusr1_handler);
#endif
#ifndef _WIN32
  // SIGPIPE not supported on Windows
  platform_signal(SIGPIPE, SIG_IGN);
#endif
 
#ifndef NDEBUG
  // Start the lock debug thread (system already initialized earlier)
  if (lock_debug_start_thread() != 0) {
    FATAL(ERROR_THREAD, "Failed to start lock debug thread");
  }
  // Initialize statistics system
  if (stats_init() != 0) {
    FATAL(ERROR_THREAD, "Statistics system initialization failed");
  }
#endif
 
  // Create background worker thread pool for server operations
  g_server_worker_pool = thread_pool_create("server_workers");
  if (!g_server_worker_pool) {
    LOG_ERRNO_IF_SET("Failed to create server worker thread pool");
    FATAL(ERROR_MEMORY, "Failed to create server worker thread pool");
  }
 
  // Spawn statistics logging thread in worker pool
  if (thread_pool_spawn(g_server_worker_pool, stats_logger_thread, NULL, 0, "stats_logger") != ASCIICHAT_OK) {
    LOG_ERRNO_IF_SET("Statistics logger thread creation failed");
  } else {
    log_info("Statistics logger thread started");
  }
 
  // Network setup - Use tcp_server abstraction for dual-stack IPv4/IPv6 binding
  log_debug("Config check: GET_OPTION(address)='%s', GET_OPTION(address6)='%s'", GET_OPTION(address),
            GET_OPTION(address6));
 
  bool ipv4_has_value = (strlen(GET_OPTION(address)) > 0);
  bool ipv6_has_value = (strlen(GET_OPTION(address6)) > 0);
  bool ipv4_is_default = (strcmp(GET_OPTION(address), "127.0.0.1") == 0);
  bool ipv6_is_default = (strcmp(GET_OPTION(address6), "::1") == 0);
 
  log_debug("Binding decision: ipv4_has_value=%d, ipv6_has_value=%d, ipv4_is_default=%d, ipv6_is_default=%d",
            ipv4_has_value, ipv6_has_value, ipv4_is_default, ipv6_is_default);
 
  // Determine bind configuration
  bool bind_ipv4 = false;
  bool bind_ipv6 = false;
  const char *ipv4_address = NULL;
  const char *ipv6_address = NULL;
 
  if (ipv4_has_value && ipv6_has_value && ipv4_is_default && ipv6_is_default) {
    // Both are defaults: dual-stack with default localhost addresses
    bind_ipv4 = true;
    bind_ipv6 = true;
    ipv4_address = "127.0.0.1";
    ipv6_address = "::1";
    log_info("Default dual-stack: binding to 127.0.0.1 (IPv4) and ::1 (IPv6)");
  } else if (ipv4_has_value && !ipv4_is_default && (!ipv6_has_value || ipv6_is_default)) {
    // IPv4 explicitly set, IPv6 is default or empty: bind only IPv4
    bind_ipv4 = true;
    bind_ipv6 = false;
    ipv4_address = GET_OPTION(address);
    log_info("Binding only to IPv4 address: %s", ipv4_address);
  } else if (ipv6_has_value && !ipv6_is_default && (ipv4_is_default || !ipv4_has_value)) {
    // IPv6 explicitly set, IPv4 is default or empty: bind only IPv6
    bind_ipv4 = false;
    bind_ipv6 = true;
    ipv6_address = GET_OPTION(address6);
    log_info("Binding only to IPv6 address: %s", ipv6_address);
  } else {
    // Both explicitly set or one explicit + one default: dual-stack
    bind_ipv4 = true;
    bind_ipv6 = true;
    ipv4_address = ipv4_has_value ? GET_OPTION(address) : "127.0.0.1";
    ipv6_address = ipv6_has_value ? GET_OPTION(address6) : "::1";
    log_info("Dual-stack binding: IPv4=%s, IPv6=%s", ipv4_address, ipv6_address);
  }
 
  // Create server context - encapsulates all server state for passing to client handlers
  // This reduces global state and improves modularity by using tcp_server.user_data
  server_context_t server_ctx = {
      .tcp_server = &g_tcp_server,
      .rate_limiter = g_rate_limiter,
      .client_manager = &g_client_manager,
      .client_manager_rwlock = &g_client_manager_rwlock,
      .server_should_exit = &g_server_should_exit,
      .audio_mixer = g_audio_mixer,
      .stats = &g_stats,
      .stats_mutex = &g_stats_mutex,
      .encryption_enabled = g_server_encryption_enabled,
      .server_private_key = &g_server_private_key,
      .client_whitelist = g_client_whitelist,
      .num_whitelisted_clients = g_num_whitelisted_clients,
  };
 
  // Configure TCP server
  tcp_server_config_t tcp_config = {
      .port = port,
      .ipv4_address = ipv4_address,
      .ipv6_address = ipv6_address,
      .bind_ipv4 = bind_ipv4,
      .bind_ipv6 = bind_ipv6,
      .accept_timeout_sec = ACCEPT_TIMEOUT,
      .client_handler = ascii_chat_client_handler,
      .user_data = &server_ctx, // Pass server context to client handlers
  };
 
  // Initialize TCP server (creates and binds sockets)
  memset(&g_tcp_server, 0, sizeof(g_tcp_server));
  asciichat_error_t tcp_init_result = tcp_server_init(&g_tcp_server, &tcp_config);
  if (tcp_init_result != ASCIICHAT_OK) {
    FATAL(ERROR_NETWORK, "Failed to initialize TCP server");
  }
 
  // =========================================================================
  // UPnP Port Mapping (Quick Win for Direct TCP)
  // =========================================================================
  // Track UPnP success for ACDS session type decision
  // If UPnP fails, we need to create a WebRTC session to enable client connectivity
  bool upnp_succeeded = false;
 
  // Try to open port via UPnP so direct TCP works for ~70% of home users.
  // If this fails, clients fall back to WebRTC automatically - not fatal.
  //
  // Strategy:
  //   1. UPnP (works on ~90% of home routers)
  //   2. NAT-PMP fallback (Apple routers)
  //   3. If both fail: use ACDS + WebRTC (reliable, but slightly higher latency)
  if (GET_OPTION(enable_upnp) && !GET_OPTION(no_upnp)) {
    asciichat_error_t upnp_result = nat_upnp_open(port, "ASCII-Chat Server", &g_upnp_ctx);
 
    if (upnp_result == ASCIICHAT_OK && g_upnp_ctx) {
      char public_addr[22];
      if (nat_upnp_get_address(g_upnp_ctx, public_addr, sizeof(public_addr)) == ASCIICHAT_OK) {
        printf("🌐 Public endpoint: %s (direct TCP)\\n", public_addr);
        log_info("UPnP: Port mapping successful, public endpoint: %s", public_addr);
        upnp_succeeded = true;
      }
    } else {
      log_info("UPnP: Port mapping unavailable or failed - will use WebRTC fallback");
      printf("📡 Clients behind strict NATs will use WebRTC fallback\\n");
    }
  } else {
    if (GET_OPTION(no_upnp)) {
      log_info("UPnP: Disabled via --no-upnp option");
    } else {
      log_info("UPnP: Disabled via environment variable or configuration");
    }
    printf("📡 WebRTC will be used for all clients\\n");
  }
 
  struct timespec last_stats_time;
  (void)clock_gettime(CLOCK_MONOTONIC, &last_stats_time);
 
  // Initialize synchronization primitives
  if (rwlock_init(&g_client_manager_rwlock) != 0) {
    FATAL(ERROR_THREAD, "Failed to initialize client manager rwlock");
  }
 
  // Lock debug system already initialized earlier in main()
 
  // Check if SIGINT was received during initialization
  // If so, tcp_server_run() will detect it and exit immediately
  if (atomic_load(&g_server_should_exit)) {
    log_info("Shutdown signal received during initialization, skipping server startup");
  }
 
  // Lock debug thread already started earlier in main()
 
  // NOTE: g_client_manager is already zero-initialized in client.c with = {0}
  // We only need to initialize the mutex
  mutex_init(&g_client_manager.mutex);
 
  // Initialize uthash head pointer for O(1) lookup (uthash requires NULL initialization)
  g_client_manager.clients_by_id = NULL;
 
  // Initialize connection rate limiter (prevents DoS attacks)
  if (!atomic_load(&g_server_should_exit)) {
    log_debug("Initializing connection rate limiter...");
    g_rate_limiter = rate_limiter_create_memory();
    if (!g_rate_limiter) {
      LOG_ERRNO_IF_SET("Failed to initialize rate limiter");
      if (!atomic_load(&g_server_should_exit)) {
        FATAL(ERROR_MEMORY, "Failed to create connection rate limiter");
      }
    } else {
      log_info("Connection rate limiter initialized (50 connections/min per IP)");
    }
  }
 
  // Initialize audio mixer (always enabled on server)
  if (!atomic_load(&g_server_should_exit)) {
    log_debug("Initializing audio mixer for per-client audio rendering...");
    g_audio_mixer = mixer_create(MAX_CLIENTS, AUDIO_SAMPLE_RATE);
    if (!g_audio_mixer) {
      LOG_ERRNO_IF_SET("Failed to initialize audio mixer");
      if (!atomic_load(&g_server_should_exit)) {
        FATAL(ERROR_AUDIO, "Failed to initialize audio mixer");
      }
    } else {
      if (!atomic_load(&g_server_should_exit)) {
        log_debug("Audio mixer initialized successfully for per-client audio rendering");
      }
    }
  }
 
  // Initialize mDNS context for LAN service discovery (optional)
  // mDNS allows clients on the LAN to discover this server without knowing its IP
  // Can be disabled with --no-mdns-advertise
  // Note: Actual advertisement is deferred until after ACDS session creation (if --acds is enabled)
  if (!atomic_load(&g_server_should_exit) && !GET_OPTION(no_mdns_advertise)) {
    log_debug("Initializing mDNS for LAN service discovery...");
    g_mdns_ctx = asciichat_mdns_init();
    if (!g_mdns_ctx) {
      LOG_ERRNO_IF_SET("Failed to initialize mDNS (non-fatal, LAN discovery disabled)");
      log_warn("mDNS disabled - LAN service discovery will not be available");
      g_mdns_ctx = NULL;
    } else {
      log_debug("mDNS context initialized, advertisement deferred until session string is ready");
    }
  } else if (GET_OPTION(no_mdns_advertise)) {
    log_info("mDNS service advertisement disabled via --no-mdns-advertise");
  }
 
  // ========================================================================
  // MAIN CONNECTION LOOP - Delegated to tcp_server
  // ========================================================================
  //
  // The tcp_server module handles:
  // 1. Dual-stack IPv4/IPv6 accept loop with select() timeout
  // 2. Spawning client_handler threads for each connection
  // 3. Responsive shutdown when g_tcp_server.running is set to false
  //
  // Client lifecycle is managed by ascii_chat_client_handler() which:
  // - Performs rate limiting
  // - Calls add_client() to initialize structures and spawn workers
  // - Blocks until client disconnects
  // - Calls remove_client() to cleanup and stop worker threads
 
  // ACDS Session Creation: Register this server with discovery service
  // This also determines the session string for mDNS (if --acds is enabled)
  char session_string[64] = {0};
 
  // ACDS Registration (conditional on --acds flag)
  if (GET_OPTION(acds)) {
    // Security Requirement Check (Issue #239):
    // Server IP must be protected by password, identity verification, or explicit opt-in
 
    // Auto-detection: Check if password or identity verification is configured
    const char *password = GET_OPTION(password);
    bool has_password = password && strlen(password) > 0;
    const char *encrypt_key = GET_OPTION(encrypt_key);
    bool has_identity = encrypt_key && strlen(encrypt_key) > 0;
    bool explicit_expose = GET_OPTION(acds_expose_ip) != 0;
 
    // Validate security configuration BEFORE attempting ACDS connection
    bool acds_expose_ip_flag = false;
 
    if (has_password || has_identity) {
      // Auto-enable privacy: IP revealed only after verification
      acds_expose_ip_flag = false;
      log_plain("🔒 ACDS privacy enabled: IP disclosed only after %s verification",
                has_password ? "password" : "identity");
    } else if (explicit_expose) {
      // Explicit opt-in to public IP disclosure - requires confirmation
      log_plain_stderr("");
      log_plain_stderr("⚠️  WARNING: You are about to allow PUBLIC IP disclosure!");
      log_plain_stderr("⚠️  Anyone with the session string will be able to see your IP address.");
      log_plain_stderr("⚠️  This is NOT RECOMMENDED unless you understand the privacy implications.");
      log_plain_stderr("");
 
      if (!platform_prompt_yes_no("Do you want to proceed with public IP disclosure", false)) {
        log_plain_stderr("");
        log_plain_stderr("❌ IP disclosure not confirmed. Server will run WITHOUT discovery service.");
        goto skip_acds_session;
      }
 
      // User confirmed - proceed with public IP disclosure
      acds_expose_ip_flag = true;
      log_plain_stderr("");
      log_plain_stderr("⚠️  Public IP disclosure CONFIRMED");
      log_plain_stderr("⚠️  Your IP address will be visible to anyone with the session string");
    } else {
      // Security violation: No password, no identity, no explicit opt-in
      log_plain_stderr("❌ Cannot create ACDS session: No security configured!");
      log_plain_stderr("   You must either:");
      log_plain_stderr("   1. Set a password: --password \"your-secret\"");
      log_plain_stderr("   2. Use identity key: --key ~/.ssh/id_ed25519");
      log_plain_stderr("   3. Explicitly allow public IP: --acds-expose-ip (NOT RECOMMENDED)");
      log_plain_stderr("");
      log_plain_stderr("Server will run WITHOUT discovery service.");
      goto skip_acds_session;
    }
 
    // Security is configured, proceed with ACDS connection
    const char *acds_server = GET_OPTION(acds_server);
    uint16_t acds_port = (uint16_t)GET_OPTION(acds_port);
 
    log_info("Attempting to create session on ACDS server at %s:%d...", acds_server, acds_port);
 
    acds_client_config_t acds_config;
    acds_client_config_init_defaults(&acds_config);
    SAFE_STRNCPY(acds_config.server_address, acds_server, sizeof(acds_config.server_address));
    acds_config.server_port = acds_port;
    acds_config.timeout_ms = 5000;
 
    // Allocate ACDS client on heap for server lifecycle
    g_acds_client = SAFE_MALLOC(sizeof(acds_client_t), acds_client_t *);
    if (!g_acds_client) {
      log_error("Failed to allocate ACDS client");
      goto skip_acds_session;
    }
 
    asciichat_error_t acds_connect_result = acds_client_connect(g_acds_client, &acds_config);
    if (acds_connect_result == ASCIICHAT_OK) {
      // Prepare session creation parameters
      acds_session_create_params_t create_params;
      memset(&create_params, 0, sizeof(create_params));
 
      // Use server's Ed25519 identity public key if available
      if (g_server_encryption_enabled && has_identity) {
        memcpy(create_params.identity_pubkey, g_server_private_key.public_key, 32);
        log_debug("Using server identity key for ACDS session");
      } else {
        // No identity key available - use zero key
        // ACDS will accept this if identity verification is not required
        memset(create_params.identity_pubkey, 0, 32);
        log_debug("No server identity key - using zero key for ACDS session");
      }
 
      create_params.capabilities = 0x03; // Video + Audio
      create_params.max_participants = GET_OPTION(max_clients);
 
      // Set password if configured
      create_params.has_password = has_password;
      if (has_password) {
        // TODO: Hash password with Argon2id
        SAFE_STRNCPY(create_params.password, password, sizeof(create_params.password));
      }
 
      // Set IP disclosure policy (determined above)
      create_params.acds_expose_ip = acds_expose_ip_flag;
 
      // Set session type (Direct TCP or WebRTC)
      // Auto-detect: Use WebRTC if UPnP failed OR if explicitly requested via --webrtc
      // Exception: If bind address is 0.0.0.0, server is on public IP - use Direct TCP
      const char *bind_addr = GET_OPTION(address);
      bool bind_all_interfaces = (strcmp(bind_addr, "0.0.0.0") == 0);
 
      if (GET_OPTION(webrtc)) {
        // Explicit WebRTC request
        create_params.session_type = SESSION_TYPE_WEBRTC;
        log_info("ACDS session type: WebRTC (explicitly requested via --webrtc)");
      } else if (bind_all_interfaces) {
        // Bind to 0.0.0.0 means server is publicly accessible
        create_params.session_type = SESSION_TYPE_DIRECT_TCP;
        log_info("ACDS session type: Direct TCP (bind address 0.0.0.0, server is publicly accessible)");
      } else if (upnp_succeeded) {
        // UPnP port mapping worked
        create_params.session_type = SESSION_TYPE_DIRECT_TCP;
        log_info("ACDS session type: Direct TCP (UPnP succeeded, server is publicly accessible)");
      } else {
        // UPnP failed and not on public IP - use WebRTC
        create_params.session_type = SESSION_TYPE_WEBRTC;
        log_info("ACDS session type: WebRTC (UPnP failed, server behind NAT)");
      }
 
      // Server connection information (where clients should connect)
      // If bind address is 0.0.0.0, leave server_address empty for ACDS to auto-detect public IP
      if (bind_all_interfaces) {
        create_params.server_address[0] = '\0'; // Empty - ACDS will use connection source IP
        log_debug("Bind address is 0.0.0.0, ACDS will auto-detect public IP from connection");
      } else {
        SAFE_STRNCPY(create_params.server_address, bind_addr, sizeof(create_params.server_address));
      }
      create_params.server_port = port;
 
      // Create session
      acds_session_create_result_t create_result;
      asciichat_error_t create_err = acds_session_create(g_acds_client, &create_params, &create_result);
 
      if (create_err == ASCIICHAT_OK) {
        SAFE_STRNCPY(session_string, create_result.session_string, sizeof(session_string));
        log_plain("✨ Session created successfully!");
        log_plain("📋 Session string: %s", session_string);
        log_plain("🔗 Share this with others to join:");
        log_plain("   ascii-chat %s", session_string);
 
        // Server must join its own session so ACDS can route signaling messages
        log_debug("Server joining session as first participant for WebRTC signaling...");
        acds_session_join_params_t join_params = {0};
        join_params.session_string = session_string;
 
        // Use same identity key as session creation
        memcpy(join_params.identity_pubkey, create_params.identity_pubkey, 32);
 
        // Include password if session is password-protected
        if (has_password) {
          join_params.has_password = true;
          SAFE_STRNCPY(join_params.password, password, sizeof(join_params.password));
        }
 
        acds_session_join_result_t join_result = {0};
        asciichat_error_t join_err = acds_session_join(g_acds_client, &join_params, &join_result);
        if (join_err != ASCIICHAT_OK || !join_result.success) {
          log_error("Failed to join own session: %s (error: %s)", asciichat_error_string(join_err),
                    join_result.error_message[0] ? join_result.error_message : "unknown");
          // Continue anyway - this is not fatal for Direct TCP sessions
        } else {
          log_info("Server joined session successfully (participant_id: %02x%02x...)", join_result.participant_id[0],
                   join_result.participant_id[1]);
          // Store participant ID for WebRTC signaling (needed to identify server in SDP/ICE messages)
          memcpy(create_result.session_id, join_result.session_id, 16);
        }
 
        // Keep ACDS connection alive for WebRTC signaling relay
        log_debug("Server staying connected to ACDS for signaling relay");
 
        // Create ACDS transport wrapper for sending signaling packets
        g_acds_transport = acip_tcp_transport_create(g_acds_client->socket, NULL);
        if (!g_acds_transport) {
          log_error("Failed to create ACDS transport wrapper");
        } else {
          log_debug("ACDS transport wrapper created for signaling");
 
          // Start ACDS ping thread to keep connection alive (for ALL session types)
          int ping_thread_result = asciichat_thread_create(&g_acds_ping_thread, acds_ping_thread, NULL);
          if (ping_thread_result != 0) {
            log_error("Failed to create ACDS ping thread: %d", ping_thread_result);
          } else {
            log_info("ACDS ping thread started to keep connection alive");
            g_acds_ping_thread_started = true;
          }
        }
 
        // Initialize WebRTC peer_manager if session type is WebRTC
        if (create_params.session_type == SESSION_TYPE_WEBRTC) {
          log_info("Initializing WebRTC peer manager for session (role=CREATOR)...");
 
          // Configure STUN servers for ICE gathering
          stun_server_t stun_servers[2];
          stun_servers[0].host_len = (uint8_t)strlen("stun:stun.l.google.com:19302");
          SAFE_STRNCPY(stun_servers[0].host, "stun:stun.l.google.com:19302", sizeof(stun_servers[0].host));
          stun_servers[1].host_len = (uint8_t)strlen("stun:stun1.l.google.com:19302");
          SAFE_STRNCPY(stun_servers[1].host, "stun:stun1.l.google.com:19302", sizeof(stun_servers[1].host));
 
          // Configure peer_manager
          webrtc_peer_manager_config_t pm_config = {
              .role = WEBRTC_ROLE_CREATOR, // Server accepts offers, generates answers
              .stun_servers = stun_servers,
              .stun_count = 2,
              .turn_servers = NULL, // No TURN for server (clients should have public IP or use TURN)
              .turn_count = 0,
              .on_transport_ready = on_webrtc_transport_ready,
              .user_data = &server_ctx,
              .crypto_ctx = NULL // WebRTC handles crypto internally
          };
 
          // Configure signaling callbacks for relaying SDP/ICE via ACDS
          webrtc_signaling_callbacks_t signaling_callbacks = {
              .send_sdp = server_send_sdp, .send_ice = server_send_ice, .user_data = NULL};
 
          // Create peer_manager
          asciichat_error_t pm_result =
              webrtc_peer_manager_create(&pm_config, &signaling_callbacks, &g_webrtc_peer_manager);
          if (pm_result != ASCIICHAT_OK) {
            log_error("Failed to create WebRTC peer_manager: %s", asciichat_error_string(pm_result));
            g_webrtc_peer_manager = NULL;
          } else {
            log_info("WebRTC peer_manager initialized successfully");
 
            // Start ACDS receive thread for WebRTC signaling relay
            int thread_result = asciichat_thread_create(&g_acds_receive_thread, acds_receive_thread, NULL);
            if (thread_result != 0) {
              log_error("Failed to create ACDS receive thread: %d", thread_result);
              // Cleanup peer_manager since signaling won't work
              webrtc_peer_manager_destroy(g_webrtc_peer_manager);
              g_webrtc_peer_manager = NULL;
            } else {
              log_info("ACDS receive thread started for WebRTC signaling relay");
              g_acds_receive_thread_started = true;
            }
          }
        } else {
          log_debug("Session type is DIRECT_TCP, skipping WebRTC peer_manager initialization");
        }
 
        // Advertise mDNS with ACDS session string
        // This ensures both mDNS and ACDS discovery return the same session string
        advertise_mdns_with_session(session_string, (uint16_t)port);
      } else {
        log_warn("Failed to create session on ACDS server (server will run without discovery)");
        // Clean up failed ACDS client
        if (g_acds_client) {
          acds_client_disconnect(g_acds_client);
          SAFE_FREE(g_acds_client);
          g_acds_client = NULL;
        }
      }
    } else {
      log_warn("Could not connect to ACDS server at %s:%d (server will run without discovery)", acds_server, acds_port);
    }
  } else {
    log_info("ACDS registration disabled (use --acds to enable)");
  }
 
skip_acds_session:
  // Fallback: If no session string was set by ACDS (either disabled or failed),
  // generate a random session string for mDNS discovery only
  if (session_string[0] == '\0' && g_mdns_ctx) {
    log_debug("No ACDS session string available, generating random session for mDNS");
 
    // Generate a proper word-word-word session string for mDNS discovery
    // This uses simple word lists to create memorable session strings
    static const char *adjectives[] = {
        "swift", "bright", "gentle", "calm", "bold", "quiet", "happy", "proud",
        "quick", "warm",   "wise",   "true", "safe", "keen",  "just",  "fair",
    };
    static const char *nouns[] = {
        "river",  "mountain", "forest", "ocean", "valley", "peak",  "lake", "hill",
        "meadow", "canyon",   "stream", "sky",   "stone",  "eagle", "wolf", "bear",
    };
    static const size_t adj_count = sizeof(adjectives) / sizeof(adjectives[0]);
    static const size_t noun_count = sizeof(nouns) / sizeof(nouns[0]);
 
    // Generate random indices for session string (deterministic per server start for testing)
    uint32_t seed = (uint32_t)time(NULL) ^ (uint32_t)getpid();
    uint32_t adj1_idx = (seed / 1) % adj_count;
    uint32_t noun1_idx = (seed / 13) % noun_count;
    uint32_t adj2_idx = (seed / 31) % adj_count;
 
    snprintf(session_string, sizeof(session_string), "%s-%s-%s", adjectives[adj1_idx], nouns[noun1_idx],
             adjectives[adj2_idx]);
 
    log_info("Generated random session string for mDNS: '%s'", session_string);
 
    // Advertise mDNS with random session string
    advertise_mdns_with_session(session_string, (uint16_t)port);
  }
 
  log_info("Server entering accept loop (port %d)...", port);
 
  // Run TCP server (blocks until shutdown signal received)
  // tcp_server_run() handles:
  // - select() on IPv4/IPv6 sockets with timeout
  // - accept() new connections
  // - Spawn ascii_chat_client_handler() thread for each connection
  // - Responsive shutdown when atomic_store(&g_tcp_server.running, false)
  asciichat_error_t run_result = tcp_server_run(&g_tcp_server);
  if (run_result != ASCIICHAT_OK) {
    log_error("TCP server exited with error");
  }
 
  log_info("Server accept loop exited");
 
  // Cleanup
  log_info("Server shutting down...");
  atomic_store(&g_server_should_exit, true);
 
  // Wake up any threads that might be blocked on condition variables
  // (like packet queues) to ensure responsive shutdown
  // This must happen BEFORE client cleanup to wake up any blocked threads
  static_cond_broadcast(&g_shutdown_cond);
  // NOTE: Do NOT call cond_destroy() on statically-initialized condition variables
  // g_shutdown_cond uses STATIC_COND_INIT which doesn't allocate resources that need cleanup
  // Calling cond_destroy() on a static cond is undefined behavior on some platforms
 
  // CRITICAL: Close all client sockets immediately to unblock receive threads
  // The signal handler only closed the listening socket, but client receive threads
  // are still blocked in recv_with_timeout(). We need to close their sockets to unblock them.
  log_info("Closing all client sockets to unblock receive threads...");
 
  // Use write lock since we're modifying client->socket
  rwlock_wrlock(&g_client_manager_rwlock);
  for (int i = 0; i < MAX_CLIENTS; i++) {
    client_info_t *client = &g_client_manager.clients[i];
    if (atomic_load(&client->client_id) != 0 && client->socket != INVALID_SOCKET_VALUE) {
      socket_close(client->socket);
      client->socket = INVALID_SOCKET_VALUE;
    }
  }
  rwlock_wrunlock(&g_client_manager_rwlock);
 
  log_info("Signaling all clients to stop (sockets closed, g_server_should_exit set)...");
 
  // Stop and destroy server worker thread pool (stats logger, etc.)
  if (g_server_worker_pool) {
    thread_pool_destroy(g_server_worker_pool);
    g_server_worker_pool = NULL;
    log_info("Server worker thread pool stopped");
  }
 
  // Destroy rate limiter
  if (g_rate_limiter) {
    rate_limiter_destroy(g_rate_limiter);
    g_rate_limiter = NULL;
  }
 
  // Clean up all connected clients
  log_info("Cleaning up connected clients...");
  // FIXED: Simplified to collect client IDs first, then remove them without holding locks
  uint32_t clients_to_remove[MAX_CLIENTS];
  int client_count = 0;
 
  rwlock_rdlock(&g_client_manager_rwlock);
  for (int i = 0; i < MAX_CLIENTS; i++) {
    client_info_t *client = &g_client_manager.clients[i];
 
    // Only attempt to clean up clients that were actually connected
    // (client_id is 0 for uninitialized clients, starts from 1 for connected clients)
    // FIXED: Only access mutex for initialized clients to avoid accessing uninitialized mutex
    if (atomic_load(&client->client_id) == 0) {
      continue; // Skip uninitialized clients
    }
 
    // Use snapshot pattern to avoid holding both locks simultaneously
    // This prevents deadlock by not acquiring client_state_mutex while holding rwlock
    uint32_t client_id_snapshot = atomic_load(&client->client_id); // Atomic read is safe under rwlock
 
    // Clean up ANY client that was allocated, whether active or not
    // (disconnected clients may not be active but still have resources)
    clients_to_remove[client_count++] = client_id_snapshot;
  }
  rwlock_rdunlock(&g_client_manager_rwlock);
 
  // Remove all clients without holding any locks
  for (int i = 0; i < client_count; i++) {
    if (remove_client(&server_ctx, clients_to_remove[i]) != 0) {
      log_error("Failed to remove client %u during shutdown", clients_to_remove[i]);
    }
  }
 
  // Clean up hash table
  // Clean up uthash table (uthash handles deletion when the last item is removed,
  // but we should clear it here just in case there are stragglers)
  if (g_client_manager.clients_by_id) {
    client_info_t *current_client, *tmp;
    HASH_ITER(hh, g_client_manager.clients_by_id, current_client, tmp) {
      HASH_DELETE(hh, g_client_manager.clients_by_id, current_client);
      // Note: We don't free current_client here because it's part of the clients[] array
    }
    g_client_manager.clients_by_id = NULL;
  }
 
  // Clean up audio mixer
  if (g_audio_mixer) {
    mixer_destroy(g_audio_mixer);
    g_audio_mixer = NULL;
  }
 
  // Clean up mDNS context
  if (g_mdns_ctx) {
    asciichat_mdns_shutdown(g_mdns_ctx);
    g_mdns_ctx = NULL;
    log_info("mDNS context shut down");
  }
 
  // Clean up synchronization primitives
  rwlock_destroy(&g_client_manager_rwlock);
  mutex_destroy(&g_client_manager.mutex);
 
#ifdef NDEBUG
  // Clean up statistics system
  stats_cleanup();
#endif
 
#ifndef NDEBUG
  // Clean up lock debugging system (always, regardless of build type)
  // Lock debug records are allocated in debug builds too, so they must be cleaned up
  lock_debug_cleanup();
#endif
 
  // Shutdown TCP server (closes listen sockets and cleans up)
  tcp_server_shutdown(&g_tcp_server);
 
  // Join ACDS threads (if started)
  // NOTE: Must be done BEFORE destroying transport to ensure clean shutdown
  if (g_acds_ping_thread_started) {
    log_debug("Joining ACDS ping thread");
    asciichat_thread_join(&g_acds_ping_thread, NULL);
    g_acds_ping_thread_started = false;
    log_debug("ACDS ping thread joined");
  }
 
  if (g_acds_receive_thread_started) {
    log_debug("Joining ACDS receive thread");
    asciichat_thread_join(&g_acds_receive_thread, NULL);
    g_acds_receive_thread_started = false;
    log_debug("ACDS receive thread joined");
  }
 
  // Clean up WebRTC peer manager (if initialized for ACDS signaling relay)
  if (g_webrtc_peer_manager) {
    log_debug("Destroying WebRTC peer manager");
    webrtc_peer_manager_destroy(g_webrtc_peer_manager);
    g_webrtc_peer_manager = NULL;
  }
 
  // Clean up ACDS transport wrapper (if created)
  if (g_acds_transport) {
    log_debug("Destroying ACDS transport wrapper");
    acip_transport_destroy(g_acds_transport);
    g_acds_transport = NULL;
  }
 
  // Disconnect from ACDS server (if connected for WebRTC signaling relay)
  if (g_acds_client) {
    log_debug("Disconnecting from ACDS server");
    acds_client_disconnect(g_acds_client);
    SAFE_FREE(g_acds_client);
    g_acds_client = NULL;
  }
 
  // Clean up SIMD caches
  simd_caches_destroy_all();
 
  // Clean up symbol cache
  // This must be called BEFORE log_destroy() as symbol_cache_cleanup() uses log_debug()
  // Safe to call even if atexit() runs - it's idempotent (checks g_symbol_cache_initialized)
  // Also called via platform_cleanup() atexit handler, but explicit call ensures proper ordering
  symbol_cache_cleanup();
 
  // Clean up global buffer pool (explicitly, as atexit may not run on Ctrl-C)
  // Note: This is also registered with atexit(), but calling it explicitly is safe (idempotent)
  // Safe to call even if atexit() runs - it checks g_global_buffer_pool and sets it to NULL
  buffer_pool_cleanup_global();
 
  // Clean up binary path cache explicitly
  // Note: This is also called by platform_cleanup() via atexit(), but it's idempotent
  // (checks g_cache_initialized and sets it to false, sets g_bin_path_cache to NULL)
  // Safe to call even if atexit() runs later
  platform_cleanup_binary_path_cache();
 
  // Clean up errno context (allocated strings, backtrace symbols)
  asciichat_errno_cleanup();
 
  // Clean up RCU-based options state
  options_state_shutdown();
 
  // Clean up platform-specific resources (Windows: Winsock cleanup, timer restoration)
  // POSIX: minimal cleanup (symbol cache already handled above on Windows)
#ifdef _WIN32
  socket_cleanup();
  timeEndPeriod(1); // Restore Windows timer resolution
#endif
 
#ifndef NDEBUG
  // Join the lock debug thread as one of the very last things before exit
  lock_debug_cleanup_thread();
#endif
 
  log_info("Server shutdown complete");
 
  asciichat_error_stats_print();
 
  log_destroy();
 
  // Use exit() to allow atexit() handlers to run
  // Cleanup functions are idempotent (check if initialized first)
  exit(0);
}
Variable Documentation

◆ g_rate_limiter

rate_limiter_t* g_rate_limiter
extern
Global connection rate limiter.
Shared rate limiter instance used by packet handlers to prevent DoS attacks. Tracks connection attempts and packet rates per IP address.
Global connection rate limiter.
In-memory rate limiter to prevent connection flooding and DoS attacks. Tracks connection attempts and packet rates per IP address with configurable limits.
Default limits (from rate_limit.c):
RATE_EVENT_CONNECTION: 50 connections per 60 seconds
RATE_EVENT_IMAGE_FRAME: 144 FPS (8640 frames/min)
RATE_EVENT_AUDIO: 172 FPS (10320 packets/min)
RATE_EVENT_PING: 2 Hz (120 pings/min)
RATE_EVENT_CLIENT_JOIN: 10 joins per 60 seconds
RATE_EVENT_CONTROL: 100 control packets per 60 seconds
THREAD SAFETY: The rate limiter is thread-safe and can be used concurrently from the main accept loop and packet handlers without external synchronization.
See also: main.h for extern declaration
Definition at line 188 of file server/main.c.
Referenced by process_decrypted_packet(), and server_main().
Data Structures

Typedefs

Functions

Variables
