forked from solderpunk/molly-brown
Resync master w/upstream #2
Russtopia
commented 2023-09-07 02:07:09 +00:00
Owner
No description provided.
Russtopia
added 70 commits 2023-09-07 02:07:10 +00:00
03ca12d0c1
First pass at a pledge/unveil implementation for OpenBSD.
69a253f820
Tested unveiling CGI dirs and globs as executable.
fb77a13088
Finished the OpenBSD pledge/unveil implementation after testing SCGI procs.
a8f59868f3
Update requirements list for OpenBSD.
1c0fb0d856
Fixed a typo in the OpenBSD enableSecurityRestrictions docs.
16ed9e5cff
Allow redirects to other hosts. Closes #26.
f05bab2b73
Make test of request URL hostname against configured hostname case insensitive. Closes #29.
a41898b012
Add DefaultEncoding option to config/.molly files. Closes #19.
733e518392
Accept requests where the URL has a FQDN hostname with a trailing dot. Closes #20.
67d509a234
Sort directory listings with directories before files
8446885f56
Rename DirectoriesFirst option to DirectorySubdirsFirst and document in README.
d9e0fed193
Tidy up DirectorySubdirsFirst sorting code by doing two consecutive sorts. Closes #30.
2d6f4db38e
Add -v flag to print version and exit. Closes #23.
8541b6194b
Resolve non-absolute values of CGIPaths relative to DocBase. Closes #24.
c0d0c0991c
Update date and email address in LICENSE.
16bf8e0534
Refuse to use a world-readable TLS key.
443bfd4bbd
Change to error logging behaviour (stderr instead of stdout, by default).
3be10b82d7
Allow no access logging with empty string log file path.
0d5d67c86d
Forcibly ingest Kool-Aid.
b16a8584a6
Merge pull request 'Added pledge(2) and unveil(2) system calls to improve security on OpenBSD.' (#13) from kvothe/molly-brown:master into master
86720131d3
Declare dependenc upon x/sys to support OpenBSD security features.
17d17a1629
Catch SIGTERM and shutdown gracefully.
b16fe0b8d4
Absolutise DocBase before trying to absolutise anything else relative to it.
56d8dde14a
Chdir to / so that Molly doesn't interfere with unmounting.
5258b29c6b
Big ol' gofmt.
4e6a8fcd05
Use setuid() systemcall wherever possible to reduce privileges before accepting network connections. First step toward solving issue #16.
bb0a04d2c7
Add a little bit of extra security advice to the README, a tiny extra step toward closing issue #16.
06c6d190a6
Guard against symbolic links escaping the document base.
8372142843
Add support for chroot()ing server early after startup, more work toward issue #16.
c0c67f7ba6
Whoops, don't ignore error from filepath.Abs.
182e58ffe3
Make unprivileged user configurable, thanks nervuri! (see issue #16)
7fad754ff2
Drop privileges much more thoroughly, thanks nervuri! (see issue #16)
072669a167
Avoid use of log.Fatal() or os.Exit() in main so defers are guaranteed to run.
7a89b307a1
Just use the log package's default logger as the error log.
f63fcdb6d1
Do not request client certificates if we're never going to need them.
75c283fc74
Restore documented setuid behaviour.
40203a8856
Use net/http.DetectContentType as a last resort for MIME, rather than hardcoding application/octet-stream.
8d1a04cb27
Fix minor bugs on OpenBSD-only code, after discovering easy of cross-compilation in Go.
212c9f79fb
A rather extensive refactor.
67386cd118
Update README to reflect movement of unix security stuff out of config file into command line switches.
d67f896b84
Add AllowTLS12 option to switch minimum TLS version between 1.2 and 1.3.
800c181668
Ensure supplied TLS certificate is valid for configured hostname.
0274ef8f35
Print warning about expired certificates.
c50accfaec
Only drop supplementary groups if root is amongst them.
a9dab7b48c
Argh, fix stupid typo.
bff3d6d486
Restore logging functionality after some subtle variable declaration scoping bugs wiped it out!
e70ec82594
Don't try to be clever about when to request client certs: we never know what could be in a .molly file.
eb85a6e94c
Another big refactor, splitting the Config struct in two.
f9585ff2b7
Rearrange the logic of handling requests without changing behaviour.
eefb1bc3a6
Further simplifications of config parsing code.
d3d415b612
Add missing return.
81b4f1dcc0
Fix small variable name error.
bd07cb3507
Check for errors when parsing TLS certificates even after successful PEM decoding.
3a03995f26
Actually, be *more* clever about client certs...(see e70ec)
e30f39b196
Fix typo in error message.
72a94cab00
Restore Go 1.15 compatibility.
c4866d2965
Check for a CGI path prefix before insisting that an exact path exists on disk. Closes #36.
5016f40edb
Initial implementation of leaky bucket rate limiting.
a6170a355d
Make rate limiting configurable.
3c5835f033
Continue to increment drips once bucket is overflowing.
efde852c54
Refactor rate limiting to have soft and hard limits, block clients exceeding hard limits for one hour.
4b9a7e8ad5
Correctly implement bans for clients exceeding hard limit.
8e618a6304
Double hard limit ban durations each time.
4b54eb6134
Set 30 second deadline for reading requests. See #35.
2c3225c1c0
Fix crash when CGI processes end without writing anything at all to stdout. Closes #38.
6f0865447d
Adds leaky token bucket rate limiting with bans for non-compliant clients.
051df29604
Add a write deadline with maximum allowed download time derived from filesize. See #35.
1b7d661abd
Type trashing to fix last commit.
64a4ff72f0
Remove debugging Println.
2068c3b02a
Allow to disable directory listing
Russtopia
merged commit 27bbae5418 into master 2023-09-07 02:07:32 +00:00
Russtopia
referenced this issue from a commit 2023-09-07 02:07:33 +00:00
Merge pull request 'Resync master w/upstream' (#2) from solderpunk/molly-brown:master into master
Loading…
Reference in New Issue
No description provided.
Delete Branch "solderpunk/molly-brown:master"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?