Refuse to serve any sensitive files.

2020-06-04 23:24:19 +02:00 · 2020-06-04 23:24:19 +02:00 · fc730c8b1c
parent 532dd83414
commit fc730c8b1c
1 changed files with 8 additions and 0 deletions
--- a/handler.go
+++ b/handler.go
@ -106,6 +106,14 @@ func handleGeminiRequest(conn net.Conn, config Config, logEntries chan LogEntry)
 		return
 	}

+	// Paranoid security measure:
+	// Fail if the URL has mapped to our TLS files or the log
+	if path == config.CertPath || path == config.KeyPath || path == config.LogPath {
+		conn.Write([]byte("51 Not found!\r\n"))
+		log.Status = 51
+		return
+	}
+
 	// Handle directories
 	if info.IsDir() {
 		// Redirect to add trailing slash if missing