From c5f4d281d5b1bf902588939b20a36c0fdd8b6d69 Mon Sep 17 00:00:00 2001
From: Matthias Portzel <MatthiasPortzel@gmail.com>
Date: Sat, 24 Sep 2022 20:35:14 -0400
Subject: [PATCH] Reverse proxy fixes and changes

---
 GeminiServer.js      |  4 +++-
 README.gmi           | 10 ++++++++++
 example.js           |  2 ++
 handlers/revproxy.js |  6 ++++--
 4 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/GeminiServer.js b/GeminiServer.js
index bf79ff2..5271849 100644
--- a/GeminiServer.js
+++ b/GeminiServer.js
@@ -144,7 +144,9 @@ export default class GeminiServer {
 
                 if (matches) {
                     Promise.resolve(p.handler.handle(url, p.basePath, socket)).then(res => {
-                        socket.write(res);
+                        if (res) {
+                            socket.write(res);
+                        }
                         socket.end();
                     }).catch(console.error);
                     return;
diff --git a/README.gmi b/README.gmi
index 73aa324..beaee0b 100644
--- a/README.gmi
+++ b/README.gmi
@@ -1,3 +1,7 @@
+# Astronomical Theater
+A Node.js Gemini server and proxy.
+
+Do not use.
 
 ### We require SNI!
 The Gemini spec requires clients to implement SNI. This server requires SNI to connect.
@@ -37,6 +41,12 @@ openssl genrsa -out private-key.pem 2048
 openssl req -new -sha256 -key private-key.pem -out csr.pem
 # Self-sign, generating cert
 openssl x509 -req -in csr.pem -signkey private-key.pem -out public-cert.pem
+
+# For debugging clients, it can be useful to start a openssl server with these certs:
+openssl s_server -key private-key.pem -cert public-cert.pem -accept 1965
+
+# And of course creating a client with openssl. The -servername is needed for SNI
+openssl s_client -connect example.com:1965 -servername example.com
 ```
 
 
diff --git a/example.js b/example.js
index 3e283c5..ddb8371 100644
--- a/example.js
+++ b/example.js
@@ -4,6 +4,8 @@ import DefaultHandler from "./handlers/default.js";
 import ReverseProxyHandler from "./handlers/revproxy.js";
 
 // import {, staticFileHandler} from "./main.js";
+// If you'r going to be reverse-proxying a server with a self-signed cert, you need
+process.env.NODE_TLS_REJECT_UNAUTHORIZED = 0;
 
 const server = new GeminiServer({
     // port: 1965
diff --git a/handlers/revproxy.js b/handlers/revproxy.js
index 5f04b24..b89296e 100644
--- a/handlers/revproxy.js
+++ b/handlers/revproxy.js
@@ -81,8 +81,10 @@ export default class ReverseProxyHandler extends DefaultHandler {
 
         console.log(`Attempting to proxy ${toServe}.`);
         try {
-            await geminiReq(toServe, socket)
-            return "";
+            // Add back url.search
+            await geminiReq(toServe + url.search, socket);
+            // geminiReq has already handled writing data back to the stream
+            return false;
         }catch (err) {
             console.log("Something went wrong with the proxy.");
             console.error(err);