Just use the log package's default logger as the error log.

certificate.go

@@ -10,24 +10,24 @@ import (
 	"time"
 )
 
-func enforceCertificateValidity(clientCerts []*x509.Certificate, conn net.Conn, log *LogEntry) {
+func enforceCertificateValidity(clientCerts []*x509.Certificate, conn net.Conn, logEntry *LogEntry) {
 	// This will fail if any of multiple certs are invalid
 	// Maybe we should just require one valid?
 	now := time.Now()
 	for _, cert := range clientCerts {
 		if now.Before(cert.NotBefore) {
 			conn.Write([]byte("64 Client certificate not yet valid!\r\n"))
-			log.Status = 64
+			logEntry.Status = 64
 			return
 		} else if now.After(cert.NotAfter) {
 			conn.Write([]byte("65 Client certificate has expired!\r\n"))
-			log.Status = 65
+			logEntry.Status = 65
 			return
 		}
 	}
 }
 
-func handleCertificateZones(URL *url.URL, clientCerts []*x509.Certificate, config Config, conn net.Conn, log *LogEntry) {
+func handleCertificateZones(URL *url.URL, clientCerts []*x509.Certificate, config Config, conn net.Conn, logEntry *LogEntry) {
 	authorised := true
 	for zone, allowedFingerprints := range config.CertificateZones {
 		matched, err := regexp.Match(zone, []byte(URL.Path))
@@ -47,10 +47,10 @@ func handleCertificateZones(URL *url.URL, clientCerts []*x509.Certificate, confi
 	if !authorised {
 		if len(clientCerts) > 0 {
 			conn.Write([]byte("61 Provided certificate not authorised for this resource\r\n"))
-			log.Status = 61
+			logEntry.Status = 61
 		} else {
 			conn.Write([]byte("60 A pre-authorised certificate is required to access this resource\r\n"))
-			log.Status = 60
+			logEntry.Status = 60
 		}
 		return
 	}

config.go

@@ -164,7 +164,7 @@ func getConfig(filename string) (Config, error) {
 	return config, nil
 }
 
-func parseMollyFiles(path string, config *Config, errorLog *log.Logger) {
+func parseMollyFiles(path string, config *Config) {
 	// Replace config variables which use pointers with new ones,
 	// so that changes made here aren't reflected everywhere.
 	newTempRedirects := make(map[string]string)
@@ -224,7 +224,7 @@ func parseMollyFiles(path string, config *Config, errorLog *log.Logger) {
 		// If the file exists and we can read it, try to parse it
 		_, err = toml.DecodeFile(mollyPath, &mollyFile)
 		if err != nil {
-			errorLog.Println("Error parsing .molly file " + mollyPath + ": " + err.Error())
+			log.Println("Error parsing .molly file " + mollyPath + ": " + err.Error())
 			continue
 		}
 		// Overwrite main Config using MollyFile
@@ -237,14 +237,14 @@ func parseMollyFiles(path string, config *Config, errorLog *log.Logger) {
 		config.DirectoryTitles = mollyFile.DirectoryTitles
 		for key, value := range mollyFile.TempRedirects {
 			if strings.Contains(value, "://") && !strings.HasPrefix(value, "gemini://") {
-				errorLog.Println("Ignoring cross-protocol redirect to " + value + " in .molly file " + mollyPath)
+				log.Println("Ignoring cross-protocol redirect to " + value + " in .molly file " + mollyPath)
 				continue
 			}
 			config.TempRedirects[key] = value
 		}
 		for key, value := range mollyFile.PermRedirects {
 			if strings.Contains(value, "://") && !strings.HasPrefix(value, "gemini://") {
-				errorLog.Println("Ignoring cross-protocol redirect to " + value + " in .molly file " + mollyPath)
+				log.Println("Ignoring cross-protocol redirect to " + value + " in .molly file " + mollyPath)
 				continue
 			}
 			config.PermRedirects[key] = value

dynamic.go

@@ -15,7 +15,7 @@ import (
 	"time"
 )
 
-func handleCGI(config Config, path string, cgiPath string, URL *url.URL, log *LogEntry, errorLog *log.Logger, conn net.Conn) {
+func handleCGI(config Config, path string, cgiPath string, URL *url.URL, logEntry *LogEntry, conn net.Conn) {
 	// Find the shortest leading part of path which maps to an executable file.
 	// Call this part scriptPath, and everything after it pathInfo.
 	components := strings.Split(path, "/")
@@ -58,42 +58,42 @@ func handleCGI(config Config, path string, cgiPath string, URL *url.URL, log *Lo
 	response, err := cmd.Output()
 
 	if ctx.Err() == context.DeadlineExceeded {
-		errorLog.Println("Terminating CGI process " + path + " due to exceeding 10 second runtime limit.")
+		log.Println("Terminating CGI process " + path + " due to exceeding 10 second runtime limit.")
 		conn.Write([]byte("42 CGI process timed out!\r\n"))
-		log.Status = 42
+		logEntry.Status = 42
 		return
 	}
 	if err != nil {
-		errorLog.Println("Error running CGI program " + path + ": " + err.Error())
+		log.Println("Error running CGI program " + path + ": " + err.Error())
 		if err, ok := err.(*exec.ExitError); ok {
-			errorLog.Println("↳ stderr output: " + string(err.Stderr))
+			log.Println("↳ stderr output: " + string(err.Stderr))
 		}
 		conn.Write([]byte("42 CGI error!\r\n"))
-		log.Status = 42
+		logEntry.Status = 42
 		return
 	}
 	// Extract response header
 	header, _, err := bufio.NewReader(strings.NewReader(string(response))).ReadLine()
 	status, err2 := strconv.Atoi(strings.Fields(string(header))[0])
 	if err != nil || err2 != nil {
-		errorLog.Println("Unable to parse first line of output from CGI process " + path + " as valid Gemini response header.  Line was: " + string(header))
+		log.Println("Unable to parse first line of output from CGI process " + path + " as valid Gemini response header.  Line was: " + string(header))
 		conn.Write([]byte("42 CGI error!\r\n"))
-		log.Status = 42
+		logEntry.Status = 42
 		return
 	}
-	log.Status = status
+	logEntry.Status = status
 	// Write response
 	conn.Write(response)
 }
 
-func handleSCGI(URL *url.URL, scgiPath string, scgiSocket string, config Config, log *LogEntry, errorLog *log.Logger, conn net.Conn) {
+func handleSCGI(URL *url.URL, scgiPath string, scgiSocket string, config Config, logEntry *LogEntry, conn net.Conn) {
 
 	// Connect to socket
 	socket, err := net.Dial("unix", scgiSocket)
 	if err != nil {
-		errorLog.Println("Error connecting to SCGI socket " + scgiSocket + ": " + err.Error())
+		log.Println("Error connecting to SCGI socket " + scgiSocket + ": " + err.Error())
 		conn.Write([]byte("42 Error connecting to SCGI service!\r\n"))
-		log.Status = 42
+		logEntry.Status = 42
 		return
 	}
 	defer socket.Close()
@@ -123,9 +123,9 @@ func handleSCGI(URL *url.URL, scgiPath string, scgiSocket string, config Config,
 				break
 			} else if !first {
 				// Err
-				errorLog.Println("Error reading from SCGI socket " + scgiSocket + ": " + err.Error())
+				log.Println("Error reading from SCGI socket " + scgiSocket + ": " + err.Error())
 				conn.Write([]byte("42 Error reading from SCGI service!\r\n"))
-				log.Status = 42
+				logEntry.Status = 42
 				return
 			} else {
 				break
@@ -138,10 +138,10 @@ func handleSCGI(URL *url.URL, scgiPath string, scgiSocket string, config Config,
 			status, err := strconv.Atoi(strings.Fields(lines[0])[0])
 			if err != nil {
 				conn.Write([]byte("42 CGI error!\r\n"))
-				log.Status = 42
+				logEntry.Status = 42
 				return
 			}
-			log.Status = status
+			logEntry.Status = status
 		}
 		// Send to client
 		conn.Write(buffer[:n])

handler.go

@@ -35,36 +35,36 @@ func isSubdir(subdir, superdir string) (bool, error) {
     return false, nil
 }
 
-func handleGeminiRequest(conn net.Conn, config Config, accessLogEntries chan LogEntry, errorLog *log.Logger, wg *sync.WaitGroup) {
+func handleGeminiRequest(conn net.Conn, config Config, accessLogEntries chan LogEntry, wg *sync.WaitGroup) {
 	defer conn.Close()
 	defer wg.Done()
 	var tlsConn (*tls.Conn) = conn.(*tls.Conn)
-	var log LogEntry
+	var logEntry LogEntry
-	log.Time = time.Now()
+	logEntry.Time = time.Now()
-	log.RemoteAddr = conn.RemoteAddr()
+	logEntry.RemoteAddr = conn.RemoteAddr()
-	log.RequestURL = "-"
+	logEntry.RequestURL = "-"
-	log.Status = 0
+	logEntry.Status = 0
 	if accessLogEntries != nil {
-		defer func() { accessLogEntries <- log }()
+		defer func() { accessLogEntries <- logEntry }()
 	}
 
 	// Read request
-	URL, err := readRequest(conn, &log, errorLog)
+	URL, err := readRequest(conn, &logEntry)
 	if err != nil {
 		return
 	}
 
 	// Enforce client certificate validity
 	clientCerts := tlsConn.ConnectionState().PeerCertificates
-	enforceCertificateValidity(clientCerts, conn, &log)
+	enforceCertificateValidity(clientCerts, conn, &logEntry)
-	if log.Status != 0 {
+	if logEntry.Status != 0 {
 		return
 	}
 
 	// Reject non-gemini schemes
 	if URL.Scheme != "gemini" {
 		conn.Write([]byte("53 No proxying to non-Gemini content!\r\n"))
-		log.Status = 53
+		logEntry.Status = 53
 		return
 	}
 
@@ -76,14 +76,14 @@ func handleGeminiRequest(conn net.Conn, config Config, accessLogEntries chan Log
 	}
 	if requestedHost != config.Hostname || (URL.Port() != "" && URL.Port() != strconv.Itoa(config.Port)) {
 		conn.Write([]byte("53 No proxying to other hosts or ports!\r\n"))
-		log.Status = 53
+		logEntry.Status = 53
 		return
 	}
 
 	// Fail if there are dots in the path
 	if strings.Contains(URL.Path, "..") {
 		conn.Write([]byte("50 Your directory traversal technique has been defeated!\r\n"))
-		log.Status = 50
+		logEntry.Status = 50
 		return
 	}
 
@@ -91,23 +91,23 @@ func handleGeminiRequest(conn net.Conn, config Config, accessLogEntries chan Log
 	raw_path := resolvePath(URL.Path, config)
 	path, err := filepath.EvalSymlinks(raw_path)
 	if err!= nil {
-		errorLog.Println("Error evaluating path " + raw_path + " for symlinks: " + err.Error())
+		log.Println("Error evaluating path " + raw_path + " for symlinks: " + err.Error())
 		conn.Write([]byte("51 Not found!\r\n"))
-		log.Status = 51
+		logEntry.Status = 51
 	}
 
 	// If symbolic links have been used to escape the intended document directory,
 	// deny all knowledge
 	isSub, err := isSubdir(path, config.DocBase)
 	if err != nil {
-		errorLog.Println("Error testing whether path " + path + " is below DocBase: " + err.Error())
+		log.Println("Error testing whether path " + path + " is below DocBase: " + err.Error())
 	}
 	if !isSub {
-		errorLog.Println("Refusing to follow simlink from " + raw_path + " outside of DocBase!")
+		log.Println("Refusing to follow simlink from " + raw_path + " outside of DocBase!")
 	}
 	if err != nil || !isSub {
 		conn.Write([]byte("51 Not found!\r\n"))
-		log.Status = 51
+		logEntry.Status = 51
 		return
 	}
 
@@ -115,31 +115,31 @@ func handleGeminiRequest(conn net.Conn, config Config, accessLogEntries chan Log
 	// Fail ASAP if the URL has mapped to a sensitive file
 	if path == config.CertPath || path == config.KeyPath || path == config.AccessLog || path == config.ErrorLog || filepath.Base(path) == ".molly" {
 		conn.Write([]byte("51 Not found!\r\n"))
-		log.Status = 51
+		logEntry.Status = 51
 		return
 	}
 
 	// Read Molly files
 	if config.ReadMollyFiles {
-		parseMollyFiles(path, &config, errorLog)
+		parseMollyFiles(path, &config)
 	}
 
 	// Check whether this URL is in a certificate zone
-	handleCertificateZones(URL, clientCerts, config, conn, &log)
+	handleCertificateZones(URL, clientCerts, config, conn, &logEntry)
-	if log.Status != 0 {
+	if logEntry.Status != 0 {
 		return
 	}
 
 	// Check for redirects
-	handleRedirects(URL, config, conn, &log, errorLog)
+	handleRedirects(URL, config, conn, &logEntry)
-	if log.Status != 0 {
+	if logEntry.Status != 0 {
 		return
 	}
 
 	// Check whether this URL is mapped to an SCGI app
 	for scgiPath, scgiSocket := range config.SCGIPaths {
 		if strings.HasPrefix(URL.Path, scgiPath) {
-			handleSCGI(URL, scgiPath, scgiSocket, config, &log, errorLog, conn)
+			handleSCGI(URL, scgiPath, scgiSocket, config, &logEntry, conn)
 			return
 		}
 	}
@@ -147,8 +147,8 @@ func handleGeminiRequest(conn net.Conn, config Config, accessLogEntries chan Log
 	// Check whether this URL is in a configured CGI path
 	for _, cgiPath := range config.CGIPaths {
 		if strings.HasPrefix(path, cgiPath) {
-			handleCGI(config, path, cgiPath, URL, &log, errorLog, conn)
+			handleCGI(config, path, cgiPath, URL, &logEntry, conn)
-			if log.Status != 0 {
+			if logEntry.Status != 0 {
 				return
 			}
 		}
@@ -158,50 +158,50 @@ func handleGeminiRequest(conn net.Conn, config Config, accessLogEntries chan Log
 	info, err := os.Stat(path)
 	if os.IsNotExist(err) || os.IsPermission(err) {
 		conn.Write([]byte("51 Not found!\r\n"))
-		log.Status = 51
+		logEntry.Status = 51
 		return
 	} else if err != nil {
-		errorLog.Println("Error getting info for file " + path + ": " + err.Error())
+		log.Println("Error getting info for file " + path + ": " + err.Error())
 		conn.Write([]byte("40 Temporary failure!\r\n"))
-		log.Status = 40
+		logEntry.Status = 40
 		return
 	} else if uint64(info.Mode().Perm())&0444 != 0444 {
 		conn.Write([]byte("51 Not found!\r\n"))
-		log.Status = 51
+		logEntry.Status = 51
 		return
 	}
 
 	// Finally, serve the file or directory
 	if info.IsDir() {
-		serveDirectory(URL, path, &log, conn, config, errorLog)
+		serveDirectory(URL, path, &logEntry, conn, config)
 	} else {
-		serveFile(path, &log, conn, config, errorLog)
+		serveFile(path, &logEntry, conn, config)
 	}
 }
 
-func readRequest(conn net.Conn, log *LogEntry, errorLog *log.Logger) (*url.URL, error) {
+func readRequest(conn net.Conn, logEntry *LogEntry) (*url.URL, error) {
 	reader := bufio.NewReaderSize(conn, 1024)
 	request, overflow, err := reader.ReadLine()
 	if overflow {
 		conn.Write([]byte("59 Request too long!\r\n"))
-		log.Status = 59
+		logEntry.Status = 59
 		return nil, errors.New("Request too long")
 	} else if err != nil {
-		errorLog.Println("Error reading request from " + conn.RemoteAddr().String() + ": " + err.Error())
+		log.Println("Error reading request from " + conn.RemoteAddr().String() + ": " + err.Error())
 		conn.Write([]byte("40 Unknown error reading request!\r\n"))
-		log.Status = 40
+		logEntry.Status = 40
 		return nil, errors.New("Error reading request")
 	}
 
 	// Parse request as URL
 	URL, err := url.Parse(string(request))
 	if err != nil {
-		errorLog.Println("Error parsing request URL " + string(request) + ": " + err.Error())
+		log.Println("Error parsing request URL " + string(request) + ": " + err.Error())
 		conn.Write([]byte("59 Error parsing URL!\r\n"))
-		log.Status = 59
+		logEntry.Status = 59
 		return nil, errors.New("Bad URL in request")
 	}
-	log.RequestURL = URL.String()
+	logEntry.RequestURL = URL.String()
 
 	// Set implicit scheme
 	if URL.Scheme == "" {
@@ -225,17 +225,17 @@ func resolvePath(path string, config Config) string {
 	return path
 }
 
-func handleRedirects(URL *url.URL, config Config, conn net.Conn, log *LogEntry, errorLog *log.Logger) {
+func handleRedirects(URL *url.URL, config Config, conn net.Conn, logEntry *LogEntry) {
-	handleRedirectsInner(URL, config.TempRedirects, 30, conn, log, errorLog)
+	handleRedirectsInner(URL, config.TempRedirects, 30, conn, logEntry)
-	handleRedirectsInner(URL, config.PermRedirects, 31, conn, log, errorLog)
+	handleRedirectsInner(URL, config.PermRedirects, 31, conn, logEntry)
 }
 
-func handleRedirectsInner(URL *url.URL, redirects map[string]string, status int, conn net.Conn, log *LogEntry, errorLog *log.Logger) {
+func handleRedirectsInner(URL *url.URL, redirects map[string]string, status int, conn net.Conn, logEntry *LogEntry) {
 	strStatus := strconv.Itoa(status)
 	for src, dst := range redirects {
 		compiled, err := regexp.Compile(src)
 		if err != nil {
-			errorLog.Println("Error compiling redirect regexp " + src + ": " + err.Error())
+			log.Println("Error compiling redirect regexp " + src + ": " + err.Error())
 			continue
 		}
 		if compiled.MatchString(URL.Path) {
@@ -245,42 +245,42 @@ func handleRedirectsInner(URL *url.URL, redirects map[string]string, status int,
 				new_target = URL.String()
 			}
 			conn.Write([]byte(strStatus + " " + new_target + "\r\n"))
-			log.Status = status
+			logEntry.Status = status
 			return
 		}
 	}
 }
 
-func serveDirectory(URL *url.URL, path string, log *LogEntry, conn net.Conn, config Config, errorLog *log.Logger) {
+func serveDirectory(URL *url.URL, path string, logEntry *LogEntry, conn net.Conn, config Config) {
 	// Redirect to add trailing slash if missing
 	// (otherwise relative links don't work properly)
 	if !strings.HasSuffix(URL.Path, "/") {
 		URL.Path += "/"
 		conn.Write([]byte(fmt.Sprintf("31 %s\r\n", URL.String())))
-		log.Status = 31
+		logEntry.Status = 31
 		return
 	}
 	// Check for index.gmi if path is a directory
 	index_path := filepath.Join(path, "index."+config.GeminiExt)
 	index_info, err := os.Stat(index_path)
 	if err == nil && uint64(index_info.Mode().Perm())&0444 == 0444 {
-		serveFile(index_path, log, conn, config, errorLog)
+		serveFile(index_path, logEntry, conn, config)
 		// Serve a generated listing
 	} else {
 		listing, err := generateDirectoryListing(URL, path, config)
 		if err != nil {
-			errorLog.Println("Error generating listing for directory " + path + ": " + err.Error())
+			log.Println("Error generating listing for directory " + path + ": " + err.Error())
 			conn.Write([]byte("40 Server error!\r\n"))
-			log.Status = 40
+			logEntry.Status = 40
 			return
 		}
 		conn.Write([]byte("20 text/gemini\r\n"))
-		log.Status = 20
+		logEntry.Status = 20
 		conn.Write([]byte(listing))
 	}
 }
 
-func serveFile(path string, log *LogEntry, conn net.Conn, config Config, errorLog *log.Logger) {
+func serveFile(path string, logEntry *LogEntry, conn net.Conn, config Config) {
 	// Get MIME type of files
 	ext := filepath.Ext(path)
 	var mimeType string
@@ -311,14 +311,14 @@ func serveFile(path string, log *LogEntry, conn net.Conn, config Config, errorLo
 
 	f, err := os.Open(path)
 	if err != nil {
-		errorLog.Println("Error reading file " + path + ": " + err.Error())
+		log.Println("Error reading file " + path + ": " + err.Error())
 		conn.Write([]byte("50 Error!\r\n"))
-		log.Status = 50
+		logEntry.Status = 50
 		return
 	}
 	defer f.Close()
 
 	conn.Write([]byte(fmt.Sprintf("20 %s\r\n", mimeType)))
 	io.Copy(conn, f)
-	log.Status = 20
+	logEntry.Status = 20
 }

main.go

@@ -51,7 +51,7 @@ func do_main(config Config) int {
 	// chroot() possibly stops seeing /etc/passwd
 	privInfo, err := getUserInfo(config)
 	if err != nil {
-		errorLog.Println("Exiting due to failure to apply security restrictions.")
+		log.Println("Exiting due to failure to apply security restrictions.")
 		return 1
 	}
 
@@ -65,18 +65,16 @@ func do_main(config Config) int {
 	}
 
 	// Open log files
-	var errorLogFile *os.File
+	if config.ErrorLog != "" {
-	if config.ErrorLog == "" {
+		errorLogFile, err := os.OpenFile(config.ErrorLog, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
-		errorLogFile = os.Stderr
-	} else {
-		errorLogFile, err = os.OpenFile(config.ErrorLog, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
 		if err != nil {
-			log.Println(err)
+			log.Println("Error opening error log file: " + err.Error())
 			return 1
 		}
 		defer errorLogFile.Close()
+		log.SetOutput(errorLogFile)
 	}
-	errorLog := log.New(errorLogFile, "", log.Ldate|log.Ltime)
+	log.SetFlags(log.Ldate|log.Ltime)
 
 	var accessLogFile *os.File
 	if config.AccessLog == "-" {
@@ -84,8 +82,7 @@ func do_main(config Config) int {
 	} else if config.AccessLog != "" {
 		accessLogFile, err = os.OpenFile(config.AccessLog, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
 		if err != nil {
-			errorLog.Println("Error opening access log file: " + err.Error())
+			log.Println("Error opening access log file: " + err.Error())
-			log.Println(err)
 			return 1
 		}
 		defer accessLogFile.Close()
@@ -95,16 +92,16 @@ func do_main(config Config) int {
 	// Check key file permissions first
 	info, err := os.Stat(config.KeyPath)
 	if err != nil {
-		errorLog.Println("Error opening TLS key file: " + err.Error())
+		log.Println("Error opening TLS key file: " + err.Error())
 		return 1
 	}
 	if uint64(info.Mode().Perm())&0444 == 0444 {
-		errorLog.Println("Refusing to use world-readable TLS key file " + config.KeyPath)
+		log.Println("Refusing to use world-readable TLS key file " + config.KeyPath)
 		return 1
 	}
 	cert, err := tls.LoadX509KeyPair(config.CertPath, config.KeyPath)
 	if err != nil {
-		errorLog.Println("Error loading TLS keypair: " + err.Error())
+		log.Println("Error loading TLS keypair: " + err.Error())
 		return 1
 	}
 	tlscfg := &tls.Config{
@@ -117,20 +114,20 @@ func do_main(config Config) int {
 	// But if we can't for some reason it's no big deal
         err = os.Chdir("/")
         if err != nil {
-                errorLog.Println("Could not change working directory to /: " + err.Error())
+                log.Println("Could not change working directory to /: " + err.Error())
         }
 
 	// Apply security restrictions
-	err = enableSecurityRestrictions(config, privInfo, errorLog)
+	err = enableSecurityRestrictions(config, privInfo)
 	if err != nil {
-		errorLog.Println("Exiting due to failure to apply security restrictions.")
+		log.Println("Exiting due to failure to apply security restrictions.")
 		return 1
 	}
 
 	// Create TLS listener
 	listener, err := tls.Listen("tcp", ":"+strconv.Itoa(config.Port), tlscfg)
 	if err != nil {
-		errorLog.Println("Error creating TLS listener: " + err.Error())
+		log.Println("Error creating TLS listener: " + err.Error())
 		return 1
 	}
 	defer listener.Close()
@@ -155,7 +152,7 @@ func do_main(config Config) int {
 	signal.Notify(sigterm, syscall.SIGTERM)
 	go func() {
 		<-sigterm
-		errorLog.Println("Caught SIGTERM.  Waiting for handlers to finish...")
+		log.Println("Caught SIGTERM.  Waiting for handlers to finish...")
 		close(shutdown)
 		listener.Close()
 	}()
@@ -167,19 +164,19 @@ func do_main(config Config) int {
 		conn, err := listener.Accept()
 		if err == nil {
 			wg.Add(1)
-			go handleGeminiRequest(conn, config, accessLogEntries, errorLog, &wg)
+			go handleGeminiRequest(conn, config, accessLogEntries, &wg)
 		} else {
 			select {
 			case <-shutdown:
 				running = false
 			default:
-				errorLog.Println("Error accepting connection: " + err.Error())
+				log.Println("Error accepting connection: " + err.Error())
 			}
 		}
 	}
 	// Wait for still-running handler Go routines to finish
 	wg.Wait()
-	errorLog.Println("Exiting.")
+	log.Println("Exiting.")
 
 	// Exit successfully
 	return 0

security.go

@@ -2,13 +2,9 @@
 
 package main
 
-import (
-	"log"
-)
-
 // Restrict access to the files specified in config in an OS-dependent way.
 // This is intended to be called immediately prior to accepting client
 // connections and may be used to establish a security "jail" for the molly
 // brown executable.
-func enableSecurityRestrictions(config Config, ui userInfo, errorLog *log.Logger) error {
+func enableSecurityRestrictions(config Config, ui userInfo) error {
 }

security_dropprivs.go

@@ -69,7 +69,7 @@ func getUserInfo(config Config) (userInfo, error) {
 
 	return ui, nil
 }
-func DropPrivs(ui userInfo, errorLog *log.Logger) error {
+func DropPrivs(ui userInfo) error {
 
 	// If we're already unprivileged, all good
 	if !ui.need_drop {
@@ -80,7 +80,7 @@ func DropPrivs(ui userInfo, errorLog *log.Logger) error {
 	if ui.root_supp_group {
 		err := syscall.Setgroups([]int{})
 		if err != nil {
-			errorLog.Println("Could not unset supplementary groups: " + err.Error())
+			log.Println("Could not unset supplementary groups: " + err.Error())
 			return err
 		}
 	}
@@ -89,7 +89,7 @@ func DropPrivs(ui userInfo, errorLog *log.Logger) error {
 	if ui.root_prim_group {
 		err := syscall.Setgid(ui.unpriv_gid)
 		if err != nil {
-			errorLog.Println("Could not setgid to " + strconv.Itoa(ui.unpriv_gid) + ": " + err.Error())
+			log.Println("Could not setgid to " + strconv.Itoa(ui.unpriv_gid) + ": " + err.Error())
 			return err
 		}
 	}
@@ -98,7 +98,7 @@ func DropPrivs(ui userInfo, errorLog *log.Logger) error {
 	if ui.root_user {
 		err := syscall.Setuid(ui.unpriv_uid)
 		if err != nil {
-			errorLog.Println("Could not setuid to " + strconv.Itoa(ui.unpriv_uid) + ": " + err.Error())
+			log.Println("Could not setuid to " + strconv.Itoa(ui.unpriv_uid) + ": " + err.Error())
 			return err
 		}
 	}

security_oldgolinux.go

@@ -7,7 +7,7 @@ import (
 	"os"
 )
 
-func enableSecurityRestrictions(config Config, ui userInfo, errorLog *log.Logger) error {
+func enableSecurityRestrictions(config Config, ui userInfo) error {
 
 	// Prior to Go 1.6, setuid did not work reliably on Linux
 	// So, absolutely refuse to run as root
@@ -15,7 +15,7 @@ func enableSecurityRestrictions(config Config, ui userInfo, errorLog *log.Logger
 	euid := os.Geteuid()
 	if uid == 0 || euid == 0 {
 		setuid_err := "Refusing to run with root privileges when setuid() will not work!"
-		errorLog.Println(setuid_err)
+		log.Println(setuid_err)
 		return error.New(setuid_err)
 	}
 

security_openbsd.go

@@ -11,10 +11,10 @@ import (
 // operations available to the molly brown executable. Please note that (S)CGI
 // processes that molly brown spawns or communicates with are unrestricted
 // and should pledge their own restrictions and unveil their own files.
-func enableSecurityRestrictions(config Config, ui userInfo, errorLog *log.Logger) error {
+func enableSecurityRestrictions(config Config, ui userInfo) error {
 
 	// Setuid to an unprivileged user
-	err := DropPrivs(ui, errorLog)
+	err := DropPrivs(ui)
 	if err != nil {
 		return err
 	}
@@ -23,7 +23,7 @@ func enableSecurityRestrictions(config Config, ui userInfo, errorLog *log.Logger
 	log.Println("Unveiling \"" + config.DocBase + "\" as readable.")
 	err := unix.Unveil(config.DocBase, "r")
 	if err != nil {
-		errorLog.Println("Could not unveil DocBase: " + err.Error())
+		log.Println("Could not unveil DocBase: " + err.Error())
 		return err
 	}
 
@@ -34,7 +34,7 @@ func enableSecurityRestrictions(config Config, ui userInfo, errorLog *log.Logger
 			log.Println("Unveiling \"" + cgiGlobbedPath + "\" as executable.")
 			err = unix.Unveil(cgiGlobbedPath, "rx")
 			if err != nil {
-				errorLog.Println("Could not unveil CGIPaths: " + err.Error())
+				log.Println("Could not unveil CGIPaths: " + err.Error())
 				return err
 			}
 		}
@@ -53,7 +53,7 @@ func enableSecurityRestrictions(config Config, ui userInfo, errorLog *log.Logger
 	// Any files not whitelisted above won't be accessible to molly brown.
 	err = unix.UnveilBlock()
 	if err != nil {
-		errorLog.Println("Could not block unveil: " + err.Error())
+		log.Println("Could not block unveil: " + err.Error())
 		return err
 	}
 
@@ -69,7 +69,7 @@ func enableSecurityRestrictions(config Config, ui userInfo, errorLog *log.Logger
 	}
 	err = unix.PledgePromises(promises)
 	if err != nil {
-		errorLog.Println("Could not pledge: " + err.Error())
+		log.Println("Could not pledge: " + err.Error())
 		return err
 	}
 }

security_other_unix.go

@@ -2,13 +2,9 @@
 
 package main
 
-import (
+func enableSecurityRestrictions(config Config, ui userInfo) error {
-	"log"
-)
-
-func enableSecurityRestrictions(config Config, ui userInfo, errorLog *log.Logger) error {
 
 	// Setuid to an unprivileged user
-	return DropPrivs(ui, errorLog)
+	return DropPrivs(ui)
 
 }