solderpunk
/
molly-brown
7
29
Fork 10
Code Issues 9 Pull Requests Releases Wiki Activity
181 Commits 2 Branches 0 Tags 207 KiB
Commit Graph

181 Commits

Author SHA1 Message Date
Solderpunk 2c3225c1c0 Fix crash when CGI processes end without writing anything at all to stdout. Closes #38. 2023-03-22 21:03:30 +01:00
Solderpunk 4b54eb6134 Set 30 second deadline for reading requests. See #35. 2023-03-19 11:51:44 +01:00
Solderpunk c4866d2965 Check for a CGI path prefix before insisting that an exact path exists on disk. Closes #36. 2023-03-16 19:23:32 +01:00
Solderpunk 72a94cab00 Restore Go 1.15 compatibility. 2023-03-04 14:27:01 +01:00
Solderpunk e30f39b196 Fix typo in error message. 2023-03-02 19:43:24 +01:00
Solderpunk 3a03995f26 Actually, be *more* clever about client certs...(see e70ec) 2023-03-02 17:24:34 +01:00
Solderpunk bd07cb3507 Check for errors when parsing TLS certificates even after successful PEM decoding. 2023-03-01 19:50:45 +01:00
Solderpunk 81b4f1dcc0 Fix small variable name error. 2023-02-27 08:35:11 +01:00
Solderpunk d3d415b612 Add missing return. 2023-02-26 19:42:49 +01:00
Solderpunk eefb1bc3a6 Further simplifications of config parsing code. 2023-02-26 19:42:30 +01:00
Solderpunk f9585ff2b7 Rearrange the logic of handling requests without changing behaviour. 
The new order handles certificate zones and redirects defined in the
system-wide config file as well as SCGI paths as early as possible
without doing any unecessary filesystem operations and especially
without the potentially expensive search for .molly files.
 2023-02-25 12:06:34 +01:00
Solderpunk eb85a6e94c Another big refactor, splitting the Config struct in two. 
The split reflects that between variables which can and cannot be
overridden by .molly files, and this greatly simplifies the
processing of said files, getting rid of the need for lots of
ugly temporary variable thrashing.
 2023-02-25 11:29:13 +01:00
Solderpunk e70ec82594 Don't try to be clever about when to request client certs: we never know what could be in a .molly file. 2023-02-24 19:12:52 +01:00
Solderpunk bff3d6d486 Restore logging functionality after some subtle variable declaration scoping bugs wiped it out! 2023-02-23 20:49:28 +01:00
Solderpunk a9dab7b48c Argh, fix stupid typo. 2023-02-23 20:04:48 +01:00
Solderpunk c50accfaec Only drop supplementary groups if root is amongst them. 2023-02-23 20:03:21 +01:00
Solderpunk 0274ef8f35 Print warning about expired certificates. 2023-02-23 19:59:11 +01:00
Solderpunk 800c181668 Ensure supplied TLS certificate is valid for configured hostname. 2023-02-23 19:47:14 +01:00
Solderpunk d67f896b84 Add AllowTLS12 option to switch minimum TLS version between 1.2 and 1.3. 2023-02-23 19:31:16 +01:00
Solderpunk 67386cd118 Update README to reflect movement of unix security stuff out of config file into command line switches. 2023-02-23 18:57:56 +01:00
Solderpunk 212c9f79fb A rather extensive refactor. 
Basically the function formerly known as do_main() in main.go has
been renamed launch() and moved into launch.go.  Now there are
main.go and main_unix.go files implementing minmial main()
functions which load a config and pass it to launch.  This allows
separating unix-specific security stuff (both the actual system
calls which won't compile on other platforms and the definition
of command line switches) out from the platform agnostic
implementation of the main server logic.  It also simplifies the
interaction of relative paths in config files with chrooting.

Docs still need updating...
 2023-02-23 18:49:15 +01:00
Solderpunk 8d1a04cb27 Fix minor bugs on OpenBSD-only code, after discovering easy of cross-compilation in Go. 2023-02-22 21:16:11 +01:00
Solderpunk 40203a8856 Use net/http.DetectContentType as a last resort for MIME, rather than hardcoding application/octet-stream. 2023-02-21 19:22:19 +01:00
Solderpunk 75c283fc74 Restore documented setuid behaviour. 2023-02-19 18:28:52 +01:00
Solderpunk f63fcdb6d1 Do not request client certificates if we're never going to need them. 2023-02-19 15:17:45 +01:00
Solderpunk 7a89b307a1 Just use the log package's default logger as the error log. 2023-02-19 15:04:34 +01:00
Solderpunk 072669a167 Avoid use of log.Fatal() or os.Exit() in main so defers are guaranteed to run. 2023-02-19 14:40:54 +01:00
Solderpunk 7fad754ff2 Drop privileges much more thoroughly, thanks nervuri! (see issue #16) 2023-02-19 13:17:24 +01:00
Solderpunk 182e58ffe3 Make unprivileged user configurable, thanks nervuri! (see issue #16) 2023-02-15 21:16:49 +01:00
Solderpunk c0c67f7ba6 Whoops, don't ignore error from filepath.Abs. 2023-02-15 21:15:14 +01:00
Solderpunk 8372142843 Add support for chroot()ing server early after startup, more work toward issue #16. 2023-02-15 21:10:22 +01:00
Solderpunk 06c6d190a6 Guard against symbolic links escaping the document base. 2023-02-13 22:15:42 +01:00
Solderpunk bb0a04d2c7 Add a little bit of extra security advice to the README, a tiny extra step toward closing issue #16. 2023-02-13 21:52:08 +01:00
Solderpunk 4e6a8fcd05 Use setuid() systemcall wherever possible to reduce privileges before accepting network connections. First step toward solving issue #16. 2023-02-13 20:26:52 +01:00
Solderpunk 5258b29c6b Big ol' gofmt. 2023-02-10 17:19:21 +01:00
Solderpunk 56d8dde14a Chdir to / so that Molly doesn't interfere with unmounting. 2023-02-10 16:16:57 +01:00
Solderpunk b16fe0b8d4 Absolutise DocBase before trying to absolutise anything else relative to it. 2023-02-08 20:32:17 +01:00
Solderpunk 17d17a1629 Catch SIGTERM and shutdown gracefully. 2023-02-08 19:56:27 +01:00
Solderpunk 86720131d3 Declare dependenc upon x/sys to support OpenBSD security features. 2023-02-08 19:54:58 +01:00
Solderpunk b16a8584a6 Merge pull request 'Added pledge(2) and unveil(2) system calls to improve security on OpenBSD.' (#13) from kvothe/molly-brown:master into master 
Reviewed-on: #13
 2023-02-08 17:54:29 +00:00
Solderpunk 0d5d67c86d Forcibly ingest Kool-Aid. 2023-02-08 18:53:29 +01:00
Solderpunk 3be10b82d7 Allow no access logging with empty string log file path. 2023-02-07 19:59:43 +01:00
Solderpunk 443bfd4bbd Change to error logging behaviour (stderr instead of stdout, by default). 2023-02-07 19:33:14 +01:00
Solderpunk 16bf8e0534 Refuse to use a world-readable TLS key. 2023-02-07 19:23:35 +01:00
Solderpunk c0d0c0991c Update date and email address in LICENSE. 2023-02-07 19:12:24 +01:00
Solderpunk 8541b6194b Resolve non-absolute values of CGIPaths relative to DocBase. Closes #24. 2023-02-05 16:54:07 +01:00
Solderpunk 2d6f4db38e Add -v flag to print version and exit. Closes #23. 2023-02-05 15:36:18 +01:00
Solderpunk d9e0fed193 Tidy up DirectorySubdirsFirst sorting code by doing two consecutive sorts. Closes #30. 2023-02-05 15:04:49 +01:00
Solderpunk 8446885f56 Rename DirectoriesFirst option to DirectorySubdirsFirst and document in README. 2023-02-05 14:35:29 +01:00
Russ Magee 67d509a234 Sort directory listings with directories before files 2023-02-05 13:36:16 +01:00