1
1
Fork 0
mirror of https://tildegit.org/solderpunk/molly-brown synced 2024-03-28 16:09:51 +01:00
Commit Graph

192 Commits

Author SHA1 Message Date
Alex Kotov 2068c3b02a Allow to disable directory listing
Signed-off-by: Solderpunk <solderpunk@posteo.net>
2023-08-20 14:30:51 +02:00
Solderpunk 64a4ff72f0 Remove debugging Println. 2023-04-09 15:24:34 +02:00
Solderpunk 1b7d661abd Type trashing to fix last commit. 2023-04-09 14:24:39 +02:00
Solderpunk 051df29604 Add a write deadline with maximum allowed download time derived from filesize. See #35. 2023-04-09 14:12:38 +02:00
Solderpunk 6f0865447d Adds leaky token bucket rate limiting with bans for non-compliant clients. 2023-04-09 13:57:59 +02:00
Solderpunk 2c3225c1c0 Fix crash when CGI processes end without writing anything at all to stdout. Closes #38. 2023-03-22 21:03:30 +01:00
Solderpunk 4b54eb6134 Set 30 second deadline for reading requests. See #35. 2023-03-19 11:51:44 +01:00
Solderpunk 8e618a6304 Double hard limit ban durations each time. 2023-03-19 10:31:06 +01:00
Solderpunk 4b9a7e8ad5 Correctly implement bans for clients exceeding hard limit. 2023-03-19 10:30:08 +01:00
Solderpunk efde852c54 Refactor rate limiting to have soft and hard limits, block clients exceeding hard limits for one hour. 2023-03-18 16:40:23 +01:00
Solderpunk 3c5835f033 Continue to increment drips once bucket is overflowing. 2023-03-18 15:45:35 +01:00
Solderpunk a6170a355d Make rate limiting configurable. 2023-03-17 19:52:39 +01:00
Solderpunk 5016f40edb Initial implementation of leaky bucket rate limiting. 2023-03-16 20:27:45 +01:00
Solderpunk c4866d2965 Check for a CGI path prefix before insisting that an exact path exists on disk. Closes #36. 2023-03-16 19:23:32 +01:00
Solderpunk 72a94cab00 Restore Go 1.15 compatibility. 2023-03-04 14:27:01 +01:00
Solderpunk e30f39b196 Fix typo in error message. 2023-03-02 19:43:24 +01:00
Solderpunk 3a03995f26 Actually, be *more* clever about client certs...(see e70ec) 2023-03-02 17:24:34 +01:00
Solderpunk bd07cb3507 Check for errors when parsing TLS certificates even after successful PEM decoding. 2023-03-01 19:50:45 +01:00
Solderpunk 81b4f1dcc0 Fix small variable name error. 2023-02-27 08:35:11 +01:00
Solderpunk d3d415b612 Add missing return. 2023-02-26 19:42:49 +01:00
Solderpunk eefb1bc3a6 Further simplifications of config parsing code. 2023-02-26 19:42:30 +01:00
Solderpunk f9585ff2b7 Rearrange the logic of handling requests without changing behaviour.
The new order handles certificate zones and redirects defined in the
system-wide config file as well as SCGI paths as early as possible
without doing any unecessary filesystem operations and especially
without the potentially expensive search for .molly files.
2023-02-25 12:06:34 +01:00
Solderpunk eb85a6e94c Another big refactor, splitting the Config struct in two.
The split reflects that between variables which can and cannot be
overridden by .molly files, and this greatly simplifies the
processing of said files, getting rid of the need for lots of
ugly temporary variable thrashing.
2023-02-25 11:29:13 +01:00
Solderpunk e70ec82594 Don't try to be clever about when to request client certs: we never know what could be in a .molly file. 2023-02-24 19:12:52 +01:00
Solderpunk bff3d6d486 Restore logging functionality after some subtle variable declaration scoping bugs wiped it out! 2023-02-23 20:49:28 +01:00
Solderpunk a9dab7b48c Argh, fix stupid typo. 2023-02-23 20:04:48 +01:00
Solderpunk c50accfaec Only drop supplementary groups if root is amongst them. 2023-02-23 20:03:21 +01:00
Solderpunk 0274ef8f35 Print warning about expired certificates. 2023-02-23 19:59:11 +01:00
Solderpunk 800c181668 Ensure supplied TLS certificate is valid for configured hostname. 2023-02-23 19:47:14 +01:00
Solderpunk d67f896b84 Add AllowTLS12 option to switch minimum TLS version between 1.2 and 1.3. 2023-02-23 19:31:16 +01:00
Solderpunk 67386cd118 Update README to reflect movement of unix security stuff out of config file into command line switches. 2023-02-23 18:57:56 +01:00
Solderpunk 212c9f79fb A rather extensive refactor.
Basically the function formerly known as do_main() in main.go has
been renamed launch() and moved into launch.go.  Now there are
main.go and main_unix.go files implementing minmial main()
functions which load a config and pass it to launch.  This allows
separating unix-specific security stuff (both the actual system
calls which won't compile on other platforms and the definition
of command line switches) out from the platform agnostic
implementation of the main server logic.  It also simplifies the
interaction of relative paths in config files with chrooting.

Docs still need updating...
2023-02-23 18:49:15 +01:00
Solderpunk 8d1a04cb27 Fix minor bugs on OpenBSD-only code, after discovering easy of cross-compilation in Go. 2023-02-22 21:16:11 +01:00
Solderpunk 40203a8856 Use net/http.DetectContentType as a last resort for MIME, rather than hardcoding application/octet-stream. 2023-02-21 19:22:19 +01:00
Solderpunk 75c283fc74 Restore documented setuid behaviour. 2023-02-19 18:28:52 +01:00
Solderpunk f63fcdb6d1 Do not request client certificates if we're never going to need them. 2023-02-19 15:17:45 +01:00
Solderpunk 7a89b307a1 Just use the log package's default logger as the error log. 2023-02-19 15:04:34 +01:00
Solderpunk 072669a167 Avoid use of log.Fatal() or os.Exit() in main so defers are guaranteed to run. 2023-02-19 14:40:54 +01:00
Solderpunk 7fad754ff2 Drop privileges much more thoroughly, thanks nervuri! (see issue #16) 2023-02-19 13:17:24 +01:00
Solderpunk 182e58ffe3 Make unprivileged user configurable, thanks nervuri! (see issue #16) 2023-02-15 21:16:49 +01:00
Solderpunk c0c67f7ba6 Whoops, don't ignore error from filepath.Abs. 2023-02-15 21:15:14 +01:00
Solderpunk 8372142843 Add support for chroot()ing server early after startup, more work toward issue #16. 2023-02-15 21:10:22 +01:00
Solderpunk 06c6d190a6 Guard against symbolic links escaping the document base. 2023-02-13 22:15:42 +01:00
Solderpunk bb0a04d2c7 Add a little bit of extra security advice to the README, a tiny extra step toward closing issue #16. 2023-02-13 21:52:08 +01:00
Solderpunk 4e6a8fcd05 Use setuid() systemcall wherever possible to reduce privileges before accepting network connections. First step toward solving issue #16. 2023-02-13 20:26:52 +01:00
Solderpunk 5258b29c6b Big ol' gofmt. 2023-02-10 17:19:21 +01:00
Solderpunk 56d8dde14a Chdir to / so that Molly doesn't interfere with unmounting. 2023-02-10 16:16:57 +01:00
Solderpunk b16fe0b8d4 Absolutise DocBase before trying to absolutise anything else relative to it. 2023-02-08 20:32:17 +01:00
Solderpunk 17d17a1629 Catch SIGTERM and shutdown gracefully. 2023-02-08 19:56:27 +01:00
Solderpunk 86720131d3 Declare dependenc upon x/sys to support OpenBSD security features. 2023-02-08 19:54:58 +01:00