mirror/molly-brown
1
1
Fork 0
mirror of https://tildegit.org/solderpunk/molly-brown synced 2024-09-26 14:50:38 +02:00
Code
162 Commits 2 Branches 0 Tags 544 KiB
67386cd118
Commit Graph

29 Commits

Author SHA1 Message Date
Solderpunk
212c9f79fb A rather extensive refactor. 
Basically the function formerly known as do_main() in main.go has
been renamed launch() and moved into launch.go.  Now there are
main.go and main_unix.go files implementing minmial main()
functions which load a config and pass it to launch.  This allows
separating unix-specific security stuff (both the actual system
calls which won't compile on other platforms and the definition
of command line switches) out from the platform agnostic
implementation of the main server logic.  It also simplifies the
interaction of relative paths in config files with chrooting.

Docs still need updating...
 2023-02-23 18:49:15 +01:00
Solderpunk
f63fcdb6d1 Do not request client certificates if we're never going to need them. 2023-02-19 15:17:45 +01:00
Solderpunk
7a89b307a1 Just use the log package's default logger as the error log. 2023-02-19 15:04:34 +01:00
Solderpunk
072669a167 Avoid use of log.Fatal() or os.Exit() in main so defers are guaranteed to run. 2023-02-19 14:40:54 +01:00
Solderpunk
7fad754ff2 Drop privileges much more thoroughly, thanks nervuri! (see issue #16) 2023-02-19 13:17:24 +01:00
Solderpunk
182e58ffe3 Make unprivileged user configurable, thanks nervuri! (see issue #16) 2023-02-15 21:16:49 +01:00
Solderpunk
8372142843 Add support for chroot()ing server early after startup, more work toward issue #16. 2023-02-15 21:10:22 +01:00
Solderpunk
5258b29c6b Big ol' gofmt. 2023-02-10 17:19:21 +01:00
Solderpunk
56d8dde14a Chdir to / so that Molly doesn't interfere with unmounting. 2023-02-10 16:16:57 +01:00
Solderpunk
17d17a1629 Catch SIGTERM and shutdown gracefully. 2023-02-08 19:56:27 +01:00
Solderpunk
b16a8584a6 Merge pull request 'Added pledge(2) and unveil(2) system calls to improve security on OpenBSD.' (#13) from kvothe/molly-brown:master into master 
Reviewed-on: https://tildegit.org/solderpunk/molly-brown/pulls/13
 2023-02-08 17:54:29 +00:00
Solderpunk
3be10b82d7 Allow no access logging with empty string log file path. 2023-02-07 19:59:43 +01:00
Solderpunk
443bfd4bbd Change to error logging behaviour (stderr instead of stdout, by default). 2023-02-07 19:33:14 +01:00
Solderpunk
16bf8e0534 Refuse to use a world-readable TLS key. 2023-02-07 19:23:35 +01:00
Solderpunk
2d6f4db38e Add -v flag to print version and exit. Closes #23. 2023-02-05 15:36:18 +01:00
Solderpunk
92cd40db12 Allow access and error logging to stdout by configuring a path of "-". 
Thanks to @icedquinn@blob.cat for the suggestion.
 2021-01-24 17:09:47 +01:00
kvothe
03ca12d0c1 First pass at a pledge/unveil implementation for OpenBSD. 2020-09-14 22:21:05 -04:00
Solderpunk
821a862036 Use standard library logging facilities for error log. 2020-07-01 19:57:39 +02:00
Solderpunk
3c4c447bd3 Broader config file error handling. 2020-07-01 19:56:43 +02:00
Solderpunk
990b7071d0 gofmt fixes. 2020-06-30 19:13:02 +02:00
Solderpunk
77691d6983 Introduce error log. 2020-06-28 18:34:50 +02:00
Solderpunk
b0b18971f4 Run gofmt on everything for the first time ever! 2020-06-10 21:31:13 +02:00
Solderpunk
bec952c66a Use log.Fatal instead of fmt.Println and os.Exit. 2020-06-08 20:02:29 +02:00
Solderpunk
6f3887bdc4 Request client certificates, check validity dates of received certs and pass certs to handleCGI. 2020-06-05 19:39:28 +02:00
Solderpunk
44d72c2bf2 Make it clear what is wrong with a config file. 2020-06-04 20:36:03 +02:00
Solderpunk
d14198aeba Add missing import from previous commit. 2020-05-21 22:50:33 +02:00
Solderpunk
203c259e7f Honour port setting from config file. 2020-05-19 22:05:48 +02:00
Solderpunk
7566636c97 Add basic logging. 2019-11-06 18:38:41 +02:00
Solderpunk
0ddf8ca2ae Initial bare bones implementation. 2019-11-06 17:08:44 +02:00