YGGverse/agate
1
0
Fork 0
mirror of https://github.com/YGGverse/agate.git synced 2026-04-08 20:45:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

add host and port checks

Browse source 
If the host does not match, the status code 53 should be used. But I am not sure how
to implement this best as the parse_request function only returns a String as error.
This commit is contained in:
Johann150 2020-11-14 11:15:30 +01:00
parent bd2bc310d9
commit 7ef914153b
No known key found for this signature in database
GPG key ID: 9EE6577A2A06F8F1
2 changed files with 14 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -27,12 +27,15 @@ openssl req -x509 -newkey rsa:4096 -keyout key.rsa -out cert.pem \
-days 3650 -nodes -subj "/CN=example.com" -days 3650 -nodes -subj "/CN=example.com"
``` ```
3. Run the server. The command line arguments are `agate <addr:port> <content_dir> <cert_file> <key_file>`. For example, to listen on the standard Gemini port (1965) on all interfaces: 3. Run the server. The command line arguments are `agate <addr:port> <content_dir> <cert_file> <key_file> [<domain>]`. For example, to listen on the standard Gemini port (1965) on all interfaces:
``` ```
agate 0.0.0.0:1965 path/to/content/ cert.pem key.rsa agate 0.0.0.0:1965 path/to/content/ cert.pem key.rsa
``` ```
Agate will check that the port part of the requested URL matches the port specified in the 1st argument.
If `<domain>` is specified, agate will also check that the host part of the requested URL matches this domain.
When a client requests the URL `gemini://example.com/foo/bar`, Agate will respond with the file at `path/to/content/foo/bar`. If there is a directory at that path, Agate will look for a file named `index.gmi` inside that directory. When a client requests the URL `gemini://example.com/foo/bar`, Agate will respond with the file at `path/to/content/foo/bar`. If there is a directory at that path, Agate will look for a file named `index.gmi` inside that directory.
Optionally, set a log level via the `AGATE_LOG` environment variable. Logging is powered by the [env_logger crate](https://crates.io/crates/env_logger): Optionally, set a log level via the `AGATE_LOG` environment variable. Logging is powered by the [env_logger crate](https://crates.io/crates/env_logger):

12
src/main.rs
View file

@ -25,7 +25,7 @@ fn main() -> Result {
type Result<T=()> = std::result::Result<T, Box<dyn Error + Send + Sync>>; type Result<T=()> = std::result::Result<T, Box<dyn Error + Send + Sync>>;
static ARGS: Lazy<Args> = Lazy::new(|| args().unwrap_or_else(|| { static ARGS: Lazy<Args> = Lazy::new(|| args().unwrap_or_else(|| {
eprintln!("usage: agate <addr:port> <dir> <cert> <key>"); eprintln!("usage: agate <addr:port> <dir> <cert> <key> [<domain to check>]");
std::process::exit(1); std::process::exit(1);
})); }));
@ -34,6 +34,7 @@ struct Args {
content_dir: String, content_dir: String,
cert_file: String, cert_file: String,
key_file: String, key_file: String,
domain: Option<String>,
} }
fn args() -> Option<Args> { fn args() -> Option<Args> {
@ -43,6 +44,7 @@ fn args() -> Option<Args> {
content_dir: args.next()?, content_dir: args.next()?,
cert_file: args.next()?, cert_file: args.next()?,
key_file: args.next()?, key_file: args.next()?,
domain: args.next(),
}) })
} }
@ -108,9 +110,15 @@ async fn parse_request<R: Read + Unpin>(stream: &mut R) -> Result<Url> {
Url::parse(request)? Url::parse(request)?
}; };
// Validate the URL. TODO: Check the hostname and port. // Validate the URL, host and port.
if url.scheme() != "gemini" { if url.scheme() != "gemini" {
// FIXME: This should return a 53 status code.
Err("unsupported URL scheme")? Err("unsupported URL scheme")?
} else if ARGS.domain.as_ref().map_or(false, |domain| url.host().map_or(false, |host| &host.to_string() != domain)) {
// FIXME: This should return a 53 status code.
Err("proxy request refused")?
} else if url.port().map_or(false, |port| port != ARGS.sock_addr.rsplitn(2, ':').next().unwrap().parse().unwrap()) {
Err("port did not match")?
} }
log::info!("Got request for {:?}", url); log::info!("Got request for {:?}", url);
Ok(url) Ok(url)