2020-06-06 05:46:29 -04:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2020-06-10 15:31:13 -04:00
|
|
|
"bufio"
|
|
|
|
"context"
|
|
|
|
"crypto/tls"
|
|
|
|
"io"
|
2020-07-01 13:57:39 -04:00
|
|
|
"log"
|
2020-06-10 15:31:13 -04:00
|
|
|
"net"
|
|
|
|
"net/url"
|
2020-06-30 16:25:37 -04:00
|
|
|
"os"
|
2020-06-10 15:31:13 -04:00
|
|
|
"os/exec"
|
|
|
|
"strconv"
|
|
|
|
"strings"
|
|
|
|
"time"
|
2020-06-06 05:46:29 -04:00
|
|
|
)
|
|
|
|
|
2020-07-01 13:57:39 -04:00
|
|
|
func handleCGI(config Config, path string, cgiPath string, URL *url.URL, log *LogEntry, errorLog *log.Logger, conn net.Conn) {
|
2020-07-01 08:10:20 -04:00
|
|
|
// Find the shortest leading part of path which maps to an executable file.
|
|
|
|
// Call this part scriptPath, and everything after it pathInfo.
|
2020-07-01 04:38:31 -04:00
|
|
|
components := strings.Split(path, "/")
|
2020-07-01 08:10:20 -04:00
|
|
|
scriptPath := ""
|
|
|
|
pathInfo := ""
|
2020-07-01 04:38:31 -04:00
|
|
|
matched := false
|
|
|
|
for i := 0; i <= len(components); i++ {
|
2020-07-01 08:10:20 -04:00
|
|
|
scriptPath = strings.Join(components[0:i], "/")
|
|
|
|
pathInfo = strings.Join(components[i:], "/")
|
|
|
|
if !strings.HasPrefix(scriptPath, cgiPath) {
|
2020-07-01 04:38:31 -04:00
|
|
|
continue
|
|
|
|
}
|
2020-07-01 08:10:20 -04:00
|
|
|
info, err := os.Stat(scriptPath)
|
2020-07-01 04:38:31 -04:00
|
|
|
if err != nil {
|
|
|
|
break
|
2020-07-01 08:10:20 -04:00
|
|
|
} else if info.IsDir() {
|
2020-07-01 04:38:31 -04:00
|
|
|
continue
|
2020-07-01 10:04:48 -04:00
|
|
|
} else if info.Mode().Perm()&0555 == 0555 {
|
2020-07-01 04:38:31 -04:00
|
|
|
matched = true
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// If we didn't find a match, give up and let this request be handled as
|
|
|
|
// if it were a static file
|
|
|
|
if !matched {
|
2020-06-30 16:25:37 -04:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-07-01 04:38:31 -04:00
|
|
|
// Prepare environment variables
|
2020-07-01 08:10:20 -04:00
|
|
|
vars := prepareCGIVariables(config, URL, conn, scriptPath, pathInfo)
|
2020-07-01 04:38:31 -04:00
|
|
|
|
|
|
|
// Spawn process
|
2020-06-06 05:46:29 -04:00
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
|
|
|
defer cancel()
|
2020-07-01 08:10:20 -04:00
|
|
|
cmd := exec.CommandContext(ctx, scriptPath)
|
2020-06-10 15:31:13 -04:00
|
|
|
cmd.Env = []string{}
|
2020-06-06 05:46:29 -04:00
|
|
|
for key, value := range vars {
|
2020-06-10 15:31:13 -04:00
|
|
|
cmd.Env = append(cmd.Env, key+"="+value)
|
2020-06-06 05:46:29 -04:00
|
|
|
}
|
|
|
|
response, err := cmd.Output()
|
2020-07-01 04:38:31 -04:00
|
|
|
|
2020-06-06 05:46:29 -04:00
|
|
|
if ctx.Err() == context.DeadlineExceeded {
|
2020-07-01 13:57:39 -04:00
|
|
|
errorLog.Println("Terminating CGI process " + path + " due to exceeding 10 second runtime limit.")
|
2020-06-06 05:46:29 -04:00
|
|
|
conn.Write([]byte("42 CGI process timed out!\r\n"))
|
|
|
|
log.Status = 42
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if err != nil {
|
2020-07-06 10:13:56 -04:00
|
|
|
errorLog.Println("Error running CGI program " + path + ": " + err.Error())
|
|
|
|
if err, ok := err.(*exec.ExitError); ok {
|
|
|
|
errorLog.Println("↳ stderr output: " + string(err.Stderr))
|
|
|
|
}
|
2020-06-06 05:46:29 -04:00
|
|
|
conn.Write([]byte("42 CGI error!\r\n"))
|
|
|
|
log.Status = 42
|
|
|
|
return
|
|
|
|
}
|
|
|
|
// Extract response header
|
|
|
|
header, _, err := bufio.NewReader(strings.NewReader(string(response))).ReadLine()
|
|
|
|
status, err2 := strconv.Atoi(strings.Fields(string(header))[0])
|
|
|
|
if err != nil || err2 != nil {
|
2020-07-01 14:15:52 -04:00
|
|
|
errorLog.Println("Unable to parse first line of output from CGI process " + path + " as valid Gemini response header. Line was: " + string(header))
|
2020-06-06 05:46:29 -04:00
|
|
|
conn.Write([]byte("42 CGI error!\r\n"))
|
|
|
|
log.Status = 42
|
|
|
|
return
|
|
|
|
}
|
|
|
|
log.Status = status
|
|
|
|
// Write response
|
|
|
|
conn.Write(response)
|
|
|
|
}
|
|
|
|
|
2020-07-01 14:15:52 -04:00
|
|
|
func handleSCGI(URL *url.URL, scgiPath string, scgiSocket string, config Config, log *LogEntry, errorLog *log.Logger, conn net.Conn) {
|
2020-06-06 05:46:29 -04:00
|
|
|
|
|
|
|
// Connect to socket
|
2020-07-01 10:40:51 -04:00
|
|
|
socket, err := net.Dial("unix", scgiSocket)
|
2020-06-06 05:46:29 -04:00
|
|
|
if err != nil {
|
2020-07-01 14:15:52 -04:00
|
|
|
errorLog.Println("Error connecting to SCGI socket " + scgiSocket + ": " + err.Error())
|
2020-06-06 05:46:29 -04:00
|
|
|
conn.Write([]byte("42 Error connecting to SCGI service!\r\n"))
|
|
|
|
log.Status = 42
|
|
|
|
return
|
|
|
|
}
|
|
|
|
defer socket.Close()
|
|
|
|
|
|
|
|
// Send variables
|
2020-07-01 10:40:51 -04:00
|
|
|
vars := prepareSCGIVariables(config, URL, scgiPath, conn)
|
2020-06-06 05:46:29 -04:00
|
|
|
length := 0
|
2020-06-10 15:31:13 -04:00
|
|
|
for key, value := range vars {
|
2020-06-06 05:46:29 -04:00
|
|
|
length += len(key)
|
|
|
|
length += len(value)
|
|
|
|
length += 2
|
|
|
|
}
|
|
|
|
socket.Write([]byte(strconv.Itoa(length) + ":"))
|
2020-06-10 15:31:13 -04:00
|
|
|
for key, value := range vars {
|
2020-06-06 05:46:29 -04:00
|
|
|
socket.Write([]byte(key + "\x00"))
|
|
|
|
socket.Write([]byte(value + "\x00"))
|
|
|
|
}
|
|
|
|
socket.Write([]byte(","))
|
|
|
|
|
|
|
|
// Read and relay response
|
|
|
|
buffer := make([]byte, 1027)
|
|
|
|
first := true
|
|
|
|
for {
|
|
|
|
n, err := socket.Read(buffer)
|
|
|
|
if err != nil {
|
|
|
|
if err == io.EOF {
|
|
|
|
break
|
|
|
|
} else if !first {
|
|
|
|
// Err
|
2020-07-01 14:15:52 -04:00
|
|
|
errorLog.Println("Error reading from SCGI socket " + scgiSocket + ": " + err.Error())
|
2020-06-06 05:46:29 -04:00
|
|
|
conn.Write([]byte("42 Error reading from SCGI service!\r\n"))
|
|
|
|
log.Status = 42
|
|
|
|
return
|
|
|
|
} else {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// Extract status code from first line
|
|
|
|
if first {
|
|
|
|
first = false
|
|
|
|
lines := strings.SplitN(string(buffer), "\r\n", 2)
|
|
|
|
status, err := strconv.Atoi(strings.Fields(lines[0])[0])
|
|
|
|
if err != nil {
|
|
|
|
conn.Write([]byte("42 CGI error!\r\n"))
|
|
|
|
log.Status = 42
|
|
|
|
return
|
|
|
|
}
|
|
|
|
log.Status = status
|
|
|
|
}
|
|
|
|
// Send to client
|
|
|
|
conn.Write(buffer[:n])
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-07-01 04:38:31 -04:00
|
|
|
func prepareCGIVariables(config Config, URL *url.URL, conn net.Conn, script_path string, path_info string) map[string]string {
|
2020-06-06 05:46:29 -04:00
|
|
|
vars := prepareGatewayVariables(config, URL, conn)
|
|
|
|
vars["GATEWAY_INTERFACE"] = "CGI/1.1"
|
2020-07-01 04:38:31 -04:00
|
|
|
vars["SCRIPT_PATH"] = script_path
|
|
|
|
vars["PATH_INFO"] = path_info
|
2020-06-06 05:46:29 -04:00
|
|
|
return vars
|
|
|
|
}
|
|
|
|
|
2020-07-01 10:40:51 -04:00
|
|
|
func prepareSCGIVariables(config Config, URL *url.URL, scgiPath string, conn net.Conn) map[string]string {
|
2020-06-06 05:46:29 -04:00
|
|
|
vars := prepareGatewayVariables(config, URL, conn)
|
|
|
|
vars["SCGI"] = "1"
|
|
|
|
vars["CONTENT_LENGTH"] = "0"
|
2020-07-01 10:40:51 -04:00
|
|
|
vars["SCRIPT_PATH"] = scgiPath
|
|
|
|
vars["PATH_INFO"] = URL.Path[len(scgiPath):]
|
2020-06-06 05:46:29 -04:00
|
|
|
return vars
|
|
|
|
}
|
|
|
|
|
|
|
|
func prepareGatewayVariables(config Config, URL *url.URL, conn net.Conn) map[string]string {
|
|
|
|
vars := make(map[string]string)
|
|
|
|
vars["QUERY_STRING"] = URL.RawQuery
|
|
|
|
vars["REQUEST_METHOD"] = ""
|
|
|
|
vars["SERVER_NAME"] = config.Hostname
|
|
|
|
vars["SERVER_PORT"] = strconv.Itoa(config.Port)
|
2020-06-12 13:00:36 -04:00
|
|
|
vars["SERVER_PROTOCOL"] = "GEMINI"
|
2020-06-06 05:46:29 -04:00
|
|
|
vars["SERVER_SOFTWARE"] = "MOLLY_BROWN"
|
|
|
|
|
2020-12-26 18:23:36 -05:00
|
|
|
host, _, _ := net.SplitHostPort(conn.RemoteAddr().String())
|
|
|
|
vars["REMOTE_ADDR"] = host
|
|
|
|
|
2020-06-06 05:46:29 -04:00
|
|
|
// Add TLS variables
|
|
|
|
var tlsConn (*tls.Conn) = conn.(*tls.Conn)
|
|
|
|
connState := tlsConn.ConnectionState()
|
2020-06-10 15:31:13 -04:00
|
|
|
// vars["TLS_CIPHER"] = CipherSuiteName(connState.CipherSuite)
|
2020-06-06 05:46:29 -04:00
|
|
|
|
|
|
|
// Add client cert variables
|
|
|
|
clientCerts := connState.PeerCertificates
|
|
|
|
if len(clientCerts) > 0 {
|
|
|
|
cert := clientCerts[0]
|
2020-06-28 07:47:30 -04:00
|
|
|
vars["TLS_CLIENT_HASH"] = getCertFingerprint(cert)
|
2020-06-06 05:46:29 -04:00
|
|
|
vars["TLS_CLIENT_ISSUER"] = cert.Issuer.String()
|
|
|
|
vars["TLS_CLIENT_ISSUER_CN"] = cert.Issuer.CommonName
|
|
|
|
vars["TLS_CLIENT_SUBJECT"] = cert.Subject.String()
|
|
|
|
vars["TLS_CLIENT_SUBJECT_CN"] = cert.Subject.CommonName
|
2020-11-28 05:07:27 -05:00
|
|
|
// To make it easier to detect when a cert is present
|
|
|
|
vars["AUTH_TYPE"] = "Certificate"
|
2020-06-06 05:46:29 -04:00
|
|
|
}
|
|
|
|
return vars
|
|
|
|
}
|