Cana, branch master Project Gemini server written in Haskell reply 59 on proxy requests 2021-11-08T17:59:47+00:00 Daniel Schadt kingdread@gmx.de 2021-11-08T17:59:47+00:00 6c41185fd189de4242749b6dd787099a37270c68 This makes the server more compliant with what is to be expected and prevents routes from matching when a wrong scheme is given (such as https://). It is not perfect yet, as abusing the route matching function for such an important property is probably not the best. We also want to implement other request-sanity-checks (such as port numbers being given), which would also be better done at a different place. However, we also don't want to prevent Cana from being used to implement Gemini proxy servers, so a flag in GeminiServer would probably be nice ("extended URI checks"). Yet - on the completely other hand - allowing that much freedom also means weird interactions (such as a default vhost, certificate issues, ...), so it is unclear how far we want to go. 
This makes the server more compliant with what is to be expected and
prevents routes from matching when a wrong scheme is given (such as
https://).

It is not perfect yet, as abusing the route matching function for such
an important property is probably not the best. We also want to
implement other request-sanity-checks (such as port numbers being
given), which would also be better done at a different place.

However, we also don't want to prevent Cana from being used to implement
Gemini proxy servers, so a flag in GeminiServer would probably be nice
("extended URI checks").

Yet - on the completely other hand - allowing that much freedom also
means weird interactions (such as a default vhost, certificate issues,
...), so it is unclear how far we want to go.
properly send close_notify after the response 2021-11-08T15:00:34+00:00 Daniel Schadt kingdread@gmx.de 2021-11-08T14:56:32+00:00 c2827483f9d92c7abbc71a93c5a7607642826f1c This is already mandated by the TLS spec, but has been made explicit as well for Gemini servers[1]: > As per RFCs 5246 and 8446, Gemini servers MUST send a TLS > `close_notify` prior to closing the connection after sending a > complete response. This is essential to disambiguate completed > responses from responses closed prematurely due to network error or > attack. We want to be well-behaved, therefore we now send close_notify properly after writing a response. You can verify this easily using [2]. [1] https://gemini.circumlunar.space/docs/specification.html [2] https://portal.mozz.us/ 
This is already mandated by the TLS spec, but has been made explicit as
well for Gemini servers[1]:

> As per RFCs 5246 and 8446, Gemini servers MUST send a TLS
> `close_notify` prior to closing the connection after sending a
> complete response. This is essential to disambiguate completed
> responses from responses closed prematurely due to network error or
> attack.

We want to be well-behaved, therefore we now send close_notify properly
after writing a response.

You can verify this easily using [2].

[1] https://gemini.circumlunar.space/docs/specification.html
[2] https://portal.mozz.us/
CGI: Use envvars to pass request URL 2021-08-14T20:26:24+00:00 Daniel Schadt kingdread@gmx.de 2021-08-14T20:26:24+00:00 7ae86ad2f32994791edcd4d4ac4ec8499034181f This is more conforming to other CGI environments, see for example [1] and [2]. This also allows us to easily add more fields in the future, for example to pass the remote address, the TLS certificate, the server version, ... [1]: https://en.wikipedia.org/wiki/Common_Gateway_Interface#Example [2]: https://sr.ht/~int80h/gemserv/ 
This is more conforming to other CGI environments, see for example [1]
and [2].

This also allows us to easily add more fields in the future, for example
to pass the remote address, the TLS certificate, the server version, ...

[1]: https://en.wikipedia.org/wiki/Common_Gateway_Interface#Example
[2]: https://sr.ht/~int80h/gemserv/
add basic tests for renderResponse & parseResponse 2021-08-03T15:46:33+00:00 Daniel Schadt kingdread@gmx.de 2021-08-03T15:46:33+00:00 c4ec73caf11acd7e2c1b3c28bfafc8c5cdb1fca2 






add basic test infrastructure
2021-08-03T15:36:28+00:00

Daniel Schadt
kingdread@gmx.de

2021-08-03T15:36:28+00:00

ace37a9df956828634c94637d621180002a7920c

So far, the tests are still pretty pointless, but the infrastructure to
build better tests is there now.





So far, the tests are still pretty pointless, but the infrastructure to
build better tests is there now.







Add XML config option for sfDoIndices
2021-07-19T20:09:02+00:00

Daniel Schadt
kingdread@gmx.de

2021-07-19T20:09:02+00:00

daba74c8bc066c29eb3488246835f765c111b0c7

A static file handler that lists directory contents can be set up as
follows now:

  <staticfiles path="gmdocs">
    <indices />
  </staticfiles>

An argument could be made to have it as an attribute instead (<...
indices="true"  />), but we will have to see how this works out.





A static file handler that lists directory contents can be set up as
follows now:

  <staticfiles path="gmdocs">
    <indices />
  </staticfiles>

An argument could be made to have it as an attribute instead (<...
indices="true"  />), but we will have to see how this works out.







implement directory listings
2021-07-19T20:04:46+00:00

Daniel Schadt
kingdread@gmx.de

2021-07-19T20:04:46+00:00

699e7ddb239407704a2adee7b4fb8a6c0eb04c8b

This allows Cana to do directory listings. Since we expect more settings
to become available for the static file handler (such as ExecCGI or
IndexFile), a struct holding the parameters has been introduced already.





This allows Cana to do directory listings. Since we expect more settings
to become available for the static file handler (such as ExecCGI or
IndexFile), a struct holding the parameters has been introduced already.







fix loadCredentials
2021-07-15T11:45:00+00:00

Daniel Schadt
kingdread@gmx.de

2021-07-15T11:45:00+00:00

4b600d64b820e1ddad5f58633676fb29e3710b5f

1. This function used 'fail', which is rather bad - now it returns
   'Either'

2. The function was still hardwired to the specific filenames of the
   first prototypes.





1. This function used 'fail', which is rather bad - now it returns
   'Either'

2. The function was still hardwired to the specific filenames of the
   first prototypes.







Implement XML configuration support
2021-07-15T08:48:18+00:00

Daniel Schadt
kingdread@gmx.de

2021-07-15T08:48:18+00:00

4ef5c4e29379c8eed49f6f24ab5f4a3d73cfe3a5

This alleviates the need to define the server in Haskell and
re-compile the binary every time something in the configuration changes.





This alleviates the need to define the server in Haskell and
re-compile the binary every time something in the configuration changes.







Fix license meta field
2021-07-15T06:02:27+00:00

Daniel Schadt
kingdread@gmx.de

2021-07-15T06:02:27+00:00

8d72e6924cabe5131fd5a58bdea06a22ca0e271b