Cana/src, branch master Project Gemini server written in Haskell reply 59 on proxy requests 2021-11-08T17:59:47+00:00 Daniel Schadt kingdread@gmx.de 2021-11-08T17:59:47+00:00 6c41185fd189de4242749b6dd787099a37270c68 This makes the server more compliant with what is to be expected and prevents routes from matching when a wrong scheme is given (such as https://). It is not perfect yet, as abusing the route matching function for such an important property is probably not the best. We also want to implement other request-sanity-checks (such as port numbers being given), which would also be better done at a different place. However, we also don't want to prevent Cana from being used to implement Gemini proxy servers, so a flag in GeminiServer would probably be nice ("extended URI checks"). Yet - on the completely other hand - allowing that much freedom also means weird interactions (such as a default vhost, certificate issues, ...), so it is unclear how far we want to go. 
This makes the server more compliant with what is to be expected and
prevents routes from matching when a wrong scheme is given (such as
https://).

It is not perfect yet, as abusing the route matching function for such
an important property is probably not the best. We also want to
implement other request-sanity-checks (such as port numbers being
given), which would also be better done at a different place.

However, we also don't want to prevent Cana from being used to implement
Gemini proxy servers, so a flag in GeminiServer would probably be nice
("extended URI checks").

Yet - on the completely other hand - allowing that much freedom also
means weird interactions (such as a default vhost, certificate issues,
...), so it is unclear how far we want to go.
properly send close_notify after the response 2021-11-08T15:00:34+00:00 Daniel Schadt kingdread@gmx.de 2021-11-08T14:56:32+00:00 c2827483f9d92c7abbc71a93c5a7607642826f1c This is already mandated by the TLS spec, but has been made explicit as well for Gemini servers[1]: > As per RFCs 5246 and 8446, Gemini servers MUST send a TLS > `close_notify` prior to closing the connection after sending a > complete response. This is essential to disambiguate completed > responses from responses closed prematurely due to network error or > attack. We want to be well-behaved, therefore we now send close_notify properly after writing a response. You can verify this easily using [2]. [1] https://gemini.circumlunar.space/docs/specification.html [2] https://portal.mozz.us/ 
This is already mandated by the TLS spec, but has been made explicit as
well for Gemini servers[1]:

> As per RFCs 5246 and 8446, Gemini servers MUST send a TLS
> `close_notify` prior to closing the connection after sending a
> complete response. This is essential to disambiguate completed
> responses from responses closed prematurely due to network error or
> attack.

We want to be well-behaved, therefore we now send close_notify properly
after writing a response.

You can verify this easily using [2].

[1] https://gemini.circumlunar.space/docs/specification.html
[2] https://portal.mozz.us/
CGI: Use envvars to pass request URL 2021-08-14T20:26:24+00:00 Daniel Schadt kingdread@gmx.de 2021-08-14T20:26:24+00:00 7ae86ad2f32994791edcd4d4ac4ec8499034181f This is more conforming to other CGI environments, see for example [1] and [2]. This also allows us to easily add more fields in the future, for example to pass the remote address, the TLS certificate, the server version, ... [1]: https://en.wikipedia.org/wiki/Common_Gateway_Interface#Example [2]: https://sr.ht/~int80h/gemserv/ 
This is more conforming to other CGI environments, see for example [1]
and [2].

This also allows us to easily add more fields in the future, for example
to pass the remote address, the TLS certificate, the server version, ...

[1]: https://en.wikipedia.org/wiki/Common_Gateway_Interface#Example
[2]: https://sr.ht/~int80h/gemserv/
Add XML config option for sfDoIndices 2021-07-19T20:09:02+00:00 Daniel Schadt kingdread@gmx.de 2021-07-19T20:09:02+00:00 daba74c8bc066c29eb3488246835f765c111b0c7 A static file handler that lists directory contents can be set up as follows now: <staticfiles path="gmdocs"> <indices /> </staticfiles> An argument could be made to have it as an attribute instead (<... indices="true" />), but we will have to see how this works out. 
A static file handler that lists directory contents can be set up as
follows now:

  <staticfiles path="gmdocs">
    <indices />
  </staticfiles>

An argument could be made to have it as an attribute instead (<...
indices="true"  />), but we will have to see how this works out.
implement directory listings 2021-07-19T20:04:46+00:00 Daniel Schadt kingdread@gmx.de 2021-07-19T20:04:46+00:00 699e7ddb239407704a2adee7b4fb8a6c0eb04c8b This allows Cana to do directory listings. Since we expect more settings to become available for the static file handler (such as ExecCGI or IndexFile), a struct holding the parameters has been introduced already. 
This allows Cana to do directory listings. Since we expect more settings
to become available for the static file handler (such as ExecCGI or
IndexFile), a struct holding the parameters has been introduced already.
fix loadCredentials 2021-07-15T11:45:00+00:00 Daniel Schadt kingdread@gmx.de 2021-07-15T11:45:00+00:00 4b600d64b820e1ddad5f58633676fb29e3710b5f 1. This function used 'fail', which is rather bad - now it returns 'Either' 2. The function was still hardwired to the specific filenames of the first prototypes. 
1. This function used 'fail', which is rather bad - now it returns
   'Either'

2. The function was still hardwired to the specific filenames of the
   first prototypes.
Implement XML configuration support 2021-07-15T08:48:18+00:00 Daniel Schadt kingdread@gmx.de 2021-07-15T08:48:18+00:00 4ef5c4e29379c8eed49f6f24ab5f4a3d73cfe3a5 This alleviates the need to define the server in Haskell and re-compile the binary every time something in the configuration changes. 
This alleviates the need to define the server in Haskell and
re-compile the binary every time something in the configuration changes.
Add basic support for virtual hosts 2021-07-08T18:27:54+00:00 Daniel Schadt kingdread@gmx.de 2021-07-08T18:27:54+00:00 e25119f6a4da6605ed555bd2b7a3293c252aca21 We can technically do vhosts with our current infrastructure of route matching, but they should get some better support. Otherwise, we cannot use things like SNI (server name indication) to send different credentials depending on the virtual host. The way it works now is basically that the server keeps a list of installed vhosts, each with a domain that it matches and a loaded certificate. Route matching in a vhost is still done the same old way, but only routes for the matching vhost are considered in the first place. The API for runGeminiServer does not change, so the proper, vhost-using API, will need a different function and API. 
We can technically do vhosts with our current infrastructure of route
matching, but they should get some better support. Otherwise, we cannot
use things like SNI (server name indication) to send different
credentials depending on the virtual host.

The way it works now is basically that the server keeps a list of
installed vhosts, each with a domain that it matches and a loaded
certificate. Route matching in a vhost is still done the same old way,
but only routes for the matching vhost are considered in the first
place.

The API for runGeminiServer does not change, so the proper, vhost-using
API, will need a different function and API.
CGI: Properly relay UTF-8 encoded text 2021-06-30T12:31:59+00:00 Daniel Schadt kingdread@gmx.de 2021-06-30T12:31:59+00:00 a087209121285d924456ecdd850e84b33f80726f The culprit was using "pack" to go from the String (which we get from readProcess) to the ByteString (which we need to have in the response). Since "pack" just throws away all the good codepoints, we ended up with a minor case of mojibake. There are two possible solutions to this issue: 1) Properly encode the text from String to ByteString using utf8-string's function or 2) Read a ByteString from the process by using process-extras Solution 1 works, but it has the side effect of assuming the process's output encoding (based on the LOCALE). Furthermore, we cannot even be sure that the script doesn't send a completely different encoding via the charset header field. Therefore, this would introduce 2 points at which character encoding mismatches could happen, which is not something we're looking forward to. Solution 2 has the benefit of just passing through the data basically unchanged. We don't need to convert the ByteString to a textual string ourselves, so that is a big benefit. The only thing where we now have UTF-8 conversion is when giving the request URI to the CGI script, but 1) URIs should be ASCII & percent encoded anyway, so there's no big chance of failure and 2) Now we are using UTF8.fromString properly 
The culprit was using "pack" to go from the String (which we get from
readProcess) to the ByteString (which we need to have in the response).
Since "pack" just throws away all the good codepoints, we ended up with
a minor case of mojibake.

There are two possible solutions to this issue:

1) Properly encode the text from String to ByteString using
   utf8-string's function
or
2) Read a ByteString from the process by using process-extras

Solution 1 works, but it has the side effect of assuming the process's
output encoding (based on the LOCALE). Furthermore, we cannot even be
sure that the script doesn't send a completely different encoding via
the charset header field. Therefore, this would introduce 2 points at
which character encoding mismatches could happen, which is not something
we're looking forward to.

Solution 2 has the benefit of just passing through the data basically
unchanged. We don't need to convert the ByteString to a textual string
ourselves, so that is a big benefit. The only thing where we now have
UTF-8 conversion is when giving the request URI to the CGI script, but

1) URIs should be ASCII & percent encoded anyway, so there's no big
   chance of failure
and
2) Now we are using UTF8.fromString properly
Give a reply to the server if a route fails 2021-06-30T11:57:34+00:00 Daniel Schadt kingdread@gmx.de 2021-06-30T11:57:34+00:00 04292d18c8ddd394acd683662caa9f848eced9d3 Otherwise, the server will never get a reply and instead we'll just silently let the client timeout :-( This change introduces the function "uncatch", which makes an error the inner Cana computation explicit by returning the Either directly. With the way this is written currently, we could probably get away with using "catch" as well, along the lines of r geminiRequest `catch` (const $ writeResponse context ...) 
Otherwise, the server will never get a reply and instead we'll just
silently let the client timeout :-(

This change introduces the function "uncatch", which makes an error the
inner Cana computation explicit by returning the Either directly.

With the way this is written currently, we could probably get away with
using "catch" as well, along the lines of

  r geminiRequest `catch` (const $ writeResponse context ...)