sashakoshka/go-gemini
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: sashakoshka:main
Branches Tags
sashakoshka:main
sashakoshka:v0.2.3
sashakoshka:v0.2.2
sashakoshka:v0.2.1
sashakoshka:v0.2.0
sashakoshka:v0.2.0-rc.2
sashakoshka:v0.2.0-rc.1
sashakoshka:v0.1.22
sashakoshka:v0.1.21
sashakoshka:v0.1.20
sashakoshka:v0.1.19
sashakoshka:v0.1.18
sashakoshka:v0.1.17
sashakoshka:v0.1.16
sashakoshka:v0.1.15
sashakoshka:v0.1.15-alpha.1
sashakoshka:v0.1.15-alpha
sashakoshka:v0.1.14
sashakoshka:v0.1.13
sashakoshka:v0.1.12
sashakoshka:v0.1.11
sashakoshka:v0.1.10
sashakoshka:v0.1.9
sashakoshka:v0.1.8
sashakoshka:v0.1.7
sashakoshka:v0.1.6
sashakoshka:v0.1.5
sashakoshka:v0.1.4
sashakoshka:v0.1.3
sashakoshka:v0.1.2
sashakoshka:v0.1.1
sashakoshka:v0.1.0
..
compare: sashakoshka:v0.1.0
Branches Tags
sashakoshka:main
sashakoshka:v0.2.3
sashakoshka:v0.2.2
sashakoshka:v0.2.1
sashakoshka:v0.2.0
sashakoshka:v0.2.0-rc.2
sashakoshka:v0.2.0-rc.1
sashakoshka:v0.1.22
sashakoshka:v0.1.21
sashakoshka:v0.1.20
sashakoshka:v0.1.19
sashakoshka:v0.1.18
sashakoshka:v0.1.17
sashakoshka:v0.1.16
sashakoshka:v0.1.15
sashakoshka:v0.1.15-alpha.1
sashakoshka:v0.1.15-alpha
sashakoshka:v0.1.14
sashakoshka:v0.1.13
sashakoshka:v0.1.12
sashakoshka:v0.1.11
sashakoshka:v0.1.10
sashakoshka:v0.1.9
sashakoshka:v0.1.8
sashakoshka:v0.1.7
sashakoshka:v0.1.6
sashakoshka:v0.1.5
sashakoshka:v0.1.4
sashakoshka:v0.1.3
sashakoshka:v0.1.2
sashakoshka:v0.1.1
sashakoshka:v0.1.0

No commits in common. "main" and "v0.1.0" have entirely different histories.
main ... v0.1.0

36 changed files with 1940 additions and 3481 deletions
Show Stats Expand all files Collapse all files

9
.build.yml
View File

@ -1,9 +0,0 @@
image: alpine/edge
packages:
- go
sources:
- https://git.sr.ht/~adnano/go-gemini
tasks:
- test: |
cd go-gemini
go test ./...

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*.crt
*.key

64
LICENSE
View File

@ -1,19 +1,51 @@
Copyright (c) 2020 Adnan Maolood
go-gemini is available under the terms of the MIT license:
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
Copyright (c) 2020 Adnan Maolood
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
Portions of this program were taken from Go:
Copyright (c) 2009 The Go Authors. All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

27
LICENSE-GO
View File

@ -1,27 +0,0 @@
Copyright (c) 2009 The Go Authors. All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

27
README.md
View File

@ -1,31 +1,14 @@
# go-gemini
This repository is a fork of [go-gemini](https://godocs.io/git.sr.ht/~adnano/go-gemini)
implementing better parity with net/http and some tweaks required for use in
[Hnakra](https://git.tebibyte.media/sashakoshka/hnakra).
[![GoDoc](https://godoc.org/git.sr.ht/~adnano/go-gemini?status.svg)](https://godoc.org/git.sr.ht/~adnano/go-gemini)
Package gemini implements the [Gemini protocol](https://gemini.circumlunar.space)
in Go. It provides an API similar to that of net/http to facilitate the
development of Gemini clients and servers.
Package gemini implements the [Gemini protocol](https://gemini.circumlunar.space) in Go.
Compatible with version v0.16.0 of the Gemini specification.
## Usage
import "git.tebibyte.media/sashakoshka/go-gemini"
Note that some filesystem-related functionality is only available on Go 1.16
or later as it relies on the io/fs package.
It aims to provide an API similar to that of net/http to make it easy to develop Gemini clients and servers.
## Examples
There are a few examples provided in the examples directory.
To run an example:
There are a few examples provided in the `examples` directory.
To run the examples:
go run examples/server.go
## License
go-gemini is licensed under the terms of the MIT license (see LICENSE).
Portions of this library were adapted from Go and are governed by a BSD-style
license (see LICENSE-GO). Those files are marked accordingly.

135
cert.go Normal file
View File

@ -0,0 +1,135 @@
package gemini
import (
"crypto"
"crypto/ed25519"
"crypto/rand"
"crypto/tls"
"crypto/x509"
"math/big"
"net"
"path/filepath"
"strings"
"time"
)
// CertificateStore maps hostnames to certificates.
// The zero value of CertificateStore is an empty store ready to use.
type CertificateStore struct {
store map[string]tls.Certificate
}
// Add adds a certificate for the given hostname to the store.
// It tries to parse the certificate if it is not already parsed.
func (c *CertificateStore) Add(hostname string, cert tls.Certificate) {
if c.store == nil {
c.store = map[string]tls.Certificate{}
}
// Parse certificate if not already parsed
if cert.Leaf == nil {
parsed, err := x509.ParseCertificate(cert.Certificate[0])
if err == nil {
cert.Leaf = parsed
}
}
c.store[hostname] = cert
}
// Lookup returns the certificate for the given hostname.
func (c *CertificateStore) Lookup(hostname string) (*tls.Certificate, error) {
cert, ok := c.store[hostname]
if !ok {
return nil, ErrCertificateUnknown
}
// Ensure that the certificate is not expired
if cert.Leaf != nil && cert.Leaf.NotAfter.Before(time.Now()) {
return &cert, ErrCertificateExpired
}
return &cert, nil
}
// Load loads certificates from the given path.
// The path should lead to a directory containing certificates and private keys
// in the form hostname.crt and hostname.key.
// For example, the hostname "localhost" would have the corresponding files
// localhost.crt (certificate) and localhost.key (private key).
func (c *CertificateStore) Load(path string) error {
matches, err := filepath.Glob(filepath.Join(path, "*.crt"))
if err != nil {
return err
}
for _, crtPath := range matches {
keyPath := strings.TrimSuffix(crtPath, ".crt") + ".key"
cert, err := tls.LoadX509KeyPair(crtPath, keyPath)
if err != nil {
continue
}
hostname := strings.TrimSuffix(filepath.Base(crtPath), ".crt")
c.Add(hostname, cert)
}
return nil
}
// NewCertificate creates and returns a new parsed certificate.
func NewCertificate(host string, duration time.Duration) (tls.Certificate, error) {
crt, priv, err := newX509KeyPair(host, duration)
if err != nil {
return tls.Certificate{}, err
}
var cert tls.Certificate
cert.Leaf = crt
cert.Certificate = append(cert.Certificate, crt.Raw)
cert.PrivateKey = priv
return cert, nil
}
// newX509KeyPair creates and returns a new certificate and private key.
func newX509KeyPair(host string, duration time.Duration) (*x509.Certificate, crypto.PrivateKey, error) {
// Generate an ED25519 private key
_, priv, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
return nil, nil, err
}
public := priv.Public()
// ED25519 keys should have the DigitalSignature KeyUsage bits set
// in the x509.Certificate template
keyUsage := x509.KeyUsageDigitalSignature
serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
if err != nil {
return nil, nil, err
}
notBefore := time.Now()
notAfter := notBefore.Add(duration)
template := x509.Certificate{
SerialNumber: serialNumber,
NotBefore: notBefore,
NotAfter: notAfter,
KeyUsage: keyUsage,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
BasicConstraintsValid: true,
}
hosts := strings.Split(host, ",")
for _, h := range hosts {
if ip := net.ParseIP(h); ip != nil {
template.IPAddresses = append(template.IPAddresses, ip)
} else {
template.DNSNames = append(template.DNSNames, h)
}
}
crt, err := x509.CreateCertificate(rand.Reader, &template, &template, public, priv)
if err != nil {
return nil, nil, err
}
cert, err := x509.ParseCertificate(crt)
if err != nil {
return nil, nil, err
}
return cert, priv, nil
}

142
certificate/create.go
View File

@ -1,142 +0,0 @@
// Package certificate provides functions for creating and storing TLS certificates.
package certificate
import (
"crypto"
"crypto/ecdsa"
"crypto/ed25519"
"crypto/elliptic"
"crypto/rand"
"crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"encoding/pem"
"math/big"
"net"
"os"
"time"
)
// CreateOptions configures the creation of a TLS certificate.
type CreateOptions struct {
// Subject Alternate Name values.
// Should contain the DNS names that this certificate is valid for.
// E.g. example.com, *.example.com
DNSNames []string
// Subject Alternate Name values.
// Should contain the IP addresses that the certificate is valid for.
IPAddresses []net.IP
// Subject specifies the certificate Subject.
//
// Subject.CommonName can contain the DNS name that this certificate
// is valid for. Server certificates should specify both a Subject
// and a Subject Alternate Name.
Subject pkix.Name
// Duration specifies the amount of time that the certificate is valid for.
Duration time.Duration
// Ed25519 specifies whether to generate an Ed25519 key pair.
// If false, an ECDSA key will be generated instead.
// Ed25519 is not as widely supported as ECDSA.
Ed25519 bool
}
// Create creates a new TLS certificate.
func Create(options CreateOptions) (tls.Certificate, error) {
crt, priv, err := newX509KeyPair(options)
if err != nil {
return tls.Certificate{}, err
}
var cert tls.Certificate
cert.Leaf = crt
cert.Certificate = append(cert.Certificate, crt.Raw)
cert.PrivateKey = priv
return cert, nil
}
// newX509KeyPair creates and returns a new certificate and private key.
func newX509KeyPair(options CreateOptions) (*x509.Certificate, crypto.PrivateKey, error) {
var pub crypto.PublicKey
var priv crypto.PrivateKey
if options.Ed25519 {
// Generate an Ed25519 private key
var err error
pub, priv, err = ed25519.GenerateKey(rand.Reader)
if err != nil {
return nil, nil, err
}
} else {
// Generate an ECDSA private key
private, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
return nil, nil, err
}
priv = private
pub = &private.PublicKey
}
// ECDSA and Ed25519 keys should have the DigitalSignature KeyUsage bits
// set in the x509.Certificate template
keyUsage := x509.KeyUsageDigitalSignature
serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
if err != nil {
return nil, nil, err
}
notBefore := time.Now()
notAfter := notBefore.Add(options.Duration)
template := x509.Certificate{
SerialNumber: serialNumber,
NotBefore: notBefore,
NotAfter: notAfter,
KeyUsage: keyUsage,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
BasicConstraintsValid: true,
IPAddresses: options.IPAddresses,
DNSNames: options.DNSNames,
Subject: options.Subject,
}
crt, err := x509.CreateCertificate(rand.Reader, &template, &template, pub, priv)
if err != nil {
return nil, nil, err
}
cert, err := x509.ParseCertificate(crt)
if err != nil {
return nil, nil, err
}
return cert, priv, nil
}
// Write writes the provided certificate and its private key
// to certPath and keyPath respectively.
func Write(cert tls.Certificate, certPath, keyPath string) error {
certOut, err := os.OpenFile(certPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {
return err
}
defer certOut.Close()
if err := pem.Encode(certOut, &pem.Block{
Type: "CERTIFICATE",
Bytes: cert.Leaf.Raw,
}); err != nil {
return err
}
keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {
return err
}
defer keyOut.Close()
privBytes, err := x509.MarshalPKCS8PrivateKey(cert.PrivateKey)
if err != nil {
return err
}
return pem.Encode(keyOut, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes})
}

207
certificate/store.go
View File

@ -1,207 +0,0 @@
package certificate
import (
"crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"errors"
"fmt"
"os"
"path/filepath"
"strings"
"sync"
"time"
)
// A Store represents a TLS certificate store.
// The zero value for Store is an empty store ready to use.
//
// Store can be used to store server certificates.
// Servers should provide a hostname or wildcard pattern as a certificate scope.
// Servers will most likely use the methods Register, Load and Get.
//
// Store can also be used to store client certificates.
// Clients should provide a hostname as a certificate scope.
// Clients will most likely use the methods Add, Load, and Lookup.
//
// Store is safe for concurrent use by multiple goroutines.
type Store struct {
// CreateCertificate, if not nil, is called by Get to create a new
// certificate to replace a missing or expired certificate.
// The provided scope is suitable for use in a certificate's DNSNames.
CreateCertificate func(scope string) (tls.Certificate, error)
scopes map[string]struct{}
certs map[string]tls.Certificate
path string
mu sync.RWMutex
}
// Register registers the provided scope with the certificate store.
// The scope can either be a hostname or a wildcard pattern (e.g. "*.example.com").
// To accept all hostnames, use the special pattern "*".
//
// Calls to Get will only succeed for registered scopes.
// Other methods are not affected.
func (s *Store) Register(scope string) {
s.mu.Lock()
defer s.mu.Unlock()
if s.scopes == nil {
s.scopes = make(map[string]struct{})
}
s.scopes[scope] = struct{}{}
}
// Add registers the certificate for the given scope.
// If a certificate already exists for scope, Add will overwrite it.
func (s *Store) Add(scope string, cert tls.Certificate) error {
// Parse certificate if not already parsed
if cert.Leaf == nil {
parsed, err := x509.ParseCertificate(cert.Certificate[0])
if err != nil {
return err
}
cert.Leaf = parsed
}
if err := s.write(scope, cert); err != nil {
return err
}
s.mu.Lock()
defer s.mu.Unlock()
if s.certs == nil {
s.certs = make(map[string]tls.Certificate)
}
s.certs[scope] = cert
return nil
}
func (s *Store) write(scope string, cert tls.Certificate) error {
s.mu.RLock()
defer s.mu.RUnlock()
if s.path != "" {
certPath := filepath.Join(s.path, scope+".crt")
keyPath := filepath.Join(s.path, scope+".key")
if err := Write(cert, certPath, keyPath); err != nil {
return err
}
}
return nil
}
// Get retrieves a certificate for the given hostname.
// If no matching scope has been registered, Get returns an error.
// Get generates new certificates as needed and rotates expired certificates.
// It calls CreateCertificate to create a new certificate if it is not nil,
// otherwise it creates certificates with a duration of 100 years.
//
// Get is suitable for use in a gemini.Server's GetCertificate field.
func (s *Store) Get(hostname string) (*tls.Certificate, error) {
s.mu.RLock()
_, ok := s.scopes[hostname]
if !ok {
// Try wildcard
wildcard := strings.SplitN(hostname, ".", 2)
if len(wildcard) == 2 {
hostname = "*." + wildcard[1]
_, ok = s.scopes[hostname]
}
}
if !ok {
// Try "*"
_, ok = s.scopes["*"]
}
if !ok {
s.mu.RUnlock()
return nil, errors.New("unrecognized scope")
}
cert := s.certs[hostname]
s.mu.RUnlock()
// If the certificate is empty or expired, generate a new one.
if cert.Leaf == nil || cert.Leaf.NotAfter.Before(time.Now()) {
var err error
cert, err = s.createCertificate(hostname)
if err != nil {
return nil, err
}
if err := s.Add(hostname, cert); err != nil {
return nil, fmt.Errorf("failed to add certificate for %s: %w", hostname, err)
}
}
return &cert, nil
}
// Lookup returns the certificate for the provided scope.
func (s *Store) Lookup(scope string) (tls.Certificate, bool) {
s.mu.RLock()
defer s.mu.RUnlock()
cert, ok := s.certs[scope]
return cert, ok
}
func (s *Store) createCertificate(scope string) (tls.Certificate, error) {
if s.CreateCertificate != nil {
return s.CreateCertificate(scope)
}
return Create(CreateOptions{
DNSNames: []string{scope},
Subject: pkix.Name{
CommonName: scope,
},
Duration: 100 * 365 * 24 * time.Hour,
})
}
// Load loads certificates from the provided path.
// New certificates will be written to this path.
// The path should lead to a directory containing certificates
// and private keys named "scope.crt" and "scope.key" respectively,
// where "scope" is the scope of the certificate.
func (s *Store) Load(path string) error {
if err := os.MkdirAll(filepath.Dir(path), 0700); err != nil {
return err
}
path = filepath.Clean(path)
matches, err := filepath.Glob(filepath.Join(path, "*.crt"))
if err != nil {
return err
}
for _, crtPath := range matches {
keyPath := strings.TrimSuffix(crtPath, ".crt") + ".key"
cert, err := tls.LoadX509KeyPair(crtPath, keyPath)
if err != nil {
continue
}
scope := strings.TrimPrefix(crtPath, path)
scope = strings.TrimPrefix(scope, "/")
scope = strings.TrimSuffix(scope, ".crt")
s.Add(scope, cert)
}
s.mu.Lock()
defer s.mu.Unlock()
s.path = path
return nil
}
// Entries returns a map of scopes to certificates.
func (s *Store) Entries() map[string]tls.Certificate {
s.mu.RLock()
defer s.mu.RUnlock()
certs := make(map[string]tls.Certificate)
for key := range s.certs {
certs[key] = s.certs[key]
}
return certs
}
// SetPath sets the path that new certificates will be written to.
func (s *Store) SetPath(path string) {
s.mu.Lock()
defer s.mu.Unlock()
s.path = filepath.Clean(path)
}

249
client.go
View File

@ -1,217 +1,102 @@
package gemini
import (
"context"
"bufio"
"crypto/tls"
"crypto/x509"
"net"
"net/url"
"unicode/utf8"
"golang.org/x/net/idna"
)
// A Client is a Gemini client. Its zero value is a usable client.
// Client represents a Gemini client.
type Client struct {
// TrustCertificate is called to determine whether the client should
// trust the certificate provided by the server.
// If TrustCertificate is nil or returns nil, the client will accept
// any certificate. Otherwise, the certificate will not be trusted
// and the request will be aborted.
//
// See the tofu submodule for an implementation of trust on first use.
TrustCertificate func(hostname string, cert *x509.Certificate) error
// KnownHosts is a list of known hosts that the client trusts.
KnownHosts KnownHosts
// DialContext specifies the dial function for creating TCP connections.
// If DialContext is nil, the client dials using package net.
DialContext func(ctx context.Context, network, addr string) (net.Conn, error)
// CertificateStore maps hostnames to certificates.
// It is used to determine which certificate to use when the server requests
// a certificate.
CertificateStore CertificateStore
// GetCertificate, if not nil, will be called when a server requests a certificate.
// The returned certificate will be used when sending the request again.
// If the certificate is nil, the request will not be sent again and
// the response will be returned.
GetCertificate func(hostname string, store *CertificateStore) *tls.Certificate
// TrustCertificate, if not nil, will be called to determine whether the
// client should trust the given certificate.
// If error is not nil, the connection will be aborted.
TrustCertificate func(hostname string, cert *x509.Certificate, knownHosts *KnownHosts) error
}
// Get sends a Gemini request for the given URL.
// The context controls the entire lifetime of a request and its response:
// obtaining a connection, sending the request, and reading the response
// header and body.
//
// An error is returned if there was a Gemini protocol error.
// A non-2x status code doesn't cause an error.
//
// If the returned error is nil, the user is expected to close the Response.
//
// For more control over requests, use NewRequest and Client.Do.
func (c *Client) Get(ctx context.Context, url string) (*Response, error) {
req, err := NewRequest(url)
if err != nil {
return nil, err
}
return c.Do(ctx, req)
}
// Do sends a Gemini request and returns a Gemini response.
// The context controls the entire lifetime of a request and its response:
// obtaining a connection, sending the request, and reading the response
// header and body.
//
// An error is returned if there was a Gemini protocol error.
// A non-2x status code doesn't cause an error.
//
// If the returned error is nil, the user is expected to close the Response.
func (c *Client) Do(ctx context.Context, req *Request) (*Response, error) {
if ctx == nil {
panic("nil context")
}
// Punycode request URL host
host, port := splitHostPort(req.URL.Host)
punycode, err := punycodeHostname(host)
if err != nil {
return nil, err
}
if host != punycode {
host = punycode
// Copy the URL and update the host
u := new(url.URL)
*u = *req.URL
u.Host = net.JoinHostPort(host, port)
// Use the new URL in the request so that the server gets
// the punycoded hostname
r := new(Request)
*r = *req
r.URL = u
req = r
}
// Use request host if provided
if req.Host != "" {
host, port = splitHostPort(req.Host)
host, err = punycodeHostname(host)
if err != nil {
return nil, err
}
}
addr := net.JoinHostPort(host, port)
// Send sends a Gemini request and returns a Gemini response.
func (c *Client) Send(req *Request) (*Response, error) {
// Connect to the host
conn, err := c.dialContext(ctx, "tcp", addr)
if err != nil {
return nil, err
}
// Setup TLS
conn = tls.Client(conn, &tls.Config{
config := &tls.Config{
InsecureSkipVerify: true,
MinVersion: tls.VersionTLS12,
GetClientCertificate: func(_ *tls.CertificateRequestInfo) (*tls.Certificate, error) {
GetClientCertificate: func(info *tls.CertificateRequestInfo) (*tls.Certificate, error) {
// Request certificates take precedence over client certificates
if req.Certificate != nil {
return req.Certificate, nil
}
// If we have already stored the certificate, return it
if cert, err := c.CertificateStore.Lookup(hostname(req.Host)); err == nil {
return cert, nil
}
return &tls.Certificate{}, nil
},
VerifyConnection: func(cs tls.ConnectionState) error {
return c.verifyConnection(cs, host)
cert := cs.PeerCertificates[0]
// Verify the hostname
if err := verifyHostname(cert, hostname(req.Host)); err != nil {
return err
}
// Check that the client trusts the certificate
if c.TrustCertificate == nil {
if err := c.KnownHosts.Lookup(hostname(req.Host), cert); err != nil {
return err
}
} else if err := c.TrustCertificate(hostname(req.Host), cert, &c.KnownHosts); err != nil {
return err
}
return nil
},
ServerName: host,
})
type result struct {
resp *Response
err error
}
res := make(chan result, 1)
go func() {
resp, err := c.do(ctx, conn, req)
res <- result{resp, err}
}()
select {
case <-ctx.Done():
conn.Close()
return nil, ctx.Err()
case r := <-res:
if r.err != nil {
conn.Close()
}
return r.resp, r.err
}
}
func (c *Client) do(ctx context.Context, conn net.Conn, req *Request) (*Response, error) {
ctx, cancel := context.WithCancel(ctx)
done := ctx.Done()
w := &contextWriter{
ctx: ctx,
done: done,
cancel: cancel,
wc: conn,
}
rc := &contextReader{
ctx: ctx,
done: done,
cancel: cancel,
rc: conn,
conn, err := tls.Dial("tcp", req.Host, config)
if err != nil {
return nil, err
}
defer conn.Close()
// Write the request
if _, err := req.WriteTo(w); err != nil {
w := bufio.NewWriter(conn)
req.write(w)
if err := w.Flush(); err != nil {
return nil, err
}
// Read the response
resp, err := ReadResponse(rc)
if err != nil {
resp := &Response{}
r := bufio.NewReader(conn)
if err := resp.read(r); err != nil {
return nil, err
}
resp.conn = conn
// Store connection information
resp.TLS = conn.ConnectionState()
return resp, nil
}
func (c *Client) dialContext(ctx context.Context, network, addr string) (net.Conn, error) {
if c.DialContext != nil {
return c.DialContext(ctx, network, addr)
}
return (&net.Dialer{}).DialContext(ctx, network, addr)
}
func (c *Client) verifyConnection(cs tls.ConnectionState, hostname string) error {
// See if the client trusts the certificate
if c.TrustCertificate != nil {
cert := cs.PeerCertificates[0]
return c.TrustCertificate(hostname, cert)
}
return nil
}
func splitHostPort(hostport string) (host, port string) {
var err error
host, port, err = net.SplitHostPort(hostport)
if err != nil {
// Likely no port
host = hostport
port = "1965"
}
return
}
func isASCII(s string) bool {
for i := 0; i < len(s); i++ {
if s[i] >= utf8.RuneSelf {
return false
// Resend the request with a certificate if the server responded
// with CertificateRequired
if resp.Status == StatusCertificateRequired {
// Check to see if a certificate was already provided to prevent an infinite loop
if req.Certificate != nil {
return resp, nil
}
if c.GetCertificate != nil {
if cert := c.GetCertificate(hostname(req.Host), &c.CertificateStore); cert != nil {
req.Certificate = cert
return c.Send(req)
}
}
}
return true
}
// punycodeHostname returns the punycoded version of hostname.
func punycodeHostname(hostname string) (string, error) {
if net.ParseIP(hostname) != nil {
return hostname, nil
}
if isASCII(hostname) {
return hostname, nil
}
return idna.Lookup.ToASCII(hostname)
return resp, nil
}

81
doc.go
View File

@ -1,53 +1,82 @@
/*
Package gemini provides Gemini client and server implementations.
Package gemini implements the Gemini protocol.
Client is a Gemini client.
Send makes a Gemini request with the default client:
client := &gemini.Client{}
ctx := context.Background()
resp, err := client.Get(ctx, "gemini://example.com")
req := gemini.NewRequest("gemini://example.com")
resp, err := gemini.Send(req)
if err != nil {
// handle error
}
defer resp.Body.Close()
// ...
For control over client behavior, create a custom Client:
var client gemini.Client
resp, err := client.Send(req)
if err != nil {
// handle error
}
// ...
The default client loads known hosts from "$XDG_DATA_HOME/gemini/known_hosts".
Custom clients can load their own list of known hosts:
err := client.KnownHosts.Load("path/to/my/known_hosts")
if err != nil {
// handle error
}
Clients can control when to trust certificates with TrustCertificate:
client.TrustCertificate = func(hostname string, cert *x509.Certificate, knownHosts *gemini.KnownHosts) error {
return knownHosts.Lookup(hostname, cert)
}
If a server responds with StatusCertificateRequired, the default client will generate a certificate and resend the request with it. Custom clients can do so in GetCertificate:
client.GetCertificate = func(hostname string, store *gemini.CertificateStore) *tls.Certificate {
// If the certificate is in the store, return it
if cert, err := store.Lookup(hostname); err == nil {
return &cert
}
// Otherwise, generate a certificate
duration := time.Hour
cert, err := gemini.NewCertificate(hostname, duration)
if err != nil {
return nil
}
// Store and return the certificate
store.Add(hostname, cert)
return &cert
}
Server is a Gemini server.
server := &gemini.Server{
ReadTimeout: 10 * time.Second,
WriteTimeout: 10 * time.Second,
}
var server gemini.Server
Servers should be configured with certificates:
Servers must be configured with certificates:
certificates := &certificate.Store{}
certificates.Register("localhost")
err := certificates.Load("/var/lib/gemini/certs")
err := server.CertificateStore.Load("/var/lib/gemini/certs")
if err != nil {
// handle error
}
server.GetCertificate = certificates.Get
Mux is a Gemini request multiplexer.
Mux can handle requests for multiple hosts and paths.
Servers can accept requests for multiple hosts and schemes:
mux := &gemini.Mux{}
mux.HandleFunc("example.com", func(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
server.RegisterFunc("example.com", func(w *gemini.ResponseWriter, r *gemini.Request) {
fmt.Fprint(w, "Welcome to example.com")
})
mux.HandleFunc("example.org/about.gmi", func(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
fmt.Fprint(w, "About example.org")
server.RegisterFunc("example.org", func(w *gemini.ResponseWriter, r *gemini.Request) {
fmt.Fprint(w, "Welcome to example.org")
})
mux.HandleFunc("/images/", func(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
w.WriteHeader(gemini.StatusGone, "Gone forever")
server.RegisterFunc("http://example.net", func(w *gemini.ResponseWriter, r *gemini.Request) {
fmt.Fprint(w, "Proxied content from http://example.net")
})
server.Handler = mux
To start the server, call ListenAndServe:
ctx := context.Background()
err := server.ListenAndServe(ctx)
err := server.ListenAndServe()
if err != nil {
// handle error
}

174
examples/auth.go
View File

@ -3,88 +3,146 @@
package main
import (
"context"
"crypto/sha512"
"crypto/x509"
"fmt"
"log"
"time"
"git.tebibyte.media/sashakoshka/go-gemini"
"git.tebibyte.media/sashakoshka/go-gemini/certificate"
gmi "git.sr.ht/~adnano/go-gemini"
)
type User struct {
Name string
type user struct {
password string // TODO: use hashes
admin bool
}
type session struct {
username string
authorized bool // whether or not the password was supplied
}
var (
// Map of certificate hashes to users
users = map[string]*User{}
// Map of usernames to user data
logins = map[string]user{
"admin": {"p@ssw0rd", true}, // NOTE: These are bad passwords!
"user1": {"password1", false},
"user2": {"password2", false},
}
// Map of certificate fingerprints to sessions
sessions = map[string]*session{}
)
func main() {
certificates := &certificate.Store{}
certificates.Register("localhost")
if err := certificates.Load("/var/lib/gemini/certs"); err != nil {
var mux gmi.ServeMux
mux.HandleFunc("/", welcome)
mux.HandleFunc("/login", login)
mux.HandleFunc("/login/password", loginPassword)
mux.HandleFunc("/profile", profile)
mux.HandleFunc("/admin", admin)
mux.HandleFunc("/logout", logout)
var server gmi.Server
if err := server.CertificateStore.Load("/var/lib/gemini/certs"); err != nil {
log.Fatal(err)
}
server.Register("localhost", &mux)
mux := &gemini.Mux{}
mux.HandleFunc("/", profile)
mux.HandleFunc("/username", changeUsername)
server := &gemini.Server{
Handler: mux,
ReadTimeout: 30 * time.Second,
WriteTimeout: 1 * time.Minute,
GetCertificate: certificates.Get,
}
if err := server.ListenAndServe(context.Background()); err != nil {
if err := server.ListenAndServe(); err != nil {
log.Fatal(err)
}
}
func fingerprint(cert *x509.Certificate) string {
b := sha512.Sum512(cert.Raw)
return string(b[:])
func getSession(crt *x509.Certificate) (*session, bool) {
fingerprint := gmi.Fingerprint(crt)
session, ok := sessions[fingerprint]
return session, ok
}
func profile(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
tls := r.TLS
if len(tls.PeerCertificates) == 0 {
w.WriteHeader(gemini.StatusCertificateRequired, "Certificate required")
return
}
fingerprint := fingerprint(tls.PeerCertificates[0])
user, ok := users[fingerprint]
func welcome(w *gmi.ResponseWriter, r *gmi.Request) {
fmt.Fprintln(w, "Welcome to this example.")
fmt.Fprintln(w, "=> /login Login")
}
func login(w *gmi.ResponseWriter, r *gmi.Request) {
cert, ok := gmi.Certificate(w, r)
if !ok {
user = &User{}
users[fingerprint] = user
}
fmt.Fprintln(w, "Username:", user.Name)
fmt.Fprintln(w, "=> /username Change username")
}
func changeUsername(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
tls := r.TLS
if len(tls.PeerCertificates) == 0 {
w.WriteHeader(gemini.StatusCertificateRequired, "Certificate required")
return
}
username, err := gemini.QueryUnescape(r.URL.RawQuery)
if err != nil || username == "" {
w.WriteHeader(gemini.StatusInput, "Username")
return
}
fingerprint := fingerprint(tls.PeerCertificates[0])
user, ok := users[fingerprint]
username, ok := gmi.Input(w, r, "Username")
if !ok {
user = &User{}
users[fingerprint] = user
return
}
user.Name = username
w.WriteHeader(gemini.StatusRedirect, "/")
fingerprint := gmi.Fingerprint(cert)
sessions[fingerprint] = &session{
username: username,
}
gmi.Redirect(w, r, "/login/password")
}
func loginPassword(w *gmi.ResponseWriter, r *gmi.Request) {
cert, ok := gmi.Certificate(w, r)
if !ok {
return
}
session, ok := getSession(cert)
if !ok {
gmi.CertificateNotAuthorized(w, r)
return
}
password, ok := gmi.SensitiveInput(w, r, "Password")
if !ok {
return
}
expected := logins[session.username].password
if password == expected {
session.authorized = true
gmi.Redirect(w, r, "/profile")
} else {
gmi.SensitiveInput(w, r, "Wrong password. Try again")
}
}
func logout(w *gmi.ResponseWriter, r *gmi.Request) {
cert, ok := gmi.Certificate(w, r)
if !ok {
return
}
fingerprint := gmi.Fingerprint(cert)
delete(sessions, fingerprint)
fmt.Fprintln(w, "Successfully logged out.")
}
func profile(w *gmi.ResponseWriter, r *gmi.Request) {
cert, ok := gmi.Certificate(w, r)
if !ok {
return
}
session, ok := getSession(cert)
if !ok {
gmi.CertificateNotAuthorized(w, r)
return
}
user := logins[session.username]
fmt.Fprintln(w, "Username:", session.username)
fmt.Fprintln(w, "Admin:", user.admin)
fmt.Fprintln(w, "=> /logout Logout")
}
func admin(w *gmi.ResponseWriter, r *gmi.Request) {
cert, ok := gmi.Certificate(w, r)
if !ok {
return
}
session, ok := getSession(cert)
if !ok {
gmi.CertificateNotAuthorized(w, r)
return
}
user := logins[session.username]
if !user.admin {
gmi.CertificateNotAuthorized(w, r)
return
}
fmt.Fprintln(w, "Welcome to the admin portal.")
}

90
examples/cert.go
View File

@ -1,43 +1,83 @@
// +build ignore
// This example illustrates a certificate generation tool.
package main
import (
"crypto/x509/pkix"
"fmt"
"bytes"
"crypto/tls"
"crypto/x509"
"encoding/pem"
"log"
"os"
"time"
"git.tebibyte.media/sashakoshka/go-gemini/certificate"
gmi "git.sr.ht/~adnano/go-gemini"
)
func main() {
if len(os.Args) < 3 {
fmt.Printf("usage: %s [hostname] [duration]\n", os.Args[0])
os.Exit(1)
}
host := os.Args[1]
duration, err := time.ParseDuration(os.Args[2])
host := "localhost"
duration := 365 * 24 * time.Hour
cert, err := gmi.NewCertificate(host, duration)
if err != nil {
log.Fatal(err)
}
options := certificate.CreateOptions{
Subject: pkix.Name{
CommonName: host,
},
DNSNames: []string{host},
Duration: duration,
}
cert, err := certificate.Create(options)
if err != nil {
log.Fatal(err)
}
certPath := host + ".crt"
keyPath := host + ".key"
if err := certificate.Write(cert, certPath, keyPath); err != nil {
if err := writeCertificate(host, cert); err != nil {
log.Fatal(err)
}
}
// writeCertificate writes the provided certificate and private key
// to path.crt and path.key respectively.
func writeCertificate(path string, cert tls.Certificate) error {
crt, err := marshalX509Certificate(cert.Leaf.Raw)
if err != nil {
return err
}
key, err := marshalPrivateKey(cert.PrivateKey)
if err != nil {
return err
}
// Write the certificate
crtPath := path + ".crt"
crtOut, err := os.OpenFile(crtPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {
return err
}
if _, err := crtOut.Write(crt); err != nil {
return err
}
// Write the private key
keyPath := path + ".key"
keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {
return err
}
if _, err := keyOut.Write(key); err != nil {
return err
}
return nil
}
// marshalX509Certificate returns a PEM-encoded version of the given raw certificate.
func marshalX509Certificate(cert []byte) ([]byte, error) {
var b bytes.Buffer
if err := pem.Encode(&b, &pem.Block{Type: "CERTIFICATE", Bytes: cert}); err != nil {
return nil, err
}
return b.Bytes(), nil
}
// marshalPrivateKey returns PEM encoded versions of the given certificate and private key.
func marshalPrivateKey(priv interface{}) ([]byte, error) {
var b bytes.Buffer
privBytes, err := x509.MarshalPKCS8PrivateKey(priv)
if err != nil {
return nil, err
}
if err := pem.Encode(&b, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes}); err != nil {
return nil, err
}
return b.Bytes(), nil
}

238
examples/client.go
View File

@ -1,55 +1,118 @@
// +build ignore
// This example illustrates a Gemini client.
package main
import (
"bufio"
"context"
"crypto/tls"
"crypto/x509"
"errors"
"fmt"
"io"
"log"
"net/url"
"os"
"path/filepath"
"time"
"git.tebibyte.media/sashakoshka/go-gemini"
"git.tebibyte.media/sashakoshka/go-gemini/tofu"
gmi "git.sr.ht/~adnano/go-gemini"
)
var (
hosts tofu.KnownHosts
hostsfile *tofu.HostWriter
scanner *bufio.Scanner
scanner = bufio.NewScanner(os.Stdin)
client = &gmi.Client{}
)
func xdgDataHome() string {
if s, ok := os.LookupEnv("XDG_DATA_HOME"); ok {
return s
}
return filepath.Join(os.Getenv("HOME"), ".local", "share")
}
func init() {
// Load known hosts file
path := filepath.Join(xdgDataHome(), "gemini", "known_hosts")
err := hosts.Load(path)
if err != nil {
log.Fatal(err)
// Initialize the client
client.KnownHosts.LoadDefault() // Load known hosts
client.TrustCertificate = func(hostname string, cert *x509.Certificate, knownHosts *gmi.KnownHosts) error {
err := knownHosts.Lookup(hostname, cert)
if err != nil {
switch err {
case gmi.ErrCertificateNotTrusted:
// Alert the user that the certificate is not trusted
fmt.Printf("Warning: Certificate for %s is not trusted!\n", hostname)
fmt.Println("This could indicate a Man-in-the-Middle attack.")
case gmi.ErrCertificateUnknown:
// Prompt the user to trust the certificate
trust := trustCertificate(cert)
switch trust {
case trustOnce:
// Temporarily trust the certificate
knownHosts.AddTemporary(hostname, cert)
return nil
case trustAlways:
// Add the certificate to the known hosts file
knownHosts.Add(hostname, cert)
return nil
}
}
}
return err
}
hostsfile, err = tofu.OpenHostsFile(path)
if err != nil {
log.Fatal(err)
client.GetCertificate = func(hostname string, store *gmi.CertificateStore) *tls.Certificate {
// If the certificate is in the store, return it
if cert, err := store.Lookup(hostname); err == nil {
return cert
}
// Otherwise, generate a certificate
fmt.Println("Generating client certificate for", hostname)
duration := time.Hour
cert, err := gmi.NewCertificate(hostname, duration)
if err != nil {
return nil
}
// Store and return the certificate
store.Add(hostname, cert)
return &cert
}
scanner = bufio.NewScanner(os.Stdin)
}
const trustPrompt = `The certificate offered by %s is of unknown trust. Its fingerprint is:
// sendRequest sends a request to the given URL.
func sendRequest(req *gmi.Request) error {
resp, err := client.Send(req)
if err != nil {
return err
}
// TODO: More fine-grained analysis of the status code.
switch resp.Status / 10 {
case gmi.StatusClassInput:
fmt.Printf("%s: ", resp.Meta)
scanner.Scan()
req.URL.RawQuery = scanner.Text()
return sendRequest(req)
case gmi.StatusClassSuccess:
fmt.Print(string(resp.Body))
return nil
case gmi.StatusClassRedirect:
fmt.Println("Redirecting to", resp.Meta)
// Make the request to the same host
red, err := gmi.NewRequestTo(resp.Meta, req.Host)
if err != nil {
return err
}
// Handle relative redirects
red.URL = req.URL.ResolveReference(red.URL)
return sendRequest(red)
case gmi.StatusClassTemporaryFailure:
return fmt.Errorf("Temporary failure: %s", resp.Meta)
case gmi.StatusClassPermanentFailure:
return fmt.Errorf("Permanent failure: %s", resp.Meta)
case gmi.StatusClassCertificateRequired:
// Note that this should not happen unless the server responds with
// CertificateRequired even after we send a certificate.
// CertificateNotAuthorized and CertificateNotValid are handled here.
return fmt.Errorf("Certificate required: %s", resp.Meta)
}
panic("unreachable")
}
type trust int
const (
trustAbort trust = iota
trustOnce
trustAlways
)
const trustPrompt = `The certificate offered by this server is of unknown trust. Its fingerprint is:
%s
If you knew the fingerprint to expect in advance, verify that this matches.
@ -58,108 +121,45 @@ Otherwise, this should be safe to trust.
[t]rust always; trust [o]nce; [a]bort
=> `
func trustCertificate(hostname string, cert *x509.Certificate) error {
host := tofu.NewHost(hostname, cert.Raw)
knownHost, ok := hosts.Lookup(hostname)
if ok {
// Check fingerprint
if knownHost.Fingerprint != host.Fingerprint {
return errors.New("error: fingerprint does not match!")
}
return nil
}
fmt.Printf(trustPrompt, hostname, host.Fingerprint)
func trustCertificate(cert *x509.Certificate) trust {
fmt.Printf(trustPrompt, gmi.Fingerprint(cert))
scanner.Scan()
switch scanner.Text() {
case "t":
hosts.Add(host)
hostsfile.WriteHost(host)
return nil
return trustAlways
case "o":
hosts.Add(host)
return nil
return trustOnce
default:
return errors.New("certificate not trusted")
return trustAbort
}
}
func getInput(prompt string) (input string, ok bool) {
fmt.Printf("%s ", prompt)
scanner.Scan()
return scanner.Text(), true
}
func do(req *gemini.Request, via []*gemini.Request) (*gemini.Response, error) {
client := gemini.Client{
TrustCertificate: trustCertificate,
}
ctx := context.Background()
resp, err := client.Do(ctx, req)
if err != nil {
return resp, err
}
switch resp.Status.Class() {
case gemini.StatusInput:
input, ok := getInput(resp.Meta)
if !ok {
break
}
req.URL.ForceQuery = true
req.URL.RawQuery = gemini.QueryEscape(input)
return do(req, via)
case gemini.StatusRedirect:
via = append(via, req)
if len(via) > 5 {
return resp, errors.New("too many redirects")
}
target, err := url.Parse(resp.Meta)
if err != nil {
return resp, err
}
target = req.URL.ResolveReference(target)
redirect := *req
redirect.URL = target
return do(&redirect, via)
}
return resp, err
}
func main() {
if len(os.Args) < 2 {
fmt.Printf("usage: %s <url> [host]\n", os.Args[0])
fmt.Printf("usage: %s gemini://...", os.Args[0])
os.Exit(1)
}
// Do the request
var host string
if len(os.Args) >= 3 {
host = os.Args[2]
}
url := os.Args[1]
req, err := gemini.NewRequest(url)
if err != nil {
fmt.Println(err)
os.Exit(1)
}
if len(os.Args) == 3 {
req.Host = os.Args[2]
}
resp, err := do(req, nil)
if err != nil {
fmt.Println(err)
os.Exit(1)
}
defer resp.Body.Close()
// Handle response
if resp.Status.Class() == gemini.StatusSuccess {
_, err := io.Copy(os.Stdout, resp.Body)
if err != nil {
log.Fatal(err)
}
var req *gmi.Request
var err error
if host != "" {
req, err = gmi.NewRequestTo(url, host)
} else {
fmt.Printf("%d %s\n", resp.Status, resp.Meta)
req, err = gmi.NewRequest(url)
}
if err != nil {
fmt.Println(err)
os.Exit(1)
}
if err := sendRequest(req); err != nil {
fmt.Println(err)
os.Exit(1)
}
}

83
examples/html.go
View File

@ -1,83 +0,0 @@
// +build ignore
// This example illustrates a gemtext to HTML converter.
package main
import (
"fmt"
"html"
"io"
"os"
"git.tebibyte.media/sashakoshka/go-gemini"
)
func main() {
hw := HTMLWriter{
out: os.Stdout,
}
gemini.ParseLines(os.Stdin, hw.Handle)
hw.Finish()
}
type HTMLWriter struct {
out io.Writer
pre bool
list bool
}
func (h *HTMLWriter) Handle(line gemini.Line) {
if _, ok := line.(gemini.LineListItem); ok {
if !h.list {
h.list = true
fmt.Fprint(h.out, "<ul>\n")
}
} else if h.list {
h.list = false
fmt.Fprint(h.out, "</ul>\n")
}
switch line := line.(type) {
case gemini.LineLink:
url := html.EscapeString(line.URL)
name := html.EscapeString(line.Name)
if name == "" {
name = url
}
fmt.Fprintf(h.out, "<p><a href='%s'>%s</a></p>\n", url, name)
case gemini.LinePreformattingToggle:
h.pre = !h.pre
if h.pre {
fmt.Fprint(h.out, "<pre>\n")
} else {
fmt.Fprint(h.out, "</pre>\n")
}
case gemini.LinePreformattedText:
fmt.Fprintf(h.out, "%s\n", html.EscapeString(string(line)))
case gemini.LineHeading1:
fmt.Fprintf(h.out, "<h1>%s</h1>\n", html.EscapeString(string(line)))
case gemini.LineHeading2:
fmt.Fprintf(h.out, "<h2>%s</h2>\n", html.EscapeString(string(line)))
case gemini.LineHeading3:
fmt.Fprintf(h.out, "<h3>%s</h3>\n", html.EscapeString(string(line)))
case gemini.LineListItem:
fmt.Fprintf(h.out, "<li>%s</li>\n", html.EscapeString(string(line)))
case gemini.LineQuote:
fmt.Fprintf(h.out, "<blockquote>%s</blockquote>\n", html.EscapeString(string(line)))
case gemini.LineText:
if line == "" {
fmt.Fprint(h.out, "<br>\n")
} else {
fmt.Fprintf(h.out, "<p>%s</p>\n", html.EscapeString(string(line)))
}
}
}
func (h *HTMLWriter) Finish() {
if h.pre {
fmt.Fprint(h.out, "</pre>\n")
}
if h.list {
fmt.Fprint(h.out, "</ul>\n")
}
}

134
examples/server.go
View File

@ -1,58 +1,112 @@
// +build ignore
// This example illustrates a Gemini server.
package main
import (
"context"
"bytes"
"crypto/tls"
"crypto/x509"
"encoding/pem"
"log"
"os"
"os/signal"
"time"
"git.tebibyte.media/sashakoshka/go-gemini"
"git.tebibyte.media/sashakoshka/go-gemini/certificate"
gmi "git.sr.ht/~adnano/go-gemini"
)
func main() {
certificates := &certificate.Store{}
certificates.Register("localhost")
if err := certificates.Load("/var/lib/gemini/certs"); err != nil {
var server gmi.Server
if err := server.CertificateStore.Load("/var/lib/gemini/certs"); err != nil {
log.Fatal(err)
}
mux := &gemini.Mux{}
mux.Handle("/", gemini.FileServer(os.DirFS("/var/www")))
server := &gemini.Server{
Handler: gemini.LoggingMiddleware(mux),
ReadTimeout: 30 * time.Second,
WriteTimeout: 1 * time.Minute,
GetCertificate: certificates.Get,
}
// Listen for interrupt signal
c := make(chan os.Signal, 1)
signal.Notify(c, os.Interrupt)
errch := make(chan error)
go func() {
ctx := context.Background()
errch <- server.ListenAndServe(ctx)
}()
select {
case err := <-errch:
log.Fatal(err)
case <-c:
// Shutdown the server
log.Println("Shutting down...")
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer cancel()
err := server.Shutdown(ctx)
server.GetCertificate = func(hostname string, store *gmi.CertificateStore) *tls.Certificate {
cert, err := store.Lookup(hostname)
if err != nil {
log.Fatal(err)
switch err {
case gmi.ErrCertificateExpired:
// Generate a new certificate if the current one is expired.
log.Print("Old certificate expired, creating new one")
fallthrough
case gmi.ErrCertificateUnknown:
// Generate a certificate if one does not exist.
cert, err := gmi.NewCertificate(hostname, time.Minute)
if err != nil {
// Failed to generate new certificate, abort
return nil
}
// Store and return the new certificate
err = writeCertificate("/var/lib/gemini/certs/"+hostname, cert)
if err != nil {
return nil
}
store.Add(hostname, cert)
return &cert
}
}
return cert
}
var mux gmi.ServeMux
mux.Handle("/", gmi.FileServer(gmi.Dir("/var/www")))
server.Register("localhost", &mux)
if err := server.ListenAndServe(); err != nil {
log.Fatal(err)
}
}
// writeCertificate writes the provided certificate and private key
// to path.crt and path.key respectively.
func writeCertificate(path string, cert tls.Certificate) error {
crt, err := marshalX509Certificate(cert.Leaf.Raw)
if err != nil {
return err
}
key, err := marshalPrivateKey(cert.PrivateKey)
if err != nil {
return err
}
// Write the certificate
crtPath := path + ".crt"
crtOut, err := os.OpenFile(crtPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {
return err
}
if _, err := crtOut.Write(crt); err != nil {
return err
}
// Write the private key
keyPath := path + ".key"
keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {
return err
}
if _, err := keyOut.Write(key); err != nil {
return err
}
return nil
}
// marshalX509Certificate returns a PEM-encoded version of the given raw certificate.
func marshalX509Certificate(cert []byte) ([]byte, error) {
var b bytes.Buffer
if err := pem.Encode(&b, &pem.Block{Type: "CERTIFICATE", Bytes: cert}); err != nil {
return nil, err
}
return b.Bytes(), nil
}
// marshalPrivateKey returns PEM encoded versions of the given certificate and private key.
func marshalPrivateKey(priv interface{}) ([]byte, error) {
var b bytes.Buffer
privBytes, err := x509.MarshalPKCS8PrivateKey(priv)
if err != nil {
return nil, err
}
if err := pem.Encode(&b, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes}); err != nil {
return nil, err
}
return b.Bytes(), nil
}

54
examples/stream.go
View File

@ -1,54 +0,0 @@
// +build ignore
// This example illustrates a streaming Gemini server.
package main
import (
"context"
"fmt"
"log"
"time"
"git.tebibyte.media/sashakoshka/go-gemini"
"git.tebibyte.media/sashakoshka/go-gemini/certificate"
)
func main() {
certificates := &certificate.Store{}
certificates.Register("localhost")
if err := certificates.Load("/var/lib/gemini/certs"); err != nil {
log.Fatal(err)
}
mux := &gemini.Mux{}
mux.HandleFunc("/", stream)
server := &gemini.Server{
Handler: mux,
ReadTimeout: 30 * time.Second,
WriteTimeout: 1 * time.Minute,
GetCertificate: certificates.Get,
}
ctx := context.Background()
if err := server.ListenAndServe(ctx); err != nil {
log.Fatal(err)
}
}
// stream writes an infinite stream to w.
func stream(ctx context.Context, w gemini.ResponseWriter, r *gemini.Request) {
for {
select {
case <-ctx.Done():
return
default:
}
fmt.Fprintln(w, time.Now().UTC())
if err := w.Flush(); err != nil {
return
}
time.Sleep(time.Second)
}
}

219
fs.go
View File

@ -1,186 +1,85 @@
// +build go1.16
package gemini
import (
"context"
"errors"
"fmt"
"io"
"io/fs"
"mime"
"net/url"
"os"
"path"
"sort"
"strings"
"path/filepath"
)
// FileServer returns a handler that serves Gemini requests with the contents
// of the provided file system.
//
// To use the operating system's file system implementation, use os.DirFS:
//
// gemini.FileServer(os.DirFS("/tmp"))
func FileServer(fsys fs.FS) Handler {
return fileServer{fsys}
func init() {
// Add Gemini mime types
mime.AddExtensionType(".gmi", "text/gemini")
mime.AddExtensionType(".gemini", "text/gemini")
}
type fileServer struct {
fs.FS
// FileServer takes a filesystem and returns a Responder which uses that filesystem.
// The returned Responder sanitizes paths before handling them.
func FileServer(fsys FS) Responder {
return fsHandler{fsys}
}
func (fsys fileServer) ServeGemini(ctx context.Context, w ResponseWriter, r *Request) {
const indexPage = "/index.gmi"
type fsHandler struct {
FS
}
url := path.Clean(r.URL.Path)
// Redirect .../index.gmi to .../
if strings.HasSuffix(url, indexPage) {
w.WriteHeader(StatusPermanentRedirect, strings.TrimSuffix(url, "index.gmi"))
return
}
name := url
if name == "/" {
name = "."
} else {
name = strings.TrimPrefix(name, "/")
}
f, err := fsys.Open(name)
func (fsh fsHandler) Respond(w *ResponseWriter, r *Request) {
path := path.Clean(r.URL.Path)
f, err := fsh.Open(path)
if err != nil {
w.WriteHeader(toGeminiError(err))
NotFound(w, r)
return
}
defer f.Close()
// Detect mimetype
ext := filepath.Ext(path)
mimetype := mime.TypeByExtension(ext)
w.SetMimetype(mimetype)
// Copy file to response writer
io.Copy(w, f)
}
stat, err := f.Stat()
// TODO: replace with io/fs.FS when available
type FS interface {
Open(name string) (File, error)
}
// TODO: replace with io/fs.File when available
type File interface {
Stat() (os.FileInfo, error)
Read([]byte) (int, error)
Close() error
}
// Dir implements FS using the native filesystem restricted to a specific directory.
type Dir string
// Open tries to open the file with the given name.
// If the file is a directory, it tries to open the index file in that directory.
func (d Dir) Open(name string) (File, error) {
p := path.Join(string(d), name)
f, err := os.OpenFile(p, os.O_RDONLY, 0644)
if err != nil {
w.WriteHeader(toGeminiError(err))
return
return nil, err
}
// Redirect to canonical path
if len(r.URL.Path) != 0 {
if stat, err := f.Stat(); err == nil {
if stat.IsDir() {
target := url
if target != "/" {
target += "/"
f, err := os.Open(path.Join(p, "index.gmi"))
if err != nil {
return nil, err
}
if len(r.URL.Path) != len(target) || r.URL.Path != target {
w.WriteHeader(StatusPermanentRedirect, target)
return
stat, err := f.Stat()
if err != nil {
return nil, err
}
} else if r.URL.Path[len(r.URL.Path)-1] == '/' {
// Remove trailing slash
w.WriteHeader(StatusPermanentRedirect, url)
return
if stat.Mode().IsRegular() {
return f, nil
}
return nil, ErrNotAFile
} else if !stat.Mode().IsRegular() {
return nil, ErrNotAFile
}
}
if stat.IsDir() {
// Use contents of index.gmi if present
name = path.Join(name, indexPage)
index, err := fsys.Open(name)
if err == nil {
defer index.Close()
f = index
} else {
// Failed to find index file
dirList(w, f)
return
}
}
// Detect mimetype from file extension
ext := path.Ext(name)
mimetype := mime.TypeByExtension(ext)
w.SetMediaType(mimetype)
io.Copy(w, f)
}
// ServeFile responds to the request with the contents of the named file
// or directory. If the provided name is constructed from user input, it
// should be sanitized before calling ServeFile.
func ServeFile(w ResponseWriter, fsys fs.FS, name string) {
const indexPage = "/index.gmi"
// Ensure name is relative
if name == "/" {
name = "."
} else {
name = strings.TrimLeft(name, "/")
}
f, err := fsys.Open(name)
if err != nil {
w.WriteHeader(toGeminiError(err))
return
}
defer f.Close()
stat, err := f.Stat()
if err != nil {
w.WriteHeader(toGeminiError(err))
return
}
if stat.IsDir() {
// Use contents of index file if present
name = path.Join(name, indexPage)
index, err := fsys.Open(name)
if err == nil {
defer index.Close()
f = index
} else {
// Failed to find index file
dirList(w, f)
return
}
}
// Detect mimetype from file extension
ext := path.Ext(name)
mimetype := mime.TypeByExtension(ext)
w.SetMediaType(mimetype)
io.Copy(w, f)
}
func dirList(w ResponseWriter, f fs.File) {
var entries []fs.DirEntry
var err error
d, ok := f.(fs.ReadDirFile)
if ok {
entries, err = d.ReadDir(-1)
}
if !ok || err != nil {
w.WriteHeader(StatusTemporaryFailure, "Error reading directory")
return
}
sort.Slice(entries, func(i, j int) bool {
return entries[i].Name() < entries[j].Name()
})
for _, entry := range entries {
name := entry.Name()
if entry.IsDir() {
name += "/"
}
link := LineLink{
Name: name,
URL: "./" + url.PathEscape(name),
}
fmt.Fprintln(w, link.String())
}
}
func toGeminiError(err error) (status Status, meta string) {
if errors.Is(err, fs.ErrNotExist) {
return StatusNotFound, "Not found"
}
if errors.Is(err, fs.ErrPermission) {
return StatusNotFound, "Forbidden"
}
return StatusTemporaryFailure, "Internal server error"
return f, nil
}

104
gemini.go
View File

@ -1,34 +1,98 @@
package gemini
import (
"crypto/tls"
"crypto/x509"
"errors"
"mime"
"sync"
"time"
)
func init() {
// Add Gemini mime types
mime.AddExtensionType(".gmi", "text/gemini")
mime.AddExtensionType(".gemini", "text/gemini")
}
// Status codes.
const (
StatusInput = 10
StatusSensitiveInput = 11
StatusSuccess = 20
StatusRedirect = 30
StatusRedirectPermanent = 31
StatusTemporaryFailure = 40
StatusServerUnavailable = 41
StatusCGIError = 42
StatusProxyError = 43
StatusSlowDown = 44
StatusPermanentFailure = 50
StatusNotFound = 51
StatusGone = 52
StatusProxyRequestRefused = 53
StatusBadRequest = 59
StatusCertificateRequired = 60
StatusCertificateNotAuthorized = 61
StatusCertificateNotValid = 62
)
// Status code categories.
const (
StatusClassInput = 1
StatusClassSuccess = 2
StatusClassRedirect = 3
StatusClassTemporaryFailure = 4
StatusClassPermanentFailure = 5
StatusClassCertificateRequired = 6
)
// Errors.
var (
ErrInvalidRequest = errors.New("gemini: invalid request")
ErrInvalidResponse = errors.New("gemini: invalid response")
// ErrBodyNotAllowed is returned by ResponseWriter.Write calls
// when the response status code does not permit a body.
ErrBodyNotAllowed = errors.New("gemini: response status code does not allow body")
ErrInvalidURL = errors.New("gemini: invalid URL")
ErrInvalidResponse = errors.New("gemini: invalid response")
ErrCertificateUnknown = errors.New("gemini: unknown certificate")
ErrCertificateExpired = errors.New("gemini: certificate expired")
ErrCertificateNotTrusted = errors.New("gemini: certificate is not trusted")
ErrNotAFile = errors.New("gemini: not a file")
ErrBodyNotAllowed = errors.New("gemini: response status code does not allow for body")
)
var crlf = []byte("\r\n")
// DefaultClient is the default client. It is used by Send.
//
// On the first request, DefaultClient will load the default list of known hosts.
var DefaultClient Client
func trimCRLF(b []byte) ([]byte, bool) {
// Check for CR
if len(b) < 2 || b[len(b)-2] != '\r' {
return nil, false
var (
crlf = []byte("\r\n")
)
func init() {
DefaultClient.TrustCertificate = func(hostname string, cert *x509.Certificate, knownHosts *KnownHosts) error {
// Load the hosts only once. This is so that the hosts don't have to be loaded
// for those using their own clients.
setupDefaultClientOnce.Do(setupDefaultClient)
return knownHosts.Lookup(hostname, cert)
}
DefaultClient.GetCertificate = func(hostname string, store *CertificateStore) *tls.Certificate {
// If the certificate is in the store, return it
if cert, err := store.Lookup(hostname); err == nil {
return cert
}
// Otherwise, generate a certificate
duration := time.Hour
cert, err := NewCertificate(hostname, duration)
if err != nil {
return nil
}
// Store and return the certificate
store.Add(hostname, cert)
return &cert
}
// Trim CRLF
b = b[:len(b)-2]
return b, true
}
var setupDefaultClientOnce sync.Once
func setupDefaultClient() {
DefaultClient.KnownHosts.LoadDefault()
}
// Send sends a Gemini request and returns a Gemini response.
//
// Send is a wrapper around DefaultClient.Send.
func Send(req *Request) (*Response, error) {
return DefaultClient.Send(req)
}

4
go.mod
View File

@ -1,5 +1,3 @@
module git.tebibyte.media/sashakoshka/go-gemini
module git.sr.ht/~adnano/go-gemini
go 1.15
require golang.org/x/net v0.0.0-20210119194325-5f4716e94777

7
go.sum
View File

@ -1,7 +0,0 @@
golang.org/x/net v0.0.0-20210119194325-5f4716e94777 h1:003p0dJM77cxMSyCPFphvZf/Y5/NXf5fzg6ufd1/Oew=
golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

158
handler.go
View File

@ -1,158 +0,0 @@
package gemini
import (
"bytes"
"context"
"io"
"net/url"
"strings"
"time"
)
// A Handler responds to a Gemini request.
//
// ServeGemini should write the response header and data to the ResponseWriter
// and then return. Returning signals that the request is finished; it is not
// valid to use the ResponseWriter after or concurrently with the completion
// of the ServeGemini call.
//
// The provided context is canceled when the client's connection is closed
// or the ServeGemini method returns.
//
// Handlers should not modify the provided Request.
type Handler interface {
ServeGemini(context.Context, ResponseWriter, *Request)
}
// The HandlerFunc type is an adapter to allow the use of ordinary functions
// as Gemini handlers. If f is a function with the appropriate signature,
// HandlerFunc(f) is a Handler that calls f.
type HandlerFunc func(context.Context, ResponseWriter, *Request)
// ServeGemini calls f(ctx, w, r).
func (f HandlerFunc) ServeGemini(ctx context.Context, w ResponseWriter, r *Request) {
f(ctx, w, r)
}
// StatusHandler returns a request handler that responds to each request
// with the provided status code and meta.
func StatusHandler(status Status, meta string) Handler {
return HandlerFunc(func(ctx context.Context, w ResponseWriter, r *Request) {
w.WriteHeader(status, meta)
})
}
// NotFoundHandler returns a simple request handler that replies to each
// request with a “51 Not found” reply.
func NotFoundHandler() Handler {
return StatusHandler(StatusNotFound, "Not found")
}
// StripPrefix returns a handler that serves Gemini requests by removing the
// given prefix from the request URL's Path (and RawPath if set) and invoking
// the handler h. StripPrefix handles a request for a path that doesn't begin
// with prefix by replying with a Gemini 51 not found error. The prefix must
// match exactly: if the prefix in the request contains escaped characters the
// reply is also a Gemini 51 not found error.
func StripPrefix(prefix string, h Handler) Handler {
if prefix == "" {
return h
}
return HandlerFunc(func(ctx context.Context, w ResponseWriter, r *Request) {
p := strings.TrimPrefix(r.URL.Path, prefix)
rp := strings.TrimPrefix(r.URL.RawPath, prefix)
if len(p) < len(r.URL.Path) && (r.URL.RawPath == "" || len(rp) < len(r.URL.RawPath)) {
r2 := new(Request)
*r2 = *r
r2.URL = new(url.URL)
*r2.URL = *r.URL
r2.URL.Path = p
r2.URL.RawPath = rp
h.ServeGemini(ctx, w, r2)
} else {
w.WriteHeader(StatusNotFound, "Not found")
}
})
}
// TimeoutHandler returns a Handler that runs h with the given time limit.
//
// The new Handler calls h.ServeGemini to handle each request, but
// if a call runs for longer than its time limit, the handler responds with a
// 40 Temporary Failure status code and the given message in its response meta.
// After such a timeout, writes by h to its ResponseWriter will return
// context.DeadlineExceeded.
func TimeoutHandler(h Handler, dt time.Duration, message string) Handler {
return &timeoutHandler{
h: h,
dt: dt,
msg: message,
}
}
type timeoutHandler struct {
h Handler
dt time.Duration
msg string
}
func (t *timeoutHandler) ServeGemini(ctx context.Context, w ResponseWriter, r *Request) {
ctx, cancel := context.WithTimeout(ctx, t.dt)
defer cancel()
buf := &bytes.Buffer{}
tw := &timeoutWriter{
wr: &contextWriter{
ctx: ctx,
cancel: cancel,
done: ctx.Done(),
wc: nopCloser{buf},
},
}
done := make(chan struct{})
go func() {
t.h.ServeGemini(ctx, tw, r)
close(done)
}()
select {
case <-done:
w.WriteHeader(tw.status, tw.meta)
w.Write(buf.Bytes())
case <-ctx.Done():
w.WriteHeader(StatusTemporaryFailure, t.msg)
}
}
type timeoutWriter struct {
wr io.Writer
status Status
meta string
mediatype string
wroteHeader bool
}
func (w *timeoutWriter) SetMediaType(mediatype string) {
w.mediatype = mediatype
}
func (w *timeoutWriter) Write(b []byte) (int, error) {
if !w.wroteHeader {
w.WriteHeader(StatusSuccess, w.mediatype)
}
return w.wr.Write(b)
}
func (w *timeoutWriter) WriteHeader(status Status, meta string) {
if w.wroteHeader {
return
}
w.status = status
w.meta = meta
w.wroteHeader = true
}
func (w *timeoutWriter) Flush() error {
return nil
}

76
io.go
View File

@ -1,76 +0,0 @@
package gemini
import (
"context"
"io"
)
type contextReader struct {
ctx context.Context
done <-chan struct{}
cancel func()
rc io.ReadCloser
}
func (r *contextReader) Read(p []byte) (int, error) {
select {
case <-r.done:
r.rc.Close()
return 0, r.ctx.Err()
default:
}
n, err := r.rc.Read(p)
if err != nil {
r.cancel()
}
return n, err
}
func (r *contextReader) Close() error {
r.cancel()
return r.rc.Close()
}
type contextWriter struct {
ctx context.Context
done <-chan struct{}
cancel func()
wc io.WriteCloser
}
func (w *contextWriter) Write(b []byte) (int, error) {
select {
case <-w.done:
w.wc.Close()
return 0, w.ctx.Err()
default:
}
n, err := w.wc.Write(b)
if err != nil {
w.cancel()
}
return n, err
}
func (w *contextWriter) Close() error {
w.cancel()
return w.wc.Close()
}
type nopCloser struct {
io.Writer
}
func (nopCloser) Close() error {
return nil
}
type nopReadCloser struct{}
func (nopReadCloser) Read(p []byte) (int, error) {
return 0, io.EOF
}
func (nopReadCloser) Close() error {
return nil
}

58
middleware.go
View File

@ -1,58 +0,0 @@
package gemini
import (
"context"
"log"
)
// LoggingMiddleware returns a handler that wraps h and logs Gemini requests
// and their responses to the log package's standard logger.
// Requests are logged with the format "gemini: {host} {URL} {status code} {bytes written}".
func LoggingMiddleware(h Handler) Handler {
return HandlerFunc(func(ctx context.Context, w ResponseWriter, r *Request) {
lw := &logResponseWriter{rw: w}
h.ServeGemini(ctx, lw, r)
host := r.ServerName()
log.Printf("gemini: %s %q %d %d", host, r.URL, lw.Status, lw.Wrote)
})
}
type logResponseWriter struct {
Status Status
Wrote int
rw ResponseWriter
mediatype string
wroteHeader bool
}
func (w *logResponseWriter) SetMediaType(mediatype string) {
w.mediatype = mediatype
}
func (w *logResponseWriter) Write(b []byte) (int, error) {
if !w.wroteHeader {
meta := w.mediatype
if meta == "" {
// Use default media type
meta = defaultMediaType
}
w.WriteHeader(StatusSuccess, meta)
}
n, err := w.rw.Write(b)
w.Wrote += n
return n, err
}
func (w *logResponseWriter) WriteHeader(status Status, meta string) {
if w.wroteHeader {
return
}
w.wroteHeader = true
w.Status = status
w.Wrote += len(meta) + 5
w.rw.WriteHeader(status, meta)
}
func (w *logResponseWriter) Flush() error {
return nil
}

281
mux.go
View File

@ -1,281 +0,0 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE-GO file.
package gemini
import (
"context"
"net"
"net/url"
"path"
"sort"
"strings"
"sync"
)
// Mux is a Gemini request multiplexer.
// It matches the URL of each incoming request against a list of registered
// patterns and calls the handler for the pattern that
// most closely matches the URL.
//
// Patterns name fixed, rooted paths, like "/favicon.ico",
// or rooted subtrees, like "/images/" (note the trailing slash).
// Longer patterns take precedence over shorter ones, so that
// if there are handlers registered for both "/images/"
// and "/images/thumbnails/", the latter handler will be
// called for paths beginning "/images/thumbnails/" and the
// former will receive requests for any other paths in the
// "/images/" subtree.
//
// Note that since a pattern ending in a slash names a rooted subtree,
// the pattern "/" matches all paths not matched by other registered
// patterns, not just the URL with Path == "/".
//
// Patterns may optionally begin with a host name, restricting matches to
// URLs on that host only. Host-specific patterns take precedence over
// general patterns, so that a handler might register for the two patterns
// "/search" and "search.example.com/" without also taking over requests
// for "gemini://example.com/".
//
// Wildcard patterns can be used to match multiple hostnames. For example,
// the pattern "*.example.com" will match requests for "blog.example.com"
// and "gemini.example.com", but not "example.org".
//
// If a subtree has been registered and a request is received naming the
// subtree root without its trailing slash, Mux redirects that
// request to the subtree root (adding the trailing slash). This behavior can
// be overridden with a separate registration for the path without
// the trailing slash. For example, registering "/images/" causes Mux
// to redirect a request for "/images" to "/images/", unless "/images" has
// been registered separately.
//
// Mux also takes care of sanitizing the URL request path and
// redirecting any request containing . or .. elements or repeated slashes
// to an equivalent, cleaner URL.
type Mux struct {
mu sync.RWMutex
m map[hostpath]Handler
es []muxEntry // slice of entries sorted from longest to shortest
}
type hostpath struct {
host string
path string
}
type muxEntry struct {
handler Handler
host string
path string
}
// cleanPath returns the canonical path for p, eliminating . and .. elements.
func cleanPath(p string) string {
if p == "" {
return "/"
}
if p[0] != '/' {
p = "/" + p
}
np := path.Clean(p)
// path.Clean removes trailing slash except for root;
// put the trailing slash back if necessary.
if p[len(p)-1] == '/' && np != "/" {
// Fast path for common case of p being the string we want:
if len(p) == len(np)+1 && strings.HasPrefix(p, np) {
np = p
} else {
np += "/"
}
}
return np
}
// Find a handler on a handler map given a path string.
// Most-specific (longest) pattern wins.
func (mux *Mux) match(host, path string) Handler {
// Check for exact match first.
if h, ok := mux.m[hostpath{host, path}]; ok {
return h
}
// Check for longest valid match. mux.es contains all patterns
// that end in / sorted from longest to shortest.
for _, e := range mux.es {
if len(e.host) == len(host) && e.host == host &&
strings.HasPrefix(path, e.path) {
return e.handler
}
}
return nil
}
// redirectToPathSlash determines if the given path needs appending "/" to it.
// This occurs when a handler for path + "/" was already registered, but
// not for path itself. If the path needs appending to, it creates a new
// URL, setting the path to u.Path + "/" and returning true to indicate so.
func (mux *Mux) redirectToPathSlash(host, path string, u *url.URL) (*url.URL, bool) {
mux.mu.RLock()
shouldRedirect := mux.shouldRedirectRLocked(host, path)
mux.mu.RUnlock()
if !shouldRedirect {
return u, false
}
return u.ResolveReference(&url.URL{Path: path + "/"}), true
}
// shouldRedirectRLocked reports whether the given path and host should be redirected to
// path+"/". This should happen if a handler is registered for path+"/" but
// not path -- see comments at Mux.
func (mux *Mux) shouldRedirectRLocked(host, path string) bool {
if _, exist := mux.m[hostpath{host, path}]; exist {
return false
}
n := len(path)
if n == 0 {
return false
}
if _, exist := mux.m[hostpath{host, path + "/"}]; exist {
return path[n-1] != '/'
}
return false
}
func getWildcard(hostname string) (string, bool) {
if net.ParseIP(hostname) == nil {
split := strings.SplitN(hostname, ".", 2)
if len(split) == 2 {
return "*." + split[1], true
}
}
return "", false
}
// Handler returns the handler to use for the given request, consulting
// r.URL.Scheme, r.URL.Host, and r.URL.Path. It always returns a non-nil handler. If
// the path is not in its canonical form, the handler will be an
// internally-generated handler that redirects to the canonical path. If the
// host contains a port, it is ignored when matching handlers.
func (mux *Mux) Handler(r *Request) Handler {
// Disallow non-Gemini schemes
if r.URL.Scheme != "gemini" {
return NotFoundHandler()
}
host := r.URL.Hostname()
path := cleanPath(r.URL.Path)
// If the given path is /tree and its handler is not registered,
// redirect for /tree/.
if u, ok := mux.redirectToPathSlash(host, path, r.URL); ok {
return StatusHandler(StatusPermanentRedirect, u.String())
}
if path != r.URL.Path {
u := *r.URL
u.Path = path
return StatusHandler(StatusPermanentRedirect, u.String())
}
mux.mu.RLock()
defer mux.mu.RUnlock()
h := mux.match(host, path)
if h == nil {
// Try wildcard
if wildcard, ok := getWildcard(host); ok {
if u, ok := mux.redirectToPathSlash(wildcard, path, r.URL); ok {
return StatusHandler(StatusPermanentRedirect, u.String())
}
h = mux.match(wildcard, path)
}
}
if h == nil {
// Try empty host
if u, ok := mux.redirectToPathSlash("", path, r.URL); ok {
return StatusHandler(StatusPermanentRedirect, u.String())
}
h = mux.match("", path)
}
if h == nil {
h = NotFoundHandler()
}
return h
}
// ServeGemini dispatches the request to the handler whose
// pattern most closely matches the request URL.
func (mux *Mux) ServeGemini(ctx context.Context, w ResponseWriter, r *Request) {
h := mux.Handler(r)
h.ServeGemini(ctx, w, r)
}
// Handle registers the handler for the given pattern.
// If a handler already exists for pattern, Handle panics.
func (mux *Mux) Handle(pattern string, handler Handler) {
if pattern == "" {
panic("gemini: invalid pattern")
}
if handler == nil {
panic("gemini: nil handler")
}
mux.mu.Lock()
defer mux.mu.Unlock()
var host, path string
// extract hostname and path
cut := strings.Index(pattern, "/")
if cut == -1 {
host = pattern
path = "/"
} else {
host = pattern[:cut]
path = pattern[cut:]
}
// strip port from hostname
if hostname, _, err := net.SplitHostPort(host); err == nil {
host = hostname
}
if _, exist := mux.m[hostpath{host, path}]; exist {
panic("gemini: multiple registrations for " + pattern)
}
if mux.m == nil {
mux.m = make(map[hostpath]Handler)
}
mux.m[hostpath{host, path}] = handler
e := muxEntry{handler, host, path}
if path[len(path)-1] == '/' {
mux.es = appendSorted(mux.es, e)
}
}
func appendSorted(es []muxEntry, e muxEntry) []muxEntry {
n := len(es)
i := sort.Search(n, func(i int) bool {
return len(es[i].path) < len(e.path)
})
if i == n {
return append(es, e)
}
// we now know that i points at where we want to insert
es = append(es, muxEntry{}) // try to grow the slice in place, any entry works.
copy(es[i+1:], es[i:]) // move shorter entries down
es[i] = e
return es
}
// HandleFunc registers the handler function for the given pattern.
func (mux *Mux) HandleFunc(pattern string, handler HandlerFunc) {
mux.Handle(pattern, handler)
}

356
mux_test.go
View File

@ -1,356 +0,0 @@
package gemini
import (
"context"
"io"
"net/url"
"testing"
)
type nopHandler struct{}
func (*nopHandler) ServeGemini(context.Context, ResponseWriter, *Request) {}
type nopResponseWriter struct {
Status Status
Meta string
}
func (w *nopResponseWriter) WriteHeader(status Status, meta string) {
w.Status = status
w.Meta = meta
}
func (nopResponseWriter) SetMediaType(mediatype string) {}
func (nopResponseWriter) Write(b []byte) (int, error) { return 0, io.EOF }
func (nopResponseWriter) Flush() error { return nil }
func TestMux(t *testing.T) {
type Test struct {
URL string
Pattern string
Redirect string
NotFound bool
}
tests := []struct {
Patterns []string
Tests []Test
}{
{
Patterns: []string{"/a", "/b/", "/b/c/d", "/b/c/d/"},
Tests: []Test{
{
URL: "gemini://example.com",
Redirect: "gemini://example.com/",
},
{
URL: "gemini://example.com/",
NotFound: true,
},
{
URL: "gemini://example.com/c",
NotFound: true,
},
{
URL: "gemini://example.com/a",
Pattern: "/a",
},
{
URL: "gemini://example.com/a/",
NotFound: true,
},
{
URL: "gemini://example.com/b",
Redirect: "gemini://example.com/b/",
},
{
URL: "gemini://example.com/b/",
Pattern: "/b/",
},
{
URL: "gemini://example.com/b/c",
Pattern: "/b/",
},
{
URL: "gemini://example.com/b/c/d",
Pattern: "/b/c/d",
},
{
URL: "gemini://example.com/b/c/d/e/",
Pattern: "/b/c/d/",
},
},
},
{
Patterns: []string{
"/", "/a", "/b/",
"example.com", "example.com/a", "example.com/b/",
"*.example.com", "*.example.com/a", "*.example.com/b/",
},
Tests: []Test{
{
URL: "gemini://example.net/",
Pattern: "/",
},
{
URL: "gemini://example.net/a",
Pattern: "/a",
},
{
URL: "gemini://example.net/b",
Redirect: "gemini://example.net/b/",
},
{
URL: "gemini://example.net/b/",
Pattern: "/b/",
},
{
URL: "gemini://example.com/",
Pattern: "example.com",
},
{
URL: "gemini://example.com/b",
Redirect: "gemini://example.com/b/",
},
{
URL: "gemini://example.com/b/",
Pattern: "example.com/b/",
},
{
URL: "gemini://a.example.com/",
Pattern: "*.example.com",
},
{
URL: "gemini://b.example.com/a",
Pattern: "*.example.com/a",
},
{
URL: "gemini://c.example.com/b",
Redirect: "gemini://c.example.com/b/",
},
{
URL: "gemini://d.example.com/b/",
Pattern: "*.example.com/b/",
},
},
},
{
Patterns: []string{"example.net", "*.example.org"},
Tests: []Test{
{
// The following redirect occurs as a result of cleaning
// the path provided to the Mux. This happens even if there
// are no matching handlers.
URL: "gemini://example.com",
Redirect: "gemini://example.com/",
},
{
URL: "gemini://example.com/",
NotFound: true,
},
{
URL: "gemini://example.net",
Redirect: "gemini://example.net/",
},
{
URL: "gemini://example.org/",
NotFound: true,
},
{
URL: "gemini://gemini.example.org",
Redirect: "gemini://gemini.example.org/",
},
},
},
}
for _, test := range tests {
type handler struct {
nopHandler
Pattern string
}
mux := &Mux{}
for _, pattern := range test.Patterns {
mux.Handle(pattern, &handler{
Pattern: pattern,
})
}
for _, test := range test.Tests {
u, err := url.Parse(test.URL)
if err != nil {
panic(err)
}
req := &Request{URL: u}
h := mux.Handler(req)
if h, ok := h.(*handler); ok {
if h.Pattern != test.Pattern {
t.Errorf("wrong pattern for %q: expected %q, got %q", test.URL, test.Pattern, h.Pattern)
}
continue
}
// Check redirects and NotFounds
w := &nopResponseWriter{}
h.ServeGemini(context.Background(), w, req)
switch w.Status {
case StatusNotFound:
if !test.NotFound {
t.Errorf("expected pattern for %q, got NotFound", test.URL)
}
case StatusPermanentRedirect:
if test.Redirect == "" {
t.Errorf("expected pattern for %q, got redirect to %q", test.URL, w.Meta)
break
}
res, err := url.Parse(test.Redirect)
if err != nil {
panic(err)
}
if w.Meta != res.String() {
t.Errorf("bad redirect for %q: expected %q, got %q", test.URL, res.String(), w.Meta)
}
default:
t.Errorf("unexpected response for %q: %d %s", test.URL, w.Status, w.Meta)
}
}
}
}
func TestMuxMatch(t *testing.T) {
type Match struct {
URL string
Ok bool
}
tests := []struct {
Pattern string
Matches []Match
}{
{
// hostname: *, path: /*
Pattern: "/",
Matches: []Match{
{"gemini://example.com/path", true},
{"gemini://example.com/", true},
{"gemini://example.com/path.gmi", true},
{"gemini://example.com/path/", true},
{"gemini://example.org/path", true},
{"http://example.com/path", false},
{"http://example.org/path", false},
},
},
{
// hostname: *, path: /path
Pattern: "/path",
Matches: []Match{
{"gemini://example.com/path", true},
{"gemini://example.com/", false},
{"gemini://example.com/path.gmi", false},
{"gemini://example.com/path/", false},
{"gemini://example.org/path", true},
{"http://example.com/path", false},
{"http://example.org/path", false},
},
},
{
// hostname: *, path: /subtree/*
Pattern: "/subtree/",
Matches: []Match{
{"gemini://example.com/subtree/", true},
{"gemini://example.com/subtree/nested/", true},
{"gemini://example.com/subtree/nested/file", true},
{"gemini://example.org/subtree/", true},
{"gemini://example.org/subtree/nested/", true},
{"gemini://example.org/subtree/nested/file", true},
{"gemini://example.com/subtree", false},
{"gemini://www.example.com/subtree/", true},
{"http://example.com/subtree/", false},
},
},
{
// hostname: example.com, path: /*
Pattern: "example.com",
Matches: []Match{
{"gemini://example.com/path", true},
{"gemini://example.com/", true},
{"gemini://example.com/path.gmi", true},
{"gemini://example.com/path/", true},
{"gemini://example.org/path", false},
{"http://example.com/path", false},
{"http://example.org/path", false},
},
},
{
// hostname: example.com, path: /path
Pattern: "example.com/path",
Matches: []Match{
{"gemini://example.com/path", true},
{"gemini://example.com/", false},
{"gemini://example.com/path.gmi", false},
{"gemini://example.com/path/", false},
{"gemini://example.org/path", false},
{"http://example.com/path", false},
{"http://example.org/path", false},
},
},
{
// hostname: example.com, path: /subtree/*
Pattern: "example.com/subtree/",
Matches: []Match{
{"gemini://example.com/subtree/", true},
{"gemini://example.com/subtree/nested/", true},
{"gemini://example.com/subtree/nested/file", true},
{"gemini://example.org/subtree/", false},
{"gemini://example.org/subtree/nested/", false},
{"gemini://example.org/subtree/nested/file", false},
{"gemini://example.com/subtree", false},
{"gemini://www.example.com/subtree/", false},
{"http://example.com/subtree/", false},
},
},
{
// scheme: gemini, hostname: *.example.com, path: /*
Pattern: "*.example.com",
Matches: []Match{
{"gemini://mail.example.com/", true},
{"gemini://www.example.com/index.gmi", true},
{"gemini://example.com/", false},
{"gemini://a.b.example.com/", false},
{"http://www.example.com/", false},
},
},
}
for _, test := range tests {
h := &nopHandler{}
var mux Mux
mux.Handle(test.Pattern, h)
for _, match := range test.Matches {
u, err := url.Parse(match.URL)
if err != nil {
panic(err)
}
got := mux.Handler(&Request{URL: u})
if match.Ok {
if h != got {
t.Errorf("expected %s to match %s", test.Pattern, match.URL)
}
} else {
if h == got {
t.Errorf("expected %s not to match %s", test.Pattern, match.URL)
}
}
}
}
}

19
query.go
View File

@ -1,19 +0,0 @@
package gemini
import (
"net/url"
"strings"
)
// QueryEscape escapes a string for use in a Gemini URL query.
// It is like url.PathEscape except that it also replaces plus signs
// with their percent-encoded counterpart.
func QueryEscape(query string) string {
return strings.ReplaceAll(url.PathEscape(query), "+", "%2B")
}
// QueryUnescape unescapes a Gemini URL query.
// It is identical to url.PathUnescape.
func QueryUnescape(query string) (string, error) {
return url.PathUnescape(query)
}

129
request.go
View File

@ -3,105 +3,90 @@ package gemini
import (
"bufio"
"crypto/tls"
"io"
"net"
"net/url"
)
// A Request represents a Gemini request received by a server or to be sent
// by a client.
// Request represents a Gemini request.
type Request struct {
// URL specifies the URL being requested.
URL *url.URL
// For client requests, Host optionally specifies the server to
// connect to. It may be of the form "host" or "host:port".
// If empty, the value of URL.Host is used.
// For international domain names, Host may be in Punycode or
// Unicode form. Use golang.org/x/net/idna to convert it to
// either format if needed.
// This field is ignored by the Gemini server.
// For client requests, Host specifies the host on which the URL is sought.
// Host must contain a port.
// This field is ignored by the server.
Host string
// For client requests, Certificate optionally specifies the
// TLS certificate to present to the other side of the connection.
// This field is ignored by the Gemini server.
// Certificate specifies the TLS certificate to use for the request.
// Request certificates take precedence over client certificates.
// This field is ignored by the server.
Certificate *tls.Certificate
TLS *tls.ConnectionState
// RemoteAddr allows servers and other software to record the network
// address that sent the request.
// This field is ignored by the client.
RemoteAddr net.Addr
// TLS allows servers and other software to record information about the TLS
// connection on which the request was received.
// This field is ignored by the client.
TLS tls.ConnectionState
}
// NewRequest returns a new request.
// The returned Request is suitable for use with Client.Do.
//
// Callers should be careful that the URL query is properly escaped.
// See the documentation for QueryEscape for more information.
// hostname returns the host without the port.
func hostname(host string) string {
hostname, _, err := net.SplitHostPort(host)
if err != nil {
return host
}
return hostname
}
// NewRequest returns a new request. The host is inferred from the provided URL.
func NewRequest(rawurl string) (*Request, error) {
u, err := url.Parse(rawurl)
if err != nil {
return nil, err
}
return &Request{URL: u}, nil
// If there is no port, use the default port of 1965
host := u.Host
if u.Port() == "" {
host += ":1965"
}
return &Request{
Host: host,
URL: u,
}, nil
}
// ReadRequest reads and parses an incoming request from r.
//
// ReadRequest is a low-level function and should only be used
// for specialized applications; most code should use the Server
// to read requests and handle them via the Handler interface.
func ReadRequest(r io.Reader) (*Request, error) {
// Limit request size
r = io.LimitReader(r, 1026)
br := bufio.NewReaderSize(r, 1026)
b, err := br.ReadBytes('\n')
if err != nil {
if err == io.EOF {
return nil, ErrInvalidRequest
}
return nil, err
}
// Read URL
rawurl, ok := trimCRLF(b)
if !ok {
return nil, ErrInvalidRequest
}
if len(rawurl) == 0 {
return nil, ErrInvalidRequest
}
u, err := url.Parse(string(rawurl))
// NewRequestTo returns a new request for the provided URL to the provided host.
// The host must contain a port.
func NewRequestTo(rawurl, host string) (*Request, error) {
u, err := url.Parse(rawurl)
if err != nil {
return nil, err
}
return &Request{URL: u}, nil
return &Request{
Host: host,
URL: u,
}, nil
}
// WriteTo writes r to w in the Gemini request format.
// This method consults the request URL only.
func (r *Request) WriteTo(w io.Writer) (int64, error) {
bw := bufio.NewWriterSize(w, 1026)
// write writes the Gemini request to the provided buffered writer.
func (r *Request) write(w *bufio.Writer) error {
url := r.URL.String()
if len(url) > 1024 {
return 0, ErrInvalidRequest
// User is invalid
if r.URL.User != nil || len(url) > 1024 {
return ErrInvalidURL
}
var wrote int64
n, err := bw.WriteString(url)
wrote += int64(n)
if err != nil {
return wrote, err
if _, err := w.WriteString(url); err != nil {
return err
}
n, err = bw.Write(crlf)
wrote += int64(n)
if err != nil {
return wrote, err
if _, err := w.Write(crlf); err != nil {
return err
}
return wrote, bw.Flush()
}
// ServerName returns the value of the TLS Server Name Indication extension
// sent by the client.
// ServerName returns an empty string for client requests.
func (r *Request) ServerName() string {
if tls := r.TLS; tls != nil {
return tls.ServerName
}
return ""
return nil
}

131
request_test.go
View File

@ -1,131 +0,0 @@
package gemini
import (
"bufio"
"net/url"
"strings"
"testing"
)
// 1024 bytes
const maxURL = "gemini://example.net/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
func TestReadRequest(t *testing.T) {
tests := []struct {
Raw string
URL *url.URL
Err error
}{
{
Raw: "gemini://example.com\r\n",
URL: &url.URL{
Scheme: "gemini",
Host: "example.com",
},
},
{
Raw: "http://example.org/path/?query#fragment\r\n",
URL: &url.URL{
Scheme: "http",
Host: "example.org",
Path: "/path/",
RawQuery: "query",
Fragment: "fragment",
},
},
{
Raw: "\r\n",
Err: ErrInvalidRequest,
},
{
Raw: "gemini://example.com\n",
Err: ErrInvalidRequest,
},
{
Raw: "gemini://example.com",
Err: ErrInvalidRequest,
},
{
// 1030 bytes
Raw: maxURL + "xxxxxx",
Err: ErrInvalidRequest,
},
{
// 1027 bytes
Raw: maxURL + "x" + "\r\n",
Err: ErrInvalidRequest,
},
{
// 1024 bytes
Raw: maxURL[:len(maxURL)-2] + "\r\n",
URL: &url.URL{
Scheme: "gemini",
Host: "example.net",
Path: maxURL[len("gemini://example.net") : len(maxURL)-2],
},
},
}
for _, test := range tests {
t.Logf("%#v", test.Raw)
req, err := ReadRequest(strings.NewReader(test.Raw))
if err != test.Err {
t.Errorf("expected err = %v, got %v", test.Err, err)
}
if req == nil && test.URL != nil {
t.Errorf("expected url = %s, got nil", test.URL)
} else if req != nil && test.URL == nil {
t.Errorf("expected req = nil, got %v", req)
} else if req != nil && *req.URL != *test.URL {
t.Errorf("expected url = %v, got %v", *test.URL, *req.URL)
}
}
}
func newRequest(rawurl string) *Request {
req, err := NewRequest(rawurl)
if err != nil {
panic(err)
}
return req
}
func TestWriteRequest(t *testing.T) {
tests := []struct {
Req *Request
Raw string
Err error
}{
{
Req: newRequest("gemini://example.com"),
Raw: "gemini://example.com\r\n",
},
{
Req: newRequest("gemini://example.com/path/?query#fragment"),
Raw: "gemini://example.com/path/?query#fragment\r\n",
},
{
Req: newRequest(maxURL),
Raw: maxURL + "\r\n",
},
{
Req: newRequest(maxURL + "x"),
Err: ErrInvalidRequest,
},
}
for _, test := range tests {
t.Logf("%s", test.Req.URL)
var b strings.Builder
bw := bufio.NewWriter(&b)
_, err := test.Req.WriteTo(bw)
if err != test.Err {
t.Errorf("expected err = %v, got %v", test.Err, err)
}
bw.Flush()
got := b.String()
if got != test.Raw {
t.Errorf("expected %#v, got %#v", test.Raw, got)
}
}
}

259
response.go
View File

@ -3,232 +3,83 @@ package gemini
import (
"bufio"
"crypto/tls"
"fmt"
"io"
"net"
"io/ioutil"
"strconv"
)
// The default media type for responses.
const defaultMediaType = "text/gemini"
// Response represents the response from a Gemini request.
//
// The Client returns Responses from servers once the response
// header has been received. The response body is streamed on demand
// as the Body field is read.
// Response is a Gemini response.
type Response struct {
// Status is the response status code.
Status Status
// Status represents the response status.
Status int
// Meta returns the response meta.
// For successful responses, the meta should contain the media type of the response.
// For failure responses, the meta should contain a short description of the failure.
// Meta contains more information related to the response status.
// For successful responses, Meta should contain the mimetype of the response.
// For failure responses, Meta should contain a short description of the failure.
// Meta should not be longer than 1024 bytes.
Meta string
// Body represents the response body.
//
// The response body is streamed on demand as the Body field
// is read. If the network connection fails or the server
// terminates the response, Body.Read calls return an error.
//
// The Gemini client guarantees that Body is always
// non-nil, even on responses without a body or responses with
// a zero-length body. It is the caller's responsibility to
// close Body.
Body io.ReadCloser
// Body contains the response body.
Body []byte
conn net.Conn
// TLS contains information about the TLS connection on which the response
// was received.
TLS tls.ConnectionState
}
// ReadResponse reads a Gemini response from the provided io.ReadCloser.
func ReadResponse(r io.ReadCloser) (*Response, error) {
resp := &Response{}
// Limit response header size
lr := io.LimitReader(r, 1029)
// Wrap the reader to remove the limit later on
wr := &struct{ io.Reader }{lr}
br := bufio.NewReader(wr)
// Read response header
b, err := br.ReadBytes('\n')
if err != nil {
if err == io.EOF {
return nil, ErrInvalidResponse
}
return nil, err
}
if len(b) < 3 {
return nil, ErrInvalidResponse
}
// read reads a Gemini response from the provided buffered reader.
func (resp *Response) read(r *bufio.Reader) error {
// Read the status
status, err := strconv.Atoi(string(b[:2]))
if err != nil {
return nil, ErrInvalidResponse
statusB := make([]byte, 2)
if _, err := r.Read(statusB); err != nil {
return err
}
status, err := strconv.Atoi(string(statusB))
if err != nil {
return err
}
resp.Status = status
// Disregard invalid status codes
const minStatus, maxStatus = 1, 6
statusClass := status / 10
if statusClass < minStatus || statusClass > maxStatus {
return ErrInvalidResponse
}
resp.Status = Status(status)
// Read one space
if b[2] != ' ' {
return nil, ErrInvalidResponse
if b, err := r.ReadByte(); err != nil {
return err
} else if b != ' ' {
return ErrInvalidResponse
}
// Read the meta
meta, ok := trimCRLF(b[3:])
if !ok {
return nil, ErrInvalidResponse
meta, err := r.ReadString('\r')
if err != nil {
return err
}
if len(meta) == 0 {
return nil, ErrInvalidResponse
// Trim carriage return
meta = meta[:len(meta)-1]
// Ensure meta is less than or equal to 1024 bytes
if len(meta) > 1024 {
return ErrInvalidResponse
}
resp.Meta = string(meta)
resp.Meta = meta
if resp.Status.Class() == StatusSuccess {
// Use unlimited reader
wr.Reader = r
// Read terminating newline
if b, err := r.ReadByte(); err != nil {
return err
} else if b != '\n' {
return ErrInvalidResponse
}
type readCloser struct {
io.Reader
io.Closer
// Read response body
if status/10 == StatusClassSuccess {
var err error
resp.Body, err = ioutil.ReadAll(r)
if err != nil {
return err
}
resp.Body = readCloser{br, r}
} else {
resp.Body = nopReadCloser{}
r.Close()
}
return resp, nil
}
// Conn returns the network connection on which the response was received.
func (r *Response) Conn() net.Conn {
return r.conn
}
// TLS returns information about the TLS connection on which the
// response was received.
func (r *Response) TLS() *tls.ConnectionState {
if tlsConn, ok := r.conn.(*tls.Conn); ok {
state := tlsConn.ConnectionState()
return &state
}
return nil
}
// WriteTo writes r to w in the Gemini response format, including the
// header and body.
//
// This method consults the Status, Meta, and Body fields of the response.
// The Response Body is closed after it is sent.
func (r *Response) WriteTo(w io.Writer) (int64, error) {
var wrote int64
n, err := fmt.Fprintf(w, "%02d %s\r\n", r.Status, r.Meta)
wrote += int64(n)
if err != nil {
return wrote, err
}
if r.Body != nil {
defer r.Body.Close()
n, err := io.Copy(w, r.Body)
wrote += n
if err != nil {
return wrote, err
}
}
return wrote, nil
}
// A ResponseWriter interface is used by a Gemini handler to construct
// a Gemini response.
//
// A ResponseWriter may not be used after the Handler.ServeGemini method
// has returned.
type ResponseWriter interface {
// SetMediaType sets the media type that will be sent by Write for a
// successful response. If no media type is set, a default media type of
// "text/gemini" will be used.
//
// Setting the media type after a call to Write or WriteHeader has
// no effect.
SetMediaType(mediatype string)
// Write writes the data to the connection as part of a Gemini response.
//
// If WriteHeader has not yet been called, Write calls WriteHeader with
// StatusSuccess and the media type set in SetMediaType before writing the data.
// If no media type was set, Write uses a default media type of
// "text/gemini".
Write([]byte) (int, error)
// WriteHeader sends a Gemini response header with the provided
// status code and meta.
//
// If WriteHeader is not called explicitly, the first call to Write
// will trigger an implicit call to WriteHeader with a successful
// status code and the media type set in SetMediaType.
//
// The provided code must be a valid Gemini status code.
// The provided meta must not be longer than 1024 bytes.
// Only one header may be written.
WriteHeader(status Status, meta string)
// Flush sends any buffered data to the client.
Flush() error
}
type responseWriter struct {
bw *bufio.Writer
mediatype string
wroteHeader bool
bodyAllowed bool
}
func newResponseWriter(w io.Writer) *responseWriter {
return &responseWriter{
bw: bufio.NewWriter(w),
}
}
func (w *responseWriter) SetMediaType(mediatype string) {
w.mediatype = mediatype
}
func (w *responseWriter) Write(b []byte) (int, error) {
if !w.wroteHeader {
meta := w.mediatype
if meta == "" {
// Use default media type
meta = defaultMediaType
}
w.WriteHeader(StatusSuccess, meta)
}
if !w.bodyAllowed {
return 0, ErrBodyNotAllowed
}
return w.bw.Write(b)
}
func (w *responseWriter) WriteHeader(status Status, meta string) {
if w.wroteHeader {
return
}
if status.Class() == StatusSuccess {
w.bodyAllowed = true
}
w.bw.WriteString(strconv.Itoa(int(status)))
w.bw.WriteByte(' ')
w.bw.WriteString(meta)
w.bw.Write(crlf)
w.wroteHeader = true
}
func (w *responseWriter) Flush() error {
if !w.wroteHeader {
w.WriteHeader(StatusTemporaryFailure, "Temporary failure")
}
// Write errors from WriteHeader will be returned here.
return w.bw.Flush()
}

135
response_test.go
View File

@ -1,135 +0,0 @@
package gemini
import (
"io"
"io/ioutil"
"strings"
"testing"
)
func TestReadWriteResponse(t *testing.T) {
tests := []struct {
Raw string
Status Status
Meta string
Body string
Err error
SkipWrite bool
}{
{
Raw: "20 text/gemini\r\nHello, world!\nWelcome to my capsule.",
Status: 20,
Meta: "text/gemini",
Body: "Hello, world!\nWelcome to my capsule.",
},
{
Raw: "10 Search query\r\n",
Status: 10,
Meta: "Search query",
},
{
Raw: "30 /redirect\r\n",
Status: 30,
Meta: "/redirect",
},
{
Raw: "31 /redirect\r\nThis body is ignored.",
Status: 31,
Meta: "/redirect",
SkipWrite: true, // skip write test since result won't match Raw
},
{
Raw: "32 " + maxURL + "\r\n",
Status: 32,
Meta: maxURL,
},
{
Raw: "33 " + maxURL + "xxxx" + "\r\n",
Err: ErrInvalidResponse,
},
{
Raw: "99 Unknown status code\r\n",
Status: 99,
Meta: "Unknown status code",
},
{
Raw: "\r\n",
Err: ErrInvalidResponse,
},
{
Raw: "\n",
Err: ErrInvalidResponse,
},
{
Raw: "1 Bad response\r\n",
Err: ErrInvalidResponse,
},
{
Raw: "",
Err: ErrInvalidResponse,
},
{
Raw: "10 Search query",
Err: ErrInvalidResponse,
},
{
Raw: "20 text/gemini\nHello, world!",
Err: ErrInvalidResponse,
},
{
Raw: "20 text/gemini\rHello, world!",
Err: ErrInvalidResponse,
},
{
Raw: "20 text/gemini\r",
Err: ErrInvalidResponse,
},
{
Raw: "abcdefghijklmnopqrstuvwxyz",
Err: ErrInvalidResponse,
},
}
for _, test := range tests {
t.Logf("%#v", test.Raw)
resp, err := ReadResponse(ioutil.NopCloser(strings.NewReader(test.Raw)))
if err != test.Err {
t.Errorf("expected err = %v, got %v", test.Err, err)
}
if err != nil {
// No response
continue
}
if resp.Status != test.Status {
t.Errorf("expected status = %d, got %d", test.Status, resp.Status)
}
if resp.Meta != test.Meta {
t.Errorf("expected meta = %s, got %s", test.Meta, resp.Meta)
}
b, _ := ioutil.ReadAll(resp.Body)
body := string(b)
if body != test.Body {
t.Errorf("expected body = %#v, got %#v", test.Body, body)
}
}
for _, test := range tests {
if test.Err != nil || test.SkipWrite {
continue
}
var b strings.Builder
w := newResponseWriter(nopCloser{&b})
w.WriteHeader(test.Status, test.Meta)
io.Copy(w, strings.NewReader(test.Body))
if err := w.Flush(); err != nil {
t.Error(err)
continue
}
got := b.String()
if got != test.Raw {
t.Errorf("expected %#v, got %#v", test.Raw, got)
}
}
}

771
server.go
View File

@ -1,267 +1,113 @@
package gemini
import (
"context"
"bufio"
"crypto/tls"
"errors"
"crypto/x509"
"log"
"net"
"net/url"
"path"
"sort"
"strconv"
"strings"
"sync"
"time"
)
// A Server defines parameters for running a Gemini server. The zero value for
// Server is a valid configuration.
// Server is a Gemini server.
type Server struct {
// Addr optionally specifies the TCP address for the server to listen on,
// in the form "host:port". If empty, ":1965" (port 1965) is used.
// See net.Dial for details of the address format.
// Addr specifies the address that the server should listen on.
// If Addr is empty, the server will listen on the address ":1965".
Addr string
// The Handler to invoke.
Handler Handler
// CertificateStore contains the certificates used by the server.
CertificateStore CertificateStore
// ReadTimeout is the maximum duration for reading the entire
// request.
//
// A ReadTimeout of zero means no timeout.
ReadTimeout time.Duration
// GetCertificate, if not nil, will be called to retrieve the certificate
// to use for a given hostname.
// If the certificate is nil, the connection will be aborted.
GetCertificate func(hostname string, store *CertificateStore) *tls.Certificate
// WriteTimeout is the maximum duration before timing out
// writes of the response.
//
// A WriteTimeout of zero means no timeout.
WriteTimeout time.Duration
// GetCertificate returns a TLS certificate based on the given
// hostname.
//
// If GetCertificate is nil or returns nil, then no certificate
// will be used and the connection will be aborted.
//
// See the certificate submodule for a certificate store that creates
// and rotates certificates as needed.
GetCertificate func(hostname string) (*tls.Certificate, error)
// ErrorLog specifies an optional logger for errors accepting connections,
// unexpected behavior from handlers, and underlying file system errors.
// If nil, logging is done via the log package's standard logger.
ErrorLog interface {
Printf(format string, v ...interface{})
}
listeners map[*net.Listener]context.CancelFunc
conns map[*net.Conn]context.CancelFunc
closed bool // true if Close or Shutdown called
shutdown bool // true if Shutdown called
doneChan chan struct{}
mu sync.Mutex
// registered responders
responders map[responderKey]Responder
}
func (srv *Server) isClosed() bool {
srv.mu.Lock()
defer srv.mu.Unlock()
return srv.closed
type responderKey struct {
scheme string
hostname string
wildcard bool
}
// done returns a channel that's closed when the server is closed and
// all listeners and connections are closed.
func (srv *Server) done() chan struct{} {
srv.mu.Lock()
defer srv.mu.Unlock()
return srv.doneLocked()
// Register registers a responder for the given pattern.
// Patterns must be in the form of scheme://hostname (e.g. gemini://example.com).
// If no scheme is specified, a default scheme of gemini:// is assumed.
// Wildcard patterns are supported (e.g. *.example.com).
func (s *Server) Register(pattern string, responder Responder) {
if pattern == "" {
panic("gemini: invalid pattern")
}
if responder == nil {
panic("gemini: nil responder")
}
if s.responders == nil {
s.responders = map[responderKey]Responder{}
}
split := strings.SplitN(pattern, "://", 2)
var key responderKey
if len(split) == 2 {
key.scheme = split[0]
key.hostname = split[1]
} else {
key.scheme = "gemini"
key.hostname = split[0]
}
split = strings.SplitN(key.hostname, ".", 2)
if len(split) == 2 && split[0] == "*" {
key.hostname = split[1]
key.wildcard = true
}
s.responders[key] = responder
}
func (srv *Server) doneLocked() chan struct{} {
if srv.doneChan == nil {
srv.doneChan = make(chan struct{})
}
return srv.doneChan
}
// tryCloseDone closes srv.done() if the server is closed and
// there are no active listeners or connections.
func (srv *Server) tryCloseDone() {
srv.mu.Lock()
defer srv.mu.Unlock()
srv.tryCloseDoneLocked()
}
func (srv *Server) tryCloseDoneLocked() {
if !srv.closed {
return
}
if len(srv.listeners) == 0 && len(srv.conns) == 0 {
ch := srv.doneLocked()
select {
case <-ch:
default:
close(ch)
}
}
}
// Close immediately closes all active net.Listeners and connections.
// For a graceful shutdown, use Shutdown.
func (srv *Server) Close() error {
srv.mu.Lock()
{
if srv.closed {
srv.mu.Unlock()
return nil
}
srv.closed = true
srv.tryCloseDoneLocked()
// Close all active connections and listeners.
for _, cancel := range srv.listeners {
cancel()
}
for _, cancel := range srv.conns {
cancel()
}
}
srv.mu.Unlock()
select {
case <-srv.done():
return nil
}
}
// Shutdown gracefully shuts down the server without interrupting any
// active connections. Shutdown works by first closing all open listeners
// and then waiting indefinitely for connections to close.
// If the provided context expires before the shutdown is complete,
// Shutdown returns the context's error.
//
// When Shutdown is called, Serve and ListenAndServe immediately
// return an error. Make sure the program doesn't exit and waits instead for
// Shutdown to return.
//
// Once Shutdown has been called on a server, it may not be reused;
// future calls to methods such as Serve will return an error.
func (srv *Server) Shutdown(ctx context.Context) error {
srv.mu.Lock()
{
if srv.closed {
srv.mu.Unlock()
return nil
}
srv.closed = true
srv.shutdown = true
srv.tryCloseDoneLocked()
// Close all active listeners.
for _, cancel := range srv.listeners {
cancel()
}
}
srv.mu.Unlock()
// Wait for active connections to finish.
select {
case <-ctx.Done():
return ctx.Err()
case <-srv.done():
return nil
}
// RegisterFunc registers a responder function for the given pattern.
func (s *Server) RegisterFunc(pattern string, responder func(*ResponseWriter, *Request)) {
s.Register(pattern, ResponderFunc(responder))
}
// ListenAndServe listens for requests at the server's configured address.
// ListenAndServe listens on the TCP network address srv.Addr and then calls
// Serve to handle requests on incoming connections. If the provided
// context expires, ListenAndServe closes l and returns the context's error.
//
// If srv.Addr is blank, ":1965" is used.
//
// ListenAndServe always returns a non-nil error.
// After Shutdown or Closed, the returned error is context.Canceled.
func (srv *Server) ListenAndServe(ctx context.Context) error {
if srv.isClosed() {
return context.Canceled
}
addr := srv.Addr
func (s *Server) ListenAndServe() error {
addr := s.Addr
if addr == "" {
addr = ":1965"
}
l, err := net.Listen("tcp", addr)
ln, err := net.Listen("tcp", addr)
if err != nil {
return err
}
defer ln.Close()
l = tls.NewListener(l, &tls.Config{
ClientAuth: tls.RequestClientCert,
MinVersion: tls.VersionTLS12,
GetCertificate: srv.getCertificate,
})
return srv.Serve(ctx, l)
config := &tls.Config{
ClientAuth: tls.RequestClientCert,
MinVersion: tls.VersionTLS12,
GetCertificate: func(h *tls.ClientHelloInfo) (*tls.Certificate, error) {
if s.GetCertificate != nil {
return s.GetCertificate(h.ServerName, &s.CertificateStore), nil
}
return s.CertificateStore.Lookup(h.ServerName)
},
}
tlsListener := tls.NewListener(ln, config)
return s.Serve(tlsListener)
}
func (srv *Server) getCertificate(h *tls.ClientHelloInfo) (*tls.Certificate, error) {
if srv.GetCertificate == nil {
return nil, errors.New("gemini: GetCertificate is nil")
}
return srv.GetCertificate(h.ServerName)
}
func (srv *Server) trackListener(l *net.Listener, cancel context.CancelFunc) bool {
srv.mu.Lock()
defer srv.mu.Unlock()
if srv.closed {
return false
}
if srv.listeners == nil {
srv.listeners = make(map[*net.Listener]context.CancelFunc)
}
srv.listeners[l] = cancel
return true
}
func (srv *Server) deleteListener(l *net.Listener) {
srv.mu.Lock()
defer srv.mu.Unlock()
delete(srv.listeners, l)
}
// Serve accepts incoming connections on the Listener l, creating a new
// service goroutine for each. The service goroutines read the requests and
// then call the appropriate Handler to reply to them. If the provided
// context expires, Serve closes l and returns the context's error.
//
// Serve always closes l and returns a non-nil error.
// After Shutdown or Close, the returned error is context.Canceled.
func (srv *Server) Serve(ctx context.Context, l net.Listener) error {
defer l.Close()
lnctx, cancel := context.WithCancel(ctx)
defer cancel()
if !srv.trackListener(&l, cancel) {
return context.Canceled
}
defer srv.tryCloseDone()
defer srv.deleteListener(&l)
errch := make(chan error, 1)
go func() {
errch <- srv.serve(ctx, l)
}()
select {
case <-lnctx.Done():
return lnctx.Err()
case err := <-errch:
return err
}
}
func (srv *Server) serve(ctx context.Context, l net.Listener) error {
// Serve listens for requests on the provided listener.
func (s *Server) Serve(l net.Listener) error {
var tempDelay time.Duration // how long to sleep on accept failure
for {
rw, err := l.Accept()
if err != nil {
@ -275,121 +121,410 @@ func (srv *Server) serve(ctx context.Context, l net.Listener) error {
if max := 1 * time.Second; tempDelay > max {
tempDelay = max
}
srv.logf("gemini: Accept error: %v; retrying in %v", err, tempDelay)
log.Printf("gemini: Accept error: %v; retrying in %v", err, tempDelay)
time.Sleep(tempDelay)
continue
}
// Otherwise, return the error
return err
}
tempDelay = 0
go srv.serveConn(ctx, rw, false)
go s.respond(rw)
}
}
func (srv *Server) trackConn(conn *net.Conn, cancel context.CancelFunc, external bool) bool {
srv.mu.Lock()
defer srv.mu.Unlock()
// Reject the connection under the following conditions:
// - Shutdown or Close has been called and conn is external (from ServeConn)
// - Close (not Shutdown) has been called and conn is internal (from Serve)
if srv.closed && (external || !srv.shutdown) {
// respond responds to a connection.
func (s *Server) respond(conn net.Conn) {
r := bufio.NewReader(conn)
w := newResponseWriter(conn)
// Read requested URL
rawurl, err := r.ReadString('\r')
if err != nil {
return
}
// Read terminating line feed
if b, err := r.ReadByte(); err != nil {
return
} else if b != '\n' {
w.WriteHeader(StatusBadRequest, "Bad request")
}
// Trim carriage return
rawurl = rawurl[:len(rawurl)-1]
// Ensure URL is valid
if len(rawurl) > 1024 {
w.WriteHeader(StatusBadRequest, "Bad request")
} else if url, err := url.Parse(rawurl); err != nil || url.User != nil {
// Note that we return an error status if User is specified in the URL
w.WriteHeader(StatusBadRequest, "Bad request")
} else {
// If no scheme is specified, assume a default scheme of gemini://
if url.Scheme == "" {
url.Scheme = "gemini"
}
req := &Request{
URL: url,
RemoteAddr: conn.RemoteAddr(),
TLS: conn.(*tls.Conn).ConnectionState(),
}
s.responder(req).Respond(w, req)
}
w.b.Flush()
conn.Close()
}
func (s *Server) responder(r *Request) Responder {
if h, ok := s.responders[responderKey{r.URL.Scheme, r.URL.Hostname(), false}]; ok {
return h
}
wildcard := strings.SplitN(r.URL.Hostname(), ".", 2)
if len(wildcard) == 2 {
if h, ok := s.responders[responderKey{r.URL.Scheme, wildcard[1], true}]; ok {
return h
}
}
return ResponderFunc(NotFound)
}
// ResponseWriter is used by a Gemini handler to construct a Gemini response.
type ResponseWriter struct {
b *bufio.Writer
bodyAllowed bool
wroteHeader bool
mimetype string
}
func newResponseWriter(conn net.Conn) *ResponseWriter {
return &ResponseWriter{
b: bufio.NewWriter(conn),
}
}
// WriteHeader writes the response header.
// If the header has already been written, WriteHeader does nothing.
//
// Meta contains more information related to the response status.
// For successful responses, Meta should contain the mimetype of the response.
// For failure responses, Meta should contain a short description of the failure.
// Meta should not be longer than 1024 bytes.
func (w *ResponseWriter) WriteHeader(status int, meta string) {
if w.wroteHeader {
return
}
w.b.WriteString(strconv.Itoa(status))
w.b.WriteByte(' ')
w.b.WriteString(meta)
w.b.Write(crlf)
// Only allow body to be written on successful status codes.
if status/10 == StatusClassSuccess {
w.bodyAllowed = true
}
w.wroteHeader = true
}
// SetMimetype sets the mimetype that will be written for a successful response.
// The provided mimetype will only be used if Write is called without calling
// WriteHeader.
// If the mimetype is not set, it will default to "text/gemini".
func (w *ResponseWriter) SetMimetype(mimetype string) {
w.mimetype = mimetype
}
// Write writes the response body.
// If the response status does not allow for a response body, Write returns
// ErrBodyNotAllowed.
//
// If WriteHeader has not yet been called, Write calls
// WriteHeader(StatusSuccess, mimetype) where mimetype is the mimetype set in
// SetMimetype. If no mimetype is set, a default of "text/gemini" will be used.
func (w *ResponseWriter) Write(b []byte) (int, error) {
if !w.wroteHeader {
mimetype := w.mimetype
if mimetype == "" {
mimetype = "text/gemini"
}
w.WriteHeader(StatusSuccess, mimetype)
}
if !w.bodyAllowed {
return 0, ErrBodyNotAllowed
}
return w.b.Write(b)
}
// A Responder responds to a Gemini request.
type Responder interface {
// Respond accepts a Request and constructs a Response.
Respond(*ResponseWriter, *Request)
}
// Input returns the request query.
// If no input is provided, it responds with StatusInput.
func Input(w *ResponseWriter, r *Request, prompt string) (string, bool) {
if r.URL.ForceQuery || r.URL.RawQuery != "" {
return r.URL.RawQuery, true
}
w.WriteHeader(StatusInput, prompt)
return "", false
}
// SensitiveInput returns the request query.
// If no input is provided, it responds with StatusSensitiveInput.
func SensitiveInput(w *ResponseWriter, r *Request, prompt string) (string, bool) {
if r.URL.ForceQuery || r.URL.RawQuery != "" {
return r.URL.RawQuery, true
}
w.WriteHeader(StatusSensitiveInput, prompt)
return "", false
}
// Redirect replies to the request with a redirect to the given URL.
func Redirect(w *ResponseWriter, r *Request, url string) {
w.WriteHeader(StatusRedirect, url)
}
// PermanentRedirect replies to the request with a permanent redirect to the given URL.
func PermanentRedirect(w *ResponseWriter, r *Request, url string) {
w.WriteHeader(StatusRedirectPermanent, url)
}
// NotFound replies to the request with the NotFound status code.
func NotFound(w *ResponseWriter, r *Request) {
w.WriteHeader(StatusNotFound, "Not found")
}
// Gone replies to the request with the Gone status code.
func Gone(w *ResponseWriter, r *Request) {
w.WriteHeader(StatusGone, "Gone")
}
// CertificateRequired responds to the request with the CertificateRequired
// status code.
func CertificateRequired(w *ResponseWriter, r *Request) {
w.WriteHeader(StatusCertificateRequired, "Certificate required")
}
// CertificateNotAuthorized responds to the request with
// the CertificateNotAuthorized status code.
func CertificateNotAuthorized(w *ResponseWriter, r *Request) {
w.WriteHeader(StatusCertificateNotAuthorized, "Certificate not authorized")
}
// Certificate returns the request certificate. If one is not provided,
// it returns nil and responds with StatusCertificateRequired.
func Certificate(w *ResponseWriter, r *Request) (*x509.Certificate, bool) {
if len(r.TLS.PeerCertificates) == 0 {
CertificateRequired(w, r)
return nil, false
}
return r.TLS.PeerCertificates[0], true
}
// ResponderFunc is a wrapper around a bare function that implements Responder.
type ResponderFunc func(*ResponseWriter, *Request)
func (f ResponderFunc) Respond(w *ResponseWriter, r *Request) {
f(w, r)
}
// The following code is modified from the net/http package.
// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// ServeMux is a Gemini request multiplexer.
// It matches the URL of each incoming request against a list of registered
// patterns and calls the handler for the pattern that
// most closely matches the URL.
//
// Patterns name fixed, rooted paths, like "/favicon.ico",
// or rooted subtrees, like "/images/" (note the trailing slash).
// Longer patterns take precedence over shorter ones, so that
// if there are handlers registered for both "/images/"
// and "/images/thumbnails/", the latter handler will be
// called for paths beginning "/images/thumbnails/" and the
// former will receive requests for any other paths in the
// "/images/" subtree.
//
// Note that since a pattern ending in a slash names a rooted subtree,
// the pattern "/" matches all paths not matched by other registered
// patterns, not just the URL with Path == "/".
//
// If a subtree has been registered and a request is received naming the
// subtree root without its trailing slash, ServeMux redirects that
// request to the subtree root (adding the trailing slash). This behavior can
// be overridden with a separate registration for the path without
// the trailing slash. For example, registering "/images/" causes ServeMux
// to redirect a request for "/images" to "/images/", unless "/images" has
// been registered separately.
//
// ServeMux also takes care of sanitizing the URL request path and
// redirecting any request containing . or .. elements or repeated slashes
// to an equivalent, cleaner URL.
type ServeMux struct {
mu sync.RWMutex
m map[string]muxEntry
es []muxEntry // slice of entries sorted from longest to shortest.
}
type muxEntry struct {
r Responder
pattern string
}
// cleanPath returns the canonical path for p, eliminating . and .. elements.
func cleanPath(p string) string {
if p == "" {
return "/"
}
if p[0] != '/' {
p = "/" + p
}
np := path.Clean(p)
// path.Clean removes trailing slash except for root;
// put the trailing slash back if necessary.
if p[len(p)-1] == '/' && np != "/" {
// Fast path for common case of p being the string we want:
if len(p) == len(np)+1 && strings.HasPrefix(p, np) {
np = p
} else {
np += "/"
}
}
return np
}
// Find a handler on a handler map given a path string.
// Most-specific (longest) pattern wins.
func (mux *ServeMux) match(path string) Responder {
// Check for exact match first.
v, ok := mux.m[path]
if ok {
return v.r
}
// Check for longest valid match. mux.es contains all patterns
// that end in / sorted from longest to shortest.
for _, e := range mux.es {
if strings.HasPrefix(path, e.pattern) {
return e.r
}
}
return nil
}
// redirectToPathSlash determines if the given path needs appending "/" to it.
// This occurs when a handler for path + "/" was already registered, but
// not for path itself. If the path needs appending to, it creates a new
// URL, setting the path to u.Path + "/" and returning true to indicate so.
func (mux *ServeMux) redirectToPathSlash(path string, u *url.URL) (*url.URL, bool) {
mux.mu.RLock()
shouldRedirect := mux.shouldRedirectRLocked(path)
mux.mu.RUnlock()
if !shouldRedirect {
return u, false
}
path = path + "/"
u = &url.URL{Path: path, RawQuery: u.RawQuery}
return u, true
}
// shouldRedirectRLocked reports whether the given path and host should be redirected to
// path+"/". This should happen if a handler is registered for path+"/" but
// not path -- see comments at ServeMux.
func (mux *ServeMux) shouldRedirectRLocked(path string) bool {
if _, exist := mux.m[path]; exist {
return false
}
if srv.conns == nil {
srv.conns = make(map[*net.Conn]context.CancelFunc)
n := len(path)
if n == 0 {
return false
}
srv.conns[conn] = cancel
return true
if _, exist := mux.m[path+"/"]; exist {
return path[n-1] != '/'
}
return false
}
func (srv *Server) deleteConn(conn *net.Conn) {
srv.mu.Lock()
defer srv.mu.Unlock()
delete(srv.conns, conn)
// Respond dispatches the request to the responder whose
// pattern most closely matches the request URL.
func (mux *ServeMux) Respond(w *ResponseWriter, r *Request) {
path := cleanPath(r.URL.Path)
// If the given path is /tree and its handler is not registered,
// redirect for /tree/.
if u, ok := mux.redirectToPathSlash(path, r.URL); ok {
Redirect(w, r, u.String())
return
}
if path != r.URL.Path {
u := *r.URL
u.Path = path
Redirect(w, r, u.String())
return
}
mux.mu.RLock()
defer mux.mu.RUnlock()
resp := mux.match(path)
if resp == nil {
NotFound(w, r)
return
}
resp.Respond(w, r)
}
// ServeConn serves a Gemini response over the provided connection.
// It closes the connection when the response has been completed.
// If the provided context expires before the response has completed,
// ServeConn closes the connection and returns the context's error.
func (srv *Server) ServeConn(ctx context.Context, conn net.Conn) error {
return srv.serveConn(ctx, conn, true)
}
// Handle registers the responder for the given pattern.
// If a responder already exists for pattern, Handle panics.
func (mux *ServeMux) Handle(pattern string, responder Responder) {
mux.mu.Lock()
defer mux.mu.Unlock()
func (srv *Server) serveConn(ctx context.Context, conn net.Conn, external bool) error {
defer conn.Close()
ctx, cancel := context.WithCancel(ctx)
defer cancel()
if !srv.trackConn(&conn, cancel, external) {
return context.Canceled
if pattern == "" {
panic("gemini: invalid pattern")
}
defer srv.tryCloseDone()
defer srv.deleteConn(&conn)
if d := srv.ReadTimeout; d != 0 {
conn.SetReadDeadline(time.Now().Add(d))
if responder == nil {
panic("gemini: nil responder")
}
if d := srv.WriteTimeout; d != 0 {
conn.SetWriteDeadline(time.Now().Add(d))
if _, exist := mux.m[pattern]; exist {
panic("gemini: multiple registrations for " + pattern)
}
errch := make(chan error, 1)
go func() {
errch <- srv.goServeConn(ctx, conn)
}()
select {
case <-ctx.Done():
return ctx.Err()
case err := <-errch:
return err
if mux.m == nil {
mux.m = make(map[string]muxEntry)
}
e := muxEntry{responder, pattern}
mux.m[pattern] = e
if pattern[len(pattern)-1] == '/' {
mux.es = appendSorted(mux.es, e)
}
}
func (srv *Server) goServeConn(ctx context.Context, conn net.Conn) error {
ctx, cancel := context.WithCancel(ctx)
done := ctx.Done()
cw := &contextWriter{
ctx: ctx,
done: done,
cancel: cancel,
wc: conn,
func appendSorted(es []muxEntry, e muxEntry) []muxEntry {
n := len(es)
i := sort.Search(n, func(i int) bool {
return len(es[i].pattern) < len(e.pattern)
})
if i == n {
return append(es, e)
}
r := &contextReader{
ctx: ctx,
done: done,
cancel: cancel,
rc: conn,
}
w := newResponseWriter(cw)
req, err := ReadRequest(r)
if err != nil {
w.WriteHeader(StatusBadRequest, "Bad request")
return w.Flush()
}
if tlsConn, ok := conn.(*tls.Conn); ok {
state := tlsConn.ConnectionState()
req.TLS = &state
}
h := srv.Handler
if h == nil {
w.WriteHeader(StatusNotFound, "Not found")
return w.Flush()
}
h.ServeGemini(ctx, w, req)
return w.Flush()
// we now know that i points at where we want to insert
es = append(es, muxEntry{}) // try to grow the slice in place, any entry works.
copy(es[i+1:], es[i:]) // move shorter entries down
es[i] = e
return es
}
func (srv *Server) logf(format string, args ...interface{}) {
if srv.ErrorLog != nil {
srv.ErrorLog.Printf(format, args...)
} else {
log.Printf(format, args...)
// HandleFunc registers the responder function for the given pattern.
func (mux *ServeMux) HandleFunc(pattern string, responder func(*ResponseWriter, *Request)) {
if responder == nil {
panic("gemini: nil responder")
}
mux.Handle(pattern, ResponderFunc(responder))
}

76
status.go
View File

@ -1,76 +0,0 @@
package gemini
// Status represents a Gemini status code.
type Status int
// Gemini status codes.
const (
StatusInput Status = 10
StatusSensitiveInput Status = 11
StatusSuccess Status = 20
StatusRedirect Status = 30
StatusPermanentRedirect Status = 31
StatusTemporaryFailure Status = 40
StatusServerUnavailable Status = 41
StatusCGIError Status = 42
StatusProxyError Status = 43
StatusSlowDown Status = 44
StatusPermanentFailure Status = 50
StatusNotFound Status = 51
StatusGone Status = 52
StatusProxyRequestRefused Status = 53
StatusBadRequest Status = 59
StatusCertificateRequired Status = 60
StatusCertificateNotAuthorized Status = 61
StatusCertificateNotValid Status = 62
)
// Class returns the status class for the status code.
// 1x becomes 10, 2x becomes 20, and so on.
func (s Status) Class() Status {
return (s / 10) * 10
}
// String returns a text for the status code.
// It returns the empty string if the status code is unknown.
func (s Status) String() string {
switch s {
case StatusInput:
return "Input"
case StatusSensitiveInput:
return "Sensitive input"
case StatusSuccess:
return "Success"
case StatusRedirect:
return "Redirect"
case StatusPermanentRedirect:
return "Permanent redirect"
case StatusTemporaryFailure:
return "Temporary failure"
case StatusServerUnavailable:
return "Server unavailable"
case StatusCGIError:
return "CGI error"
case StatusProxyError:
return "Proxy error"
case StatusSlowDown:
return "Slow down"
case StatusPermanentFailure:
return "Permanent failure"
case StatusNotFound:
return "Not found"
case StatusGone:
return "Gone"
case StatusProxyRequestRefused:
return "Proxy request refused"
case StatusBadRequest:
return "Bad request"
case StatusCertificateRequired:
return "Certificate required"
case StatusCertificateNotAuthorized:
return "Certificate not authorized"
case StatusCertificateNotValid:
return "Certificate not valid"
}
return ""
}

177
text.go
View File

@ -3,45 +3,45 @@ package gemini
import (
"bufio"
"fmt"
"html"
"io"
"strings"
)
// Line represents a line of a Gemini text response.
type Line interface {
// String formats the line for use in a Gemini text response.
String() string
line() // private function to prevent other packages from implementing Line
}
// LineLink is a link line.
// A link line.
type LineLink struct {
URL string
Name string
}
// LinePreformattingToggle is a preformatting toggle line.
// A preformatting toggle line.
type LinePreformattingToggle string
// LinePreformattedText is a preformatted text line.
// A preformatted text line.
type LinePreformattedText string
// LineHeading1 is a first-level heading line.
// A first-level heading line.
type LineHeading1 string
// LineHeading2 is a second-level heading line.
// A second-level heading line.
type LineHeading2 string
// LineHeading3 is a third-level heading line.
// A third-level heading line.
type LineHeading3 string
// LineListItem is an unordered list item line.
// An unordered list item line.
type LineListItem string
// LineQuote is a quote line.
// A quote line.
type LineQuote string
// LineText is a text line.
// A text line.
type LineText string
func (l LineLink) String() string {
@ -88,70 +88,58 @@ func (l LineText) line() {}
// Text represents a Gemini text response.
type Text []Line
// ParseText parses Gemini text from the provided io.Reader.
func ParseText(r io.Reader) (Text, error) {
var t Text
err := ParseLines(r, func(line Line) {
t = append(t, line)
})
return t, err
}
// ParseLines parses Gemini text from the provided io.Reader.
// It calls handler with each line that it parses.
func ParseLines(r io.Reader, handler func(Line)) error {
// Parse parses Gemini text from the provided io.Reader.
func Parse(r io.Reader) Text {
const spacetab = " \t"
var t Text
var pre bool
scanner := bufio.NewScanner(r)
for scanner.Scan() {
var line Line
text := scanner.Text()
if strings.HasPrefix(text, "```") {
line := scanner.Text()
if strings.HasPrefix(line, "```") {
pre = !pre
text = text[3:]
line = LinePreformattingToggle(text)
line = line[3:]
t = append(t, LinePreformattingToggle(line))
} else if pre {
line = LinePreformattedText(text)
} else if strings.HasPrefix(text, "=>") {
text = text[2:]
text = strings.TrimLeft(text, spacetab)
split := strings.IndexAny(text, spacetab)
t = append(t, LinePreformattedText(line))
} else if strings.HasPrefix(line, "=>") {
line = line[2:]
line = strings.TrimLeft(line, spacetab)
split := strings.IndexAny(line, spacetab)
if split == -1 {
// text is a URL
line = LineLink{URL: text}
// line is a URL
t = append(t, LineLink{URL: line})
} else {
url := text[:split]
name := text[split:]
url := line[:split]
name := line[split:]
name = strings.TrimLeft(name, spacetab)
line = LineLink{url, name}
t = append(t, LineLink{url, name})
}
} else if strings.HasPrefix(text, "* ") {
text = text[2:]
text = strings.TrimLeft(text, spacetab)
line = LineListItem(text)
} else if strings.HasPrefix(text, "###") {
text = text[3:]
text = strings.TrimLeft(text, spacetab)
line = LineHeading3(text)
} else if strings.HasPrefix(text, "##") {
text = text[2:]
text = strings.TrimLeft(text, spacetab)
line = LineHeading2(text)
} else if strings.HasPrefix(text, "#") {
text = text[1:]
text = strings.TrimLeft(text, spacetab)
line = LineHeading1(text)
} else if strings.HasPrefix(text, ">") {
text = text[1:]
text = strings.TrimLeft(text, spacetab)
line = LineQuote(text)
} else if strings.HasPrefix(line, "*") {
line = line[1:]
line = strings.TrimLeft(line, spacetab)
t = append(t, LineListItem(line))
} else if strings.HasPrefix(line, "###") {
line = line[3:]
line = strings.TrimLeft(line, spacetab)
t = append(t, LineHeading3(line))
} else if strings.HasPrefix(line, "##") {
line = line[2:]
line = strings.TrimLeft(line, spacetab)
t = append(t, LineHeading2(line))
} else if strings.HasPrefix(line, "#") {
line = line[1:]
line = strings.TrimLeft(line, spacetab)
t = append(t, LineHeading1(line))
} else if strings.HasPrefix(line, ">") {
line = line[1:]
line = strings.TrimLeft(line, spacetab)
t = append(t, LineQuote(line))
} else {
line = LineText(text)
t = append(t, LineText(line))
}
handler(line)
}
return scanner.Err()
return t
}
// String writes the Gemini text response to a string and returns it.
@ -163,3 +151,70 @@ func (t Text) String() string {
}
return b.String()
}
// HTML returns the Gemini text response as HTML.
func (t Text) HTML() string {
var b strings.Builder
var pre bool
var list bool
for _, l := range t {
if _, ok := l.(LineListItem); ok {
if !list {
list = true
fmt.Fprint(&b, "<ul>\n")
}
} else if list {
list = false
fmt.Fprint(&b, "</ul>\n")
}
switch l.(type) {
case LineLink:
link := l.(LineLink)
url := html.EscapeString(link.URL)
name := html.EscapeString(link.Name)
if name == "" {
name = url
}
fmt.Fprintf(&b, "<p><a href='%s'>%s</a></p>\n", url, name)
case LinePreformattingToggle:
pre = !pre
if pre {
fmt.Fprint(&b, "<pre>\n")
} else {
fmt.Fprint(&b, "</pre>\n")
}
case LinePreformattedText:
text := string(l.(LinePreformattedText))
fmt.Fprintf(&b, "%s\n", html.EscapeString(text))
case LineHeading1:
text := string(l.(LineHeading1))
fmt.Fprintf(&b, "<h1>%s</h1>\n", html.EscapeString(text))
case LineHeading2:
text := string(l.(LineHeading2))
fmt.Fprintf(&b, "<h2>%s</h2>\n", html.EscapeString(text))
case LineHeading3:
text := string(l.(LineHeading3))
fmt.Fprintf(&b, "<h3>%s</h3>\n", html.EscapeString(text))
case LineListItem:
text := string(l.(LineListItem))
fmt.Fprintf(&b, "<li>%s</li>\n", html.EscapeString(text))
case LineQuote:
text := string(l.(LineQuote))
fmt.Fprintf(&b, "<blockquote>%s</blockquote>\n", html.EscapeString(text))
case LineText:
text := string(l.(LineText))
if text == "" {
fmt.Fprint(&b, "<br>\n")
} else {
fmt.Fprintf(&b, "<p>%s</p>\n", html.EscapeString(text))
}
}
}
if pre {
fmt.Fprint(&b, "</pre>\n")
}
if list {
fmt.Fprint(&b, "</ul>\n")
}
return b.String()
}

197
tofu.go Normal file
View File

@ -0,0 +1,197 @@
package gemini
import (
"bufio"
"bytes"
"crypto/sha512"
"crypto/x509"
"fmt"
"io"
"os"
"path/filepath"
"strconv"
"strings"
"time"
)
// KnownHosts represents a list of known hosts.
// The zero value for KnownHosts is an empty list ready to use.
type KnownHosts struct {
hosts map[string]certInfo
file *os.File
}
// LoadDefault loads the known hosts from the default known hosts path, which is
// $XDG_DATA_HOME/gemini/known_hosts.
// It creates the path and any of its parent directories if they do not exist.
// KnownHosts will append to the file whenever a certificate is added.
func (k *KnownHosts) LoadDefault() error {
path, err := defaultKnownHostsPath()
if err != nil {
return err
}
return k.Load(path)
}
// Load loads the known hosts from the provided path.
// It creates the path and any of its parent directories if they do not exist.
// KnownHosts will append to the file whenever a certificate is added.
func (k *KnownHosts) Load(path string) error {
if dir := filepath.Dir(path); dir != "." {
err := os.MkdirAll(dir, 0755)
if err != nil {
return err
}
}
f, err := os.OpenFile(path, os.O_CREATE|os.O_RDONLY, 0644)
if err != nil {
return err
}
k.Parse(f)
f.Close()
// Open the file for append-only use
f, err = os.OpenFile(path, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0644)
if err != nil {
return err
}
k.file = f
return nil
}
// Add adds a certificate to the list of known hosts.
// If KnownHosts was loaded from a file, Add will append to the file.
func (k *KnownHosts) Add(hostname string, cert *x509.Certificate) {
k.add(hostname, cert, true)
}
// AddTemporary adds a certificate to the list of known hosts
// without writing it to the known hosts file.
func (k *KnownHosts) AddTemporary(hostname string, cert *x509.Certificate) {
k.add(hostname, cert, false)
}
func (k *KnownHosts) add(hostname string, cert *x509.Certificate, write bool) {
if k.hosts == nil {
k.hosts = map[string]certInfo{}
}
info := certInfo{
Algorithm: "SHA-512",
Fingerprint: Fingerprint(cert),
Expires: cert.NotAfter.Unix(),
}
k.hosts[hostname] = info
// Append to the file
if write && k.file != nil {
appendKnownHost(k.file, hostname, info)
}
}
// Lookup looks for the provided certificate in the list of known hosts.
// If the hostname is in the list, but the fingerprint differs,
// Lookup returns ErrCertificateNotTrusted.
// If the hostname is not in the list, Lookup returns ErrCertificateUnknown.
// If the certificate is found and the fingerprint matches, error will be nil.
func (k *KnownHosts) Lookup(hostname string, cert *x509.Certificate) error {
now := time.Now().Unix()
fingerprint := Fingerprint(cert)
if c, ok := k.hosts[hostname]; ok {
if c.Expires <= now {
// Certificate is expired
return ErrCertificateUnknown
}
if c.Fingerprint != fingerprint {
// Fingerprint does not match
return ErrCertificateNotTrusted
}
// Certificate is trusted
return nil
}
return ErrCertificateUnknown
}
// Parse parses the provided reader and adds the parsed known hosts to the list.
// Invalid lines are ignored.
func (k *KnownHosts) Parse(r io.Reader) {
if k.hosts == nil {
k.hosts = map[string]certInfo{}
}
scanner := bufio.NewScanner(r)
for scanner.Scan() {
text := scanner.Text()
parts := strings.Split(text, " ")
if len(parts) < 4 {
continue
}
hostname := parts[0]
algorithm := parts[1]
if algorithm != "SHA-512" {
continue
}
fingerprint := parts[2]
expires, err := strconv.ParseInt(parts[3], 10, 0)
if err != nil {
continue
}
k.hosts[hostname] = certInfo{
Algorithm: algorithm,
Fingerprint: fingerprint,
Expires: expires,
}
}
}
// Write writes the known hosts to the provided io.Writer.
func (k *KnownHosts) Write(w io.Writer) {
for h, c := range k.hosts {
appendKnownHost(w, h, c)
}
}
type certInfo struct {
Algorithm string // fingerprint algorithm e.g. SHA-512
Fingerprint string // fingerprint in hexadecimal, with ':' between each octet
Expires int64 // unix time of certificate notAfter date
}
func appendKnownHost(w io.Writer, hostname string, c certInfo) (int, error) {
return fmt.Fprintf(w, "%s %s %s %d\n", hostname, c.Algorithm, c.Fingerprint, c.Expires)
}
// Fingerprint returns the SHA-512 fingerprint of the provided certificate.
func Fingerprint(cert *x509.Certificate) string {
sum512 := sha512.Sum512(cert.Raw)
var buf bytes.Buffer
for i, f := range sum512 {
if i > 0 {
fmt.Fprintf(&buf, ":")
}
fmt.Fprintf(&buf, "%02X", f)
}
return buf.String()
}
// defaultKnownHostsPath returns the default known_hosts path.
// The default path is $XDG_DATA_HOME/gemini/known_hosts
func defaultKnownHostsPath() (string, error) {
dataDir, err := userDataDir()
if err != nil {
return "", err
}
return filepath.Join(dataDir, "gemini", "known_hosts"), nil
}
// userDataDir returns the user data directory.
func userDataDir() (string, error) {
dataDir, ok := os.LookupEnv("XDG_DATA_HOME")
if ok {
return dataDir, nil
}
home, err := os.UserHomeDir()
if err != nil {
return "", err
}
return filepath.Join(home, ".local", "share"), nil
}

336
tofu/tofu.go
View File

@ -1,336 +0,0 @@
// Package tofu implements trust on first use using hosts and fingerprints.
package tofu
import (
"bufio"
"bytes"
"crypto/sha256"
"crypto/x509"
"encoding/base64"
"fmt"
"io"
"os"
"path/filepath"
"sort"
"strings"
"sync"
)
// KnownHosts represents a list of known hosts.
// The zero value for KnownHosts represents an empty list ready to use.
//
// KnownHosts is safe for concurrent use by multiple goroutines.
type KnownHosts struct {
hosts map[string]Host
mu sync.RWMutex
}
// Add adds a host to the list of known hosts.
func (k *KnownHosts) Add(h Host) {
k.mu.Lock()
defer k.mu.Unlock()
if k.hosts == nil {
k.hosts = map[string]Host{}
}
k.hosts[h.Hostname] = h
}
// Lookup returns the known host entry corresponding to the given hostname.
func (k *KnownHosts) Lookup(hostname string) (Host, bool) {
k.mu.RLock()
defer k.mu.RUnlock()
c, ok := k.hosts[hostname]
return c, ok
}
// Entries returns the known host entries sorted by hostname.
func (k *KnownHosts) Entries() []Host {
keys := make([]string, 0, len(k.hosts))
for key := range k.hosts {
keys = append(keys, key)
}
sort.Strings(keys)
hosts := make([]Host, 0, len(k.hosts))
for _, key := range keys {
hosts = append(hosts, k.hosts[key])
}
return hosts
}
// WriteTo writes the list of known hosts to the provided io.Writer.
func (k *KnownHosts) WriteTo(w io.Writer) (int64, error) {
k.mu.RLock()
defer k.mu.RUnlock()
var written int
bw := bufio.NewWriter(w)
for _, h := range k.hosts {
n, err := bw.WriteString(h.String())
written += n
if err != nil {
return int64(written), err
}
bw.WriteByte('\n')
written += 1
}
return int64(written), bw.Flush()
}
// Load loads the known hosts entries from the provided path.
func (k *KnownHosts) Load(path string) error {
if err := os.MkdirAll(filepath.Dir(path), 0700); err != nil {
return err
}
f, err := os.OpenFile(path, os.O_CREATE|os.O_RDONLY, 0644)
if err != nil {
return err
}
defer f.Close()
return k.Parse(f)
}
// Parse parses the provided io.Reader and adds the parsed hosts to the list.
// Invalid entries are ignored.
//
// For more control over errors encountered during parsing, use bufio.Scanner
// in combination with ParseHost. For example:
//
// var knownHosts tofu.KnownHosts
// scanner := bufio.NewScanner(r)
// for scanner.Scan() {
// host, err := tofu.ParseHost(scanner.Bytes())
// if err != nil {
// // handle error
// } else {
// knownHosts.Add(host)
// }
// }
// err := scanner.Err()
// if err != nil {
// // handle error
// }
//
func (k *KnownHosts) Parse(r io.Reader) error {
k.mu.Lock()
defer k.mu.Unlock()
if k.hosts == nil {
k.hosts = map[string]Host{}
}
scanner := bufio.NewScanner(r)
for scanner.Scan() {
text := scanner.Bytes()
if len(text) == 0 {
continue
}
h, err := ParseHost(text)
if err != nil {
continue
}
if h.Algorithm != "sha256" {
continue
}
k.hosts[h.Hostname] = h
}
return scanner.Err()
}
// TOFU implements basic trust on first use.
//
// If the host is not on file, it is added to the list.
// If the fingerprint does not match the one on file, an error is returned.
func (k *KnownHosts) TOFU(hostname string, cert *x509.Certificate) error {
host := NewHost(hostname, cert.Raw)
knownHost, ok := k.Lookup(hostname)
if !ok {
k.Add(host)
return nil
}
if host.Fingerprint != knownHost.Fingerprint {
return fmt.Errorf("fingerprint for %q does not match", hostname)
}
return nil
}
// HostWriter writes host entries to an io.WriteCloser.
//
// HostWriter is safe for concurrent use by multiple goroutines.
type HostWriter struct {
bw *bufio.Writer
cl io.Closer
mu sync.Mutex
}
// NewHostWriter returns a new host writer that writes to
// the provided io.WriteCloser.
func NewHostWriter(w io.WriteCloser) *HostWriter {
return &HostWriter{
bw: bufio.NewWriter(w),
cl: w,
}
}
// OpenHostsFile returns a new host writer that appends to the file at the given path.
// The file is created if it does not exist.
func OpenHostsFile(path string) (*HostWriter, error) {
f, err := os.OpenFile(path, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
if err != nil {
return nil, err
}
return NewHostWriter(f), nil
}
// WriteHost writes the host to the underlying io.Writer.
func (h *HostWriter) WriteHost(host Host) error {
h.mu.Lock()
defer h.mu.Unlock()
h.bw.WriteString(host.String())
h.bw.WriteByte('\n')
if err := h.bw.Flush(); err != nil {
return fmt.Errorf("failed to write host: %w", err)
}
return nil
}
// Close closes the underlying io.Closer.
func (h *HostWriter) Close() error {
h.mu.Lock()
defer h.mu.Unlock()
return h.cl.Close()
}
// PersistentHosts represents a persistent set of known hosts.
type PersistentHosts struct {
hosts *KnownHosts
writer *HostWriter
}
// NewPersistentHosts returns a new persistent set of known hosts that stores
// known hosts in hosts and writes new hosts to writer.
func NewPersistentHosts(hosts *KnownHosts, writer *HostWriter) *PersistentHosts {
return &PersistentHosts{
hosts,
writer,
}
}
// LoadPersistentHosts loads persistent hosts from the file at the given path.
func LoadPersistentHosts(path string) (*PersistentHosts, error) {
hosts := &KnownHosts{}
if err := hosts.Load(path); err != nil {
return nil, err
}
writer, err := OpenHostsFile(path)
if err != nil {
return nil, err
}
return &PersistentHosts{
hosts,
writer,
}, nil
}
// Add adds a host to the list of known hosts.
// It returns an error if the host could not be persisted.
func (p *PersistentHosts) Add(h Host) error {
err := p.writer.WriteHost(h)
if err != nil {
return fmt.Errorf("failed to persist host: %w", err)
}
p.hosts.Add(h)
return nil
}
// Lookup returns the known host entry corresponding to the given hostname.
func (p *PersistentHosts) Lookup(hostname string) (Host, bool) {
return p.hosts.Lookup(hostname)
}
// Entries returns the known host entries sorted by hostname.
func (p *PersistentHosts) Entries() []Host {
return p.hosts.Entries()
}
// TOFU implements trust on first use with a persistent set of known hosts.
//
// If the host is not on file, it is added to the list.
// If the fingerprint does not match the one on file, an error is returned.
func (p *PersistentHosts) TOFU(hostname string, cert *x509.Certificate) error {
host := NewHost(hostname, cert.Raw)
knownHost, ok := p.Lookup(hostname)
if !ok {
return p.Add(host)
}
if host.Fingerprint != knownHost.Fingerprint {
return fmt.Errorf("fingerprint for %q does not match", hostname)
}
return nil
}
// Close closes the underlying HostWriter.
func (p *PersistentHosts) Close() error {
return p.writer.Close()
}
// Host represents a host entry with a fingerprint using a certain algorithm.
type Host struct {
Hostname string // hostname
Algorithm string // fingerprint algorithm e.g. sha256
Fingerprint string // fingerprint
}
// NewHost returns a new host with a SHA256 fingerprint of
// the provided raw data.
func NewHost(hostname string, raw []byte) Host {
sum := sha256.Sum256(raw)
return Host{
Hostname: hostname,
Algorithm: "sha256",
Fingerprint: base64.StdEncoding.EncodeToString(sum[:]),
}
}
// ParseHost parses a host from the provided text.
func ParseHost(text []byte) (Host, error) {
var h Host
err := h.UnmarshalText(text)
return h, err
}
// String returns a string representation of the host.
func (h Host) String() string {
var b strings.Builder
b.WriteString(h.Hostname)
b.WriteByte(' ')
b.WriteString(h.Algorithm)
b.WriteByte(' ')
b.WriteString(h.Fingerprint)
return b.String()
}
// UnmarshalText unmarshals the host from the provided text.
func (h *Host) UnmarshalText(text []byte) error {
parts := bytes.Split(text, []byte(" "))
if len(parts) != 3 {
return fmt.Errorf("expected the format 'hostname algorithm fingerprint'")
}
h.Hostname = string(parts[0])
h.Algorithm = string(parts[1])
h.Fingerprint = string(parts[2])
return nil
}

212
vendor.go Normal file
View File

@ -0,0 +1,212 @@
// Hostname verification code from the crypto/x509 package.
// Modified to allow Common Names in the short term, until new certificates
// can be issued with SANs.
// Copyright 2011 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package gemini
import (
"crypto/x509"
"net"
"strings"
"unicode/utf8"
)
var oidExtensionSubjectAltName = []int{2, 5, 29, 17}
func hasSANExtension(c *x509.Certificate) bool {
for _, e := range c.Extensions {
if e.Id.Equal(oidExtensionSubjectAltName) {
return true
}
}
return false
}
func validHostnamePattern(host string) bool { return validHostname(host, true) }
func validHostnameInput(host string) bool { return validHostname(host, false) }
// validHostname reports whether host is a valid hostname that can be matched or
// matched against according to RFC 6125 2.2, with some leniency to accommodate
// legacy values.
func validHostname(host string, isPattern bool) bool {
if !isPattern {
host = strings.TrimSuffix(host, ".")
}
if len(host) == 0 {
return false
}
for i, part := range strings.Split(host, ".") {
if part == "" {
// Empty label.
return false
}
if isPattern && i == 0 && part == "*" {
// Only allow full left-most wildcards, as those are the only ones
// we match, and matching literal '*' characters is probably never
// the expected behavior.
continue
}
for j, c := range part {
if 'a' <= c && c <= 'z' {
continue
}
if '0' <= c && c <= '9' {
continue
}
if 'A' <= c && c <= 'Z' {
continue
}
if c == '-' && j != 0 {
continue
}
if c == '_' {
// Not a valid character in hostnames, but commonly
// found in deployments outside the WebPKI.
continue
}
return false
}
}
return true
}
// commonNameAsHostname reports whether the Common Name field should be
// considered the hostname that the certificate is valid for. This is a legacy
// behavior, disabled by default or if the Subject Alt Name extension is present.
//
// It applies the strict validHostname check to the Common Name field, so that
// certificates without SANs can still be validated against CAs with name
// constraints if there is no risk the CN would be matched as a hostname.
// See NameConstraintsWithoutSANs and issue 24151.
func commonNameAsHostname(c *x509.Certificate) bool {
return !hasSANExtension(c) && validHostnamePattern(c.Subject.CommonName)
}
func matchExactly(hostA, hostB string) bool {
if hostA == "" || hostA == "." || hostB == "" || hostB == "." {
return false
}
return toLowerCaseASCII(hostA) == toLowerCaseASCII(hostB)
}
func matchHostnames(pattern, host string) bool {
pattern = toLowerCaseASCII(pattern)
host = toLowerCaseASCII(strings.TrimSuffix(host, "."))
if len(pattern) == 0 || len(host) == 0 {
return false
}
patternParts := strings.Split(pattern, ".")
hostParts := strings.Split(host, ".")
if len(patternParts) != len(hostParts) {
return false
}
for i, patternPart := range patternParts {
if i == 0 && patternPart == "*" {
continue
}
if patternPart != hostParts[i] {
return false
}
}
return true
}
// toLowerCaseASCII returns a lower-case version of in. See RFC 6125 6.4.1. We use
// an explicitly ASCII function to avoid any sharp corners resulting from
// performing Unicode operations on DNS labels.
func toLowerCaseASCII(in string) string {
// If the string is already lower-case then there's nothing to do.
isAlreadyLowerCase := true
for _, c := range in {
if c == utf8.RuneError {
// If we get a UTF-8 error then there might be
// upper-case ASCII bytes in the invalid sequence.
isAlreadyLowerCase = false
break
}
if 'A' <= c && c <= 'Z' {
isAlreadyLowerCase = false
break
}
}
if isAlreadyLowerCase {
return in
}
out := []byte(in)
for i, c := range out {
if 'A' <= c && c <= 'Z' {
out[i] += 'a' - 'A'
}
}
return string(out)
}
// verifyHostname returns nil if c is a valid certificate for the named host.
// Otherwise it returns an error describing the mismatch.
//
// IP addresses can be optionally enclosed in square brackets and are checked
// against the IPAddresses field. Other names are checked case insensitively
// against the DNSNames field. If the names are valid hostnames, the certificate
// fields can have a wildcard as the left-most label.
//
// The legacy Common Name field is ignored unless it's a valid hostname, the
// certificate doesn't have any Subject Alternative Names, and the GODEBUG
// environment variable is set to "x509ignoreCN=0". Support for Common Name is
// deprecated will be entirely removed in the future.
func verifyHostname(c *x509.Certificate, h string) error {
// IP addresses may be written in [ ].
candidateIP := h
if len(h) >= 3 && h[0] == '[' && h[len(h)-1] == ']' {
candidateIP = h[1 : len(h)-1]
}
if ip := net.ParseIP(candidateIP); ip != nil {
// We only match IP addresses against IP SANs.
// See RFC 6125, Appendix B.2.
for _, candidate := range c.IPAddresses {
if ip.Equal(candidate) {
return nil
}
}
return x509.HostnameError{c, candidateIP}
}
names := c.DNSNames
if commonNameAsHostname(c) {
names = []string{c.Subject.CommonName}
}
candidateName := toLowerCaseASCII(h) // Save allocations inside the loop.
validCandidateName := validHostnameInput(candidateName)
for _, match := range names {
// Ideally, we'd only match valid hostnames according to RFC 6125 like
// browsers (more or less) do, but in practice Go is used in a wider
// array of contexts and can't even assume DNS resolution. Instead,
// always allow perfect matches, and only apply wildcard and trailing
// dot processing to valid hostnames.
if validCandidateName && validHostnamePattern(match) {
if matchHostnames(match, candidateName) {
return nil
}
} else {
if matchExactly(match, candidateName) {
return nil
}
}
}
return x509.HostnameError{c, h}
}