Change prefix to davpath
- fill out unveil function names - switch to suah.dev for module - pu: stop warning on non-openbsd systems
This commit is contained in:
parent
04769e8cf0
commit
ddaac6f700
2
go.mod
2
go.mod
@ -1,4 +1,4 @@
|
|||||||
module github.com/qbit/gavin
|
module suah.dev/gavin
|
||||||
|
|
||||||
go 1.13
|
go 1.13
|
||||||
|
|
||||||
|
|||||||
23
main.go
23
main.go
@ -11,16 +11,16 @@ import (
|
|||||||
"path/filepath"
|
"path/filepath"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/qbit/gavin/pu"
|
|
||||||
"golang.org/x/crypto/bcrypt"
|
"golang.org/x/crypto/bcrypt"
|
||||||
"golang.org/x/net/webdav"
|
"golang.org/x/net/webdav"
|
||||||
|
"suah.dev/gavin/pu"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
davDir string
|
davDir string
|
||||||
listen string
|
listen string
|
||||||
passPath string
|
passPath string
|
||||||
prefix string
|
davPath string
|
||||||
staticDir string
|
staticDir string
|
||||||
users map[string]string
|
users map[string]string
|
||||||
)
|
)
|
||||||
@ -29,20 +29,21 @@ func init() {
|
|||||||
users = make(map[string]string)
|
users = make(map[string]string)
|
||||||
dir, err := filepath.Abs(filepath.Dir(os.Args[0]))
|
dir, err := filepath.Abs(filepath.Dir(os.Args[0]))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatalln(err);
|
log.Fatalln(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
flag.StringVar(&davDir, "davdir", dir, "Directory to serve over WebDAV.")
|
flag.StringVar(&davDir, "davdir", dir, "Directory to serve over WebDAV.")
|
||||||
flag.StringVar(&listen, "http", ":8080", "Listen on")
|
flag.StringVar(&listen, "http", ":8080", "Listen on")
|
||||||
flag.StringVar(&passPath, "htpass", fmt.Sprintf("%s/.htpasswd", dir), "Path to .htpasswd file..")
|
flag.StringVar(&passPath, "htpass", fmt.Sprintf("%s/.htpasswd", dir), "Path to .htpasswd file..")
|
||||||
flag.StringVar(&prefix, "prefix", "/dav/", "Prefix to serve davdir from.")
|
flag.StringVar(&davPath, "davpath", "/dav/", "Directory containing files to serve over WebDAV.")
|
||||||
flag.StringVar(&staticDir, "static", dir, "Directory to serve static resources from.")
|
flag.StringVar(&staticDir, "static", dir, "Directory to serve static resources from. Served at '/'.")
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
||||||
pu.U(staticDir, "r")
|
// These are OpenBSD specific protections used to prevent un-necesary file access.
|
||||||
pu.U(passPath, "r")
|
pu.Unveil(staticDir, "r")
|
||||||
pu.U(davDir, "rwc")
|
pu.Unveil(passPath, "r")
|
||||||
err = pu.UBlock()
|
pu.Unveil(davDir, "rwc")
|
||||||
|
err = pu.UnveilBlock()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
}
|
}
|
||||||
@ -81,7 +82,7 @@ func validate(user string, pass string) bool {
|
|||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
wdav := &webdav.Handler{
|
wdav := &webdav.Handler{
|
||||||
Prefix: prefix,
|
Prefix: davPath,
|
||||||
LockSystem: webdav.NewMemLS(),
|
LockSystem: webdav.NewMemLS(),
|
||||||
FileSystem: webdav.Dir(davDir),
|
FileSystem: webdav.Dir(davDir),
|
||||||
Logger: func(r *http.Request, err error) {
|
Logger: func(r *http.Request, err error) {
|
||||||
@ -99,7 +100,7 @@ func main() {
|
|||||||
|
|
||||||
mux := http.NewServeMux()
|
mux := http.NewServeMux()
|
||||||
mux.Handle("/", http.FileServer(http.Dir(staticDir)))
|
mux.Handle("/", http.FileServer(http.Dir(staticDir)))
|
||||||
mux.HandleFunc(prefix, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
mux.HandleFunc(davPath, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
user, pass, ok := r.BasicAuth()
|
user, pass, ok := r.BasicAuth()
|
||||||
if !(ok && validate(user, pass)) {
|
if !(ok && validate(user, pass)) {
|
||||||
w.Header().Set("WWW-Authenticate", `Basic realm="davfs"`)
|
w.Header().Set("WWW-Authenticate", `Basic realm="davfs"`)
|
||||||
|
|||||||
14
pu/pu.go
14
pu/pu.go
@ -4,10 +4,14 @@ package pu
|
|||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
|
||||||
func U(path string, perms string) {
|
func Pledge(promisess string) {
|
||||||
fmt.Printf("WARNING: no unveil (%s, %s)\n", path, perms)
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func UBlock() error {
|
func Unveil(path string, perms string) {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func UnveilBlock() error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|||||||
@ -6,10 +6,14 @@ import (
|
|||||||
"golang.org/x/sys/unix"
|
"golang.org/x/sys/unix"
|
||||||
)
|
)
|
||||||
|
|
||||||
func U(path string, perms string) {
|
func Pledge(promises string) {
|
||||||
|
unix.PledgePromises(promises)
|
||||||
|
}
|
||||||
|
|
||||||
|
func Unveil(path string, perms string) {
|
||||||
unix.Unveil(path, perms)
|
unix.Unveil(path, perms)
|
||||||
}
|
}
|
||||||
|
|
||||||
func UBlock() error {
|
func UnveilBlock() error {
|
||||||
return unix.UnveilBlock()
|
return unix.UnveilBlock()
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user