From 7517538d2fccd75dbfb4f8b5ac9194bf0bbbda76 Mon Sep 17 00:00:00 2001
From: tjpcc <tjp@ctrl-c.club>
Date: Fri, 8 Sep 2023 14:54:50 -0600
Subject: fixes & improvements

- refactored main.go to do everything which requires root *first*,
  before dropping privs. this includes binding to finger and gopher
  ports.
- added gopher support!
- fixed CGI handling
- new cgi-bin/private directory handling in gemini which requires
  specific TLS client certs (can't do this in gopher, no TLS)
- sliderule version bump brings in lots of fixes on the sliderule side
---
 routes.go | 46 ++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 44 insertions(+), 2 deletions(-)

(limited to 'routes.go')

diff --git a/routes.go b/routes.go
index 35bdfc1..c4c9df0 100644
--- a/routes.go
+++ b/routes.go
@@ -21,12 +21,14 @@ import (
 func geminiRouter(conf config) sr.Handler {
 	fsys := os.DirFS(conf.geminiRoot)
 
+	privileged := tlsAuth(conf.privilegedUsers)
+
 	router := &sr.Router{}
 
 	router.Route(
 		"/*",
 		gemini.GeminiOnly(true)(sr.FallthroughHandler(
-			fs.TitanUpload(tlsAuth(conf.uploaderFingerprints), conf.geminiRoot)(postUploadRedirect),
+			fs.TitanUpload(privileged, conf.geminiRoot)(postUploadRedirect),
 			fs.GeminiFileHandler(fsys),
 			fs.GeminiDirectoryDefault(fsys, "index.gmi"),
 			fs.GeminiDirectoryListing(fsys, nil),
@@ -35,7 +37,47 @@ func geminiRouter(conf config) sr.Handler {
 
 	router.Route(
 		"/cgi-bin/*",
-		gemini.GeminiOnly(false)(cgi.GeminiCGIDirectory("/cgi-bin/", "./cgi-bin/")),
+		gemini.GeminiOnly(false)(cgi.GeminiCGIDirectory(
+			"/cgi-bin/",
+			strings.Join([]string{".", strings.Trim(conf.geminiRoot, "/"), "cgi-bin"}, "/"),
+		)),
+	)
+
+	router.Route(
+		"/cgi-bin/private/*",
+		gemini.GeminiOnly(false)(tlsauth.GeminiAuth(privileged)(
+			cgi.GeminiCGIDirectory("/cgi-bin/private/", strings.Join([]string{
+				".",
+				strings.Trim(conf.geminiRoot, "/"),
+				"cgi-bin",
+				"private",
+			}, "/")),
+		)),
+	)
+
+	return router.Handler()
+}
+
+func gopherRouter(conf config) sr.Handler {
+	fsys := os.DirFS(conf.gopherRoot)
+
+	router := &sr.Router{}
+
+	router.Route(
+		"/*",
+		sr.FallthroughHandler(
+			fs.GopherFileHandler(fsys),
+			fs.GopherDirectoryDefault(fsys, "index.gophermap"),
+			fs.GopherDirectoryListing(fsys, nil),
+		),
+	)
+
+	router.Route(
+		"/cgi-bin/*",
+		cgi.GopherCGIDirectory(
+			"/cgi-bin/",
+			strings.Join([]string{".", strings.Trim(conf.gopherRoot, "/"), "cgi-bin"}, "/"),
+		),
 	)
 
 	return router.Handler()
-- 
cgit v1.2.3