Fix Gemini protocol status codes and error handling
- Path security violations now return 51 (Not Found) instead of 59 (Bad Request) - Timeouts return 41 (Server Unavailable) per Gemini spec - Add comprehensive request validation: empty requests, oversized requests (>1024 bytes), malformed URLs - Fix CLI argument conflict (config -c vs cert -c) - Update documentation with status codes, error handling guidelines, and lint checking - Add environment setup instructions for clippy and cargo PATH
This commit is contained in:
parent
2347c04211
commit
9d29321806
5 changed files with 166 additions and 62 deletions
107
src/server.rs
107
src/server.rs
|
|
@ -1,4 +1,4 @@
|
|||
use crate::request::{parse_gemini_url, resolve_file_path, get_mime_type};
|
||||
use crate::request::{parse_gemini_url, resolve_file_path, get_mime_type, PathResolutionError};
|
||||
use crate::logging::RequestLogger;
|
||||
use std::fs;
|
||||
use std::io;
|
||||
|
|
@ -21,7 +21,7 @@ pub async fn serve_file(
|
|||
stream.flush().await?;
|
||||
Ok(())
|
||||
} else {
|
||||
Err(io::Error::new(io::ErrorKind::NotFound, "File not found"))
|
||||
Err(tokio::io::Error::new(tokio::io::ErrorKind::NotFound, "File not found"))
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -37,7 +37,7 @@ pub async fn handle_connection(
|
|||
let read_future = async {
|
||||
loop {
|
||||
if request_buf.len() >= MAX_REQUEST_SIZE {
|
||||
return Err(io::Error::new(io::ErrorKind::InvalidData, "Request too large"));
|
||||
return Err(tokio::io::Error::new(tokio::io::ErrorKind::InvalidData, "Request too large"));
|
||||
}
|
||||
let mut byte = [0; 1];
|
||||
stream.read_exact(&mut byte).await?;
|
||||
|
|
@ -49,43 +49,80 @@ pub async fn handle_connection(
|
|||
Ok(())
|
||||
};
|
||||
|
||||
if timeout(REQUEST_TIMEOUT, read_future).await.is_err() {
|
||||
let request_str = String::from_utf8_lossy(&request_buf).trim().to_string();
|
||||
let logger = RequestLogger::new(&stream, request_str);
|
||||
logger.log_error(59, "Request timeout");
|
||||
send_response(&mut stream, "59 Bad Request\r\n").await?;
|
||||
return Ok(());
|
||||
}
|
||||
match timeout(REQUEST_TIMEOUT, read_future).await {
|
||||
Ok(Ok(())) => {
|
||||
// Read successful, continue processing
|
||||
let request = String::from_utf8_lossy(&request_buf).trim().to_string();
|
||||
|
||||
let request = String::from_utf8_lossy(&request_buf).trim().to_string();
|
||||
// Validate request
|
||||
if request.is_empty() {
|
||||
let logger = RequestLogger::new(&stream, request);
|
||||
logger.log_error(59, "Empty request");
|
||||
return send_response(&mut stream, "59 Bad Request\r\n").await;
|
||||
}
|
||||
|
||||
// Parse Gemini URL
|
||||
let path = match parse_gemini_url(&request, expected_host) {
|
||||
Ok(p) => p,
|
||||
if request.len() > 1024 {
|
||||
let logger = RequestLogger::new(&stream, request);
|
||||
logger.log_error(59, "Request too large");
|
||||
return send_response(&mut stream, "59 Bad Request\r\n").await;
|
||||
}
|
||||
|
||||
// Parse Gemini URL
|
||||
let path = match parse_gemini_url(&request, expected_host) {
|
||||
Ok(p) => p,
|
||||
Err(_) => {
|
||||
let logger = RequestLogger::new(&stream, request);
|
||||
logger.log_error(59, "Invalid URL format");
|
||||
return send_response(&mut stream, "59 Bad Request\r\n").await;
|
||||
}
|
||||
};
|
||||
|
||||
// Initialize logger now that we have the full request URL
|
||||
let logger = RequestLogger::new(&stream, request);
|
||||
|
||||
// Resolve file path with security
|
||||
let file_path = match resolve_file_path(&path, dir) {
|
||||
Ok(fp) => fp,
|
||||
Err(PathResolutionError::NotFound) => {
|
||||
logger.log_error(51, "File not found");
|
||||
return send_response(&mut stream, "51 Not found\r\n").await;
|
||||
}
|
||||
};
|
||||
|
||||
// Serve the file
|
||||
match serve_file(&mut stream, &file_path).await {
|
||||
Ok(_) => logger.log_success(20),
|
||||
Err(_) => {
|
||||
// This shouldn't happen since we check existence, but handle gracefully
|
||||
logger.log_error(51, "File not found");
|
||||
send_response(&mut stream, "51 Not found\r\n").await?;
|
||||
}
|
||||
}
|
||||
},
|
||||
Ok(Err(e)) => {
|
||||
// Read failed, check error type
|
||||
let request_str = String::from_utf8_lossy(&request_buf).trim().to_string();
|
||||
let logger = RequestLogger::new(&stream, request_str);
|
||||
|
||||
match e.kind() {
|
||||
tokio::io::ErrorKind::InvalidData => {
|
||||
logger.log_error(59, "Request too large");
|
||||
let _ = send_response(&mut stream, "59 Bad Request\r\n").await;
|
||||
},
|
||||
_ => {
|
||||
logger.log_error(59, "Bad request");
|
||||
let _ = send_response(&mut stream, "59 Bad Request\r\n").await;
|
||||
}
|
||||
}
|
||||
},
|
||||
Err(_) => {
|
||||
let logger = RequestLogger::new(&stream, request.clone());
|
||||
logger.log_error(59, "Invalid URL format");
|
||||
send_response(&mut stream, "59 Bad Request\r\n").await?;
|
||||
// Timeout
|
||||
let request_str = String::from_utf8_lossy(&request_buf).trim().to_string();
|
||||
let logger = RequestLogger::new(&stream, request_str);
|
||||
logger.log_error(41, "Server unavailable");
|
||||
let _ = send_response(&mut stream, "41 Server unavailable\r\n").await;
|
||||
return Ok(());
|
||||
}
|
||||
};
|
||||
|
||||
// Initialize logger now that we have the full request URL
|
||||
let logger = RequestLogger::new(&stream, request.clone());
|
||||
|
||||
// Resolve file path with security
|
||||
let file_path = match resolve_file_path(&path, dir) {
|
||||
Ok(fp) => fp,
|
||||
Err(_) => {
|
||||
logger.log_error(59, "Path traversal attempt");
|
||||
return send_response(&mut stream, "59 Bad Request\r\n").await;
|
||||
}
|
||||
};
|
||||
|
||||
// Serve the file
|
||||
match serve_file(&mut stream, &file_path).await {
|
||||
Ok(_) => logger.log_success(20),
|
||||
Err(_) => logger.log_error(51, "File not found"),
|
||||
}
|
||||
|
||||
Ok(())
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue