diamant 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: a987ba57250c314c052adfa5f913be3312999154e64aa346df39e7c318c41f39
+  data.tar.gz: 052f61456c18fdfe8241f3333e81a1c8ab85d7a8fcd8fb4f671179793e5ce1ee
+SHA512:
+  metadata.gz: 32ba003a7ce3c3f40f498ad51c7de1a4a292d1f0f13a89855c288ea08555cdfcf5d0bf6ecd39cc08d98097662675af96aa4f74c102f667e7edd19e984b7561e8
+  data.tar.gz: 3521229067830e6f91cca8bb0732ae70a2ac9a7cc04072a11b2513b0e1e5b9494300e5f722c4bbdba25c8e651401f068ce30f240acb2b6b161b30ae1a215ea95

data/LICENSE

@@ -0,0 +1,14 @@
+            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+                    Version 2, December 2004
+
+ Copyright (C) 2004 Sam Hocevar <sam@hocevar.net>
+
+ Everyone is permitted to copy and distribute verbatim or modified
+ copies of this license document, and changing it is allowed as long
+ as the name is changed.
+
+            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. You just DO WHAT THE FUCK YOU WANT TO.
+

data/bin/diamant

@@ -0,0 +1,89 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'diamant'
+require 'diamant/cert_generator'
+require 'optparse'
+
+options = { hostname: '127.0.0.1', port: 1965 }
+OptionParser.new do |parser| # rubocop:disable Metrics/BlockLength
+  parser.banner = "Usage: #{parser.program_name} [options] [ command [ arg ] ]"
+
+  parser.separator ''
+
+  parser.separator 'Commands'
+
+  parser.separator <<~COMMANDSHELP
+    serve [ public_path ]  Serves static files from the given public_path.
+                           (defaults to ./public_gmi)
+
+    generate_tls_cert [ hostname ]
+                           Generates a new self-signed certificate for the
+                           given hostname and its related private key.
+                           (defaults to localhost)
+
+    If no command is given, or if the command is not recognized, the given
+    string is taken as a public_path to serve from.  That is:
+
+        #{parser.program_name} ~/my_gemini_capsule
+
+    is the same thing than:
+
+        #{parser.program_name} serve ~/my_gemini_capsule
+  COMMANDSHELP
+
+  parser.separator ''
+
+  parser.separator 'Options'
+
+  parser.on('-h', '--help',
+            'Show this help message and quit.') do
+    puts parser.help
+    exit
+  end
+
+  parser.on('-v', '--version',
+            "Show #{parser.program_name} version and quit.") do
+    puts Diamant::VERSION
+    exit
+  end
+
+  parser.on('-b', '--bind HOST',
+            'Hostname to bind to (127.0.0.1, 0.0.0.0, ::1...).',
+            '(defaults to 127.0.0.1)') do |o|
+    options[:bind] = o
+  end
+
+  parser.on('-p', '--port PORT',
+            'Define the TCP port to bind to.',
+            '(defaults to 1965)') do |o|
+    options[:port] = o.to_i
+  end
+
+  parser.on('--cert CERT',
+            'Path to the TLS certificate to use.',
+            '(defaults to cert.pem)') do |o|
+    options[:cert] = o
+  end
+
+  parser.on('--pkey PKEY',
+            'Path to the TLS private key to use.',
+            '(defaults to key.rsa)') do |o|
+    options[:pkey] = o
+  end
+end.parse!
+
+command = ARGV.shift
+case command
+when 'generate_tls_cert'
+  Diamant::CertGenerator.new(ARGV[0]).write
+  exit
+when 'serve'
+  options[:public_path] = ARGV[0]
+else
+  options[:public_path] = command
+end
+
+options[:public_path] ||= './public_gmi'
+
+Diamant::Server.new(options).start

data/lib/diamant.rb

@@ -0,0 +1,110 @@
+# frozen_string_literal: true
+
+require 'logger'
+require 'socket'
+require 'English'
+require 'openssl'
+require 'fileutils'
+
+require 'net/gemini/request'
+require 'uri/gemini'
+
+require 'diamant/version'
+require 'diamant/mimetype'
+
+module Diamant
+  # Runs the server request/answer loop.
+  class Server
+    def initialize(opts = {})
+      @port = opts[:port] || 1965
+      @bind = opts[:bind] || '127.0.0.1'
+      init_logger
+      init_server_paths(opts)
+    end
+
+    def start
+      tcp_serv = TCPServer.new @bind, @port
+      ssl_serv = OpenSSL::SSL::SSLServer.new tcp_serv, ssl_context
+      loop do
+        Thread.new(ssl_serv.accept) do |client|
+          handle_client(client)
+          client.close
+        end
+      rescue Interrupt
+        break
+      end
+    ensure
+      ssl_serv&.shutdown
+    end
+
+    private
+
+    def handle_client(client)
+      begin
+        r = Net::GeminiRequest.read_new(client)
+      rescue Net::GeminiBadRequest
+        client.puts "59\r\n"
+        return
+      end
+      answer = route(r.path)
+      @logger.info "#{answer[0]} - #{r.uri}"
+      answer.each do |line|
+        client.puts "#{line}\r\n"
+      end
+    end
+
+    def build_response(route)
+      info = Diamant::MimeType.new(route)
+      answer = IO.readlines route, chomp: true
+      answer.prepend "20 #{info.content_type}"
+    rescue Diamant::MimeError
+      ['50 Not a supported file!']
+    end
+
+    def route(path)
+      # In any case, remove the / prefix
+      route = File.expand_path path.delete_prefix('/'), Dir.pwd
+      # We better should use some sort of chroot...
+      unless route.start_with?(Dir.pwd)
+        @logger.warn "Bad attempt to get something out of public_dir: #{route}"
+        return ['51 Not found!']
+      end
+      route << '/index.gmi' if File.directory?(route)
+      return ['51 Not found!'] unless File.exist?(route)
+      build_response route
+    end
+
+    def ssl_context
+      ssl_context = OpenSSL::SSL::SSLContext.new
+      ssl_context.min_version = OpenSSL::SSL::TLS1_2_VERSION
+      ssl_context.add_certificate @cert, @pkey
+      ssl_context
+    end
+
+    def init_logger
+      $stdout.sync = true
+      @logger = Logger.new($stdout)
+      @logger.datetime_format = '%Y-%m-%d %H:%M:%S'
+      @logger.formatter = proc do |severity, datetime, _, msg|
+        "[#{datetime}] #{severity}: #{msg}\n"
+      end
+    end
+
+    def check_option_path_exist(option, default)
+      path = File.expand_path(option || default)
+      return path if File.exist?(path)
+      raise ArgumentError, "#{path} does not exist!"
+    end
+
+    def init_server_paths(opts = {})
+      cert_file = check_option_path_exist(opts[:cert], 'cert.pem')
+      @cert = OpenSSL::X509::Certificate.new File.read(cert_file)
+      key_file = check_option_path_exist(opts[:pkey], 'key.rsa')
+      @pkey = OpenSSL::PKey::RSA.new File.read(key_file)
+      public_path = check_option_path_exist(
+        opts[:public_path], './public_gmi'
+      )
+      Dir.chdir(public_path)
+    end
+  end
+end

data/lib/diamant/cert_generator.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+require 'openssl'
+
+module Diamant
+  # Creates a new self-signed certificate and its related RSA private key,
+  # suitable to be used as certificate for the Gemini network protocol.
+  #
+  # This Generator is not intended to advance use as it offers no
+  # configuration at all. It use the following options:
+  #
+  # - 4096 bits RSA key
+  # - 1 year validity
+  # - self signed certificate
+  #
+  class CertGenerator
+    def initialize(subject = 'localhost')
+      @subject = OpenSSL::X509::Name.parse "/CN=#{subject}"
+      @key = OpenSSL::PKey::RSA.new 4096
+      init_cert
+      add_extensions
+      @cert.sign @key, OpenSSL::Digest.new('SHA256')
+    end
+
+    def write
+      IO.write('key.rsa', @key.to_pem)
+      File.chmod(0o400, 'key.rsa')
+      IO.write('cert.pem', @cert.to_pem)
+      File.chmod(0o644, 'cert.pem')
+    end
+
+    private
+
+    def init_cert
+      @cert = OpenSSL::X509::Certificate.new
+      @cert.version = 3
+      @cert.serial = 0x0
+      @cert.issuer = @subject
+      @cert.subject = @subject
+      @cert.public_key = @key.public_key
+      @cert.not_before = Time.now
+      # 1 years validity
+      @cert.not_after = @cert.not_before + 1 * 365 * 24 * 60 * 60
+      @cert
+    end
+
+    def add_extension_to_cert(ext_factory, name, value, critical: false)
+      @cert.add_extension(
+        ext_factory.create_extension(name, value, critical)
+      )
+    end
+
+    def add_extensions
+      ef = OpenSSL::X509::ExtensionFactory.new
+      ef.subject_certificate = @cert
+      ef.issuer_certificate = @cert
+      add_extension_to_cert(
+        ef, 'basicConstraints', 'CA:TRUE', critical: true
+      )
+      add_extension_to_cert(ef, 'subjectKeyIdentifier', 'hash')
+      add_extension_to_cert(
+        ef, 'authorityKeyIdentifier', 'keyid:always,issuer:always'
+      )
+    end
+  end
+end

data/lib/diamant/mimetype.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module Diamant
+  class MimeError < StandardError; end
+
+  # Helper to understand what mimetype has a given file
+  class MimeType
+    attr_reader :extension, :content_type
+
+    MIMETYPES = {
+      '.gmi' => 'text/gemini',
+      '.txt' => 'text/plain',
+      '.md' => 'text/markdown',
+      '.org' => 'text/org',
+      '.png' => 'image/png',
+      '.jpg' => 'image/jpeg',
+      '.jpeg' => 'image/jpeg',
+      '.gif' => 'image/gif'
+    }.freeze
+
+    def initialize(path)
+      @path = path
+      extract_info
+    end
+
+    def supported?
+      @extension == '' || MIMETYPES.has_key?(@extension)
+    end
+
+    private
+
+    def extract_info
+      @extension = File.extname @path
+      raise MimeError, "#{@path} format is not supported!" unless supported?
+      if @extension == ''
+        # Weird... but we'll try the simple way
+        @content_type = 'text/plain'
+      else
+        # Any other supported extension
+        @content_type = MIMETYPES[@extension]
+      end
+    end
+  end
+end

data/lib/diamant/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Diamant
+  VERSION = '0.0.1'
+end

metadata

@@ -0,0 +1,192 @@
+--- !ruby/object:Gem::Specification
+name: diamant
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Étienne Deparis
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2020-11-19 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: ruby-net-text
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.0.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.0.2
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '11.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '11.1'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.13'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.13'
+- !ruby/object:Gem::Dependency
+  name: pry-doc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.9'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rubocop-performance
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.9'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.19'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.19'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+description: |
+  Diamant is a server for the Gemini network protocol. it
+  can only serve static files. Internally, it uses the OpenSSL library to
+  handle the TLS sessions, and threads to handle concurrent requests.
+email: etienne@depar.is
+executables:
+- diamant
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- bin/diamant
+- lib/diamant.rb
+- lib/diamant/cert_generator.rb
+- lib/diamant/mimetype.rb
+- lib/diamant/version.rb
+homepage: https://git.umaneti.net/diamant/about/
+licenses:
+- WTFPL
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.7'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.4
+signing_key:
+specification_version: 4
+summary: A simple Gemini server for static files.
+test_files: []