commit - ce5f27d25b61a206ccde7c6445c07f9c5df5fe5e
commit + f3ee4dd59103ea4fea5c70e57f312387aecf039e
blob - d2bc835e651af1b18c62dcc3db72d079c2190025
blob + 460466672fb912f5a7aaee0674d38463e3d0f906
--- vgi.sh
+++ vgi.sh
#!/bin/sh
-# Answer header:
-echo "20 text/gemini\r"
+URL=$(cat -)
+URL_TAIL=$(echo $URL | awk -F "/" '{print $NF}')
-# Answer body:
+if [ "$URL_TAIL" = "auth" ]; then
+ if [ -z "${VGI_CERT_HASH}" ]; then
+ echo "60 Certificate required\r"
+ exit
+ fi
+
+ echo "20 text/gemini\r"
+ echo "# VGI demo (authenticated)\r"
+ echo "\`\`\`\r"
+ echo "VGI_CERT_HASH=$VGI_CERT_HASH\r"
+ echo "\`\`\`\r"
+ exit
+fi
+
+echo "20 text/gemini\r"
echo "# VGI demo\r"
echo "\r"
echo "Requested URL: \r"
-echo "=> $(cat -)"
+echo "=> $URL"
blob - b426f6fd9af1562f45254604f36bbd2381d63f67
blob + 6d162f2bc840222a2c618fb6cdb8e31ee55c57d1
--- vostok/vostok.cc
+++ vostok/vostok.cc
#include <vector>
#include <thread>
+extern "C" char **environ;
+
namespace vostok
{
namespace
const std::string g_index_gmi{"index.gmi"};
const auto ERROR42_ANSWER = cut_null("42 Temporary failure\r\n");
+const std::string VGI_ENV_PREFIX{"VGI_"};
struct ProcessRequestContext
const ProcessRequestContext &context
)
{
- czstring client_cert_hash = tls_peer_cert_hash(accepted_client.get_ctx());
- error::g_log << "tls_peer_cert_provided(...)=" << tls_peer_cert_provided(accepted_client.get_ctx()) << std::endl;
- error::g_log << "tls_peer_cert_hash(...)=" << (client_cert_hash ? client_cert_hash : "(nullptr)") << std::endl;
+ std::string env_cert_hash;
+ std::vector<czstring> child_envp;
+ for (auto env = environ; *env; ++env)
+ {
+ if (strncmp(VGI_ENV_PREFIX.c_str(), *env, VGI_ENV_PREFIX.size()))
+ child_envp.push_back(*env);
+ }
+ if (tls_peer_cert_provided(accepted_client.get_ctx()))
+ {
+ env_cert_hash = "VGI_CERT_HASH=";
+ env_cert_hash += tls_peer_cert_hash(accepted_client.get_ctx());
+ child_envp.push_back(env_cert_hash.c_str());
+ }
+ child_envp.push_back(nullptr);
int stdin_pair[2];
if (pipe(stdin_pair) != 0)
stdout_read.reset();
stdout_write.reset();
- execl(context.vgi_command, context.vgi_command, nullptr);
+ execle(context.vgi_command, context.vgi_command, nullptr, child_envp.data());
// if `execl` return, an error has occurred
write(STDOUT_FILENO, ERROR42_ANSWER.data(), ERROR42_ANSWER.size());