Created
October 26, 2019 17:37
-
-
Save magisterquis/105a7755e36d93eaa29742f2ef7e2bda to your computer and use it in GitHub Desktop.
HTTP fileserver which allows domain fronting
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Program dfdemoserver is an HTTP fileserver which allows domain fronting, | |
// meant for demos. | |
package main | |
/* | |
* dfdemoserver.go | |
* HTTP fileserver which allows domain fronting | |
* By J. Stuart McMurray | |
* Created 20190922 | |
* Last Modified 20190922 | |
*/ | |
import ( | |
"flag" | |
"fmt" | |
"log" | |
"net/http" | |
"os" | |
"path/filepath" | |
"strings" | |
) | |
const ( | |
/* dirPerm is the permissions used when we make a served files | |
directory */ | |
dirPerm = 0700 | |
) | |
func main() { | |
var ( | |
cert = flag.String( | |
"cert", | |
"cert.pem", | |
"TLS certificate `file`", | |
) | |
key = flag.String( | |
"key", | |
"key.pem", | |
"TLS key `file`", | |
) | |
dir = flag.String( | |
"files", | |
"files", | |
"Served files `directory`", | |
) | |
laddr = flag.String( | |
"listen", | |
"0.0.0.0:443", | |
"Listen `address`", | |
) | |
) | |
flag.Usage = func() { | |
fmt.Fprintf( | |
os.Stderr, | |
`Usage: %v [options] | |
A simple little fileserver which serves files from subdirectories named the | |
same as the host header (with any slashes changed to underscores). The parent | |
directory of the files directories will be created if it does not exist. | |
Options: | |
`, | |
os.Args[0], | |
) | |
flag.PrintDefaults() | |
} | |
flag.Parse() | |
/* Be in files directory */ | |
if err := os.MkdirAll(*dir, dirPerm); nil != err { | |
log.Fatalf( | |
"Unable to make files directory %q: %v", | |
*dir, | |
err, | |
) | |
} | |
if err := os.Chdir(*dir); nil != err { | |
log.Fatalf( | |
"Unable to chdir to files directory %q: %v", | |
*dir, | |
err, | |
) | |
} | |
/* Serve HTTP */ | |
http.HandleFunc("/", handle) | |
log.Fatalf( | |
"Error serving HTTPS: %v", | |
http.ListenAndServeTLS(*laddr, *cert, *key, nil), | |
) | |
} | |
/* handle serves files from the directory named by the Host: header. */ | |
func handle(w http.ResponseWriter, r *http.Request) { | |
/* Get the sanitized directory name */ | |
dir := strings.Replace(filepath.Clean(string(r.Host)), "/", "_", -1) | |
if ".." == dir { | |
http.Error(w, "Hacker Detected!", http.StatusPaymentRequired) | |
return | |
} | |
log.Printf("[%v] %v %v %v", r.RemoteAddr, r.Method, r.Host, r.URL) | |
/* Let the library do the hard work */ | |
http.FileServer(http.Dir(dir)).ServeHTTP(w, r) | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment