// ServeSSL serves cosgo on port 443 with attached key+cert func (c *Cosgo) ServeSSL() { go func() { time.Sleep(100 * time.Millisecond) log.Println("Cosgo: Serving TLS on", *sslport) }() log.Fatalln(http.ListenAndServeTLS(*sslport, *path2cert, *path2key, csrf.Protect(c.antiCSRFkey, csrf.HttpOnly(true), csrf.FieldName(*cookie), csrf.CookieName(*cookie), csrf.Secure(true), csrf.MaxAge(600), csrf.ErrorHandler(http.HandlerFunc(csrfErrorHandler)), )(c.r))) }
// CSRF - adds CSRF protection func (m *Middleware) CSRF(h http.Handler) http.Handler { CSRF := csrf.Protect([]byte(os.Getenv("TPD_CSRF_KEY")), csrf.CookieName(os.Getenv("TPD_CSRF_NAME"))) return CSRF(h) }
func main() { // Create the server, load mbox and fortunes and run initialize cosgo := setup() // Set all the needed /url paths e := cosgo.route(cwd) if e != nil { log.Fatalln(e) } // Needs to be compiled with build tag 'debug' to be redefined, and -debug CLI flag to be activated if *debug { cosgo.debug() } cosgo.Bind = *bind cosgo.Port = strconv.Itoa(*portnum) log.Println("Refreshing every", *refreshTime) go func() { time.Sleep(100 * time.Millisecond) log.Println("Listening on", cosgo.Bind+":"+cosgo.Port) }() // Try to bind listener, binderr := net.Listen("tcp", cosgo.Bind+":"+cosgo.Port) if binderr != nil { log.Println(binderr) os.Exit(1) } if cosgo.antiCSRFkey == nil { cosgo.antiCSRFkey = anticsrfGen() } if *path2cert != *path2key { go cosgo.ServeSSL() } // Is nolog enabled? if *nolog { *logfile = os.DevNull } // stdout or a filename openLogFile() // Start Serving // Here we either use fastcgi or normal http server, using csrf and mux. // with custom csrf error handler and 10 minute cookie. if !*fastcgi { go func() { if listener != nil { go http.Serve(listener, csrf.Protect(cosgo.antiCSRFkey, csrf.HttpOnly(true), csrf.FieldName(*cookie), csrf.CookieName(*cookie), csrf.Secure(*secure), csrf.MaxAge(600), csrf.ErrorHandler(http.HandlerFunc(csrfErrorHandler)))(cosgo.r)) } else { log.Fatalln("nil listener") } }() } else { go func() { if listener != nil { go fcgi.Serve(listener, csrf.Protect(cosgo.antiCSRFkey, csrf.HttpOnly(true), csrf.FieldName(*cookie), csrf.CookieName(*cookie), csrf.Secure(*secure), csrf.MaxAge(600), csrf.ErrorHandler(http.HandlerFunc(csrfErrorHandler)))(cosgo.r)) } else { log.Fatalln("nil listener") } }() } select { // Fire up the cosgo engine case <-time.After(*refreshTime): cosgo.rw.Lock() if *debug && !*quiet { log.Println("Info: Generating Random 40 URL Key...") } t1 := time.Now() // set a random URL key (40 char length). kee := generateURLKey(40) cosgo.URLKey = kee if *debug && !*quiet { log.Printf("Generated URL Key %q in %v", cosgo.URLKey, time.Now().Sub(t1)) } cosgo.rw.Unlock() // every X minutes change the URL key (default 42 minutes) // break tests uncomment next line //*refreshTime = time.Nanosecond if !*quiet { log.Printf("Uptime: %s (%s)", time.Since(timeboot), humanize(time.Since(timeboot))) log.Printf("Hits: %v", hitcounter) log.Printf("Messages: %v", inboxcount) if *debug { log.Printf("Port: %v", cosgo.Port) } if *path2cert != "" { log.Println("TLS: ON") } } } }