Quick patch to get certgen running

Backport urgent fix to 1.0
2025-05-04 14:57:58 +02:00 · 2025-05-04 00:03:08 +02:00
3 changed files with 51 additions and 181 deletions
--- a/README.md
+++ b/README.md
@@ -1,60 +1,2 @@
 # PyWebServer
 ## GitHub
 The upstream of this project is on my own [Gitea instance](https://git.novacow.ch/Nova/PyWebServer/).  
 Because of that I'll mostly reply to issues and PRs there, you can submit issues and PRs on GitHub, but it might take longer before I read it.
 ## Installing
 Installing and running PyWebServer is very simple.  
 Assuming you're running Linux:
 ```bash
 git clone https://git.novacow.ch/Nova/PyWebServer.git
 cd ./PyWebServer/
 ```
 Windows users, make sure you have installed Git, from there:
 ```powershell
 git clone https://git.novacow.ch/Nova/PyWebServer.git
 Set-Location .\PyWebServer\
 ```
 From here, you should check from what directory you want to store the content in.  
 In this example, we'll use `./html/` (or `.\html\` for Windows users) from the perspective of the PyWebServer root dir.  
 To create this directory, do this:
 ```bash
 mkdir ./html/
 ```
 (This applies to both Windows and Linux)  
 Then, open `pywebsrv.conf` in your favorite text editor and change the `directory` key to the full path to the `./html/` you just created.  
 After that, put your files in and run this:
 Linux:
 ```bash
 python3 /path/to/pywebsrv.py
 ```
 Windows:
 ```powershell
 # If you have installed Python via the Microsoft Store:
 python3 \path\to\pywebsrv.py
 # Via the python.org website:
 py \path\to\pywebsrv.py
 ```
 ## SSL Support
 Currently PyWebServer warns about AutoCertGen not being installed. AutoCertGen currently is very unstable at the moment, and therefore is not available for download.  
 PyWebServer supports SSL/TLS for authentication via HTTPS. In the config file, you should enable the HTTPS port. After that you need to create the certificate.  
 Currently PyWebServer looks for the `cert.pem` and the `key.pem` files in the root directory of the installation.  
 PyWebServer comes with a test certificate, this certificate is self-signed, but doesn't have a matching issuer and subject. This is to prevent people from using it in production, even if they have disabled warnings of self-signed certificates.  
 ## HTTP support
 Currently PyWebServer only supports HTTP/1.1, this is very unlikely to change, as most of the modern web today still uses HTTP/1.1.  
 For methods PyWebServer only supports `GET`, this is being reworked though, check issue [#3](https://git.novacow.ch/Nova/PyWebServer/issues/3) for progress.
 ## Files support
 Unlike other small web servers, PyWebServer has full support for binary files being sent and received (once that logic is put in) over HTTP.
 ## Support
 PyWebServer will follow a standard support scheme.
 ### 1.x
 For every 1.x version there will be support until 2 newer versions come out.
 So that means that 1.0 will still be supported when 1.1 comes out, but no longer be supported when 1.2 comes out.
 ### 2.x
 I am planning on releasing a 2.x version with will have a lot more advanced features, like nginx's server block emulation amongst other things.
 When 2.0 will come out, the last version of 1.x will be supported for a while longer, but no new features will be added.
--- a/pywebsrv.conf
+++ b/pywebsrv.conf
@@ -1,31 +1,17 @@
 # Using NSCL 1.3
 # Port defenition. What ports to use.
 # port is the HTTP port, port-https is the HTTPS port
 port:8080
-port-https:8443
+directory:/home/nova/Documents/html
 # Here you choose what directory PyWebServer looks in for files.
 directory:<Enter directory here>
 # Host defenition, what hosts you can connect via.
 # You can use FQDNs, IP-addresses and localhost,
 # Support for multiple hosts is coming.
 host:localhost
-# Ignores the host parameter (except for localhost) and allows everything.
+# DANGER: NEVER EVER TURN THIS ON IN PROD!!!!!!!!!!!!
-# DANGER! For obvious reasons this isn't recommended.
+allow-all:1
-allow-all:0
+# DANGER!!
-# Enables HTTP support. (Only enables/disables the HTTP port.)
+port-https:8443
 http:1
 # Enables HTTPS support. (Only enables/disables the HTTPS port.)
 https:1
-# Allows the use of localhost to connect.
+allow-localhost:0
-# The default is on, this is seperate of the host defenition.
+# for use in libraries
-allow-localhost:1
+# disable-autocertgen:0
 # If you're using the webserver in a library form,
 # you can disable the AutoCertGen and never trigger it.
 disable-autocertgen:0
 # If you wish to block IP-addresses, this function is coming though.
 # block-ip:0.0.0.0,1.1.1.1,2.2.2.2
 # If you wish to block User-Agents, this function is coming though.
 # block-ua:(NULL)
 # This function is deprecated, allows a connection with no Host header.
 # You should NEVER have to enable this! It can pose a risk to security!
 # allow-nohost:0
 # In libraries you can disable everything you don't need.
--- a/pywebsrv.py
+++ b/pywebsrv.py
@@ -1,17 +1,4 @@
 """
 License:
     PyWebServer
     Copyright (C) 2025 Nova
     This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
     This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
     You should have received a copy of the GNU General Public License along with this program.  If not, see <https://www.gnu.org/licenses/>.
    Contact:
        E-mail: nova@novacow.ch
 This is PyWebServer, an ultra minimalist webserver, meant to still have
 a lot standard webserver features. A comprehensive list is below:
 Features:
@@ -34,7 +21,6 @@ Library aswell as a standalone script:
 """
 import os
 import mimetypes
 import threading
 import ssl
 import socket
@@ -59,8 +45,8 @@ class FileHandler:
    )
    def __init__(self, base_dir=None):
        self.base_dir = base_dir or os.path.join(os.getcwd(), "html")
        self.config_path = os.path.join(os.getcwd(), self.CONFIG_FILE)
        self.base_dir = self.read_config("directory")
    def check_first_run(self):
        if not os.path.isfile(self.config_path):
@@ -74,19 +60,18 @@ class FileHandler:
    def read_file(self, file_path):
        if "../" in file_path:
-            return 403, None
+            return 403
        full_path = os.path.join(self.base_dir, file_path.lstrip("/"))
        if not os.path.isfile(full_path):
-            return 404, None
+            return 404
        try:
            mimetype = mimetypes.guess_type(full_path)
            with open(full_path, "rb") as f:
-                return f.read(), mimetype
+                return f.read()
        except Exception as e:
            print(f"Error reading file {full_path}: {e}")
-            return 500, None
+            return 500
    def write_file(self, file_path, data):
        if "../" in file_path:
@@ -110,7 +95,6 @@ class FileHandler:
            "https",
            "port-https",
            "allow-all",
            "allow-nohost",
            "allow-localhost",
            "disable-autocertgen",
        ]
@@ -137,18 +121,8 @@ class FileHandler:
                        or option == "allow-all"
                        or option == "allow-localhost"
                        or option == "disable-autocertgen"
                        or option == "allow-nohost"
                    ):
                        return bool(int(value))
                    if option == "directory":
                        if value == "<Enter directory here>":
                            print(
                                "FATAL: You haven't set up PyWebServer! Please edit pywebsrv.conf!"
                            )
                            exit(1)
                        if value.endswith("/"):
                            value = value.rstrip("/")
                        return value
                    return value
        return None
@@ -171,11 +145,11 @@ class RequestParser:
        """Parses the HTTP request line."""
        try:
            method, path, version = line.split(" ")
            if path.endswith("/"):
                path += "index.html"
            return method, path, version
        except ValueError:
            return None, None, None
        if path.endswith("/"):
            path += "index.html"
        return method, path, version
    def is_method_allowed(self, method):
        """
@@ -185,11 +159,9 @@ class RequestParser:
        Should (for now) only be GET as I haven't implemented the logic for PUT
        """
        allowed_methods = ["GET"]
-        # While the logic for PUT, DELETE, etc. is not added, we shouldn't
+        if os.path.isfile(self.allowed_methods_file):
-        # allow for it to attempt it.
+            with open(self.allowed_methods_file, "r") as f:
-        # if os.path.isfile(self.allowed_methods_file):
+                allowed_methods = [line.strip() for line in f]
        #     with open(self.allowed_methods_file, "r") as f:
        #         allowed_methods = [line.strip() for line in f]
        return method in allowed_methods
    def host_parser(self, host):
@@ -201,7 +173,6 @@ class RequestParser:
        if ":" in host:
            host = host.split(":", 1)[0]
        host = host.lstrip()
        host = host.rstrip()
        if (
            host == "localhost" or host == "127.0.0.1"
        ) and self.file_handler.read_config("allow-localhost"):
@@ -226,12 +197,6 @@ class WebServer:
        # me when no certificate and key file
        if not os.path.exists(self.cert_file) or not os.path.exists(self.key_file):
            if not os.path.exists(self.cert_file) and not os.path.exists(self.key_file):
                pass
            elif not os.path.exists(self.cert_file):
                os.remove(self.key_file)
            elif not os.path.exists(self.key_file):
                os.remove(self.cert_file)
            print("WARN: No HTTPS certificate was found!")
            if self.file_handler.read_config("disable-autocertgen") is True:
                print("WARN: AutoCertGen is disabled, ignoring...")
@@ -269,22 +234,6 @@ class WebServer:
                self.https_socket, server_side=True
            )
        self.http_404_html = (
            "<html><head><title>HTTP 404 - PyWebServer</title></head>"
            "<body><center><h1>HTTP 404 - Not Found!</h1><p>Running PyWebServer/1.2</p>"
            "</center></body></html>"
        )
        self.http_403_html = (
            "<html><head><title>HTTP 403 - PyWebServer</title></head>"
            "<body><center><h1>HTTP 403 - Forbidden</h1><p>Running PyWebServer/1.2</p>"
            "</center></body></html>"
        )
        self.http_405_html = (
            "<html><head><title>HTTP 405 - PyWebServer</title></head>"
            "<body><center><h1>HTTP 405 - Method not allowed</h1><p>Running PyWebServer/1.2</p>"
            "</center></body></html>"
        )
        self.running = True
    def start(self, http, https):
@@ -299,9 +248,9 @@ class WebServer:
        if http is True:
            http_thread.start()
-        # print(
+        print(
-        #     f"Server running:\n - HTTP on port {self.http_port}\n - HTTPS on port {self.https_port}"
+            f"Server running:\n - HTTP on port {self.http_port}\n - HTTPS on port {self.https_port}"
-        # )
+        )
        http_thread.join()
        https_thread.join()
@@ -336,12 +285,12 @@ class WebServer:
    def handle_connection(self, conn, addr):
        try:
-            data = conn.recv(512)
+            data = conn.recv(512)  # why? well internet and tutiorials
            request = data.decode(errors="ignore")
            response = self.handle_request(request, addr)
            if isinstance(response, str):
-                response = response.encode()
+                response = response.encode()  # if we send text this shouldn't explode
            conn.sendall(response)
        except Exception as e:
@@ -352,8 +301,6 @@ class WebServer:
    def handle_request(self, data, addr):
        if not data:
            return self.build_response(400, "Bad Request")  # user did fucky-wucky
        if len(data) > 8192:
            return self.build_response(413, "Request too long")
        request_line = data.splitlines()[0]
@@ -378,41 +325,33 @@ class WebServer:
        method, path, version = self.parser.parse_request_line(request_line)
        # Figure out a better way to reload config
        if path == "/?pywebsrv_reload_conf=1":
            print("Got reload command! Reloading configuration...")
            self.file_handler.base_dir = self.file_handler.read_config("directory")
            return self.build_response(204, "")
        if not all([method, path, version]) or not self.parser.is_method_allowed(
            method
        ):
-            return self.build_response(405, self.http_405_html)
+            return self.build_response(405, "Method Not Allowed")
-        file_content, mimetype = self.file_handler.read_file(path)
+        file_content = self.file_handler.read_file(path)
        if file_content == 403:
            print("WARN: Directory traversal attack prevented.")  # look ma, security!!
-            return self.build_response(403, self.http_403_html)
+            return self.build_response(403, "Forbidden")
        if file_content == 404:
-            return self.build_response(404, self.http_404_html)
+            return self.build_response(404, "Not Found")
        if file_content == 500:
            return self.build_response(
                500,
                "PyWebServer has encountered a fatal error and cannot serve "
                "your request. Contact the owner with this error: FATAL_FILE_RO_ACCESS",
-            )  # When there was an issue with reading we throw this.
+            )  # The user did no fucky-wucky, but the server fucking exploded.
-        # A really crude implementation of binary files. Later in 2.0 I'll actually
+        # (try to) detect binary files (eg, mp3) and serve them correctly
-        # make this useful.
+        if path.endswith((".mp3", ".png", ".jpg", ".jpeg", ".gif")):
-        mimetype = mimetype[0]
+            return self.build_binary_response(200, file_content, path)
        if "text/" not in mimetype:
            return self.build_binary_response(200, file_content, path, mimetype)
        return self.build_response(200, file_content)
    @staticmethod
-    def build_binary_response(status_code, binary_data, filename, content_type):
+    def build_binary_response(status_code, binary_data, filename):
        """Handles binary files like MP3s."""
        messages = {
            200: "OK",
@@ -422,34 +361,37 @@ class WebServer:
            500: "Internal Server Error",
        }
        status_message = messages.get(status_code)
        # In the spirit of keeping stuff small, we'll just guess and see.
        content_type = "application/octet-stream"
        if filename.endswith(".mp3"):
            content_type = "audio/mpeg"
        elif filename.endswith(".png"):
            content_type = "image/png"
        elif filename.endswith(".jpg") or filename.endswith(".jpeg"):
            content_type = "image/jpeg"
        elif filename.endswith(".gif"):
            content_type = "image/gif"
        headers = (
            f"HTTP/1.1 {status_code} {status_message}\r\n"
-            f"Server: PyWebServer/1.2\r\n"
+            f"Server: PyWebServer/1.0\r\n"
            f"Content-Type: {content_type}\r\n"
            f"Content-Length: {len(binary_data)}\r\n"
-            f"Connection: close\r\n\r\n"
+            f"Connection: close\r\n\r\n"  # connection close bcuz im lazy
            # Connection close is done because it is way easier to implement.
            # It's not like this program will see production use anyway.
        )
        return headers.encode() + binary_data
    @staticmethod
    def build_response(status_code, body):
        """
        For textfiles we'll not have to guess MIME-types, though the other function
        build_binary_response will be merged in here anyway.
        """
        messages = {
            200: "OK",
            204: "No Content",
            304: "Not Modified",  # TODO KEKL
            400: "Bad Request",
            403: "Forbidden",
            404: "Not Found",
            405: "Method Not Allowed",
            413: "Payload Too Large",
            500: "Internal Server Error",
            635: "Go Away",
        }
        status_message = messages.get(status_code)
@@ -458,7 +400,7 @@ class WebServer:
        headers = (
            f"HTTP/1.1 {status_code} {status_message}\r\n"
-            f"Server: PyWebServer/1.2\r\n"
+            f"Server: PyWebServer/1.0\r\n"
            f"Content-Length: {len(body)}\r\n"
            f"Connection: close\r\n\r\n"
        ).encode()
@@ -466,7 +408,8 @@ class WebServer:
        return headers + body
    def shutdown(self, signum, frame):
-        print("\nRecieved signal to exit!\nShutting down server...")
+        print(f"\nRecieved signal {signum}")
        print("\nShutting down server...")
        self.running = False
        self.http_socket.close()
        self.https_socket.close()
@@ -476,7 +419,6 @@ class WebServer:
 def main():
    file_handler = FileHandler()
    file_handler.check_first_run()
    file_handler.base_dir = file_handler.read_config("directory")
    http_port = file_handler.read_config("port") or 8080
    https_port = file_handler.read_config("port-https") or 8443
    http_enabled = file_handler.read_config("http") or True
Author	SHA1	Message	Date
Nova	0e406ab360	Quick patch to get certgen running	2025-05-04 14:57:58 +02:00
Nova	f29ad0d6b4	Backport urgent fix to 1.0	2025-05-04 00:03:08 +02:00