Merge pull request #36 from patrickhener/restructure

Merge to main

Makefile

@@ -3,8 +3,8 @@
 # uglify-js and https://github.com/wellington/wellington needed
 generate:
 	@echo "[*] Minifying and compiling scss and js"
-	@uglifyjs -o internal/myhttp/static/js/main.min.js assets/js/main.js
-	@wt compile assets/css/style.scss -s compressed -b internal/myhttp/static/css
+	@uglifyjs -o httpserver/static/js/main.min.js assets/js/main.js
+	@wt compile assets/css/style.scss -s compressed -b httpserver/static/css
 	@echo "[OK] Done minifying and compiling things"
 
 security:

README.md

@@ -1,4 +1,4 @@
-![Version](https://img.shields.io/badge/Version-v0.2.0-green)
+![Version](https://img.shields.io/badge/Version-v0.3.0-green)
 [![GitHub](https://img.shields.io/github/license/patrickhener/goshs)](https://github.com/patrickhener/goshs/blob/master/LICENSE)
 ![GitHub go.mod Go version](https://img.shields.io/github/go-mod/go-version/patrickhener/goshs)
 [![GitHub issues](https://img.shields.io/github/issues-raw/patrickhener/goshs)](https://github.com/patrickhener/goshs/issues)
@@ -23,6 +23,8 @@ goshs is a replacement for Python's `SimpleHTTPServer`. It allows uploading and
   * Download clipboard entries as .json file
 * WebDAV support
 * Read-Only and Upload-Only mode
+* Silent mode (no webserver output)
+* Retrieve json on cli
 
 # Installation
 
@@ -33,7 +35,7 @@ You can download the executable from the [release section](https://github.com/pa
 
 ```bash
 go get -u github.com/patrickhener/goshs
-go install github.com/patrickhener/goshs
+go install github.com/patrickhener/goshs@latest
 ```
 
 ## Build yourself
@@ -123,10 +125,68 @@ This mode will omit the dir listing on the web interface. Also you will not have
 
 `goshs -si`
 
-# Credits
+**Retrieve the directory listing in json format**  
+You can now retrieve the directory listing in *json* format. This is meant to be used with curl for example in environments where you do not have a browser on hand.
+```bash
+curl -s localhost:8000/?json | jq
+[
+  {
+    "name": ".git/",
+    "is_dir": true,
+    "is_symlink": false,
+    "symlink_target": "",
+    "extension": "",
+    "size_bytes": 4096,
+    "last_modified": "2023-02-28T15:38:11.982+01:00"
+  },
+  {
+    "name": ".github/",
+    "is_dir": true,
+    "is_symlink": false,
+    "symlink_target": "",
+    "extension": "",
+    "size_bytes": 4096,
+    "last_modified": "2023-02-28T10:27:35.524+01:00"
+  },
+  {
+    "name": ".gitignore",
+    "is_dir": false,
+    "is_symlink": false,
+    "symlink_target": "",
+    "extension": ".gitignore",
+    "size_bytes": 48,
+    "last_modified": "2023-02-20T07:58:46.436+01:00"
+  },
+  ... snip ...
+```
+
+Or with path:
 
-A special thank you goes to *sc0tfree* for inspiring this project with his project [updog](https://github.com/sc0tfree/updog) written in Python.
+```bash
+curl -s localhost:8000/utils?json | jq
+[
+  {
+    "name": "utils.go",
+    "is_dir": false,
+    "is_symlink": false,
+    "symlink_target": "",
+    "extension": ".go",
+    "size_bytes": 2218,
+    "last_modified": "2023-02-28T15:28:54.783+01:00"
+  },
+  {
+    "name": "utils_test.go",
+    "is_dir": false,
+    "is_symlink": false,
+    "symlink_target": "",
+    "extension": ".go",
+    "size_bytes": 2012,
+    "last_modified": "2023-02-28T15:28:12.748+01:00"
+  }
+]
+```
 
-# Tutorial Series
 
-I wrote several blog posts how and why I implemented all of this. You can find it [here](https://hesec.de/tags/goshs/) if you are interested about the technical background.
+# Credits
+
+A special thank you goes to *sc0tfree* for inspiring this project with his project [updog](https://github.com/sc0tfree/updog) written in Python.

assets/css/font.scss

@@ -3,8 +3,8 @@
 /* Fira Code VF from 300 to 700 */
 @font-face {
   font-family: 'Fira Code VF';
-  src: url('../fonts/FiraCode-VF.woff2') format('woff2-variations'),
-    url('../fonts/FiraCode-VF.woff') format('woff-variations');
+  src: url('../fonts/FiraCode-VF.woff2?static') format('woff2-variations'),
+    url('../fonts/FiraCode-VF.woff?static') format('woff-variations');
   font-weight: 300 700;
   font-style: normal;
 }

assets/js/main.js

@@ -45,17 +45,10 @@ function selectNone() {
   document.getElementById('downloadBulkButton').style.display = 'none';
 }
 
-// Everything related to websockets
 var wsURL = '';
 location.protocol !== 'https:'
-  ? (wsURL =
-      'ws://' +
-      window.location.host +
-      '/14644be038ea0118a1aadfacca2a7d1517d7b209c4b9674ee893b1944d1c2d54/ws')
-  : (wsURL =
-      'wss://' +
-      window.location.host +
-      '/14644be038ea0118a1aadfacca2a7d1517d7b209c4b9674ee893b1944d1c2d54/ws');
+  ? (wsURL = 'ws://' + window.location.host + '/?ws')
+  : (wsURL = 'wss://' + window.location.host + '/?ws');
 var connection = new WebSocket(wsURL);
 
 connection.onopen = function () {

internal/myca/ca.go → ca/ca.go

@@ -1,12 +1,13 @@
-// Package myca ...
+// Package ca will handle the creation of certificates for TSL encrypted communication
 // Credits: Shane Utt
 // https://shaneutt.com/blog/golang-ca-and-signed-cert-go/
-package myca
+package ca
 
 import (
 	"bytes"
 	"crypto/rand"
 	"crypto/rsa"
+	"os"
 
 	// disable G505 (CWE-327): Blocklisted import crypto/sha1: weak cryptographic primitive
 	// #nosec G505
@@ -17,13 +18,12 @@ import (
 	"crypto/x509/pkix"
 	"encoding/pem"
 	"fmt"
-	"io/ioutil"
 	"net"
 	"strings"
 	"time"
 
-	"github.com/patrickhener/goshs/internal/mylog"
-	"github.com/patrickhener/goshs/internal/myutils"
+	"github.com/patrickhener/goshs/logger"
+	"github.com/patrickhener/goshs/utils"
 )
 
 // Sum will give the sha256 and sha1 sum of the certificate
@@ -70,7 +70,7 @@ func ParseAndSum(cert string) (sha256s, sha1s string, err error) {
 	// disable G304 (CWE-22): Potential file inclusion via variable
 	// risk accepted, maybe check if can be used to do malicous things
 	// #nosec G304
-	certBytes, err := ioutil.ReadFile(cert)
+	certBytes, err := os.ReadFile(cert)
 	if err != nil {
 		return "", "", err
 	}
@@ -89,9 +89,9 @@ func ParseAndSum(cert string) (sha256s, sha1s string, err error) {
 
 // Setup will deliver a fully initialized CA and server cert
 func Setup() (serverTLSConf *tls.Config, sha256s, sha1s string, err error) {
-	randInt, err := myutils.RandomNumber()
+	randInt, err := utils.RandomNumber()
 	if err != nil {
-		mylog.Errorf("when creating certificate: %+v", err)
+		logger.Errorf("when creating certificate: %+v", err)
 	}
 	ca := &x509.Certificate{
 		SerialNumber: &randInt,
@@ -131,20 +131,20 @@ func Setup() (serverTLSConf *tls.Config, sha256s, sha1s string, err error) {
 		Type:  "CERTIFICATE",
 		Bytes: caBytes,
 	}); err != nil {
-		mylog.Errorf("encoding pem: %+v", err)
+		logger.Errorf("encoding pem: %+v", err)
 	}
 
 	caPrivKeyPEM := new(bytes.Buffer)
 	if err := pem.Encode(caPrivKeyPEM, &pem.Block{
 		Type:  "RSA PRIVATE KEY",
 		Bytes: x509.MarshalPKCS1PrivateKey(caPrivKey),
 	}); err != nil {
-		mylog.Errorf("encoding pem: %+v", err)
+		logger.Errorf("encoding pem: %+v", err)
 	}
 
-	randInt, err = myutils.RandomNumber()
+	randInt, err = utils.RandomNumber()
 	if err != nil {
-		mylog.Errorf("when creating certificate: %+v", err)
+		logger.Errorf("when creating certificate: %+v", err)
 	}
 	// set up our server certificate
 	cert := &x509.Certificate{
@@ -182,15 +182,15 @@ func Setup() (serverTLSConf *tls.Config, sha256s, sha1s string, err error) {
 		Type:  "CERTIFICATE",
 		Bytes: certBytes,
 	}); err != nil {
-		mylog.Errorf("encoding pem: %+v", err)
+		logger.Errorf("encoding pem: %+v", err)
 	}
 
 	certPrivKeyPEM := new(bytes.Buffer)
 	if err := pem.Encode(certPrivKeyPEM, &pem.Block{
 		Type:  "RSA PRIVATE KEY",
 		Bytes: x509.MarshalPKCS1PrivateKey(certPrivKey),
 	}); err != nil {
-		mylog.Errorf("encoding pem: %+v", err)
+		logger.Errorf("encoding pem: %+v", err)
 	}
 
 	serverCert, err := tls.X509KeyPair(certPEM.Bytes(), certPrivKeyPEM.Bytes())

ca/ca_test.go

@@ -0,0 +1,56 @@
+package ca
+
+import (
+	"strings"
+	"testing"
+)
+
+const (
+	certSha256 string = "65853DC369E138125B42FCE21DFF13CD93B5A0E3D2EB61107EF3378106759940"
+	certSha1   string = "AB51F4B4D3336129576C5CA46408A6A79EA62FB2"
+)
+
+var (
+	cert []byte = []byte(`BEGIN CERTIFICATE-----
+MIIFPjCCAyagAwIBAgIULNlw3eSpMdJrm7aUVg/IwfHTuXMwDQYJKoZIhvcNAQEL
+BQAwFjEUMBIGA1UEAwwLZXhhbXBsZS5jb20wHhcNMjMwMjI4MDk0NjUxWhcNMzMw
+MjI1MDk0NjUxWjAWMRQwEgYDVQQDDAtleGFtcGxlLmNvbTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAM4GQRgDUfOWewaw37E74uf6nqiQaWLRJy+DtQxh
+WAI/TOEXlSamTW0wsMoHRAkAvOBje1BmgHRhOUIuzSGmwDNjosz2zyrCONgRWfcJ
+yN96EtPa/4lEvlHTiN2NdV4mDN3XcW9j2n+K5mWh3oDVz0wp+A2byDmg1EdmL/X8
+hGVvTMyUFt6prprdnALdGZqblsZAaLYg++r7uEDBihVw6DWunoiq2TnxNIXTdTIo
+5UeFnKCSBDWseN0+FeQ5Xq9mAQfzwk5YeY2ser4iWl0FlZdYwrj+EBYT+I4MTCWG
+B7YxcsX6pWSoWhvv5V9sRtH1KkiH5RaNQ/b9v9Pl5sdRq7ofUWxxGAEq+LmOExIq
+if3JWpMq6AQVrMJTylFQv2AD9S9+9T7azTIfAxifveQrbwkgIUZX2e5bB2iKhQEH
+tFyNYd7eyomCHt//3iRFyq64AtfmbQRaj2UsW63/wOMLAgM5ood1pnWt/1GGsH8U
+XusELZS2ov+RI/Si661B3VMZhtTY/jFLYqbM09IfeGpXriRQxiwvXCsiJvyZaRE+
+NHR+F6CfZp/3935SBIKU6ljdBrLCzTRCQ8eoysOSXAcYD7MUMMQNPwK+nOWStYGc
+tk+qSgU3B3xiL9/yDsdM5Ov4mArKpbXP9DYnfDw97+D+8xFPAl0VEgj7dH8b0Q+c
+w7hxAgMBAAGjgYMwgYAwHQYDVR0OBBYEFEY+2jaoCj7pWl5ggiYRxIdw/YIsMB8G
+A1UdIwQYMBaAFEY+2jaoCj7pWl5ggiYRxIdw/YIsMA8GA1UdEwEB/wQFMAMBAf8w
+LQYDVR0RBCYwJIILZXhhbXBsZS5jb22CD3d3dy5leGFtcGxlLm5ldIcECgAAATAN
+BgkqhkiG9w0BAQsFAAOCAgEAY0BOskg82Ty//ADLyiXVhwEV/lLILH0BWWWVv05i
+frrUs2fA3ORkUoRaiJxAzDvEV98AjD52Ty6WYtgNscmrQxxz0gn3xUWZXdj6L5PE
+C6xj4lH0M/bNW6TUWhBqaVsaUCaoEhze4ieTcUHZlF61tkscdfUf8cIwi4vyNA3v
+LIzXgJxIYw+wD5K1MEtVOPX3x9oO2Ceu3dLQv7MWULVjir1Pm2/3YhfGJgttFNHu
+fbFWrPRG/m1MiMniGxQb3Oa1IjPZU70elP3GGG+irojxWcFYW+MopeXelVxbC63I
+z7uc7cbmmcsD2GIkv1td4pe84UYy+pCsKQ8vXykwnjcFfjkrPSxdz1tVjrz4V60e
+jVekhGgIHQAm/PyLLssQDykiX6ySxurU8bCcpqaA6dBzlUEX+Ym9xr2l155U6OsP
+k4HWPGqf2/xMaXq/7g9HfqPhj9tZ/x2wyZ6Mx2rMtRV+6hX1XGa4tZU0f5MziEnX
+Lkf4fEY4kc28UdEZRiG+D8cK6k0N8fHkKo4M09f+PJp/4sqa2g2kj8aqEFzSu2uq
+v/cKeJ20txB/Egu9OGCS3aFqQ9zV+rqkEko2agLbqY/Aks3e/jaAIwURvxNS83l4
+rJ90pXPe6awWutwMfmwlzqv0UYLu0IGHZiN8uTPiQ0nkR2kps3MruAsj1K9PaNpq
+rtI=
+-----END CERTIFICATE-----`)
+)
+
+func TestSum(t *testing.T) {
+
+	sha256, sha1 := Sum(cert)
+	sha256Clean := strings.ReplaceAll(sha256, " ", "")
+	sha1Clean := strings.ReplaceAll(sha1, " ", "")
+
+	if sha256Clean != certSha256 || sha1Clean != certSha1 {
+		t.Errorf("Certificate Fingerprint was wrong: got sha256 %s sha1 %s, want sha256 %s and sha1 %s", sha256Clean, sha1Clean, certSha256, certSha1)
+	}
+}

internal/myclipboard/clipboard.go → clipboard/clipboard.go

@@ -1,10 +1,9 @@
-package myclipboard
+// Package clipboard will provide the functionality of a clipboard
+package clipboard
 
 import (
 	"encoding/json"
 	"time"
-
-	"github.com/patrickhener/goshs/internal/mylog"
 )
 
 // Clipboard is the in memory clipboard to hold the copy-pasteable content
@@ -81,7 +80,6 @@ func (c *Clipboard) Download() ([]byte, error) {
 func reindex(entries []Entry) []Entry {
 	var newEntries []Entry
 	for i, e := range entries {
-		mylog.Debugf("Entry #%d: %+v\n", i, e)
 		newEntries = append(newEntries, Entry{
 			ID:      i,
 			Content: e.Content,