Revision [20745]

This is an old revision of WikkaGopher made by BrianKoontz on 2009-07-19 21:58:36.

 


Rationale


The idea here is to facilitate the creation and maintenance of gopher content using existing Wikka features. The goal is not to write a new gopher server, but to manage content created by Wikka so that a gopher server can access and serve up Wikka-generated content. (This is similar to using Wikka as an HTMLHandler HTML generator, using Wikka markup to generate and serve HTML content.) There's no reason why Wikka couldn't serve up gopher content as well!

A secondary goal (and, strangely enough, the first goal to be implemented) is to provide the Wikka community with a simple plugin that will allow Wikka to operate as a gopher proxy to access other gopher content. The reason I've implemented this first is to explore ways to render gopher content in a Wikka page, as this is obviously something that will be required to implement Wikka as a primary gopher content provider.

Proof of Concept


As it turns out, I did have a need to satisfy the following:

There's no reason why Wikka couldn't serve up gopher content as well!

I have a repository of files I wanted to serve up, but the machine is internal, and I really don't have a desire to (1) open access to the outside world, (2) serve them with all the overhead associated with a web server such as Apache, or (3) move the files to a machine that is accessible to the outside world. Gopher is a lightweight protocol that is ideal for serving up filesystems in situ, without having to deal with presentation issues or other needless overhead. I thought it would be interesting to have Wikka serve as a "gopher proxy," permitting access to gopherspace without regard to whether or not a user's browser supports the gopher protocol. As a proof of concept, I wrote some code that can access gopher sites, display (in a very rudimentary fashion) the site files and directories, and even download text and binary files.

Please note: This code is very unrefined, and is definitely not for use in a production environment! It is very likely things don't work (in fact, I deliberately failed to implement several gopher item types so that I could focus on just getting something to work), and I seriously doubt it's anywhere near being compliant to RFC 1436. However, it works with my gopher server, and fulfills the rather meager requirements I had.

That said, I offer up my initial hacks and welcome a brave soul who might be willing to step forward and see if they can create a gateway to gopherspace.

ToDo List


Where to start?


Security Implications

  1. Open proxies can, and will, be abused. An open proxy is an invitation for someone to use your machine as an anonymous scanner, which means your machine's IP address will show up in logs. While gopherspace is not that large at the moment, this code does not restrict access based upon host and/or port, so a malicious user could set up base on your Wikka server to perform anonymous scans. A user-modifiable list of allowable hosts and/or ports should be enforced.
  1. This proxy cannot positively identify remote connections as gopher servers. The gopher protocol does not provide a method for positively identifying a remote server as being a gopher server. Any server that responds to <LF><CR> will have its output parsed as if it was valid gopher data. Better checks need to be put into place to ensure that only data that is consistent with RFC 1436 is parsed and/or processed.
  1. Your local (internal) interfaces can be accessed. It's likely your internal machines sit behind the same firewall as your Wikka machine. The proxy should probably be smarter in determining whether or not local IP addresses (including localhost/127.0.0.1) can be accessed via the proxy. The most updated version of WikkaGopher has a rudimentary Unix-style hosts_allow/hosts_deny implementation.
  1. Denial of service (DOS) by specifying invalid ports. Right now, I'm watching my test server just spin away after asking the proxy to connect to an internal mail server. The proxy in its current state is a quite effective DOS vector. A more consistent means of timing out the connection, coupled with restricting port access, should probably be implemented. A watchdog timer is now in place.
  1. DOS through excessive network connections/bandwidth usage. A malicious user could generate many network connections to a gopher site that could effectively impair both the proxy server and the gopher server. Also, the proxy currently reads content into a buffer to determine file size, mime type, etc., so many requests could effectively slow down the proxy server due to memory depletion. Limits on the number of network connections allowed as well as limits on bandwidth usage need to be implemented. (I've been told that browsers do not need to be sent file size and mime type information in the request headers to successfully download binary files. Also, the Gopher+ protocol does allow for the transmission of metadata, which would make it unnecessary for the proxy to buffer binary data from the gopher server.)

System Requirements


You must have a version of PHP that is compiled with the --enable-sockets option. This simply will not work without this option enabled. I believe the socket extensions have been moved to PECL (bleh!) as of PHP 5.3.0, so I doubt this code will work without some modification under PHP5. I'm running this on my test server with PHP 4.3.10, Apache 2.0, and the latest version of WikkaWiki 1.1.6.4 from the WikkaSVN SVN repository. Update: New test site is running PHP 5.2.6 and Apache 2.2, with WikkaWiki 1.1.6.5.

Getting Down and Dirty


OK, here it is! It's ugly, unrefined, uncommented, and the error handling doesn't work (because I'm still trying to decide if the client is responsible for displaying error messages, or the underlying classes). But, if you drop these files into your actions/ and handlers/page/ directories, it should work without much modification. At some point, I do plan on tidying things up. Feel free to edit this page (it's a wiki after all) with comments, code, and criticisms. I can handle it all.

Typical usage

{{gopher uri="quux.org"}}


Download the Code


Forthcoming!

Screenshots



There are 3 comments on this page. [Show comments]
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki