diff --git a/README.md b/README.md index 7fb6e7a..e32215e 100644 --- a/README.md +++ b/README.md @@ -180,6 +180,10 @@ The "error:" part will only be logged if an error occurred. This should only be There are some lines apart from these that might occur in logs depending on the selected log level. For example the initial "Listening on..." line or information about listing a particular directory. +## Security considerations + +If you want to run agate on a multi-user system, you should be aware that all certificate and key data is loaded into memory and stored there until the server stops. Since the memory is also not explicitly overwritten or zeroed after use, the sensitive data might stay in memory after the server has terminated. + [Gemini]: https://gemini.circumlunar.space/ [Rust]: https://www.rust-lang.org/ [home]: gemini://qwertqwefsday.eu/agate.gmi diff --git a/src/certificates.rs b/src/certificates.rs index 9e32c55..766de30 100644 --- a/src/certificates.rs +++ b/src/certificates.rs @@ -194,9 +194,10 @@ impl CertStore { // length of either a or b and the for loop will not decide. for (a_part, b_part) in a.split('.').rev().zip(b.split('.').rev()) { if a_part != b_part { - // What we sort by here is not really important, but `str` - // already implements Ord, making it easier for us. - return a_part.cmp(b_part); + // Here we have to make sure that the empty string will + // always be sorted to the end, so we reverse the usual + // ordering of str. + return a_part.cmp(b_part).reverse(); } } // Sort longer domains first. diff --git a/tests/tests.rs b/tests/tests.rs index e2cd390..9d9752e 100644 --- a/tests/tests.rs +++ b/tests/tests.rs @@ -81,8 +81,7 @@ impl Drop for Server { // a potential error message was not yet handled self.stop().unwrap(); } else if self.output.is_some() { - // error was already handled, ignore it - self.stop().unwrap_or(()); + // server was already stopped } else { // we are panicking and a potential error was not handled self.stop().unwrap_or_else(|e| eprintln!("{:?}", e));