chore(release): version v0.24.0

* some small css fixes and changes

* added basic auth
https://stackoverflow.com/a/9534652/3642588

* most tests are passing

* fixed all the tests

* maybe now CI will pass

* implemented sigoden's suggestions

* test basic auth

* fixed some little things

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,17 @@
+---
+name: Bug report
+about: Create a report to help us improve 
+---
+
+**Problem**
+
+<!-- A clear and concise description of what the bug is. -->
+
+**Log**
+
+If applicable, add logs to help explain your problem.
+
+**Environment:**
+ - Dufs version:
+ - Browser/Webdav Info: 
+ - OS Info: 

.github/ISSUE_TEMPLATE/feature_requst.md

@@ -0,0 +1,16 @@
+---
+name: Feature Request
+about: If you have any interesting advice, you can tell us.
+---
+
+## Specific Demand
+
+<!--
+What feature do you need, please describe it in detail.
+-->
+
+## Implement Suggestion
+
+<!--
+If you have any suggestion for complete this feature, you can tell us.
+-->

.github/dependabot.yml

@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: "cargo" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "monthly"

.github/workflows/release.yaml

@@ -7,33 +7,67 @@ on:
 
 jobs:
   release:
-    name: Publish to Github Reelases
+    name: Publish to Github Relases
     outputs:
       rc: ${{ steps.check-tag.outputs.rc }}
 
     strategy:
       matrix:
-        target:
-        - aarch64-unknown-linux-musl
-        - aarch64-apple-darwin
-        - x86_64-apple-darwin
-        - x86_64-pc-windows-msvc
-        - x86_64-unknown-linux-musl
         include:
         - target: aarch64-unknown-linux-musl
           os: ubuntu-latest
           use-cross: true
+          cargo-flags: ""
         - target: aarch64-apple-darwin
           os: macos-latest
           use-cross: true
+          cargo-flags: ""
+        - target: aarch64-pc-windows-msvc
+          os: windows-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
         - target: x86_64-apple-darwin
           os: macos-latest
+          cargo-flags: ""
         - target: x86_64-pc-windows-msvc
           os: windows-latest
+          cargo-flags: ""
         - target: x86_64-unknown-linux-musl
           os: ubuntu-latest
           use-cross: true
-
+          cargo-flags: ""
+        - target: i686-unknown-linux-musl
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: ""
+        - target: i686-pc-windows-msvc
+          os: windows-latest
+          use-cross: true
+          cargo-flags: ""
+        - target: armv7-unknown-linux-musleabihf
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: ""
+        - target: arm-unknown-linux-musleabihf
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: ""
+        - target: mips-unknown-linux-musl
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
+        - target: mipsel-unknown-linux-musl
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
+        - target: mips64-unknown-linux-gnuabi64
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
+        - target: mips64el-unknown-linux-gnuabi64
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
     runs-on: ${{matrix.os}}
 
     steps:
@@ -59,14 +93,7 @@ jobs:
         target: ${{ matrix.target }}
         toolchain: stable
         profile: minimal # minimal component installation (ie, no documentation)
-
-    - name: Install prerequisites
-      shell: bash
-      run: |
-        case ${{ matrix.target }} in
-          aarch64-unknown-linux-musl) sudo apt-get -y update ; sudo apt-get -y install gcc-aarch64-linux-gnu ;;
-        esac
-
+  
     - name: Show Version Information (Rust, cargo, GCC)
       shell: bash
       run: |
@@ -82,7 +109,7 @@ jobs:
       with:
         use-cross: ${{ matrix.use-cross }}
         command: build
-        args: --locked --release --target=${{ matrix.target }}
+        args: --locked --release --target=${{ matrix.target }} ${{ matrix.cargo-flags }}
 
     - name: Build Archive
       shell: bash
@@ -133,6 +160,8 @@ jobs:
     runs-on: ubuntu-latest
     needs: release
     steps:
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v1
       - name: Login to DockerHub
@@ -141,9 +170,16 @@ jobs:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
       - name: Build and push
-        id: docker_build
         uses: docker/build-push-action@v2
         with:
+          build-args: |
+            REPO=${{ github.repository }}
+            VER=${{ github.ref_name }}
+          platforms: |
+            linux/amd64
+            linux/arm64
+            linux/386
+            linux/arm/v7
           push: ${{ needs.release.outputs.rc == 'false' }}
           tags: ${{ github.repository }}:latest, ${{ github.repository }}:${{ github.ref_name }}
           

CHANGELOG.md

@@ -2,47 +2,146 @@
 
 All notable changes to this project will be documented in this file.
 
+## [0.24.0] - 2022-07-02
+
+### Bug Fixes
+
+- Unexpect stack overflow when searching a lot ([#87](https://github.com/sigoden/dufs/issues/87))
+
+### Features
+
+- Allow search with --render-try-index ([#88](https://github.com/sigoden/dufs/issues/88))
+
+## [0.23.1] - 2022-06-30
+
+### Bug Fixes
+
+- Safari layout and compatibility ([#83](https://github.com/sigoden/dufs/issues/83))
+- Permissions of unzipped files ([#84](https://github.com/sigoden/dufs/issues/84))
+
+## [0.23.0] - 2022-06-29
+
+### Features
+
+- Use feature to conditional support tls ([#77](https://github.com/sigoden/dufs/issues/77))
+
+### Ci
+
+- Support more platforms ([#76](https://github.com/sigoden/dufs/issues/76))
+
+## [0.22.0] - 2022-06-26
+
+### Features
+
+- Support hiding folders with --hidden ([#73](https://github.com/sigoden/dufs/issues/73))
+
+## [0.21.0] - 2022-06-23
+
+### Bug Fixes
+
+- Escape name contains html escape code ([#65](https://github.com/sigoden/dufs/issues/65))
+
+### Features
+
+- Use custom logger with timestamp in rfc3339 ([#67](https://github.com/sigoden/dufs/issues/67))
+
+### Refactor
+
+- Split css/js from index.html ([#68](https://github.com/sigoden/dufs/issues/68))
+
+## [0.20.0] - 2022-06-20
+
+### Bug Fixes
+
+- DecodeURI searching string ([#61](https://github.com/sigoden/dufs/issues/61))
+
+### Features
+
+- Added basic auth ([#60](https://github.com/sigoden/dufs/issues/60))
+- Add option --allow-search ([#62](https://github.com/sigoden/dufs/issues/62))
+
+## [0.19.0] - 2022-06-19
+
+### Features
+
+- [**breaking**] Path level access control ([#52](https://github.com/sigoden/dufs/issues/52))
+- Serve single file ([#54](https://github.com/sigoden/dufs/issues/54))
+- Ui hidden root dirname ([#58](https://github.com/sigoden/dufs/issues/58))
+- Reactive webpage ([#51](https://github.com/sigoden/dufs/issues/51))
+- [**breaking**] Rename to dufs ([#59](https://github.com/sigoden/dufs/issues/59))
+
+### Refactor
+
+- [**breaking**] Rename --cors to --enable-cors ([#57](https://github.com/sigoden/dufs/issues/57))
+
+## [0.18.0] - 2022-06-18
+
+### Features
+
+- Add option --render-try-index ([#47](https://github.com/sigoden/dufs/issues/47))
+- Add slash to end of dir href
+
+## [0.17.1] - 2022-06-16
+
+### Bug Fixes
+
+- Range request ([#44](https://github.com/sigoden/dufs/issues/44))
+
+## [0.17.0] - 2022-06-15
+
+### Bug Fixes
+
+- Webdav propfind dir with slash ([#42](https://github.com/sigoden/dufs/issues/42))
+
+### Features
+
+- Listen both ipv4 and ipv6 by default ([#40](https://github.com/sigoden/dufs/issues/40))
+
+### Refactor
+
+- Trival changes ([#41](https://github.com/sigoden/dufs/issues/41))
+
 ## [0.16.0] - 2022-06-12
 
 ### Features
 
-- Implement head method ([#33](https://github.com/sigoden/duf/issues/33))
-- Display upload speed and time left ([#34](https://github.com/sigoden/duf/issues/34))
-- Support tls-key in pkcs#8 format ([#35](https://github.com/sigoden/duf/issues/35))
+- Implement head method ([#33](https://github.com/sigoden/dufs/issues/33))
+- Display upload speed and time left ([#34](https://github.com/sigoden/dufs/issues/34))
+- Support tls-key in pkcs#8 format ([#35](https://github.com/sigoden/dufs/issues/35))
 - Options method return status 200
 
 ### Testing
 
-- Add integration tests ([#36](https://github.com/sigoden/duf/issues/36))
+- Add integration tests ([#36](https://github.com/sigoden/dufs/issues/36))
 
 ## [0.15.1] - 2022-06-11
 
 ### Bug Fixes
 
-- Cannot upload ([#32](https://github.com/sigoden/duf/issues/32))
+- Cannot upload ([#32](https://github.com/sigoden/dufs/issues/32))
 
 ## [0.15.0] - 2022-06-10
 
 ### Bug Fixes
 
-- Encode webdav href as uri ([#28](https://github.com/sigoden/duf/issues/28))
+- Encode webdav href as uri ([#28](https://github.com/sigoden/dufs/issues/28))
 - Query dir param
 
 ### Features
 
-- Add basic dark theme ([#29](https://github.com/sigoden/duf/issues/29))
-- Add empty state placeholder to page([#30](https://github.com/sigoden/duf/issues/30))
+- Add basic dark theme ([#29](https://github.com/sigoden/dufs/issues/29))
+- Add empty state placeholder to page([#30](https://github.com/sigoden/dufs/issues/30))
 
 ## [0.14.0] - 2022-06-07
 
 ### Bug Fixes
 
-- Send index page with content-type ([#26](https://github.com/sigoden/duf/issues/26))
+- Send index page with content-type ([#26](https://github.com/sigoden/dufs/issues/26))
 
 ### Features
 
-- Support ipv6 ([#25](https://github.com/sigoden/duf/issues/25))
-- Add favicon ([#27](https://github.com/sigoden/duf/issues/27))
+- Support ipv6 ([#25](https://github.com/sigoden/dufs/issues/25))
+- Add favicon ([#27](https://github.com/sigoden/dufs/issues/27))
 
 ## [0.13.2] - 2022-06-06
 
@@ -55,11 +154,11 @@ All notable changes to this project will be documented in this file.
 
 ### Bug Fixes
 
-- Escape filename ([#21](https://github.com/sigoden/duf/issues/21))
+- Escape filename ([#21](https://github.com/sigoden/dufs/issues/21))
 
 ### Refactor
 
-- Use logger ([#22](https://github.com/sigoden/duf/issues/22))
+- Use logger ([#22](https://github.com/sigoden/dufs/issues/22))
 
 ## [0.13.0] - 2022-06-05
 
@@ -69,16 +168,16 @@ All notable changes to this project will be documented in this file.
 
 ### Features
 
-- Implement more webdav methods ([#13](https://github.com/sigoden/duf/issues/13))
-- Use digest auth ([#14](https://github.com/sigoden/duf/issues/14))
-- Add webdav proppatch handler ([#18](https://github.com/sigoden/duf/issues/18))
+- Implement more webdav methods ([#13](https://github.com/sigoden/dufs/issues/13))
+- Use digest auth ([#14](https://github.com/sigoden/dufs/issues/14))
+- Add webdav proppatch handler ([#18](https://github.com/sigoden/dufs/issues/18))
 
 ## [0.12.1] - 2022-06-04
 
 ### Features
 
-- Support webdav ([#10](https://github.com/sigoden/duf/issues/10))
-- Remove unzip uploaded feature ([#11](https://github.com/sigoden/duf/issues/11))
+- Support webdav ([#10](https://github.com/sigoden/dufs/issues/10))
+- Remove unzip uploaded feature ([#11](https://github.com/sigoden/dufs/issues/11))
 
 ## [0.11.0] - 2022-06-03
 

Cargo.toml

@@ -1,42 +1,46 @@
 [package]
-name = "duf"
-version = "0.16.0"
+name = "dufs"
+version = "0.24.0"
 edition = "2021"
 authors = ["sigoden <sigoden@gmail.com>"]
-description = "Duf is a simple file server."
+description = "Dufs is a distinctive utility file server"
 license = "MIT OR Apache-2.0"
-homepage = "https://github.com/sigoden/duf"
-repository = "https://github.com/sigoden/duf"
+homepage = "https://github.com/sigoden/dufs"
+repository = "https://github.com/sigoden/dufs"
 categories = ["command-line-utilities", "web-programming::http-server"]
 keywords = ["static", "file", "server", "webdav", "cli"]
 
 [dependencies]
-clap = { version = "3", default-features = false, features = ["std", "cargo"] }
+clap = { version = "3", default-features = false, features = ["std", "wrap_help"] }
 chrono = "0.4"
 tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util", "signal"]}
-tokio-rustls = "0.23"
-tokio-stream = { version = "0.1", features = ["net"] }
-tokio-util = { version = "0.7",  features = ["codec", "io-util"] }
+tokio-util = { version = "0.7",  features = ["io-util"] }
 hyper = { version = "0.14", features = ["http1", "server", "tcp", "stream"] }
 percent-encoding = "2.1"
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 futures = "0.3"
 base64 = "0.13"
-async_zip = "0.0.7"
-async-walkdir = "0.2"
+async_zip = { version = "0.0.8", default-features = false, features = ["deflate"] }
 headers = "0.3"
 mime_guess = "2.0"
-get_if_addrs = "0.5"
-rustls = { version = "0.20", default-features = false, features = ["tls12"] }
-rustls-pemfile = "1"
+if-addrs = "0.7"
+rustls = { version = "0.20", default-features = false, features = ["tls12"], optional = true }
+rustls-pemfile = { version = "1", optional = true }
+tokio-rustls = { version = "0.23", optional = true }
 md5 = "0.7"
 lazy_static = "1.4"
 uuid = { version = "1.1", features = ["v4", "fast-rng"] }
 urlencoding = "2.1"
 xml-rs = "0.8"
-env_logger = { version = "0.9", default-features = false, features = ["humantime"] }
 log = "0.4"
+socket2 = "0.4"
+async-stream = "0.3"
+walkdir = "2.3"
+
+[features]
+default = ["tls"]
+tls = ["rustls", "rustls-pemfile", "tokio-rustls"]
 
 [dev-dependencies]
 assert_cmd = "2"
@@ -44,7 +48,7 @@ reqwest = { version = "0.11", features = ["blocking", "multipart", "rustls-tls"]
 assert_fs = "1"
 select = "0.5"
 port_check = "0.1"
-rstest = "0.13"
+rstest = "0.15"
 regex = "1"
 pretty_assertions = "1.2"
 url = "2"

Dockerfile

@@ -1,10 +1,18 @@
-FROM rust:1.61 as builder
-RUN rustup target add x86_64-unknown-linux-musl
-RUN apt-get update && apt-get install --no-install-recommends -y musl-tools
-WORKDIR /app
-COPY . .
-RUN cargo build --target x86_64-unknown-linux-musl --release
+FROM alpine as builder
+ARG REPO VER TARGETPLATFORM
+RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ 
+        TARGET="x86_64-unknown-linux-musl"; \
+    elif [  "$TARGETPLATFORM" = "linux/arm64" ]; then \
+        TARGET="aarch64-unknown-linux-musl"; \
+    elif [  "$TARGETPLATFORM" = "linux/386" ]; then \
+        TARGET="i686-unknown-linux-musl"; \
+    elif [  "$TARGETPLATFORM" = "linux/arm/v7" ]; then \
+        TARGET="armv7-unknown-linux-musleabihf"; \
+    fi && \
+    wget https://github.com/${REPO}/releases/download/${VER}/dufs-${VER}-${TARGET}.tar.gz && \
+    tar -xf dufs-${VER}-${TARGET}.tar.gz && \
+    mv dufs /bin/
 
 FROM scratch
-COPY --from=builder /app/target/x86_64-unknown-linux-musl/release/duf /bin/
-ENTRYPOINT ["/bin/duf"]
+COPY --from=builder /bin/dufs /bin/dufs
+ENTRYPOINT ["/bin/dufs"]

README.md

@@ -1,11 +1,11 @@
-# Duf
+# Dufs
 
-[![CI](https://github.com/sigoden/duf/actions/workflows/ci.yaml/badge.svg)](https://github.com/sigoden/duf/actions/workflows/ci.yaml)
-[![Crates](https://img.shields.io/crates/v/duf.svg)](https://crates.io/crates/duf)
+[![CI](https://github.com/sigoden/dufs/actions/workflows/ci.yaml/badge.svg)](https://github.com/sigoden/dufs/actions/workflows/ci.yaml)
+[![Crates](https://img.shields.io/crates/v/dufs.svg)](https://crates.io/crates/dufs)
 
-Duf is a simple file server. Support static serve, search, upload, webdav...
+Dufs is a distinctive utility file server that supports static serving, uploading, searching, accessing control, webdav...
 
-![demo](https://user-images.githubusercontent.com/4012553/171526189-09afc2de-793f-4216-b3d5-31ea408d3610.png)
+![demo](https://user-images.githubusercontent.com/4012553/174486522-7af350e6-0195-4f4a-8480-d9464fc6452f.png)
 
 ## Features
 
@@ -14,7 +14,7 @@ Duf is a simple file server. Support static serve, search, upload, webdav...
 - Upload files and folders (Drag & Drop)
 - Search files
 - Partial responses (Parallel/Resume download)
-- Authentication
+- Path level access control
 - Support https
 - Support webdav
 - Easy to use with curl
@@ -24,116 +24,172 @@ Duf is a simple file server. Support static serve, search, upload, webdav...
 ### With cargo
 
 ```
-cargo install duf
+cargo install dufs
 ```
 
 ### With docker
 
 ```
-docker run -v /tmp:/tmp -p 5000:5000 --rm -it docker.io/sigoden/duf /tmp
+docker run -v `pwd`:/data -p 5000:5000 --rm -it sigoden/dufs /data
 ```
 
 ### Binaries on macOS, Linux, Windows
 
-Download from [Github Releases](https://github.com/sigoden/duf/releases), unzip and add duf to your $PATH.
+Download from [Github Releases](https://github.com/sigoden/dufs/releases), unzip and add dufs to your $PATH.
 
 ## CLI
 
 ```
-Duf is a simple file server.
+Dufs is a distinctive utility file server - https://github.com/sigoden/dufs
 
 USAGE:
-    duf [OPTIONS] [path]
+    dufs [OPTIONS] [--] [path]
 
 ARGS:
-    <path>    Path to a root directory for serving files [default: .]
+    <path>    Specific path to serve [default: .]
 
 OPTIONS:
-    -a, --auth <user:pass>      Use HTTP authentication
-        --no-auth-access        Not required auth when access static files
-    -A, --allow-all             Allow all operations
-        --allow-delete          Allow delete files/folders
-        --allow-symlink         Allow symlink to files/folders outside root directory
-        --allow-upload          Allow upload files/folders
-    -b, --bind <address>        Specify bind address [default: 0.0.0.0]
-        --cors                  Enable CORS, sets `Access-Control-Allow-Origin: *`
-    -h, --help                  Print help information
-    -p, --port <port>           Specify port to listen on [default: 5000]
-        --path-prefix <path>    Specify an url path prefix
-        --render-index          Render index.html when requesting a directory
-        --render-spa            Render for single-page application
-        --tls-cert <path>       Path to an SSL/TLS certificate to serve with HTTPS
-        --tls-key <path>        Path to the SSL/TLS certificate's private key
-    -V, --version               Print version information
+    -b, --bind <addr>...         Specify bind address
+    -p, --port <port>            Specify port to listen on [default: 5000]
+        --path-prefix <path>     Specify an path prefix
+        --hidden <value>         Hide directories from directory listings, separated by `,`
+    -a, --auth <rule>...         Add auth for path
+        --auth-method <value>    Select auth method [default: digest] [possible values: basic, digest]
+    -A, --allow-all              Allow all operations
+        --allow-upload           Allow upload files/folders
+        --allow-delete           Allow delete files/folders
+        --allow-search           Allow search files/folders
+        --allow-symlink          Allow symlink to files/folders outside root directory
+        --enable-cors            Enable CORS, sets `Access-Control-Allow-Origin: *`
+        --render-index           Serve index.html when requesting a directory, returns 404 if not found index.html
+        --render-try-index       Serve index.html when requesting a directory, returns directory listing if not found index.html
+        --render-spa             Serve SPA(Single Page Application)
+        --tls-cert <path>        Path to an SSL/TLS certificate to serve with HTTPS
+        --tls-key <path>         Path to the SSL/TLS certificate's private key
+    -h, --help                   Print help information
+    -V, --version                Print version information
 ```
 
 ## Examples
 
-You can run this command to start serving your current working directory on 127.0.0.1:5000 by default.
+Serve current working directory
 
 ```
-duf
+dufs
 ```
 
-...or specify which folder you want to serve.
+Explicitly allow all operations including download/upload/delete
 
 ```
-duf folder_name
-```
-
-Allow all operations such as upload, delete
-
-```sh
-duf --allow-all
+dufs -A
 ```
 
 Only allow upload operation
 
 ```
-duf --allow-upload
+dufs --allow-upload
 ```
 
-Serve a single page application (SPA)
+Serve a specific directory
 
 ```
-duf --render-spa
+dufs Downloads
+```
+
+Serve a specific file
+
+```
+dufs linux-distro.iso
+```
+
+Serve index.html when requesting a directory
+
+```
+dufs --render-index
+```
+
+Serve single-page application like react
+
+```
+dufs --render-spa
+```
+
+Require username/password
+
+```
+dufs -a /@admin:123
+```
+
+Listen on a specific port
+
+```
+dufs -p 80
+```
+
+Hide directories from directory listings
+
+```
+dufs --hidden .git,.DS_Store
 ```
 
 Use https
 
 ```
-duf --tls-cert my.crt --tls-key my.key
+dufs --tls-cert my.crt --tls-key my.key
 ```
 
 ## API
 
 Download a file
 ```
-curl http://127.0.0.1:5000/some-file
+curl http://127.0.0.1:5000/path-to-file
 ```
 
 Download a folder as zip file
 
 ```
-curl -o some-folder.zip http://127.0.0.1:5000/some-folder?zip
+curl -o path-to-folder.zip http://127.0.0.1:5000/path-to-folder?zip
 ```
 
 Upload a file
 
 ```
-curl --upload-file some-file http://127.0.0.1:5000/some-file
+curl --upload-file path-to-file http://127.0.0.1:5000/path-to-file
 ```
 
 Delete a file/folder
 
 ```
-curl -X DELETE http://127.0.0.1:5000/some-file
+curl -X DELETE http://127.0.0.1:5000/path-to-file
 ```
 
+## Access Control
+
+Dufs supports path level access control. You can control who can do what on which path with `--auth`/`-a`.
+
+```
+dufs -a <path>@<readwrite>[@<readonly>|@*]
+```
+
+- `<path>`: Protected url path
+- `<readwrite>`: Account with upload/delete/view/download permission, required
+- `<readonly>`: Account with view/download permission, optional
+
+> `*` means `<path>` is public, everyone can view/download it.
+
+For example:
+
+```
+dufs -a /@admin:pass1@* -a /ui@designer:pass2 -A
+```
+- All files/folders are public to view/download.
+- Account `admin:pass1` can upload/delete/view/download any files/folders.
+- Account `designer:pass2` can upload/delete/view/download any files/folders in the `ui` folder.
+
 ## License
 
-Copyright (c) 2022 duf-developers.
+Copyright (c) 2022 dufs-developers.
 
-duf is made available under the terms of either the MIT License or the Apache License 2.0, at your option.
+dufs is made available under the terms of either the MIT License or the Apache License 2.0, at your option.
 
 See the LICENSE-APACHE and LICENSE-MIT files for license details.

assets/index.css

@@ -1,15 +1,16 @@
 html {
-  font-family: -apple-system,BlinkMacSystemFont,Helvetica,Arial,sans-serif;
+  font-family: -apple-system,BlinkMacSystemFont,Roboto,Helvetica,Arial,sans-serif;
   line-height: 1.5;
   color: #24292e;
 }
 
 body {
-  width: 700px;
+  /* prevent premature breadcrumb wrapping on mobile */
+  min-width: 500px;
 }
 
 .hidden {
-  display: none;
+  display: none !important;
 }
 
 .head {
@@ -21,6 +22,7 @@ body {
 
 .breadcrumb {
   font-size: 1.25em;
+  padding-right: 0.6em;
 }
 
 .breadcrumb > a {
@@ -45,12 +47,16 @@ body {
 .breadcrumb svg {
   height: 100%;
   fill: rgba(3,47,98,0.5);
-  padding-right: 0.5em;
-  padding-left: 0.5em;
 }
 
 .toolbox {
   display: flex;
+  margin-right: 10px;
+}
+
+.toolbox > div {
+  /* vertically align with breadcrumb text */
+  height: 1.1rem;
 }
 
 .searchbar {
@@ -62,7 +68,7 @@ body {
   transition: all .15s;
   border: 1px #ddd solid;
   border-radius: 15px;
-  margin: 0 0 2px 10px;
+  margin-bottom: 2px;
 }
 
 .searchbar #search {
@@ -120,11 +126,6 @@ body {
   white-space: nowrap;
 }
 
-.uploaders-table .cell-name,
-.paths-table .cell-name {
-  width: 500px;
-}
-
 .uploaders-table .cell-status {
   width: 80px;
   padding-left: 0.6em;
@@ -147,15 +148,14 @@ body {
   padding-left: 0.6em;
 }
 
-
 .path svg {
-  height: 100%;
+  height: 16px;
   fill: rgba(3,47,98,0.5);
   padding-right: 0.5em;
+  vertical-align: text-top;
 }
 
 .path {
-  display: flex;
   list-style: none;
 }
 
@@ -166,6 +166,8 @@ body {
   overflow: hidden;
   display: block;
   text-decoration: none;
+  max-width: calc(100vw - 375px);
+  min-width: 200px;
 }
 
 .path a:hover {
@@ -184,6 +186,12 @@ body {
   padding-right: 1em;
 }
 
+@media (min-width: 768px) {
+  .path a {
+    min-width: 400px;
+  }
+}
+
 /* dark theme */
 @media (prefers-color-scheme: dark) {
   body {
@@ -202,8 +210,9 @@ body {
   }
 
   svg,
-  .path svg {
-    fill: #d0e6ff;
+  .path svg,
+  .breadcrumb svg {
+    fill: #fff;
   }
 
   .searchbar {

assets/index.html

@@ -22,7 +22,7 @@
         <input type="file" id="file" name="file" multiple>
       </div>
     </div>
-    <form class="searchbar">
+    <form class="searchbar hidden">
       <div class="icon">
         <svg width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M11.742 10.344a6.5 6.5 0 1 0-1.397 1.398h-.001c.03.04.062.078.098.115l3.85 3.85a1 1 0 0 0 1.415-1.414l-3.85-3.85a1.007 1.007 0 0 0-.115-.1zM12 6.5a5.5 5.5 0 1 1-11 0 5.5 5.5 0 0 1 11 0z"/></svg>
       </div>
@@ -35,16 +35,16 @@
     <table class="uploaders-table hidden">
       <thead>
         <tr>
-          <th class="cell-name">Name</th>
-          <th class="cell-status">Speed - Progress - Time Left</th>
+          <th class="cell-name" colspan="2">Name</th>
+          <th class="cell-status">Progress</th>
         </tr>
       </thead>
     </table>
     <table class="paths-table hidden">
       <thead>
         <tr>
-          <th class="cell-name">Name</th>
-          <th class="cell-mtime">Date modify</th>
+          <th class="cell-name" colspan="2">Name</th>
+          <th class="cell-mtime">Last modified</th>
           <th class="cell-size">Size</th>
           <th class="cell-actions">Actions</th>
         </tr>

assets/index.js

@@ -1,7 +1,6 @@
 /**
  * @typedef {object} PathItem
  * @property {"Dir"|"SymlinkDir"|"File"|"SymlinkFile"} path_type
- * @property {boolean} is_symlink
  * @property {string} name
  * @property {number} mtime
  * @property {number} size
@@ -30,38 +29,20 @@ let $uploadersTable;
  * @type Element
  */
 let $emptyFolder;
-/**
- * @type string
- */
-let baseDir;
 
 class Uploader {
   /**
-   * @type number
+   * 
+   * @param {File} file 
+   * @param {string[]} dirs 
    */
-  idx;
-  /**
-   * @type File
-   */
-  file;
-  /**
-   * @type string
-   */
-  name;
-  /**
-   * @type Element
-   */
-  $uploadStatus;
-  /**
-   * @type number
-   */
-  uploaded = 0;
-  /**
-   * @type number
-   */
-  lastUptime = 0;
-  static globalIdx = 0;
   constructor(file, dirs) {
+    /**
+     * @type Element
+     */
+    this.$uploadStatus = null
+    this.uploaded = 0;
+    this.lastUptime = 0;
     this.name = [...dirs, file.name].join("/");
     this.idx = Uploader.globalIdx++;
     this.file = file;
@@ -69,12 +50,16 @@ class Uploader {
 
   upload() {
     const { file, idx, name } = this;
-    let url = getUrl(name);
+    const url = getUrl(name);
+    const encodedUrl = encodedStr(url);
+    const encodedName = encodedStr(name);
     $uploadersTable.insertAdjacentHTML("beforeend", `
   <tr id="upload${idx}" class="uploader">
+    <td class="path cell-icon">
+      ${getSvg()}
+    </td>
     <td class="path cell-name">
-      <div>${getSvg("File")}</div>
-      <a href="${url}">${name}</a>
+      <a href="${encodedUrl}">${encodedName}</a>
     </td>
     <td class="cell-status upload-status" id="uploadStatus${idx}"></td>
   </tr>`);
@@ -121,29 +106,43 @@ class Uploader {
   }
 }
 
+Uploader.globalIdx = 0;
+
 /**
  * Add breadcrumb
- * @param {string} value 
+ * @param {string} href 
+ * @param {string} uri_prefix
  */
-function addBreadcrumb(value) {
+function addBreadcrumb(href, uri_prefix) {
   const $breadcrumb = document.querySelector(".breadcrumb");
-  const parts = value.split("/").filter(v => !!v);
+  let parts = [];
+  if (href === "/") {
+    parts = [""];
+  } else {
+    parts = href.split("/");
+  }
   const len = parts.length;
-  let path = "";
+  let path = uri_prefix;
   for (let i = 0; i < len; i++) {
     const name = parts[i];
     if (i > 0) {
-      path  += "/" + name;
+      if (!path.endsWith("/")) {
+        path  += "/";
+      }
+      path += encodeURI(name);
     }
-    if (i === len - 1) {
-      $breadcrumb.insertAdjacentHTML("beforeend", `<b>${name}</b>`);
-      baseDir = name;
-    } else if (i === 0) {
-      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="/"><b>${name}</b></a>`);
+    const encodedPath = encodedStr(path);
+    const encodedName = encodedStr(name);
+    if (i === 0) {
+      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${encodedPath}"><svg width="16" height="16" viewBox="0 0 16 16"><path d="M6.5 14.5v-3.505c0-.245.25-.495.5-.495h2c.25 0 .5.25.5.5v3.5a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5v-7a.5.5 0 0 0-.146-.354L13 5.793V2.5a.5.5 0 0 0-.5-.5h-1a.5.5 0 0 0-.5.5v1.293L8.354 1.146a.5.5 0 0 0-.708 0l-6 6A.5.5 0 0 0 1.5 7.5v7a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5z"/></svg></a>`);
+    } else if (i === len - 1) {
+      $breadcrumb.insertAdjacentHTML("beforeend", `<b>${encodedName}</b>`);
     } else {
-      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${encodeURI(path)}">${name}</a>`);
+      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${encodedPath}">${encodedName}</a>`);
+    }
+    if (i !== len - 1) {
+      $breadcrumb.insertAdjacentHTML("beforeend", `<span class="separator">/</span>`);
     }
-    $breadcrumb.insertAdjacentHTML("beforeend", `<span class="separator">/</span>`);
   }
 }
 
@@ -153,27 +152,31 @@ function addBreadcrumb(value) {
  * @param {number} index 
  */
 function addPath(file, index) {
-  const url = getUrl(file.name)
+  const encodedName = encodedStr(file.name);
+  let url = getUrl(file.name)
+  let encodedUrl = encodedStr(url);
   let actionDelete = "";
   let actionDownload = "";
   if (file.path_type.endsWith("Dir")) {
+    url += "/";
+    encodedUrl += "/";
     actionDownload = `
     <div class="action-btn">
-      <a href="${url}?zip" title="Download folder as a .zip file">
+      <a href="${encodedUrl}?zip" title="Download folder as a .zip file">
         <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>
       </a>
     </div>`;
   } else {
     actionDownload = `
     <div class="action-btn" >
-      <a href="${url}" title="Download file" download>
+      <a href="${encodedUrl}" title="Download file" download>
         <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>
       </a>
     </div>`;
   }
   if (DATA.allow_delete) {
     actionDelete = `
-    <div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete ${file.name}">
+    <div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete ${encodedName}">
       <svg width="16" height="16" fill="currentColor"viewBox="0 0 16 16"><path d="M6.854 7.146a.5.5 0 1 0-.708.708L7.293 9l-1.147 1.146a.5.5 0 0 0 .708.708L8 9.707l1.146 1.147a.5.5 0 0 0 .708-.708L8.707 9l1.147-1.146a.5.5 0 0 0-.708-.708L8 8.293 6.854 7.146z"/><path d="M14 14V4.5L9.5 0H4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2zM9.5 3A1.5 1.5 0 0 0 11 4.5h2V14a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1h5.5v2z"/></svg>
     </div>`;
   }
@@ -185,9 +188,11 @@ function addPath(file, index) {
 
   $pathsTableBody.insertAdjacentHTML("beforeend", `
 <tr id="addPath${index}">
+  <td class="path cell-icon">
+    ${getSvg(file.path_type)}
+  </td>
   <td class="path cell-name">
-    <div>${getSvg(file.path_type)}</div>
-    <a href="${url}" title="${file.name}">${file.name}</a>
+    <a href="${encodedUrl}">${encodedName}</a>
   </td>
   <td class="cell-mtime">${formatMtime(file.mtime)}</td>
   <td class="cell-size">${formatSize(file.size).join(" ")}</td>
@@ -275,12 +280,12 @@ function getSvg(path_type) {
   switch (path_type) {
     case "Dir":
       return `<svg height="16" viewBox="0 0 14 16" width="14"><path fill-rule="evenodd" d="M13 4H7V3c0-.66-.31-1-1-1H1c-.55 0-1 .45-1 1v10c0 .55.45 1 1 1h12c.55 0 1-.45 1-1V5c0-.55-.45-1-1-1zM6 4H1V3h5v1z"></path></svg>`;
-    case "File":
-      return `<svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M6 5H2V4h4v1zM2 8h7V7H2v1zm0 2h7V9H2v1zm0 2h7v-1H2v1zm10-7.5V14c0 .55-.45 1-1 1H1c-.55 0-1-.45-1-1V2c0-.55.45-1 1-1h7.5L12 4.5zM11 5L8 2H1v12h10V5z"></path></svg>`;
+    case "SymlinkFile":
+      return `<svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M8.5 1H1c-.55 0-1 .45-1 1v12c0 .55.45 1 1 1h10c.55 0 1-.45 1-1V4.5L8.5 1zM11 14H1V2h7l3 3v9zM6 4.5l4 3-4 3v-2c-.98-.02-1.84.22-2.55.7-.71.48-1.19 1.25-1.45 2.3.02-1.64.39-2.88 1.13-3.73.73-.84 1.69-1.27 2.88-1.27v-2H6z"></path></svg>`;
     case "SymlinkDir":
       return `<svg height="16" viewBox="0 0 14 16" width="14"><path fill-rule="evenodd" d="M13 4H7V3c0-.66-.31-1-1-1H1c-.55 0-1 .45-1 1v10c0 .55.45 1 1 1h12c.55 0 1-.45 1-1V5c0-.55-.45-1-1-1zM1 3h5v1H1V3zm6 9v-2c-.98-.02-1.84.22-2.55.7-.71.48-1.19 1.25-1.45 2.3.02-1.64.39-2.88 1.13-3.73C4.86 8.43 5.82 8 7.01 8V6l4 3-4 3H7z"></path></svg>`;
     default:
-      return `<svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M8.5 1H1c-.55 0-1 .45-1 1v12c0 .55.45 1 1 1h10c.55 0 1-.45 1-1V4.5L8.5 1zM11 14H1V2h7l3 3v9zM6 4.5l4 3-4 3v-2c-.98-.02-1.84.22-2.55.7-.71.48-1.19 1.25-1.45 2.3.02-1.64.39-2.88 1.13-3.73.73-.84 1.69-1.27 2.88-1.27v-2H6z"></path></svg>`;
+      return `<svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M6 5H2V4h4v1zM2 8h7V7H2v1zm0 2h7V9H2v1zm0 2h7v-1H2v1zm10-7.5V14c0 .55-.45 1-1 1H1c-.55 0-1-.45-1-1V2c0-.55.45-1 1-1h7.5L12 4.5zM11 5L8 2H1v12h10V5z"></path></svg>`;
   }
 }
 
@@ -292,7 +297,7 @@ function formatMtime(mtime) {
   const day = padZero(date.getDate(), 2);
   const hours = padZero(date.getHours(), 2);
   const minutes = padZero(date.getMinutes(), 2);
-  return `${year}/${month}/${day} ${hours}:${minutes}`;
+  return `${year}-${month}-${day} ${hours}:${minutes}`;
 }
 
 function padZero(value, size) {
@@ -323,17 +328,28 @@ function formatPercent(precent) {
   }
 }
 
+function encodedStr(rawStr) {
+  return rawStr.replace(/[\u00A0-\u9999<>\&]/g, function(i) {
+    return '&#'+i.charCodeAt(0)+';';
+  });
+}
+
 function ready() {
+  document.title = `Index of ${DATA.href} - Dufs`;
   $pathsTable = document.querySelector(".paths-table")
   $pathsTableBody = document.querySelector(".paths-table tbody");
   $uploadersTable = document.querySelector(".uploaders-table");
   $emptyFolder = document.querySelector(".empty-folder");
 
-  if (params.q) {
-    document.getElementById('search').value = params.q;
+  if (DATA.allow_search) {
+    document.querySelector(".searchbar").classList.remove("hidden");
+    if (params.q) {
+      document.getElementById('search').value = params.q;
+    }
   }
 
-  addBreadcrumb(DATA.breadcrumb);
+
+  addBreadcrumb(DATA.href, DATA.uri_prefix);
   if (Array.isArray(DATA.paths)) {
     const len = DATA.paths.length;
     if (len > 0) {

src/args.rs

@@ -1,25 +1,34 @@
-use clap::crate_description;
-use clap::{Arg, ArgMatches};
+use clap::{AppSettings, Arg, ArgMatches, Command};
+#[cfg(feature = "tls")]
 use rustls::{Certificate, PrivateKey};
-use std::net::{IpAddr, SocketAddr};
+use std::env;
+use std::net::IpAddr;
 use std::path::{Path, PathBuf};
-use std::{env, fs, io};
 
-use crate::auth::parse_auth;
+use crate::auth::AccessControl;
+use crate::auth::AuthMethod;
+#[cfg(feature = "tls")]
+use crate::tls::{load_certs, load_private_key};
 use crate::BoxResult;
 
-const ABOUT: &str = concat!("\n", crate_description!()); // Add extra newline.
-
-fn app() -> clap::Command<'static> {
-    clap::command!()
-        .about(ABOUT)
+fn app() -> Command<'static> {
+    let app = Command::new(env!("CARGO_CRATE_NAME"))
+        .version(env!("CARGO_PKG_VERSION"))
+        .author(env!("CARGO_PKG_AUTHORS"))
+        .about(concat!(
+            env!("CARGO_PKG_DESCRIPTION"),
+            " - ",
+            env!("CARGO_PKG_REPOSITORY")
+        ))
+        .global_setting(AppSettings::DeriveDisplayOrder)
         .arg(
-            Arg::new("address")
+            Arg::new("bind")
                 .short('b')
                 .long("bind")
-                .default_value("0.0.0.0")
                 .help("Specify bind address")
-                .value_name("address"),
+                .multiple_values(true)
+                .multiple_occurrences(true)
+                .value_name("addr"),
         )
         .arg(
             Arg::new("port")
@@ -33,13 +42,36 @@ fn app() -> clap::Command<'static> {
             Arg::new("path")
                 .default_value(".")
                 .allow_invalid_utf8(true)
-                .help("Path to a root directory for serving files"),
+                .help("Specific path to serve"),
         )
         .arg(
             Arg::new("path-prefix")
                 .long("path-prefix")
                 .value_name("path")
-                .help("Specify an url path prefix"),
+                .help("Specify an path prefix"),
+        )
+        .arg(
+            Arg::new("hidden")
+                .long("hidden")
+                .help("Hide directories from directory listings, separated by `,`")
+                .value_name("value"),
+        )
+        .arg(
+            Arg::new("auth")
+                .short('a')
+                .long("auth")
+                .help("Add auth for path")
+                .multiple_values(true)
+                .multiple_occurrences(true)
+                .value_name("rule"),
+        )
+        .arg(
+            Arg::new("auth-method")
+                .long("auth-method")
+                .help("Select auth method")
+                .possible_values(["basic", "digest"])
+                .default_value("digest")
+                .value_name("value"),
         )
         .arg(
             Arg::new("allow-all")
@@ -57,40 +89,39 @@ fn app() -> clap::Command<'static> {
                 .long("allow-delete")
                 .help("Allow delete files/folders"),
         )
+        .arg(
+            Arg::new("allow-search")
+                .long("allow-search")
+                .help("Allow search files/folders"),
+        )
         .arg(
             Arg::new("allow-symlink")
                 .long("allow-symlink")
                 .help("Allow symlink to files/folders outside root directory"),
         )
+        .arg(
+            Arg::new("enable-cors")
+                .long("enable-cors")
+                .help("Enable CORS, sets `Access-Control-Allow-Origin: *`"),
+        )
         .arg(
             Arg::new("render-index")
                 .long("render-index")
-                .help("Render index.html when requesting a directory"),
+                .help("Serve index.html when requesting a directory, returns 404 if not found index.html"),
+        )
+        .arg(
+            Arg::new("render-try-index")
+                .long("render-try-index")
+                .help("Serve index.html when requesting a directory, returns directory listing if not found index.html"),
         )
         .arg(
             Arg::new("render-spa")
                 .long("render-spa")
-                .help("Render for single-page application"),
-        )
-        .arg(
-            Arg::new("auth")
-                .short('a')
-                .display_order(1)
-                .long("auth")
-                .help("Use HTTP authentication")
-                .value_name("user:pass"),
-        )
-        .arg(
-            Arg::new("no-auth-access")
-                .display_order(1)
-                .long("no-auth-access")
-                .help("Not required auth when access static files"),
-        )
-        .arg(
-            Arg::new("cors")
-                .long("cors")
-                .help("Enable CORS, sets `Access-Control-Allow-Origin: *`"),
-        )
+                .help("Serve SPA(Single Page Application)"),
+        );
+
+    #[cfg(feature = "tls")]
+    let app = app
         .arg(
             Arg::new("tls-cert")
                 .long("tls-cert")
@@ -102,28 +133,38 @@ fn app() -> clap::Command<'static> {
                 .long("tls-key")
                 .value_name("path")
                 .help("Path to the SSL/TLS certificate's private key"),
-        )
+        );
+
+    app
 }
 
 pub fn matches() -> ArgMatches {
     app().get_matches()
 }
 
-#[derive(Debug, Clone, Eq, PartialEq)]
+#[derive(Debug)]
 pub struct Args {
-    pub addr: SocketAddr,
+    pub addrs: Vec<IpAddr>,
+    pub port: u16,
     pub path: PathBuf,
+    pub path_is_file: bool,
     pub path_prefix: String,
     pub uri_prefix: String,
-    pub auth: Option<(String, String)>,
-    pub no_auth_access: bool,
+    pub hidden: String,
+    pub auth_method: AuthMethod,
+    pub auth: AccessControl,
     pub allow_upload: bool,
     pub allow_delete: bool,
+    pub allow_search: bool,
     pub allow_symlink: bool,
     pub render_index: bool,
     pub render_spa: bool,
-    pub cors: bool,
+    pub render_try_index: bool,
+    pub enable_cors: bool,
+    #[cfg(feature = "tls")]
     pub tls: Option<(Vec<Certificate>, PrivateKey)>,
+    #[cfg(not(feature = "tls"))]
+    pub tls: Option<()>,
 }
 
 impl Args {
@@ -132,10 +173,14 @@ impl Args {
     /// If a parsing error ocurred, exit the process and print out informative
     /// error message to user.
     pub fn parse(matches: ArgMatches) -> BoxResult<Args> {
-        let ip = matches.value_of("address").unwrap_or_default();
         let port = matches.value_of_t::<u16>("port")?;
-        let addr = to_addr(ip, port)?;
+        let addrs = matches
+            .values_of("bind")
+            .map(|v| v.collect())
+            .unwrap_or_else(|| vec!["0.0.0.0", "::"]);
+        let addrs: Vec<IpAddr> = Args::parse_addrs(&addrs)?;
         let path = Args::parse_path(matches.value_of_os("path").unwrap_or_default())?;
+        let path_is_file = path.metadata()?.is_file();
         let path_prefix = matches
             .value_of("path-prefix")
             .map(|v| v.trim_matches('/').to_owned())
@@ -145,17 +190,28 @@ impl Args {
         } else {
             format!("/{}/", &path_prefix)
         };
-        let cors = matches.is_present("cors");
-        let auth = match matches.value_of("auth") {
-            Some(auth) => Some(parse_auth(auth)?),
-            None => None,
+        let hidden: String = matches
+            .value_of("hidden")
+            .map(|v| format!(",{},", v))
+            .unwrap_or_default();
+        let enable_cors = matches.is_present("enable-cors");
+        let auth: Vec<&str> = matches
+            .values_of("auth")
+            .map(|v| v.collect())
+            .unwrap_or_default();
+        let auth_method = match matches.value_of("auth-method").unwrap() {
+            "basic" => AuthMethod::Basic,
+            _ => AuthMethod::Digest,
         };
-        let no_auth_access = matches.is_present("no-auth-access");
+        let auth = AccessControl::new(&auth, &uri_prefix)?;
         let allow_upload = matches.is_present("allow-all") || matches.is_present("allow-upload");
         let allow_delete = matches.is_present("allow-all") || matches.is_present("allow-delete");
+        let allow_search = matches.is_present("allow-all") || matches.is_present("allow-search");
         let allow_symlink = matches.is_present("allow-all") || matches.is_present("allow-symlink");
         let render_index = matches.is_present("render-index");
+        let render_try_index = matches.is_present("render-try-index");
         let render_spa = matches.is_present("render-spa");
+        #[cfg(feature = "tls")]
         let tls = match (matches.value_of("tls-cert"), matches.value_of("tls-key")) {
             (Some(certs_file), Some(key_file)) => {
                 let certs = load_certs(certs_file)?;
@@ -164,25 +220,50 @@ impl Args {
             }
             _ => None,
         };
+        #[cfg(not(feature = "tls"))]
+        let tls = None;
 
         Ok(Args {
-            addr,
+            addrs,
+            port,
             path,
+            path_is_file,
             path_prefix,
             uri_prefix,
+            hidden,
+            auth_method,
             auth,
-            no_auth_access,
-            cors,
+            enable_cors,
             allow_delete,
             allow_upload,
+            allow_search,
             allow_symlink,
             render_index,
+            render_try_index,
             render_spa,
             tls,
         })
     }
 
-    /// Parse path.
+    fn parse_addrs(addrs: &[&str]) -> BoxResult<Vec<IpAddr>> {
+        let mut ip_addrs = vec![];
+        let mut invalid_addrs = vec![];
+        for addr in addrs {
+            match addr.parse::<IpAddr>() {
+                Ok(v) => {
+                    ip_addrs.push(v);
+                }
+                Err(_) => {
+                    invalid_addrs.push(*addr);
+                }
+            }
+        }
+        if !invalid_addrs.is_empty() {
+            return Err(format!("Invalid bind address `{}`", invalid_addrs.join(",")).into());
+        }
+        Ok(ip_addrs)
+    }
+
     fn parse_path<P: AsRef<Path>>(path: P) -> BoxResult<PathBuf> {
         let path = path.as_ref();
         if !path.exists() {
@@ -197,43 +278,3 @@ impl Args {
             .map_err(|err| format!("Failed to access path `{}`: {}", path.display(), err,).into())
     }
 }
-
-fn to_addr(ip: &str, port: u16) -> BoxResult<SocketAddr> {
-    let ip: IpAddr = ip.parse()?;
-    Ok(SocketAddr::new(ip, port))
-}
-
-// Load public certificate from file.
-fn load_certs(filename: &str) -> BoxResult<Vec<Certificate>> {
-    // Open certificate file.
-    let certfile = fs::File::open(&filename)
-        .map_err(|e| format!("Failed to access `{}`, {}", &filename, e))?;
-    let mut reader = io::BufReader::new(certfile);
-
-    // Load and return certificate.
-    let certs = rustls_pemfile::certs(&mut reader).map_err(|_| "Failed to load certificate")?;
-    if certs.is_empty() {
-        return Err("No supported certificate in file".into());
-    }
-    Ok(certs.into_iter().map(Certificate).collect())
-}
-
-// Load private key from file.
-fn load_private_key(filename: &str) -> BoxResult<PrivateKey> {
-    // Open keyfile.
-    let keyfile = fs::File::open(&filename)
-        .map_err(|e| format!("Failed to access `{}`, {}", &filename, e))?;
-    let mut reader = io::BufReader::new(keyfile);
-
-    // Load and return a single private key.
-    let keys = rustls_pemfile::read_all(&mut reader)
-        .map_err(|e| format!("There was a problem with reading private key: {:?}", e))?
-        .into_iter()
-        .find_map(|item| match item {
-            rustls_pemfile::Item::RSAKey(key) | rustls_pemfile::Item::PKCS8Key(key) => Some(key),
-            _ => None,
-        })
-        .ok_or("No supported private key in file")?;
-
-    Ok(PrivateKey(keys))
-}

src/auth.rs

@@ -1,4 +1,5 @@
 use headers::HeaderValue;
+use hyper::Method;
 use lazy_static::lazy_static;
 use md5::Context;
 use std::{
@@ -7,9 +8,10 @@ use std::{
 };
 use uuid::Uuid;
 
+use crate::utils::encode_uri;
 use crate::BoxResult;
 
-const REALM: &str = "DUF";
+const REALM: &str = "DUFS";
 
 lazy_static! {
     static ref NONCESTARTHASH: Context = {
@@ -20,100 +22,279 @@ lazy_static! {
     };
 }
 
-pub fn generate_www_auth(stale: bool) -> String {
-    let str_stale = if stale { "stale=true," } else { "" };
-    format!(
-        "Digest realm=\"{}\",nonce=\"{}\",{}qop=\"auth\",algorithm=\"MD5\"",
-        REALM,
-        create_nonce(),
-        str_stale
-    )
+#[derive(Debug)]
+pub struct AccessControl {
+    rules: HashMap<String, PathControl>,
 }
 
-pub fn parse_auth(auth: &str) -> BoxResult<(String, String)> {
-    let p: Vec<&str> = auth.trim().split(':').collect();
-    let err = "Invalid auth value";
-    if p.len() != 2 {
-        return Err(err.into());
-    }
-    let user = p[0];
-    let pass = p[1];
-    let mut h = Context::new();
-    h.consume(format!("{}:{}:{}", user, REALM, pass).as_bytes());
-    Ok((user.to_owned(), format!("{:x}", h.compute())))
+#[derive(Debug)]
+pub struct PathControl {
+    readwrite: Account,
+    readonly: Option<Account>,
+    share: bool,
 }
 
-pub fn valid_digest(
-    header_value: &HeaderValue,
-    method: &str,
-    auth_user: &str,
-    auth_pass: &str,
-) -> Option<()> {
-    let digest_value = strip_prefix(header_value.as_bytes(), b"Digest ")?;
-    let user_vals = to_headermap(digest_value).ok()?;
-    if let (Some(username), Some(nonce), Some(user_response)) = (
-        user_vals
-            .get(b"username".as_ref())
-            .and_then(|b| std::str::from_utf8(*b).ok()),
-        user_vals.get(b"nonce".as_ref()),
-        user_vals.get(b"response".as_ref()),
-    ) {
-        match validate_nonce(nonce) {
-            Ok(true) => {}
-            _ => return None,
+impl AccessControl {
+    pub fn new(raw_rules: &[&str], uri_prefix: &str) -> BoxResult<Self> {
+        let mut rules = HashMap::default();
+        if raw_rules.is_empty() {
+            return Ok(Self { rules });
         }
-        if auth_user != username {
+        for rule in raw_rules {
+            let parts: Vec<&str> = rule.split('@').collect();
+            let create_err = || format!("Invalid auth `{}`", rule).into();
+            match parts.as_slice() {
+                [path, readwrite] => {
+                    let control = PathControl {
+                        readwrite: Account::new(readwrite).ok_or_else(create_err)?,
+                        readonly: None,
+                        share: false,
+                    };
+                    rules.insert(sanitize_path(path, uri_prefix), control);
+                }
+                [path, readwrite, readonly] => {
+                    let (readonly, share) = if *readonly == "*" {
+                        (None, true)
+                    } else {
+                        (Some(Account::new(readonly).ok_or_else(create_err)?), false)
+                    };
+                    let control = PathControl {
+                        readwrite: Account::new(readwrite).ok_or_else(create_err)?,
+                        readonly,
+                        share,
+                    };
+                    rules.insert(sanitize_path(path, uri_prefix), control);
+                }
+                _ => return Err(create_err()),
+            }
+        }
+        Ok(Self { rules })
+    }
+
+    pub fn guard(
+        &self,
+        path: &str,
+        method: &Method,
+        authorization: Option<&HeaderValue>,
+        auth_method: AuthMethod,
+    ) -> GuardType {
+        if self.rules.is_empty() {
+            return GuardType::ReadWrite;
+        }
+        let mut controls = vec![];
+        for path in walk_path(path) {
+            if let Some(control) = self.rules.get(path) {
+                controls.push(control);
+                if let Some(authorization) = authorization {
+                    let Account { user, pass } = &control.readwrite;
+                    if auth_method
+                        .validate(authorization, method.as_str(), user, pass)
+                        .is_some()
+                    {
+                        return GuardType::ReadWrite;
+                    }
+                }
+            }
+        }
+        if is_readonly_method(method) {
+            for control in controls.into_iter() {
+                if control.share {
+                    return GuardType::ReadOnly;
+                }
+                if let Some(authorization) = authorization {
+                    if let Some(Account { user, pass }) = &control.readonly {
+                        if auth_method
+                            .validate(authorization, method.as_str(), user, pass)
+                            .is_some()
+                        {
+                            return GuardType::ReadOnly;
+                        }
+                    }
+                }
+            }
+        }
+        GuardType::Reject
+    }
+}
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord)]
+pub enum GuardType {
+    Reject,
+    ReadWrite,
+    ReadOnly,
+}
+
+impl GuardType {
+    pub fn is_reject(&self) -> bool {
+        *self == GuardType::Reject
+    }
+}
+
+fn sanitize_path(path: &str, uri_prefix: &str) -> String {
+    encode_uri(&format!("{}{}", uri_prefix, path.trim_matches('/')))
+}
+
+fn walk_path(path: &str) -> impl Iterator<Item = &str> {
+    let mut idx = 0;
+    path.split('/').enumerate().map(move |(i, part)| {
+        let end = if i == 0 { 1 } else { idx + part.len() + i };
+        let value = &path[..end];
+        idx += part.len();
+        value
+    })
+}
+
+fn is_readonly_method(method: &Method) -> bool {
+    method == Method::GET
+        || method == Method::OPTIONS
+        || method == Method::HEAD
+        || method.as_str() == "PROPFIND"
+}
+
+#[derive(Debug, Clone)]
+struct Account {
+    user: String,
+    pass: String,
+}
+
+impl Account {
+    fn new(data: &str) -> Option<Self> {
+        let p: Vec<&str> = data.trim().split(':').collect();
+        if p.len() != 2 {
             return None;
         }
-        let mut ha = Context::new();
-        ha.consume(method);
-        ha.consume(b":");
-        if let Some(uri) = user_vals.get(b"uri".as_ref()) {
-            ha.consume(uri);
-        }
-        let ha = format!("{:x}", ha.compute());
-        let mut correct_response = None;
-        if let Some(qop) = user_vals.get(b"qop".as_ref()) {
-            if qop == &b"auth".as_ref() || qop == &b"auth-int".as_ref() {
-                correct_response = Some({
-                    let mut c = Context::new();
-                    c.consume(&auth_pass);
-                    c.consume(b":");
-                    c.consume(nonce);
-                    c.consume(b":");
-                    if let Some(nc) = user_vals.get(b"nc".as_ref()) {
-                        c.consume(nc);
-                    }
-                    c.consume(b":");
-                    if let Some(cnonce) = user_vals.get(b"cnonce".as_ref()) {
-                        c.consume(cnonce);
-                    }
-                    c.consume(b":");
-                    c.consume(qop);
-                    c.consume(b":");
-                    c.consume(&*ha);
-                    format!("{:x}", c.compute())
-                });
+        let user = p[0];
+        let pass = p[1];
+        let mut h = Context::new();
+        h.consume(format!("{}:{}:{}", user, REALM, pass).as_bytes());
+        Some(Account {
+            user: user.to_owned(),
+            pass: format!("{:x}", h.compute()),
+        })
+    }
+}
+
+#[derive(Debug, Clone)]
+pub enum AuthMethod {
+    Basic,
+    Digest,
+}
+
+impl AuthMethod {
+    pub fn www_auth(&self, stale: bool) -> String {
+        match self {
+            AuthMethod::Basic => {
+                format!("Basic realm=\"{}\"", REALM)
             }
-        }
-        let correct_response = match correct_response {
-            Some(r) => r,
-            None => {
-                let mut c = Context::new();
-                c.consume(&auth_pass);
-                c.consume(b":");
-                c.consume(nonce);
-                c.consume(b":");
-                c.consume(&*ha);
-                format!("{:x}", c.compute())
+            AuthMethod::Digest => {
+                let str_stale = if stale { "stale=true," } else { "" };
+                format!(
+                    "Digest realm=\"{}\",nonce=\"{}\",{}qop=\"auth\"",
+                    REALM,
+                    create_nonce(),
+                    str_stale
+                )
+            }
+        }
+    }
+    pub fn validate(
+        &self,
+        authorization: &HeaderValue,
+        method: &str,
+        auth_user: &str,
+        auth_pass: &str,
+    ) -> Option<()> {
+        match self {
+            AuthMethod::Basic => {
+                let value: Vec<u8> =
+                    base64::decode(strip_prefix(authorization.as_bytes(), b"Basic ").unwrap())
+                        .unwrap();
+                let parts: Vec<&str> = std::str::from_utf8(&value).unwrap().split(':').collect();
+
+                if parts[0] != auth_user {
+                    return None;
+                }
+
+                let mut h = Context::new();
+                h.consume(format!("{}:{}:{}", parts[0], REALM, parts[1]).as_bytes());
+
+                let http_pass = format!("{:x}", h.compute());
+
+                if http_pass == auth_pass {
+                    return Some(());
+                }
+
+                None
+            }
+            AuthMethod::Digest => {
+                let digest_value = strip_prefix(authorization.as_bytes(), b"Digest ")?;
+                let user_vals = to_headermap(digest_value).ok()?;
+                if let (Some(username), Some(nonce), Some(user_response)) = (
+                    user_vals
+                        .get(b"username".as_ref())
+                        .and_then(|b| std::str::from_utf8(*b).ok()),
+                    user_vals.get(b"nonce".as_ref()),
+                    user_vals.get(b"response".as_ref()),
+                ) {
+                    match validate_nonce(nonce) {
+                        Ok(true) => {}
+                        _ => return None,
+                    }
+                    if auth_user != username {
+                        return None;
+                    }
+                    let mut ha = Context::new();
+                    ha.consume(method);
+                    ha.consume(b":");
+                    if let Some(uri) = user_vals.get(b"uri".as_ref()) {
+                        ha.consume(uri);
+                    }
+                    let ha = format!("{:x}", ha.compute());
+                    let mut correct_response = None;
+                    if let Some(qop) = user_vals.get(b"qop".as_ref()) {
+                        if qop == &b"auth".as_ref() || qop == &b"auth-int".as_ref() {
+                            correct_response = Some({
+                                let mut c = Context::new();
+                                c.consume(&auth_pass);
+                                c.consume(b":");
+                                c.consume(nonce);
+                                c.consume(b":");
+                                if let Some(nc) = user_vals.get(b"nc".as_ref()) {
+                                    c.consume(nc);
+                                }
+                                c.consume(b":");
+                                if let Some(cnonce) = user_vals.get(b"cnonce".as_ref()) {
+                                    c.consume(cnonce);
+                                }
+                                c.consume(b":");
+                                c.consume(qop);
+                                c.consume(b":");
+                                c.consume(&*ha);
+                                format!("{:x}", c.compute())
+                            });
+                        }
+                    }
+                    let correct_response = match correct_response {
+                        Some(r) => r,
+                        None => {
+                            let mut c = Context::new();
+                            c.consume(&auth_pass);
+                            c.consume(b":");
+                            c.consume(nonce);
+                            c.consume(b":");
+                            c.consume(&*ha);
+                            format!("{:x}", c.compute())
+                        }
+                    };
+                    if correct_response.as_bytes() == *user_response {
+                        // grant access
+                        return Some(());
+                    }
+                }
+                None
             }
-        };
-        if correct_response.as_bytes() == *user_response {
-            // grant access
-            return Some(());
         }
     }
-    None
 }
 
 /// Check if a nonce is still valid.

src/logger.rs

@@ -0,0 +1,30 @@
+use chrono::{Local, SecondsFormat};
+use log::{Level, Metadata, Record};
+use log::{LevelFilter, SetLoggerError};
+
+struct SimpleLogger;
+
+impl log::Log for SimpleLogger {
+    fn enabled(&self, metadata: &Metadata) -> bool {
+        metadata.level() <= Level::Info
+    }
+
+    fn log(&self, record: &Record) {
+        if self.enabled(record.metadata()) {
+            let timestamp = Local::now().to_rfc3339_opts(SecondsFormat::Secs, true);
+            if record.level() < Level::Info {
+                eprintln!("{} {} - {}", timestamp, record.level(), record.args());
+            } else {
+                println!("{} {} - {}", timestamp, record.level(), record.args());
+            }
+        }
+    }
+
+    fn flush(&self) {}
+}
+
+static LOGGER: SimpleLogger = SimpleLogger;
+
+pub fn init() -> Result<(), SetLoggerError> {
+    log::set_logger(&LOGGER).map(|()| log::set_max_level(LevelFilter::Info))
+}

src/main.rs

@@ -1,17 +1,34 @@
 mod args;
 mod auth;
+mod logger;
 mod server;
+mod streamer;
+#[cfg(feature = "tls")]
+mod tls;
+mod utils;
 
 #[macro_use]
 extern crate log;
 
-pub type BoxResult<T> = Result<T, Box<dyn std::error::Error>>;
-
-use std::env;
-use std::io::Write;
-
 use crate::args::{matches, Args};
-use crate::server::serve;
+use crate::server::{Request, Server};
+#[cfg(feature = "tls")]
+use crate::tls::{TlsAcceptor, TlsStream};
+
+use std::net::{IpAddr, SocketAddr, TcpListener as StdTcpListener};
+use std::sync::atomic::{AtomicBool, Ordering};
+use std::sync::Arc;
+
+use futures::future::join_all;
+use tokio::net::TcpListener;
+use tokio::task::JoinHandle;
+
+use hyper::server::conn::{AddrIncoming, AddrStream};
+use hyper::service::{make_service_fn, service_fn};
+#[cfg(feature = "tls")]
+use rustls::ServerConfig;
+
+pub type BoxResult<T> = Result<T, Box<dyn std::error::Error>>;
 
 #[tokio::main]
 async fn main() {
@@ -19,27 +36,152 @@ async fn main() {
 }
 
 async fn run() -> BoxResult<()> {
-    if env::var("RUST_LOG").is_err() {
-        env::set_var("RUST_LOG", "info")
-    }
-    env_logger::builder()
-        .format(|buf, record| {
-            let timestamp = buf.timestamp();
-            writeln!(buf, "[{} {}] {}", timestamp, record.level(), record.args())
-        })
-        .init();
-
+    logger::init().map_err(|e| format!("Failed to init logger, {}", e))?;
     let args = Args::parse(matches())?;
+    let args = Arc::new(args);
+    let running = Arc::new(AtomicBool::new(true));
+    let handles = serve(args.clone(), running.clone())?;
+    print_listening(args)?;
+
     tokio::select! {
-        ret = serve(args) => {
-            ret
+        ret = join_all(handles) => {
+            for r in ret {
+                if let Err(e) = r {
+                    error!("{}", e);
+                }
+            }
+            Ok(())
         },
         _ = shutdown_signal() => {
+            running.store(false, Ordering::SeqCst);
             Ok(())
         },
     }
 }
 
+fn serve(
+    args: Arc<Args>,
+    running: Arc<AtomicBool>,
+) -> BoxResult<Vec<JoinHandle<Result<(), hyper::Error>>>> {
+    let inner = Arc::new(Server::new(args.clone(), running));
+    let mut handles = vec![];
+    let port = args.port;
+    for ip in args.addrs.iter() {
+        let inner = inner.clone();
+        let incoming = create_addr_incoming(SocketAddr::new(*ip, port))
+            .map_err(|e| format!("Failed to bind `{}:{}`, {}", ip, port, e))?;
+        let serv_func = move |remote_addr: SocketAddr| {
+            let inner = inner.clone();
+            async move {
+                Ok::<_, hyper::Error>(service_fn(move |req: Request| {
+                    let inner = inner.clone();
+                    inner.call(req, remote_addr)
+                }))
+            }
+        };
+        match args.tls.as_ref() {
+            #[cfg(feature = "tls")]
+            Some((certs, key)) => {
+                let config = ServerConfig::builder()
+                    .with_safe_defaults()
+                    .with_no_client_auth()
+                    .with_single_cert(certs.clone(), key.clone())?;
+                let config = Arc::new(config);
+                let accepter = TlsAcceptor::new(config.clone(), incoming);
+                let new_service = make_service_fn(move |socket: &TlsStream| {
+                    let remote_addr = socket.remote_addr();
+                    serv_func(remote_addr)
+                });
+                let server = tokio::spawn(hyper::Server::builder(accepter).serve(new_service));
+                handles.push(server);
+            }
+            #[cfg(not(feature = "tls"))]
+            Some(_) => {
+                unreachable!()
+            }
+            None => {
+                let new_service = make_service_fn(move |socket: &AddrStream| {
+                    let remote_addr = socket.remote_addr();
+                    serv_func(remote_addr)
+                });
+                let server = tokio::spawn(hyper::Server::builder(incoming).serve(new_service));
+                handles.push(server);
+            }
+        };
+    }
+    Ok(handles)
+}
+
+fn create_addr_incoming(addr: SocketAddr) -> BoxResult<AddrIncoming> {
+    use socket2::{Domain, Protocol, Socket, Type};
+    let socket = Socket::new(Domain::for_address(addr), Type::STREAM, Some(Protocol::TCP))?;
+    if addr.is_ipv6() {
+        socket.set_only_v6(true)?;
+    }
+    socket.set_reuse_address(true)?;
+    socket.bind(&addr.into())?;
+    socket.listen(1024 /* Default backlog */)?;
+    let std_listener = StdTcpListener::from(socket);
+    std_listener.set_nonblocking(true)?;
+    let incoming = AddrIncoming::from_listener(TcpListener::from_std(std_listener)?)?;
+    Ok(incoming)
+}
+
+fn print_listening(args: Arc<Args>) -> BoxResult<()> {
+    let mut addrs = vec![];
+    let (mut ipv4, mut ipv6) = (false, false);
+    for ip in args.addrs.iter() {
+        if ip.is_unspecified() {
+            if ip.is_ipv6() {
+                ipv6 = true;
+            } else {
+                ipv4 = true;
+            }
+        } else {
+            addrs.push(*ip);
+        }
+    }
+    if ipv4 || ipv6 {
+        let ifaces = if_addrs::get_if_addrs()
+            .map_err(|e| format!("Failed to get local interface addresses: {}", e))?;
+        for iface in ifaces.into_iter() {
+            let local_ip = iface.ip();
+            if ipv4 && local_ip.is_ipv4() {
+                addrs.push(local_ip)
+            }
+            if ipv6 && local_ip.is_ipv6() {
+                addrs.push(local_ip)
+            }
+        }
+    }
+    addrs.sort_unstable();
+    let urls = addrs
+        .into_iter()
+        .map(|addr| match addr {
+            IpAddr::V4(_) => format!("{}:{}", addr, args.port),
+            IpAddr::V6(_) => format!("[{}]:{}", addr, args.port),
+        })
+        .map(|addr| match &args.tls {
+            Some(_) => format!("https://{}", addr),
+            None => format!("http://{}", addr),
+        })
+        .map(|url| format!("{}{}", url, args.uri_prefix))
+        .collect::<Vec<_>>();
+
+    if urls.len() == 1 {
+        println!("Listening on {}", urls[0]);
+    } else {
+        let info = urls
+            .iter()
+            .map(|v| format!("  {}", v))
+            .collect::<Vec<String>>()
+            .join("\n");
+        println!("Listening on:\n{}\n", info);
+    }
+
+    Ok(())
+}
+
 fn handle_err<T>(err: Box<dyn std::error::Error>) -> T {
     eprintln!("error: {}", err);
     std::process::exit(1);

src/streamer.rs

@@ -0,0 +1,68 @@
+use async_stream::stream;
+use futures::{Stream, StreamExt};
+use std::io::Error;
+use std::pin::Pin;
+use tokio::io::{AsyncRead, AsyncReadExt};
+
+pub struct Streamer<R>
+where
+    R: AsyncRead + Unpin + Send + 'static,
+{
+    reader: R,
+    buf_size: usize,
+}
+
+impl<R> Streamer<R>
+where
+    R: AsyncRead + Unpin + Send + 'static,
+{
+    #[inline]
+    pub fn new(reader: R, buf_size: usize) -> Self {
+        Self { reader, buf_size }
+    }
+    pub fn into_stream(
+        mut self,
+    ) -> Pin<Box<impl ?Sized + Stream<Item = Result<Vec<u8>, Error>> + 'static>> {
+        let stream = stream! {
+            loop {
+                let mut buf = vec![0; self.buf_size];
+                let r = self.reader.read(&mut buf).await?;
+                if r == 0 {
+                    break
+                }
+                buf.truncate(r);
+                yield Ok(buf);
+            }
+        };
+        stream.boxed()
+    }
+    // allow truncation as truncated remaining is always less than buf_size: usize
+    pub fn into_stream_sized(
+        mut self,
+        max_length: u64,
+    ) -> Pin<Box<impl ?Sized + Stream<Item = Result<Vec<u8>, Error>> + 'static>> {
+        let stream = stream! {
+        let mut remaining = max_length;
+            loop {
+                if remaining == 0 {
+                    break;
+                }
+                let bs = if remaining >= self.buf_size as u64 {
+                    self.buf_size
+                } else {
+                    remaining as usize
+                };
+                let mut buf = vec![0; bs];
+                let r = self.reader.read(&mut buf).await?;
+                if r == 0 {
+                    break;
+                } else {
+                    buf.truncate(r);
+                    yield Ok(buf);
+                }
+                remaining -= r as u64;
+            }
+        };
+        stream.boxed()
+    }
+}

src/tls.rs

@@ -0,0 +1,158 @@
+use core::task::{Context, Poll};
+use futures::ready;
+use hyper::server::accept::Accept;
+use hyper::server::conn::{AddrIncoming, AddrStream};
+use rustls::{Certificate, PrivateKey};
+use std::future::Future;
+use std::net::SocketAddr;
+use std::pin::Pin;
+use std::sync::Arc;
+use std::{fs, io};
+use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};
+use tokio_rustls::rustls::ServerConfig;
+
+enum State {
+    Handshaking(tokio_rustls::Accept<AddrStream>),
+    Streaming(tokio_rustls::server::TlsStream<AddrStream>),
+}
+
+// tokio_rustls::server::TlsStream doesn't expose constructor methods,
+// so we have to TlsAcceptor::accept and handshake to have access to it
+// TlsStream implements AsyncRead/AsyncWrite handshaking tokio_rustls::Accept first
+pub struct TlsStream {
+    state: State,
+    remote_addr: SocketAddr,
+}
+
+impl TlsStream {
+    fn new(stream: AddrStream, config: Arc<ServerConfig>) -> TlsStream {
+        let remote_addr = stream.remote_addr();
+        let accept = tokio_rustls::TlsAcceptor::from(config).accept(stream);
+        TlsStream {
+            state: State::Handshaking(accept),
+            remote_addr,
+        }
+    }
+    pub fn remote_addr(&self) -> SocketAddr {
+        self.remote_addr
+    }
+}
+
+impl AsyncRead for TlsStream {
+    fn poll_read(
+        self: Pin<&mut Self>,
+        cx: &mut Context,
+        buf: &mut ReadBuf,
+    ) -> Poll<io::Result<()>> {
+        let pin = self.get_mut();
+        match pin.state {
+            State::Handshaking(ref mut accept) => match ready!(Pin::new(accept).poll(cx)) {
+                Ok(mut stream) => {
+                    let result = Pin::new(&mut stream).poll_read(cx, buf);
+                    pin.state = State::Streaming(stream);
+                    result
+                }
+                Err(err) => Poll::Ready(Err(err)),
+            },
+            State::Streaming(ref mut stream) => Pin::new(stream).poll_read(cx, buf),
+        }
+    }
+}
+
+impl AsyncWrite for TlsStream {
+    fn poll_write(
+        self: Pin<&mut Self>,
+        cx: &mut Context<'_>,
+        buf: &[u8],
+    ) -> Poll<io::Result<usize>> {
+        let pin = self.get_mut();
+        match pin.state {
+            State::Handshaking(ref mut accept) => match ready!(Pin::new(accept).poll(cx)) {
+                Ok(mut stream) => {
+                    let result = Pin::new(&mut stream).poll_write(cx, buf);
+                    pin.state = State::Streaming(stream);
+                    result
+                }
+                Err(err) => Poll::Ready(Err(err)),
+            },
+            State::Streaming(ref mut stream) => Pin::new(stream).poll_write(cx, buf),
+        }
+    }
+
+    fn poll_flush(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<io::Result<()>> {
+        match self.state {
+            State::Handshaking(_) => Poll::Ready(Ok(())),
+            State::Streaming(ref mut stream) => Pin::new(stream).poll_flush(cx),
+        }
+    }
+
+    fn poll_shutdown(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<io::Result<()>> {
+        match self.state {
+            State::Handshaking(_) => Poll::Ready(Ok(())),
+            State::Streaming(ref mut stream) => Pin::new(stream).poll_shutdown(cx),
+        }
+    }
+}
+
+pub struct TlsAcceptor {
+    config: Arc<ServerConfig>,
+    incoming: AddrIncoming,
+}
+
+impl TlsAcceptor {
+    pub fn new(config: Arc<ServerConfig>, incoming: AddrIncoming) -> TlsAcceptor {
+        TlsAcceptor { config, incoming }
+    }
+}
+
+impl Accept for TlsAcceptor {
+    type Conn = TlsStream;
+    type Error = io::Error;
+
+    fn poll_accept(
+        self: Pin<&mut Self>,
+        cx: &mut Context<'_>,
+    ) -> Poll<Option<Result<Self::Conn, Self::Error>>> {
+        let pin = self.get_mut();
+        match ready!(Pin::new(&mut pin.incoming).poll_accept(cx)) {
+            Some(Ok(sock)) => Poll::Ready(Some(Ok(TlsStream::new(sock, pin.config.clone())))),
+            Some(Err(e)) => Poll::Ready(Some(Err(e))),
+            None => Poll::Ready(None),
+        }
+    }
+}
+
+// Load public certificate from file.
+pub fn load_certs(filename: &str) -> Result<Vec<Certificate>, Box<dyn std::error::Error>> {
+    // Open certificate file.
+    let certfile = fs::File::open(&filename)
+        .map_err(|e| format!("Failed to access `{}`, {}", &filename, e))?;
+    let mut reader = io::BufReader::new(certfile);
+
+    // Load and return certificate.
+    let certs = rustls_pemfile::certs(&mut reader).map_err(|_| "Failed to load certificate")?;
+    if certs.is_empty() {
+        return Err("No supported certificate in file".into());
+    }
+    Ok(certs.into_iter().map(Certificate).collect())
+}
+
+// Load private key from file.
+pub fn load_private_key(filename: &str) -> Result<PrivateKey, Box<dyn std::error::Error>> {
+    // Open keyfile.
+    let keyfile = fs::File::open(&filename)
+        .map_err(|e| format!("Failed to access `{}`, {}", &filename, e))?;
+    let mut reader = io::BufReader::new(keyfile);
+
+    // Load and return a single private key.
+    let keys = rustls_pemfile::read_all(&mut reader)
+        .map_err(|e| format!("There was a problem with reading private key: {:?}", e))?
+        .into_iter()
+        .find_map(|item| match item {
+            rustls_pemfile::Item::RSAKey(key) | rustls_pemfile::Item::PKCS8Key(key) => Some(key),
+            _ => None,
+        })
+        .ok_or("No supported private key in file")?;
+
+    Ok(PrivateKey(keys))
+}

src/utils.rs

@@ -0,0 +1,25 @@
+use crate::BoxResult;
+use std::{borrow::Cow, path::Path};
+
+pub fn encode_uri(v: &str) -> String {
+    let parts: Vec<_> = v.split('/').map(urlencoding::encode).collect();
+    parts.join("/")
+}
+
+pub fn decode_uri(v: &str) -> Option<Cow<str>> {
+    percent_encoding::percent_decode(v.as_bytes())
+        .decode_utf8()
+        .ok()
+}
+
+pub fn get_file_name(path: &Path) -> &str {
+    path.file_name()
+        .and_then(|v| v.to_str())
+        .unwrap_or_default()
+}
+
+pub fn try_get_file_name(path: &Path) -> BoxResult<&str> {
+    path.file_name()
+        .and_then(|v| v.to_str())
+        .ok_or_else(|| format!("Failed to get file name of `{}`", path.display()).into())
+}

tests/allow.rs

@@ -59,3 +59,15 @@ fn allow_upload_delete_can_override(#[with(&["-A"])] server: TestServer) -> Resu
     assert_eq!(resp.status(), 201);
     Ok(())
 }
+
+#[rstest]
+fn allow_search(#[with(&["--allow-search"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "test.html"))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrive_index_paths(&resp.text()?);
+    assert!(!paths.is_empty());
+    for p in paths {
+        assert!(p.contains("test.html"));
+    }
+    Ok(())
+}

tests/args.rs

@@ -1,13 +1,16 @@
 mod fixtures;
 mod utils;
 
-use fixtures::{server, Error, TestServer};
+use assert_cmd::prelude::*;
+use assert_fs::fixture::TempDir;
+use fixtures::{port, server, tmpdir, wait_for_port, Error, TestServer};
 use rstest::rstest;
+use std::process::{Command, Stdio};
 
 #[rstest]
 fn path_prefix_index(#[with(&["--path-prefix", "xyz"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(format!("{}{}", server.url(), "xyz"))?;
-    assert_index_resp!(resp);
+    assert_resp_paths!(resp);
     Ok(())
 }
 
@@ -28,3 +31,22 @@ fn path_prefix_propfind(
     assert!(text.contains("<D:href>/xyz/</D:href>"));
     Ok(())
 }
+
+#[rstest]
+#[case("index.html")]
+fn serve_single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path().join(file))
+        .arg("-p")
+        .arg(port.to_string())
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/index.html", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+
+    child.kill()?;
+    Ok(())
+}

tests/assets.rs

@@ -0,0 +1,93 @@
+mod fixtures;
+mod utils;
+
+use fixtures::{server, Error, TestServer};
+use rstest::rstest;
+
+#[rstest]
+fn assets(server: TestServer) -> Result<(), Error> {
+    let ver = env!("CARGO_PKG_VERSION");
+    let resp = reqwest::blocking::get(server.url())?;
+    let index_js = format!("/__dufs_v{}_index.js", ver);
+    let index_css = format!("/__dufs_v{}_index.css", ver);
+    let favicon_ico = format!("/__dufs_v{}_favicon.ico", ver);
+    let text = resp.text()?;
+    assert!(text.contains(&format!(r#"href="{}""#, index_css)));
+    assert!(text.contains(&format!(r#"href="{}""#, favicon_ico)));
+    assert!(text.contains(&format!(r#"src="{}""#, index_js)));
+    Ok(())
+}
+
+#[rstest]
+fn asset_js(server: TestServer) -> Result<(), Error> {
+    let url = format!(
+        "{}__dufs_v{}_index.js",
+        server.url(),
+        env!("CARGO_PKG_VERSION")
+    );
+    let resp = reqwest::blocking::get(url)?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "application/javascript"
+    );
+    Ok(())
+}
+
+#[rstest]
+fn asset_css(server: TestServer) -> Result<(), Error> {
+    let url = format!(
+        "{}__dufs_v{}_index.css",
+        server.url(),
+        env!("CARGO_PKG_VERSION")
+    );
+    let resp = reqwest::blocking::get(url)?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(resp.headers().get("content-type").unwrap(), "text/css");
+    Ok(())
+}
+
+#[rstest]
+fn asset_ico(server: TestServer) -> Result<(), Error> {
+    let url = format!(
+        "{}__dufs_v{}_favicon.ico",
+        server.url(),
+        env!("CARGO_PKG_VERSION")
+    );
+    let resp = reqwest::blocking::get(url)?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(resp.headers().get("content-type").unwrap(), "image/x-icon");
+    Ok(())
+}
+
+#[rstest]
+fn assets_with_prefix(#[with(&["--path-prefix", "xyz"])] server: TestServer) -> Result<(), Error> {
+    let ver = env!("CARGO_PKG_VERSION");
+    let resp = reqwest::blocking::get(format!("{}xyz/", server.url()))?;
+    let index_js = format!("/xyz/__dufs_v{}_index.js", ver);
+    let index_css = format!("/xyz/__dufs_v{}_index.css", ver);
+    let favicon_ico = format!("/xyz/__dufs_v{}_favicon.ico", ver);
+    let text = resp.text()?;
+    assert!(text.contains(&format!(r#"href="{}""#, index_css)));
+    assert!(text.contains(&format!(r#"href="{}""#, favicon_ico)));
+    assert!(text.contains(&format!(r#"src="{}""#, index_js)));
+    Ok(())
+}
+
+#[rstest]
+fn asset_js_with_prefix(
+    #[with(&["--path-prefix", "xyz"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!(
+        "{}xyz/__dufs_v{}_index.js",
+        server.url(),
+        env!("CARGO_PKG_VERSION")
+    );
+    let resp = reqwest::blocking::get(url)?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "application/javascript"
+    );
+    Ok(())
+}

tests/auth.rs

@@ -6,7 +6,7 @@ use fixtures::{server, Error, TestServer};
 use rstest::rstest;
 
 #[rstest]
-fn no_auth(#[with(&["--auth", "user:pass", "-A"])] server: TestServer) -> Result<(), Error> {
+fn no_auth(#[with(&["--auth", "/@user:pass", "-A"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;
     assert_eq!(resp.status(), 401);
     assert!(resp.headers().contains_key("www-authenticate"));
@@ -17,7 +17,7 @@ fn no_auth(#[with(&["--auth", "user:pass", "-A"])] server: TestServer) -> Result
 }
 
 #[rstest]
-fn auth(#[with(&["--auth", "user:pass", "-A"])] server: TestServer) -> Result<(), Error> {
+fn auth(#[with(&["--auth", "/@user:pass", "-A"])] server: TestServer) -> Result<(), Error> {
     let url = format!("{}file1", server.url());
     let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
     assert_eq!(resp.status(), 401);
@@ -29,10 +29,69 @@ fn auth(#[with(&["--auth", "user:pass", "-A"])] server: TestServer) -> Result<()
 }
 
 #[rstest]
-fn auth_skip_access(
-    #[with(&["--auth", "user:pass", "--no-auth-access"])] server: TestServer,
-) -> Result<(), Error> {
+fn auth_skip(#[with(&["--auth", "/@user:pass@*"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;
     assert_eq!(resp.status(), 200);
     Ok(())
 }
+
+#[rstest]
+fn auth_readonly(
+    #[with(&["--auth", "/@user:pass@user2:pass2", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"GET", &url).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"GET", &url).send_with_digest_auth("user2", "pass2")?;
+    assert_eq!(resp.status(), 200);
+    let url = format!("{}file1", server.url());
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .send_with_digest_auth("user2", "pass2")?;
+    assert_eq!(resp.status(), 401);
+    Ok(())
+}
+
+#[rstest]
+fn auth_nest(
+    #[with(&["--auth", "/@user:pass@user2:pass2", "--auth", "/dira@user3:pass3", "-A"])]
+    server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}dira/file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .send_with_digest_auth("user3", "pass3")?;
+    assert_eq!(resp.status(), 201);
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .send_with_digest_auth("user", "pass")?;
+    assert_eq!(resp.status(), 201);
+    Ok(())
+}
+
+#[rstest]
+fn auth_nest_share(
+    #[with(&["--auth", "/@user:pass@*", "--auth", "/dira@user3:pass3", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"GET", &url).send()?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
+#[rstest]
+fn auth_basic(
+    #[with(&["--auth", "/@user:pass", "--auth-method", "basic", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .basic_auth("user", Some("pass"))
+        .send()?;
+    assert_eq!(resp.status(), 201);
+    Ok(())
+}

tests/bind.rs

@@ -1,43 +1,47 @@
 mod fixtures;
 
-use fixtures::{port, server, tmpdir, Error, TestServer};
+use fixtures::{port, server, tmpdir, wait_for_port, Error, TestServer};
 
 use assert_cmd::prelude::*;
 use assert_fs::fixture::TempDir;
 use regex::Regex;
 use rstest::rstest;
-use std::io::{BufRead, BufReader};
+use std::io::Read;
 use std::process::{Command, Stdio};
 
 #[rstest]
 #[case(&["-b", "20.205.243.166"])]
 fn bind_fails(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error> {
-    Command::cargo_bin("duf")?
-        .env("RUST_LOG", "false")
+    Command::cargo_bin("dufs")?
         .arg(tmpdir.path())
         .arg("-p")
         .arg(port.to_string())
         .args(args)
         .assert()
-        .stderr(predicates::str::contains("creating server listener"))
+        .stderr(predicates::str::contains("Failed to bind"))
         .failure();
 
     Ok(())
 }
 
 #[rstest]
-fn bind_ipv4(server: TestServer) -> Result<(), Error> {
-    assert!(reqwest::blocking::get(format!("http://127.0.0.1:{}", server.port()).as_str()).is_ok());
-    Ok(())
-}
-
-#[rstest]
-fn bind_ipv6(#[with(&["-b", "::"])] server: TestServer) -> Result<(), Error> {
+#[case(server(&[] as &[&str]), true, true)]
+#[case(server(&["-b", "0.0.0.0"]), true, false)]
+#[case(server(&["-b", "127.0.0.1", "-b", "::1"]), true, true)]
+fn bind_ipv4_ipv6(
+    #[case] server: TestServer,
+    #[case] bind_ipv4: bool,
+    #[case] bind_ipv6: bool,
+) -> Result<(), Error> {
     assert_eq!(
         reqwest::blocking::get(format!("http://127.0.0.1:{}", server.port()).as_str()).is_ok(),
-        !cfg!(windows)
+        bind_ipv4
     );
-    assert!(reqwest::blocking::get(format!("http://[::1]:{}", server.port()).as_str()).is_ok());
+    assert_eq!(
+        reqwest::blocking::get(format!("http://[::1]:{}", server.port()).as_str()).is_ok(),
+        bind_ipv6
+    );
+
     Ok(())
 }
 
@@ -45,8 +49,7 @@ fn bind_ipv6(#[with(&["-b", "::"])] server: TestServer) -> Result<(), Error> {
 #[case(&[] as &[&str])]
 #[case(&["--path-prefix", "/prefix"])]
 fn validate_printed_urls(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error> {
-    let mut child = Command::cargo_bin("duf")?
-        .env("RUST_LOG", "false")
+    let mut child = Command::cargo_bin("dufs")?
         .arg(tmpdir.path())
         .arg("-p")
         .arg(port.to_string())
@@ -54,22 +57,25 @@ fn validate_printed_urls(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> R
         .stdout(Stdio::piped())
         .spawn()?;
 
-    // WARN assumes urls list is terminated by an empty line
-    let url_lines = BufReader::new(child.stdout.take().unwrap())
+    wait_for_port(port);
+
+    let stdout = child.stdout.as_mut().expect("Failed to get stdout");
+    let mut buf = [0; 1000];
+    let buf_len = stdout.read(&mut buf)?;
+    let output = std::str::from_utf8(&buf[0..buf_len])?;
+    let url_lines = output
         .lines()
-        .map(|line| line.expect("Error reading stdout"))
         .take_while(|line| !line.is_empty()) /* non-empty lines */
-        .collect::<Vec<_>>();
-    let url_lines = url_lines.join("\n");
+        .collect::<Vec<_>>()
+        .join("\n");
 
     let urls = Regex::new(r"http://[a-zA-Z0-9\.\[\]:/]+")
         .unwrap()
         .captures_iter(url_lines.as_str())
-        .map(|caps| caps.get(0).unwrap().as_str())
+        .filter_map(|caps| caps.get(0).map(|v| v.as_str()))
         .collect::<Vec<_>>();
 
     assert!(!urls.is_empty());
-
     for url in urls {
         reqwest::blocking::get(url)?.error_for_status()?;
     }

tests/cors.rs

@@ -5,7 +5,7 @@ use fixtures::{server, Error, TestServer};
 use rstest::rstest;
 
 #[rstest]
-fn cors(#[with(&["--cors"])] server: TestServer) -> Result<(), Error> {
+fn cors(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;
 
     assert_eq!(
@@ -21,7 +21,7 @@ fn cors(#[with(&["--cors"])] server: TestServer) -> Result<(), Error> {
 }
 
 #[rstest]
-fn cors_options(#[with(&["--cors"])] server: TestServer) -> Result<(), Error> {
+fn cors_options(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
     let resp = fetch!(b"OPTIONS", server.url()).send()?;
 
     assert_eq!(

tests/favicon.rs

@@ -1,25 +0,0 @@
-mod fixtures;
-mod utils;
-
-use fixtures::{server, Error, TestServer};
-use rstest::rstest;
-
-#[rstest]
-fn default_favicon(server: TestServer) -> Result<(), Error> {
-    let resp = reqwest::blocking::get(format!("{}favicon.ico", server.url()))?;
-    assert_eq!(resp.status(), 200);
-    assert_eq!(resp.headers().get("content-type").unwrap(), "image/x-icon");
-    Ok(())
-}
-
-#[rstest]
-fn exist_favicon(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
-    let url = format!("{}favicon.ico", server.url());
-    let data = b"abc";
-    let resp = fetch!(b"PUT", &url).body(data.to_vec()).send()?;
-    assert_eq!(resp.status(), 201);
-    let resp = reqwest::blocking::get(url)?;
-    assert_eq!(resp.status(), 200);
-    assert_eq!(resp.bytes()?, data.to_vec());
-    Ok(())
-}

tests/fixtures.rs

@@ -13,33 +13,23 @@ pub type Error = Box<dyn std::error::Error>;
 
 /// File names for testing purpose
 #[allow(dead_code)]
-pub static FILES: &[&str] = &[
-    "test.txt",
-    "test.html",
-    "index.html",
-    "test.mkv",
-    #[cfg(not(windows))]
-    "test \" \' & < >.csv",
-    "😀.data",
-    "⎙.mp4",
-    "#[]{}()@!$&'`+,;= %20.test",
-    #[cfg(unix)]
-    ":?#[]{}<>()@!$&'`|*+,;= %20.test",
-    #[cfg(not(windows))]
-    "foo\\bar.test",
-];
+pub static FILES: &[&str] = &["test.txt", "test.html", "index.html", "😀.bin"];
 
-/// Directory names for testing purpose
+/// Directory names for testing diretory don't exist
+#[allow(dead_code)]
+pub static DIR_NO_FOUND: &str = "dir-no-found/";
+
+/// Directory names for testing diretory don't have index.html
 #[allow(dead_code)]
 pub static DIR_NO_INDEX: &str = "dir-no-index/";
 
+/// Directory names for testing hidden
+#[allow(dead_code)]
+pub static DIR_GIT: &str = ".git/";
+
 /// Directory names for testing purpose
 #[allow(dead_code)]
-pub static DIRECTORIES: &[&str] = &["dira/", "dirb/", "dirc/", DIR_NO_INDEX];
-
-/// Name of a deeply nested file
-#[allow(dead_code)]
-pub static DEEPLY_NESTED_FILE: &str = "very/deeply/nested/test.rs";
+pub static DIRECTORIES: &[&str] = &["dira/", "dirb/", "dirc/", DIR_NO_INDEX, DIR_GIT];
 
 /// Test fixture which creates a temporary directory with a few files and directories inside.
 /// The directories also contain files.
@@ -55,7 +45,7 @@ pub fn tmpdir() -> TempDir {
     }
     for directory in DIRECTORIES {
         for file in FILES {
-            if *directory == DIR_NO_INDEX {
+            if *directory == DIR_NO_INDEX && *file == "index.html" {
                 continue;
             }
             tmpdir
@@ -65,10 +55,6 @@ pub fn tmpdir() -> TempDir {
         }
     }
 
-    tmpdir
-        .child(&DEEPLY_NESTED_FILE)
-        .write_str("File in a deeply nested directory.")
-        .expect("Couldn't write to file");
     tmpdir
 }
 
@@ -79,7 +65,7 @@ pub fn port() -> u16 {
     free_local_port().expect("Couldn't find a free local port")
 }
 
-/// Run miniserve as a server; Start with a temporary directory, a free port and some
+/// Run dufs as a server; Start with a temporary directory, a free port and some
 /// optional arguments then wait for a while for the server setup to complete.
 #[fixture]
 #[allow(dead_code)]
@@ -90,9 +76,8 @@ where
 {
     let port = port();
     let tmpdir = tmpdir();
-    let child = Command::cargo_bin("duf")
+    let child = Command::cargo_bin("dufs")
         .expect("Couldn't find test binary")
-        .env("RUST_LOG", "false")
         .arg(tmpdir.path())
         .arg("-p")
         .arg(port.to_string())
@@ -118,9 +103,8 @@ where
 {
     let port = port();
     let tmpdir = tmpdir();
-    let child = Command::cargo_bin("duf")
+    let child = Command::cargo_bin("dufs")
         .expect("Couldn't find test binary")
-        .env("RUST_LOG", "false")
         .arg(tmpdir.path())
         .arg("-p")
         .arg(port.to_string())
@@ -138,7 +122,7 @@ where
 }
 
 /// Wait a max of 1s for the port to become available.
-fn wait_for_port(port: u16) {
+pub fn wait_for_port(port: u16) {
     let start_wait = Instant::now();
 
     while !port_check::is_port_reachable(format!("localhost:{}", port)) {

tests/hidden.rs

@@ -0,0 +1,42 @@
+mod fixtures;
+mod utils;
+
+use fixtures::{server, Error, TestServer};
+use rstest::rstest;
+
+#[rstest]
+#[case(server(&[] as &[&str]), true)]
+#[case(server(&["--hidden", ".git,index.html"]), false)]
+fn hidden_get_dir(#[case] server: TestServer, #[case] exist: bool) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(server.url())?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrive_index_paths(&resp.text()?);
+    assert_eq!(paths.contains(".git/"), exist);
+    assert_eq!(paths.contains("index.html"), exist);
+    Ok(())
+}
+
+#[rstest]
+#[case(server(&[] as &[&str]), true)]
+#[case(server(&["--hidden", ".git,index.html"]), false)]
+fn hidden_propfind_dir(#[case] server: TestServer, #[case] exist: bool) -> Result<(), Error> {
+    let resp = fetch!(b"PROPFIND", server.url()).send()?;
+    assert_eq!(resp.status(), 207);
+    let body = resp.text()?;
+    assert_eq!(body.contains("<D:href>/.git/</D:href>"), exist);
+    assert_eq!(body.contains("<D:href>/index.html</D:href>"), exist);
+    Ok(())
+}
+
+#[rstest]
+#[case(server(&["--allow-search"] as &[&str]), true)]
+#[case(server(&["--allow-search", "--hidden", ".git,test.html"]), false)]
+fn hidden_search_dir(#[case] server: TestServer, #[case] exist: bool) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "test.html"))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrive_index_paths(&resp.text()?);
+    for p in paths {
+        assert_eq!(p.contains("test.html"), exist);
+    }
+    Ok(())
+}

tests/http.rs

@@ -7,7 +7,7 @@ use rstest::rstest;
 #[rstest]
 fn get_dir(server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;
-    assert_index_resp!(resp);
+    assert_resp_paths!(resp);
     Ok(())
 }
 
@@ -63,19 +63,31 @@ fn head_dir_zip(server: TestServer) -> Result<(), Error> {
 }
 
 #[rstest]
-fn get_dir_search(server: TestServer) -> Result<(), Error> {
+fn get_dir_search(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "test.html"))?;
     assert_eq!(resp.status(), 200);
     let paths = utils::retrive_index_paths(&resp.text()?);
     assert!(!paths.is_empty());
     for p in paths {
-        assert!(p.contains(&"test.html"));
+        assert!(p.contains("test.html"));
     }
     Ok(())
 }
 
 #[rstest]
-fn head_dir_search(server: TestServer) -> Result<(), Error> {
+fn get_dir_search2(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "😀.bin"))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrive_index_paths(&resp.text()?);
+    assert!(!paths.is_empty());
+    for p in paths {
+        assert!(p.contains("😀.bin"));
+    }
+    Ok(())
+}
+
+#[rstest]
+fn head_dir_search(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
     let resp = fetch!(b"HEAD", format!("{}?q={}", server.url(), "test.html")).send()?;
     assert_eq!(resp.status(), 200);
     assert_eq!(
@@ -105,6 +117,7 @@ fn head_file(server: TestServer) -> Result<(), Error> {
     assert_eq!(resp.status(), 200);
     assert_eq!(resp.headers().get("content-type").unwrap(), "text/html");
     assert_eq!(resp.headers().get("accept-ranges").unwrap(), "bytes");
+    assert!(resp.headers().contains_key("content-disposition"));
     assert!(resp.headers().contains_key("etag"));
     assert!(resp.headers().contains_key("last-modified"));
     assert!(resp.headers().contains_key("content-length"));
@@ -134,7 +147,7 @@ fn options_dir(server: TestServer) -> Result<(), Error> {
         resp.headers().get("allow").unwrap(),
         "GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE"
     );
-    assert_eq!(resp.headers().get("dav").unwrap(), "1");
+    assert_eq!(resp.headers().get("dav").unwrap(), "1,2");
     Ok(())
 }
 

tests/range.rs

@@ -0,0 +1,45 @@
+mod fixtures;
+mod utils;
+
+use fixtures::{server, Error, TestServer};
+use headers::HeaderValue;
+use rstest::rstest;
+
+#[rstest]
+fn get_file_range(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"GET", format!("{}index.html", server.url()))
+        .header("range", HeaderValue::from_static("bytes=0-6"))
+        .send()?;
+    assert_eq!(resp.status(), 206);
+    assert_eq!(resp.headers().get("content-range").unwrap(), "bytes 0-6/18");
+    assert_eq!(resp.headers().get("accept-ranges").unwrap(), "bytes");
+    assert_eq!(resp.headers().get("content-length").unwrap(), "7");
+    assert_eq!(resp.text()?, "This is");
+    Ok(())
+}
+
+#[rstest]
+fn get_file_range_beyond(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"GET", format!("{}index.html", server.url()))
+        .header("range", HeaderValue::from_static("bytes=12-20"))
+        .send()?;
+    assert_eq!(resp.status(), 206);
+    assert_eq!(
+        resp.headers().get("content-range").unwrap(),
+        "bytes 12-17/18"
+    );
+    assert_eq!(resp.headers().get("accept-ranges").unwrap(), "bytes");
+    assert_eq!(resp.headers().get("content-length").unwrap(), "6");
+    assert_eq!(resp.text()?, "x.html");
+    Ok(())
+}
+
+#[rstest]
+fn get_file_range_invalid(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"GET", format!("{}index.html", server.url()))
+        .header("range", HeaderValue::from_static("bytes=20-"))
+        .send()?;
+    assert_eq!(resp.status(), 416);
+    assert_eq!(resp.headers().get("content-range").unwrap(), "bytes */18");
+    Ok(())
+}

tests/render.rs

@@ -1,6 +1,7 @@
 mod fixtures;
+mod utils;
 
-use fixtures::{server, Error, TestServer, DIR_NO_INDEX};
+use fixtures::{server, Error, TestServer, DIR_NO_FOUND, DIR_NO_INDEX, FILES};
 use rstest::rstest;
 
 #[rstest]
@@ -12,12 +13,55 @@ fn render_index(#[with(&["--render-index"])] server: TestServer) -> Result<(), E
 }
 
 #[rstest]
-fn render_index_404(#[with(&["--render-index"])] server: TestServer) -> Result<(), Error> {
-    let resp = reqwest::blocking::get(format!("{}/{}", server.url(), DIR_NO_INDEX))?;
+fn render_index2(#[with(&["--render-index"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}", server.url(), DIR_NO_INDEX))?;
     assert_eq!(resp.status(), 404);
     Ok(())
 }
 
+#[rstest]
+fn render_try_index(#[with(&["--render-try-index"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(server.url())?;
+    let text = resp.text()?;
+    assert_eq!(text, "This is index.html");
+    Ok(())
+}
+
+#[rstest]
+fn render_try_index2(#[with(&["--render-try-index"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}", server.url(), DIR_NO_INDEX))?;
+    let files: Vec<&str> = FILES
+        .iter()
+        .filter(|v| **v != "index.html")
+        .cloned()
+        .collect();
+    assert_resp_paths!(resp, files);
+    Ok(())
+}
+
+#[rstest]
+fn render_try_index3(#[with(&["--render-try-index"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}?zip", server.url(), DIR_NO_INDEX))?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "application/zip"
+    );
+    Ok(())
+}
+
+#[rstest]
+#[case(server(&["--render-try-index"] as &[&str]), false)]
+#[case(server(&["--render-try-index", "--allow-search"] as &[&str]), true)]
+fn render_try_index4(#[case] server: TestServer, #[case] searched: bool) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}?q={}", server.url(), DIR_NO_INDEX, "😀.bin"))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrive_index_paths(&resp.text()?);
+    assert!(!paths.is_empty());
+    assert_eq!(paths.iter().all(|v| v.contains("😀.bin")), searched);
+    Ok(())
+}
+
 #[rstest]
 fn render_spa(#[with(&["--render-spa"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;
@@ -27,8 +71,8 @@ fn render_spa(#[with(&["--render-spa"])] server: TestServer) -> Result<(), Error
 }
 
 #[rstest]
-fn render_spa_no_404(#[with(&["--render-spa"])] server: TestServer) -> Result<(), Error> {
-    let resp = reqwest::blocking::get(format!("{}/{}", server.url(), DIR_NO_INDEX))?;
+fn render_spa2(#[with(&["--render-spa"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}", server.url(), DIR_NO_FOUND))?;
     let text = resp.text()?;
     assert_eq!(text, "This is index.html");
     Ok(())

tests/tls.rs

@@ -22,14 +22,14 @@ fn tls_works(#[case] server: TestServer) -> Result<(), Error> {
         .danger_accept_invalid_certs(true)
         .build()?;
     let resp = client.get(server.url()).send()?.error_for_status()?;
-    assert_index_resp!(resp);
+    assert_resp_paths!(resp);
     Ok(())
 }
 
 /// Wrong path for cert throws error.
 #[rstest]
 fn wrong_path_cert() -> Result<(), Error> {
-    Command::cargo_bin("duf")?
+    Command::cargo_bin("dufs")?
         .args(&["--tls-cert", "wrong", "--tls-key", "tests/data/key.pem"])
         .assert()
         .failure()
@@ -41,7 +41,7 @@ fn wrong_path_cert() -> Result<(), Error> {
 /// Wrong paths for key throws errors.
 #[rstest]
 fn wrong_path_key() -> Result<(), Error> {
-    Command::cargo_bin("duf")?
+    Command::cargo_bin("dufs")?
         .args(&["--tls-cert", "tests/data/cert.pem", "--tls-key", "wrong"])
         .assert()
         .failure()

tests/utils.rs

@@ -2,9 +2,9 @@ use serde_json::Value;
 use std::collections::HashSet;
 
 #[macro_export]
-macro_rules! assert_index_resp {
+macro_rules! assert_resp_paths {
     ($resp:ident) => {
-        assert_index_resp!($resp, self::fixtures::FILES)
+        assert_resp_paths!($resp, self::fixtures::FILES)
     };
     ($resp:ident, $files:expr) => {
         assert_eq!($resp.status(), 200);
@@ -37,12 +37,8 @@ pub fn encode_uri(v: &str) -> String {
 
 fn retrive_index_paths_impl(index: &str) -> Option<HashSet<String>> {
     let lines: Vec<&str> = index.lines().collect();
-    let (i, _) = lines
-        .iter()
-        .enumerate()
-        .find(|(_, v)| v.contains("const DATA"))?;
-    let line = lines.get(i + 1)?;
-    let value: Value = line.parse().ok()?;
+    let line = lines.iter().find(|v| v.contains("DATA ="))?;
+    let value: Value = line[7..].parse().ok()?;
     let paths = value
         .get("paths")?
         .as_array()?

tests/webdav.rs

@@ -10,7 +10,7 @@ fn propfind_dir(server: TestServer) -> Result<(), Error> {
     let resp = fetch!(b"PROPFIND", format!("{}dira", server.url())).send()?;
     assert_eq!(resp.status(), 207);
     let body = resp.text()?;
-    assert!(body.contains("<D:href>/dira</D:href>"));
+    assert!(body.contains("<D:href>/dira/</D:href>"));
     assert!(body.contains("<D:displayname>dira</D:displayname>"));
     for f in FILES {
         assert!(body.contains(&format!("<D:href>/dira/{}</D:href>", utils::encode_uri(f))));
@@ -29,7 +29,7 @@ fn propfind_dir_depth0(server: TestServer) -> Result<(), Error> {
         .send()?;
     assert_eq!(resp.status(), 207);
     let body = resp.text()?;
-    assert!(body.contains("<D:href>/dira</D:href>"));
+    assert!(body.contains("<D:href>/dira/</D:href>"));
     assert!(body.contains("<D:displayname>dira</D:displayname>"));
     assert_eq!(
         body.lines()