3 1f6de749 2022-07-04 op ## 2022/07/04 - 1.8.4 “Lightbulb Sun” bugfix release
7 1f6de749 2022-07-04 op * allow "@" and ":" in paths; spotted by freezr
8 1f6de749 2022-07-04 op * URL-encode the file names in the directory index; reported by cage
10 1f6de749 2022-07-04 op ### Improvements
12 1f6de749 2022-07-04 op * move the documentation about the config file in its own manual page: gmid.conf.5
13 1f6de749 2022-07-04 op * improvements to the mime handling: fixed a memory leak and improve lookup speed.
14 1f6de749 2022-07-04 op * log (with low priority) when gmid failed to open a file because of its permissions.
15 1f6de749 2022-07-04 op * include a trailing "/" for dirs in the auto-generated directory index.
17 1f6de749 2022-07-04 op ### Breaking Changes
19 1f6de749 2022-07-04 op * deprecated the `map' rule in favour of the new `types' block.
20 1f6de749 2022-07-04 op * the default list is not loaded anymore when `types' is used; except for the text/gemini to ".gmi"/".gemini" mappings.
23 1a04137e 2022-03-27 op ## 2022/03/27 - 1.8.3 “Lightbulb Sun” bugfix release
27 1a04137e 2022-03-27 op * fix a possible out-of-bound access in the CGI handling. It was introduced last October during a refactoring, but due to how many malloc(3) implementations works this hasn't been found until now. Otto' malloc is more strict fortunately.
30 62a46b03 2022-03-26 op ## 2022/03/26 - 1.8.2 “Lightbulb Sun” bugfix release
34 62a46b03 2022-03-26 op * fix a CGI timing issue: if a connection handled by a CGI scripts is interrupted with the right timing it causes the server process to exit with "fatal in client_by_id: invalid id X".
36 62a46b03 2022-03-26 op ### New Features
38 62a46b03 2022-03-26 op * add a new block `type { ... }' to define mime types mapping.
40 62a46b03 2022-03-26 op ### Improvements
42 62a46b03 2022-03-26 op * use shell built-in `command' instead of which(1), prodded by cage and Allen Sobot.
43 62a46b03 2022-03-26 op * configure script: allow to set MANDIR from cmdline (Allen Sobot)
44 62a46b03 2022-03-26 op * add systemd-sysusers sample file in contrib/ (Nakaya)
45 62a46b03 2022-03-26 op * [linux/seccomp] allow fstatat64(2), llseek(2) and sigreturn(2), needed by glibc on armv7. (Tobias Berger)
46 62a46b03 2022-03-26 op * [linux/seccomp] tightens rules by allowing openat(2) only with the O_RDONLY flag.
49 c6ae2561 2022-02-10 op ## 2022/02/10 - 1.8.1 “Lightbulb Sun” bugfix release
53 c6ae2561 2022-02-10 op * fix landlock usage on linux: don't assume that access capabilities not listed are implicitly denied, because they are not. Mickaël Salaün, the landlock author, found the same error on game of trees:
55 c6ae2561 2022-02-10 op > In a nutshell, the ruleset's handled_access_fs is required for backward and forward compatibility (i.e. the kernel and user space may not know each other's supported restrictions), hence the need to be explicit about the denied-by-default access rights.
57 c6ae2561 2022-02-10 op In practice this affects only linux and only partially: thanks to the design of the daemon and the seccomp filter the effects of this mistake in handling landlock are fortunately limited. However, in theory at least, gmid could be for e.g. tricked into truncating existing files, so it's highly suggested to update.
59 c6ae2561 2022-02-10 op ## Improvements
61 c6ae2561 2022-02-10 op All by Anna “CyberTailor”, thanks!
63 c6ae2561 2022-02-10 op * don't skip unit tests when SKIP_RUNTIME_TEST is set
64 c6ae2561 2022-02-10 op * add `gg' to the regress target dependencies
65 c6ae2561 2022-02-10 op * fix the "implicit declaration of asprintf" warning
66 c6ae2561 2022-02-10 op * sync vim syntax
69 de721c43 2022-01-30 op ## 2022/01/30 - 1.8 “Lightbulb Sun”
71 de721c43 2022-01-30 op ### New Features
73 de721c43 2022-01-30 op * reverse proxying support: gmid now can relay gemini requests to other hosts.
74 de721c43 2022-01-30 op * install gg too: it's a simple gemini client ("gemini get") initially developed as part of the regression suite.
75 de721c43 2022-01-30 op * added OCSP stapling support (by @The-King-of-Toasters, thanks!)
76 de721c43 2022-01-30 op * add gencert, a simple script to generate self-signed certs.
77 de721c43 2022-01-30 op * add renew-certs, a script to automatically renew self-signed certs.
78 de721c43 2022-01-30 op * multiple -n partially dump the parsed configuration.
80 de721c43 2022-01-30 op ### Improvements
82 de721c43 2022-01-30 op * reworked the fastcgi subsystem, now it's completely asynchronous.
83 de721c43 2022-01-30 op * refactored the internal of the server too.
84 de721c43 2022-01-30 op * refactored the regression suite (in particular reduced the timeout for single tests from 30 to 10 seconds.)
85 de721c43 2022-01-30 op * configure: add support for --prefix=... autoconf-style flag.
86 de721c43 2022-01-30 op * relax the "wont proxy" check: don't check that the port in the request is the same we're listening on. Suggested and discussed with Allen Sobot, thanks!
87 de721c43 2022-01-30 op * relax the strict ordering of options, locations and proxy blocks inside a server block.
91 de721c43 2022-01-30 op * don't pass through illegal replies from CGI scripts.
92 de721c43 2022-01-30 op * fix the "double slash" error in logs.
93 de721c43 2022-01-30 op * fix the configure for cross-compilation: don't run the test binaries just built. Suggested by Nikolay Korotkiy (@sikmir), thanks!
94 de721c43 2022-01-30 op * (seccomp) allow ugetrlimit(2), needed by glibc on arm7l. By Max, thanks!
97 21dc3794 2022-01-28 op ## 2021/10/15 - 1.7.5 “Space-dye Vest” fifth bugfix release
99 21dc3794 2022-01-28 op This version includes the following bugfix
101 21dc3794 2022-01-28 op * don’t die when a connection is closed before being accepted by gmid (i.e. handle ‘ECONNRESET’)
104 21dc3794 2022-01-28 op ## 2021/09/24 - 1.7.4 “Space-dye Vest” fourth bugfix release
106 21dc3794 2022-01-28 op This version includes the following bugfix:
108 21dc3794 2022-01-28 op * fix a possible out-of-bound access when handling a request for a non-existent file in the root directory of a vhost that's matched by the cgi option
110 21dc3794 2022-01-28 op and the relative regression test.
113 21dc3794 2022-01-28 op ## 2021/09/19 - 1.7.3 “Space-dye Vest” third bugfix release
115 21dc3794 2022-01-28 op ### Improvements
117 21dc3794 2022-01-28 op * follows symlinks
118 21dc3794 2022-01-28 op * improved documentation and added key generation example (thanks! Anna)
122 21dc3794 2022-01-28 op * fix syslog logging on FreeBSD. Reported by Karl Jeacle, thanks!
123 21dc3794 2022-01-28 op * don't crash if ``-c'' is missing in configtest mode (-n). Reported by heph, thanks!
124 21dc3794 2022-01-28 op * allow fstat64 on linux (needed by glibc on aarch64). Reported by pine, thanks!
127 21dc3794 2022-01-28 op ## 2021/07/19 - 1.7.2 “Space-dye Vest” second bugfix release
129 21dc3794 2022-01-28 op This version incudes the following bugfix:
131 21dc3794 2022-01-28 op * an un-initialized field in the configless code path leads to a crash on the first request.
133 21dc3794 2022-01-28 op and the relative regression test.
136 21dc3794 2022-01-28 op ## 2021/07/11 - 1.7.1 “Space-dye Vest” bugfix release
138 21dc3794 2022-01-28 op This version includes two bugfixes:
139 21dc3794 2022-01-28 op * use ${MAKE} to recursively call make.
140 21dc3794 2022-01-28 op * fix the misleading example in the manpage: macros may not be reserved words
143 21dc3794 2022-01-28 op ## 2021/07/10 - 1.7 “Space-dye Vest”
145 21dc3794 2022-01-28 op Starting from this version gmid doesn't depend on lex anymore, but yacc is still needed.
147 21dc3794 2022-01-28 op ### New features
149 21dc3794 2022-01-28 op * initial fastcgi support! (it's still young!)
150 21dc3794 2022-01-28 op * added user-defined macros, either via ‘-Dname=val’ or directly in the configuration file.
151 21dc3794 2022-01-28 op * new ‘include’ keyword to load additional configuration files.
152 21dc3794 2022-01-28 op * new ‘env’ rule to define environment vars for CGI scripts.
153 21dc3794 2022-01-28 op * new ‘alias’ rule to define hostname aliases for a server.
154 21dc3794 2022-01-28 op * allow ‘root’ to be specified per-location block.
155 21dc3794 2022-01-28 op * pidfile support with the new ‘-P’ cli flag.
156 21dc3794 2022-01-28 op * define ‘TLS_VERSION’, ‘TLS_CIPHER’ and ‘TLS_CIPHER_STRENGTH’ for CGI scripts.
158 21dc3794 2022-01-28 op ### Improvements
160 21dc3794 2022-01-28 op * remove limits on the number of virtual hosts and location blocks that can be defined.
161 21dc3794 2022-01-28 op * print the datetime when logging to stderr.
162 21dc3794 2022-01-28 op * use ‘text/x-patch’ for ‘.patch’ and ‘.diff’ files.
163 21dc3794 2022-01-28 op * sort the auto index alphabetically.
164 21dc3794 2022-01-28 op * various improvements to the log management.
165 21dc3794 2022-01-28 op * drop the dependency on lex.
166 21dc3794 2022-01-28 op * added ‘--help’ as synonym of ‘-h’ and ‘-V’/‘--version‘ to print the version.
167 21dc3794 2022-01-28 op * c-like handling of strings in the configuration file: when two or more strings are next to each-others, are automatically joined into a single string. This is particularly useful with $-macros.
169 21dc3794 2022-01-28 op ### Bug fixes
171 21dc3794 2022-01-28 op * correctly handle CGI scripts that replies with the maxium header length allowed.
172 21dc3794 2022-01-28 op * fixed the static target.
173 21dc3794 2022-01-28 op * fixed recursive mkdirs for configless mode (i.e. create ‘~/.local/share/gmid’)
174 21dc3794 2022-01-28 op * logs sent to syslog now have proper priority (before every message ended up as LOG_CRIT). Found by Anna “CyberTailor”, thanks!
175 21dc3794 2022-01-28 op * ensure ‘%p’ (path) is always absolute in ‘block return’ rules.
176 21dc3794 2022-01-28 op * fix automatic certificate generation, it caused problems on some adroid devices. Found by Gnuserland, thanks!
177 21dc3794 2022-01-28 op * document the ‘log’ rule.
178 21dc3794 2022-01-28 op * the seccomp filter was reworked and now it's known to work properly on a vast range of architectures (to be more specific: all the architectures supported by alpine linux), see github issue #4. Prompted and tested by @begss, thanks!
179 21dc3794 2022-01-28 op * various improvements to the configure script, notified and fixed by Anna “CyberTailor”, thanks!
180 21dc3794 2022-01-28 op * added a timeout to the regression tests.
182 21dc3794 2022-01-28 op ### Breaking changes
184 21dc3794 2022-01-28 op * if duplicate rules are found in the configuration file, an error is now raised instead of silently using only the last value.
185 21dc3794 2022-01-28 op * (sort of) ‘gg’ moved to ‘regress’ as it's only used in the regression suite.
186 21dc3794 2022-01-28 op * (notice) the “mime "mime-type" "extension"” rule was deprecated and replaced by the new “map "mime-type" to-ext "extension"”. The ‘mime’ rule will be removed in a future version because its syntax is incompatible with the new string auto-concat mechanism.
