Commit Briefs
try to preserve as much as possible CFLAGS and LDFLAGS from env
but still try to autodetect with pkg-config if they aren't provided. Passing CFLAGS/LDFLAGS from the command line will still override the guessed ones.
reworked seccomp filter
* SECCOMP_AUDIT_ARCH extended to support more architectures * relax fcntl policy: allow the syscall regardless of the flags * wrap every syscall in a ifdef, and add some (statx, fcntl64, ...) used in x86 Some bits were taken from dhcpcd[0], thanks! #4 related [0]: https://roy.marples.name/git/dhcpcd/blob/HEAD:/src/privsep-linux.c
allow to define macros in the config file
Macros can be defined at the top of the configuration file: dir = "/var/gemini" cert = "/etc/keys" and re-used later, for example server "foo" { root "$dir/foo" # -> /var/gemini/foo cert "$cert/foo.pem" # -> /etc/keys/foo.pem }
drop the dependency on lex by implementing yylex by ourselves
The actual implementation is based off doas' parse.y. This gave us various benefits, like cleaner code, \ to break long lines, better handling of quotes etc...
certificate generation (bugfix and improvement)
don't add gmid as organisation when generating the certificate, and set the version to 3, so it's compatible with java/android clients. Found by Gnuserland, thanks!