Commits
Commit:
1a04137e1869781efcd635a1abd4387ccfa6e56d
Author:
Omar Polo <op@omarpolo.com>
Date:
Sun Mar 27 12:59:57 2022 UTC
tag 1.8.3 -- "Lightbulb Sun" bugfix release

gmid 1.8.3 "Lightbulb Sun" bugfix release
=========================================

Released March 27, 2022.

signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC


Bug Fixes
~~~~~~~~~

* fix a possible out-of-bound access in the CGI handling. It was
introduced last October during a refactoring, but due to how
many malloc(3) implementations works this hasn't been found
until now. Otto' malloc is more strict fortunately.
Commit:
ea27eaaa83d61792e75858dc624c58fe1fa13dc9
Author:
Omar Polo <op@omarpolo.com>
Date:
Sun Mar 27 12:52:59 2022 UTC
fix an out-of-bound access in start_cgi

Long time ago, client->req was a static buffer so the memcpy was safe.
However, it's been since moved to a dynamically allocated string, so
it's very often smaller than sizeof(req.buf) (1024), hence the out of
bound access which results in a SIGSEGV very often on OpenBSD thanks to
Otto' malloc.

The situation with the iri parser, client->req and how the request is
forwarded to the other process needs to be improved: this is just a fix
to address the issue quickly, a better one would be to restructure the
iri parser APIs and rethink how the info is forwarded to the ex process.
Commit:
6084a9a5ba263ddc8cd67f7e03f2ee0481d4ea77
Author:
Omar Polo <op@omarpolo.com>
Date:
Sun Mar 27 12:52:58 2022 UTC
prefer sizeof(x) instead of datalen
Commit:
62a46b03c6f911f3674d6cb7b77a49bac8efad42
Author:
Omar Polo <op@omarpolo.com>
Date:
Sat Mar 26 13:22:22 2022 UTC
tag 1.8.2 -- "Lightbulb Sun" bugfix release

gmid 1.8.2 "Lightbulb Sun" bugfix release
=========================================

Released March 26, 2022.

signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC


Bug Fixes
~~~~~~~~~

* fix a CGI timing issue: if a connection handled by a CGI scripts
is interrupted with the right timing it causes the server
process to exit with "fatal in client_by_id: invalid id X".


New Features
~~~~~~~~~~~~

* add a new block `type { ... }' to define mime types mapping.


Improvements
~~~~~~~~~~~~

* use shell built-in `command' instead of which(1), prodded by
cage and Allen Sobot.

* configure script: allow to set MANDIR from cmdline (Allen Sobot)

* add systemd-sysusers sample file in contrib/ (Nakaya)

* [linux/seccomp] allow fstatat64(2), llseek(2) and sigreturn(2),
needed by glibc on armv7. (Tobias Berger)

* [linux/seccomp] tightens rules by allowing openat(2) only with
the O_RDONLY flag.
Commit:
da613aba4b0d28c5d8368ba2fc5e91cf5f6604b1
Author:
Omar Polo <op@omarpolo.com>
Date:
Sat Mar 26 13:22:13 2022 UTC
bump Mdocdate
Commit:
57d2fca4b460c3c6aceb3f3aa6cc97ece9316022
Author:
Omar Polo <op@omarpolo.com>
Date:
Sat Mar 26 11:57:27 2022 UTC
add target `test' alias for `regress'
Commit:
3fdc457c8db0550a6143ab626bfefe3351ab0b93
Author:
Omar Polo <op@omarpolo.com>
Date:
Sat Mar 26 11:32:26 2022 UTC
swap try_client_by_id with client_by_id

i.e. allow client_by_id to fail and return NULL.

Initially I thought it was a good idea to shut down a server process
if we receive an invalid client id as reply from one of our requests
to the executor process. This turned out not to be correct since a
client can (read: will) disconnect in the delay beteewn we acknowledge
their request and the cgi script execution.

The fastcgi and proxy handler already handled this situation, so
they're unaffected.

This allows an attacker to make gmid unresponsible by just making
enough requests until they hit the right timing.
Commit:
409a2599b30159207a7d4da6a7fd7aede4a4327f
Author:
Omar Polo <op@omarpolo.com>
Date:
Sat Mar 26 11:18:02 2022 UTC
move to a different server
Commit:
91971201e545529098ac2b9bc374a383a637e28f
Author:
Omar Polo <op@omarpolo.com>
Date:
Sat Mar 26 10:56:06 2022 UTC
break out if check_reply fails

it's not a problem when we have only one check_reply at then end,
since $? is kept across function boundaries, but when we have multiple
checks we need to quit on the first error.
Commit:
894e998423b80574490efa9c50ad82adfa874b47
Author:
Omar Polo <op@omarpolo.com>
Date:
Sat Mar 19 14:54:31 2022 UTC
sync imsg-buffer.c

original commit from eric@:

change the barrier so that fd's are always passed and received with
the first byte of the imsg they belong to.

idea, tweaks and ok claudio@
Commit:
c7949fd545996cd4ecb5d67e62b3956677a5a991
Author:
Omar Polo <op@omarpolo.com>
Date:
Sat Mar 19 14:52:11 2022 UTC
sync recallocarary.c

original commit from claudio@:

Type-cast getpagesize() from int to size_t for the comparison with d.
getpagesize() will only return positive numbers (there is no negative
page size system) and it can not fail.
Should fix some compiler warnings seen in -portable projects.
OK otto@
Commit:
e5d82d9472513ef742dbb0b5ac451337625feb58
Author:
Omar Polo <op@omarpolo.com>
Date:
Sat Mar 19 11:02:42 2022 UTC
const-ify some tables

matches found with

% grep -R '=[ ]*{' . | fgrep -v const
Commit:
9db5e7051ebb37a9078e79ca46daf7f8f8f3f963
Author:
Omar Polo <op@omarpolo.com>
Date:
Fri Mar 18 16:31:05 2022 UTC
get rid of `which` in the configure too

should have been done already in 12fcba2; reminded by Allen Sobot,
thanks!
Commit:
5f966fbe41a18d9ad1577d659da5990994c851bc
Author:
Omar Polo <op@omarpolo.com>
Date:
Fri Mar 18 16:23:45 2022 UTC
configure: allow to set MANDIR from args

diff by Allen Sobot (chilledfrogs at disroot dot org), thanks!
Commit:
a00e67f1bf90fe67735c3e2518a46528d15e280b
Author:
Omar Polo <op@omarpolo.com>
Date:
Wed Mar 9 16:43:22 2022 UTC
mention gmid.sysusers in contrib together with gmid.service

related to github issue #14
Omar Polo