Commits


send capsicum/landlock/seccomp hack to Valhalla


drop landlock/seccomp and capsicum support it reached a point where this stuff is not maintenable. I'd like to move forward with gmid, but the restriction of capsicum and the linux environment at large that make landlock unusable (how can you resolve DNS portably when under landlock?) -and don't get me started on seccomp- makes it impossible for me to do any work. So, I prefer removing the crap, resuming working on gmid by cleaning stuff and consolidating the features, improving various things etc... and then eventually see how to introduce some sandboxing again on other systems. Patches to resume sandboxing are, as always, welcome!


include grp.h for setgroup(2) on linux


add a disclaimer


update the site for 1.8.6


add tests and compat for setresuid and setresgid


more is*() unsigned char cast continuation of 6130e0eeac9db4fa8e6fe5934ec2d0ab202f979e


add an implicit fastcgi parameter: GEMINI_SEARCH_STRING it’s the QUERY_STRING decoded if it’s a search-string (i.e. not a key-value pair.) It’s useful for scripts to avoid percent-decoding the querystring in the most common case of a query, because in Gemini querystrings key-value paired are not common. Idea from a discussion with Allen Sobot.


correction: QUERY_STRING is *not* urldecoded. RFC3875 § 4.1.7 states that "the QUERY_STRING variable contains a URL-encoded search or parameter string".


return after FCGI_END_REQUEST this fixes a possible crash if `client_write' closes the connection, because client_close can end up freeing the fastcgi bufferevent while we're looping. We don't support fastcgi multiplexing, so once we get an END_REQUEST there's nothing more to do. Prodded into looking here after a bug report from Allen Sobot, thanks!


typo


don't crash when specifying fcgi UNIX sockets to connect to


when switching user also set the groups


adjust pledge/unveil on OpenBSD to connect to unix-domain sockets the `unix' pledge is needed and also unveil "w". gmid can't mutate files because it doesn't pledge `wpath' nor `cpath'.


always cast is*() arguments to unsigned char