Commits
- Commit:
1e0b974519c8228e271b2b6e677c1b8f9a109b6b
- From:
- Omar Polo <op@omarpolo.com>
- Date:
send capsicum/landlock/seccomp hack to Valhalla
- Commit:
0b62f4842d7c65b8f64c5f676a0a05333fd7db6f
- From:
- Omar Polo <op@omarpolo.com>
- Date:
drop landlock/seccomp and capsicum support
it reached a point where this stuff is not maintenable. I'd like
to move forward with gmid, but the restriction of capsicum and the
linux environment at large that make landlock unusable (how can you
resolve DNS portably when under landlock?) -and don't get me started
on seccomp- makes it impossible for me to do any work.
So, I prefer removing the crap, resuming working on gmid by cleaning
stuff and consolidating the features, improving various things
etc... and then eventually see how to introduce some sandboxing
again on other systems. Patches to resume sandboxing are, as always,
welcome!
- Commit:
c9e97a6ecb4acc6796468cf6bf1f31e8dc172694
- From:
- Anna “CyberTailor” <cyber@sysrq.in>
- Via:
- Omar Polo <op@omarpolo.com>
- Date:
include grp.h for setgroup(2) on linux
- Commit:
837156014c5dc5746ecfcc00e5b02db16cb90f67
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add a disclaimer
- Commit:
195f32d3a4e0b3c962cb089cde148fbaf0abb58b
- From:
- Omar Polo <op@omarpolo.com>
- Date:
update the site for 1.8.6
- Commit:
bd8683d0fd36893c18e7271faaa3b9ea67df0695
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add tests and compat for setresuid and setresgid
- Commit:
06035a023710962df95f48d8486739154a9d707a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
more is*() unsigned char cast
continuation of 6130e0eeac9db4fa8e6fe5934ec2d0ab202f979e
- Commit:
97b306cbee6d105885a761e04274f661a0ec3757
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add an implicit fastcgi parameter: GEMINI_SEARCH_STRING
it’s the QUERY_STRING decoded if it’s a search-string (i.e. not a
key-value pair.) It’s useful for scripts to avoid percent-decoding
the querystring in the most common case of a query, because in Gemini
querystrings key-value paired are not common.
Idea from a discussion with Allen Sobot.
- Commit:
77718c121f89b39bd0095f10e2dbd2ff9df65281
- From:
- Omar Polo <op@omarpolo.com>
- Date:
correction: QUERY_STRING is *not* urldecoded.
RFC3875 § 4.1.7 states that "the QUERY_STRING variable contains a
URL-encoded search or parameter string".
- Commit:
17493a486c9e6325c3aae74920ddb10958ae2771
- From:
- Omar Polo <op@omarpolo.com>
- Date:
return after FCGI_END_REQUEST
this fixes a possible crash if `client_write' closes the connection,
because client_close can end up freeing the fastcgi bufferevent while
we're looping.
We don't support fastcgi multiplexing, so once we get an END_REQUEST
there's nothing more to do.
Prodded into looking here after a bug report from Allen Sobot, thanks!
- Commit:
eb4f96c10afcf8806cbbff3087aa0850e3fc9905
- From:
- Omar Polo <op@omarpolo.com>
- Date:
typo
- Commit:
e92efb0d8ecfd42e3585963c8b66c61f5451cfa9
- From:
- Omar Polo <op@omarpolo.com>
- Date:
don't crash when specifying fcgi UNIX sockets to connect to
- Commit:
872a717687a377cc02860e44c67dc1934ebfa9cb
- From:
- Omar Polo <op@omarpolo.com>
- Date:
when switching user also set the groups
- Commit:
b24c6fcc1c81fa2a6b71048a9d2fc532402448b7
- From:
- Omar Polo <op@omarpolo.com>
- Date:
adjust pledge/unveil on OpenBSD
to connect to unix-domain sockets the `unix' pledge is needed and also
unveil "w". gmid can't mutate files because it doesn't pledge `wpath'
nor `cpath'.
- Commit:
6130e0eeac9db4fa8e6fe5934ec2d0ab202f979e
- From:
- Omar Polo <op@omarpolo.com>
- Date:
always cast is*() arguments to unsigned char