Commits

Commit:
1e0b974519c8228e271b2b6e677c1b8f9a109b6b
From:
Omar Polo <op@omarpolo.com>
Date:
send capsicum/landlock/seccomp hack to Valhalla
diff | patch | tree
Commit:
0b62f4842d7c65b8f64c5f676a0a05333fd7db6f
From:
Omar Polo <op@omarpolo.com>
Date:
drop landlock/seccomp and capsicum support it reached a point where this stuff is not maintenable. I'd like to move forward with gmid, but the restriction of capsicum and the linux environment at large that make landlock unusable (how can you resolve DNS portably when under landlock?) -and don't get me started on seccomp- makes it impossible for me to do any work. So, I prefer removing the crap, resuming working on gmid by cleaning stuff and consolidating the features, improving various things etc... and then eventually see how to introduce some sandboxing again on other systems. Patches to resume sandboxing are, as always, welcome!
diff | patch | tree
Commit:
c9e97a6ecb4acc6796468cf6bf1f31e8dc172694
From:
Anna “CyberTailor” <cyber@sysrq.in>
Via:
Omar Polo <op@omarpolo.com>
Date:
include grp.h for setgroup(2) on linux
diff | patch | tree
Commit:
837156014c5dc5746ecfcc00e5b02db16cb90f67
From:
Omar Polo <op@omarpolo.com>
Date:
add a disclaimer
diff | patch | tree
Commit:
195f32d3a4e0b3c962cb089cde148fbaf0abb58b
From:
Omar Polo <op@omarpolo.com>
Date:
update the site for 1.8.6
diff | patch | tree
Commit:
bd8683d0fd36893c18e7271faaa3b9ea67df0695
From:
Omar Polo <op@omarpolo.com>
Date:
add tests and compat for setresuid and setresgid
diff | patch | tree
Commit:
06035a023710962df95f48d8486739154a9d707a
From:
Omar Polo <op@omarpolo.com>
Date:
more is*() unsigned char cast continuation of 6130e0eeac9db4fa8e6fe5934ec2d0ab202f979e
diff | patch | tree
Commit:
97b306cbee6d105885a761e04274f661a0ec3757
From:
Omar Polo <op@omarpolo.com>
Date:
add an implicit fastcgi parameter: GEMINI_SEARCH_STRING it’s the QUERY_STRING decoded if it’s a search-string (i.e. not a key-value pair.) It’s useful for scripts to avoid percent-decoding the querystring in the most common case of a query, because in Gemini querystrings key-value paired are not common. Idea from a discussion with Allen Sobot.
diff | patch | tree
Commit:
77718c121f89b39bd0095f10e2dbd2ff9df65281
From:
Omar Polo <op@omarpolo.com>
Date:
correction: QUERY_STRING is *not* urldecoded. RFC3875 § 4.1.7 states that "the QUERY_STRING variable contains a URL-encoded search or parameter string".
diff | patch | tree
Commit:
17493a486c9e6325c3aae74920ddb10958ae2771
From:
Omar Polo <op@omarpolo.com>
Date:
return after FCGI_END_REQUEST this fixes a possible crash if `client_write' closes the connection, because client_close can end up freeing the fastcgi bufferevent while we're looping. We don't support fastcgi multiplexing, so once we get an END_REQUEST there's nothing more to do. Prodded into looking here after a bug report from Allen Sobot, thanks!
diff | patch | tree
Commit:
eb4f96c10afcf8806cbbff3087aa0850e3fc9905
From:
Omar Polo <op@omarpolo.com>
Date:
typo
diff | patch | tree
Commit:
e92efb0d8ecfd42e3585963c8b66c61f5451cfa9
From:
Omar Polo <op@omarpolo.com>
Date:
don't crash when specifying fcgi UNIX sockets to connect to
diff | patch | tree
Commit:
872a717687a377cc02860e44c67dc1934ebfa9cb
From:
Omar Polo <op@omarpolo.com>
Date:
when switching user also set the groups
diff | patch | tree
Commit:
b24c6fcc1c81fa2a6b71048a9d2fc532402448b7
From:
Omar Polo <op@omarpolo.com>
Date:
adjust pledge/unveil on OpenBSD to connect to unix-domain sockets the `unix' pledge is needed and also unveil "w". gmid can't mutate files because it doesn't pledge `wpath' nor `cpath'.
diff | patch | tree
Commit:
6130e0eeac9db4fa8e6fe5934ec2d0ab202f979e
From:
Omar Polo <op@omarpolo.com>
Date:
always cast is*() arguments to unsigned char
diff | patch | tree