Commits
Commit:
2025e96d976677a7bf6bbe54185eb7bca026fe9d
Date:
Sat Sep 10 09:48:30 2022
UTC
drop cgi vestiges from the struct host
The `env' list is no longer used since CGI scripts were removed
Commit:
cd5826b8ba3b43ed9802309688ae029c0f5c4081
Date:
Sat Sep 10 09:43:57 2022
UTC
retire the deprecated `mime' and `map' config options
Commit:
7277bb7dc2971fad2a51b7975df85dda1df4c936
Date:
Sat Sep 10 09:21:09 2022
UTC
make config fields `chroot' and `user' fixed-size
Commit:
aae8f6bf2b6be18c8bb4fc46c2df679110fe9d96
Date:
Thu Sep 8 21:34:29 2022
UTC
change the flags to be consistent with other OpenBSD daemons
-d is `debug' (run in the foreground)
-f to load the configuration file
adjust regress and contrib accordingly
Commit:
32fbc47803fbb51cfff0e5181b78d9050641709c
Date:
Thu Sep 8 20:44:35 2022
UTC
drop the configless mode from gmid; now it's provided by `ge'
Commit:
d29a2ee2246e1b1b0c5222a823820e42422c894e
Date:
Tue Sep 6 16:11:09 2022
UTC
get rid of the CGI support
I really want to get rid of the `executor' process hack for CGI scripts
and its escalation to allow fastcgi and proxying to work on non-OpenBSD.
This drops the CGI support and the `executor' process entirely and is
the first step towards gmid 2.0. It also allows to have more secure
defaults.
On non-OpenBSD systems this means that the sandbox will be deactivated
as soon as fastcgi or proxying are used: you can't open sockets under
FreeBSD' capsicum(4) and I don't want to go thru the pain of making it
work under linux' seccomp/landlock. Patches are always welcome however.
For folks using CGI scripts (hey, I'm one of you!) not all hope is lost:
fcgiwrap or OpenBSD' slowcgi(8) are ways to run CGI scripts as they were
FastCGI applications.
fixes for the documentation and to the non-OpenBSD sandboxes will
follow.
Commit:
a555e0d67baef271ffe4a186326ee5f1c16fff75
Date:
Mon Jul 4 09:48:39 2022
UTC
copyright years
Commit:
18bd83915eab0f06b7e2920d0d71a39108b2d641
Date:
Fri Apr 8 15:14:09 2022
UTC
sort the MIME mappings and do a binary search to match
Commit:
54203115cd0121ee0e44f5e58202a4d8054b9c09
Date:
Fri Apr 8 13:52:35 2022
UTC
don't load the built-in list when using `types'
Commit:
d8d170aa5ee1498babee095078b3888f1525a2b3
Date:
Fri Apr 8 13:44:49 2022
UTC
allow add_mime to fail
add_mime nows allocate dinamically copies of the passed strings, so
that we can actually free what we parse from the config file.
This matters a lot especially with lengthy `types' block: strings that
reach the internal mapping are never free'd, so every manual addition
is leaked.
Commit:
e5d82d9472513ef742dbb0b5ac451337625feb58
Date:
Sat Mar 19 11:02:42 2022
UTC
const-ify some tables
matches found with
% grep -R '=[ ]*{' . | fgrep -v const
Commit:
1cdea97b6c74ec86e202431a208b5c99343f7273
Date:
Sun Jan 30 10:14:44 2022
UTC
allow using a custom hostname for SNI during proxying
add a `sni' option for the `proxy' block: the given name is used instead
of the one extracted by the `relay-to' rule.
Commit:
b7967bc1f695126e1bf2705bfd486bbc32aaf8b0
Date:
Sun Jan 2 16:33:28 2022
UTC
proxy: allow multiple proxy blocks, matching options and validations
as a side effect the order of the content of a server block is relaxed:
options, location or proxy blocks can be put in any order.
Commit:
7bdcc91ec70ddde092ac5d7b4f75d54915e7b221
Date:
Sat Jan 1 17:08:39 2022
UTC
simplify the proxying code
it doesn't make any sense to keep the proxying info per-location:
proxying only one per-vhost. It can't work differently, it doesn't make
sense anyway.
Commit:
d49093c105e7e9af2638bce945374ac0036b3498
Date:
Sat Jan 1 16:33:44 2022
UTC
support optional client certificate for proxy rule
Omar Polo