Commits
- Commit:
3a8c76eab2203c2e19ac63a2e22cea79e250cbea
- From:
- Omar Polo <op@omarpolo.com>
- Date:
rename PROC_MAX to PREFORK_MAX
- Commit:
df5058c919cbd1538d0a04cb2a4c179c0291566f
- From:
- Omar Polo <op@omarpolo.com>
- Date:
provide a more usual fatal
fatal usually appends the error string. Add 'fatalx' that doesn't.
Fix callers and move the prototypes to log.h
- Commit:
1e0b974519c8228e271b2b6e677c1b8f9a109b6b
- From:
- Omar Polo <op@omarpolo.com>
- Date:
send capsicum/landlock/seccomp hack to Valhalla
- Commit:
e92efb0d8ecfd42e3585963c8b66c61f5451cfa9
- From:
- Omar Polo <op@omarpolo.com>
- Date:
don't crash when specifying fcgi UNIX sockets to connect to
- Commit:
7b00c8900b91302abe0695f495aa3baff90e9896
- From:
- Omar Polo <op@omarpolo.com>
- Date:
remove the last tentacles of the hidden `span' fcgi feature
- Commit:
534afd0ddcba7c3d2f8478e89db026010c6190c5
- From:
- Omar Polo <op@omarpolo.com>
- Date:
make the various strings in the config fixed-length
will help in future restructuring to have fixed-size objects.
- Commit:
4ceb570910de41133b2771cff29cbb78f37fea30
- From:
- Omar Polo <op@omarpolo.com>
- Date:
remove stale comment
- Commit:
9715efe6f3838c40bbb66a8d0806cf785f2e7368
- From:
- Omar Polo <op@omarpolo.com>
- Date:
retire fcgi' prog field
spawning programs was a hidden feature used only for testing. It's
gross and when got removed, I forgot to remove the field as well.
- Commit:
edc5ca667dbaf67ff39676341a131ced7502a36d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
properly initialize the TAILQs at vhost creation
- Commit:
2025e96d976677a7bf6bbe54185eb7bca026fe9d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
drop cgi vestiges from the struct host
The `env' list is no longer used since CGI scripts were removed
- Commit:
cd5826b8ba3b43ed9802309688ae029c0f5c4081
- From:
- Omar Polo <op@omarpolo.com>
- Date:
retire the deprecated `mime' and `map' config options
- Commit:
aa9543b9fd1963d86f63fda13addb356f9039c37
- From:
- Omar Polo <op@omarpolo.com>
- Date:
make the mime types fixed-sized too
- Commit:
7277bb7dc2971fad2a51b7975df85dda1df4c936
- From:
- Omar Polo <op@omarpolo.com>
- Date:
make config fields `chroot' and `user' fixed-size
- Commit:
760009951357d4c36991c4c6a62db973289b32d9
- From:
- Omar Polo <op@omarpolo.com>
- Date:
optionally disable the sandbox on some systems
The FreeBSD and Linux' sandbox can't deal with `fastcgi' and `proxy'
configuration rules: new sockets needs to be opened and it's either
impossible (the former) or a huge pain in the arse (the latter).
The sandbox is still always used in case only static files are served.
- Commit:
d29a2ee2246e1b1b0c5222a823820e42422c894e
- From:
- Omar Polo <op@omarpolo.com>
- Date:
get rid of the CGI support
I really want to get rid of the `executor' process hack for CGI scripts
and its escalation to allow fastcgi and proxying to work on non-OpenBSD.
This drops the CGI support and the `executor' process entirely and is
the first step towards gmid 2.0. It also allows to have more secure
defaults.
On non-OpenBSD systems this means that the sandbox will be deactivated
as soon as fastcgi or proxying are used: you can't open sockets under
FreeBSD' capsicum(4) and I don't want to go thru the pain of making it
work under linux' seccomp/landlock. Patches are always welcome however.
For folks using CGI scripts (hey, I'm one of you!) not all hope is lost:
fcgiwrap or OpenBSD' slowcgi(8) are ways to run CGI scripts as they were
FastCGI applications.
fixes for the documentation and to the non-OpenBSD sandboxes will
follow.