simplify handle_cgi Now that I got rid of the enum+switch, adding more state is easier. Before, we used an hack to remember if we had read the CGI reply or not (c->code = -1). This introduces a new state, handle_cgi_reply that reads the CGI script reply, logs it, and only then switches to handle_cgi. handle_cgi itself is cleaner, now it only reads into c->sbuf and send what it had red. We even get, almost for free, the 42 error. If read exists with -1 or 0 from in handle_cgi_reply, we return a proper error to the client. We can extend this further in the future and also try to validate the CGI reply (for now we're only looking for a \n).

switch to handle_open_conn right after handshake So we don't re-enter the handle_handsahke and re-do the loop on fnmatch etc. This way, once we're successfully past the handshake, we'll re-enter no handle_open_conn.

client state machine: function pointers instead of enum+switch

bring the CGI implementation in par with GLV-1.12556


invert the location precedence: first match wins It's how httpd(8) does it, and it allows us to call fnmatch less time

don't ignore punycode errors when decoding SNI-provided servname

puny_decode: set an error string

don't log the SNI & matching I'll re-enable this when i'll improve the logging

log info about SNI, punycode and matched vhost

some null checks

trim_req_iri: set error string

initial punycode support

rework the configless mode: change flags and generate certs

added support for location blocks