regress: change naming scheme for certs, add GENCERT_FLAGS knob Call the certificates .pem and the keys .key; use contrib/gencert to generate the certificates and provide a GENCERT_FLAGS knob so that regress can be run with EC keys (GENCERT_FLAGS=-e). Still no automatic way of testing with both RSA and EC keys.

use the legacy style in the tests for now

fix test after log style condensed change

rename ge -> gemexp in regress too

allow to change the logging style; introduce some new ones add `log style <style>'; The old default is called `legacy' now, a new default format is added called `condensed', and `common' and `combined' to mimick Apache httpd and nginx (respectively) are also added.

add a test for the file logging

add a test with fastcgi, locations and forceful disabling

adjust syntax in fastcgi test; add another test for the old syntax

improve fcgi test: send more than one chunk of data

use REGRESS_HOST to specify the host to listen to; use in CI some CI envs don't like `listen on localhost' but tolerate INADDR_ANY or IN6ADDR_ANY_INIT.

implement `listen on' Listening by default on all the addresses is so bad I don't know why I haven't changed this before. Anyway. Add a `listen on $hostname port $port' syntax to the config file and deprecate the old "port" and "ipv6" global setting. Still try to honour them when no "listen on" directive is used for backward compatibily, but this will go away in the next next version hopefully. At the moment the `listen on' in server context don't filter the host, i.e. one can still reach a host from a address not specified in the corresponding `liste on', this will be added later.

remove regress/sha we can use cmp to tell if two files are different, which also has the benefit of being available everywhere and reporting the byte offset of the first difference. Reduces the test dependencies on some systems.

re-establish fastcgi test

adjust regress to use `ge' for the old configless test

get rid of the CGI support I really want to get rid of the `executor' process hack for CGI scripts and its escalation to allow fastcgi and proxying to work on non-OpenBSD. This drops the CGI support and the `executor' process entirely and is the first step towards gmid 2.0. It also allows to have more secure defaults. On non-OpenBSD systems this means that the sandbox will be deactivated as soon as fastcgi or proxying are used: you can't open sockets under FreeBSD' capsicum(4) and I don't want to go thru the pain of making it work under linux' seccomp/landlock. Patches are always welcome however. For folks using CGI scripts (hey, I'm one of you!) not all hope is lost: fcgiwrap or OpenBSD' slowcgi(8) are ways to run CGI scripts as they were FastCGI applications. fixes for the documentation and to the non-OpenBSD sandboxes will follow.