Commits
- Commit:
d29a2ee2246e1b1b0c5222a823820e42422c894e
- From:
- Omar Polo <op@omarpolo.com>
- Date:
get rid of the CGI support
I really want to get rid of the `executor' process hack for CGI scripts
and its escalation to allow fastcgi and proxying to work on non-OpenBSD.
This drops the CGI support and the `executor' process entirely and is
the first step towards gmid 2.0. It also allows to have more secure
defaults.
On non-OpenBSD systems this means that the sandbox will be deactivated
as soon as fastcgi or proxying are used: you can't open sockets under
FreeBSD' capsicum(4) and I don't want to go thru the pain of making it
work under linux' seccomp/landlock. Patches are always welcome however.
For folks using CGI scripts (hey, I'm one of you!) not all hope is lost:
fcgiwrap or OpenBSD' slowcgi(8) are ways to run CGI scripts as they were
FastCGI applications.
fixes for the documentation and to the non-OpenBSD sandboxes will
follow.
- Commit:
5eb842cd1fe524b062d059e675342a0ce29767a4
- From:
- Omar Polo <op@omarpolo.com>
- Date:
rework the 'running gmid as a daemon' example a bit
- Commit:
1595c277efd582266baa59b084280a5cd3c2a5ad
- From:
- Omar Polo <op@omarpolo.com>
- Date:
move the documentation of the config file into gmid.conf.5
- Commit:
4ee085938fdea146bb03cbf9d22927207f777e65
- From:
- Omar Polo <op@omarpolo.com>
- Date:
don't mention the `map' rule anymore: `types' is way better
- Commit:
1a04137e1869781efcd635a1abd4387ccfa6e56d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tag 1.8.3 -- "Lightbulb Sun" bugfix release
gmid 1.8.3 "Lightbulb Sun" bugfix release
=========================================
Released March 27, 2022.
signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC
Bug Fixes
~~~~~~~~~
* fix a possible out-of-bound access in the CGI handling. It was
introduced last October during a refactoring, but due to how
many malloc(3) implementations works this hasn't been found
until now. Otto' malloc is more strict fortunately.
- Commit:
62a46b03c6f911f3674d6cb7b77a49bac8efad42
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tag 1.8.2 -- "Lightbulb Sun" bugfix release
gmid 1.8.2 "Lightbulb Sun" bugfix release
=========================================
Released March 26, 2022.
signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC
Bug Fixes
~~~~~~~~~
* fix a CGI timing issue: if a connection handled by a CGI scripts
is interrupted with the right timing it causes the server
process to exit with "fatal in client_by_id: invalid id X".
New Features
~~~~~~~~~~~~
* add a new block `type { ... }' to define mime types mapping.
Improvements
~~~~~~~~~~~~
* use shell built-in `command' instead of which(1), prodded by
cage and Allen Sobot.
* configure script: allow to set MANDIR from cmdline (Allen Sobot)
* add systemd-sysusers sample file in contrib/ (Nakaya)
* [linux/seccomp] allow fstatat64(2), llseek(2) and sigreturn(2),
needed by glibc on armv7. (Tobias Berger)
* [linux/seccomp] tightens rules by allowing openat(2) only with
the O_RDONLY flag.
- Commit:
da613aba4b0d28c5d8368ba2fc5e91cf5f6604b1
- From:
- Omar Polo <op@omarpolo.com>
- Date:
bump Mdocdate
- Commit:
e0bf950dff7271b6ef01111f5f104aab66411ccd
- From:
- Omar Polo <op@omarpolo.com>
- Date:
document the type { ... } block
- Commit:
a14b9f779f14edee7c22e12f1ad8a4ba2d3134df
- From:
- Omar Polo <op@omarpolo.com>
- Date:
prepare 1.8 release
- Commit:
c586dfead7204405c72eccdad2a249e961fec319
- From:
- Omar Polo <op@omarpolo.com>
- Date:
rename MIME section to "MEDIA TYPES"
- Commit:
1cdea97b6c74ec86e202431a208b5c99343f7273
- From:
- Omar Polo <op@omarpolo.com>
- Date:
allow using a custom hostname for SNI during proxying
add a `sni' option for the `proxy' block: the given name is used instead
of the one extracted by the `relay-to' rule.
- Commit:
14cee92646640af05523eb0bbe30946ab0c9d0d3
- From:
- Omar Polo <op@omarpolo.com>
- Date:
some Pa -> Ar; while here drop two `The' from the start of the sentence
- Commit:
7c2374af2ca2f65b70211b03350618635d16063e
- From:
- Omar Polo <op@omarpolo.com>
- Date:
document `require client ca' for proxies
- Commit:
207dc0f9f68d7946e1db13dd025d4a30a68ca840
- From:
- Omar Polo <op@omarpolo.com>
- Date:
sync manpage
- Commit:
53884ec00adf7fa7e8a62b41b589a95892d34b2b
- From:
- Omar Polo <op@omarpolo.com>
- Date:
document use-tls