Commits
- Commit:
193380eaa4b4fa001dd773b9ee94e2545eed5efa
- From:
- Omar Polo <op@omarpolo.com>
- Date:
free OCSP path when clearing the config
was forgotten in ff05125eb81e5bbf2cf05b8434d03bce584936e0
- Commit:
7fa6717647863ac5c63126329c52336409712353
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fmt
- Commit:
ff05125eb81e5bbf2cf05b8434d03bce584936e0
- From:
- Stephen Gregoratto <dev@sgregoratto.me>
- Via:
- omar-polo <op@omarpolo.com>
- Date:
Implement OCSP stapling support
Currently dogfooding this patch at gemini.sgregoratto.me. To test,
run the following command and look for the "OCSP response" header:
openssl s_client -connect "gemini.sgregoratto.me:1965" -status
- Commit:
f0a01fc742e83b3f4736b5d64af3ab18148afc5a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
two -n to dump the parsed configuration
This adds a barebone dumping of the parsed configuration. It is not
complete, but I'm interested in dumping the full path to `cert' and
`key' in order to write some scripts that can inspect the
configuration, extract the certificates and renew them when expired
automatically.
It's not easy to parse gmid configuration otherwise because the syntax
is flexible and users can use macros. Instead, the idea is to run
gmid and let it dump the configuration once it's been parsed in a
static and predictable format.
Now is possible to parse gmid configuration with, say, awk or perl.
- Commit:
807869c14ee57aaa6035e6cba0df5d1369ced9ba
- From:
- Omar Polo <op@omarpolo.com>
- Date:
print the error too if we can't open a directory
It's not intuitive to print
open ... for domain xyz
it doesn't convey that the open failed.
now it appends the error string, at least the user can understand that
something went wrong.
reported by cage on irc, thanks!
- Commit:
4cd25209651f224be8c34d6006ef689963ce37d5
- From:
- Omar Polo <op@omarpolo.com>
- Date:
one FastCGI connection per client
FastCGI is designed to multiplex requests over a single connection, so
ideally the server can open only one connection per worker to the
FastCGI application and that's that.
Doing this kind of multiplexing makes the code harder to follow and
easier to break/leak etc on the gmid side however. OpenBSD' httpd
seems to open one connection per client, so why can't we too?
One connection per request is still way better (lighter) than using
CGI, and we can avoid all the pitfalls of the multiplexing (keeping
track of "live ids", properly shut down etc...)
- Commit:
81e0f0007842bc82fe234ffe4e5e0ce362b3a280
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fmt
- Commit:
df0c2926ccb753d07a3f20f3626a20f7079453ee
- From:
- Omar Polo <op@omarpolo.com>
- Date:
use memset(3) rather than bzero(3)
There's no difference, but bzero(3) says
STANDARDS
The bzero() function conforms to the X/Open System Interfaces option of
the IEEE Std 1003.1-2004 (“POSIX.1”) specification. It was removed from
the standard in IEEE Std 1003.1-2008 (“POSIX.1”), which recommends using
memset(3) instead.
so here we are.
- Commit:
2e319276065bb4564aaa5d4990e058c3d8a6e95f
- From:
- Omar Polo <op@omarpolo.com>
- Date:
don't crash if -n is given without -c
If -n is given without -c, config_path is still NULL and it would
crash due to a NULL deference.
- Commit:
735336b21edbca50b1650df091ed2dad47f96c27
- From:
- Omar Polo <op@omarpolo.com>
- Date:
unbreak configless mode
An un-initialized field in the configless code path leads to a crash
on the first request.
- Commit:
391825e3604deef4c9dc3267dc2b6c89fc79958a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
move parse_portno to gmid.c
it's used only to parse the -p flag. While there add check_port_num
to check the range for the port.
- Commit:
a8a1f439210de9538b196c6bb5470c306379128c
- From:
- Omar Polo <op@omarpolo.com>
- Date:
style(9)-ify
- Commit:
8a50fc0330f50c1c0c5fc0b541e0b8a19f900ea5
- From:
- Omar Polo <op@omarpolo.com>
- Date:
initialize the logger early
Initialize the logger as soon as possible and log by default to
stderr. With this, some (common?) errors are printed early instead of
ending up in syslog.
# NB: this is in configless mode
% ./gmid -p 80
[2021-07-07 11:05:57] bind: Address already in use
% ./gmid -p 81
[2021-07-07 11:13:53] bind: Permission denied
%
- Commit:
090b8a89faa34cdc41c41e32845f1f5b444536e4
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gracefully shut down fastcgi backends
we need to delete the events associated with the backends, otherwise
the server process won't ever quit.
Here, we add a pending counter to every backend and shut down
immediately if they aren't handling any client; otherwise we try to
close them as soon as possible (i.e. when they close the connection to
the last connected client.)
- Commit:
ef945cf4157bc8239c6da682a89ba60b11cc0e26
- From:
- Omar Polo <op@omarpolo.com>
- Date:
reset fcgi array in free_config
otherwise path, port and/or prog could become an invalid pointer.