Commits
- Commit:
c5b4db930eb7d4546b7591bc719ce22abf83beb6
- From:
- Omar Polo <op@omarpolo.com>
- Date:
specify custom version strings for the various cmds
- Commit:
5c4855299cc05b533c3b5229e864654f59fe69ea
- From:
- Omar Polo <op@omarpolo.com>
- Date:
remove remnats tentacles of the executor process
- Commit:
934f957f297e0bb5e9abf55ed425a18e169f7ae4
- From:
- Omar Polo <op@omarpolo.com>
- Date:
remove unused entrypoint field
ventige of the cgi support (and lack of url rewriting)
- Commit:
2025e96d976677a7bf6bbe54185eb7bca026fe9d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
drop cgi vestiges from the struct host
The `env' list is no longer used since CGI scripts were removed
- Commit:
cd5826b8ba3b43ed9802309688ae029c0f5c4081
- From:
- Omar Polo <op@omarpolo.com>
- Date:
retire the deprecated `mime' and `map' config options
- Commit:
aa9543b9fd1963d86f63fda13addb356f9039c37
- From:
- Omar Polo <op@omarpolo.com>
- Date:
make the mime types fixed-sized too
- Commit:
7277bb7dc2971fad2a51b7975df85dda1df4c936
- From:
- Omar Polo <op@omarpolo.com>
- Date:
make config fields `chroot' and `user' fixed-size
- Commit:
760009951357d4c36991c4c6a62db973289b32d9
- From:
- Omar Polo <op@omarpolo.com>
- Date:
optionally disable the sandbox on some systems
The FreeBSD and Linux' sandbox can't deal with `fastcgi' and `proxy'
configuration rules: new sockets needs to be opened and it's either
impossible (the former) or a huge pain in the arse (the latter).
The sandbox is still always used in case only static files are served.
- Commit:
36e6e793a159a4241b87c62345e4bad2485728c6
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gc FILE_EXECUTABLE
- Commit:
1ab7c96bb305e818b5dfa3b525d5ff635ad12a0a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gc sandbox_executor_process
- Commit:
d29a2ee2246e1b1b0c5222a823820e42422c894e
- From:
- Omar Polo <op@omarpolo.com>
- Date:
get rid of the CGI support
I really want to get rid of the `executor' process hack for CGI scripts
and its escalation to allow fastcgi and proxying to work on non-OpenBSD.
This drops the CGI support and the `executor' process entirely and is
the first step towards gmid 2.0. It also allows to have more secure
defaults.
On non-OpenBSD systems this means that the sandbox will be deactivated
as soon as fastcgi or proxying are used: you can't open sockets under
FreeBSD' capsicum(4) and I don't want to go thru the pain of making it
work under linux' seccomp/landlock. Patches are always welcome however.
For folks using CGI scripts (hey, I'm one of you!) not all hope is lost:
fcgiwrap or OpenBSD' slowcgi(8) are ways to run CGI scripts as they were
FastCGI applications.
fixes for the documentation and to the non-OpenBSD sandboxes will
follow.
- Commit:
f2f8eb35c86c4e1c1d858e782c864deac0511cd3
- From:
- Omar Polo <op@omarpolo.com>
- Date:
encode file names in the directory index
Spotted the hard way by cage
- Commit:
18bd83915eab0f06b7e2920d0d71a39108b2d641
- From:
- Omar Polo <op@omarpolo.com>
- Date:
sort the MIME mappings and do a binary search to match
- Commit:
54203115cd0121ee0e44f5e58202a4d8054b9c09
- From:
- Omar Polo <op@omarpolo.com>
- Date:
don't load the built-in list when using `types'
- Commit:
d8d170aa5ee1498babee095078b3888f1525a2b3
- From:
- Omar Polo <op@omarpolo.com>
- Date:
allow add_mime to fail
add_mime nows allocate dinamically copies of the passed strings, so
that we can actually free what we parse from the config file.
This matters a lot especially with lengthy `types' block: strings that
reach the internal mapping are never free'd, so every manual addition
is leaked.