Commits


fix an out-of-bound access in start_cgi Long time ago, client->req was a static buffer so the memcpy was safe. However, it's been since moved to a dynamically allocated string, so it's very often smaller than sizeof(req.buf) (1024), hence the out of bound access which results in a SIGSEGV very often on OpenBSD thanks to Otto' malloc. The situation with the iri parser, client->req and how the request is forwarded to the other process needs to be improved: this is just a fix to address the issue quickly, a better one would be to restructure the iri parser APIs and rethink how the info is forwarded to the ex process.


swap try_client_by_id with client_by_id i.e. allow client_by_id to fail and return NULL. Initially I thought it was a good idea to shut down a server process if we receive an invalid client id as reply from one of our requests to the executor process. This turned out not to be correct since a client can (read: will) disconnect in the delay beteewn we acknowledge their request and the cgi script execution. The fastcgi and proxy handler already handled this situation, so they're unaffected. This allows an attacker to make gmid unresponsible by just making enough requests until they hit the right timing.


don't log errno, it's always zero after libtls returns The libevent error value is much more interesting! see github issue #13


improve proxy error path properly release everything when during client_close if the request was managed by a proxy.


always mark requests as done when their code is != 20


fix comment


bail out of client_read if we've already decide what to do libevent2 can still somehowe call client_read even in code paths that never enable reading from the evbuffer. Can't reproduce on the libevent in base on OpenBSD. It's a bit ugly, but it's a small workaround for something that otherwise *always* make gmid crash when linked against libevent2. (client_read works under the assumption that c->host != NULL, matched_proxy crashes otherwise.)


tweak comment


add missing prototype


add `require client ca' for proxy blocks refactor the code that calls validate_against_ca into an helper function to reuse it in both apply_require_ca and (optionally) in apply_reverse_proxy.


proxy: allow multiple proxy blocks, matching options and validations as a side effect the order of the content of a server block is relaxed: options, location or proxy blocks can be put in any order.


allow to disable TLS when proxying requests


simplify the proxying code it doesn't make any sense to keep the proxying info per-location: proxying only one per-vhost. It can't work differently, it doesn't make sense anyway.


support optional client certificate for proxy rule


typo