Commits
- Commit:
d98ae929b23af35e2e837c97b5c20559f48d584b
- From:
- Omar Polo <op@omarpolo.com>
- Date:
don't log errno, it's always zero after libtls returns
The libevent error value is much more interesting!
see github issue #13
- Commit:
e0f6dc646d6c257869c17f16db977cd064262830
- From:
- Omar Polo <op@omarpolo.com>
- Date:
improve proxy error path
properly release everything when during client_close if the request
was managed by a proxy.
- Commit:
d28bd963c2450790bdb6bf2193af5670581c0c24
- From:
- Omar Polo <op@omarpolo.com>
- Date:
always mark requests as done when their code is != 20
- Commit:
b9b77f5344ba6d6116044360feb3a7927778169f
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fix comment
- Commit:
901905e0cf0f5f141461df7ea199711ea951c919
- From:
- Omar Polo <op@omarpolo.com>
- Date:
bail out of client_read if we've already decide what to do
libevent2 can still somehowe call client_read even in code paths
that never enable reading from the evbuffer. Can't reproduce on
the libevent in base on OpenBSD. It's a bit ugly, but it's a small
workaround for something that otherwise *always* make gmid crash
when linked against libevent2. (client_read works under the
assumption that c->host != NULL, matched_proxy crashes otherwise.)
- Commit:
876a417023a6a38cc61f61bf3083305455a7f8ec
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tweak comment
- Commit:
d474a97922f2344f57481ffcfea05d30a3d466a2
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add missing prototype
- Commit:
ba94a608a89110740cb24ef098c476c84d371918
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add `require client ca' for proxy blocks
refactor the code that calls validate_against_ca into an helper
function to reuse it in both apply_require_ca and (optionally) in
apply_reverse_proxy.
- Commit:
b7967bc1f695126e1bf2705bfd486bbc32aaf8b0
- From:
- Omar Polo <op@omarpolo.com>
- Date:
proxy: allow multiple proxy blocks, matching options and validations
as a side effect the order of the content of a server block is relaxed:
options, location or proxy blocks can be put in any order.
- Commit:
593e412b4988ca8b72bb7ef9b1cc663cb1184215
- From:
- Omar Polo <op@omarpolo.com>
- Date:
allow to disable TLS when proxying requests
- Commit:
7bdcc91ec70ddde092ac5d7b4f75d54915e7b221
- From:
- Omar Polo <op@omarpolo.com>
- Date:
simplify the proxying code
it doesn't make any sense to keep the proxying info per-location:
proxying only one per-vhost. It can't work differently, it doesn't make
sense anyway.
- Commit:
d49093c105e7e9af2638bce945374ac0036b3498
- From:
- Omar Polo <op@omarpolo.com>
- Date:
support optional client certificate for proxy rule
- Commit:
6a6b4a2a98c508d2714eb899c0a23d2087b6e683
- From:
- Omar Polo <op@omarpolo.com>
- Date:
typo
- Commit:
72b033ef18ae3f82922f6f11ce0f5194e95f667d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add ability to proxy requests
Add to gmid the ability to forwad a request to another gemini server and
thus acting like a reverse proxy. The current syntax for the config
file is
server "example.com" {
...
proxy relay-to host:port
}
Further options (like the use of custom certificates) are planned.
cf. github issue #7
- Commit:
52c92ef6803ae5bcf1eca0447b07da2f8ca675fb
- From:
- Omar Polo <op@omarpolo.com>
- Date:
relax the "wont proxy request" check: don't check the port number
Don't refuse to serve the request if the port number doesn't match the
one we're listening on, as initially suggested by Allen Sobot.
Complex setup may have a gmid instance reachable from multiple ports and
the meaning of the check in the first places was to avoid tricking
clients into thinking that we're serving for those domains: the port
number is way less important than the schema or domain name.
In the long run, the best way would probably to add a `listen on'
keyword for the servers blocks, just like OpenBSD' httpd, but gmid can't
listen on multiple ports/interfaces yet