Commits
- Commit:
1a04137e1869781efcd635a1abd4387ccfa6e56d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tag 1.8.3 -- "Lightbulb Sun" bugfix release
gmid 1.8.3 "Lightbulb Sun" bugfix release
=========================================
Released March 27, 2022.
signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC
Bug Fixes
~~~~~~~~~
* fix a possible out-of-bound access in the CGI handling. It was
introduced last October during a refactoring, but due to how
many malloc(3) implementations works this hasn't been found
until now. Otto' malloc is more strict fortunately.
- Commit:
62a46b03c6f911f3674d6cb7b77a49bac8efad42
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tag 1.8.2 -- "Lightbulb Sun" bugfix release
gmid 1.8.2 "Lightbulb Sun" bugfix release
=========================================
Released March 26, 2022.
signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC
Bug Fixes
~~~~~~~~~
* fix a CGI timing issue: if a connection handled by a CGI scripts
is interrupted with the right timing it causes the server
process to exit with "fatal in client_by_id: invalid id X".
New Features
~~~~~~~~~~~~
* add a new block `type { ... }' to define mime types mapping.
Improvements
~~~~~~~~~~~~
* use shell built-in `command' instead of which(1), prodded by
cage and Allen Sobot.
* configure script: allow to set MANDIR from cmdline (Allen Sobot)
* add systemd-sysusers sample file in contrib/ (Nakaya)
* [linux/seccomp] allow fstatat64(2), llseek(2) and sigreturn(2),
needed by glibc on armv7. (Tobias Berger)
* [linux/seccomp] tightens rules by allowing openat(2) only with
the O_RDONLY flag.
- Commit:
da613aba4b0d28c5d8368ba2fc5e91cf5f6604b1
- From:
- Omar Polo <op@omarpolo.com>
- Date:
bump Mdocdate
- Commit:
e0bf950dff7271b6ef01111f5f104aab66411ccd
- From:
- Omar Polo <op@omarpolo.com>
- Date:
document the type { ... } block
- Commit:
a14b9f779f14edee7c22e12f1ad8a4ba2d3134df
- From:
- Omar Polo <op@omarpolo.com>
- Date:
prepare 1.8 release
- Commit:
c586dfead7204405c72eccdad2a249e961fec319
- From:
- Omar Polo <op@omarpolo.com>
- Date:
rename MIME section to "MEDIA TYPES"
- Commit:
1cdea97b6c74ec86e202431a208b5c99343f7273
- From:
- Omar Polo <op@omarpolo.com>
- Date:
allow using a custom hostname for SNI during proxying
add a `sni' option for the `proxy' block: the given name is used instead
of the one extracted by the `relay-to' rule.
- Commit:
14cee92646640af05523eb0bbe30946ab0c9d0d3
- From:
- Omar Polo <op@omarpolo.com>
- Date:
some Pa -> Ar; while here drop two `The' from the start of the sentence
- Commit:
7c2374af2ca2f65b70211b03350618635d16063e
- From:
- Omar Polo <op@omarpolo.com>
- Date:
document `require client ca' for proxies
- Commit:
207dc0f9f68d7946e1db13dd025d4a30a68ca840
- From:
- Omar Polo <op@omarpolo.com>
- Date:
sync manpage
- Commit:
53884ec00adf7fa7e8a62b41b589a95892d34b2b
- From:
- Omar Polo <op@omarpolo.com>
- Date:
document use-tls
- Commit:
ee68c36198e0e1f0142b18e130c55b73747027e1
- From:
- Omar Polo <op@omarpolo.com>
- Date:
document the new proxy stuff
- Commit:
c143dcfa85413062ac50f526c8b560bbeb9e8566
- From:
- Omar Polo <op@omarpolo.com>
- Date:
document the `proxy relay-to' rule
- Commit:
ebf3373d66fba1ff5fbfd822edefd83cc50a7630
- From:
- Omar Polo <op@omarpolo.com>
- Date:
explain config-less mode
- Commit:
ff05125eb81e5bbf2cf05b8434d03bce584936e0
- From:
- Stephen Gregoratto <dev@sgregoratto.me>
- Via:
- omar-polo <op@omarpolo.com>
- Date:
Implement OCSP stapling support
Currently dogfooding this patch at gemini.sgregoratto.me. To test,
run the following command and look for the "OCSP response" header:
openssl s_client -connect "gemini.sgregoratto.me:1965" -status