aboutsummaryrefslogtreecommitdiff
path: root/server.c
AgeCommit message (Collapse)Author
2024-09-01spell "nam" with the "e"; from codespellOmar Polo
2024-08-24fix previous; no need to match_host for the aliasOmar Polo
The issue with the test was due to differences in upper/lower cased letters in the domain names. Normally these don't matter, and when decoding the IRI we lowercase, BUT the SNI can have upper-case letters and we preserve them as-is in `c->domain'.
2024-08-24no need for the match_host danceOmar Polo
2024-08-24rework match_host(); fix alias handling; add two alias testsOmar Polo
2024-08-03proxy-protocol: accept cross-family proxyingOmar Polo
Due to a strict interpretation of the spec if "TCP4" is used we expect two ipv4 addresses (and similar for "TCP6" and ipv6 addresses). However, the family specified in the proxy header matters only for the first address (the source), not the destination! After all, it's not strange to proxy from/to ipv4 and ipv6. Use getaddrinfo(NI_NUMERICHOST) to parse the IP addresses since inet_pton() is too strict.
2024-08-03add support for using the proxy protocol v1 when proxying tooOmar Polo
This is symmetrical to the support for *incoming* requests. The new regress case uses this to proxy to itself using the proxy-protocol v1. Fixes https://github.com/omar-polo/gmid/issues/31
2024-07-08proxy protocol v1: handle EOF and short readsOmar Polo
2024-07-08remove trailing whitespaces and extra bracesOmar Polo
2024-07-08move some variables to function scopeOmar Polo
2024-07-08fix left computationOmar Polo
2024-07-08no need to clear error before calling read(2)Omar Polo
There are only a few functions (so badly designed) that need to have errno cleared beforehand (hello, strtoll!). read(2) is not among these.
2024-07-08s/should_buffer/proxy_protoOmar Polo
2024-07-08fmtOmar Polo
2024-06-17replace asserts with error returnsOmar Polo
2024-06-17inline PROXY_PROTO_PARSE_* and EXPECT_SUCCESS macrosOmar Polo
2024-06-17invert the arguments in some comparisonsOmar Polo
2024-06-17whitespace and minor style nitsOmar Polo
2024-06-17add a proxy-v1 keyword to enable the proxy protocol handlingOmar Polo
2024-06-17add support for the proxy protocol v1Christoph Liebender
This allows to use proxies like nginx or haproxy in front of gmid and still have the correct information about the originating client. This will need explicit opt-in via the `proxy-v1' listen flag which will be added in a follow-up commit. Merges https://github.com/omar-polo/gmid/pull/30
2024-06-10warn instead of dieing on unknown accept(2) failuresOmar Polo
2024-06-10fmtOmar Polo
2024-06-10use a fatalx() rather than abort()Omar Polo
makes up for a nicer error message, and easier troubleshoot.
2024-06-10another range checkOmar Polo
2024-06-10detect and reject NUL bytes embedded in the requestOmar Polo
2024-06-10use snprintfOmar Polo
2024-06-03fix `fastcgi off' handlingOmar Polo
When a matching location has a `fastcgi off' directive, we should honour that and stop searching for further location which may have a `fastcgi' directive. Bug reported by Alex // nytpu, thanks!
2024-05-29pretty-print the socket address at configuration parsing timeOmar Polo
saves a getnameinfo(NI_NUMERICHOST) at runtime, even if it's pretty cheap.
2024-05-29relax the SNI requirementOmar Polo
There are legitimate cases where SNI can't be used, for example when connecting via an IPv6 address, so don't rejects those requests. Instead, fill the requested domain with the address (literal) of the socket they're connected to and attempt to match on it. This possibly still incur in a "won't proxy" error if the client then requests a different hostname. See the github issue https://github.com/omar-polo/gmid/issues/25
2024-05-25s/MIN/MINIMUM/gOmar Polo
2024-03-12remove dead codeOmar Polo
2024-01-21convert remaining code to the imsg gettersOmar Polo
Now gmid doesn't touch anymore the internals of the imsg structs.
2024-01-09fix configtest with chrootOmar Polo
The configtest checks try to open the root directories too, operation that can fail when they're expected to be inside a chroot.
2023-08-28log ip address and port when tls_handshake failsOmar Polo
These connection are not otherwise logged and it could be helpful to track down the bad ip.
2023-08-11fix comment (ge -> gemexp)Omar Polo
2023-08-09don't call client_close() from fcgi/proxy bev handlersOmar Polo
We might end up calling client_close() from start_reply(), but that will free the fcgi/proxy bufferevent while they're still used on the stack. Instead, start_reply() only sets REQUEST_DONE and exits, returning the error eventually, so callers know when to stop.
2023-08-08move strip_path to utils.cOmar Polo
2023-08-03actually use the specified log styleOmar Polo
2023-07-23add `fastcgi off' to forceful skip fastcgi for a routeOmar Polo
2023-07-23revamp fastcgi configuration: make it per-locationOmar Polo
this revamps the syntax in the configuration to better match httpd(8) (and in general be less weird) and to allow per-location fastcgi configurations. the bare `param' is now deprecated, but for compatibility it acts like `fastcgi param' would do now. Same story for `fastcgi <pathÂ>'.
2023-07-01rename do_accept() -> server_accept()Omar Polo
2023-07-01change log_request to take the code and meta unpackedOmar Polo
don't know what i was smoking when I wrote log_request() like that...
2023-07-01change on fatalx -> log_warnxOmar Polo
we already check the validity of the format string, but still avoid a gratious fatal() at runtime.
2023-07-01rename fmt_sbuf -> fmtbuf; make the buffer explicitOmar Polo
2023-07-01avoid needless strlen()Omar Polo
2023-07-01simplify request handlingOmar Polo
get rid of check_path(), it's overly complicated. Instead, inline open_file() in client_read() and rework open_dir() to just use openat() instead of the complicate dance it was doing. Simplify open_dir() too in the process: if the directory entry for the index is not a regular file, pretend it doesn't exist.
2023-07-01use a function-local buffer for the canonical redirectOmar Polo
2023-06-26use snprintf() instead of chain of strlcpy/catOmar Polo
2023-06-26call getnameinfo() only once per requestOmar Polo
2023-06-24avoid gratious strlen; evbuffer_readln returns the lengthOmar Polo
2023-06-24plug memory leak in client_close_evOmar Polo