2024-08-03 Omar Polo * configure (VERSION): release 2.1 "From Mars To Sirius" * add support for the proxy-protocol v1 in outgoing connections too; needs to be enabled with the new `proxy-v1' flag in a `proxy' block. * gg.c (parse_proxy): support IPv6 addresses in -P 2024-06-17 Christoph Liebender * add support for the proxy-protocol v1 on incoming connection; needs to be enabled with the new `proxy-v1' flag for `listen'. 2024-06-17 Omar Polo * titan.c (open_input_file): improve error checking; errors like "no space left on device" would have been hidden otherwise. 2024-06-14 Omar Polo * gmid.c: correctly propagate the prefork value; was causing failures if the `prefork' setting was changed from the default. 2024-06-12 Omar Polo * gmid.c (main): fix typo in a bounds check resulting in "chroot path too long" on some systems. 2024-06-11 Omar Polo * configure (VERSION): release 2.0.5 2024-06-10 Omar Polo * don't error on a '..' component at the start of the path * reject NUL bytes embedded in the request 2024-06-09 Omar Polo * check for truncation various strlcpy calls. * clean up of a few unused prototypes and externs. 2024-06-08 Omar Polo * configure: change how strnvis(3) is handled: on systems with the broken interface gmid will just use its built-in version. 2024-06-06 Omar Polo * parse.y: allow again empty lines at the start of the config * configure (VERSION): release 2.0.4 * portability fix for system with a wrong strnvis(3) 2024-06-05 Omar Polo * parse.y: add a nicer error message if the removed `cgi' option is still used. 2024-06-04 Omar Polo * configure (VERSION): release 2.0.3 2024-06-03 Omar Polo * server.c (vhost_fastcgi): fix `fastcgi off' handling. Reported by Alex // nytpu 2024-05-29 Omar Polo * server.c (handle_handshake): relax the SNI requirement. There are legitimate use-cases where SNI can't be used, like connecting to a raw IPv6 address. * gg.c (main): add -q to avoid printing "Server Says:" * gg.c (main): unbreak -n * iri.c (parse_authority): add support for raw IPv6 addresses 2024-04-04 Omar Polo * configure (VERSION): release 2.0.2 2024-04-03 Omar Polo * configure: improve function checking in the configure * have/landlock.c: fix landlock test * gmid.c (main_print_conf): fix config dumping with -nn 2024-03-03 Omar Polo * gmid.c: fix `log access path' with a chroot 2024-01-30 Anna “CyberTailor” * contrib/vim/indent/gmid.vim: fix indent 2024-01-30 Omar Polo * parse.y: don't make log styles reserved keywords. Unbreaks the example in the manpage with `common = ...'. 2024-01-26 Omar Polo * parse.y: rework grammar to allow the semicolon after variables/macros definition and top-level options 2024-01-24 Omar Polo * configure (VERSION): release 2.0.1 2024-01-21 Omar Polo * convert gmid to the new imsg API 2024-01-14 Anna “CyberTailor” * configure: fix --mandir handling 2024-01-11 Omar Polo * configure (VERSION): release 2.0 2024-01-09 Anna “CyberTailor” * contrib/vim/syntax/gmid.vim: update Vim syntax file * contrib/vim/ale_listers/gmid/gmid.vim: add ALE linter 2023-10-18 Omar Polo * ge.c (load_local_cert): generate EC certs by default, use -R to keep generating RSA ones. * utils.c (gencert): generate EC too * gg.c (get): print the response header for non-2x replies to standard error 2023-10-15 Omar Polo * gg.c (main): exit with the gemini response code (unless it's 2x) 2023-08-29 Omar Polo * ge.c (data_dir): use $XDG_DATA_HOME/gemexp instead of /gmid for the certificates. 2023-08-18 Omar Polo * fcgi.c (fcgi_req): sync the parameters with RFC3875 (CGI) (fcgi_req): send "GET" as REQUEST_METHOD 2023-08-08 Omar Polo * fcgi.c (fcgi_req): implement SCRIPT_NAME / PATH_INFO splitting for fastcgi (fcgi_req): add `fastcgi strip' 2023-08-07 Omar Polo * logger.c (logger_dispatch_server): allow to change the syslog(3) facility. * gmid.c (main): attempt to load TLS certificates and load mimes and virtual hosts root as part of configtest (-n) rather than verifying the syntax of the configuration only. 2023-07-25 Omar Polo * gmid.c (log_request): allow to change the logging style. 2023-07-24 Omar Polo * parse.y: add ability to log to files with `log access '. 2023-07-23 Omar Polo * parse.y: revamp fastcgi configuration; make it per-location 2023-07-22 Omar Polo * titan.c (main): add titan(1), a simple titan client * gg.c (get): warn when the server doesn't use TLS' close notify 2023-07-01 Omar Polo * fcgi.c (fcgi_handle_stdout): parse and log the fastcgi reply 2023-06-24 Omar Polo * server.c (handle_handshake): correctly handle TLS handshake failures. * server.c (client_close_ev): plug memory leak 2023-06-23 Omar Polo * parse.y: implement `listen on' 2023-06-13 Omar Polo * regress/sha: remove regress/sha; sha256/sha256sum is no more required for the regress suite. 2023-06-12 Omar Polo * regress/lib.sh (run_test): use the default prefork in tests 2023-06-11 Omar Polo * crypto.c: add a privsep crypto engine (enabled only on OpenBSD) * configure: add -Wpointer-sign to the mix, adjust the code to cope. 2023-05-05 Omar Polo * contrib/gencert: add -e to generate EC keys 2023-05-08 Omar Polo * sandbox.c: drop landlock, seccomp and capsicum support 2022-09-10 Omar Polo * parse.y (string): retire the deprecated `mime' and `map' config options 2022-09-07 Omar Polo * ge.c (main): add `gemexp': small program to quickly export a directory over Gemini. 2022-09-06 Omar Polo * server.c: drop CGI support. 2022-07-07 Omar Polo Included as part of gmid 1.8.5: * log.c (logger_main): fix timestamps in log files. Reported by Karl Jeacle, thanks! * dirs.c (scandir_fd): drop d_reclen; it's not available on DragonflyBSD (at least.) 2022-07-07 Anna “CyberTailor” * Makefile: include contrib/ in dist 2022-07-04 Omar Polo * contrib/gmid: remove OpenBSD' rc file: it's now maintained in the ports tree * configure (VERSION): 1.8.4 tagged * server.c (check_path): log when it fails to open a file because of permissions (client_write): encode file names in the directory index, spotted by cage (client_write): add a trailing / for dirs in the directory index. * iri.c (parse_path): allow '@' and ':' in paths 2022-04-08 Omar Polo * mime.c (mime): do a binary search to match the MIME time * gmid.c (listener_main): don't load the default mime listing when `types' is used. (text/gemini -> gmi/gemini is still hardcoded) * mime.c (add_mime): fix memory leak in the mime handling 2022-04-07 Omar Polo * gmid.conf.5: move config file documentation into a new man page * parse.y (option): deprecate `map' rule in favour of the `types' block 2022-03-27 Omar Polo * configure (VERSION): 1.8.3 tagged * server.c (start_cgi): fix a possible out-of-bound access in the CGI handling. 2022-03-26 Omar Polo * configure (VERSION): 1.8.2 tagged * server.c (handle_imsg_cgi_res): fix a CGI timing issue: if a connection handled by a CGI scripts is interrupted with the right timing it causes the server process to exit with "fatal in client_by_id: invalid id X" 2022-02-26 Omar Polo * parse.y: add the types block 2022-02-13 Omar Polo * sandbox.c (filter): tightens seccomp policy wrt openat: allow only with the O_RDONLY flag. 2022-02-13 Tobias Berger * sandbox.c (filter): allow fstatat64, llseek and sigreturn; needed by glibc on armv7 2022-02-10 Omar Polo * configure (VERSION): 1.8.1 tagged * sandbox.c (open_landlock): fix landlock usage 2022-01-30 Omar Polo * configure (VERSION): 1.8 “Lightbulb Sun” tagged * proxy.c (proxy_setup_tls): allow to specify a custom hostname as SNI for the TLS handshake with the proxied host. 2022-01-02 Omar Polo * server.c (matched_proxy): allow to specify multiple proxy blocks and add matching rules * parse.y (servbody): relax the strict ordering of options, location and proxy blocks 2022-01-01 Omar Polo * proxy.c (proxy_init): add support for client certificate when proxying 2021-12-29 Omar Polo * proxy.c (proxy_init): add proxying support via `proxy relay-to' 2021-12-11 Max * sandbox.c (filter): [seccomp]: allow ugetrlimit(2), needed by glibc on armv7l 2021-12-09 Omar Polo * server.c (client_read): don't check if the port in the request is the same we're listening on. Suggested by Allen Sobot, thanks! * configure: add --prefix=... long argument. 2021-11-16 Omar Polo * configure (singletest): fix the cross-compilation: don't run the test binaries just built. Suggested by Nikolay Korotkiy (@sikmir), thanks! 2021-10-24 Omar Polo * log.c (log_request): fix "double slash" in logs: gmid ended up printing two slashes between the hostname and the path when logging the request IRI. 2021-10-15 Stephen Gregoratto * gmid.c (add_keypair): implement OCSP stapling support 2021-10-13 Omar Polo * server.c (do_accept): don't die on ECONNABORTED (``Software caused connection abort'') 2021-10-11 Omar Polo * contrib/renew-certs: add script to automatically renew self-signed certificates 2021-10-09 Omar Polo * parse.y (print_conf): multiple -n to dump the parsed configuration * contrib/gencert: add gencert, a simple script to generate self-signed certs 2021-10-04 Omar Polo * regress/lib.sh (raw): reduced the timeout time for single checks from 30 to 10 seconds * regress/runtime: regression test restructured. still implemented as a set of POSIX-scripts 2021-10-02 Omar Polo * server.c (client_read): reworked the internal structure. Now we leverage libevent' bufferevents more. (cgi_read): be more strict with CGI scripts: don't pass through illegal CGI responses. 2021-09-26 Omar Polo * fcgi.c (fcgi_req): the FastCGI implementation is fully asynchronous 2021-09-24 Omar Polo * configure (VERSION): 1.7.4 tagged * server.c (check_for_cgi): fix out-of-bound access, found with lots of help from cage, thanks! 2021-09-19 Omar Polo * sandbox.c (gmid_create_landlock_rs): [linux] use landlock on the server and logger process to reduce the fs access * configure (VERSION): 1.7.3 tagged 2021-09-17 Omar Polo * log.c (logger_main): fix syslog logging on FreeBSD 2021-08-24 Omar Polo * gmid.c (main): don't crash on -n without -c 2021-07-29 Anna “CyberTailor” * gmid.1: document logging, openssl key generation example, spelling/grammar and crosslinks 2021-07-27 Omar Polo * server.c (check_path): allow symlinks 2021-07-23 Omar Polo * sandbox.c: seccomp allow fstat64 (used by glibc an aarch64). Reported by pine, thanks! 2021-07-19 Omar Polo * gmid.c (setup_configless): unbreak configless mode 2021-07-13 Anna “CyberTailor” * parse.y (yyerror): error and warning messages are prefixed with "error:" and "warning:" (yywarn): fix off-by-one line number in warnings 2021-07-11 Omar Polo * configure (VERSION): 1.7.1 tagged 2021-07-11 Anna “CyberTailor” * gmid.1 (common): fix misleading example in man page: macros names may not be reserved words 2021-07-10 Omar Polo * configure (VERSION): 1.7 tagged 2021-07-09 Omar Polo * parse.y (STRING): add `include' directive (yylex): add @-macros (real macros) 2021-07-08 Omar Polo * parse.y (option): rename `mime MIME EXT' to `map MIME to-ext EXT', but retain the old `mime' for compatibility. 2021-07-06 Omar Polo * regress/gg.c (main): add -T timeout * configure (guessing_cflags): try to preserve CFLAGS/LDFLAGS 2021-07-02 Omar Polo * sandbox.c (filter): seccomp filter reworked: now it should work on x86 and possibly other arches too! 2021-06-29 Omar Polo * parse.y (conf): don't require the strict order macro > options > servers c-like strings: when two or more strings are next to each others, concat them * gmid.c (main): add -D to define macros from the cmd line * parse.y (yylex): allow to define macros in the config file * gmid.c (main): use getopt_long, add --help as synonym of -h and -V/--version 2021-06-17 Omar Polo * gmid.1: document `log' option 2021-06-16 Omar Polo * parse.y (yylex): drop the dependency on lex by implementing yylex by ourselves (the actual implementation is based off doas' parse.y). This gave us various benefits, like cleaner code, \ to break long lines, better handling of quotes etc... 2021-06-11 Omar Polo * parse.y (servopt): add `param' keyword * fcgi.c (send_fcgi_req): send GATEWAY_INTERFACE, AUTH_TYPE, REMOTE_USER, TLS_CLIENT_ISSUER, TLS_CLIENT_HASH, TLS_VERSION, TLS_CIPHER, TLS_CIPHER_STRENGTH and TLS_CLIENT_NOT_BEFORE/AFTER. (send_fcgi_req): support a custom list of params 2021-05-24 Omar Polo * gg.c: move `gg' to regress, as it's only used for the tests 2021-05-12 Omar Polo * utils.c (gen_certificate): don't add gmid as organisation when generating the certificate, and now it set the version 3, so it's compatible with java/android 2021-05-09 Omar Polo * server.c (apply_fastcgi): added fastcgi support! 2021-05-03 Omar Polo * parse.y: errors on duplicate values instead of silently using only the last value. 2021-04-30 Omar Polo * server.c (fmt_sbuf): ensure %p (path) is always absolute * gmid.c (load_vhosts): allow ``root'' rule to be specified per-location block 2021-04-29 Omar Polo * parse.y (servopt): added ``alias'' option to define hostname aliases for a server 2021-04-28 Omar Polo * gmid.c (main): pidfile support with `-P pidfile' 2021-04-27 Omar Polo * parse.y (servopt): added ``env'' option to define environment vars for CGI scripts * log.c (fatal): lower the log priority for fatal errors from CRIT to ERR 2021-04-25 Omar Polo * server.c (open_dir): sort the auto index alphabetically 2021-04-21 Omar Polo * mime.c (load_default_mime): use `text/x-patch' for .patch and .diff files 2021-04-14 Omar Polo * log.c (handle_imsg_log): print the datetime when logging to stderr 2021-04-13 Omar Polo * ex.c (launch_cgi): define TLS_VERSION, TLS_CIPHER and TLS_CIPHER_STRENGTH for CGI scripts 2021-04-12 Omar Polo * 1.6.1 tagged * iri.c (path_clean): fix possible infinite loop in the IRI parsing code. 2021-03-31 Omar Polo * gmid.h (struct vhost): remove limits on the number of vhosts and location blocks * gmid.c (mkdirs): fix recursive mkdirs for configless mode 2021-03-29 Omar Polo * Makefile (static): fixed `static' target 2021-03-29 kornellapacz @ github * Dockerfile: add missing libevent-dev dependency, thanks! 2021-03-27 Omar Polo * gmid.h (struct client): correctly handle CGI scripts that replies with the maximum header length allowed 2021-03-20 Omar Polo * 1.6 tagged * sandbox.c (sandbox_logger_process): add capsicum to the logger process 2021-03-19 Omar Polo * gmid.c (main): use imsg for all IPC; only the main process listens for SIGHUP: this means that finally the config reload will work with OpenBSD' rc (and probably other service manager too) 2021-02-22 Omar Polo * log.c (log_request): add `log on/off' to enable/disable logs per-server or per-location 2021-02-09 Omar Polo * parse.y (locopt): add `require client ca' rule to require client certs signed by a specified CA 2021-02-07 Omar Polo * ex.c (do_exec): [cgi] split the query in words if needed and add them to the argv (launch_cgi): define TLS_CLIENT_NOT_BEFORE/NOT_AFTER in CGI scripts * parse.y (option): added prefork option 2021-02-06 Omar Polo * parse.y (locopt): added ``block return'' and ``strip'' options (servopt): add the ``entrypoint'' option 2021-02-05 Omar Polo * iri.c (parse_query): don't %-decode the query part. This affects the value of QUERY_STRING for CGI scripts too, since that must be %-encoded and we're currently shipping it decoded. 2021-02-04 Omar Polo * gmid.c (main): reload configuration on SIGHUP, without disconnecting the clients 2021-02-02 Omar Polo * server.c (handle_dirlist_head): print the header in the directory listing (open_file): cgi follows globbing rules, just like location and hostname matching 2021-02-01 Omar Polo * parse.y (servopt): require absolute paths in config file 2021-01-31 Omar Polo * gmid.c (main): cgi scripts now have only std{in,out,err} open 2021-01-30 Omar Polo * 1.5 tagged * server.c: change precedence of location rules 2021-01-29 Omar Polo * iri.c (parse_authority): accept a wider range of unicode codepoints while parsing the host name. 2021-01-26 Omar Polo * puny.c (puny_decode): initial punycode support! 2021-01-25 Omar Polo * gmid.1: manpage improvements (example and usage) * gmid.c (main): Dropping -C, -K, -f, changing the meaning of -d: now it's the certificate directory. Serve the directory given as positional argument (or the current one) when running in config-less mode. (gen_certificate): automatically generate a certificate * parse.y (option): added chroot and user options 2021-01-24 Omar Polo * server.c (open_dir): add directory listing (disabled by default) * parse.y (vhost): added support for location blocks * server.c (send_dir): make the directory index customizable 2021-01-23 Omar Polo * gg.c (main): added gg, a barebone gemini client. used by the regress suite 2021-01-21 Omar Polo * configure: added a configure script * server.c (handle_handshake): glob for vhost domain * gmid.c (log_request): logs the full IRI and the response code (even for CGI) 2021-01-19 Omar Polo * parse.y (servopt): add "lang" server option (servopt): moving "default type" from global options to server options * Dockerfile: add a dockerfile 2021-01-18 Omar Polo * parse.y (option): add mime and "default type" options for media types. 2021-01-17 Omar Polo * sandbox.c (sandbox): added initial seccomp(2) support 2021-01-15 Omar Polo * cgi.c (start_cgi): set SERVER_NAME to the vhost when executing CGI scripts * parse.y (option): add ability to specify the tls versions with "protocols" * gmid.c (handle_open_conn): ensure the port number of the request matches * sandbox.c (sandbox): sandbox on OpenBSD (pledge/unveil, as before) and on FreeBSD (capsicum) too * sample.conf: added sample configuration * gmid.c (main): changed behaviour: daemon off by default (main): changed -c in -C (cert option) (main): changed -k in -K (key option, for consistency with -C) (main): added -c to load a configuration (main): certs, key and doc (-C -K and -d) doesn't have a default value anymore (handle_handshake): add vhosts support 2021-01-13 Omar Polo * iri.c (parse_scheme): normalize scheme while parsing, so we're RFC3986 compliant. 2021-01-11 Omar Polo * 1.4 and 1.4.1 tagged * gmid.c (main): ipv6 disabled by default and -6 flag to enable it (handle): reject non-gemini protocols with 53 2021-01-10 Omar Polo * gmid.c (logs): log also the port of the client (loop): accept both ipv4 and ipv6 2020-12-26 Omar Polo * uri.c (parse_uri): IRI support 2020-12-21 Omar Polo * gmid.c (main): -d supports relative paths 2020-12-02 Omar Polo * gmid.c: logging reworked and daemonize. The -l option was removed: now it logs on syslog if -f (foreground) is not passed. 2020-11-18 Omar Polo * 1.3.2 tagged * gmid.c (url_after_proto): fix bug introduced in last version regarding full URLs with explicit gemini protocol. * 1.3.1 tagged * gmid.c (url_after_proto): correct url parsing: accept URLs without explicit protocol (url_start_of_request): correct handling of relative URLs 2020-11-17 Omar Polo * gmid.c (main): add flag -p to change the port 2020-11-10 Omar Polo * ChangeLog: 1.3 tagged, fixed ChangeLog format * gmid.c (open_file): added support for path parameters for CGI scripts 2020-11-06 Omar Polo * gmid.1: great improvements to the documentation * gmid.c (url_after_proto): ensure that the requested protocol is “gemini” and not something else that’s long 6 bytes. * gmid.c (loop): added support for cgi scripts (can handle multiple concurrently) 2020-11-06 Omar Polo * gmid.1: added option to log to a file 2020-11-05 Omar Polo * gmid.c (filetypes): add MIME type for xml files 2020-11-03 Omar Polo * 1.2 tagged * gmid.c (main): ignore SIGPIPE 2020-10-14 Omar Polo * 1.1 tagged * switching to mmap() based file handling 2020-10-07 Omar Polo * 1.0 tagged