the new logging code was crashing if the client didn't support SNI or
if required an unknown vhost: this because we short-circuit in
handle_handshake to an error, so c->iri isn't populated yet (we don't
even read the request).
fixes#1
err/warn is not available on some systems (unfortunately!) and in any
case don't play well with our daemon mode (that closes std{in,out,err}).
Use our fatal that is daemon-aware.
cgi.c wasn't really needed; it better to group all the server related
functions together, cgi or not. Now gmid.c contains only startup and
utility code.
this way, we can sandbox the listener with seccomp (todo) or capsicum
(already done) and still have CGI scripts. When we want to exec, we
tell the executor what to do, the executor executes the scripts and
send the fd backt to the listener.
* gmid.c (main): changed behaviour: daemon off by default
(main): changed -c in -C (cert option)
(main): changed -k in -K (key option, for consistency with -C)
(main): added -c to load a configuration
(main): certs, key and doc (-C -K and -d) doesn't have a default value anymore
(handle_handshake): add vhosts support
This alter the current state machine by adding S_HANDSHAKE as the
initial state. There, we ensure we did the handshake and we check
SNI. ATM we simply continue in S_OPEN, but later we can add virtual
host checks there, and skip to S_INITIALIZING with an error state if
the client is accessing a wrong host.
and while there replace SAFE_SETENV with an inline function. LOG is
more difficult to transform into an inline function, given the string
concatenations it does. The other LOG* and FATAL macros are fine as
they already are.
SIGHUP is sent when the tty is detached and by default kills the
process. When we run in the background we don't care anymore about
the tty, so it should be safe for us to ignore SIGHUP. (frankly,
I expected daemon(3) to do stuff like this for us).
Up until now I used a "poor man" approach: the uri parser is barely a
parser, it tries to extract the path from the request, with some minor
checking, and that's all. This obviously is not RFC3986-compliant.
The new RFC3986 (URI) parser should be fully compliant. It may accept
some invalid URI, but shouldn't reject or mis-parse valid URI. (in
particular, the rule for the path is way more relaxed in this parser
than it is in the RFC text).
A difference with RFC3986 is that we don't even try to parse the
(optional) userinfo part of a URI: following the Gemini spec we treat
it as an error.
A further caveats is that %2F in the path part of the URI is
indistinguishable from a literal '/': this is NOT conforming, but due
to the scope and use of gmid, I don't see how treat a %2F sequence in
the path (reject the URI?).
before the -d option only accepted absolute paths, and this wasn't
documented. Even more, with the default value of "docs" it won't
work. Now it transforms all relative paths to absolute paths before
going on.
internally, gmid doesn’t care if the client issued a certificate, but
now we pass that information to the CGI script in some new environment
variables.
enhance the CGI scripting support so that script can take path
parameters. That is, a script at /cgi/foo is called when the request
path is /cgi/foo/bar/...
This commit also introduce some backward incompatible changes as the
default env variables set for the CGI script changed.
change the meaning of the -x flag: now it takes a string and executes
CGI scripts only if they are inside a directory with the given name,
relatively to the document root.