rdelaage
/
gmid
mirror of https://github.com/omar-polo/gmid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,001 Commits 4 Branches 28 Tags 5.4 MiB
Commit Graph

1001 Commits

Author SHA1 Message Date
Omar Polo eae52ad493 switch to the more usual log.c 2023-06-06 11:46:40 +00:00
Omar Polo 58fae4ea90 use memchr instead of rolling a custom one 2023-06-06 10:46:44 +00:00
Omar Polo 281a8852b3 rename log.[ch] to logger.[ch] 2023-06-06 08:50:54 +00:00
Omar Polo 3dd89fbb44 predeclare struct client 2023-06-06 08:34:54 +00:00
Omar Polo 3a8c76eab2 rename PROC_MAX to PREFORK_MAX 2023-06-06 08:34:31 +00:00
Omar Polo 4267093e37 nitpick: fix snprintf check 2023-06-06 08:22:18 +00:00
Omar Polo f057c92622 adjust comments 2023-06-06 08:20:09 +00:00
Omar Polo c68baad22a move config-related code to config.c 
reuse it in ge too.
 2023-06-06 08:18:57 +00:00
Omar Polo 0046c1fe9c call setlocale() 2023-06-06 08:11:30 +00:00
Omar Polo bb595bff79 remove unused define 2023-06-05 21:11:40 +00:00
Omar Polo 070b32952c move and dedup the tls initalization in server.c 2023-06-05 21:10:18 +00:00
Omar Polo 114e9a4206 fix off-by-one in recent fatal change 2023-06-05 20:45:28 +00:00
Omar Polo 0ac785a6fa revert aae8f6bf2b 
it's just not worth it to inflict this breaking change to the users.
 2023-06-05 20:35:12 +00:00
Omar Polo e1e04caa4f +log.h 2023-06-05 20:27:27 +00:00
Omar Polo df5058c919 provide a more usual fatal 
fatal usually appends the error string.  Add 'fatalx' that doesn't.
Fix callers and move the prototypes to log.h
 2023-06-05 17:07:52 +00:00
Omar Polo a01a91db06 move some server-related code to server.c 2023-06-05 16:18:57 +00:00
Omar Polo 9a821f8c0f fold long lines 2023-06-05 15:07:24 +00:00
Omar Polo ac9f55ba32 gencert: add -e flag to generate a cert using an EC key 2023-06-05 14:35:23 +00:00
Omar Polo 34886b1e55 add tags target 2023-05-08 10:30:00 +00:00
Omar Polo 1e0b974519 send capsicum/landlock/seccomp hack to Valhalla 2023-05-08 10:27:32 +00:00
Omar Polo 0b62f4842d drop landlock/seccomp and capsicum support 
it reached a point where this stuff is not maintenable.  I'd like
to move forward with gmid, but the restriction of capsicum and the
linux environment at large that make landlock unusable (how can you
resolve DNS portably when under landlock?) -and don't get me started
on seccomp- makes it impossible for me to do any work.

So, I prefer removing the crap, resuming working on gmid by cleaning
stuff and consolidating the features, improving various things
etc... and then eventually see how to introduce some sandboxing
again on other systems.  Patches to resume sandboxing are, as always,
welcome!
 2023-05-08 10:27:32 +00:00
Anna “CyberTailor” c9e97a6ecb include grp.h for setgroup(2) on linux 2022-12-24 08:41:09 +00:00
Omar Polo 837156014c add a disclaimer 2022-12-02 15:37:49 +00:00
Omar Polo 195f32d3a4 update the site for 1.8.6 2022-12-02 15:21:20 +00:00
Omar Polo bd8683d0fd add tests and compat for setresuid and setresgid 2022-12-02 11:53:35 +00:00
Omar Polo 06035a0237 more is*() unsigned char cast 
continuation of 6130e0eeac
 2022-11-29 23:03:55 +00:00
Omar Polo 97b306cbee add an implicit fastcgi parameter: GEMINI_SEARCH_STRING 
it’s the QUERY_STRING decoded if it’s a search-string (i.e. not a
key-value pair.)  It’s useful for scripts to avoid percent-decoding
the querystring in the most common case of a query, because in Gemini
querystrings key-value paired are not common.

Idea from a discussion with Allen Sobot.
 2022-11-27 15:35:10 +00:00
Omar Polo 77718c121f correction: QUERY_STRING is *not* urldecoded. 
RFC3875 § 4.1.7 states that "the QUERY_STRING variable contains a
URL-encoded search or parameter string".
 2022-11-27 12:52:17 +00:00
Omar Polo 17493a486c return after FCGI_END_REQUEST 
this fixes a possible crash if `client_write' closes the connection,
because client_close can end up freeing the fastcgi bufferevent while
we're looping.

We don't support fastcgi multiplexing, so once we get an END_REQUEST
there's nothing more to do.

Prodded into looking here after a bug report from Allen Sobot, thanks!
 2022-11-27 10:34:30 +00:00
Omar Polo eb4f96c10a typo 2022-11-27 10:06:08 +00:00
Omar Polo e92efb0d8e don't crash when specifying fcgi UNIX sockets to connect to 2022-11-27 10:05:56 +00:00
Omar Polo 872a717687 when switching user also set the groups 2022-11-27 10:05:13 +00:00
Omar Polo b24c6fcc1c adjust pledge/unveil on OpenBSD 
to connect to unix-domain sockets the `unix' pledge is needed and also
unveil "w".  gmid can't mutate files because it doesn't pledge `wpath'
nor `cpath'.
 2022-11-27 10:04:39 +00:00
Omar Polo 6130e0eeac always cast is*() arguments to unsigned char 2022-11-17 09:21:38 +00:00
Omar Polo 71cac3a08b fix git url 2022-11-01 07:28:20 +00:00
Omar Polo 8295757f96 update the site for 1.8.5 release 2022-11-01 07:28:10 +00:00
Omar Polo 0ab57224fb bump version ahead of 1.8 branch 2022-10-31 22:53:16 +00:00
Omar Polo a4180f1d0b disable test_unknown_host temporarly 
breaks on some distro and needs further investigations; it's not that
interesting fortunately.
 2022-10-31 22:53:16 +00:00
Omar Polo 19a8d9fe74 add memmem compat 2022-10-31 22:53:16 +00:00
Omar Polo 4b93be289b rework `make dist' 2022-10-31 22:53:16 +00:00
Omar Polo 21cf735f37 remove -v from gg 
undocumented flag to dump to stdout the request before doing it.  Not
useful, it's debugging leftover.
 2022-10-30 08:26:22 +00:00
Omar Polo e59b7f30e7 fix previous 2022-10-30 07:43:18 +00:00
Omar Polo 8141737318 work around missing HOST_NAME_MAX too 2022-10-30 07:40:27 +00:00
Omar Polo fad3441ba9 work around missing LOGIN_NAME_MAX 
Both Linux and OpenBSD have LOGIN_NAME_MAX available when including
limits.h, FreeBSD, Darwin and possibly others don't.

FreeBSD (and maybe Darwin) have MAXLOGNAME, so try to use that if
available.  Otherwise use _POSIX_LOGIN_NAME_MAX, but only has a fallback
since it has a lower value (9 at the time of writing).

If everything fails, use 32 which is what OpenBSD use by default;
OpenSMTPd also defaults to it.

(compat copied from kamid.)
 2022-10-30 07:30:23 +00:00
nytpu 50a8f9107c always send custom list of fcgi parameters 
The code in fcgi_req to send the custom params set in the config file was
placed inside the conditional for `tls_peer_cert_provided`, so the custom
parameters would not be sent if a client certificate is not provided.
 2022-10-30 08:21:39 +01:00
Omar Polo 7b00c8900b remove the last tentacles of the hidden `span' fcgi feature 2022-10-05 15:30:22 +00:00
Omar Polo d2da235ad9 sync config syntax with reality 2022-10-05 15:30:02 +00:00
Omar Polo 534afd0ddc make the various strings in the config fixed-length 
will help in future restructuring to have fixed-size objects.
 2022-10-05 15:10:44 +00:00
Omar Polo 4ceb570910 remove stale comment 2022-10-05 10:53:43 +00:00
Omar Polo 9715efe6f3 retire fcgi' prog field 
spawning programs was a hidden feature used only for testing.  It's
gross and when got removed, I forgot to remove the field as well.
 2022-10-05 10:41:54 +00:00