rdelaage
/
gmid
mirror of https://github.com/omar-polo/gmid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
972 Commits 2 Branches 28 Tags 5.6 MiB
Commit Graph

972 Commits

Author SHA1 Message Date
Omar Polo fde8750859 fix test_include_mime after `types' change 2022-04-08 13:52:48 +00:00
Omar Polo 54203115cd don't load the built-in list when using `types' 2022-04-08 13:52:35 +00:00
Omar Polo 9b64995359 wrong email... 2022-04-08 13:45:33 +00:00
Omar Polo 1d6cbdd0df sync 2022-04-08 13:45:26 +00:00
Omar Polo d8d170aa5e allow add_mime to fail 
add_mime nows allocate dinamically copies of the passed strings, so
that we can actually free what we parse from the config file.

This matters a lot especially with lengthy `types' block: strings that
reach the internal mapping are never free'd, so every manual addition
is leaked.
 2022-04-08 13:44:49 +00:00
Omar Polo aa6b8cf8ac +jpeg 2022-04-08 13:33:05 +00:00
Omar Polo 72e7fbbcb7 master is now 1.8.3-current 2022-04-07 18:10:13 +00:00
Omar Polo 8036523fff add forgotten entries 2022-04-07 18:04:50 +00:00
Omar Polo f731e4a781 update changelog 2022-04-07 17:59:25 +00:00
Omar Polo 19243c768e link gmid.conf.5 in the capsule/website too 2022-04-07 17:56:27 +00:00
Omar Polo bf2850b938 install gmid.conf.5 too 2022-04-07 17:51:26 +00:00
Omar Polo 1595c277ef move the documentation of the config file into gmid.conf.5 2022-04-07 17:50:37 +00:00
Omar Polo 9bcc265f58 lowercase FAQ -- all the other links are in lowercase 2022-04-07 16:29:22 +00:00
Omar Polo ce264ddc58 rename the quickstart page to guide in the navbar 
it occupies less horizontal space which avoids the wrapping on (some) mobiles
 2022-04-07 16:27:57 +00:00
Omar Polo 445816c2cd add the FAQ page finally! 2022-04-07 16:27:16 +00:00
Omar Polo ffd92e638c tweak the quickstart guide a bit 2022-04-07 16:26:48 +00:00
Omar Polo 9448a01fdb use the types block instead of `map' in the tests too 2022-04-07 16:21:56 +00:00
Omar Polo 6468868fee print a deprecation message for the map rule 2022-04-07 16:15:55 +00:00
Omar Polo 4ee085938f don't mention the `map' rule anymore: `types' is way better 2022-04-07 16:12:58 +00:00
Omar Polo 381fccdc56 lower padding 2022-04-07 16:01:55 +00:00
Omar Polo a9885c6d6b remove outdated note 2022-04-07 12:31:00 +00:00
Omar Polo effbc069ba suggest to reload daemons too 2022-04-07 12:29:04 +00:00
Omar Polo 379d2608e9 suggest /etc/systemd/system instead of /lib/ 2022-04-07 12:27:55 +00:00
Omar Polo a9dc6fc606 rephrase dockerfile description 2022-04-07 12:27:26 +00:00
Omar Polo 456a4c6b6e add a "contributing" section 2022-03-29 12:25:18 +00:00
Omar Polo 2a7f69f4ee fix `make static': compile `gg' too! 2022-03-29 12:21:08 +00:00
Omar Polo 4252e62cad "a posix libc" can be left implicit 2022-03-29 12:13:25 +00:00
Omar Polo a68203f089 remove docker section; it's already showed off in the contrib page 2022-03-29 12:05:29 +00:00
Omar Polo f6a65aaef9 link the tar.bz2 too 2022-03-27 13:42:31 +00:00
Omar Polo efe75a7660 missing version bump in the site generator 2022-03-27 13:28:14 +00:00
Omar Polo 1a04137e18 tag 1.8.3 -- "Lightbulb Sun" bugfix release 
gmid 1.8.3 "Lightbulb Sun" bugfix release
=========================================

Released March 27, 2022.

signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC


Bug Fixes
~~~~~~~~~

    * fix a possible out-of-bound access in the CGI handling.  It was
      introduced last October during a refactoring, but due to how
      many malloc(3) implementations works this hasn't been found
      until now.  Otto' malloc is more strict fortunately.
 2022-03-27 12:59:57 +00:00
Omar Polo ea27eaaa83 fix an out-of-bound access in start_cgi 
Long time ago, client->req was a static buffer so the memcpy was safe.
However, it's been since moved to a dynamically allocated string, so
it's very often smaller than sizeof(req.buf) (1024), hence the out of
bound access which results in a SIGSEGV very often on OpenBSD thanks to
Otto' malloc.

The situation with the iri parser, client->req and how the request is
forwarded to the other process needs to be improved: this is just a fix
to address the issue quickly, a better one would be to restructure the
iri parser APIs and rethink how the info is forwarded to the ex process.
 2022-03-27 12:52:59 +00:00
Omar Polo 6084a9a5ba prefer sizeof(x) instead of datalen 2022-03-27 12:52:58 +00:00
Omar Polo 62a46b03c6 tag 1.8.2 -- "Lightbulb Sun" bugfix release 
gmid 1.8.2 "Lightbulb Sun" bugfix release
=========================================

Released March 26, 2022.

signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC


Bug Fixes
~~~~~~~~~

    * fix a CGI timing issue: if a connection handled by a CGI scripts
      is interrupted with the right timing it causes the server
      process to exit with "fatal in client_by_id: invalid id X".


New Features
~~~~~~~~~~~~

    * add a new block `type { ... }' to define mime types mapping.


Improvements
~~~~~~~~~~~~

    * use shell built-in `command' instead of which(1), prodded by
      cage and Allen Sobot.

    * configure script: allow to set MANDIR from cmdline (Allen Sobot)

    * add systemd-sysusers sample file in contrib/ (Nakaya)

    * [linux/seccomp] allow fstatat64(2), llseek(2) and sigreturn(2),
      needed by glibc on armv7.  (Tobias Berger)

    * [linux/seccomp] tightens rules by allowing openat(2) only with
      the O_RDONLY flag.
 2022-03-26 13:22:22 +00:00
Omar Polo da613aba4b bump Mdocdate 2022-03-26 13:22:13 +00:00
Omar Polo 57d2fca4b4 add target `test' alias for `regress' 2022-03-26 11:57:27 +00:00
Omar Polo 3fdc457c8d swap try_client_by_id with client_by_id 
i.e. allow client_by_id to fail and return NULL.

Initially I thought it was a good idea to shut down a server process
if we receive an invalid client id as reply from one of our requests
to the executor process.  This turned out not to be correct since a
client can (read: will) disconnect in the delay beteewn we acknowledge
their request and the cgi script execution.

The fastcgi and proxy handler already handled this situation, so
they're unaffected.

This allows an attacker to make gmid unresponsible by just making
enough requests until they hit the right timing.
 2022-03-26 11:32:26 +00:00
Omar Polo 409a2599b3 move to a different server 2022-03-26 11:18:02 +00:00
Omar Polo 91971201e5 break out if check_reply fails 
it's not a problem when we have only one check_reply at then end,
since $? is kept across function boundaries, but when we have multiple
checks we need to quit on the first error.
 2022-03-26 10:56:06 +00:00
Omar Polo 894e998423 sync imsg-buffer.c 
original commit from eric@:

 change the barrier so that fd's are always passed and received with
 the first byte of the imsg they belong to.

 idea, tweaks and ok claudio@
 2022-03-19 14:54:31 +00:00
Omar Polo c7949fd545 sync recallocarary.c 
original commit from claudio@:

 Type-cast getpagesize() from int to size_t for the comparison with d.
 getpagesize() will only return positive numbers (there is no negative
 page size system) and it can not fail.
 Should fix some compiler warnings seen in -portable projects.
 OK otto@
 2022-03-19 14:52:11 +00:00
Omar Polo e5d82d9472 const-ify some tables 
matches found with

	% grep -R '=[	 ]*{' . | fgrep -v const
 2022-03-19 11:02:42 +00:00
Omar Polo 9db5e7051e get rid of `which` in the configure too 
should have been done already in 12fcba2; reminded by Allen Sobot,
thanks!
 2022-03-18 16:31:05 +00:00
Omar Polo 5f966fbe41 configure: allow to set MANDIR from args 
diff by Allen Sobot (chilledfrogs at disroot dot org), thanks!
 2022-03-18 16:23:45 +00:00
Omar Polo a00e67f1bf mention gmid.sysusers in contrib together with gmid.service 
related to github issue #14
 2022-03-09 16:43:22 +00:00
Omar Polo efd54f4f8a add missing newline 2022-03-09 16:35:28 +00:00
Nakaya 3c04ffc096 add description about systemd-sysusers on quickstart 2022-03-09 17:33:33 +01:00
Nakaya bff125b842 add systemd-sysusers' config file 2022-03-09 17:33:33 +01:00
Omar Polo 12fcba2f80 use shell built-in `command' instead of which(1) 
it's specified by POSIX AFAIK and requires less redirections.
 2022-02-27 16:24:45 +00:00
Omar Polo cd3e28ffe4 fix email 2022-02-26 14:19:30 +00:00