rdelaage
/
gmid
mirror of https://github.com/omar-polo/gmid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
808 Commits 4 Branches 28 Tags 5.4 MiB
Commit Graph

808 Commits

Author SHA1 Message Date
Omar Polo f2dbf375a0 tag 1.8.1 -- "Lightbulb Sun" bugfix release 
gmid 1.8.1 "Lightbulb Sun" bugfix release
=========================================

Released Feb 10, 2022.

signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC


Bug fixes
---------

    * fix landlock usage on linux: don't assume that access
      capabilities not listed are implicitly denied, because they are
      not.  Mickaël Salaün, the landlock author, found the same error
      on game of trees:

> In a nutshell, the ruleset's handled_access_fs is required for
> backward and forward compatibility (i.e. the kernel and user space may
> not know each other's supported restrictions), hence the need to be
> explicit about the denied-by-default access rights.

      In practice this affects only linux and only partially: thanks
      to the design of the daemon and the seccomp filter the effects
      of this mistake in handling landlock are fortunately limited.
      However, in theory at least, gmid could be for e.g. tricked into
      truncating existing files, so it's highly suggested to update.


Improvements
------------

All by Anna “CyberTailor”, thanks!

    * don't skip unit tests when SKIP_RUNTIME_TEST is set
    * add `gg' to the regress target dependencies
    * fix the "implicit declaration of asprintf" warning
    * sync vim syntax
 2022-02-10 22:51:32 +00:00
Omar Polo 98c6f8de41 fix landlock usage 
Mickaël Salaün, the landlock author, pointed out the same error on the
got implementation.  The assumption that not listed access
capabilities are implicitly denied is completely wrong:

> In a nutshell, the ruleset's handled_access_fs is required for
> backward and forward compatibility (i.e. the kernel and user space may
> not know each other's supported restrictions), hence the need to be
> explicit about the denied-by-default access rights.
 2022-02-10 22:29:51 +00:00
Anna “CyberTailor” be88c5d657 sync vim syntax 2022-02-03 11:13:45 +01:00
Anna “CyberTailor” 1f1f381068 include gmid.h before other headers to get all the prototypes 
> implicit declaration of function 'asprintf'; did you mean 'vsprintf'?
 2022-02-03 11:13:45 +01:00
Anna “CyberTailor” e20755180f add gg to `make regress` dependencies 2022-02-03 11:13:44 +01:00
Anna “CyberTailor” c1a72dab7a typo 2022-02-03 11:13:43 +01:00
Anna “CyberTailor” 1ca7a0f3bf don't skip unit tests when SKIP_RUNTIME_TESTS is set 
IRI and Punycode tests don't run gmid binary and can be safely executed.
 2022-02-03 11:13:41 +01:00
Omar Polo f525aa55b8 start new release cycle 2022-02-03 09:57:51 +00:00
Omar Polo a14b9f779f prepare 1.8 release 2022-01-30 13:35:45 +00:00
Omar Polo de721c431c add changelog for 1.8 2022-01-30 13:35:45 +00:00
Omar Polo 135307cfb0 install gg too 2022-01-30 13:35:45 +00:00
Omar Polo d78dbe8db5 fix gg -P flag description: the `:' is in the optional part 2022-01-30 13:31:29 +00:00
Omar Polo 5266f50060 posixify lib.sh: use = instead of == for test(1) 2022-01-30 13:31:29 +00:00
Omar Polo 7ac42a178b typo 2022-01-30 13:05:13 +00:00
Omar Polo d23cd12c68 sync changelog 2022-01-30 13:05:13 +00:00
Omar Polo c586dfead7 rename MIME section to "MEDIA TYPES" 2022-01-30 10:15:10 +00:00
Omar Polo 1cdea97b6c allow using a custom hostname for SNI during proxying 
add a `sni' option for the `proxy' block: the given name is used instead
of the one extracted by the `relay-to' rule.
 2022-01-30 10:14:44 +00:00
Omar Polo 1b626eae83 define TREE to shorten some url a bit 
for the time being keep the https:// url, gmnigit renames file without
extension to .txt (i.e. Dockerfile -> Dockerfile.txt) so linking via
gemini is broken :/
 2022-01-28 13:34:15 +00:00
Omar Polo 151af94eba only memcpy into imsg->data if datalen is not zero 
Passing a NULL pointer to memcpy is UB no matter if len is 0 (commit by
claudio@, backporting for gmid.)
 2022-01-28 12:34:42 +00:00
Omar Polo 12a5e730e9 update gitignore for site/ 2022-01-28 12:34:29 +00:00
Omar Polo 4e8ca48c85 site: point out that OpenBSD' make is needed 2022-01-28 08:34:57 +00:00
Omar Polo 21dc379479 misc tweaks + changelog.gmi 2022-01-28 08:34:39 +00:00
Omar Polo ac42bb6c7f change how the site is built 
copy the kamid/site "framework" here too; in other words: don't maintain
two copies of every page! \o/
 2022-01-28 08:34:22 +00:00
Omar Polo 964686ce0b remove unused function 2022-01-27 10:57:45 +00:00
Omar Polo e89f473904 s/whole/all 2022-01-27 10:37:28 +00:00
Omar Polo e0f6dc646d improve proxy error path 
properly release everything when during client_close if the request
was managed by a proxy.
 2022-01-27 09:55:52 +00:00
Omar Polo d28bd963c2 always mark requests as done when their code is != 20 2022-01-27 09:54:48 +00:00
Omar Polo 89efa81bcc set REQUEST_PROXY only when proxy_init is successful 2022-01-27 09:53:43 +00:00
Omar Polo b9b77f5344 fix comment 2022-01-27 09:28:27 +00:00
Omar Polo b3602923d0 shuffle the code a bit to improve readability 2022-01-13 10:34:55 +00:00
Omar Polo febfcde82b fix and sync gg usage 2022-01-13 10:13:32 +00:00
Omar Polo e2534fd11f note who requested what 2022-01-06 18:13:14 +00:00
Omar Polo 901905e0cf bail out of client_read if we've already decide what to do 
libevent2 can still somehowe call client_read even in code paths
that never enable reading from the evbuffer.  Can't reproduce on
the libevent in base on OpenBSD.  It's a bit ugly, but it's a small
workaround for something that otherwise *always* make gmid crash
when linked against libevent2.  (client_read works under the
assumption that c->host != NULL, matched_proxy crashes otherwise.)
 2022-01-05 18:58:01 +00:00
Omar Polo 876a417023 tweak comment 2022-01-05 18:03:47 +00:00
Omar Polo c57dc42b31 tweak a sentence 2022-01-05 17:30:50 +00:00
Omar Polo 14cee92646 some Pa -> Ar; while here drop two `The' from the start of the sentence 2022-01-04 23:22:14 +00:00
Omar Polo 7c2374af2c document `require client ca' for proxies 2022-01-04 23:17:28 +00:00
Omar Polo d474a97922 add missing prototype 2022-01-04 23:15:13 +00:00
Omar Polo ba94a608a8 add `require client ca' for proxy blocks 
refactor the code that calls validate_against_ca into an helper
function to reuse it in both apply_require_ca and (optionally) in
apply_reverse_proxy.
 2022-01-04 23:14:34 +00:00
Omar Polo 280fd79b8f ignore .d too 2022-01-03 18:25:27 +00:00
Omar Polo 718c0d6c71 work around freebsd' printf 
printf: Illegal option -i

this is why we can't have nice things, isn't it?
 2022-01-03 18:11:51 +00:00
Omar Polo 7c956fefc2 track file dependency using -MMD if available 
While here, move the SRCS variable to the configure and add the
-includes in Makefile.local; it de-clutters the Makefile a bit.
 2022-01-03 18:05:54 +00:00
Omar Polo 613c827165 add `gg' to the list of things to clean 2022-01-03 17:12:07 +00:00
Omar Polo 8dfacf0242 remove TAGS and compile_flags.txt from the list of default actions 2022-01-03 17:11:45 +00:00
Omar Polo 92a9f41d3d add set_proxy to simplify testing + more checks in test_proxy_with_certs 2022-01-03 13:31:34 +00:00
Omar Polo 7b7def0a8f set prefork to 1 during regress 2022-01-03 13:31:34 +00:00
Omar Polo dd208aa2cf don't print `config OK' 2022-01-03 13:31:34 +00:00
Omar Polo 6effb78141 sync changelog 2022-01-02 16:38:59 +00:00
Omar Polo 5df593f3a6 oops, wrong email address 2022-01-02 16:37:26 +00:00
Omar Polo 207dc0f9f6 sync manpage 2022-01-02 16:37:07 +00:00