Releases: omar-polo/gmid
Releases · omar-polo/gmid
“Stargazers” bugfix release
This release improves the seccomp filter on linux, so now it should compile and work also on architectures different from amd64 and aarch64.
See the GitHub issue #4.
“Stargazers” hotfix
This is an hotfix release for a bug in the IRI parser that can lead to a denial of service.
IRIs with multiple ..
components that ends with ..
(but not ../
) and that don't escapes the root will cause an infinite loop, locking up one server process.
This release also backports the fix for the Dockerfile by @kornellapacz.
“Stargazers”
New features
- reload configuration on
SIGHUP
without disconnecting the clients - added
block return
,strip
andentrypoint
options - added a
prefork
option to control the number of server processes (default: 3) - added
require client ca
option to require client certificates signed by a specific CA - added
log
option to enable/disable logging per-vhost - define
TLS_CLIENT_NOT_BEFORE
andTLS_CLIENT_NOT_AFTER
for CGI scripts
Improvements
- improved the directory listing: print the path of the current directory
- for CGI scripts, split the query in words and pass each of them via argv too
- [FreeBSD] add capsicum to the logger process
Bug fixes
- CGI scripts now have only
std{in,out,err}
open - change some CGI variables to match the correct behaviour
Breaking changes
- relative paths are not allowed in the configuration file
- some environment variables for CGI script were changed.
“Interstellar Overdrive”
New features
- vhost support
- configuration file
- sandboxed by default on OpenBSD, FreeBSD and linux
- customize the accepted TLS version
- customizable default type
- customizable mime mappings
- provide a dockerfile
- provide a lang parameter when serving text/gemini files
- added a ‘configure’ script
- customizable directory index
- directory listings (disabled by default)
- [config] location blocks support
- chroot support
- punycode support
Improvements
- log ip, port, full request and response code (even for CGI scripts)
- host name matching with globbing rules
- automatically generate TLS certificates when running in config-less mode and no certificate was found
Bugfixes
- [IRI] normalize scheme
- [IRI] normalize hostnames
- [IRI] accept a wider range of codepoints in hostnames
- set SERVER_NAME when executing CGI scripts
Breaking changes
- removed -C, -K flags
- -d changed meaning: the directory to serve is now given as positional parameter and -d is used to specify the directory for the TLS certificates (either autogenerated or not.)
1.4.1: fix build on non-OpenBSD systems
fixes the build on non OpenBSD system
1.4
New stuff:
- uri parser rewritten
- accept only absolute URI in requests
- IRI (Internationalized Resource Identifiers) support (RFC3987)
- dual stack: with
-6
will accept also connections over IPv6 - daemon mode by default: pass
-f
to stays in the foreground - log also the port, not only the remote IP
Possible breaking changes:
-l
flag retired. Now we log to syslog, or to stderr if-f
is given
Bugfixes:
-d
accepts relative paths- reject connections if the scheme isn't
gemini