Skip to content

Releases: omar-polo/gmid

2.1.1 “From Mars To Sirius” bugfix release

25 Aug 11:25
2.1.1
Compare
Choose a tag to compare

signify(1) public key for this release: RWSMZUrn4u03g0AwurM9kGiIfhetO5OISPlMMb4+th+Bw8ViotgbzKss

Bug fixes

  • fix getprogname(3) check in the configure script
  • fix fastcgi parameter SERVER_PORT; by @Sir-Photch, thank you!
  • work around comically tiny HOST_NAME_MAX on glibc-based system; reported by Anna “CyberTailor”, thanks!

2.1 “From Mars To Sirius”

03 Aug 16:29
2.1
Compare
Choose a tag to compare

signify(1) public key for this release: RWSMZUrn4u03g0AwurM9kGiIfhetO5OISPlMMb4+th+Bw8ViotgbzKss

New Features

  • support for the proxy protocol v1 both when accepting connections and when proxying via the new proxy-v1 keyword available in listen and proxy directives.

Bug Fixes

  • fixed typo in bound check that resulted in "chroot path too long" on some systems
  • correctly propagate the prefork value; was causing failures if it was changed from the default
  • titan: improve error check when reading from standard input; errors such as "no space left on device" would have been silently ignored.

2.0.5 “Lady Stardust” security release

11 Jun 08:33
2.0.5
Compare
Choose a tag to compare

signify(1) public key for this release: RWQ+Bm0F0FtPLtTnpRe09x/Z6Fiodk4toTZe2TJ4yCqDZ6l0c5wiU9te

This release fixes a logic error that can result in a DoS; therefore is a strongly recommended update for all users. It is safe to update from any version of the 2.0.x series since there were no breaking changes.

  • allow again empty lines at the start of the configuration.
  • change how strnvis(3) is handled: on systems with the broken interface gmid will just use its own built-in version.
  • reject requests with NUL bytes in them.
  • don't error on a .. component at the start of the path.

2.0.4 “Lady Stardust” bugfix release

06 Jun 14:22
2.0.4
Compare
Choose a tag to compare

signify(1) pubkeys for this release: RWQ+Bm0F0FtPLtTnpRe09x/Z6Fiodk4toTZe2TJ4yCqDZ6l0c5wiU9te

  • add a nicer error message if the removed cgi option is still used. Reported by freezr.
  • portability fix for systems with a wrong strnvis(3).

2.0.3 “Lady Stardust” bugfix release

04 Jun 11:44
2.0.3
Compare
Choose a tag to compare

signify(1) pubkeys for this release: RWQ+Bm0F0FtPLtTnpRe09x/Z6Fiodk4toTZe2TJ4yCqDZ6l0c5wiU9te

  • relax the SNI requirements
  • gg: add -q to avoid printing the "Server Says:" line
  • gg: unbreak -n
  • fix parsing of IPv6 addresses
  • fix fastcgi off handling

2.0.2 “Lady Stardust” bugfix release

04 Apr 19:34
2.0.2
Compare
Choose a tag to compare

signify(1) pubkeys for this release: RWQ+Bm0F0FtPLtTnpRe09x/Z6Fiodk4toTZe2TJ4yCqDZ6l0c5wiU9te

  • fix log access path with chroot enabled.
  • fix config dumping (-nn).
  • rework grammar to allow semicolors after top-level statements.
  • don't make the log styles reserved keywords.
  • contrib/vim: fixed indent, from Anna “CyberTailor”, thanks!

2.0.1 “Lady Stardust” bugfix release

24 Jan 15:18
2.0.1
Compare
Choose a tag to compare

signify(1) pubkeys for this release: RWQ+Bm0F0FtPLtTnpRe09x/Z6Fiodk4toTZe2TJ4yCqDZ6l0c5wiU9te

Changelog

  • convert gmid to the new imsg API
  • update bundled imsg
  • configure: fix --mandir handling; from Anna “CyberTailor”, thanks!

2.0 -- "Lady Stardust"

11 Jan 16:34
2.0
Compare
Choose a tag to compare

signify(1) pubkeys for this release: RWQ+Bm0F0FtPLtTnpRe09x/Z6Fiodk4toTZe2TJ4yCqDZ6l0c5wiU9te

New Features

  • added listen on to specify per-server the list of addresses from where connections are to be accepted.
  • added titan(1), a simple titan client.
  • splitted the "configless" version of gmid as a standalone executable gemexp(1)
  • added ability to log to files with log access <path>
  • added ability to change the syslog(3) facility with log syslog facility <facility>
  • added ability to change the logging style with log style <style>
  • added `fastcgi strip'
  • reworked the privsep implementation and added a privsep crypto engine
  • implemented SCRIPT_NAME' and PATH_INFO' splitting for fastcgi

Bug fixes

  • fixed handling of TLS handshake failures

Improvements

  • contrib/gencert: added -e to generate EC keys
  • use default prefork (3) in regress
  • removed the sha256 dependency of the regress suite
  • parse and log the fastcgi reply
  • revamped the fastcgi configuration, now it's per-location
  • attempt to load the TLS certificates, mimes and virtual hosts root as part of the configtest (-n) instead of verifying the syntax only.
  • synced the parameters with RFC3875 (CGI)
  • gg: exit with the gemini response code unless it's 2X
  • gemexp: generate EC certificates too (it's also the new default)
  • (contrib/vim) added an ALE linter and updated the Vim syntax file; thanks Anna “CyberTailor”

Breaking Changes

  • removed CGI support
  • gg now warns when the server doesn't use TLS' close_notify
  • deprecated the global ipv6 and port settings in favour of the per-server listen on directive
  • removed the already deprecated config options mime' and map'
  • droped seccomp and capsicum support
  • FastCGI: set REQUEST_METHOD to "GET" instead of the empty string

1.8.6 - “Lightbulb Sun” bugfix release

02 Dec 14:39
1.8.6
Compare
Choose a tag to compare

signify(1) pubkey for this release: RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC

  • add tests and compat for setresuid setresgid
  • add GEMINI_SEARCH_STRING fastcgi parameter / cgi env variable
  • manpage fix: QUERY_STRING is not urldecoded
  • fixed use-after-free in the fastcgi code
  • when switching user also set the groups
  • always cast is*() arguments to unsigned char

Starting with this release tags are also signed with my ssh key like I'm doing with other projects as well:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ0nD5I8BNVJknT87gnpLIJWK0fXTayDktQOlS38CGj4 op@omarpolo.com

“Lightbulb Sun” bugfix release

31 Oct 23:01
Compare
Choose a tag to compare

Released November 1, 2022.

signify(1) pubkeys for this release: RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC

Bug Fixes

  • removed OpenBSD' rc file. it's now maintained in the ports tree
  • (hopefully) fix build on DragonflyBSD
  • call tzset(3) to fix times in logs
  • always send custom list of fcgi parameters (@nytpu)