<feed xmlns='http://www.w3.org/2005/Atom'>
<title>gmnisrv/FORK.md, branch main</title>
<subtitle>Fork of gmnisrv (Gemini server): full CA certificate chain (Lets Encrypt), TLS 1.3 only, handshake buffer-overflow fix
</subtitle>
<id>https://git.virebent.art/virebent/gmnisrv/atom?h=main</id>
<link rel='self' href='https://git.virebent.art/virebent/gmnisrv/atom?h=main'/>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/'/>
<updated>2026-06-26T17:20:00+00:00</updated>
<entry>
<title>Serve CA full chain (Let's Encrypt), TLS 1.3, fix handshake buffer overflow</title>
<updated>2026-06-26T17:20:00+00:00</updated>
<author>
<name>Gab Virebent</name>
<email>gab@virebent.art</email>
</author>
<published>2026-06-26T17:20:00+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=fb48d1308d2f63f8e9b23c5d1d921783fa0dacbe'/>
<id>urn:sha1:fb48d1308d2f63f8e9b23c5d1d921783fa0dacbe</id>
<content type='text'>
- tls.c/config.h: read full PEM chain into STACK_OF(X509), send via SSL_set1_chain
- tls.c: minimum protocol TLS 1.2 -&gt; TLS 1.3
- server.c: drain handshake output via local buffer loop instead of staging
  into the fixed 4 KB client buffer (a full CA chain overflowed it -&gt; assert)
- FORK.md: describe the fork
</content>
</entry>
</feed>
