<feed xmlns='http://www.w3.org/2005/Atom'>
<title>gmnisrv/src/serve.c, branch main</title>
<subtitle>Fork of gmnisrv (Gemini server): full CA certificate chain (Lets Encrypt), TLS 1.3 only, handshake buffer-overflow fix
</subtitle>
<id>https://git.virebent.art/virebent/gmnisrv/atom?h=main</id>
<link rel='self' href='https://git.virebent.art/virebent/gmnisrv/atom?h=main'/>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/'/>
<updated>2021-11-15T20:07:23+00:00</updated>
<entry>
<title>serve: make hostname matching case-insensitive</title>
<updated>2021-11-15T20:07:23+00:00</updated>
<author>
<name>William Casarin</name>
<email>jb55@jb55.com</email>
</author>
<published>2021-11-15T18:25:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=1925bc3e7a131dfcb1c6152c80675deb2a067020'/>
<id>urn:sha1:1925bc3e7a131dfcb1c6152c80675deb2a067020</id>
<content type='text'>
Reported-by: James Tomasino &lt;james@tomasino.org&gt;
Signed-off-by: William Casarin &lt;jb55@jb55.com&gt;
</content>
</entry>
<entry>
<title>Check index before serving autoindex</title>
<updated>2021-06-21T12:42:29+00:00</updated>
<author>
<name>Karmanyaah Malhotra</name>
<email>karmanyaahm@gmail.com</email>
</author>
<published>2021-06-21T07:53:06+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=32854b79c73b278bf33eb5123abf1c36abdc7c01'/>
<id>urn:sha1:32854b79c73b278bf33eb5123abf1c36abdc7c01</id>
<content type='text'>
if a directory is being served.
</content>
</entry>
<entry>
<title>Support REMOTE_USER in CGI</title>
<updated>2021-06-17T13:52:50+00:00</updated>
<author>
<name>dece</name>
<email>shgck@pistache.land</email>
</author>
<published>2021-06-17T11:25:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=9f2481dcdf60387e57cfe357bc8d04997c967e57'/>
<id>urn:sha1:9f2481dcdf60387e57cfe357bc8d04997c967e57</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Support TLS_CLIENT_SERIAL_NUMBER in CGI</title>
<updated>2021-06-17T13:52:50+00:00</updated>
<author>
<name>dece</name>
<email>shgck@pistache.land</email>
</author>
<published>2021-06-17T11:25:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=d7bd3c6a0db4c79f244d8880d86a899eb0f8ca01'/>
<id>urn:sha1:d7bd3c6a0db4c79f244d8880d86a899eb0f8ca01</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Use strncpy to build TLS_CLIENT_HASH</title>
<updated>2021-06-17T13:52:49+00:00</updated>
<author>
<name>dece</name>
<email>shgck@pistache.land</email>
</author>
<published>2021-06-17T11:25:25+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=0bf3cde2a0a5554651867ade37daafcea49c9409'/>
<id>urn:sha1:0bf3cde2a0a5554651867ade37daafcea49c9409</id>
<content type='text'>
strncat on an uninitialized array leads to issues.
</content>
</entry>
<entry>
<title>Revert "Routing: Fix non-ascii paths"</title>
<updated>2021-05-04T13:43:23+00:00</updated>
<author>
<name>Drew DeVault</name>
<email>sir@cmpwn.com</email>
</author>
<published>2021-05-04T13:43:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=0dc0e4432a70eafde69509fde8a29802e46ae712'/>
<id>urn:sha1:0dc0e4432a70eafde69509fde8a29802e46ae712</id>
<content type='text'>
This causes a security issue (path traversal)

This reverts commit ea360fa4c10791c3c720c33470c86923424348fe.
</content>
</entry>
<entry>
<title>Send client certificate hash for CGI scripts.</title>
<updated>2021-02-11T14:19:16+00:00</updated>
<author>
<name>nytpu</name>
<email>alex@nytpu.com</email>
</author>
<published>2021-02-11T01:14:41+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=ae7ca3db3983321c0ada8416cc19f17190802f38'/>
<id>urn:sha1:ae7ca3db3983321c0ada8416cc19f17190802f38</id>
<content type='text'>
Set SSL_VERIFY_PEER to request a client certificate from the server,
when available.  Have to shim the certificate verification function or
else it will fail on self-signed client certs.

In serve_cgi retrieve client certificate, create a fingerprint, and set
proper environment variables.  It's pretty barebones, it doesn't parse
the certificate to give any other useful info like the common name, but
it's acceptable IMO.  For most CGI uses the fingerprint is the only
thing that is needed anyways.
</content>
</entry>
<entry>
<title>ignore SIGCHLD to prevent CGI zombies</title>
<updated>2021-02-07T13:07:05+00:00</updated>
<author>
<name>Nolan Prescott</name>
<email>mail@nprescott.com</email>
</author>
<published>2021-02-07T05:51:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=6d9dd838e439bbc730d12ce81214046cde9227dd'/>
<id>urn:sha1:6d9dd838e439bbc730d12ce81214046cde9227dd</id>
<content type='text'>
with nothing waiting on the forked processes there is no reason not to
reap the CGI process on exit

intended to address issue from mailing list "gmnisrv uses too many
tasks" &lt;163806E8-A16A-463E-8C62-43E903EF1E35@librem.one&gt;
</content>
</entry>
<entry>
<title>implement handling of ROUTE_EXACT definitions</title>
<updated>2021-01-29T13:55:43+00:00</updated>
<author>
<name>René Wagner</name>
<email>rwagner@rw-net.de</email>
</author>
<published>2021-01-27T19:57:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=32913c35cd5f36b00056d3e239c0e85f1f0ed000'/>
<id>urn:sha1:32913c35cd5f36b00056d3e239c0e85f1f0ed000</id>
<content type='text'>
This patchset implements the handling of exact routes
as described in gmnisrvini(5).
</content>
</entry>
<entry>
<title>Routing: Fix non-ascii paths</title>
<updated>2021-01-22T13:15:03+00:00</updated>
<author>
<name>Zach DeCook</name>
<email>zachdecook@librem.one</email>
</author>
<published>2021-01-21T04:46:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=ea360fa4c10791c3c720c33470c86923424348fe'/>
<id>urn:sha1:ea360fa4c10791c3c720c33470c86923424348fe</id>
<content type='text'>
</content>
</entry>
</feed>
