<feed xmlns='http://www.w3.org/2005/Atom'>
<title>gmnisrv/src/server.c, branch main</title>
<subtitle>Fork of gmnisrv (Gemini server): full CA certificate chain (Lets Encrypt), TLS 1.3 only, handshake buffer-overflow fix
</subtitle>
<id>https://git.virebent.art/virebent/gmnisrv/atom?h=main</id>
<link rel='self' href='https://git.virebent.art/virebent/gmnisrv/atom?h=main'/>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/'/>
<updated>2026-06-26T17:20:00+00:00</updated>
<entry>
<title>Serve CA full chain (Let's Encrypt), TLS 1.3, fix handshake buffer overflow</title>
<updated>2026-06-26T17:20:00+00:00</updated>
<author>
<name>Gab Virebent</name>
<email>gab@virebent.art</email>
</author>
<published>2026-06-26T17:20:00+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=fb48d1308d2f63f8e9b23c5d1d921783fa0dacbe'/>
<id>urn:sha1:fb48d1308d2f63f8e9b23c5d1d921783fa0dacbe</id>
<content type='text'>
- tls.c/config.h: read full PEM chain into STACK_OF(X509), send via SSL_set1_chain
- tls.c: minimum protocol TLS 1.2 -&gt; TLS 1.3
- server.c: drain handshake output via local buffer loop instead of staging
  into the fixed 4 KB client buffer (a full CA chain overflowed it -&gt; assert)
- FORK.md: describe the fork
</content>
</entry>
<entry>
<title>Close some files when too many are open</title>
<updated>2022-12-19T11:02:08+00:00</updated>
<author>
<name>Remy Noulin</name>
<email>loader2x@gmail.com</email>
</author>
<published>2022-11-22T07:03:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=95138564acbc347c0a5f4f86d9280e3ab1484fd2'/>
<id>urn:sha1:95138564acbc347c0a5f4f86d9280e3ab1484fd2</id>
<content type='text'>
</content>
</entry>
<entry>
<title>notify clients about malformed requests</title>
<updated>2022-08-15T13:50:27+00:00</updated>
<author>
<name>Julian Maingot</name>
<email>julianmaingot@gmail.com</email>
</author>
<published>2022-07-31T00:24:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=132f2ececc012cf4744ca5b8044fb637fed96a0c'/>
<id>urn:sha1:132f2ececc012cf4744ca5b8044fb637fed96a0c</id>
<content type='text'>
I think this has been broken for a while and I came across it while
implementing my own client. The server should notify the client that the
request is malformed but wasn't sending the response when SSL_read
returned SSL_ERROR_WANT_READ.
</content>
</entry>
<entry>
<title>disconnect_client: fix index calculation</title>
<updated>2021-05-16T19:54:16+00:00</updated>
<author>
<name>Eyal Sawady</name>
<email>ecs@d2evs.net</email>
</author>
<published>2021-05-16T19:53:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=b9a92193e96bbe621ebc8430d8308d45a5b86cef'/>
<id>urn:sha1:b9a92193e96bbe621ebc8430d8308d45a5b86cef</id>
<content type='text'>
This was sometimes causing a gmnisrv_client to be overwritten by the
deinitialized client, which occasionally lead to a segfault when we
later tried to use it.
</content>
</entry>
<entry>
<title>Fix use of wrong index during pollfd refresh</title>
<updated>2020-11-10T13:06:37+00:00</updated>
<author>
<name>Kenny Levinsen</name>
<email>kl@kl.wtf</email>
</author>
<published>2020-11-10T13:05:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=9fd9eef9d7f850ccc1f8d5fe4dc60df461a5dbc2'/>
<id>urn:sha1:9fd9eef9d7f850ccc1f8d5fe4dc60df461a5dbc2</id>
<content type='text'>
The right side of the refresh ended up using the index of the deleted
client instead of the index from the loop, which happens to work when
the destroyed client is either last or second-last.
</content>
</entry>
<entry>
<title>Update pollfd pointers when destroying a client</title>
<updated>2020-11-09T02:34:34+00:00</updated>
<author>
<name>Kenny Levinsen</name>
<email>kl@kl.wtf</email>
</author>
<published>2020-11-08T22:59:41+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=fdd27bb4c1f1fb05481368c214e0f0f30a81b0ca'/>
<id>urn:sha1:fdd27bb4c1f1fb05481368c214e0f0f30a81b0ca</id>
<content type='text'>
The client pollfd pointer would go stale when the server pollfd array
was moved to compensate for a destroyed client, which in turn led to
poll breakage.

Refresh the pollfd pointers after memmove.
</content>
</entry>
<entry>
<title>Prevent double free of client resources</title>
<updated>2020-11-08T21:37:53+00:00</updated>
<author>
<name>Drew DeVault</name>
<email>sir@cmpwn.com</email>
</author>
<published>2020-11-08T21:37:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=74077b6f951865420a78345d5e793bba08fc0edc'/>
<id>urn:sha1:74077b6f951865420a78345d5e793bba08fc0edc</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Set POLLOUT only when there's something to write</title>
<updated>2020-11-08T14:38:17+00:00</updated>
<author>
<name>mbays</name>
<email>mbays@sdf.org</email>
</author>
<published>2020-11-08T13:30:45+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=4b2c3afdb0f448372e1ffa58a88250a305ea85cb'/>
<id>urn:sha1:4b2c3afdb0f448372e1ffa58a88250a305ea85cb</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Don't memmove one past clients</title>
<updated>2020-11-08T14:37:59+00:00</updated>
<author>
<name>Tom Lebreux</name>
<email>me@tomlebreux.com</email>
</author>
<published>2020-11-07T12:56:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=7aedbed7740c3ee5d60705a2ad74cdc760e60f2e'/>
<id>urn:sha1:7aedbed7740c3ee5d60705a2ad74cdc760e60f2e</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Fix not moving all fds</title>
<updated>2020-11-08T14:37:55+00:00</updated>
<author>
<name>Tom Lebreux</name>
<email>me@tomlebreux.com</email>
</author>
<published>2020-11-07T05:12:00+00:00</published>
<link rel='alternate' type='text/html' href='https://git.virebent.art/virebent/gmnisrv/commit/?id=d20caf389bd6cd8e6d8daaeb6d51a022fc643292'/>
<id>urn:sha1:d20caf389bd6cd8e6d8daaeb6d51a022fc643292</id>
<content type='text'>
</content>
</entry>
</feed>
