| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
- tls.c/config.h: read full PEM chain into STACK_OF(X509), send via SSL_set1_chain
- tls.c: minimum protocol TLS 1.2 -> TLS 1.3
- server.c: drain handshake output via local buffer loop instead of staging
into the fixed 4 KB client buffer (a full CA chain overflowed it -> assert)
- FORK.md: describe the fork
|
| |
|
|
|
| |
This patchset implements the handling of exact routes
as described in gmnisrvini(5).
|
| | |
|
| |
|
|
|
|
|
|
|
| |
All this does is parse the regexes out of the config file.
I've vendored libregexp from Bellard's quickjs project, because it's
reasonably small and self-contained, and POSIX regexes don't support
captures. We're eventually going to want captures for URL rewrites, so
this'll do for now.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
This probably leaves a bit to be desired tbh
|
| |
|
|
|
|
|
|
| |
We'll later want to set these on the SSL object (rather than SSL_CTX),
so move these into the host struct for later access.
We'll prefer to set it on the SSL object so that we can automatically
use an up-to-date certificate, per ~sircmpwn/gmni#26.
|
| |
|
|
| |
Includes hands-free certificate generation and loading
|
| | |
|
| | |
|
| | |
|
| |
|