I think this has been broken for a while and I came across it while
implementing my own client. The server should notify the client that the
request is malformed but wasn't sending the response when SSL_read
returned SSL_ERROR_WANT_READ.
This is necessary now client certificates are supported.
Without it, an attempt to resume a session fails with
"ssl_get_prev_session:session id context uninitialized".
This was sometimes causing a gmnisrv_client to be overwritten by the
deinitialized client, which occasionally lead to a segfault when we
later tried to use it.
Set SSL_VERIFY_PEER to request a client certificate from the server,
when available. Have to shim the certificate verification function or
else it will fail on self-signed client certs.
In serve_cgi retrieve client certificate, create a fingerprint, and set
proper environment variables. It's pretty barebones, it doesn't parse
the certificate to give any other useful info like the common name, but
it's acceptable IMO. For most CGI uses the fingerprint is the only
thing that is needed anyways.
with nothing waiting on the forked processes there is no reason not to
reap the CGI process on exit
intended to address issue from mailing list "gmnisrv uses too many
tasks" <163806E8-A16A-463E-8C62-43E903EF1E35@librem.one>
This fixes an issue where rustls failed to validate the X509v1 certificate.
Tested with Amfora, av-98, and titan (https://github.com/mkeeter/titan)
This requires fresh certificates, which could break clients with strict
trust-on-first-use policies; unfortunately, it doesn't appear to be possible
to migrate v1 certificates to v3.
Cast generic sockaddr to the appropriate sockaddr_ AF and switch
inet_ntop argument accordingly.
Intended to fix issue reported on ~sircmpwn/gmni-discuss: "Logged IPv4
addresses are wrong"
Fixes a compile error on gcc 9.3.0:
src/serve.c: In function 'serve_cgi':
src/serve.c:150:3: error: ignoring return value of 'chdir', declared
with attribute warn_unused_result [-Werror=unused-result]
150 | chdir(dirname(cwd));
| ^~~~~~~~~~~~~~~~~~~
Signed-off-by: William Casarin <jb55@jb55.com>
The right side of the refresh ended up using the index of the deleted
client instead of the index from the loop, which happens to work when
the destroyed client is either last or second-last.
The client pollfd pointer would go stale when the server pollfd array
was moved to compensate for a destroyed client, which in turn led to
poll breakage.
Refresh the pollfd pointers after memmove.
The open syscall will return a negative value if the call fails. Switch
the check to look for this instead of 0.
before:
[gmnisrv] generating certificate for localhost
gmnisrv: src/tls.c:68: tls_host_gencert: Assertion `pf' failed.
abort (core dumped) ./gmnisrv -C config.ini
after:
[gmnisrv] generating certificate for localhost
[gmnisrv] opening private key for writing failed: No such file or directory
[gmnisrv] TLS initialization failed
Signed-off-by: William Casarin <jb55@jb55.com>
Trivial fix to silence compilation errors on gcc 9.3.0:
src/config.c: In function ‘conf_ini_handler’:
src/config.c:154:23: error: ‘routing’ may be used uninitialized in this
function [-Werror=maybe-uninitialized]
154 | enum gmnisrv_routing routing;
| ^~~~~~~
src/config.c:197:18: error: ‘spec’ may be used uninitialized in this
function [-Werror=maybe-uninitialized]
197 | route->path = strdup(spec);
| ^~~~~~~~~~~~
Signed-off-by: William Casarin <jb55@jb55.com>
This takes the nginx approach to the "root" directive, which is simpler
to implement and more consistent with more complex routing behaviors
like regexp.
The path component of the URL is now simply appended to the root to form
the path to the file which should be served to the client.