gmnlm already allows overriding invalid cert error, so it makes little
sense not to allow the same for cert mismatch one. I have also reversed
the offered options for both to reflect the suggested course of action
and added a warning for invalid cert as the possibility of MitM is quite
similar to cert mismatch.
Interpreting everything that isn't a command as relative URL wasn't
very intuitive and lead to accidental commands or requests being made.
This commit aims to clearly separate relative URLs from commands, which
also allows us to add basic error reporting for commands.
The only exception that had to be made was in regards to /whatever URLs
as those are impossible to support without changing the search command.
Redirects are currently the most reliable way of tracking users in
geminispace. To mitigate this, similar approach as used with server
certificates is adopted -- users are prompted by default, but this
can be easily overriden with a command line flag if convenience is
preferred to tracking-resistance.
* make marking of mandatory arguments consistent
* document the 'i' command
* don't document commands explained by the prompt
* unify alignment
* minor wording adjustments
It was impossible to enter a file:// URL because it got interpreted
as a 'f' command without any warning about invalid argument. The same
thing happened with relative addresses beginning with 'b' or 'f'.
Currently, followup requests to both INPUT and SENSITIVE INPUT responses are
omitted from history. However, the intended use of INPUT is for searching, and
there is SENSITIVE INPUT for sensitive information, so omitting regular INPUT
from history doesn't make much sense and only makes searching annoying as one
needs to re-enter the query when going back.
I wanted to add an optional [N] to 'd' and '|' to download/pipe the
Nth link instead of the current page. After getting the first one done,
I found out that '|' already has this option, so I fixed the relative
help line without changing that command.
All in all I don't know how useful this patch is, considering that
'[N]|' was already there. Feel free to discard it and just keep the
documentation change.
Cheers!
Previously, the last character of the provided input would not be read.
For example, `gmni -d termfmt gemini://godocs.io/-/search` would search
for "termfm".
It is common practice to quit programs reading from stdin by sending
EOF to their input. This commit ensures such an exit is functionally
equivalent to a regular exit via the 'q' command.
due to the wrong handling in download_resp() files may get
broken (last chunk missing) and file descriptors have not
been closed correctly.
Additionally we now allow downloading of local ressources
as well - for what its worth.
I've noticed headers are not displayed in some cases with -i/-I
specified. For example:
echo "printf" | gmni -i gemini://drewdevault.com/cgi-bin/man.sh
Output: empty
echo "printf" | gmni -IL gemini://drewdevault.com/cgi-bin/man.sh -
Output: 10 Search for a POSIX man page
INPUT header is here, but no REDIRECT header appeared.
The reason is headers processing is done after responses dispatch. So
some responses (redirect and input) are processed and dropped before.
Patch makes this logic a bit clearer imho: print response header before
any processing if mode is not OMIT_HEADERS and then process response body if mode
is not ONLY_HEADERS. It also deduplicates header printing as a bonus.
The host variable is freed too early. If a client certificate is not
found, the later error message in the
GEMINI_STATUS_CLASS_CLIENT_CERTIFICATE_REQUIRED case uses the freed host
variable to produce an incorrect openssl command. This fix just delays
the free to after the switch statement.
Test case:
gmnlm gemini://feeds.drewdevault.com
Prior:
The following OpenSSL command will generate a certificate for this host:
openssl req -x509 -newkey rsa:4096 \
-keyout /home/andrew/.local/share/gmni/certs/Ú-=öU.key \
-out /home/andrew/.local/share/gmni/certs/Ú-=öU.crt \
-days 36500 -nodes
Now:
The following OpenSSL command will generate a certificate for this host:
openssl req -x509 -newkey rsa:4096 \
-keyout /home/andrew/.local/share/gmni/certs/feeds.drewdevault.com.key \
-out /home/andrew/.local/share/gmni/certs/feeds.drewdevault.com.crt \
-days 36500 -nodes
This is only supported with gmni for now - gmnlm support will come
later. A limitation with BearSSL prevents us from doing automated
certificate generation for now, unfortunately.
Previously the message was never displayed to users
leaving them with a simple "Error: certificate is untrusted".
This also fixes the display of line numbers in the message.
Those changes fix the following compilation errors on OpenBSD:
src/tofu.c:128:28: error: format specifies type 'long' but the argument has type
'time_t' (aka 'long long') [-Werror,-Wformat]
"SHA-512", fingerprint, expires);
src/gmnlm.c:341:31: error: missing sentinel in function call
[-Werror,-Wsentinel]
execlp("sh", "sh", "-c", cmd);
^
, NULL
On some systems dirname uses a static string for its return value, so
we were calling mkdirs recursively on a string that was continuosly changing.
A check was also added after the `snprintf` to make sure there's no
information loss since there is no limit to the length of the string
returned by `get_data_pathfmt`.
Closes#48.
In file included from .../include/string.h:495,
from src/gmnlm.c:11:
In function ‘strncpy’,
inlined from ‘do_prompts’ at src/gmnlm.c:627:3:
...glibc-2.31-dev/include/bits/string_fortified.h:106:10:
error: ‘__builtin_strncpy’ specified bound 1024 equals
destination size [-Werror=stringop-truncation]
return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘strncpy’,
inlined from ‘do_prompts’ at src/gmnlm.c:612:3:
...glibc-2.31-dev/include/bits/string_fortified.h:106:10:
error: ‘__builtin_strncpy’ specified bound 1024 equals destination size
[-Werror=stringop-truncation]
return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: William Casarin <jb55@jb55.com>
dirname has two main problems:
1. It could change in place the string that is passed to it.
2. It uses a static string for its return value, so one should copy it
somewhere else as soon as possible to avoid subsequent calls to
dirname to corrupt his data (see #48).
We avoid 1. passing a copy of `path` to dirname and 2. copying it's
return value into `dname`.
My compiler barks about this unitialized variable:
CC src/gmnlm.o
src/gmnlm.c:629:7: error: variable 'result' is used uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized]
if (res != GEMINI_OK) {
^~~~~~~~~~~~~~~~
src/gmnlm.c:673:9: note: uninitialized use occurs here
return result;
^~~~~~
src/gmnlm.c:629:3: note: remove the 'if' if its condition is always false
if (res != GEMINI_OK) {
^~~~~~~~~~~~~~~~~~~~~~~
src/gmnlm.c:482:2: note: variable 'result' is declared here
enum prompt_result result;
^
1 error generated.
make: *** [src/gmnlm.o] Error 1
Ondřej Fiala
Sebastiano Tronto
Sebastian LaVine
René Wagner
René Wagner
k1nkreet
Andrew
Zach DeCook
Eyal Sawady
Drew DeVault
Giuseppe Lumia
Alexey Yerin
William Casarin
Tommy Nguyen
Jon Higgs
Connor Kuehl