I've noticed headers are not displayed in some cases with -i/-I
specified. For example:
echo "printf" | gmni -i gemini://drewdevault.com/cgi-bin/man.sh
Output: empty
echo "printf" | gmni -IL gemini://drewdevault.com/cgi-bin/man.sh -
Output: 10 Search for a POSIX man page
INPUT header is here, but no REDIRECT header appeared.
The reason is headers processing is done after responses dispatch. So
some responses (redirect and input) are processed and dropped before.
Patch makes this logic a bit clearer imho: print response header before
any processing if mode is not OMIT_HEADERS and then process response body if mode
is not ONLY_HEADERS. It also deduplicates header printing as a bonus.
The host variable is freed too early. If a client certificate is not
found, the later error message in the
GEMINI_STATUS_CLASS_CLIENT_CERTIFICATE_REQUIRED case uses the freed host
variable to produce an incorrect openssl command. This fix just delays
the free to after the switch statement.
Test case:
gmnlm gemini://feeds.drewdevault.com
Prior:
The following OpenSSL command will generate a certificate for this host:
openssl req -x509 -newkey rsa:4096 \
-keyout /home/andrew/.local/share/gmni/certs/Ú-=öU.key \
-out /home/andrew/.local/share/gmni/certs/Ú-=öU.crt \
-days 36500 -nodes
Now:
The following OpenSSL command will generate a certificate for this host:
openssl req -x509 -newkey rsa:4096 \
-keyout /home/andrew/.local/share/gmni/certs/feeds.drewdevault.com.key \
-out /home/andrew/.local/share/gmni/certs/feeds.drewdevault.com.crt \
-days 36500 -nodes
Hi!
Static libraries don't need execution perms. I know this is very minor,
but best practice is to give everything the least amount of necessary
privileges. Thus, I propose changing the install command to use 644
perms.
Yours,
Ariadna
This is only supported with gmni for now - gmnlm support will come
later. A limitation with BearSSL prevents us from doing automated
certificate generation for now, unfortunately.
Previously the message was never displayed to users
leaving them with a simple "Error: certificate is untrusted".
This also fixes the display of line numbers in the message.
On systems using dsymutil the check for the "-g" flag was failing not
because the compiler didn't provide it but because of `/dev/null`
being used as output file.
Those changes fix the following compilation errors on OpenBSD:
src/tofu.c:128:28: error: format specifies type 'long' but the argument has type
'time_t' (aka 'long long') [-Werror,-Wformat]
"SHA-512", fingerprint, expires);
src/gmnlm.c:341:31: error: missing sentinel in function call
[-Werror,-Wsentinel]
execlp("sh", "sh", "-c", cmd);
^
, NULL
On some systems dirname uses a static string for its return value, so
we were calling mkdirs recursively on a string that was continuosly changing.
A check was also added after the `snprintf` to make sure there's no
information loss since there is no limit to the length of the string
returned by `get_data_pathfmt`.
Closes#48.
In file included from .../include/string.h:495,
from src/gmnlm.c:11:
In function ‘strncpy’,
inlined from ‘do_prompts’ at src/gmnlm.c:627:3:
...glibc-2.31-dev/include/bits/string_fortified.h:106:10:
error: ‘__builtin_strncpy’ specified bound 1024 equals
destination size [-Werror=stringop-truncation]
return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘strncpy’,
inlined from ‘do_prompts’ at src/gmnlm.c:612:3:
...glibc-2.31-dev/include/bits/string_fortified.h:106:10:
error: ‘__builtin_strncpy’ specified bound 1024 equals destination size
[-Werror=stringop-truncation]
return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: William Casarin <jb55@jb55.com>
dirname has two main problems:
1. It could change in place the string that is passed to it.
2. It uses a static string for its return value, so one should copy it
somewhere else as soon as possible to avoid subsequent calls to
dirname to corrupt his data (see #48).
We avoid 1. passing a copy of `path` to dirname and 2. copying it's
return value into `dname`.
The '-D' option of `install` is not implemented on some systems that
don't use GNU install. Its uses were replaced with `mkdir -p` commands
to eventually provide the missing folders.
My compiler barks about this unitialized variable:
CC src/gmnlm.o
src/gmnlm.c:629:7: error: variable 'result' is used uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized]
if (res != GEMINI_OK) {
^~~~~~~~~~~~~~~~
src/gmnlm.c:673:9: note: uninitialized use occurs here
return result;
^~~~~~
src/gmnlm.c:629:3: note: remove the 'if' if its condition is always false
if (res != GEMINI_OK) {
^~~~~~~~~~~~~~~~~~~~~~~
src/gmnlm.c:482:2: note: variable 'result' is declared here
enum prompt_result result;
^
1 error generated.
make: *** [src/gmnlm.o] Error 1
