Releases: mbrubeck/agate
Releases · mbrubeck/agate
v3.1.0
Thank you to Matthew Ingwersen and Oliver Simmons (@GoodClover) for contributing to this release.
Added
- tests for symlink files (#60)
Symlinks were already working before.
Fixed
- A path traversal security issue was closed: Percent-encoded slashes were misunderstood.
Changed
- Visiting a directory without
index.gmiand.directory-listing-oknow returns a different error message to better show the cause of the error.
To retain the current behaviour of showing a51 Not found, sorry.error, add the following line to the respective directories'.metafile:
index.gmi: 51 Not found, sorry.
v3.0.3
Thank you to @06kellyjac, @cpnfeeny, @lifelike, @skittlesvampir and @steko for contributing to this release.
Added
Fixed
- If the remote IP address can not be fetched, log an error instead of panicking. The previous handling could be exploited as a DoS attack vector. (#59)
- Two tests were running on the same port, causing them to fail nondeterministically. (#51)
- Rephrased the changelog for 3.0.0 on continuing to use older certificates. (#55)
- Updated dependencies.
v3.0.2
Thank you to @kvibber, @lifelike and @pasdechance for contributing to this release.
Changed
- The new specfication changes are obeyed regarding rejecting request URLs that contain fragments or userinfo parts.
- The default signature algorithm used for generating certificates has been changed to ECDSA since there were multiple complaints about Ed25519.
v3.0.1
Thank you to @MidAutumnMoon and @steko for contributing to this release.
Added
- Installation instructions for Arch Linux from Arch User Repositories. (#47)
Fixed
v3.0.0
Thank you to @ddevault for contributing to this release.
Added
- Support for ECDSA and Ed25519 keys.
- Agate now generates certificates and keys for each
--hostnamethat is specified but no matching files exist. (#41)
Changed
- The ability to specify a certificate and key with
--certand--keyrespectively has been replaced with the--certsoption. (#40)
Certificates are now stored in a special directory. To migrate to this version, the keys should be stored in the.certificatesdirectory (or any other directory you specify).
This enables us to use multiple certificates for multiple domains. - The certificate and key file format has been changed from PEM to DER. This simplifies loading certificate and key files without relying on unstable portions of other crates.
If you want to continue using your existing certificates and keys, please convert them to DER format. You should be able to use these commands if you have openssl installed:
openssl x509 -in cert.pem -out cert.der -outform DER
openssl rsa -in key.rsa -out key.der -outform DERSince agate will automatically generate certificates from now on, the different format should not be a problem because users are not expected to handle certificates unless experienced enough to be able to handle DER formatting as well.
Fixed
- Agate now requires the use of SNI by any connecting client.
- All log lines are in the same format now:
<local ip>:<local port> <remote ip or dash> "<request>" <response status> "<response meta>" [error:<error>]
If the connection could not be established correctly (e.g. because of TLS errors), the status code00is used. - Messages from modules other than Agate itself are not logged by default.
v2.5.3
Thank you to @littleli and @06kellyjac for contributing to this release.
Added
- Automated tests have been added so things like 2.5.2 should not happen again (#34).
- Version information flag (
-Vor--versionas conventional with e.g. cargo)
Changed
- Forbid unsafe code. (There was none before, just make it harder to add some.)
- When logging remote IP addresses, the port is now never logged, which also changes the address format.
Fixed
- Updated
urlto newest version, which resolves a TODO. - The help exits successfully with
0rather than1(#37). - The GitHub workflow has been fixed so Windows binaries are compressed correctly (#36).
- Split out install steps to allow for more options in the future.
- Add install notes for nix/NixOS to the README (#38).
- Updated dependencies.
v2.5.2
Fixed
- Semicolons are no longer considered to be starting a comment in
.mimefiles.
v2.5.0
Agate now has an explicit code of conduct and contributing guidelines.
Thank you to @gegeweb for contributing to this release.
Added
- You can now supply multiple
--hostnames to enable basic vhosts (#28). - Disabling support for TLSv1.2 can now be done using the
--only-tls13flag, but this is NOT RECOMMENDED (#12). - The tools now also contain a startup script for FreeBSD (#13).
- Using central config mode (flag
-C), all configuration can be done in one.metafile (see README.md for details). - The
.metaconfiguration file now allows for globs to be used.
Changed
- The
.metafile parser now uses theconfigparsercrate. The syntax does not change. - The changelog is now also kept in this file in addition to the GitHub releases.
- Certificate chain and key file are now only loaded once at startup, certificate changes need a restart to take effect.
- Hidden files are now served if there is an explicit setting in a
.metafile for them, regardless of the--serve-secretflag.
Fixed
- The Syntax for the IPv6 address in the README has been corrected.
- Give a better error message when no keys are found in the key file instead of panicking with a range check.
v2.4.1
- Reenabled multiple occurences of
--addr. This was already in version 2.3.0, but accidentally disabled.
v2.4.0+podman.build
This is the same as v2.4.0, only the build process has been changed so it should accommodate a wider range of architectures and devices. For completeness, here are the changelog entries for this version again:
- Added a sidecar file for specifying languages, MIME media types or complete headers on a per file basis.
- Improved logging output. This also uses the
RUST_LOGenvironment variable now, so you can configure the log level. - Added some installation tools for Debian.