v0.2.3 1 year, 27 days ago .tar.gz browse log

go-gemini v0.2.3

Version 0.2.3 brings a few minor bug fixes and improvements.

Adnan Maolood (3):
      readme: Update Gemini specification version
      doc: Fix Mux documentation
      fs: Prevent invalid directory links

Yujiri (1):
      Fix parsing of list item lines

v0.2.2 1 year, 11 months ago .tar.gz browse log

Version 0.2.2

Version 0.2.2 brings some improvements to Mux, the Gemini request

Mux now properly handles redirects for patterns with wildcard or empty
hostnames. A more comprehensive test suite has also been added to ensure
that Mux behaves properly.

Support for specifying schemes in patterns provided to Mux has been
removed. Mux now only accepts requests with a scheme of "gemini".

Adnan Maolood (3):
      mux: Remove support for handling schemes
      mux: Add more tests
      mux: Tweak documentation

v0.2.1 2 years ago .tar.gz browse log

Version 0.2.1 is released!

Version 0.2.1 fixes a few bugs and makes a few changes.

A panic caused by an out-of-bounds slice access in FileServer was fixed.
Users of FileServer should upgrade to avoid any issues.

The FileServer redirection code has been improved and now redirects to
the canonical path in more cases.

The ServeContent function has been removed as it does not provide much
useful functionality. Users should use ResponseWriter.SetMediaType and
io.Copy instead.

The ServeFile function no longer takes a Request argument and will no
longer perform any checks of the request URL or redirections. Users of
are expected to sanitize the file name before providing it to ServeFile.
For redirection to canonical paths, use FileServer.

An issue where wrapping a ResponseWriter with LoggingMiddleware would
cause an empty meta to be written was fixed.

Adnan Maolood (6):
      fs: Fix panic on indexing URL of zero length
      LoggingMiddleware: Prevent writing empty meta
      fs: Remove ServeContent function
      fs: Refactor
      fs: Improve redirect behavior
      fs: Avoid equality check if lengths don't match

v0.2.0 2 years ago .tar.gz browse log

Version 0.2.0 is released!

Version 0.2.0 represents a milestone in the development of go-gemini.
It brings a stronger promise of stability and backwards compatibility.

Version 0.2.0 can be used with Go 1.15, though some filesystem-related
functionality is only available on Go 1.16 and above as it relies on the
io/fs package. Those who do not need this functionality can continue to
use Go 1.15.

Future 0.2.x versions will focus mainly on improving documentation,
ironing out bugs, and polishing existing features.

v0.2.0-rc.2 2 years ago .tar.gz browse log

Revert "Require Go 1.16"

This reverts commit 0e87d64ffc2512563926d15cea6806f47205f7f9.

v0.2.0-rc.1 2 years ago .tar.gz browse log

response: Remove unnecessary length check

v0.1.22 2 years ago .tar.gz browse log

Version 0.1.22 is released!

Version 0.1.22 brings some bug fixes and tweaks.

ServeMux has been renamed to Mux.

The default media type for responses no longer specifies "charset=utf-8"
as it is implied.

ReadResponse now limits the size of the response header so that it does
not read more than necessary. ReadRequest and ReadResponse also no longer
treat an empty meta as valid.

An issue where ServeFile did not specify the media type for directory
index pages has been fixed.

Adnan Maolood (10):
      Rename ServeMux to Mux
      Remove charset=utf-8 from default media type
      Remove unused field
      response: Treat empty meta as invalid
      Tweak request and response parsing
      client: Close connection on error
      client: Only get cert if TrustCertificate is set
      fs: Fix empty media type for directory index pages
      response: Don't use bufReadCloser
      response: Limit response header size

v0.1.21 2 years ago .tar.gz browse log

Version 0.1.21 is released!

Version 0.1.21 reintroduces StatusSensitiveInput as there has not been
an official decision to remove it.

v0.1.20 2 years ago .tar.gz browse log

Version 0.1.20 is released!

Version 0.1.20 brings some bug fixes and improvements.

LoggingMiddleware has been moved out of examples/server.go and into the
library so that those who need it can easily take advantage of it.

The tofu submodule now encodes fingerprints in base64 instead of hex to
reduce the size of fingerprints. KnownHosts.Load now attempts to create
the known hosts file and any parent directories if they do not exist.

The default duration for certificates created with certificate.Store is
now 100 years instead of 250 years. The certificate store will also
attempt to create the certificate directory provided in Load if it does
not exist. The certificate store will also clean the path provided to
Load to fix an issue where certificates failed to load properly from
relative paths.

The certificate store no longer supports certificates scoped to certain
paths. Clients are recommended to limit the scope of certificates to
entire hosts for simplicity.

StatusSensitiveInput has been removed to encourage servers to rely on
client certificates for authentication instead of passwords. Those who
still wish to use it can use the number 11 instead.

Adnan Maolood (13):
      certificate.Store: Clean scope path in Load
      Move LoggingMiddleware out of examples/server.go
      certificate.Store: Make 100 years the default duration
      certificate.Store: Don't check parent scopes in Lookup
      certificate.Store: Don't call os.MkdirAll
      tofu: Automatically create file in KnownHosts.Load
      tofu: Fix format in error message
      tofu: Use base64-encoded sha256 fingerprints
      tofu: Fix known host unmarshaling
      examples/client: Fix certificate trust check
      Remove StatusSensitiveInput
      tofu: Use stricter file permissions
      certificate.Store: Call os.MkdirAll on Load

Noah Kleiner (1):
      tofu: Create path if not exists

v0.1.19 2 years ago .tar.gz browse log

Version 0.1.19 is released!

Version 0.1.19 brings some bug fixes and changes.

Most notably, go-gemini now follows updated TOFU guidelines which can be
found at gemini://drewdevault.com/2020/09/21/Gemini-TOFU.gmi

- The Client no longer performs checks on the server's TLS certificate's
  notBefore, notAfter, common name and DNS names.
- certificate.Store now creates certificates with a default duration of
  250 years.
- The tofu submodule has been updated to use the new known hosts format,
  which is the same as the old one except that it no longer includes an
  expiration timestamp.

Various bugs in certificate.Store have been fixed, including a deadlock
which was triggered upon generating a new certificate.
1 / 4


b0f27c6f — Adnan Maolood 1 year, 28 days ago