💾 Archived View for capsule.usebox.net › spacebeans › changes.gmi captured on 2022-04-28 at 18:00:50. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2022-03-01)
-=-=-=-=-=-=-
- Updated dependencies
- Internal refactoring preparing the service to support other protocols.
- Updated dependencies, this includes a fix for CVE-2021-42550 in logback-classic.
- Fix: CGI directories are now resolved from more to less specific, independently of their order in the configuration file. This covers cases where for example 'dir' and 'dir/sub' are both CGI enabled.
- JRE 8 support is deprecated, JRE 11 or later is recommended
- Fix: according to RFC 3986, the host subcomponent is case-insensitive. Be aware that this also affects CGIs, and SERVER_NAME will use the value in the configuration.
- Fix: CGIs used as index file are now executed.
For example, if the index file is `index.gmi` and CGI is enabled in the directory `dir`, a CGI with name `index.gmi` will be executed when accesing `gemini://host/dir/`. Before the fix, the file was served instead.
- Support to provide extra environment variables to CGIs:
// in virtual host environment = { "VARIABLE": "VALUE" }
When executing a CGI, SapaceBeans provides a clean environment (other than the CGI variables). Any required environment variable must be specified using this configuration token.
- Classic CGI support:
// CGI enabled in ROOT/cgi-bin/ directories = [ { path = "cgi-bin/", allow-cgi = true } ]
- Disable debug logging that was left on by mistake
- Fix: reviewed example configuration file to include TLS 1.3 ciphers
This was preventing TLS 1.3 from being negotiated.
If you have deployed SpaceBeans already, add these two entries to your cipher list:
"TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384"
Remember to restart your service.
See: https://wiki.mozilla.org/Security/Server_Side_TLS
- Fix: avoid reverse lookups when logging
- User directories support:
// in virtual host user-directories = true user-directory-path = "/home/{user}/public_gemini/"
Won't check for the user on the system, it only translates requests based on the user specific root path.
For example:
gemini://host/~myuser/
Will use as root:
/home/myuser/public_gemini/
- Support for directory listing per directory via `directories`:
// directory listing disabled for the virtual host directory-listing = false // but it is enabled for ROOT/directory/ directories = [ { path = "directory/", directory-listing = true } ]
- Removed some weight from the distribution bundle
- Support for JRE 8
- First public release