CHANGELOG.md (16499B)
1 # Changelog 2 3 All notable changes to this project will be documented in this file. 4 5 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), 6 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). 7 8 ## [Unreleased] 9 10 ## [3.3.3] - 2023-12-27 11 12 ### Fixed 13 * fixed release automation 14 15 ## [3.3.2] - 2023-12-27 16 17 ### Fixed 18 * updated dependencies 19 20 ## [3.3.1] - 2023-08-05 21 Thank you to Jan Stępień and @michaelnordmeyer for contributing to this release. 22 23 ### Fixed 24 * set permissions for generated key files so only owner can read them 25 * improve documentation and tests 26 27 ## [3.3.0] - 2023-03-18 28 Thank you to @equalsraf, @michaelnordmeyer and @wanderer1988 for contributing to this release. 29 30 ### Added 31 * listening on unix sockets (#244) 32 33 ### Fixed 34 * updated dependencies 35 * misstyped email address in section on how to report security vulnerabilities (#239) 36 * wrong language code in README (#189) 37 38 ## [3.2.4] - 2022-05-18 39 Thank you to @06kellyjac, @albertlarsan68 and @kahays for contributing to this release. 40 41 ### Fixed 42 * removed port collisions in tests, for the last time (#143) 43 * fixed Dockerfile startup command (#169) 44 * upated dependencies 45 46 ## [3.2.3] - 2022-02-04 47 Thank you to T. Spivey for contributing to this release. 48 49 ### Fixed 50 * improper IRIs are handled instead of crashing (bug reported via email) 51 * updated dependencies 52 53 ## [3.2.2] - 2022-01-25 54 Thank you to @Suzie97 for contributing to this release. 55 56 ### Added 57 * CI build for `aarch64-apple-darwin` target (#137) 58 59 ### Fixed 60 * updated dependencies 61 62 ## [3.2.1] - 2021-12-02 63 Thank you to @MatthiasPortzel for contributing to this release. 64 65 ### Fixed 66 * host name comparisons are now case insensitive (#115) 67 * made automatic certificate configuration more prominent in the README 68 * updated dependencies 69 70 ## [3.2.0] - 2021-11-15 71 Thank you to @balazsbtond and @joseph-marques for contributing to this release. 72 73 ### Added 74 * you can add header text to a directory listing. See the updated readme for details. (#98) 75 76 ### Fixed 77 * updated dependencies 78 * error pages also send close_notify (#100) 79 80 ## [3.1.3] - 2021-10-25 81 Thank you to @FoxKyong for contributing to this release. 82 83 ### Fixed 84 * the fix for dual stack listening from 3.1.2 was executed asynchronously and would thus 85 sometimes fail. starting the listeners on different socket addresses is now synchronous 86 (#79) 87 88 ## [3.1.2] - 2021-10-15 89 Thank you to @etam for contributing to this release. 90 91 ### Fixed 92 * when starting up on a system that automatically listens in dual stack mode (e.g. some 93 linux distributions seem to do this), detect a second unspecified address to not cause 94 the "address in use" error with the default listening addresses (#79) 95 * updated a dependency 96 97 ## [3.1.1] - 2021-10-14 98 Thank you to @jgarte and @alvaro-cuesta for contributing to this release. 99 100 ### Added 101 * running Agate using GNU Guix (#62) 102 103 ### Fixed 104 * actually bind to multiple IP addresses. Despite the documentation saying so, 105 Agate would only bind to the first address that did not result in an error. (#63) 106 * updated dependencies 107 108 ## [3.1.0] - 2021-06-08 109 Thank you to Matthew Ingwersen and Oliver Simmons (@GoodClover) for contributing to this release. 110 111 ### Added 112 * tests for symlink files (#60) 113 Symlinks were already working before. 114 115 ### Fixed 116 * A path traversal security issue was closed: Percent-encoded slashes were misunderstood. 117 118 ### Changed 119 * Visiting a directory without `index.gmi` and `.directory-listing-ok` now returns a different error message to better show the cause of the error. 120 To retain the current behaviour of showing a `51 Not found, sorry.` error, add the following line to the respective directories' `.meta` file: 121 ``` 122 index.gmi: 51 Not found, sorry. 123 ``` 124 125 ## [3.0.3] - 2021-05-24 126 Thank you to @06kellyjac, @cpnfeeny, @lifelike, @skittlesvampir and @steko for contributing to this release. 127 128 ### Added 129 * Dockerfile for compiling Agate from source (#52, #53, #56, #57) 130 131 ### Fixed 132 * If the remote IP address can not be fetched, log an error instead of panicking. 133 The previous handling could be exploited as a DoS attack vector. (#59) 134 * Two tests were running on the same port, causing them to fail nondeterministically. (#51) 135 * Rephrased the changelog for 3.0.0 on continuing to use older certificates. (#55) 136 * Updated dependencies. 137 138 ## [3.0.2] - 2021-04-08 139 Thank you to @kvibber, @lifelike and @pasdechance for contributing to this release. 140 141 ### Changed 142 * The new specfication changes are obeyed regarding rejecting request URLs that contain fragments or userinfo parts. 143 * The default signature algorithm used for generating certificates has been changed to ECDSA since there were multiple complaints about Ed25519. 144 145 ## [3.0.1] - 2021-03-28 146 Thank you to @MidAutumnMoon and @steko for contributing to this release. 147 148 ### Added 149 * Installation instructions for Arch Linux from Arch User Repositories. (#47) 150 151 ### Fixed 152 * The certificate file extensions in the README example. (#45) 153 * The certificate directory is automatically created if it does not exist. (#44) 154 155 ## [3.0.0] - 2021-03-27 156 Thank you to @ddevault for contributing to this release. 157 158 ### Added 159 * Support for ECDSA and Ed25519 keys. 160 * Agate now generates certificates and keys for each `--hostname` that is specified but no matching files exist. (#41) 161 162 ### Changed 163 * The ability to specify a certificate and key with `--cert` and `--key` respectively has been replaced with the `--certs` option. (#40) 164 Certificates are now stored in a special directory. To migrate to this version, the keys should be stored in the `.certificates` directory (or any other directory you specify). 165 This enables us to use multiple certificates for multiple domains. 166 Note that if you want to continue to use your old certificates (recommended because of TOFU), they probably lack the `subjectAltName` directive so your old certificates should be placed at the top level of the certificates directory. Otherwise you will get an error similar to this: "The certificate file for example.com is malformed: unexpected error: The server certificate is not valid for the given name" 167 * The certificate and key file format has been changed from PEM to DER. This simplifies loading certificate and key files without relying on unstable portions of other crates. 168 If you want to continue using your existing certificates and keys, please convert them to DER format. You should be able to use these commands if you have openssl installed: 169 ``` 170 openssl x509 -in cert.pem -out cert.der -outform DER 171 openssl rsa -in key.rsa -out key.der -outform DER 172 ``` 173 Since agate will automatically generate certificates from now on, the different format should not be a problem because users are not expected to handle certificates unless experienced enough to be able to handle DER formatting as well. 174 175 ### Fixed 176 * Agate now requires the use of SNI by any connecting client. 177 * All log lines are in the same format now: 178 `<local ip>:<local port> <remote ip or dash> "<request>" <response status> "<response meta>" [error:<error>]` 179 If the connection could not be established correctly (e.g. because of TLS errors), the status code `00` is used. 180 * Messages from modules other than Agate itself are not logged by default. 181 182 ## [2.5.3] - 2021-02-27 183 Thank you to @littleli and @06kellyjac for contributing to this release. 184 185 ### Added 186 * Automated tests have been added so things like 2.5.2 should not happen again (#34). 187 * Version information flag (`-V` or `--version` as conventional with e.g. cargo) 188 189 ### Changed 190 * Forbid unsafe code. (There was none before, just make it harder to add some.) 191 * When logging remote IP addresses, the port is now never logged, which also changes the address format. 192 193 ### Fixed 194 * Updated `url` to newest version, which resolves a TODO. 195 * The help exits successfully with `0` rather than `1` (#37). 196 * The GitHub workflow has been fixed so Windows binaries are compressed correctly (#36). 197 * Split out install steps to allow for more options in the future. 198 * Add install notes for nix/NixOS to the README (#38). 199 * Updated dependencies. 200 201 ## [2.5.2] - 2021-02-12 202 203 ### Fixed 204 * Semicolons are no longer considered to be starting a comment in `.mime` files. 205 206 ## [2.5.1] - 2021-02-12 207 Functionally equivalent to version 2.5.1, only releasing a new version to update README on crates.io. 208 209 ### Fixed 210 * Fixed mistakes in the README. 211 212 ## [2.5.0] - 2021-02-12 213 Agate now has an explicit code of conduct and contributing guidelines. 214 Thank you to @ERnsTL, @gegeweb, @SuddenPineapple, and @Ylhp for contributing to this release. 215 216 ### Added 217 * You can now supply multiple `--hostname`s to enable basic vhosts (#28, #31). 218 * Disabling support for TLSv1.2 can now be done using the `--only-tls13` flag, but this is *NOT RECOMMENDED* (#12). 219 * The tools now also contain a startup script for FreeBSD (#13). 220 * Using central config mode (flag `-C`), all configuration can be done in one `.meta` file (see README.md for details). 221 * The `.meta` configuration file now allows for globs to be used. 222 223 ### Changed 224 * The `.meta` file parser now uses the `configparser` crate. The syntax does not change. 225 * The changelog is now also kept in this file in addition to the GitHub releases. 226 * Certificate chain and key file are now only loaded once at startup, certificate changes need a restart to take effect. 227 * Hidden files are now served if there is an explicit setting in a `.meta` file for them, regardless of the `--serve-secret` flag. 228 229 ### Fixed 230 * The Syntax for the IPv6 address in the README has been corrected. 231 * Give a better error message when no keys are found in the key file instead of panicking with a range check (#33). 232 233 ## [2.4.1] - 2020-02-08 234 ### Fixed 235 * Re-enabled multiple occurrences of `--addr`. This was accidentally disabled by a merge. 236 237 ## [2.4.0]+podman.build - 2020-02-06 238 This is the same as [2.4.0], only the build process has been changed so it should accommodate a wider range of architectures and devices. 239 240 ## [2.4.0] - 2020-02-06 241 Since there is a new maintainer (@Johann150), the range in pre-compiled binaries has changed a bit. 242 243 ### Added 244 * Added some installation tools for Debian. 245 * Added a sidecar file for specifying languages, MIME media types or complete headers on a per file basis (#16). 246 247 ### Changed 248 * Improved logging output. Agate now also respects the `RUST_LOG` environment variable, so you can configure the log level (#22, #23). 249 250 ## [2.3.0] - 2020-01-17 251 Thanks to @Johann150. 252 253 ### Changed 254 * Combine address and port back into a single command-line argument (#21). 255 256 ## [2.2.0] - 2020-01-16 257 Thank you to @gegeweb, @Johann150 and @purexo for contributing to this release. 258 259 ### Changed 260 * Split address and port into separate command-line parameters. 261 262 ### Fixed 263 * Listen on both IPv6 and IPv4 interfaces by default (#14, #15). 264 * Do not serve files whose path contains a segment starting with a dot (#17, #20). 265 * Fix redirects of URLs with query strings (#19). 266 267 ## [2.1.3] - 2020-01-02 268 ### Changed 269 * Switch to the Tokio async run time. 270 271 ### Fixed 272 * Send TLS close-notify message when closing a connection. 273 * Require absolute URLs in requests. 274 275 ## [2.1.2] - 2020-01-01 276 ### Fixed 277 * More complete percent-encoding of special characters in filenames. 278 * Minor improvements to error logging. 279 * Internal code cleanup. 280 281 ## [2.1.1] - 2020-12-31 282 ### Changed 283 * List directory content in alphabetical order. 284 285 ### Fixed 286 * Handle percent-escaped paths in URLs. 287 * Percent-escape white space characters in directory listings. 288 289 ## [2.1.0] - 2020-12-29 290 * Enabled GitHub Discussions. If you are using Agate, please feel free to leave a comment to let us know about it! 291 Thank you to @Johann150 and @KilianKemps for contributing to this release. 292 293 ### Added 294 * Optional directory listings (#8, #9). 295 296 ### Fixed 297 * Updated dependencies. 298 299 ## [2.0.0] - 2020-12-23 300 Thank you to @bortzmeyer, @KillianKemps, and @Ylhp for contributing to this release. 301 302 ### Added 303 * New `--language` option to add a language tag to the MIME type for text/gemini responses (#6). 304 305 ### Changed 306 * New format for command-line options. See the documentation or run `agate --help` for details. 307 * Logging is enabled by default. Use the `--silent` flag to disable it. 308 * Pre-compiled binaries are built with the [`cross`](https://github.com/rust-embedded/cross) tool, for better compatibility with older Linux systems. 309 310 ## [1.3.2] - 2020-12-09 311 This release is functionally identical to Agate 1.3.1, and users of that version do not need to update. 312 313 ### Fixed 314 * Update to async-tls 0.11 because the previous version was [yanked](https://github.com/async-rs/async-tls/issues/42). 315 316 ## [1.3.1] - 2020-12-08 317 Thanks @dcreager for contributing this fix. 318 319 ### Fixed 320 * Updated dependencies to fix `cargo install` (#7). 321 322 ## [1.3.0] - 2020-11-20 323 Thank you @Johann150, @jonhiggs and @tronje for contributing to this release! 324 325 ### Fixed 326 * verify hostname and port in request URL (#4). 327 * improved logging (#2, #3). 328 * Don't redirect to "/" when the path is empty (#5). 329 * Update dependencies. 330 331 ## [1.2.2] - 2020-09-21 332 Thank you to @m040601 for contributing to this release. 333 334 ### Changed 335 * Switch from `tree_magic` to `mime_guess` for simpler MIME type guessing. 336 * Built both x86_64 and ARM binaries. These binaries are built for Linux operating systems with glibc 2.28 or later, such as Debian 10 ("buster") or newer, Ubuntu 18.10 or newer, and Raspberry Pi OS 2019-06-20 or newer (#1). 337 338 ### Fixed 339 * Update dependencies. 340 * Minor internal code cleanup. 341 342 ## [1.2.1] - 2020-06-20 343 ### Fixed 344 * Reduce memory usage when serving large files. 345 * Update dependencies. 346 347 ## [1.2.0] - 2020-06-10 348 ### Changed 349 * text/gemini filename extension from `.gemini` to `.gmi`. 350 351 ### Fixed 352 * Handling for requests that exceed 1KB. 353 * Reduce memory allocations and speed up request parsing. 354 * Update dependencies. 355 356 ## [1.1.0] - 2020-05-22 357 ### Added 358 * Auto-detect MIME types. 359 360 ## [1.0.1] - 2020-05-21 361 ### Added 362 * Send more accurate error codes for unsupported requests. 363 * Do more validation of request URLs. 364 365 ## [1.0.0] - 2020-05-21 366 367 [Unreleased]: https://github.com/mbrubeck/agate/compare/v3.3.1...HEAD 368 [3.3.1]: https://github.com/mbrubeck/agate/compare/v3.3.0...v3.3.1 369 [3.3.0]: https://github.com/mbrubeck/agate/compare/v3.2.4...v3.3.0 370 [3.2.4]: https://github.com/mbrubeck/agate/compare/v3.2.3...v3.2.4 371 [3.2.3]: https://github.com/mbrubeck/agate/compare/v3.2.2...v3.2.3 372 [3.2.2]: https://github.com/mbrubeck/agate/compare/v3.2.1...v3.2.2 373 [3.2.1]: https://github.com/mbrubeck/agate/compare/v3.2.0...v3.2.1 374 [3.2.0]: https://github.com/mbrubeck/agate/compare/v3.1.3...v3.2.0 375 [3.1.3]: https://github.com/mbrubeck/agate/compare/v3.1.2...v3.1.3 376 [3.1.2]: https://github.com/mbrubeck/agate/compare/v3.1.1...v3.1.2 377 [3.1.1]: https://github.com/mbrubeck/agate/compare/v3.1.0...v3.1.1 378 [3.1.0]: https://github.com/mbrubeck/agate/compare/v3.0.3...v3.1.0 379 [3.0.3]: https://github.com/mbrubeck/agate/compare/v3.0.2...v3.0.3 380 [3.0.2]: https://github.com/mbrubeck/agate/compare/v3.0.1...v3.0.2 381 [3.0.1]: https://github.com/mbrubeck/agate/compare/v3.0.0...v3.0.1 382 [3.0.0]: https://github.com/mbrubeck/agate/compare/v2.5.3...v3.0.0 383 [2.5.3]: https://github.com/mbrubeck/agate/compare/v2.5.2...v2.5.3 384 [2.5.2]: https://github.com/mbrubeck/agate/compare/v2.5.1...v2.5.2 385 [2.5.1]: https://github.com/mbrubeck/agate/compare/v2.5.0...v2.5.1 386 [2.5.0]: https://github.com/mbrubeck/agate/compare/v2.4.1...v2.5.0 387 [2.4.1]: https://github.com/mbrubeck/agate/compare/v2.4.0...v2.4.1 388 [2.4.0]: https://github.com/mbrubeck/agate/compare/v2.3.0...v2.4.0 389 [2.3.0]: https://github.com/mbrubeck/agate/compare/v2.2.0...v2.3.0 390 [2.2.0]: https://github.com/mbrubeck/agate/compare/v2.1.3...v2.2.0 391 [2.1.3]: https://github.com/mbrubeck/agate/compare/v2.1.2...v2.1.3 392 [2.1.2]: https://github.com/mbrubeck/agate/compare/v2.1.1...v2.1.2 393 [2.1.1]: https://github.com/mbrubeck/agate/compare/v2.1.0...v2.1.1 394 [2.1.0]: https://github.com/mbrubeck/agate/compare/v2.0.0...v2.1.0 395 [2.0.0]: https://github.com/mbrubeck/agate/compare/v1.3.2...v2.0.0 396 [1.3.2]: https://github.com/mbrubeck/agate/compare/v1.3.1...v1.3.2 397 [1.3.1]: https://github.com/mbrubeck/agate/compare/v1.3.0...v1.3.1 398 [1.3.0]: https://github.com/mbrubeck/agate/compare/v1.2.2...v1.3.0 399 [1.2.2]: https://github.com/mbrubeck/agate/compare/v1.2.1...v1.2.2 400 [1.2.1]: https://github.com/mbrubeck/agate/compare/v1.2.0...v1.2.1 401 [1.2.0]: https://github.com/mbrubeck/agate/compare/v1.1.0...v1.2.0 402 [1.1.0]: https://github.com/mbrubeck/agate/compare/v1.0.1...v1.1.0 403 [1.0.1]: https://github.com/mbrubeck/agate/compare/v1.0.0...v1.0.1 404 [1.0.0]: https://github.com/mbrubeck/agate/releases/tag/v1.0.0