~bortzmeyer


#25 TLS alert when a name is not present in the config 6 days ago

Comment by ~bortzmeyer on ~zethra/stargazer

Example:

% agunua gemini.bortzmeyer.org
[OK]
 
[On the same machine:]
% agunua radia.bortzmeyer.org 
Network problem, TLS handshake error <class 'OpenSSL.SSL.Error'>: problem in the certificate? "[('SSL routines', 'ssl3_read_bytes', 'tlsv1 alert access denied')]".

#25 TLS alert when a name is not present in the config 6 days ago

Ticket created by ~bortzmeyer on ~zethra/stargazer

When a client uses a hostname which is not in the configuration file, Stargazer shuts down the connection with a TLS alert.

It seems to me that a nice 53 would be better (all other servers do that).

#24 Add trailing slashes for directories? 3 months ago

Comment by ~bortzmeyer on ~zethra/stargazer

On Wed, Sep 01, 2021 at 03:15:14AM -0000, ~zethra outgoing@sr.ht wrote a message of 30 lines which said:

Ticket resolved: fixed

I cut a new release, 0.6.0 that should fix the problem. Please let me know if you have future issues.

It works, thanks.

#24 Add trailing slashes for directories? 3 months ago

Ticket created by ~bortzmeyer on ~zethra/stargazer

Stargazer does not redirect when an URL goes to a directory but without the final slash.

For instance gemini://gemini.bortzmeyer.org/software does serve the index.gmi of the directory but then relative links (like the first one, to Manisha) fail.

#23 More info in connection log 4 months ago

Comment by ~bortzmeyer on ~zethra/stargazer

For privacy, a possible solution is to allow the masking of some bits of the client IP address. For instance:

log_mask = 48

And we log only the 48 first bits.

#23 More info in connection log 4 months ago

Comment by ~bortzmeyer on ~zethra/stargazer

Also, when the request is logged, the source IP address is not present. Is it on purpose, to preserve the privacy of the client?

#23 More info in connection log 4 months ago

Comment by ~bortzmeyer on ~zethra/stargazer

Yes, OK. Here is a possible systemd service file, if you want to include it in the distribution:

[Unit]
Description=stargazer, Gemini server
After=network.target

[Service]
Type=simple
Restart=always
RestartSec=5
User=gemini
ExecStart=/usr/local/bin/stargazer -C /usr/local/etc/stargazer.ini 
# Without the following two options, everything is sent to systemd and retrievable with journalctl -t stargrazer
#StandardOutput=file:/var/log/stargazer/output.log
#StandardError=file:/var/log/stargazer/output.err

[Install]
WantedBy=multi-user.target

#19 Cannot use alternative port 4 months ago

Comment by ~bortzmeyer on ~zethra/stargazer

With the last version of stargazer (which apparently binds only on IPv6 when you give it [::], it works, I can have both 0.0.0.0 and [::] on the same port, which seems sensible to me. Thanks.

#23 More info in connection log 4 months ago

Ticket created by ~bortzmeyer on ~zethra/stargazer

It would be a cool feature to be able to log the connections somewhere, either with syslog or by writing directly the file.

Yes, there is the key connection-logging but, when the server is launched without a terminal, for instance with systemd, it does not help.

#22 Small suprise with non-standard ports 4 months ago

Ticket created by ~bortzmeyer on ~zethra/stargazer

It is not obvious but, if you use a non-standard port, the route must be configured just with the name of the capsule, not name:port. (Apparently, if you listen on two ports, you cannot have two different routes for these ports.)