GN is a fast, light and (for 1995 standards) secure gopher server. An effort is underway to fix the known buffer overflows and bring GN up to par with today's standards.
|Tags||Internet Security Networking|
for the record: if anyone is still using the http / html functionality or some legacy OS, you have until end of june (20140630 GMT 00h00) to speak up. if you require this code, i expect you to accept maintaining the html parts as a patch by your or to move towards wn httpd which was from the same original maintainers (i personally prefer boa, fnord or gatling for such things). if you still require legacy os support, i expect you to take care of the diff vs the regular release. current plan is to start flensing old code at 20140701 (new reference platform will be openbsd 5.5, with portability as a seperate patch) and full removal of all http/html code, to make it a pure gopher server. all patches will be vs last official release (2.24). all subsystems which are not essential to gopher protocol usage and all platforms which do not offer a useful c-library can expect limited to no support from my side - seperate patches welcome, will distribute them. regarding SSL/TLS: this code cleanup may (eventually) lead to supporting libressl.org SSL library, should i have enough time at hand. tl:dr: after 20140630 supported platform = openbsd-release, no httpd or legacy code. libressl is a second goal, should time allow.
Release Notes: This release includes initial fixes and patchsets. Some fixes have been backed out again, due to reimplementation using strlcpy/strlcat. Documentation was added for these functions. This release is not for use on production servers.