Cargo.lock

@@ -13,9 +13,9 @@ dependencies = [
 
 [[package]]
 name = "ansi_term"
-version = "0.12.1"
+version = "0.11.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d52a9bb7ec0cf484c551830a7ce27bd20d67eac647e1befb56b0be4ee39a55d2"
+checksum = "ee49baf6cb617b853aa8d93bf420db2383fab46d314482ca2803b40d5fde979b"
 dependencies = [
  "winapi",
 ]
@@ -70,9 +70,9 @@ dependencies = [
 
 [[package]]
 name = "clap"
-version = "2.34.0"
+version = "2.33.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c"
+checksum = "37e58ac78573c40708d45522f0d80fa2f01cc4f9b4e2bf749807255454312002"
 dependencies = [
  "ansi_term",
  "atty",
@@ -149,9 +149,9 @@ dependencies = [
 
 [[package]]
 name = "libc"
-version = "0.2.112"
+version = "0.2.108"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1b03d17f364a3a042d5e5d46b053bbbf82c92c9430c592dd4c064dc6ee997125"
+checksum = "8521a1b57e76b1ec69af7599e75e38e7b7fad6610f037db8c79b127201b5d119"
 
 [[package]]
 name = "log"
@@ -195,13 +195,13 @@ dependencies = [
 
 [[package]]
 name = "once_cell"
-version = "1.9.0"
+version = "1.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "da32515d9f6e6e489d7bc9d84c71b060db7247dc035bbe44eac88cf87486d8d5"
+checksum = "692fcb63b64b1758029e0a96ee63e049ce8c5948587f2f7208df04625e5f6b56"
 
 [[package]]
 name = "opal"
-version = "0.2.0"
+version = "0.1.0"
 dependencies = [
  "chrono",
  "clap",
@@ -228,9 +228,9 @@ dependencies = [
 
 [[package]]
 name = "openssl-sys"
-version = "0.9.72"
+version = "0.9.71"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7e46109c383602735fa0a2e48dd2b7c892b048e1bf69e5c3b1d804b7d9c203cb"
+checksum = "7df13d165e607909b363a4757a6f133f8a818a74e9d3a98d09c6128e15fa4c73"
 dependencies = [
  "autocfg",
  "cc",
@@ -247,9 +247,9 @@ checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e"
 
 [[package]]
 name = "pkg-config"
-version = "0.3.24"
+version = "0.3.22"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "58893f751c9b0412871a09abd62ecd2a00298c6c83befa223ef98c52aef40cbe"
+checksum = "12295df4f294471248581bc09bef3c38a5e46f1e36d6a37353621a0c6c357e1f"
 
 [[package]]
 name = "regex"

README.md

@@ -8,7 +8,7 @@ project's goals are:
 
 - Focus on a small set of features (around CGI) but do them correctly.
 - Be nice with old/stupid hardware (TLS 1.2 is OK, be efficient, etc).
-- Don't add features (see the roadmap at the end of this file).
+- Don't add features unless someone actively wants them in.
 - Try to keep resources (binary size, memory, etc) under tight control.
 
 Opal uses the `openssl` Rust bindings, which work with OpenSSL and LibreSSL, so
@@ -21,23 +21,6 @@ Opal is licensed as GPLv3.
 
 
 
-Installation
-------------
-
-### Pre-compiled releases
-
-Binary releases for 64-bit Linux systems are available on [my Gitea][gitea-rel]
-and on [Github][gh-rel].
-
-[gitea-rel]: https://git.dece.space/Dece/Opal/releases
-[gh-rel]: https://github.com/Dece/Opal/releases
-
-### Compiling from sources
-
-Compiling Opal requires Cargo installed with the stable Rust toolchain.
-
-
-
 Usage
 -----
 
@@ -56,43 +39,6 @@ Note that if you just want to listen to both IPv4 and IPv6 on any interface,
 listening only on `[::]:1965` should suffice for systems with dual-stack
 enabled (default on many Linux systems, maybe not BSD).
 
-### Systemd
-
-I personally run Opal as a Systemd service. Here is an example unit file:
-
-``` ini
-[Unit]
-Description=Opal Gemini server
-
-[Service]
-WorkingDirectory=/home/gemini/opal
-User=gemini
-Group=gemini
-ExecStart=/usr/local/bin/opal -a "[::]:1966" -c certs/cert.pem -k certs/key.pem -r cgi -e STORAGE_ROOT=storage
-Restart=always
-RestartSec=1
-SyslogIdentifier=opal
-# Security options:
-NoNewPrivileges=yes
-ProtectSystem=full
-ProtectHome=tmpfs
-BindReadOnlyPaths="/home/gemini/opal"
-BindPaths="/home/gemini/opal/storage"
-
-[Install]
-WantedBy=multi-user.target
-```
-
-- Opal has been installed in `/usr/local/bin`
-- The directory `/home/gemini/opal` contains the directories `certs`, `cgi` and
-    `storage`, for certificates, the CGI scripts and a storage path.
-- The `/home` directory is not readable, except for `/home/gemini/opal` which is
-    read-only, except for the `storage` directory which is writeable.
-
-This is just an example, please do not mindlessly copy and paste it without
-understanding what the options stand for. It is also possible to use a chrooted
-environment or the Systemd equivalent option RootDirectory. Your choice!
-
 
 
 CGI support
@@ -136,9 +82,9 @@ Opal does not provide `CONTENT_LENGTH`, `CONTENT_TYPE`, `REMOTE_IDENT` because
 they do not make much sense in Gemini. `PATH_TRANSLATED` is also not implemented
 by pure laziness.
 
-The `TLS_CLIENT_HASH` is a string that starts with the 7 bytes `SHA256:`
+The `TLS_CLIENT_HASH` is a string that starts with "SHA256:" followed by the
-followed by the SHA256 digest of the DER representation of the client
+SHA256 digest of the DER representation of the client certificate, as an
-certificate, as an uppercase hex-string.
+uppercase hex-string.
 
 It can be a bit confusing which variable represent what data, especially those
 related to the URL and the path. Take the following request as example:
@@ -160,12 +106,13 @@ QUERY_STRING=search=%C3%A9l%C3%A9ment
 Roadmap
 -------
 
-Things that might end up in Opal one day:
+Things to consider:
 
 - Support SCGI; a bit more complex but should save resources on smol hardware.
+- Chroot; quite cheap and can bring a bit of peace of mind.
 
 Things that probably won't be considered:
 
-- Serve static files; so many other servers do that correctly already!
+- Serve static files; so many other servers to that correctly already!
 - Any kind of security mechanism that is not properly motivated.
-- FastCGI; un-smol…
+- FastCGI; come on…