| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2007-10-22 | we don't need mmap/munmap in relay_load_certificates anymore... | Reyk Floeter | |
| just use read() and make the function a little bit nicer. ok pyr@ | |||
| 2007-10-22 | load certificates text at parse time. then load them in relay processes. | Pierre-Yves Ritschard | |
| this separation will ease reload a bit more. ok reyk@ who spotted a stupid mistake again... | |||
| 2007-10-22 | add missing .Ed; | Jason McIntyre | |
| 2007-10-22 | add support for the include directive to the configuration file parser, | Reyk Floeter | |
| based on the existing hostapd/pfctl code. ok pyr@ | |||
| 2007-10-22 | do not check the file secrecy of hoststated.conf, there is no need to | Reyk Floeter | |
| enforce the file ownership and permissions to root:wheel 0400 because we have nothing to hide. ok pyr@ | |||
| 2007-10-19 | print system error when fopen fails. | Pierre-Yves Ritschard | |
| 2007-10-19 | Do log initialisation correctly, like bgpd does. | Pierre-Yves Ritschard | |
| This removes the double warn/log_warn madness i introduced yesterday. This also keeps messages on stderr at startup and when running with -n. | |||
| 2007-10-19 | Move relays from static TAILQs to allocated ones. | Pierre-Yves Ritschard | |
| This syncs it with other hoststated entities and will make reload easier. This is step 1 out of 7 for reload. | |||
| 2007-10-19 | Add the ability to schedule an immediate check through hoststatectl. | Pierre-Yves Ritschard | |
| Especially useful when interval is rather long. I was supposed to commit this before 4.2. | |||
| 2007-10-19 | keep log_warn messages to be informed when a failure occurs during a reload. | Pierre-Yves Ritschard | |
| 2007-10-18 | unbreak tree | Theo de Raadt | |
| 2007-10-18 | extra arg to warn slipped through. | Pierre-Yves Ritschard | |
| 2007-10-18 | repair file security warnings; ok pyr | Theo de Raadt | |
| 2007-10-16 | Allow '=' to end a number in all lexers. | Marco Pfatschbacher | |
| Requested and OK deraadt@ | |||
| 2007-10-16 | in the lex... even inside quotes, a \ followed by space or tab should | Theo de Raadt | |
| expand to space or tab, and a \ followed by newline should be ignored (as a line continuation). compatible with the needs of hoststated (which has the most strict quoted string requirements), and ifstated (where one commonly does line continuations in strings). pointed out by mpf, discussed with pyr | |||
| 2007-10-13 | avoid errno trashing in signal handler | Theo de Raadt | |
| 2007-10-13 | in all these programs using the same pfctl-derived parse.y, re-unify the | Theo de Raadt | |
| yylex implementation and the code which interacts with yylex. this also brings the future potential for include support to all of the parsers. in the future please do not silly modifications to one of these files without checking if you are de-unifying the code. checked by developers in all these areas. | |||
| 2007-10-12 | Silence some lint(1) warnings | Bret Lambert | |
| ok pyr@ | |||
| 2007-10-11 | next step in the yylex unification: handle quoted strings in a nicer fashion | Theo de Raadt | |
| as found in hoststated, and make all the code diff as clean as possible. a few issues remain mostly surrounding include support, which will likely be added to more of the grammers soon. ok norby pyr, others | |||
| 2007-10-09 | use macro argument | Theo de Raadt | |
| 2007-10-09 | Do not notify twice about the same timeout in check_icmp, this previously | Pierre-Yves Ritschard | |
| corrupted statistics. Found out by Piotr Sikora < piotr@sikora.nu >. | |||
| 2007-10-05 | stylistic changes in the relay/relay_config structure. | Reyk Floeter | |
| 2007-10-05 | cast to an int | Reyk Floeter | |
| 2007-10-05 | using an enum in the imsg_hdr is gross, use a fixed u_int16_t instead | Reyk Floeter | |
| 2007-10-05 | unbreak non-SSL relays by calling the ssl context init only if the SSL | Reyk Floeter | |
| flag is present... | |||
| 2007-10-02 | stop messing with lgetc to please hoststated's check/expect. | Pierre-Yves Ritschard | |
| instead move some of the logic in yylex and do hoststated specific translations into hoststated.c ok gilles@ | |||
| 2007-10-02 | clean up merged code. | Pierre-Yves Ritschard | |
| 2007-10-01 | Add NUMBER to hoststated's lexer, very similar to what has gone in | Pierre-Yves Ritschard | |
| in the other daemons recently. Prompted and based on work by deraadt@ proofread and ok gilles@ | |||
| 2007-10-01 | kill some remaining debug that snuk in. | Pierre-Yves Ritschard | |
| 2007-10-01 | keep lines < 80. | Pierre-Yves Ritschard | |
| 2007-09-28 | KNF | Pierre-Yves Ritschard | |
| 2007-09-28 | Better description of the daemon. | Pierre-Yves Ritschard | |
| Initially prompted by deraadt@, with much much help from jmc@ (as always). | |||
| 2007-09-28 | Correct my mail address. | Pierre-Yves Ritschard | |
| 2007-09-28 | Change the ssl_privsep code to work on char buffers. | Pierre-Yves Ritschard | |
| The fd based code introduced weirdness since all children were accessing the same fd at once. This will also greatly facilitate reloading, no fd-passing will be involved between the parent and relay children. While there, cleanup the code diverting from the original ssl_rsa.c code a bit more. Weird behavior discovery by pascoe@. | |||
| 2007-09-28 | "require to +inf." is not a good verb pattern, so reword; | Jason McIntyre | |
| 2007-09-28 | Add missing "s" to https check description. | Christopher Pascoe | |
| ok pyr@ | |||
| 2007-09-27 | Move SSL context creation after privileges are dropped. | Pierre-Yves Ritschard | |
| This puts the ssl_privsep code to use. One more step towards graceful L7 reload. | |||
| 2007-09-27 | Simplify ssl_privsep.c, since it won't need to remain synced with the | Pierre-Yves Ritschard | |
| equivalent openssl functions. | |||
| 2007-09-27 | Do not clear the changed flag to early, which prevented a table | Pierre-Yves Ritschard | |
| from being used by several services. ``looks fine'' reyk@ | |||
| 2007-09-25 | Introduce two new functions to be able to load certificates while | Pierre-Yves Ritschard | |
| already chrooted and with privileges dropped. This is the very first step in being able to reload a layer 7 configuration. not ok reyk who's away but should be glad to see this in. | |||
| 2007-09-10 | add support for relaying DNS traffic (with a little bit of packet | Reyk Floeter | |
| header randomization). this adds an infrastructure to support UDP-based protocols. ok gilles@, tested by some | |||
| 2007-09-07 | add an interface to dump running relay sessions to the control socket | Reyk Floeter | |
| 2007-09-07 | remove unused flags field from the structure | Reyk Floeter | |
| 2007-09-07 | store the table's port as the relay's dstport | Reyk Floeter | |
| 2007-09-07 | add a function to print delays in hours, minutes, and seconds | Reyk Floeter | |
| 2007-09-06 | rename relay_host to print_host in log.c | Reyk Floeter | |
| 2007-09-05 | be extra careful with pointers in session_cmp | Reyk Floeter | |
| 2007-09-05 | add my copyright because i added a lot. | Reyk Floeter | |
| ok pyr@ (who is the first copyright holder) | |||
| 2007-09-05 | store relay sessions in SPLAY trees instead of TAILQ lists. this will | Reyk Floeter | |
| be used for faster lookups of sessions based on different criteria. ok pyr@ | |||
| 2007-09-05 | increase th maximum string size for the sslciphers from 32 to 768. | Reyk Floeter | |
| this unbreaks some configurations that worked when sslciphers was a dynamic charbuf. ok pyr@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |