summaryrefslogtreecommitdiff
path: root/usr.sbin/relayd/relayd.h
AgeCommit message (Expand)Author
2018-04-18Remove RELAY_MAX_SESSIONS from relayd, there is no reason to limit relaysClaudio Jeker
2017-11-28One less lie in commentsClaudio Jeker
2017-11-28Introduce relay_reset_event() which closes and resets a relay connection.Claudio Jeker
2017-11-28In TLS inspection mode we also need to keep the server tls object around.Claudio Jeker
2017-11-27Change the ecdhe curve configuration to the same way httpd is doing it.Claudio Jeker
2017-11-27Use file descriptor passing to load certificates into the relays. EspeciallyClaudio Jeker
2017-11-15make the maximum size of http headers configurable in the protocol.Sebastian Benoit
2017-07-28Always calculate the hash value of the x509 cert in ssl_load_pkey().Alexander Bluhm
2017-07-04make relayd not crash in relay_udp_server() when using a dns relay.Sebastian Benoit
2017-05-27Migrate relayd to use libtls for TLS. Still does the TLS privsep via theClaudio Jeker
2017-02-02Disable client-initiated TLS renegotiation by default.Reyk Floeter
2017-01-24move the opening of /dev/pf from the parent process to the pfe processSebastian Benoit
2017-01-09Stop accessing verbose and debug variables from log.c directly.Reyk Floeter
2016-11-24The new fork+exec mode used too many fds in the parent process onReyk Floeter
2016-10-05sync proc.c with vmd: add p_pw to specify a non-standard user for a process.Reyk Floeter
2016-09-28sync proc.c incl. the p_env removalReyk Floeter
2016-09-03Replace [RELAY|SERVER]_MAXPROC with the new PROC_MAX_INSTANCESReyk Floeter
2016-09-03Use the fork+exec privsep model in relayd; based on rzalamena@'s workReyk Floeter
2016-09-02Move snmp options into struct relayd_config and delay start of theReyk Floeter
2016-09-02Split "struct relayd" into two structs: "struct relayd" and "structReyk Floeter
2016-09-02As done in httpd, remove ps_ninstances and p_instance.Reyk Floeter
2016-09-02Terminate relayd using the socket status instead of watching SIGCHLDReyk Floeter
2016-09-01Switch from the not really working session cache (because of the multiprocessClaudio Jeker
2016-09-01Do not busy loop in the rsa engine callback waiting for the ca. Instead useClaudio Jeker
2016-07-29Bump copyright in files that I touched last.Reyk Floeter
2016-07-27Improve parsing of the Host by following RFC 7230 Section 5.4 more strictly:Reyk Floeter
2016-07-22fix some cases where we relay_abort_http() the connection too soon.Sebastian Benoit
2016-01-11This adds the host_error output and the http code (when available) to theSebastian Benoit
2015-12-02relayd (when running relays) can distribute client sessions over hostsSebastian Benoit
2015-12-02In most cases we don't need all arguments of proc_compose*_imsg(),Reyk Floeter
2015-11-29Use pledge("pf") in pfe.c.Sebastian Benoit
2015-11-28Use SOCK_NONBLOCK in relayd as well.Reyk Floeter
2015-11-22Update log.c: change fatal() and fatalx() into variadic functions,Reyk Floeter
2015-11-21Move local logging functions from log.c to new file util.c (that isReyk Floeter
2015-10-27change cipher-server-preference to be on by default. It can be disabled withSebastian Benoit
2015-08-21Increase the input side socket buffer size for "check icmp" not toYASUOKA Masahiko
2015-07-18Fix unbounded buffer growth. In the case of a slow client reading large files,Sebastian Benoit
2015-06-12To match relayd's style, use an explicit enum with prefixed names forReyk Floeter
2015-06-11Use "compliant" header guards by avoiding the reserved '_' namespace.Reyk Floeter
2015-06-08Introduce a state on the ctl_relay_event struct. This makes it possibleClaudio Jeker
2015-05-02Fix obvious problems with relayd config reload.Claudio Jeker
2015-03-09Make relayd TLSv1.2-only by default.Reyk Floeter
2015-01-22Clean up the relayd headers with help of include-what-you-use and someReyk Floeter
2015-01-22LibreSSL now supports loading of CA certificates from memory, replaceReyk Floeter
2015-01-16SSL_CTX_use_certificate_chain() has been added to LibreSSL and thereReyk Floeter
2015-01-16Adapt to <limits.h> universe.Theo de Raadt
2015-01-13bump copyright yearReyk Floeter
2015-01-01Merge error page changes from httpd: send Content-Length:, changeReyk Floeter
2014-12-21Stop pulling in <arpa/inet.h> or <arpa/nameser.h> when unnecessary.Philip Guenther
2014-12-18Update relayd to use siphash instead of sys/hash. The source-hash,Reyk Floeter