| Age | Commit message (Collapse) | Author |
|---|
|
ok benno@ deraadt@
|
|
ok gcc, claudio@ agrees
|
|
option 'http { [no] websockets }' to allow such connections (default
is no). Original diff from Daniel Lamando (dan AT danopia DOT net),
option and header checks by me. suggestions and ok bluhm@ and earlier
diff claudio@
|
|
larger types really is a range reduction...
Almost any cast to (unsigned) is a bug.
ok millert tb benno
|
|
(and other lexers too)
This commit rectifies earlier change:
in the lex... even inside quotes, a \ followed by space or tab should
expand to space or tab, and a \ followed by newline should be ignored
(as a line continuation). compatible with the needs of hoststated
(which has the most strict quoted string requirements), and ifstated
(where one commonly does line continuations in strings).
OK deraadt@, OK millert@
|
|
Merge host_v{4,6}() into much simpler host_ip() using just getaddrinfo().
With input & test by kn@ and benno@
OK benno@ kn@
|
|
OK claudio@
|
|
proc_init(). As a consequence httpd(8) and relayd(8) child processes
did not detach from the terminal anymore. Dup /dev/null to the
stdio file descriptors in the children.
OK benno@
|
|
"looks good" gilles@ halex@
|
|
process. If env->sc_snmp is initialized with 0, snmp_init() closes
it. Set it to -1 to prevent the close(2).
OK reyk@ benno@ millert@
|
|
|
|
log updates|all
with
log state changes
log host checks
log connection [errors]
The first two control the logging of host check results: either changes in host state only or
all checks.
The third option controls logging of connections in relay mode:
Either log all connections, or only errors.
Additionaly, errors will be logged with LOG_WARN and good connections
will be logged with LOG_INFO, so they can be differentiated in syslog.
ok and feedback from claudio@
|
|
out of memory log_warn(). i.e. ("%s", __func__) instead of manual
function names and redundant verbiage about which wrapper detected the
out of memory condition.
ok henning@
|
|
calloc or strdup), we just need to log that we ran out of memory in a
particular function.
Recommended by florian@ and deraadt@
ok benno@ henning@ tb@
|
|
use a more general text for the sections, and avoid the catchup issue
that was trying to document how many there were;
ok benno rob
|
|
Thanks to otto@ for the initial diff.
OK benno@
|
|
connection closed log message, not just as debug message.
ok claudio@ reyk@
|
|
ok benno@
|
|
from matt schwartz
ok claudio
|
|
to 1024 session per process (esp. with keep-alive). Now the fd limit is
the new maximum and relayd will make sure to not accept too many sessions.
The tcp backlog config maximum is now 512, adjust manpage accordingly.
OK benno@ deraadt@
|
|
set to HOST_DOWN.
Noticed and fixed by Rivo Nurges <Rivo DOT Nurges AT smit DOT ee>
ok and reminder florian@
|
|
hidden somewhere. Also return after a poll timeout, there is no reason to
wait longer than a second for the answer of the ca process.
OK jsing@
|
|
Check for this in the ca process and return a valid answer to the
relay process. This fixes rsae_send_imsg poll timeouts blocking relay
processes as seen by Mischa Peters and myself.
OK benno@
|
|
ok claudio@, feedback bluhm@
|
|
Fixes a crash when poll is run without any checks.
Found and fixed by Hiltjo Posthuma (hiltjo -AT- codemadness -DOT- org).
ok claudio@
|
|
|
|
From Kapetanakis Giannis, thanks.
ok claudio@
|
|
|
|
Currently this is only used by relay_close() but will be needed in near
future.
OK benno@
|
|
For this we need to add an additional pointer to the ctl_relay_event.
Diff from Petri Mikkila (pmikkila at gmail)
OK benno@
|
|
fatal() instead of fatalx()
|
|
|
|
This removes 'no ecdh' and renames 'ecdh curve auto' to ecdhe default.
The code uses now tls_config_set_ecdhecurves(3) so it is possible to
specify multiple curves now. If people specified curves in their config
they need to adjust their config now.
OK beck@
|
|
OK claudio@
|
|
Solves the startup issues seen by bluhm@. pread idea from guenther@.
While there save the errno in the error case.
OK bluhm@
|
|
|
|
the ca file (having all the trusted certs in them) can be so big that loading
via imsg fails.
OK beck@
|
|
initial bufferevent_write_buffer() to write out the queued up HTTP request.
OK benno@
|
|
Content-Lenght Header. Of course some servers still so it and send
Content-Lenght: 0. Adjust accordingly.
ok claudio@
|
|
Be more careful and remove the events before resetting them to the new
backends. This is also what some of the bufferevent functions are doing.
OK benno@
|
|
a NULL pointer argument (like free()). Also switch a !size to size == 0.
OK benno@
|
|
OK benno@
|
|
ok bluhm@, >8k makes sense claudio@
|
|
sporadically. If the \r and \n were read in separate chunks, relayd
got out of sync with the protocol as they were interpreted as two
lines. Use evbuffer_readln() with EVBUFFER_EOL_CRLF instead of
evbuffer_readline().
OK benno@
|
|
style string by including NUL in imsg and set the pointer in the struct
passed over imsg to NULL in the receiving process to be sure nothing
tries to use it.
Avoids a crash when specifying an empty style string reported by
Karl-Andre' Skevik. ok bluhm@
|
|
Otherwise data not written could get lost. Also try to drain the
buffers when socket splicing should be enabled. The latter was
lost when the expicit bufferevent_enable() was added in relay_write().
bug report, analysis, initial fix, testing Rivo Nurges; OK beck@
|
|
Off-by-one pointed out by and diff from Kris Katterjohn katterjohn AT
gmail, thanks!
chris@ pointed out that more than httpd(8) is effected.
OK gilles@
|
|
code. This fixes interception mode (since there we rewrite the CERT which
would alter the hash of the cert but the keys still remain the same).
OK bluhm@ and jsing@
|
|
the inspect case (same is done in the regular server mode).
OK bluhm@ and jsing@
|
|
OK claudio@
|
