summaryrefslogtreecommitdiff
path: root/usr.sbin/relayd
AgeCommit message (Expand)Author
2018-01-24Log some more errors in the ca code, since there seems to be still a bugClaudio Jeker
2018-01-01RSA_private_{en,de}crypt() can fail and will return -1 in that case.Claudio Jeker
2017-12-27log specific error when connect() fails.Sebastian Benoit
2017-12-18always initialize the hce_launch_checks event timer.Sebastian Benoit
2017-11-29fix double dot;Jason McIntyre
2017-11-29add options to specify the control socket in relayd and relayctl.Sebastian Benoit
2017-11-28One less lie in commentsClaudio Jeker
2017-11-28Introduce relay_reset_event() which closes and resets a relay connection.Claudio Jeker
2017-11-28In TLS inspection mode we also need to keep the server tls object around.Claudio Jeker
2017-11-28relay_load_fd() is no longer clobering errno in the error case so useClaudio Jeker
2017-11-28Add space between to and read like in other DPRINTFs.Claudio Jeker
2017-11-27Change the ecdhe curve configuration to the same way httpd is doing it.Claudio Jeker
2017-11-27Make ca_launch error messages unique.Alexander Bluhm
2017-11-27lseek/read is racy when there is multiple consumers. Use pread instead.Claudio Jeker
2017-11-27Add a DPRINTF() in relay_error() that helped me out way too many times.Claudio Jeker
2017-11-27Use file descriptor passing to load certificates into the relays. EspeciallyClaudio Jeker
2017-11-27Do not rip out the output buffer of the bufferevent. Instead just use anClaudio Jeker
2017-11-27rfc 7230 mandates that a "204 No Content" http status must not come with aSebastian Benoit
2017-11-27relay_tls_connected() is playing with the inner bowels of bufferevents.Claudio Jeker
2017-11-27Simplify relay_close_http(), make relay_httpdesc_free() accept and ignoreClaudio Jeker
2017-11-16Check that http options are only configured in http protocols.Alexander Bluhm
2017-11-15make the maximum size of http headers configurable in the protocol.Sebastian Benoit
2017-09-23The relayd regression tests for chunked HTTP traffic were failingAlexander Bluhm
2017-09-14Differentiate between a style string not being specified and an emptyJonathan Gray
2017-08-28Do not close the relay if data is still in the output buffer.Alexander Bluhm
2017-08-2865535 is a valid port to listen on.Florian Obser
2017-08-09Use X509_pubkey_digest() like libtls to hash the keys for the TLS privsepClaudio Jeker
2017-08-09Call tls_config_skip_private_key_check() to disable the key checking inClaudio Jeker
2017-07-30Fix a double free of the TLS config in the error path.Alexander Bluhm
2017-07-28Always calculate the hash value of the x509 cert in ssl_load_pkey().Alexander Bluhm
2017-07-12Consistently use the variable "ttl" for get/setsockoptJeremie Courreges-Anglas
2017-07-11Correctly set ttl for IPv4 and IPv6.Florian Obser
2017-07-11The config option is called "no splice", the parser rejects "nosplice".Alexander Bluhm
2017-07-04if configured, set the ttl (IPV6_UNICAST_HOPS) for ipv6 tcp checks.Sebastian Benoit
2017-07-04make relayd not crash in relay_udp_server() when using a dns relay.Sebastian Benoit
2017-07-03no need to generate y.tab.h if nothing uses it, set YFLAGS to nothingMarc Espie
2017-05-31Fix a memory leak in pkey_add() error path. All current callers fatalJonathan Gray
2017-05-28use __func__ in log messages. fix some whitespace while here.Sebastian Benoit
2017-05-27Migrate relayd to use libtls for TLS. Still does the TLS privsep via theClaudio Jeker
2017-05-06Convert explicit_bzero() + free() to freezero().Frederic Cambus
2017-04-19better example; from hiltjo posthumaJason McIntyre
2017-04-06fix format string found by clang -Wformat-securityGleydson Soares
2017-03-25X-Forwarded-By should be the server $SERVER_ADDR instead of the clientClaudio Jeker
2017-03-21From a syslog perspective it does not make sense to log fatal andAlexander Bluhm
2017-03-10DELETE can have a body.Reyk Floeter
2017-02-27update an example in the relayd.conf manpage, that was not convertedSebastian Benoit
2017-02-09Do not loose the send/expect validation error on timeout.Reyk Floeter
2017-02-02Disable client-initiated TLS renegotiation by default.Reyk Floeter
2017-01-24move the opening of /dev/pf from the parent process to the pfe processSebastian Benoit
2017-01-09Stop accessing verbose and debug variables from log.c directly.Reyk Floeter
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 10:43:18 +0000