| Age | Commit message (Collapse) | Author |
|---|
|
doesn't exist in its own structure. This could greatly be improved upon,
but it makes snmp walk on its mib work.
OK claudio@
|
|
state changes/host checks/connection' some time ago. ok reyk@
claudio@ on first version, kn@ noticed that the tokens could be
removed too.
|
|
benno@ and reky@. Man page tweaks from jmc@.
ok benno@
|
|
filesystem.
"Well the first step is to back the commit out" deraadt@
|
|
OK benno@
|
|
This matches the documented behaviour.
On matching "forward to <table>" filter rules the "forward to destination"
address is unset, so that in that case the "forward to <table>" rule is still
used.
OK benno@, regression tests still passing.
|
|
back to the same value as $SERVER_ADDR in case the Host header is not available.
ok reyk@
|
|
for yyerror.
From Moritz Buhl
ok claudio@
|
|
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
|
Many thanks to Bruno Flueckiger who independently sent a very similar
patch. He also tested the one I'm committing that it works as
expected.
OK tb@
|
|
This fixes an issue that might better be solved in imsg itself.
The problem is that IMSG_CTL_RESET does not include an fd while the
following messages (IMSG_CFG_RELAY and IMSG_CFG_RELAY_FD) do contain
fds. If the receiver gets them in one buffer (via recvmsg), the first
fd might be wrongly associated to the IMSG_CTL_RESET message. This is
theoretically taken care of by the imsg API, so it is either a bug in
relayd's API usage or in imsg itself.
"sure" claudio@ as a temporary fix.
|
|
Tested by many (thanks!)
Feedback & OK rob@
|
|
Moving the certs out of the relay struct will help to add multiple SNI certs.
Tested by many users (thanks!)
Feedback & OK rob@
|
|
Relays cannot have the same name or listen address. If a listen
address is specified multiple times, the parser expands the
configuration into multiple relays automatically.
OK rob@
|
|
Pass the *env as an explicit argument instead of using the global
pointer: The relay_load_certfiles() function is called early before
the *env is set up. This does not change anything in the current code
as *env is not used by anything in the function (not even
ssl_load_key() that is taking it as an argument) but it will be needed
by upcoming changes for SNI.
Ok rob@
|
|
Ask the server to close the connection after the request since we
don't read any further request headers. This fixes an issue with
OPTIONS and optional body, as well as similar cases.
Reported and tested by Rivo Nurges
OK benno@
|
|
OK bentley@ mikeb@
|
|
For example,
pass from 10.0.0.0/8 path "/hello/*" forward to <b>
Ok benno@
|
|
- Don't expect the Connection header to equal Upgrade, it may include Upgrade
- Reshuffle the code to check the Upgrade/Connection headers in one place
Reported and tested by Rivo Nurges
OK and input from benno@
Cvs: ----------------------------------------------------------------------
|
|
ok benno@ deraadt@
|
|
ok gcc, claudio@ agrees
|
|
option 'http { [no] websockets }' to allow such connections (default
is no). Original diff from Daniel Lamando (dan AT danopia DOT net),
option and header checks by me. suggestions and ok bluhm@ and earlier
diff claudio@
|
|
larger types really is a range reduction...
Almost any cast to (unsigned) is a bug.
ok millert tb benno
|
|
(and other lexers too)
This commit rectifies earlier change:
in the lex... even inside quotes, a \ followed by space or tab should
expand to space or tab, and a \ followed by newline should be ignored
(as a line continuation). compatible with the needs of hoststated
(which has the most strict quoted string requirements), and ifstated
(where one commonly does line continuations in strings).
OK deraadt@, OK millert@
|
|
Merge host_v{4,6}() into much simpler host_ip() using just getaddrinfo().
With input & test by kn@ and benno@
OK benno@ kn@
|
|
OK claudio@
|
|
proc_init(). As a consequence httpd(8) and relayd(8) child processes
did not detach from the terminal anymore. Dup /dev/null to the
stdio file descriptors in the children.
OK benno@
|
|
"looks good" gilles@ halex@
|
|
process. If env->sc_snmp is initialized with 0, snmp_init() closes
it. Set it to -1 to prevent the close(2).
OK reyk@ benno@ millert@
|
|
|
|
log updates|all
with
log state changes
log host checks
log connection [errors]
The first two control the logging of host check results: either changes in host state only or
all checks.
The third option controls logging of connections in relay mode:
Either log all connections, or only errors.
Additionaly, errors will be logged with LOG_WARN and good connections
will be logged with LOG_INFO, so they can be differentiated in syslog.
ok and feedback from claudio@
|
|
out of memory log_warn(). i.e. ("%s", __func__) instead of manual
function names and redundant verbiage about which wrapper detected the
out of memory condition.
ok henning@
|
|
calloc or strdup), we just need to log that we ran out of memory in a
particular function.
Recommended by florian@ and deraadt@
ok benno@ henning@ tb@
|
|
use a more general text for the sections, and avoid the catchup issue
that was trying to document how many there were;
ok benno rob
|
|
Thanks to otto@ for the initial diff.
OK benno@
|
|
connection closed log message, not just as debug message.
ok claudio@ reyk@
|
|
ok benno@
|
|
from matt schwartz
ok claudio
|
|
to 1024 session per process (esp. with keep-alive). Now the fd limit is
the new maximum and relayd will make sure to not accept too many sessions.
The tcp backlog config maximum is now 512, adjust manpage accordingly.
OK benno@ deraadt@
|
|
set to HOST_DOWN.
Noticed and fixed by Rivo Nurges <Rivo DOT Nurges AT smit DOT ee>
ok and reminder florian@
|
|
hidden somewhere. Also return after a poll timeout, there is no reason to
wait longer than a second for the answer of the ca process.
OK jsing@
|
|
Check for this in the ca process and return a valid answer to the
relay process. This fixes rsae_send_imsg poll timeouts blocking relay
processes as seen by Mischa Peters and myself.
OK benno@
|
|
ok claudio@, feedback bluhm@
|
|
Fixes a crash when poll is run without any checks.
Found and fixed by Hiltjo Posthuma (hiltjo -AT- codemadness -DOT- org).
ok claudio@
|
|
|
|
From Kapetanakis Giannis, thanks.
ok claudio@
|
|
|
|
Currently this is only used by relay_close() but will be needed in near
future.
OK benno@
|
|
For this we need to add an additional pointer to the ctl_relay_event.
Diff from Petri Mikkila (pmikkila at gmail)
OK benno@
|
|
fatal() instead of fatalx()
|
