Commit message (Collapse) | Author | ||
---|---|---|---|
2019-11-06 | Define one CERTBOT_PATH rather than two format strings | June McEnroe | |
2019-11-06 | Change license to GPLv3 | June McEnroe | |
> Notwithstanding any other provision of this License, if you modify the > Program, your modified version must prominently offer all users > interacting with it remotely through a computer network (if your version > supports such interaction) an opportunity to receive the Corresponding > Source of your version by providing access to the Corresponding Source > from a network server at no charge, through some standard or customary > means of facilitating copying of software. This potentially means that every freenode user, for example, is interacting with this software, and offering the corresponding source to each of them is an unreasonable burden. | |||
2019-11-06 | Add flag to generate a client certificate | June McEnroe | |
This is essentially the command freenode tells you to run: <https://freenode.net/kb/answer/certfp>. | |||
2019-11-06 | Give SYNOPSIS Ars more informative names | June McEnroe | |
2019-11-06 | Expand SASL EXTERNAL documentation | June McEnroe | |
2019-11-06 | Use explicit_bzero from LibreSSL | June McEnroe | |
2019-11-05 | Clean up bounce.c | June McEnroe | |
2019-11-05 | Use "priv" instead of "key" in options | June McEnroe | |
Let all words be four letter words. | |||
2019-11-05 | Use arc4random_buf | June McEnroe | |
2019-11-05 | Add missing include | June McEnroe | |
2019-11-05 | Use one call to set client cert and key | June McEnroe | |
2019-11-05 | Implement SASL EXTERNAL | June McEnroe | |
2019-11-04 | Add options for TLS client certificate | June McEnroe | |
2019-11-04 | Zero PASS parameter | June McEnroe | |
2019-11-04 | Don't set directory modes on install | June McEnroe | |
2019-11-04 | Hash client passwords with crypt | June McEnroe | |
2019-11-04 | Move base64 to bounce.h | June McEnroe | |
2019-11-03 | Rename bind-unix to bind-path | June McEnroe | |
2019-11-03 | Append bindHost to bindPath if it is a directory | June McEnroe | |
2019-11-03 | Set up /var/run/calico and /usr/local/etc/pounce | June McEnroe | |
2019-11-02 | Set procname in calico rc script | June McEnroe | |
2019-11-02 | Send an unrecognized_name alert when failing to dispatch | June McEnroe | |
2019-11-02 | Fix name of SNI | June McEnroe | |
2019-11-02 | Unlink UNIX socket at exit | June McEnroe | |
2019-11-02 | Note calico in pounce CAVEATS | June McEnroe | |
2019-11-02 | Add calico rc script | June McEnroe | |
2019-11-02 | Apply capsicum to calico | June McEnroe | |
2019-11-02 | Fix trying to cap_rights_limit a NULL saveFile | June McEnroe | |
2019-11-02 | Implement UNIX-domain binding | June McEnroe | |
2019-11-02 | Don't try to sendfd if connect failed | June McEnroe | |
2019-11-02 | Document pounce -U flag | June McEnroe | |
Not yet implemented. | |||
2019-11-02 | Add SNI socket dispatcher | June McEnroe | |
pounce can't accept connections from it yet though! | |||
2019-11-01 | Limit saveFile to CAP_WRITE | June McEnroe | |
2019-11-01 | Implement capsicum workaround for certbot | June McEnroe | |
2019-11-01 | Reload certificates using openat | June McEnroe | |
This is more versatile since files are more likely to be replaced than overwritten. | |||
2019-11-01 | Re-read cert and key from the same FILEs | June McEnroe | |
2019-11-01 | Use capsicum | June McEnroe | |
2019-10-31 | Use explicit_bzero to clear passwords | June McEnroe | |
GNU doesn't implement memset_s, but both FreeBSD and GNU implement explicit_bzero. Darwin doesn't, so #define it in terms of memset_s. | |||
2019-10-31 | Send clients their own QUIT on shutdown | June McEnroe | |
2019-10-31 | Shrink client buffer size | June McEnroe | |
Clients are generally not going to send huge amounts at a time, and IRC messages are limited to 512 bytes. If in the future we supported message tags from clients, which have a size limit of 8191 bytes, this would unfortunately have to be set much higher. | |||
2019-10-31 | Iterator over pollfds in reverse | June McEnroe | |
This has two advantages: 1. When removing a client, we don't need to break the loop, since the swap-remove will replace the current pollfd with one we've already handled and we can safely move on to the next (previous) one. 2. If a new client connects for the same consumer (for example if the previous one is going to time out), it will start consuming messages for that consumer, rather than them being sent to the old client. | |||
2019-10-31 | Clear passwords from memory with memset_s | June McEnroe | |
2019-10-30 | Clean up cert path documentation | June McEnroe | |
2019-10-30 | Remove client count FIXME | June McEnroe | |
This minor thing would take too much code convolution to do. | |||
2019-10-30 | Preserve consumers ptr in realloc failure | June McEnroe | |
2019-10-30 | Add option for ring size | June McEnroe | |
2019-10-30 | Set away status upon connecting | June McEnroe | |
2019-10-30 | Add make target for localhost.crt | June McEnroe | |
Adapted from <https://letsencrypt.org/docs/certificates-for-localhost/>. | |||
2019-10-30 | Warn when consumers drop messages | June McEnroe | |
2019-10-29 | Allocate ring buffer at runtime | June McEnroe | |