summary refs log tree commit diff
Commit message (Collapse)AuthorAge
* Make struct Client publicJune McEnroe2020-11-14
|
* Wait for POLLIN to do client tls_handshakeJune McEnroe2020-11-13
| | | | | | | | | | | Otherwise a client could cause pounce to hang (since the sockets are left blocking) by opening a connection without handshaking! Oops, that's pretty bad. Since the sockets are still blocking, a hang can still be caused by a client sending a partial handshake then waiting. More fixes to follow. pounce is slightly protected from this when used with calico, as it applies a timeout to waiting for the ClientHello.
* Use a fixed size pollfd array in calicoJune McEnroe2020-11-13
| | | | | My thinking here is that it's better to not allocate in response to incoming connections. This also just makes the code a little simpler.
* Disallow / anywhere in server nameJune McEnroe2020-11-13
|
* Check bounds of ClientHello extensions lengthJune McEnroe2020-11-12
|
* Report paths in unveil errorsJune McEnroe2020-11-10
|
* contrib/palaver: Use open_memstream instead of fmemopenJune McEnroe2020-10-24
| | | | | Somehow I never knew about this function. Much better than fmemopen with mode "w".
* Handle signals before the main loopJune McEnroe2020-10-11
| | | | This is a long-standing issue I ignored.
* Fix possibliy uninitialized error 2.0June McEnroe2020-09-09
| | | | It won't be, but gcc thinks it might.
* Refactor reserialization and client self-producingJune McEnroe2020-08-31
|
* Add chmod+chown to certbot exampleJune McEnroe2020-08-30
|
* Rearrange bounce.c, move non-main mains below mainJune McEnroe2020-08-30
|
* Sandbox pounce with unveil(2)June McEnroe2020-08-30
|
* Refactor certificate loading and load all certs from config pathsJune McEnroe2020-08-28
|
* Sandbox pounce with pledge(2)June McEnroe2020-08-27
| | | | | unveil(2) is a bit complicated to apply to this, I'll have to think about it more.
* Sandbox calico with pledge(2) and unveil(2)June McEnroe2020-08-27
|
* Add support for OpenBSDJune McEnroe2020-08-27
|
* Remove rc scriptsJune McEnroe2020-08-27
|
* contrib/palaver: Fix documented database pathJune McEnroe2020-08-27
|
* contrib/palaver: Remove rc scriptJune McEnroe2020-08-27
|
* contrib/palaver: Fix database search and creationJune McEnroe2020-08-27
|
* contrib/palaver: Use pounce's XDG directoryJune McEnroe2020-08-27
|
* contrib/palaver: Only allow HTTPSJune McEnroe2020-08-27
|
* Support the pounce_env rc variableJune McEnroe2020-08-25
|
* Remove deprecated option namesJune McEnroe2020-08-25
| | | | The next release will be 2.0 so these can be removed now.
* Document configuration and data file searchJune McEnroe2020-08-25
|
* Use dataOpen for save fileJune McEnroe2020-08-24
|
* Use configOpen to load localCAJune McEnroe2020-08-24
|
* Use configPath to load client cert/privJune McEnroe2020-08-24
|
* Use configOpen in getopt_configJune McEnroe2020-08-24
|
* Import xdg.c from catgirlJune McEnroe2020-08-24
|
* Replace “RAND_bytes” by “getentropy”Issam E. Maghni2020-08-23
| | | | | | This removes the dependency on libcrypto. Signed-off-by: Issam E. Maghni <issam.e.maghni@mailbox.org>
* contrib/palaver: Add no message preview flagsJune McEnroe2020-08-16
|
* contrib/palaver: Don't set channel for PMsJune McEnroe2020-08-13
|
* Fix unintended interception of NICK after registrationJune McEnroe2020-08-13
| | | | Another bug caused by trying to support broken clients. I'm annoyed.
* Add Additional Components section to READMEJune McEnroe2020-08-12
|
* Document -L / palaver optionJune McEnroe2020-08-12
|
* contrib/palaver: Document service configurationJune McEnroe2020-08-11
|
* contrib/palaver: Add install target and rc scriptJune McEnroe2020-08-11
|
* contrib/palaver: Implement command and notificationsJune McEnroe2020-08-11
| | | | | | | | | | Squashed commit: Ignore messages older than a minute If pounce-palaver has been down for a time and pounce is sending it a huge buffer, it shouldn't send a notification for everything in the buffer.
* contrib/palaver: Add prospective manual pageJune McEnroe2020-08-11
|
* contrib/palaver: Add configure scriptJune McEnroe2020-08-11
|
* Implement stub of palaverapp.com capabilityJune McEnroe2020-08-11
| | | | | | This needs to be documented! But the documentation won't make any sense until there's something that can implement the actual functionality of the capability.
* Refactor intercept to use Handlers and fix QUIT w/o message 1.4p1June McEnroe2020-08-10
| | | | | | The change to support broken clients with bad line endings broke the interception of QUIT with no message parameter, because the CR is part of the length passed to intercept.
* Refactor clientCA and clientSTS as clientCapsJune McEnroe2020-08-10
|
* Use system libcrypto and openssl bin on FreeBSD 1.4June McEnroe2020-08-06
|
* Say "OpenSSL" in additional permission noticesJune McEnroe2020-08-06
| | | | LibreSSL is "a modified version of that library".
* Mention LibreTLS in READMEJune McEnroe2020-08-06
|
* Handle broken clients sending only \nJune McEnroe2020-08-06
| | | | | Sigh. The robustness principle enables the proliferation of worse quality software.
* Document concatenating client certificates for authJune McEnroe2020-08-01
| | | | | This is actually the better approach since certificates can easily be removed from the file.