about summary refs log tree commit diff
Commit message (Collapse)AuthorAge
* Add lazy client registration timeoutJune McEnroe2020-11-20
| | | | | | I don't think this is worth adding a configuration option for since real clients will definitely accomplish registration faster than 10s and it's long enough to even type out manually for testing.
* Only allow clients to AUTHENTICATE if using a certJune McEnroe2020-11-16
| | | | | | Otherwise the successful authentication message can leak information to unauthenticated clients when both certificate and password authentication are enabled.
* Set client sockets non-blockingJune McEnroe2020-11-16
| | | | | | | | | | | | | | | | | | | | | Except for during writes. This prevents pounce getting blocked on a client sending only a partial TLS record, for example. Writes still need to block because pounce doesn't have a way to resume them. (And it would do so by having a buffer, but sockets already have a send buffer, so what would be the point of that?) I don't think it should be a problem since outside of stateSync, writes only happen when poll returns POLLOUT. I feel like ideally SO_SNDLOWAT would be set to guarantee a full IRC message can always be written on POLLOUT, but since it's actually TLS records being sent, it's not obvious what the size would be. I'm also making an assumption here that tls_read returning TLS_WANT_POLLOUT is unlikely to happen, since I don't actually set pollfd.events based on that. I'm not sure how wanting to resume a tls_read after a POLLOUT could be cleanly handled. I'm just going to hope that if it does happen, the regular poll loop will eventually sort it out...
* Swap localAccept parameter orderJune McEnroe2020-11-14
|
* Only send shutdown QUIT and ERROR to registered clientsJune McEnroe2020-11-14
|
* Make struct Client publicJune McEnroe2020-11-14
|
* Wait for POLLIN to do client tls_handshakeJune McEnroe2020-11-13
| | | | | | | | | | | Otherwise a client could cause pounce to hang (since the sockets are left blocking) by opening a connection without handshaking! Oops, that's pretty bad. Since the sockets are still blocking, a hang can still be caused by a client sending a partial handshake then waiting. More fixes to follow. pounce is slightly protected from this when used with calico, as it applies a timeout to waiting for the ClientHello.
* Use a fixed size pollfd array in calicoJune McEnroe2020-11-13
| | | | | My thinking here is that it's better to not allocate in response to incoming connections. This also just makes the code a little simpler.
* Disallow / anywhere in server nameJune McEnroe2020-11-13
|
* Check bounds of ClientHello extensions lengthJune McEnroe2020-11-12
|
* Report paths in unveil errorsJune McEnroe2020-11-10
|
* contrib/palaver: Use open_memstream instead of fmemopenJune McEnroe2020-10-24
| | | | | Somehow I never knew about this function. Much better than fmemopen with mode "w".
* Handle signals before the main loopJune McEnroe2020-10-11
| | | | This is a long-standing issue I ignored.
* Fix possibliy uninitialized error 2.0June McEnroe2020-09-09
| | | | It won't be, but gcc thinks it might.
* Refactor reserialization and client self-producingJune McEnroe2020-08-31
|
* Add chmod+chown to certbot exampleJune McEnroe2020-08-30
|
* Rearrange bounce.c, move non-main mains below mainJune McEnroe2020-08-30
|
* Sandbox pounce with unveil(2)June McEnroe2020-08-30
|
* Refactor certificate loading and load all certs from config pathsJune McEnroe2020-08-28
|
* Sandbox pounce with pledge(2)June McEnroe2020-08-27
| | | | | unveil(2) is a bit complicated to apply to this, I'll have to think about it more.
* Sandbox calico with pledge(2) and unveil(2)June McEnroe2020-08-27
|
* Add support for OpenBSDJune McEnroe2020-08-27
|
* Remove rc scriptsJune McEnroe2020-08-27
|
* contrib/palaver: Fix documented database pathJune McEnroe2020-08-27
|
* contrib/palaver: Remove rc scriptJune McEnroe2020-08-27
|
* contrib/palaver: Fix database search and creationJune McEnroe2020-08-27
|
* contrib/palaver: Use pounce's XDG directoryJune McEnroe2020-08-27
|
* contrib/palaver: Only allow HTTPSJune McEnroe2020-08-27
|
* Support the pounce_env rc variableJune McEnroe2020-08-25
|
* Remove deprecated option namesJune McEnroe2020-08-25
| | | | The next release will be 2.0 so these can be removed now.
* Document configuration and data file searchJune McEnroe2020-08-25
|
* Use dataOpen for save fileJune McEnroe2020-08-24
|
* Use configOpen to load localCAJune McEnroe2020-08-24
|
* Use configPath to load client cert/privJune McEnroe2020-08-24
|
* Use configOpen in getopt_configJune McEnroe2020-08-24
|
* Import xdg.c from catgirlJune McEnroe2020-08-24
|
* Replace “RAND_bytes” by “getentropy”Issam E. Maghni2020-08-23
| | | | | | This removes the dependency on libcrypto. Signed-off-by: Issam E. Maghni <issam.e.maghni@mailbox.org>
* contrib/palaver: Add no message preview flagsJune McEnroe2020-08-16
|
* contrib/palaver: Don't set channel for PMsJune McEnroe2020-08-13
|
* Fix unintended interception of NICK after registrationJune McEnroe2020-08-13
| | | | Another bug caused by trying to support broken clients. I'm annoyed.
* Add Additional Components section to READMEJune McEnroe2020-08-12
|
* Document -L / palaver optionJune McEnroe2020-08-12
|
* contrib/palaver: Document service configurationJune McEnroe2020-08-11
|
* contrib/palaver: Add install target and rc scriptJune McEnroe2020-08-11
|
* contrib/palaver: Implement command and notificationsJune McEnroe2020-08-11
| | | | | | | | | | Squashed commit: Ignore messages older than a minute If pounce-palaver has been down for a time and pounce is sending it a huge buffer, it shouldn't send a notification for everything in the buffer.
* contrib/palaver: Add prospective manual pageJune McEnroe2020-08-11
|
* contrib/palaver: Add configure scriptJune McEnroe2020-08-11
|
* Implement stub of palaverapp.com capabilityJune McEnroe2020-08-11
| | | | | | This needs to be documented! But the documentation won't make any sense until there's something that can implement the actual functionality of the capability.
* Refactor intercept to use Handlers and fix QUIT w/o message 1.4p1June McEnroe2020-08-10
| | | | | | The change to support broken clients with bad line endings broke the interception of QUIT with no message parameter, because the CR is part of the length passed to intercept.
* Refactor clientCA and clientSTS as clientCapsJune McEnroe2020-08-10
|