summary refs log tree commit diff
path: root/bounce.c (follow)
Commit message (Collapse)AuthorAge
* Swap localAccept parameter orderJune McEnroe2020-11-14
|
* Only send shutdown QUIT and ERROR to registered clientsJune McEnroe2020-11-14
|
* Make struct Client publicJune McEnroe2020-11-14
|
* Wait for POLLIN to do client tls_handshakeJune McEnroe2020-11-13
| | | | | | | | | | | Otherwise a client could cause pounce to hang (since the sockets are left blocking) by opening a connection without handshaking! Oops, that's pretty bad. Since the sockets are still blocking, a hang can still be caused by a client sending a partial handshake then waiting. More fixes to follow. pounce is slightly protected from this when used with calico, as it applies a timeout to waiting for the ClientHello.
* Report paths in unveil errorsJune McEnroe2020-11-10
|
* Handle signals before the main loopJune McEnroe2020-10-11
| | | | This is a long-standing issue I ignored.
* Fix possibliy uninitialized error 2.0June McEnroe2020-09-09
| | | | It won't be, but gcc thinks it might.
* Rearrange bounce.c, move non-main mains below mainJune McEnroe2020-08-30
|
* Sandbox pounce with unveil(2)June McEnroe2020-08-30
|
* Refactor certificate loading and load all certs from config pathsJune McEnroe2020-08-28
|
* Sandbox pounce with pledge(2)June McEnroe2020-08-27
| | | | | unveil(2) is a bit complicated to apply to this, I'll have to think about it more.
* Add support for OpenBSDJune McEnroe2020-08-27
|
* Remove deprecated option namesJune McEnroe2020-08-25
| | | | The next release will be 2.0 so these can be removed now.
* Use dataOpen for save fileJune McEnroe2020-08-24
|
* Use configOpen to load localCAJune McEnroe2020-08-24
|
* Replace “RAND_bytes” by “getentropy”Issam E. Maghni2020-08-23
| | | | | | This removes the dependency on libcrypto. Signed-off-by: Issam E. Maghni <issam.e.maghni@mailbox.org>
* Implement stub of palaverapp.com capabilityJune McEnroe2020-08-11
| | | | | | This needs to be documented! But the documentation won't make any sense until there's something that can implement the actual functionality of the capability.
* Refactor clientCA and clientSTS as clientCapsJune McEnroe2020-08-10
|
* Say "OpenSSL" in additional permission noticesJune McEnroe2020-08-06
| | | | LibreSSL is "a modified version of that library".
* Fix signing certificates with -A and -gJune McEnroe2020-08-01
| | | | | Always generate a certificate request and pipe it to be signed, either by the CA or by itself.
* Remove compat.hJune McEnroe2020-08-01
|
* Use snprintf instead of strlcatJune McEnroe2020-08-01
|
* Use snprintf instead of strlcpyJune McEnroe2020-07-31
|
* Use RAND_bytes instead of arc4random_bufJune McEnroe2020-07-31
| | | | | This adds an actual dependency on libcrypto, but removes a dependency on BSD (or LibreSSL libcrypto specifically).
* Add -R blind-req optionJune McEnroe2020-07-06
| | | | | Allows requesting userhost-in-names on freenode, which is available but hidden.
* Add additional permission for linking with LibreSSLJune McEnroe2020-06-08
| | | | https://www.gnu.org/licenses/gpl-faq.en.html#GPLIncompatibleLibs
* Add server send queueing with time intervalJune McEnroe2020-05-11
| | | | | | | | | This addresses pounce getting killed with "Excess flood" when it sends NAMES commands for too many channels when a client connects. These commands, as well as automatic AWAY commands, are by default throttled to 5 per second. Tested on freenode with 36 channels and 200ms interval.
* Pass -1 as backlog to listen(2)June McEnroe2020-05-11
| | | | | | There seems to be no guidance on how an application should set this parameter. However, every system I've looked at will limit the value to some default maximum, usually 128.
* Check signals after handling ready socketsJune McEnroe2020-05-11
| | | | | | | In the case where a signal arrives while handling a ready socket, it should be handled as soon as possible, rather than waiting for poll to return again. Signals will still be handled immediately if poll returns -1 due to EINTR.
* Generate short option string from long optionsJune McEnroe2020-04-02
|
* Do not crash on error from acceptJune McEnroe2020-04-02
|
* Replace .mk files with configure scriptJune McEnroe2020-03-01
| | | | Copied and expanded from catgirl.
* Advertise STS policyJune McEnroe2020-02-27
| | | | | Duration is set to INT_MAX since pounce will never accept cleartext connections.
* Implement source address selectionmultiplexd2020-02-18
| | | | | | This commit introduces a '-S' command line option and a "bind" configuration file option for selecting the source address when making outbound TCP connections (similar to the corresponding option in catgirl(1)).
* Set certificate expiry to 10 yearsJune McEnroe2020-01-16
| | | | | I'm pretty sure any kind of "renewing" of these is going to suck, so just set it long enough that the world will probably be ash by then.
* Allow signing by CA in -gJune McEnroe2020-01-12
|
* Rename all local-related options to local-June McEnroe2020-01-12
| | | | | | | This disambiguates client-ca and client-pass from client-cert and client-key, which apply to opposite sides of the program. The old option names will continue to work.
* Use the CAP_PREAD rightJune McEnroe2020-01-12
| | | | Required for the rewind call when loading the CA.
* Add option to set local client CAJune McEnroe2020-01-12
| | | | | | | | | This is a little bit messy. Allows setting either -A or -W or both. Implements SASL EXTERNAL for clients that expect that when connecting with a client certificate. Need to test that reloading still works inside capsicum, since I suspect that rewind call may be blocked.
* Rename -A and -Q to -y and -qJune McEnroe2020-01-07
| | | | | | | | | | | The other upper-case options are related to the listening side of things, not the server side, so this is more consistent. This is incompatible, but will fail loudly, and I expect these options are more likely set in a configuration file, if they are set at all. I also want to free up -A for setting a client CA, but assuming your away message is not also an existing file path, that will continue to fail loudly.
* Revert "Exit when server gets POLLHUP"June McEnroe2019-12-22
| | | | | | | Turns out the more likely thing is that the fd will just continue to be POLLIN and produce zero-length reads. This reverts commit 5707b15920a1ce57f01db0d592487d833218be9d.
* Exit when server gets POLLHUPJune McEnroe2019-12-20
| | | | | | This should maybe gracefully inform clients of what happened, but for now this is much better than the infinite poll loop that happened previously.
* Reference openssl(1) by absolute pathedef2019-11-27
| | | | | This still allows using openssl(1) from PATH, but defaults to using ${LIBRESSL_PREFIX}/bin/openssl.
* Declare globals as extern in headers, and define in source fileMichael Forney2019-11-21
| | | | | | | | | | | | | | | Otherwise, each source file that includes the header gets its own definition, and according to the C standard (C99 6.9p5): > If an identifier declared with external linkage is used in an > expression (other than as part of the operand of a sizeof operator > whose result is an integer constant), somewhere in the entire > program there shall be exactly one external definition for the > identifier Most compilers use the .bss section for zero data, but if it uses .data instead, or if -Wl,--warn-common is used, this will cause a linking error.
* Request NAMES on sync by defaultJune McEnroe2019-11-15
| | | | This inverts the meaning of -N!
* Rename listen to localJune McEnroe2019-11-10
|
* Check that password is hashedJune McEnroe2019-11-08
|
* Only change AWAY status for registered clientsJune McEnroe2019-11-08
| | | | | | Turns out I did eventually fix this, because I may want to implement "passive clients" for logging or notification stuff, which wouldn't affect AWAY status either.
* Include path in readlinkat errorJune McEnroe2019-11-07
|
* Call clientConsume before clientRecvJune McEnroe2019-11-07
| | | | | This might reduce the frequency of a client getting its own message back because it was behind in the ring when it sent it.