about summary refs log tree commit diff
path: root/bounce.c (follow)
Commit message (Collapse)AuthorAge
* Send PING to idle clients after 15 minutesJune McEnroe2021-10-03
| | | | | | | | | | | This is to keep TCP connections to clients from being idle for more than 15 minutes, since regular PINGs from the server are answered by pounce and not relayed to clients. Note that there is still no timeout on poll(2) unless there are need clients. We assume that we are receiving (and swallowing) regular PINGs from the server at an interval shorter than 15 minutes, so a poll(2) timeout would be pointless.
* Log IRC to standard output with -vJune McEnroe2021-10-02
| | | | | So that it can actually be logged to a file separate from any errors or status messages. Also make sure only LF is used when logging.
* Use EX_USAGE for all local configuration errorsJune McEnroe2021-09-05
|
* OpenBSD: Drop inet pledge when using unix socketJune McEnroe2021-09-03
| | | | | calico is passing us sockets it already accepted, so we don't need inet anymore.
* OpenBSD: Drop no longer needed unveils and pledge promisesJune McEnroe2021-09-03
|
* Reorder file loading in mainJune McEnroe2021-09-03
|
* Be nice and call tls_close(3) on the serverJune McEnroe2021-09-02
|
* Separate client QUIT and ERROR messagesJune McEnroe2021-09-02
| | | | So each can be logged properly with its prefix.
* Remove redundant clientDiff functionJune McEnroe2021-09-02
|
* OpenBSD: pledge(2) the genCert code pathJune McEnroe2021-09-02
|
* OpenBSD: pledge(2) the hashPass code pathJune McEnroe2021-09-02
|
* OpenBSD: pledge(2) printCert code path separatelyJune McEnroe2021-09-02
| | | | Ported from catgirl.
* Call serverConfig() with NULLs for -oJune McEnroe2021-09-02
| | | | | Always use insecure, and trust, clientCert, clientPriv are irrelevant for printing the remote certificate.
* Read from /dev/urandom instead of using getentropy(3)June McEnroe2021-09-02
| | | | | | | | | getentropy(3) is kind of an awkward function. May as well be generic as possible and read some random bytes from /dev/urandom, since for -x we don't really need to worry about being in some execution environment where that's unavailable. I'm also happy to remove that special-case include for macOS since its crypt(3) isn't even usable anyway.
* Add -m mode option to set user modesJune McEnroe2021-06-18
|
* Don't use :trailing parameter for JOINJune McEnroe2021-04-09
| | | | | It seems some IRCds don't even parse this correctly. It also should never have been done this way since it breaks sending channel keys.
* Drop pledge capabilities after binding and connectingJune McEnroe2021-02-01
|
* Add -o and -t options to trust self-signed certificates 2.2June McEnroe2021-01-11
|
* Clean up main loop loopsJune McEnroe2020-11-21
|
* Add lazy client registration timeoutJune McEnroe2020-11-20
| | | | | | I don't think this is worth adding a configuration option for since real clients will definitely accomplish registration faster than 10s and it's long enough to even type out manually for testing.
* Set client sockets non-blockingJune McEnroe2020-11-16
| | | | | | | | | | | | | | | | | | | | | Except for during writes. This prevents pounce getting blocked on a client sending only a partial TLS record, for example. Writes still need to block because pounce doesn't have a way to resume them. (And it would do so by having a buffer, but sockets already have a send buffer, so what would be the point of that?) I don't think it should be a problem since outside of stateSync, writes only happen when poll returns POLLOUT. I feel like ideally SO_SNDLOWAT would be set to guarantee a full IRC message can always be written on POLLOUT, but since it's actually TLS records being sent, it's not obvious what the size would be. I'm also making an assumption here that tls_read returning TLS_WANT_POLLOUT is unlikely to happen, since I don't actually set pollfd.events based on that. I'm not sure how wanting to resume a tls_read after a POLLOUT could be cleanly handled. I'm just going to hope that if it does happen, the regular poll loop will eventually sort it out...
* Swap localAccept parameter orderJune McEnroe2020-11-14
|
* Only send shutdown QUIT and ERROR to registered clientsJune McEnroe2020-11-14
|
* Make struct Client publicJune McEnroe2020-11-14
|
* Wait for POLLIN to do client tls_handshakeJune McEnroe2020-11-13
| | | | | | | | | | | Otherwise a client could cause pounce to hang (since the sockets are left blocking) by opening a connection without handshaking! Oops, that's pretty bad. Since the sockets are still blocking, a hang can still be caused by a client sending a partial handshake then waiting. More fixes to follow. pounce is slightly protected from this when used with calico, as it applies a timeout to waiting for the ClientHello.
* Report paths in unveil errorsJune McEnroe2020-11-10
|
* Handle signals before the main loopJune McEnroe2020-10-11
| | | | This is a long-standing issue I ignored.
* Fix possibliy uninitialized error 2.0June McEnroe2020-09-09
| | | | It won't be, but gcc thinks it might.
* Rearrange bounce.c, move non-main mains below mainJune McEnroe2020-08-30
|
* Sandbox pounce with unveil(2)June McEnroe2020-08-30
|
* Refactor certificate loading and load all certs from config pathsJune McEnroe2020-08-28
|
* Sandbox pounce with pledge(2)June McEnroe2020-08-27
| | | | | unveil(2) is a bit complicated to apply to this, I'll have to think about it more.
* Add support for OpenBSDJune McEnroe2020-08-27
|
* Remove deprecated option namesJune McEnroe2020-08-25
| | | | The next release will be 2.0 so these can be removed now.
* Use dataOpen for save fileJune McEnroe2020-08-24
|
* Use configOpen to load localCAJune McEnroe2020-08-24
|
* Replace “RAND_bytes” by “getentropy”Issam E. Maghni2020-08-23
| | | | | | This removes the dependency on libcrypto. Signed-off-by: Issam E. Maghni <issam.e.maghni@mailbox.org>
* Implement stub of palaverapp.com capabilityJune McEnroe2020-08-11
| | | | | | This needs to be documented! But the documentation won't make any sense until there's something that can implement the actual functionality of the capability.
* Refactor clientCA and clientSTS as clientCapsJune McEnroe2020-08-10
|
* Say "OpenSSL" in additional permission noticesJune McEnroe2020-08-06
| | | | LibreSSL is "a modified version of that library".
* Fix signing certificates with -A and -gJune McEnroe2020-08-01
| | | | | Always generate a certificate request and pipe it to be signed, either by the CA or by itself.
* Remove compat.hJune McEnroe2020-08-01
|
* Use snprintf instead of strlcatJune McEnroe2020-08-01
|
* Use snprintf instead of strlcpyJune McEnroe2020-07-31
|
* Use RAND_bytes instead of arc4random_bufJune McEnroe2020-07-31
| | | | | This adds an actual dependency on libcrypto, but removes a dependency on BSD (or LibreSSL libcrypto specifically).
* Add -R blind-req optionJune McEnroe2020-07-06
| | | | | Allows requesting userhost-in-names on freenode, which is available but hidden.
* Add additional permission for linking with LibreSSLJune McEnroe2020-06-08
| | | | https://www.gnu.org/licenses/gpl-faq.en.html#GPLIncompatibleLibs
* Add server send queueing with time intervalJune McEnroe2020-05-11
| | | | | | | | | This addresses pounce getting killed with "Excess flood" when it sends NAMES commands for too many channels when a client connects. These commands, as well as automatic AWAY commands, are by default throttled to 5 per second. Tested on freenode with 36 channels and 200ms interval.
* Pass -1 as backlog to listen(2)June McEnroe2020-05-11
| | | | | | There seems to be no guidance on how an application should set this parameter. However, every system I've looked at will limit the value to some default maximum, usually 128.
* Check signals after handling ready socketsJune McEnroe2020-05-11
| | | | | | | In the case where a signal arrives while handling a ready socket, it should be handled as soon as possible, rather than waiting for poll to return again. Signals will still be handled immediately if poll returns -1 due to EINTR.