about summary refs log tree commit diff
path: root/dispatch.c (follow)
Commit message (Collapse)AuthorAge
* OpenBSD: Fix broken unveil in calico on 7.2June McEnroe2022-10-30
| | | | | | | Relevant OpenBSD changelog: > o AF_UNIX socket bind(2) and connect(2) now follow unveil(2) > configuration.
* Update copyrights, authorsJune McEnroe2022-07-17
|
* FreeBSD: Remove capsicum supportJune McEnroe2021-10-05
| | | | | capsicum is too impractical and removing it will allow much more straightforward code.
* Use a fixed size pollfd array in calicoJune McEnroe2020-11-13
| | | | | My thinking here is that it's better to not allocate in response to incoming connections. This also just makes the code a little simpler.
* Disallow / anywhere in server nameJune McEnroe2020-11-13
|
* Check bounds of ClientHello extensions lengthJune McEnroe2020-11-12
|
* Sandbox calico with pledge(2) and unveil(2)June McEnroe2020-08-27
|
* Say "OpenSSL" in additional permission noticesJune McEnroe2020-08-06
| | | | LibreSSL is "a modified version of that library".
* Remove compat.hJune McEnroe2020-08-01
|
* Don't use strlcpy in dispatchJune McEnroe2020-07-24
| | | | So that calico doesn't need any libs even on Linux.
* Grant CAP_SETSOCKOPT in dispatch 1.3p1June McEnroe2020-06-12
| | | | | | | This fixes a major issue that somehow didn't surface until upgrading to FreeBSD 12.1-RELEASE-p6, where since calico doesn't grant the CAP_SETSOCKOPT capability on accepted sockets, pounce crashes trying to set keepalive on sockets on receives from it.
* Add additional permission for linking with LibreSSLJune McEnroe2020-06-08
| | | | https://www.gnu.org/licenses/gpl-faq.en.html#GPLIncompatibleLibs
* Don't bother setting SO_NOSIGPIPEJune McEnroe2020-05-18
| | | | We need to ignore SIGPIPE anyway for other platforms.
* Pass -1 as backlog to listen(2)June McEnroe2020-05-11
| | | | | | There seems to be no guidance on how an application should set this parameter. However, every system I've looked at will limit the value to some default maximum, usually 128.
* Use for loop for getopt in calico 1.2p1June McEnroe2020-04-02
|
* Do not crash on error from accept in calicoJune McEnroe2020-04-02
|
* Avoid a couple VLAs with constant sizeMichael Forney2019-11-20
| | | | These are really just regular arrays masquerading as VLAs.
* Use strlcpy for sun_pathsJune McEnroe2019-11-20
| | | | | | | | | | | | My understanding is that sun_path need not be nul-terminated, but I didn't notice that SUN_LEN actually requires it. > The length of UNIX-domain address, required by bind(2) and connect(2), > can be calculated by the macro SUN_LEN() defined in <sys/un.h>. The > sun_path field must be terminated by a NUL character to be used with > SUN_LEN(), but the terminating NUL is not part of the address. Thanks to Duncan Overbruck <mail@duncano.de> for the report.
* Declare more missing functions and deal with lack of SO_NOSIGPIPEJune McEnroe2019-11-06
|
* Change license to GPLv3June McEnroe2019-11-06
| | | | | | | | | | | | | | > Notwithstanding any other provision of this License, if you modify the > Program, your modified version must prominently offer all users > interacting with it remotely through a computer network (if your version > supports such interaction) an opportunity to receive the Corresponding > Source of your version by providing access to the Corresponding Source > from a network server at no charge, through some standard or customary > means of facilitating copying of software. This potentially means that every freenode user, for example, is interacting with this software, and offering the corresponding source to each of them is an unreasonable burden.
* Send an unrecognized_name alert when failing to dispatchJune McEnroe2019-11-02
|
* Apply capsicum to calicoJune McEnroe2019-11-02
|
* Don't try to sendfd if connect failedJune McEnroe2019-11-02
|
* Add SNI socket dispatcherJune McEnroe2019-11-02
pounce can't accept connections from it yet though!