| Commit message (Collapse) | Author | Age |
| |
|
|
|
|
| |
Finally something more reasonable for call sites.
|
| |
|
| |
|
|
|
|
|
| |
capsicum is too impractical and removing it will allow much more
straightforward code.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TCP keepalives were originally enabled to solve the problem of
client connections staying idle for long periods of time, due to
pounce not relaying PINGs from the server. Long-idle TCP connections
are likely to be dropped by NAT routers, causing timeouts.
Unfortunately, the TCP_KEEPIDLE socket option is not available on
OpenBSD, so this was useless for pounce running there. The default
timeout before sending keepalives is 2 hours, which is far longer
than the timeout used by NAT routers, which seems to be 30 minutes.
Now that pounce sends its own PINGs to idle clients approximately
every 15 minutes, these TCP keepalive settings are unnecessary.
|
| |
|
| |
|
|
|
|
|
|
| |
I think this emulates SO_REUSEADDR, which for some reason doesn't work
on PF_UNIX. If the socket exists, check if connect(2) works, rather than
clobbering the socket being used by a still-running instance.
|
| |
|
| |
|
|
|
|
| |
LibreSSL is "a modified version of that library".
|
| |
|
| |
|
|
|
|
| |
https://www.gnu.org/licenses/gpl-faq.en.html#GPLIncompatibleLibs
|
|
|
|
| |
We need to ignore SIGPIPE anyway for other platforms.
|
|
|
|
|
|
| |
Since we swallow IRC PINGs, a client connection can go hours idle on a
quiet network. On my home internet, at least, these connections seem to
get silently dropped.
|
| |
|
|
|
|
|
|
|
|
|
| |
This is a little bit messy. Allows setting either -A or -W or both.
Implements SASL EXTERNAL for clients that expect that when connecting
with a client certificate.
Need to test that reloading still works inside capsicum, since I suspect
that rewind call may be blocked.
|
|
|
|
| |
These are really just regular arrays masquerading as VLAs.
|
|
|
|
|
|
|
|
|
|
|
|
| |
My understanding is that sun_path need not be nul-terminated, but I
didn't notice that SUN_LEN actually requires it.
> The length of UNIX-domain address, required by bind(2) and connect(2),
> can be calculated by the macro SUN_LEN() defined in <sys/un.h>. The
> sun_path field must be terminated by a NUL character to be used with
> SUN_LEN(), but the terminating NUL is not part of the address.
Thanks to Duncan Overbruck <mail@duncano.de> for the report.
|
|
|