Omar Polo
1959cda3d8
more avoiding of void pointer arithmetics
...
This time with a temporary variable to avoid not to trigger
-Wpointer-sign, sigh.
2023-06-13 17:36:42 +00:00
Omar Polo
b90faa1605
simplify check
...
brought to my attention by gcc who isn't smart enough to figure out
that `ret' is always set.
2023-06-13 17:10:13 +00:00
Omar Polo
cf5cf697a8
enable -Werror on CI
...
-Wno-deprecated-declarations is needed because of OpenSSL 3 (and macos
stupidly deprecating daemon(3) in favour of that trash of posix_spawn.)
2023-06-13 16:41:39 +00:00
Omar Polo
7604fc903a
drop questionable #warning
2023-06-13 16:39:32 +00:00
Omar Polo
1610f9541d
rework the configure script
...
now it resembles less oconfigure and more the configure scripts I'm
using in my recent projects. I'd argue it's more easy to use it.
2023-06-13 16:36:10 +00:00
Omar Polo
10cc819309
avoid arithmetic on void pointers (GNU extension)
...
not really sold on this one, I don't see what other interpretation could
be given, but it's not standard so...
2023-06-13 16:36:06 +00:00
Omar Polo
d6d9f9b2a9
add mac_task with disabled runtime tests for the time being
...
the runtime tests fails on the ci (gg: Connection refused); will be
revisited after we get a real `listen on' directive.
2023-06-13 11:02:51 +00:00
Omar Polo
8af9da9843
fix the build with some yacc implementations
2023-06-13 11:00:07 +00:00
Omar Polo
611dffe816
remove regress/sha
...
we can use cmp to tell if two files are different, which also has
the benefit of being available everywhere and reporting the byte
offset of the first difference. Reduces the test dependencies on
some systems.
2023-06-13 10:59:50 +00:00
Omar Polo
1b9031f1fc
work around missing SOCK_NONBLOCK/CLOEXEC on macos
2023-06-13 10:59:46 +00:00
Omar Polo
94893746ae
use the default prefork in tests
2023-06-12 21:28:28 +00:00
Omar Polo
2cef5cf42a
load_ca: get a buffer instead of a fd
...
We dup(1) the ca fd and send it to various processes, so they fail
loading it. Instead, use load_file to get a buffer with the file
content and pass that to load_ca which then loads via BIO.
2023-06-12 21:27:24 +00:00
Omar Polo
89cfcb4569
simplify config_send_kp: use config_send_file
2023-06-12 21:09:49 +00:00
Omar Polo
5d160453f2
remove proc_ispeer()
...
unused, and was dropped by other copies of proc.c; reduces the diff
with httpd' proc.c.
2023-06-11 12:45:42 +00:00
Omar Polo
ba290ef3af
disable the privsep crypto engine on !OpenBSD
...
it fails bandly at runtime on various linux distros and on freebsd.
Until a fix is found, disable it so I can move forward.
2023-06-11 12:18:27 +00:00
Omar Polo
237095fd9a
remove has_siginfo
...
and wrap siginfo behind #ifdef SIGINFO. avoids some warnings in !BSD.
2023-06-11 11:36:31 +00:00
Omar Polo
1ef09e6313
add -Wpointer-sign to the mix
...
It's not present in -W -Wall -Wextra on OpenBSD but it is enabled
on other systems.
2023-06-11 11:33:38 +00:00
Omar Polo
b8d68fc8e4
fixes for -Wpointer-sign
2023-06-11 11:31:22 +00:00
Omar Polo
d1739e3f03
cast uint64_t to unsigned long long
2023-06-11 11:31:06 +00:00
Omar Polo
ec96a0ad3b
work around different signature for ecdsae_compute_key
2023-06-11 11:30:20 +00:00
Omar Polo
86693a33ab
add a privsep crypto engine
...
Incorporate the OpenSMTPD' privsep crypto engine. The idea behind
it is to never load the certificate' private keys in a networked
process, instead they are loaded in a separate process (the `crypto'
one) which signs payloads on the behalf of the server processes.
This way, we greatly reduce the risk of leaking the certificate'
private key should the server process be compromised.
This currently compiles only on LibreSSL (portable fix is in the
way).
2023-06-11 11:03:59 +00:00
Omar Polo
f81a97b356
drop useless debug statement
2023-06-11 09:49:01 +00:00
Omar Polo
725457a9e4
move setproctitle/privsep_process earlier
...
We don't always do privilege dropping (as we may start as unprivileged
user), so set these two beforehand so when we skip privdrop we don't
miss to set privsep_process and set the process' title.
2023-06-11 09:26:16 +00:00
Omar Polo
4ad573d0d5
rework load_file to use pread()
...
avoids issues since the same file is sent to multiple processes
after being dup()'ed. Since these files are meant to be regular
files, I don't expect short reads.
2023-06-11 09:21:34 +00:00
Omar Polo
1a99859b35
adjust how locations are received
2023-06-11 09:19:42 +00:00
Omar Polo
15e60fdf0c
simplify ocsp sending using config_send_file
...
while here add an explicit flush to avoid a fd rampage.
2023-06-11 09:18:30 +00:00
Omar Polo
2e880a57f8
change config_send_file to take the process id as argument
...
i.e. not hardcode PROC_SERVER
2023-06-10 11:03:29 +00:00
Omar Polo
892f3a5cf8
gencert: use secp384r1
...
prime256v1 should be perfectly fine for all I understand, but
OpenBSD' acme-client uses secp384r1 and who am I to disagree :)
2023-06-09 20:43:12 +00:00
Omar Polo
7fff8aa6cb
parse the config file only once
...
Don't have all the processes read gmid.conf. The parent needs to do
that, and the will send the config to the children (already
happening.) The other processes were reading the config anyway to
figure out the user and the chroot (if enabled); make the parent pass
additional flag to propagate that info.
We dissociate a bit from the "usual" proc.c but it's a change worth
having.
2023-06-09 17:50:28 +00:00
Omar Polo
5af19830c3
move print_conf and make it take the config as argument
2023-06-09 17:29:52 +00:00
Omar Polo
792f302ace
use fatal/fatalx instead of err/errx in daemon code
2023-06-09 17:27:41 +00:00
Omar Polo
68368f4c29
parse_conf: don't die on error, return -1
...
this avoids having the daemon dieing on SIGHUP with a bad config
file.
2023-06-09 17:24:37 +00:00
Omar Polo
af1dab1870
don't have the config being a global
2023-06-09 17:18:04 +00:00
Omar Polo
e45334e6ae
move hosts into the config struct
2023-06-09 16:54:04 +00:00
Omar Polo
d273c0648d
ignore and clean fcgi.sock
2023-06-09 10:51:24 +00:00
Omar Polo
fe7cdaa479
fcgi-test: be less verbose
2023-06-09 10:47:20 +00:00
Omar Polo
9adeb26579
re-establish fastcgi test
2023-06-09 10:46:50 +00:00
Omar Polo
5d22294a59
move fastcgi from global var to the config struct
...
while here also make them a list rather than a fixed-size array.
2023-06-09 10:42:36 +00:00
Omar Polo
1962764c62
fix sandbox_server_process
...
it does the unveil(2)ing based on the first config, which breaks
config-reloading.
2023-06-09 10:40:08 +00:00
Omar Polo
cd1ede6dd3
rework fcgi-test so that it binds a local socket
...
still not re-enabled.
2023-06-09 10:39:05 +00:00
Omar Polo
deadd9e131
readd proxy certs and `require client ca' support
...
Was temporarly disabled during the transition to real privsep.
While here, fix a memory leak when using `require client ca'.
Also, avoid leaking info about the parent address space layout to
server processes by not sending pointer values.
2023-06-09 09:28:26 +00:00
Omar Polo
c144b1b6f8
configure: look for WAIT_ANY
2023-06-08 19:46:06 +00:00
Omar Polo
309dab3a90
fix typo
2023-06-08 19:41:38 +00:00
Omar Polo
fc440833ad
provide sandbox_main_process on !OpenBSD
2023-06-08 19:41:25 +00:00
Omar Polo
9b89eaeb55
fix build of proc.c on !OpenBSD
2023-06-08 19:41:00 +00:00
Omar Polo
9b2587bb33
safety measure, explicitly memset config in config_init
2023-06-08 19:35:05 +00:00
Omar Polo
1c6967b33a
keep cert/key/ocsp path as strings and don't send them via imsg
2023-06-08 19:34:49 +00:00
Omar Polo
49bd46a150
fix ge build
2023-06-08 19:30:26 +00:00
Omar Polo
8eeb992206
less logger.h
2023-06-08 19:30:10 +00:00
Omar Polo
f5c8360ade
fix previous
2023-06-08 19:24:37 +00:00