we need to delete the events associated with the backends, otherwise
the server process won't ever quit.
Here, we add a pending counter to every backend and shut down
immediately if they aren't handling any client; otherwise we try to
close them as soon as possible (i.e. when they close the connection to
the last connected client.)
our stderr could have been sent to the logger process, so it may be
invalid. Furthermore, in the future we may want to capture also the
stderr of the processes.
Calling `configure' with --disable-sandbox will disable the sandbox
support *completely* at compile time. gmid will still complain at
compile time and during the startup.
Users shouldn't disable the sandbox if possible, but instead report
problem upstream so they get fixed (hopefully.)
#4 related
* SECCOMP_AUDIT_ARCH extended to support more architectures
* relax fcntl policy: allow the syscall regardless of the flags
* wrap every syscall in a ifdef, and add some (statx, fcntl64, ...)
used in x86
Some bits were taken from dhcpcd[0], thanks!
#4 related
[0]: https://roy.marples.name/git/dhcpcd/blob/HEAD:/src/privsep-linux.c
Now that we have this auto concat string thingy, macros can simply
expand to standalone strings in place, as single words.
Forgot to point it out in previous commits, but now we can
cert = "/etc/keys"
server "foo" {
cert $cert "/foo.crt"
...
}
Macros can be defined at the top of the configuration file:
dir = "/var/gemini"
cert = "/etc/keys"
and re-used later, for example
server "foo" {
root "$dir/foo" # -> /var/gemini/foo
cert "$cert/foo.pem" # -> /etc/keys/foo.pem
}
GMID_VERSION follows the CGI/FastCGI style, i.e. project_name/version.
Define GMID_STRING with a more "human" variant "project_name version",
and reuse that in the --help and --version codepath.
quoting strncpy(3)
strncpy() only NUL terminates the destination string when the
length of the source string is less than the length parameter.
strlcpy is more intuitive.
this is another warning gcc 8 found that clang didn't.
The actual implementation is based off doas' parse.y. This gave us
various benefits, like cleaner code, \ to break long lines, better
handling of quotes etc...
nobody really cares if must_read fails, as it normally shouldn't. It
only clutters the regression tests with scary messages that looks like
failure but are, in fact, expected.
the logger process now can receive a file descriptor to write logs
to. At the moment the logic is simple, if it receives a file it logs
there, otherwise it logs to syslog. This will allow to log on custom
log files.
Yep, fd should be the file descriptor, but for lazyness when manually
calling the function sometimes we supply 0 as fd and event. Instead of
fixing the usage, do as other of such functions do in this
circumstances: use c->fd.
it's not technically required, since a couple of lines below we free
whole host struct, and we don't have code that may use
h->{env,aliases} afterwards, but it's nice not to have invalid
pointers around. it may bite in the future.