Omar Polo
9adeb26579
re-establish fastcgi test
2023-06-09 10:46:50 +00:00
Omar Polo
5d22294a59
move fastcgi from global var to the config struct
...
while here also make them a list rather than a fixed-size array.
2023-06-09 10:42:36 +00:00
Omar Polo
1962764c62
fix sandbox_server_process
...
it does the unveil(2)ing based on the first config, which breaks
config-reloading.
2023-06-09 10:40:08 +00:00
Omar Polo
cd1ede6dd3
rework fcgi-test so that it binds a local socket
...
still not re-enabled.
2023-06-09 10:39:05 +00:00
Omar Polo
deadd9e131
readd proxy certs and `require client ca' support
...
Was temporarly disabled during the transition to real privsep.
While here, fix a memory leak when using `require client ca'.
Also, avoid leaking info about the parent address space layout to
server processes by not sending pointer values.
2023-06-09 09:28:26 +00:00
Omar Polo
c144b1b6f8
configure: look for WAIT_ANY
2023-06-08 19:46:06 +00:00
Omar Polo
309dab3a90
fix typo
2023-06-08 19:41:38 +00:00
Omar Polo
fc440833ad
provide sandbox_main_process on !OpenBSD
2023-06-08 19:41:25 +00:00
Omar Polo
9b89eaeb55
fix build of proc.c on !OpenBSD
2023-06-08 19:41:00 +00:00
Omar Polo
9b2587bb33
safety measure, explicitly memset config in config_init
2023-06-08 19:35:05 +00:00
Omar Polo
1c6967b33a
keep cert/key/ocsp path as strings and don't send them via imsg
2023-06-08 19:34:49 +00:00
Omar Polo
49bd46a150
fix ge build
2023-06-08 19:30:26 +00:00
Omar Polo
8eeb992206
less logger.h
2023-06-08 19:30:10 +00:00
Omar Polo
f5c8360ade
fix previous
2023-06-08 19:24:37 +00:00
Omar Polo
ca84625a7f
remove foreground / verbose from config
...
set them as global vars; rename foreground -> debug
2023-06-08 17:29:08 +00:00
Omar Polo
85a575a444
remove forgotten include of logger.h
2023-06-08 17:28:33 +00:00
Omar Polo
cbb7f9fc28
move logger() prototype to gmid.h and delete logger.h
2023-06-08 17:03:13 +00:00
Omar Polo
797c4609a9
make ge work again
2023-06-08 16:22:03 +00:00
Omar Polo
3886afceec
make server_init and server_configure_done 'public'
...
server_configure_done is the code we ran in IMSG_RECONF_END splitted
in a separate functions.
This is all needed for ge.c which doesn't do privsep but needs to
bootstrap the server process.
2023-06-08 16:21:31 +00:00
Omar Polo
47b0ff105a
move log_request to gmid.c
...
so that ge can provide its own log_request without requiring a
separate logger process.
2023-06-08 16:16:14 +00:00
Omar Polo
4f4937f06a
move make_socket to config.c and make it private
2023-06-08 16:07:01 +00:00
Omar Polo
fc9cc497e0
move some new_* functions from parse.y to utils.c
2023-06-08 15:59:53 +00:00
Omar Polo
e69e1151f6
drop now unused dispatch_imsg
2023-06-08 15:57:11 +00:00
Omar Polo
2b4ef796d7
remove debug code
2023-06-08 15:47:03 +00:00
Omar Polo
61febd28af
remove now unused ibuf variable
2023-06-08 15:44:34 +00:00
Omar Polo
846842e138
sync DISTFILES
2023-06-08 15:41:47 +00:00
Omar Polo
68e38f49b2
use -MMD if the compiler supports it
...
it's better than the previous Makefile.depend approach since this
automatically adapts to the included headers without requiring
manual intervention to regen the list.
2023-06-08 14:43:29 +00:00
Omar Polo
3483609593
remove Makefile.depend
2023-06-08 14:37:29 +00:00
Omar Polo
c727f8dd75
reformat
2023-06-08 14:36:29 +00:00
Omar Polo
c26f2460e4
rework the daemon to do fork+exec
...
It uses the 'common' proc.c from various OpenBSD-daemons.
gmid grew organically bit by bit and it was also the first place where I
tried to implement privsep. It wasn't done very well, in fact the
parent process (that retains root privileges) just fork()s a generation
of servers, all sharing *exactly* the same address space. No good!
Now, we fork() and re-exec() ourselves, so that each process has a fresh
address space.
Some features (require client ca for example) are temporarly disabled,
will be fixed in subsequent commits. The "ge" program is also
temporarly disabled as it needs tweaks to do privsep too.
2023-06-08 13:59:31 +00:00
Omar Polo
99f1fbb0c7
regress: use -P with an absolute path
2023-06-08 13:56:09 +00:00
Omar Polo
f1f13cb7dc
absolutify the path to the pid file
2023-06-08 13:56:09 +00:00
Omar Polo
9b1750057c
add missing include of gmid.h
2023-06-06 11:57:33 +00:00
Omar Polo
2dd5994ae1
use fatal() in code used in the daemon
2023-06-06 11:52:43 +00:00
Omar Polo
bc525c73db
fix asprintf failure check
2023-06-06 11:48:02 +00:00
Omar Polo
eae52ad493
switch to the more usual log.c
2023-06-06 11:46:40 +00:00
Omar Polo
58fae4ea90
use memchr instead of rolling a custom one
2023-06-06 10:46:44 +00:00
Omar Polo
281a8852b3
rename log.[ch] to logger.[ch]
2023-06-06 08:50:54 +00:00
Omar Polo
3dd89fbb44
predeclare struct client
2023-06-06 08:34:54 +00:00
Omar Polo
3a8c76eab2
rename PROC_MAX to PREFORK_MAX
2023-06-06 08:34:31 +00:00
Omar Polo
4267093e37
nitpick: fix snprintf check
2023-06-06 08:22:18 +00:00
Omar Polo
f057c92622
adjust comments
2023-06-06 08:20:09 +00:00
Omar Polo
c68baad22a
move config-related code to config.c
...
reuse it in ge too.
2023-06-06 08:18:57 +00:00
Omar Polo
0046c1fe9c
call setlocale()
2023-06-06 08:11:30 +00:00
Omar Polo
bb595bff79
remove unused define
2023-06-05 21:11:40 +00:00
Omar Polo
070b32952c
move and dedup the tls initalization in server.c
2023-06-05 21:10:18 +00:00
Omar Polo
114e9a4206
fix off-by-one in recent fatal change
2023-06-05 20:45:28 +00:00
Omar Polo
0ac785a6fa
revert aae8f6bf2b
...
it's just not worth it to inflict this breaking change to the users.
2023-06-05 20:35:12 +00:00
Omar Polo
e1e04caa4f
+log.h
2023-06-05 20:27:27 +00:00
Omar Polo
df5058c919
provide a more usual fatal
...
fatal usually appends the error string. Add 'fatalx' that doesn't.
Fix callers and move the prototypes to log.h
2023-06-05 17:07:52 +00:00