rdelaage/gmid
1
0
Fork 0
mirror of https://github.com/omar-polo/gmid.git synced 2024-10-01 06:51:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,086 Commits 2 Branches 33 Tags 7.1 MiB
5134078414
Commit Graph

1086 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Omar Polo
9adeb26579 re-establish fastcgi test 2023-06-09 10:46:50 +00:00
Omar Polo
5d22294a59 move fastcgi from global var to the config struct 
while here also make them a list rather than a fixed-size array.
 2023-06-09 10:42:36 +00:00
Omar Polo
1962764c62 fix sandbox_server_process 
it does the unveil(2)ing based on the first config, which breaks
config-reloading.
 2023-06-09 10:40:08 +00:00
Omar Polo
cd1ede6dd3 rework fcgi-test so that it binds a local socket 
still not re-enabled.
 2023-06-09 10:39:05 +00:00
Omar Polo
deadd9e131 readd proxy certs and `require client ca' support 
Was temporarly disabled during the transition to real privsep.
While here, fix a memory leak when using `require client ca'.

Also, avoid leaking info about the parent address space layout to
server processes by not sending pointer values.
 2023-06-09 09:28:26 +00:00
Omar Polo
c144b1b6f8 configure: look for WAIT_ANY 2023-06-08 19:46:06 +00:00
Omar Polo
309dab3a90 fix typo 2023-06-08 19:41:38 +00:00
Omar Polo
fc440833ad provide sandbox_main_process on !OpenBSD 2023-06-08 19:41:25 +00:00
Omar Polo
9b89eaeb55 fix build of proc.c on !OpenBSD 2023-06-08 19:41:00 +00:00
Omar Polo
9b2587bb33 safety measure, explicitly memset config in config_init 2023-06-08 19:35:05 +00:00
Omar Polo
1c6967b33a keep cert/key/ocsp path as strings and don't send them via imsg 2023-06-08 19:34:49 +00:00
Omar Polo
49bd46a150 fix ge build 2023-06-08 19:30:26 +00:00
Omar Polo
8eeb992206 less logger.h 2023-06-08 19:30:10 +00:00
Omar Polo
f5c8360ade fix previous 2023-06-08 19:24:37 +00:00
Omar Polo
ca84625a7f remove foreground / verbose from config 
set them as global vars; rename foreground -> debug
 2023-06-08 17:29:08 +00:00
Omar Polo
85a575a444 remove forgotten include of logger.h 2023-06-08 17:28:33 +00:00
Omar Polo
cbb7f9fc28 move logger() prototype to gmid.h and delete logger.h 2023-06-08 17:03:13 +00:00
Omar Polo
797c4609a9 make ge work again 2023-06-08 16:22:03 +00:00
Omar Polo
3886afceec make server_init and server_configure_done 'public' 
server_configure_done is the code we ran in IMSG_RECONF_END splitted
in a separate functions.

This is all needed for ge.c which doesn't do privsep but needs to
bootstrap the server process.
 2023-06-08 16:21:31 +00:00
Omar Polo
47b0ff105a move log_request to gmid.c 
so that ge can provide its own log_request without requiring a
separate logger process.
 2023-06-08 16:16:14 +00:00
Omar Polo
4f4937f06a move make_socket to config.c and make it private 2023-06-08 16:07:01 +00:00
Omar Polo
fc9cc497e0 move some new_* functions from parse.y to utils.c 2023-06-08 15:59:53 +00:00
Omar Polo
e69e1151f6 drop now unused dispatch_imsg 2023-06-08 15:57:11 +00:00
Omar Polo
2b4ef796d7 remove debug code 2023-06-08 15:47:03 +00:00
Omar Polo
61febd28af remove now unused ibuf variable 2023-06-08 15:44:34 +00:00
Omar Polo
846842e138 sync DISTFILES 2023-06-08 15:41:47 +00:00
Omar Polo
68e38f49b2 use -MMD if the compiler supports it 
it's better than the previous Makefile.depend approach since this
automatically adapts to the included headers without requiring
manual intervention to regen the list.
 2023-06-08 14:43:29 +00:00
Omar Polo
3483609593 remove Makefile.depend 2023-06-08 14:37:29 +00:00
Omar Polo
c727f8dd75 reformat 2023-06-08 14:36:29 +00:00
Omar Polo
c26f2460e4 rework the daemon to do fork+exec 
It uses the 'common' proc.c from various OpenBSD-daemons.

gmid grew organically bit by bit and it was also the first place where I
tried to implement privsep.  It wasn't done very well, in fact the
parent process (that retains root privileges) just fork()s a generation
of servers, all sharing *exactly* the same address space.  No good!

Now, we fork() and re-exec() ourselves, so that each process has a fresh
address space.

Some features (require client ca for example) are temporarly disabled,
will be fixed in subsequent commits.  The "ge" program is also
temporarly disabled as it needs tweaks to do privsep too.
 2023-06-08 13:59:31 +00:00
Omar Polo
99f1fbb0c7 regress: use -P with an absolute path 2023-06-08 13:56:09 +00:00
Omar Polo
f1f13cb7dc absolutify the path to the pid file 2023-06-08 13:56:09 +00:00
Omar Polo
9b1750057c add missing include of gmid.h 2023-06-06 11:57:33 +00:00
Omar Polo
2dd5994ae1 use fatal() in code used in the daemon 2023-06-06 11:52:43 +00:00
Omar Polo
bc525c73db fix asprintf failure check 2023-06-06 11:48:02 +00:00
Omar Polo
eae52ad493 switch to the more usual log.c 2023-06-06 11:46:40 +00:00
Omar Polo
58fae4ea90 use memchr instead of rolling a custom one 2023-06-06 10:46:44 +00:00
Omar Polo
281a8852b3 rename log.[ch] to logger.[ch] 2023-06-06 08:50:54 +00:00
Omar Polo
3dd89fbb44 predeclare struct client 2023-06-06 08:34:54 +00:00
Omar Polo
3a8c76eab2 rename PROC_MAX to PREFORK_MAX 2023-06-06 08:34:31 +00:00
Omar Polo
4267093e37 nitpick: fix snprintf check 2023-06-06 08:22:18 +00:00
Omar Polo
f057c92622 adjust comments 2023-06-06 08:20:09 +00:00
Omar Polo
c68baad22a move config-related code to config.c 
reuse it in ge too.
 2023-06-06 08:18:57 +00:00
Omar Polo
0046c1fe9c call setlocale() 2023-06-06 08:11:30 +00:00
Omar Polo
bb595bff79 remove unused define 2023-06-05 21:11:40 +00:00
Omar Polo
070b32952c move and dedup the tls initalization in server.c 2023-06-05 21:10:18 +00:00
Omar Polo
114e9a4206 fix off-by-one in recent fatal change 2023-06-05 20:45:28 +00:00
Omar Polo
0ac785a6fa revert aae8f6bf2b 
it's just not worth it to inflict this breaking change to the users.
 2023-06-05 20:35:12 +00:00
Omar Polo
e1e04caa4f +log.h 2023-06-05 20:27:27 +00:00
Omar Polo
df5058c919 provide a more usual fatal 
fatal usually appends the error string.  Add 'fatalx' that doesn't.
Fix callers and move the prototypes to log.h
 2023-06-05 17:07:52 +00:00