summaryrefslogtreecommitdiff
path: root/bounce.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Fix uninit read when checking if bindPath is a directoryJune McEnroe2022-05-191-2/+3
|
* Allow quitting pounce from clientsJune McEnroe2022-04-031-1/+2
|
* Rename client->error to client->removeJune McEnroe2022-03-291-1/+1
|
* Set clientOrigin from bindHost, add dot if necessaryJune McEnroe2022-03-291-0/+7
| | | | | Since effectively the difference between a nick origin and a server origin is the presence of a dot.
* Replace ORIGIN #define with clientOrigin variableJune McEnroe2022-03-291-2/+2
|
* OpenBSD: Simplify unveil(2) callsC. McEnroe2021-10-071-34/+11
|
* Refactor XDG base directory iterator APIC. McEnroe2021-10-051-4/+4
| | | | Finally something more reasonable for call sites.
* Load and reload local certificates like normalC. McEnroe2021-10-051-49/+3
|
* Delete local-path socket like normalC. McEnroe2021-10-051-0/+1
|
* FreeBSD: Remove capsicum supportC. McEnroe2021-10-051-37/+0
| | | | | capsicum is too impractical and removing it will allow much more straightforward code.
* Remove certbot default pathsC. McEnroe2021-10-051-8/+2
|
* Send PING to idle clients after 15 minutesC. McEnroe2021-10-031-6/+16
| | | | | | | | | | | This is to keep TCP connections to clients from being idle for more than 15 minutes, since regular PINGs from the server are answered by pounce and not relayed to clients. Note that there is still no timeout on poll(2) unless there are need clients. We assume that we are receiving (and swallowing) regular PINGs from the server at an interval shorter than 15 minutes, so a poll(2) timeout would be pointless.
* Log IRC to standard output with -vC. McEnroe2021-10-021-1/+1
| | | | | So that it can actually be logged to a file separate from any errors or status messages. Also make sure only LF is used when logging.
* Use EX_USAGE for all local configuration errorsC. McEnroe2021-09-051-2/+2
|
* OpenBSD: Drop inet pledge when using unix socketC. McEnroe2021-09-031-1/+1
| | | | | calico is passing us sockets it already accepted, so we don't need inet anymore.
* OpenBSD: Drop no longer needed unveils and pledge promisesC. McEnroe2021-09-031-20/+10
|
* Reorder file loading in mainC. McEnroe2021-09-031-11/+10
|
* Be nice and call tls_close(3) on the serverC. McEnroe2021-09-021-0/+2
|
* Separate client QUIT and ERROR messagesC. McEnroe2021-09-021-4/+2
| | | | So each can be logged properly with its prefix.
* Remove redundant clientDiff functionC. McEnroe2021-09-021-2/+3
|
* OpenBSD: pledge(2) the genCert code pathC. McEnroe2021-09-021-1/+7
|
* OpenBSD: pledge(2) the hashPass code pathC. McEnroe2021-09-021-1/+3
|
* OpenBSD: pledge(2) printCert code path separatelyC. McEnroe2021-09-021-7/+11
| | | | Ported from catgirl.
* Call serverConfig() with NULLs for -oC. McEnroe2021-09-021-2/+2
| | | | | Always use insecure, and trust, clientCert, clientPriv are irrelevant for printing the remote certificate.
* Read from /dev/urandom instead of using getentropy(3)C. McEnroe2021-09-021-9/+5
| | | | | | | | | getentropy(3) is kind of an awkward function. May as well be generic as possible and read some random bytes from /dev/urandom, since for -x we don't really need to worry about being in some execution environment where that's unavailable. I'm also happy to remove that special-case include for macOS since its crypt(3) isn't even usable anyway.
* Add -m mode option to set user modesC. McEnroe2021-06-181-0/+4
|
* Don't use :trailing parameter for JOINC. McEnroe2021-04-091-1/+1
| | | | | It seems some IRCds don't even parse this correctly. It also should never have been done this way since it breaks sending channel keys.
* Drop pledge capabilities after binding and connectingC. McEnroe2021-02-011-1/+11
|
* Add -o and -t options to trust self-signed certificatesC. McEnroe2021-01-111-1/+15
|
* Clean up main loop loopsC. McEnroe2020-11-211-51/+39
|
* Add lazy client registration timeoutC. McEnroe2020-11-201-4/+16
| | | | | | I don't think this is worth adding a configuration option for since real clients will definitely accomplish registration faster than 10s and it's long enough to even type out manually for testing.
* Set client sockets non-blockingC. McEnroe2020-11-161-3/+3
| | | | | | | | | | | | | | | | | | | | | Except for during writes. This prevents pounce getting blocked on a client sending only a partial TLS record, for example. Writes still need to block because pounce doesn't have a way to resume them. (And it would do so by having a buffer, but sockets already have a send buffer, so what would be the point of that?) I don't think it should be a problem since outside of stateSync, writes only happen when poll returns POLLOUT. I feel like ideally SO_SNDLOWAT would be set to guarantee a full IRC message can always be written on POLLOUT, but since it's actually TLS records being sent, it's not obvious what the size would be. I'm also making an assumption here that tls_read returning TLS_WANT_POLLOUT is unlikely to happen, since I don't actually set pollfd.events based on that. I'm not sure how wanting to resume a tls_read after a POLLOUT could be cleanly handled. I'm just going to hope that if it does happen, the regular poll loop will eventually sort it out...
* Swap localAccept parameter orderC. McEnroe2020-11-141-3/+3
|
* Only send shutdown QUIT and ERROR to registered clientsC. McEnroe2020-11-141-3/+6
|
* Make struct Client publicC. McEnroe2020-11-141-1/+1
|
* Wait for POLLIN to do client tls_handshakeC. McEnroe2020-11-131-9/+1
| | | | | | | | | | | Otherwise a client could cause pounce to hang (since the sockets are left blocking) by opening a connection without handshaking! Oops, that's pretty bad. Since the sockets are still blocking, a hang can still be caused by a client sending a partial handshake then waiting. More fixes to follow. pounce is slightly protected from this when used with calico, as it applies a timeout to waiting for the ClientHello.
* Report paths in unveil errorsC. McEnroe2020-11-101-2/+2
|
* Handle signals before the main loopC. McEnroe2020-10-111-0/+9
| | | | This is a long-standing issue I ignored.
* Fix possibliy uninitialized errorC. McEnroe2020-09-091-0/+1
| | | | It won't be, but gcc thinks it might.
* Rearrange bounce.c, move non-main mains below mainC. McEnroe2020-08-301-108/+114
|
* Sandbox pounce with unveil(2)C. McEnroe2020-08-301-0/+46
|
* Refactor certificate loading and load all certs from config pathsC. McEnroe2020-08-281-84/+61
|
* Sandbox pounce with pledge(2)C. McEnroe2020-08-271-3/+10
| | | | | unveil(2) is a bit complicated to apply to this, I'll have to think about it more.
* Add support for OpenBSDC. McEnroe2020-08-271-0/+10
|
* Remove deprecated option namesC. McEnroe2020-08-251-10/+0
| | | | The next release will be 2.0 so these can be removed now.
* Use dataOpen for save fileC. McEnroe2020-08-241-2/+2
|
* Use configOpen to load localCAC. McEnroe2020-08-241-2/+2
|
* Replace “RAND_bytes” by “getentropy”Issam E. Maghni2020-08-231-3/+7
| | | | | | This removes the dependency on libcrypto. Signed-off-by: Issam E. Maghni <issam.e.maghni@mailbox.org>
* Implement stub of palaverapp.com capabilityC. McEnroe2020-08-111-0/+2
| | | | | | This needs to be documented! But the documentation won't make any sense until there's something that can implement the actual functionality of the capability.
* Refactor clientCA and clientSTS as clientCapsC. McEnroe2020-08-101-2/+2
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-05 15:21:50 +0000