![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / hoststated
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.75, Fri Dec 7 17:27:07 2007 UTC (16 years, 5 months ago) by deraadt
Branch: MAIN
CVS Tags: HEAD
Changes since 1.74: +1 -1 lines
FILE REMOVED
hoststated/hoststatectl get repository copied (and de-tagged) into relayd/relayctl. This is a more suitable place for a daemon that has grown out of it's initial roots of "monitoring and redirecting services at various layers", into one that is "a full featured proxy, which happens to know what is up/down"
Revision 1.74 / (download) - annotate - [select for diffs], Wed Nov 28 16:25:12 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.73: +15 -1 lines
Diff to previous 1.73 (colored)
bump the current file descriptor resource limit (openfiles-cur) to the maximum number of file descriptors for this login class (openfiles-max) of the relay child processes. this will allow 1024 instead of just 128 open file descriptors in the default configuration (class daemon), use the openfiles-max capability and the sysctl kern.maxfiles to adjust the value. ok gilles@ pyr@
Revision 1.73 / (download) - annotate - [select for diffs], Wed Nov 28 14:41:36 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.72: +3 -3 lines
Diff to previous 1.72 (colored)
typos
Revision 1.72 / (download) - annotate - [select for diffs], Mon Nov 26 09:38:25 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.71: +33 -24 lines
Diff to previous 1.71 (colored)
allow to add labels to protocol actions, they will be printed in http error pages and can be used to refer to additional information. ok pyr@
Revision 1.71 / (download) - annotate - [select for diffs], Sat Nov 24 17:43:47 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.70: +3 -1 lines
Diff to previous 1.70 (colored)
tweak for hostnames without dots (like "localhost")
Revision 1.70 / (download) - annotate - [select for diffs], Sat Nov 24 17:07:28 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.69: +3 -5 lines
Diff to previous 1.69 (colored)
sort includes, adjust to style(9)
Revision 1.69 / (download) - annotate - [select for diffs], Sat Nov 24 16:13:50 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.68: +96 -15 lines
Diff to previous 1.68 (colored)
extend the url lookup algorithm to match the full URL and different possible suffix/prefix combinations by stripping subdomains, path components, and the query args. ok and tested by gilles@
Revision 1.68 / (download) - annotate - [select for diffs], Sat Nov 24 13:39:24 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.67: +2 -2 lines
Diff to previous 1.67 (colored)
fix goto to jump to the right place
Revision 1.67 / (download) - annotate - [select for diffs], Fri Nov 23 09:39:42 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.66: +44 -23 lines
Diff to previous 1.66 (colored)
re-implement the "mark" action and document it in the manpage: it is possible to attach a mark to a session based on matching an entity (header, url, cookie, ...) and add conditional action for this mark. it works a bit like the tag/tagged keywords in pf, but i decided to pick a different name to avoid confusion. ok pyr@ gilles@
Revision 1.66 / (download) - annotate - [select for diffs], Thu Nov 22 16:07:03 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.65: +5 -2 lines
Diff to previous 1.65 (colored)
Fix relay roundrobin mode to work correctly when multiple hosts in a table are down. Thanks to Preston Norvell at serialssolutions dot com for reporting the problem.
Revision 1.65 / (download) - annotate - [select for diffs], Thu Nov 22 10:09:53 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.64: +82 -3 lines
Diff to previous 1.64 (colored)
add (new) "url" protocol action, this can be used to match/filter URL suffix/prefix expressions like "example.com/index.html?args". a digest mode allows to match against anonymized SHA1/MD5 digests of suffix/prefix expressions.
Revision 1.64 / (download) - annotate - [select for diffs], Wed Nov 21 20:41:40 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.63: +120 -93 lines
Diff to previous 1.63 (colored)
move HTTP cookie and query lookup code from the into separate functions (the if () else if () block was getting very big).
Revision 1.63 / (download) - annotate - [select for diffs], Wed Nov 21 20:01:45 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.62: +6 -3 lines
Diff to previous 1.62 (colored)
fix the tree comparison function. it turned out that it could fail with large trees of protocol actions.
Revision 1.62 / (download) - annotate - [select for diffs], Wed Nov 21 14:12:04 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.61: +9 -7 lines
Diff to previous 1.61 (colored)
rename the "url" filter action to "query" to use the correct term. please update your hoststated.conf configurations. also add more examples to the manpage. alright pyr@
Revision 1.61 / (download) - annotate - [select for diffs], Wed Nov 21 11:06:21 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.60: +15 -4 lines
Diff to previous 1.60 (colored)
more work on the "filter" action: close the connection instantly when receiving a filtered entity, fix some remaining issues.
Revision 1.60 / (download) - annotate - [select for diffs], Tue Nov 20 17:11:50 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.59: +12 -2 lines
Diff to previous 1.59 (colored)
limit the number of displayed lines per node in relay_protodebug().
Revision 1.59 / (download) - annotate - [select for diffs], Tue Nov 20 15:54:55 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.58: +113 -14 lines
Diff to previous 1.58 (colored)
it may be desirable to send a HTTP error page with error code and a meaningful message if a HTTP/HTTPS relay closes the connection for some reason. for example, a "403 Forbidden" if the request was rejected by a filter. this will be enabled with the "return error" option and is disabled by default, the standard behaviour is to silently drop the connection; the browser may display an empty page in this case. the look+feel of the HTTP error page can be customized with a CSS style sheet, but we do not intend to allow customization of the error page contents (hoststated is not a webserver!). ok pyr@
Revision 1.58 / (download) - annotate - [select for diffs], Tue Nov 20 15:10:46 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.57: +8 -9 lines
Diff to previous 1.57 (colored)
another fix to handle "expect" and "filter" actions in the new style correctly. ok pyr@
Revision 1.57 / (download) - annotate - [select for diffs], Tue Nov 20 09:59:09 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.56: +1 -3 lines
Diff to previous 1.56 (colored)
spacing
Revision 1.56 / (download) - annotate - [select for diffs], Tue Nov 20 09:57:49 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.55: +6 -6 lines
Diff to previous 1.55 (colored)
minor change to some relay log messages
Revision 1.55 / (download) - annotate - [select for diffs], Mon Nov 19 15:31:36 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.54: +4 -4 lines
Diff to previous 1.54 (colored)
spacing
Revision 1.54 / (download) - annotate - [select for diffs], Mon Nov 19 14:48:19 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.53: +209 -152 lines
Diff to previous 1.53 (colored)
rework the internal handling of protocol actions a little bit: - allow to use a key for multiple times by appending a queue of additional matches to the tree node. for example, this allows to specify multiple "expect" or "filter" actions to white-/black-list a list of HTTP-headers, URLs, .. - prevent specifing an HTTP header for multiple times when using the expect action. - minor code shuffling
Revision 1.53 / (download) - annotate - [select for diffs], Mon Oct 22 17:14:10 2007 UTC (16 years, 7 months ago) by reyk
Branch: MAIN
Changes since 1.52: +42 -47 lines
Diff to previous 1.52 (colored)
we don't need mmap/munmap in relay_load_certificates anymore... just use read() and make the function a little bit nicer. ok pyr@
Revision 1.52 / (download) - annotate - [select for diffs], Mon Oct 22 16:53:30 2007 UTC (16 years, 7 months ago) by pyr
Branch: MAIN
Changes since 1.51: +68 -50 lines
Diff to previous 1.51 (colored)
load certificates text at parse time. then load them in relay processes. this separation will ease reload a bit more. ok reyk@ who spotted a stupid mistake again...
Revision 1.51 / (download) - annotate - [select for diffs], Fri Oct 19 14:15:14 2007 UTC (16 years, 7 months ago) by pyr
Branch: MAIN
Changes since 1.50: +7 -7 lines
Diff to previous 1.50 (colored)
Move relays from static TAILQs to allocated ones. This syncs it with other hoststated entities and will make reload easier. This is step 1 out of 7 for reload.
Revision 1.50 / (download) - annotate - [select for diffs], Fri Oct 5 17:32:13 2007 UTC (16 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.49: +3 -3 lines
Diff to previous 1.49 (colored)
stylistic changes in the relay/relay_config structure.
Revision 1.49 / (download) - annotate - [select for diffs], Fri Oct 5 15:46:49 2007 UTC (16 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.48: +3 -2 lines
Diff to previous 1.48 (colored)
unbreak non-SSL relays by calling the ssl context init only if the SSL flag is present...
Revision 1.48 / (download) - annotate - [select for diffs], Mon Oct 1 13:57:29 2007 UTC (16 years, 8 months ago) by pyr
Branch: MAIN
Changes since 1.47: +1 -3 lines
Diff to previous 1.47 (colored)
kill some remaining debug that snuk in.
Revision 1.47 / (download) - annotate - [select for diffs], Fri Sep 28 13:05:28 2007 UTC (16 years, 8 months ago) by pyr
Branch: MAIN
Changes since 1.46: +25 -5 lines
Diff to previous 1.46 (colored)
Change the ssl_privsep code to work on char buffers. The fd based code introduced weirdness since all children were accessing the same fd at once. This will also greatly facilitate reloading, no fd-passing will be involved between the parent and relay children. While there, cleanup the code diverting from the original ssl_rsa.c code a bit more. Weird behavior discovery by pascoe@.
Revision 1.46 / (download) - annotate - [select for diffs], Thu Sep 27 13:50:40 2007 UTC (16 years, 8 months ago) by pyr
Branch: MAIN
Changes since 1.45: +39 -25 lines
Diff to previous 1.45 (colored)
Move SSL context creation after privileges are dropped. This puts the ssl_privsep code to use. One more step towards graceful L7 reload.
Revision 1.45 / (download) - annotate - [select for diffs], Thu Sep 27 13:34:22 2007 UTC (16 years, 8 months ago) by pyr
Branch: MAIN
Changes since 1.44: +2 -2 lines
Diff to previous 1.44 (colored)
Simplify ssl_privsep.c, since it won't need to remain synced with the equivalent openssl functions.
Revision 1.44 / (download) - annotate - [select for diffs], Tue Sep 25 08:24:26 2007 UTC (16 years, 8 months ago) by pyr
Branch: MAIN
Changes since 1.43: +8 -3 lines
Diff to previous 1.43 (colored)
Introduce two new functions to be able to load certificates while already chrooted and with privileges dropped. This is the very first step in being able to reload a layer 7 configuration. not ok reyk who's away but should be glad to see this in.
Revision 1.43 / (download) - annotate - [select for diffs], Mon Sep 10 11:59:22 2007 UTC (16 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.42: +93 -13 lines
Diff to previous 1.42 (colored)
add support for relaying DNS traffic (with a little bit of packet header randomization). this adds an infrastructure to support UDP-based protocols. ok gilles@, tested by some
Revision 1.42 / (download) - annotate - [select for diffs], Fri Sep 7 08:20:24 2007 UTC (16 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.41: +20 -1 lines
Diff to previous 1.41 (colored)
add an interface to dump running relay sessions to the control socket
Revision 1.41 / (download) - annotate - [select for diffs], Thu Sep 6 19:55:45 2007 UTC (16 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.40: +6 -21 lines
Diff to previous 1.40 (colored)
rename relay_host to print_host in log.c
Revision 1.40 / (download) - annotate - [select for diffs], Wed Sep 5 10:25:13 2007 UTC (16 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.39: +3 -3 lines
Diff to previous 1.39 (colored)
be extra careful with pointers in session_cmp
Revision 1.39 / (download) - annotate - [select for diffs], Wed Sep 5 08:48:42 2007 UTC (16 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.38: +21 -6 lines
Diff to previous 1.38 (colored)
store relay sessions in SPLAY trees instead of TAILQ lists. this will be used for faster lookups of sessions based on different criteria. ok pyr@
Revision 1.38 / (download) - annotate - [select for diffs], Tue Sep 4 10:58:08 2007 UTC (16 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.37: +11 -9 lines
Diff to previous 1.37 (colored)
small fix in the error path when accepting new relay sessions
Revision 1.37 / (download) - annotate - [select for diffs], Tue Sep 4 10:32:54 2007 UTC (16 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)
support chained ssl certificates; a chain can be added to the PEM-encoded server cert file (no CA support yet). makes a chained ssl certificate from Comodo work with hoststated, also tested with other certs (self-signed, Thawte Premium) thanks to ben (pr0ncracker at gmail dot com)
Revision 1.36 / (download) - annotate - [select for diffs], Thu Jul 26 23:29:40 2007 UTC (16 years, 10 months ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.35: +4 -10 lines
Diff to previous 1.35 (colored)
Combine http filter/expect cases to simplify code. ok reyk@
Revision 1.35 / (download) - annotate - [select for diffs], Tue Jun 19 06:29:20 2007 UTC (16 years, 11 months ago) by pyr
Branch: MAIN
Changes since 1.34: +13 -5 lines
Diff to previous 1.34 (colored)
Do not fatal out with ``pipe closed'' when a short read occurs on one of our socket pairs. Instead disable listening on the pipe, terminate the event loop, and let the parent process's SIGCHLD handler do a clean shutdown. from an ospfd diff by claudio, ok claudio@
Revision 1.34 / (download) - annotate - [select for diffs], Tue Jun 12 15:16:10 2007 UTC (16 years, 11 months ago) by msf
Branch: MAIN
Changes since 1.33: +5 -4 lines
Diff to previous 1.33 (colored)
put the fd passing from bgpd back in to hoststated's version of imsg, needed for layer 7 reload support. ok pyr@
Revision 1.33 / (download) - annotate - [select for diffs], Thu Jun 7 07:19:50 2007 UTC (16 years, 11 months ago) by pyr
Branch: MAIN
Changes since 1.32: +4 -1 lines
Diff to previous 1.32 (colored)
(finally) Enable reload support for layer 3 configurations. Hoststated can be reloaded either by sending SIGHUP to the parent process or by using ``hoststatectl reload'' discussed and ok reyk@
Revision 1.32 / (download) - annotate - [select for diffs], Tue May 29 00:48:04 2007 UTC (17 years ago) by pyr
Branch: MAIN
Changes since 1.31: +3 -6 lines
Diff to previous 1.31 (colored)
move the ssl cipher suite string to a (small) static charbuf, this will make it easier to send the struct over the socket.
Revision 1.31 / (download) - annotate - [select for diffs], Tue May 29 00:21:10 2007 UTC (17 years ago) by pyr
Branch: MAIN
Changes since 1.30: +51 -48 lines
Diff to previous 1.30 (colored)
move struct relay to the runtime + config scheme. this time around, include hoststatectl changes too.
Revision 1.30 / (download) - annotate - [select for diffs], Mon May 28 22:11:33 2007 UTC (17 years ago) by pyr
Branch: MAIN
Changes since 1.29: +2 -1 lines
Diff to previous 1.29 (colored)
another small step towards hoststated reloading. allow purging of parts of the hoststated environment structure. start using this function now to only keep vital information in hoststated children processes. ok reyk@
Revision 1.29 / (download) - annotate - [select for diffs], Sun May 27 20:53:10 2007 UTC (17 years ago) by pyr
Branch: MAIN
Changes since 1.28: +16 -13 lines
Diff to previous 1.28 (colored)
Second step towards hoststated reload: First split out hosts, tables and services into to structs, one that contains the runtime fields and one (inside the runtime) that contains mostly static fields that will be sent over the socket during reload. Also move the demoted field of tables inside the flags field as its just a boolean. ok reyk@
Revision 1.28 / (download) - annotate - [select for diffs], Sat May 26 19:58:49 2007 UTC (17 years ago) by pyr
Branch: MAIN
Changes since 1.27: +8 -4 lines
Diff to previous 1.27 (colored)
first steps for implementing reload: * make parse_config allocate the hoststated function by itself * make as many sockets as necessary to talk to the relay children * add send_all for talking to all children with advise and ok reyk@
Revision 1.27 / (download) - annotate - [select for diffs], Wed May 2 09:07:28 2007 UTC (17 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.26: +2 -9 lines
Diff to previous 1.26 (colored)
It is no longer needed to pass a cleared timeval to event_loopexit() NULL does the job just fine. OK reyk@
Revision 1.26 / (download) - annotate - [select for diffs], Thu Apr 12 14:45:45 2007 UTC (17 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.25: +31 -1 lines
Diff to previous 1.25 (colored)
add a new relay 'path' action to filter the URL path and arguments. ok pyr@
Revision 1.25 / (download) - annotate - [select for diffs], Tue Apr 10 21:33:52 2007 UTC (17 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.24: +33 -18 lines
Diff to previous 1.24 (colored)
move the decoding of the URL, independent from the node lookups, we will need it later.
Revision 1.24 / (download) - annotate - [select for diffs], Tue Apr 10 18:18:26 2007 UTC (17 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.23: +2 -4 lines
Diff to previous 1.23 (colored)
it is a better idea to handle all enum values in the switch statement
Revision 1.23 / (download) - annotate - [select for diffs], Tue Apr 10 18:14:17 2007 UTC (17 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.22: +15 -5 lines
Diff to previous 1.22 (colored)
the relay filter action needs special handling to work correctly
Revision 1.22 / (download) - annotate - [select for diffs], Wed Mar 21 00:08:08 2007 UTC (17 years, 2 months ago) by reyk
Branch: MAIN
Changes since 1.21: +2 -1 lines
Diff to previous 1.21 (colored)
in addition to the host retry option in tables, add support for the optional connection "retry" to the forward to, service, and nat lookup options. for example, "nat lookup retry 3" is useful when running hoststated as a transparent proxy when connecting to unreliable frontend/backend servers. ok pyr@
Revision 1.21 / (download) - annotate - [select for diffs], Sat Mar 17 22:25:08 2007 UTC (17 years, 2 months ago) by reyk
Branch: MAIN
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)
close unused relay2pfe privsep sockets correctly
Revision 1.20 / (download) - annotate - [select for diffs], Sat Mar 17 22:22:23 2007 UTC (17 years, 2 months ago) by reyk
Branch: MAIN
Changes since 1.19: +6 -3 lines
Diff to previous 1.19 (colored)
fix the natlook mode.
Revision 1.19 / (download) - annotate - [select for diffs], Tue Mar 13 12:04:52 2007 UTC (17 years, 2 months ago) by reyk
Branch: MAIN
Changes since 1.18: +34 -11 lines
Diff to previous 1.18 (colored)
allow to specify the IP_TTL and IP_MINTTL options for the relays to support the Generalized TTL Security Mechanism (GTSM) according to RFC 3682. this is especially useful with inbound connections and a fixed distance to the backend servers. ok pyr@
Revision 1.18 / (download) - annotate - [select for diffs], Wed Mar 7 17:40:32 2007 UTC (17 years, 2 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.17: +22 -2 lines
Diff to previous 1.17 (colored)
- fix the hoststatectl host disable/enable commands to work with relay layer 7 loadbalancing. - allow to run relays with tables without depending on services - show hosts and tables assigned to relays in hoststatectl show commands ok pyr@ deraadt@ with some input from mcbride@
Revision 1.17 / (download) - annotate - [select for diffs], Tue Mar 6 19:26:46 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.16: +63 -12 lines
Diff to previous 1.16 (colored)
add support for handling simple HTTP cookies (no per-path/domain cookies yet), for example: cookie hash "JSESSIONID" tested by some people ok pyr@
Revision 1.16 / (download) - annotate - [select for diffs], Mon Mar 5 11:44:50 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.15: +16 -12 lines
Diff to previous 1.15 (colored)
do not strip the header for expect, hash, and log actions. since we have a tristate in relay_handle_http(), use nicer return codes defined to make it better readble (no function change).
Revision 1.15 / (download) - annotate - [select for diffs], Fri Mar 2 11:32:40 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.14: +5 -3 lines
Diff to previous 1.14 (colored)
when the http read callback changes and some data is still left in the input buffer, we call the new callback to handle the remaining data. this change makes sure that we only do this after the read callback was actually changed (read header -> read content, read content -> read header, read chunks...) to avoid a possible loop which could happen in some rare cases.
Revision 1.14 / (download) - annotate - [select for diffs], Tue Feb 27 13:38:58 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.13: +61 -14 lines
Diff to previous 1.13 (colored)
in addition to actions on request headers, allow to define relay actions on response headers (the reply sent by backend HTTP servers). the default and slightly faster relay streaming mode will be used if no actions are defined. for example: response change "Server" to "OpenBSD-hoststated/4.1" ok pyr@
Revision 1.13 / (download) - annotate - [select for diffs], Mon Feb 26 16:10:24 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)
handle strlcpy return values, make lint happy
Revision 1.12 / (download) - annotate - [select for diffs], Mon Feb 26 15:41:44 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.11: +95 -47 lines
Diff to previous 1.11 (colored)
better error handling for buffer I/O, fix the log action
Revision 1.11 / (download) - annotate - [select for diffs], Mon Feb 26 12:35:43 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.10: +114 -1 lines
Diff to previous 1.10 (colored)
handle requests with chunked transfer-encoding.
Revision 1.10 / (download) - annotate - [select for diffs], Mon Feb 26 12:16:12 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)
tweak flushing of unwritten bytes on http mode changes
Revision 1.9 / (download) - annotate - [select for diffs], Mon Feb 26 12:11:19 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.8: +3 -3 lines
Diff to previous 1.8 (colored)
spacing
Revision 1.8 / (download) - annotate - [select for diffs], Mon Feb 26 12:09:21 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.7: +7 -16 lines
Diff to previous 1.7 (colored)
improve the relay bufferevent handler if one side closed the connection
Revision 1.7 / (download) - annotate - [select for diffs], Mon Feb 26 11:59:48 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.6: +11 -1 lines
Diff to previous 1.6 (colored)
re-use the retry value from table host entries for inbound relay connections. the relay will retry to connect to the hosts for the specified number of times. this sounds bad, but is a useful "workaround" for unreliable backend servers...
Revision 1.6 / (download) - annotate - [select for diffs], Mon Feb 26 11:24:26 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.5: +4 -1 lines
Diff to previous 1.5 (colored)
fix small memleaks
Revision 1.5 / (download) - annotate - [select for diffs], Sun Feb 25 18:16:16 2007 UTC (17 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
one example (of two) of tree breaking the "other gcc"
Revision 1.4 / (download) - annotate - [select for diffs], Sat Feb 24 15:48:54 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.3: +6 -8 lines
Diff to previous 1.3 (colored)
disable SSLv2 and use "HIGH" crypto cipher suites by default. suggested by dlg@
Revision 1.3 / (download) - annotate - [select for diffs], Sat Feb 24 00:22:32 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.2: +125 -62 lines
Diff to previous 1.2 (colored)
- allow to specify the SSL cipher suite and the SSL protocols (as required by the PCI DSS) - increase the default listen backlog to 10, allow to modify the backlog as a per-protocol tcp option to improve the performance on busy systems (to get less connection failures on heavy load) - close the connection if SSL_accept returned an error - instead of logging _new_ relay sessions to syslog, log the sessions in relay_close() after they have been _finished_. this will allow to collect some additional information - add a new log keyword to log specified header/url entities (useful to track "bad guys" using many session ids or multiple user agents) - some minor fixes, manpage bits, and bump the copyright (by some reason, i didn't realize that we already have 2007...).
Revision 1.2 / (download) - annotate - [select for diffs], Thu Feb 22 23:07:38 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.1: +2 -7 lines
Diff to previous 1.1 (colored)
read the exact length for POST requests as specified by the content-length header.
Revision 1.1 / (download) - annotate - [select for diffs], Thu Feb 22 03:32:40 2007 UTC (17 years, 3 months ago) by reyk
Branch: MAIN
Add layer 7 functionality to hoststated used for layer 7 loadbalancing, SSL acceleration, general-purpose TCP relaying, and transparent proxying. see hoststated.conf(5) and my upcoming article on undeadly.org for details. ok to commit deraadt@ pyr@