![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / relayd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.45 / (download) - annotate - [select for diffs], Wed Jan 17 10:01:24 2024 UTC (4 months, 3 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.44: +3 -3 lines
Diff to previous 1.44 (colored)
Use imsg_get_fd() As usual proc_forward_imsg() is never forwarding a file descriptor so just use -1 there. This should be replaced by imsg_forward(). All other changes are simple conversions. OK tb@
Revision 1.44 / (download) - annotate - [select for diffs], Wed Feb 15 20:44:01 2023 UTC (15 months, 3 weeks ago) by tobhe
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.43: +1 -14 lines
Diff to previous 1.43 (colored)
proc_ispeer() is not used anywhere anymore so remove it everywhere. ok florian@ bluhm@ ok for vmd mlarkin@
Revision 1.43 / (download) - annotate - [select for diffs], Sat Sep 3 20:07:31 2022 UTC (21 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.42: +7 -21 lines
Diff to previous 1.42 (colored)
Move the daemon() call in the parent process from after forking the children to just before. That way the parent disasociates from its controling terminal and shell, but not from its children. Remove the dup2() bits that were copied from daemon() to solve the problem that the children still had the stdio fds open. This is now done in the parent earlier. Remove the setsid() and setpgid(). It is unclear what their intent was, but they dont seem to make sense, as daemon() covers this as well and there seems to be no reason the cildren procs need to do that. ok claudio@ bluhm@
Revision 1.42 / (download) - annotate - [select for diffs], Thu Dec 30 20:38:43 2021 UTC (2 years, 5 months ago) by dv
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.41: +6 -1 lines
Diff to previous 1.41 (colored)
relayd(8): don't create sockets between CAs and RELAYs. CA and RELAY process types don't need to communicate with other CA or RELAY processes respectively, so don't create and distribute ipc socketpairs. Tested by and ok denis@
Revision 1.41 / (download) - annotate - [select for diffs], Tue Apr 20 21:11:56 2021 UTC (3 years, 1 month ago) by dv
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.40: +1 -2 lines
Diff to previous 1.40 (colored)
Move TAILQ initialization to files where they are used. These priv-sep daemons all follow a similar design and use TAILQs for tracking control process connections. In most cases, the TAILQs are initialized separate from where they are used. Since the scope of use is generally confined to a specific control process file, this commit also removes any extern definitions and exposing the TAILQ structures to other compilation units. ok bluhm@, tb@
Revision 1.40 / (download) - annotate - [select for diffs], Sun Sep 9 21:06:51 2018 UTC (5 years, 9 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.39: +16 -5 lines
Diff to previous 1.39 (colored)
During the fork+exec implementation, daemon(3) was moved after proc_init(). As a consequence httpd(8) and relayd(8) child processes did not detach from the terminal anymore. Dup /dev/null to the stdio file descriptors in the children. OK benno@
Revision 1.39 / (download) - annotate - [select for diffs], Sun May 28 10:39:15 2017 UTC (7 years ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.38: +6 -6 lines
Diff to previous 1.38 (colored)
use __func__ in log messages. fix some whitespace while here. From Hiltjo Posthuma hiltjo -AT codemadness -DOT- org, thanks! ok florian, claudio
Revision 1.38 / (download) - annotate - [select for diffs], Mon Jan 9 14:49:21 2017 UTC (7 years, 5 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)
Stop accessing verbose and debug variables from log.c directly. This replaces log_verbose() and "extern int verbose" with the two functions log_setverbose() and log_getverbose(). Pointed out by benno@ OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well)
Revision 1.37 / (download) - annotate - [select for diffs], Thu Nov 24 21:01:18 2016 UTC (7 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.36: +110 -79 lines
Diff to previous 1.36 (colored)
The new fork+exec mode used too many fds in the parent process on startup, for a short time, so we needed a rlimit hack in relayd.c. Sync the fix from httpd: rzalamena@ has fixed proc.c and I added the proc_flush_imsg() mechanism that makes sure that each fd is immediately closed after forwarding it to a child process instead of queueing it up. OK rzalamena@ jca@ benno@
Revision 1.36 / (download) - annotate - [select for diffs], Wed Oct 5 17:31:28 2016 UTC (7 years, 8 months ago) by rzalamena
Branch: MAIN
Changes since 1.35: +8 -2 lines
Diff to previous 1.35 (colored)
Sync with httpd(8) proc file. Check for dup2() usage to avoid oldd == newd and remove the CLOEXEC with fcntl() if necessary. ok reyk@
Revision 1.35 / (download) - annotate - [select for diffs], Wed Oct 5 17:09:59 2016 UTC (7 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.34: +5 -1 lines
Diff to previous 1.34 (colored)
Call setsid() to create a new session for the executed processes. From deraadt@ OK rzalamena@
Revision 1.34 / (download) - annotate - [select for diffs], Wed Oct 5 16:58:19 2016 UTC (7 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.33: +9 -3 lines
Diff to previous 1.33 (colored)
sync proc.c with vmd: add p_pw to specify a non-standard user for a process. OK rzalamena@
Revision 1.33 / (download) - annotate - [select for diffs], Wed Sep 28 12:16:44 2016 UTC (7 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.32: +2 -3 lines
Diff to previous 1.32 (colored)
sync proc.c incl. the p_env removal
Revision 1.32 / (download) - annotate - [select for diffs], Sat Sep 3 14:44:21 2016 UTC (7 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.31: +3 -3 lines
Diff to previous 1.31 (colored)
Replace [RELAY|SERVER]_MAXPROC with the new PROC_MAX_INSTANCES variable and limit it from 128 to 32 instances (the old value). While here, move a few PROC_ defines around. OK rzalamena@
Revision 1.31 / (download) - annotate - [select for diffs], Sat Sep 3 14:09:04 2016 UTC (7 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.30: +295 -160 lines
Diff to previous 1.30 (colored)
Use the fork+exec privsep model in relayd; based on rzalamena@'s work for httpd with some (current and previous) changes for relayd. Once again, both daemons now share the same proc.c where most of the privsep "magic" happens. OK benno@ rzalamena@
Revision 1.30 / (download) - annotate - [select for diffs], Fri Sep 2 12:14:08 2016 UTC (7 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.29: +2 -3 lines
Diff to previous 1.29 (colored)
style nit as done in httpd
Revision 1.29 / (download) - annotate - [select for diffs], Fri Sep 2 12:12:51 2016 UTC (7 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.28: +17 -16 lines
Diff to previous 1.28 (colored)
As done in httpd, remove ps_ninstances and p_instance. OK benno@ rzalamena@
Revision 1.28 / (download) - annotate - [select for diffs], Fri Sep 2 11:51:49 2016 UTC (7 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.27: +30 -17 lines
Diff to previous 1.27 (colored)
Terminate relayd using the socket status instead of watching SIGCHLD or killing child processes. - Based on rzalamena@'s diff for httpd. OK deraadt@ rzalamena@
Revision 1.27 / (download) - annotate - [select for diffs], Mon Dec 7 16:05:56 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.26: +7 -5 lines
Diff to previous 1.26 (colored)
Add imsg "peerid" to debug messages (only within -DDEBUG).
Revision 1.26 / (download) - annotate - [select for diffs], Sat Dec 5 13:13:11 2015 UTC (8 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)
EAGAIN handling for imsg_read. OK henning@ benno@
Revision 1.25 / (download) - annotate - [select for diffs], Wed Dec 2 13:41:27 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.24: +20 -6 lines
Diff to previous 1.24 (colored)
In most cases we don't need all arguments of proc_compose*_imsg(), so add a shortcut proc_compose*() that skips all of them. Only use the full argument list if needed. The functions with full argument lists can eventually be replaced with a nicer transaction-based approach later. OK benno@
Revision 1.24 / (download) - annotate - [select for diffs], Sat Nov 28 09:52:07 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.23: +3 -5 lines
Diff to previous 1.23 (colored)
Use SOCK_NONBLOCK in relayd as well. OK benno@
Revision 1.23 / (download) - annotate - [select for diffs], Mon Nov 23 16:41:36 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.22: +13 -4 lines
Diff to previous 1.22 (colored)
Sync proc.c with iked: the default proc_dispatch_null allows to remove some empty imsg callback stubs in the privsep processes. iked's proc.c -r1.24 was OK benno@ deraadt@
Revision 1.22 / (download) - annotate - [select for diffs], Sun Nov 22 13:27:13 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.21: +11 -9 lines
Diff to previous 1.21 (colored)
Update log.c: change fatal() and fatalx() into variadic functions, include the process name, and replace all calls of fatal*(NULL) with fatal(__func__) for better debugging. OK benno@
Revision 1.21 / (download) - annotate - [select for diffs], Thu Oct 1 12:16:21 2015 UTC (8 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.20: +19 -18 lines
Diff to previous 1.20 (colored)
sync proc.c with httpd. no functional change, only switching to C99 types.
Revision 1.20 / (download) - annotate - [select for diffs], Thu Jan 22 17:42:09 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.19: +2 -8 lines
Diff to previous 1.19 (colored)
Clean up the relayd headers with help of include-what-you-use and some manual review. Based on common practice, relayd.h now includes the necessary headers for itself. OK benno@
Revision 1.19 / (download) - annotate - [select for diffs], Sun Dec 21 00:54:49 2014 UTC (9 years, 5 months ago) by guenther
Branch: MAIN
Changes since 1.18: +1 -2 lines
Diff to previous 1.18 (colored)
Stop pulling in <arpa/inet.h> or <arpa/nameser.h> when unnecessary.
*Do* pull it in when in_{port,addr}_h is needed and <netinet/in.h> isn't.
ok reyk@
Revision 1.18 / (download) - annotate - [select for diffs], Tue Dec 16 03:35:49 2014 UTC (9 years, 5 months ago) by millert
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)
Replace setpgrp(0, getpid()) with setpgid(0, 0). OK deraadt@ tedu@
Revision 1.17 / (download) - annotate - [select for diffs], Sat Oct 25 03:23:49 2014 UTC (9 years, 7 months ago) by lteo
Branch: MAIN
Changes since 1.16: +1 -2 lines
Diff to previous 1.16 (colored)
Remove unnecessary netinet/in_systm.h include. ok millert@
Revision 1.16 / (download) - annotate - [select for diffs], Mon Aug 18 12:59:00 2014 UTC (9 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.15: +5 -2 lines
Diff to previous 1.15 (colored)
Sync proc.c with httpd. httpd needs SIGUSR1 but relayd will ignore it now instead of terminating the process. ok florian@
Revision 1.15 / (download) - annotate - [select for diffs], Fri Jul 11 16:39:10 2014 UTC (9 years, 11 months ago) by krw
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
Tweak error checking for msgbuf_write() as recommended by the imsg gurus. ok reyk@ benno@
Revision 1.14 / (download) - annotate - [select for diffs], Thu May 8 13:08:48 2014 UTC (10 years, 1 month ago) by blambert
Branch: MAIN
Changes since 1.13: +12 -5 lines
Diff to previous 1.13 (colored)
match relayd proc.c infrastructure with snmpd okay reyk@
Revision 1.13 / (download) - annotate - [select for diffs], Tue May 6 06:40:03 2014 UTC (10 years, 1 month ago) by jsg
Branch: MAIN
Changes since 1.12: +1 -2 lines
Diff to previous 1.12 (colored)
no need to include rand.h now the RAND_seed() calls are gone. ok reyk@
Revision 1.12 / (download) - annotate - [select for diffs], Sun May 4 10:32:32 2014 UTC (10 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.11: +1 -13 lines
Diff to previous 1.11 (colored)
With the recent change by deraadt@ to introduce kern.nosuidcoredump=3, we don't need the horrible debug hack anymore that disabled privdrop and chroot to get core dumps of privsep processes. No functional change for the normal binary, only if it is compiled with the non-default -DDEBUG option.
Revision 1.11 / (download) - annotate - [select for diffs], Sun Apr 20 14:48:29 2014 UTC (10 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.10: +152 -129 lines
Diff to previous 1.10 (colored)
Reimplement the multi-dimensional arrays that are used to set up the process to process imsg communication. It became a maze after we added support for multiple relay processes and even worse with the ca processes. This change makes it easier to understand. Now it only opens socketpairs that are needed - the code previously wasted lots of fds. ok blambert@
Revision 1.10 / (download) - annotate - [select for diffs], Fri Apr 18 21:29:20 2014 UTC (10 years, 1 month ago) by tedu
Branch: MAIN
Changes since 1.9: +1 -6 lines
Diff to previous 1.9 (colored)
round up some enemy sympathizers found calling RAND_seed(). ok beck reyk
Revision 1.9 / (download) - annotate - [select for diffs], Fri Apr 18 12:02:37 2014 UTC (10 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.8: +38 -22 lines
Diff to previous 1.8 (colored)
The proc.c code sets up some socketpair for the communication between different privsep processes. The implementation is using multi-dimensional arrays and and some complicated process to process relations. This is the first attempt of cleaning it up and to allow N:N communications for the upcoming "CA" processes. Discussed with some, but nobody dared to comment on the code.
Revision 1.8 / (download) - annotate - [select for diffs], Mon Apr 14 07:18:05 2014 UTC (10 years, 1 month ago) by blambert
Branch: MAIN
Changes since 1.7: +2 -1 lines
Diff to previous 1.7 (colored)
Fix the following idiom in the following way:
arc4random_buf(seed, sizeof(seed));
RAND_seed(seed, sizeof(seed));
+ explicit_bzero(seed, sizeof(seed));
ok reyk@
Revision 1.7 / (download) - annotate - [select for diffs], Fri Feb 14 10:21:00 2014 UTC (10 years, 3 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.6: +1 -11 lines
Diff to previous 1.6 (colored)
remove unused function that distracts from cleaning up the imsg_flush() mess ok krw, florian, henning
Revision 1.6 / (download) - annotate - [select for diffs], Wed Nov 13 20:45:50 2013 UTC (10 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
handle msgbuf_write() returning EAGAIN
Revision 1.5 / (download) - annotate - [select for diffs], Thu Jan 17 20:34:18 2013 UTC (11 years, 4 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
Remove unnecessary pointer casts. No binary diff. OK benno@
Revision 1.4 / (download) - annotate - [select for diffs], Thu Oct 4 20:53:30 2012 UTC (11 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)
spacing
Revision 1.3 / (download) - annotate - [select for diffs], Sun Sep 4 20:26:58 2011 UTC (12 years, 9 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)
KNF, fix white spaces in relayd. No binary change. ok pyr@ sthen@
Revision 1.2 / (download) - annotate - [select for diffs], Thu May 19 08:56:49 2011 UTC (13 years ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.1: +43 -3 lines
Diff to previous 1.1 (colored)
Fix reload support in relayd(8) by reimplementing large parts of the daemon infrastructure. The previous design made it fairly hard to reload the complex data structures, especially relays and protocols. One of the reasons was that the privsep'd relayd processes had two ways of getting their configuration: 1) from memory after forking from the parent process and 2) and (partially) via imsgs after reload. The new implementation first forks the privsep'd children before the parents loads the configuration and sends it via imsgs to them; so it is only like 2) before. It is based on an approach that I first implemented for iked(8) and I also fixed many bugs in the code. Thanks to many testers including dlg@ sthen@ phessler@ ok pyr@ dlg@ sthen@
Revision 1.1 / (download) - annotate - [select for diffs], Mon May 9 12:09:58 2011 UTC (13 years, 1 month ago) by reyk
Branch: MAIN
Reorganize the relayd code to use the proc.c privsep API/commodity functions that are based on work for iked and smtpd. This simplifies the setup of privsep processes and moves some redundant and repeated code to a single place - which is always good from a quality and security point of view. The relayd version of proc.c is different to the current version in iked because it uses 1:N communications between processes, eg. a single parent process is talking to many forked relay children while iked only needs 1:1 communications. ok sthen@ pyr@