![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / relayd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.51 / (download) - annotate - [select for diffs], Sat May 18 06:34:46 2024 UTC (3 weeks ago) by jsg
Branch: MAIN
CVS Tags: HEAD
Changes since 1.50: +1 -2 lines
Diff to previous 1.50 (colored)
remove prototypes with no matching function
Revision 1.50 / (download) - annotate - [select for diffs], Wed Dec 28 21:30:18 2022 UTC (17 months, 1 week ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.49: +2 -2 lines
Diff to previous 1.49 (colored)
spelling fixes; from paul tagliamonte any parts of his diff not taken are noted on tech
Revision 1.49 / (download) - annotate - [select for diffs], Mon Aug 6 17:31:31 2018 UTC (5 years, 10 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.48: +10 -10 lines
Diff to previous 1.48 (colored)
replace the current log options log updates|all with log state changes log host checks log connection [errors] The first two control the logging of host check results: either changes in host state only or all checks. The third option controls logging of connections in relay mode: Either log all connections, or only errors. Additionaly, errors will be logged with LOG_WARN and good connections will be logged with LOG_INFO, so they can be differentiated in syslog. ok and feedback from claudio@
Revision 1.48 / (download) - annotate - [select for diffs], Wed Apr 18 12:10:54 2018 UTC (6 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.47: +3 -5 lines
Diff to previous 1.47 (colored)
Remove RELAY_MAX_SESSIONS from relayd, there is no reason to limit relays to 1024 session per process (esp. with keep-alive). Now the fd limit is the new maximum and relayd will make sure to not accept too many sessions. The tcp backlog config maximum is now 512, adjust manpage accordingly. OK benno@ deraadt@
Revision 1.47 / (download) - annotate - [select for diffs], Tue Jul 4 19:59:51 2017 UTC (6 years, 11 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.46: +6 -6 lines
Diff to previous 1.46 (colored)
make relayd not crash in relay_udp_server() when using a dns relay. needs revisiting. From Rivo Nurges, thanks. ok florian@
Revision 1.46 / (download) - annotate - [select for diffs], Sun May 28 10:39:15 2017 UTC (7 years ago) by benno
Branch: MAIN
Changes since 1.45: +3 -3 lines
Diff to previous 1.45 (colored)
use __func__ in log messages. fix some whitespace while here. From Hiltjo Posthuma hiltjo -AT codemadness -DOT- org, thanks! ok florian, claudio
Revision 1.45 / (download) - annotate - [select for diffs], Mon Jan 9 14:49:21 2017 UTC (7 years, 5 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.44: +3 -4 lines
Diff to previous 1.44 (colored)
Stop accessing verbose and debug variables from log.c directly. This replaces log_verbose() and "extern int verbose" with the two functions log_setverbose() and log_getverbose(). Pointed out by benno@ OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well)
Revision 1.44 / (download) - annotate - [select for diffs], Thu Nov 10 13:21:58 2016 UTC (7 years, 6 months ago) by jca
Branch: MAIN
Changes since 1.43: +25 -7 lines
Diff to previous 1.43 (colored)
Fix tcp ip ttl / minttl on IPv6 sockets. ok florian@
Revision 1.43 / (download) - annotate - [select for diffs], Fri Sep 2 14:31:47 2016 UTC (7 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.42: +4 -4 lines
Diff to previous 1.42 (colored)
proc_id has been replaced by ps->ps_instance. OK claudio@
Revision 1.42 / (download) - annotate - [select for diffs], Mon Dec 7 04:03:27 2015 UTC (8 years, 6 months ago) by mmcc
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.41: +3 -5 lines
Diff to previous 1.41 (colored)
Remove NULL-checks before free(). No functional change.
Revision 1.41 / (download) - annotate - [select for diffs], Wed Dec 2 13:41:27 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.40: +3 -3 lines
Diff to previous 1.40 (colored)
In most cases we don't need all arguments of proc_compose*_imsg(), so add a shortcut proc_compose*() that skips all of them. Only use the full argument list if needed. The functions with full argument lists can eventually be replaced with a nicer transaction-based approach later. OK benno@
Revision 1.40 / (download) - annotate - [select for diffs], Sat Nov 28 09:52:07 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.39: +3 -4 lines
Diff to previous 1.39 (colored)
Use SOCK_NONBLOCK in relayd as well. OK benno@
Revision 1.39 / (download) - annotate - [select for diffs], Thu Jan 22 17:42:09 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.38: +3 -11 lines
Diff to previous 1.38 (colored)
Clean up the relayd headers with help of include-what-you-use and some manual review. Based on common practice, relayd.h now includes the necessary headers for itself. OK benno@
Revision 1.38 / (download) - annotate - [select for diffs], Fri Jan 16 15:06:40 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
Changes since 1.37: +2 -1 lines
Diff to previous 1.37 (colored)
Adapt to <limits.h> universe. ok millert
Revision 1.37 / (download) - annotate - [select for diffs], Sun Dec 21 00:54:49 2014 UTC (9 years, 5 months ago) by guenther
Branch: MAIN
Changes since 1.36: +1 -2 lines
Diff to previous 1.36 (colored)
Stop pulling in <arpa/inet.h> or <arpa/nameser.h> when unnecessary.
*Do* pull it in when in_{port,addr}_h is needed and <netinet/in.h> isn't.
ok reyk@
Revision 1.36 / (download) - annotate - [select for diffs], Thu Dec 18 20:55:01 2014 UTC (9 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.35: +1 -2 lines
Diff to previous 1.35 (colored)
Update relayd to use siphash instead of sys/hash. The source-hash, loadbalance and hash modes use a random key by default that can be forced to be a static key with a new configuration argument. With input from Max Fillinger. ok tedu@
Revision 1.35 / (download) - annotate - [select for diffs], Fri Dec 12 10:05:09 2014 UTC (9 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.34: +3 -3 lines
Diff to previous 1.34 (colored)
Change the keyword "ssl" to "tls" to reflect reality since we effectively disabled support for the SSL protocols. SSL remains a common term describing SSL/TLS, there is some controvery about this change, and the name really doesn't matter, but I feel confident about it now. (btw., sthen@ pointed out some historical context: http://tim.dierks.org/2014/05/security-standards-and-name-changes-in.html) OK benno@, with input from tedu@
Revision 1.34 / (download) - annotate - [select for diffs], Wed Nov 19 10:24:40 2014 UTC (9 years, 6 months ago) by blambert
Branch: MAIN
Changes since 1.33: +2 -1 lines
Diff to previous 1.33 (colored)
Support exporting relayd statistics via AgentX/snmpd This should be equivalent to the statistics available via the various relaydctl show commands okay benno@ reyk@
Revision 1.33 / (download) - annotate - [select for diffs], Sat Oct 25 03:23:49 2014 UTC (9 years, 7 months ago) by lteo
Branch: MAIN
Changes since 1.32: +1 -2 lines
Diff to previous 1.32 (colored)
Remove unnecessary netinet/in_systm.h include. ok millert@
Revision 1.32 / (download) - annotate - [select for diffs], Fri Aug 8 18:26:50 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.31: +4 -2 lines
Diff to previous 1.31 (colored)
No events were added for DNS UDP so it stopped working after the first request. Additionally, the DNS code tried to use an invalid timeout. Fix from mm@freebsd.org Reported by Johan Schuijt
Revision 1.31 / (download) - annotate - [select for diffs], Sun Jul 13 00:32:08 2014 UTC (9 years, 10 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.30: +2 -1 lines
Diff to previous 1.30 (colored)
improve log output for relays. adjust regress tests ok reyk
Revision 1.30 / (download) - annotate - [select for diffs], Wed Jul 9 16:42:05 2014 UTC (9 years, 11 months ago) by reyk
Branch: MAIN
Changes since 1.29: +2 -4 lines
Diff to previous 1.29 (colored)
Replace the protocol directives for HTTP with a new generic filtering language. The grammar is inspired by pf and allows to write versatile last-matching filter rules in protocol sections starting with the "pass", "block" or "match" keywords. This work was started almost two years ago and replaces large parts of relayd(8)'s HTTP and filtering code. The initial version reimplements and extends HTTP filtering, but will be improved to support generic TCP and other protocols later. With some testing, feedback, and help from benno@ and andre@. OK benno@
Revision 1.29 / (download) - annotate - [select for diffs], Wed Jun 25 11:05:15 2014 UTC (9 years, 11 months ago) by reyk
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)
sync copyright to reality according to my last changes
Revision 1.28 / (download) - annotate - [select for diffs], Sun Mar 10 23:32:53 2013 UTC (11 years, 3 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.27: +6 -12 lines
Diff to previous 1.27 (colored)
This diff changes relayd to use the monotonic clock instead of gettimeofday(). It was also bugging me for some time to have all these checks of gettimeofday()'s return value: it should not fail. So this diff introduces a void getmonotime(struct timeval *tv) that calls clock_gettime(CLOCK_MONOTONIC, &ts) and converts the output to a struct timeval that can be used with the existing code and the timeval-specific timer functions (timerclear, timersub, ...). It does not return a status but calls fatal() on error-that-should-not-happen. ok sthen@ chris@
Revision 1.27 / (download) - annotate - [select for diffs], Thu Jan 17 20:34:18 2013 UTC (11 years, 4 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.26: +13 -15 lines
Diff to previous 1.26 (colored)
Remove unnecessary pointer casts. No binary diff. OK benno@
Revision 1.26 / (download) - annotate - [select for diffs], Tue Dec 18 15:36:43 2012 UTC (11 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)
cnl is only allocated if F_NATLOOK was specified before, so skip the extra check for F_NATLOOK and check if cnl is not NULL only. no functional change, but this might make it clear that there is no and was no memleak here.
Revision 1.25 / (download) - annotate - [select for diffs], Wed Oct 3 08:33:31 2012 UTC (11 years, 8 months ago) by reyk
Branch: MAIN
Changes since 1.24: +2 -3 lines
Diff to previous 1.24 (colored)
Support more than one relay backup table. Instead of duplicating the code for main and backup table all over the place, turn the relay tables into a list attached to the relay. This improves the code and allows some other tricks with multiple tables later.
Revision 1.24 / (download) - annotate - [select for diffs], Mon May 9 12:08:47 2011 UTC (13 years, 1 month ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.23: +3 -4 lines
Diff to previous 1.23 (colored)
Reorganize the relayd code to use the proc.c privsep API/commodity functions that are based on work for iked and smtpd. This simplifies the setup of privsep processes and moves some redundant and repeated code to a single place - which is always good from a quality and security point of view. The relayd version of proc.c is different to the current version in iked because it uses 1:N communications between processes, eg. a single parent process is talking to many forked relay children while iked only needs 1:1 communications. ok sthen@ pyr@
Revision 1.23 / (download) - annotate - [select for diffs], Thu May 5 12:01:44 2011 UTC (13 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.22: +7 -7 lines
Diff to previous 1.22 (colored)
Update all logging and debug functions to use the __func__ macro
instead of static function names. __func__ is C99 and perfectly fine
to use. It also avoids printing errors; for example if a statement
log_debug("foo:"..) was moved or copied from function foo() to bar()
and the log message was not updated...
Revision 1.22 / (download) - annotate - [select for diffs], Wed May 26 13:56:08 2010 UTC (14 years ago) by nicm
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.21: +3 -3 lines
Diff to previous 1.21 (colored)
Rename some imsg bits to make namespace collisions less likely buf to ibuf, buf_read to ibuf_read, READ_BUF_SIZE to IBUF_READ_SIZE. ok henning gilles claudio jacekm deraadt
Revision 1.21 / (download) - annotate - [select for diffs], Fri Aug 7 11:21:53 2009 UTC (14 years, 10 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.20: +18 -18 lines
Diff to previous 1.20 (colored)
rename 'struct session' to 'struct rsession' because it conflicts with another 'struct session' in sys/sysctl.h.
Revision 1.20 / (download) - annotate - [select for diffs], Fri Jun 5 23:39:51 2009 UTC (15 years ago) by pyr
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6
Changes since 1.19: +3 -3 lines
Diff to previous 1.19 (colored)
4 handed diff with eric: Stop pushing event handling in the imsg framework. Instead, provide a small glue layer on top of both imsg and libevent. This finally clearly separates event handling and imsg construction. Sidetrack bonus: remove the mega-ugly hack of having a dummy imsg_event_add stub in relayctl. This will make bgpd (and thus henning) happy. Next up are smtpd and ospfd. ok eric@
Revision 1.19 / (download) - annotate - [select for diffs], Fri Jun 5 00:04:01 2009 UTC (15 years ago) by pyr
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)
Make imsg completely async model agnostic by not requiring an imsg_event_add function to be provided (which ended up being a named callback). Instead provide a wrapper in the daemon and call that everywhere. Previsously discussed with the usual suspects, ok eric@ though not too happy about the function name (imsg_compose_event).
Revision 1.18 / (download) - annotate - [select for diffs], Mon Sep 29 15:12:22 2008 UTC (15 years, 8 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.17: +3 -2 lines
Diff to previous 1.17 (colored)
spacing
Revision 1.17 / (download) - annotate - [select for diffs], Fri Aug 8 08:51:21 2008 UTC (15 years, 10 months ago) by thib
Branch: MAIN
Changes since 1.16: +9 -3 lines
Diff to previous 1.16 (colored)
Check gettimeofday() against -1; Add a missing error check in one place. OK reyk@
Revision 1.16 / (download) - annotate - [select for diffs], Wed Jul 23 10:05:18 2008 UTC (15 years, 10 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.15: +12 -5 lines
Diff to previous 1.15 (colored)
validate packet length in debug dns packet logging before printing the header.
Revision 1.15 / (download) - annotate - [select for diffs], Wed Jul 9 17:24:14 2008 UTC (15 years, 11 months ago) by reyk
Branch: MAIN
Changes since 1.14: +14 -3 lines
Diff to previous 1.14 (colored)
always verify that the received dns response id matches our request.
Revision 1.14 / (download) - annotate - [select for diffs], Wed Jul 9 17:16:51 2008 UTC (15 years, 11 months ago) by reyk
Branch: MAIN
Changes since 1.13: +10 -4 lines
Diff to previous 1.13 (colored)
Use OpenBSD's knuth shuffle algorithm of random values from bind to produce the DNS request ids instead of a simple per-request arc4random(). This ensure randomness but also satisfies the non-repeating property we need. ok deraadt@
Revision 1.13 / (download) - annotate - [select for diffs], Wed Jul 9 14:57:01 2008 UTC (15 years, 11 months ago) by reyk
Branch: MAIN
Changes since 1.12: +2 -1 lines
Diff to previous 1.12 (colored)
also set the protocol, either TCP or UDP, in the NAT lookup. this unbreaks NAT lookups with UDP; tested as a transparent DNS relay.
Revision 1.12 / (download) - annotate - [select for diffs], Wed Jul 9 10:50:34 2008 UTC (15 years, 11 months ago) by reyk
Branch: MAIN
Changes since 1.11: +57 -20 lines
Diff to previous 1.11 (colored)
update the relay dns code to open a new udp socket to send the forwarded dns request to the server instead of sending from the server socket. this will fix the limitation the the dns relay had to listen to the "0.0.0.0" address, and will also enable relayd to use the udp source port randomization. relayd will know randomize the source port (on OpenBSD) and DNS request identifier for the clients behind it. ok pyr@
Revision 1.11 / (download) - annotate - [select for diffs], Thu May 8 02:27:58 2008 UTC (16 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.10: +48 -21 lines
Diff to previous 1.10 (colored)
move the session keys used by dns in a protocol-specific private ptr.
Revision 1.10 / (download) - annotate - [select for diffs], Mon Mar 3 16:43:42 2008 UTC (16 years, 3 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.9: +6 -8 lines
Diff to previous 1.9 (colored)
The fix removes the replacement of se_key from relay_dns_request. se_key is assigned a random value for and id in relay_udp_server before where the SPLAY_INSERT is performed, se_outkey is set to the return id rather than the rl_dskkey. The relay_dns_request which occurs after the SPLAY_INSERT no longer updates se_outkey, or se_key. The request is sent using the random value already placed into the se_key when the session is created. From Nigel Taylor ok pyr@ deraadt@
Revision 1.9 / (download) - annotate - [select for diffs], Wed Feb 13 11:32:59 2008 UTC (16 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored)
bump copyright
Revision 1.8 / (download) - annotate - [select for diffs], Mon Feb 4 12:12:30 2008 UTC (16 years, 4 months ago) by thib
Branch: MAIN
Changes since 1.7: +1 -9 lines
Diff to previous 1.7 (colored)
Move some prototypes from relay.c to relayd.h and remove there externs in other places; ok reyk@
Revision 1.7 / (download) - annotate - [select for diffs], Thu Jan 31 12:12:50 2008 UTC (16 years, 4 months ago) by thib
Branch: MAIN
Changes since 1.6: +60 -60 lines
Diff to previous 1.6 (colored)
add prefixes to names of structure elements to make it easier to grep for code, next struct session; ok reyk@;
Revision 1.6 / (download) - annotate - [select for diffs], Thu Jan 31 09:56:28 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.5: +21 -21 lines
Diff to previous 1.5 (colored)
add prefixes to names of structure elements to make it easier to grep for code, next struct relay. knf long line fixes will follow later. ok thib@
Revision 1.5 / (download) - annotate - [select for diffs], Thu Jan 31 09:33:39 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
add prefixes to names of structure elements to make it easier to grep for code, start with struct relayd. finally. ok thib@
Revision 1.4 / (download) - annotate - [select for diffs], Tue Jan 29 16:36:04 2008 UTC (16 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.3: +3 -1 lines
Diff to previous 1.3 (colored)
relayd(8) may lose memory allocate to varaible `cnl' (struct ctl_natlook). Free `cnl' allocated memory on failure. From Igor Zinovik (zinovik at cs.karelia dot ru)
Revision 1.3 / (download) - annotate - [select for diffs], Fri Dec 7 17:17:01 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.2: +4 -4 lines
Diff to previous 1.2 (colored)
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
Revision 1.2 / (download) - annotate - [select for diffs], Sat Nov 24 17:07:28 2007 UTC (16 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.1: +3 -4 lines
Diff to previous 1.1 (colored)
sort includes, adjust to style(9)
Revision 1.1 / (download) - annotate - [select for diffs], Mon Sep 10 11:59:22 2007 UTC (16 years, 9 months ago) by reyk
Branch: MAIN
add support for relaying DNS traffic (with a little bit of packet header randomization). this adds an infrastructure to support UDP-based protocols. ok gilles@, tested by some