Commit Briefs
gracefully shut down fastcgi backends
we need to delete the events associated with the backends, otherwise the server process won't ever quit. Here, we add a pending counter to every backend and shut down immediately if they aren't handling any client; otherwise we try to close them as soon as possible (i.e. when they close the connection to the last connected client.)
don't let CGI scripts inherit our stderr
our stderr could have been sent to the logger process, so it may be invalid. Furthermore, in the future we may want to capture also the stderr of the processes.
reset fcgi array in free_config
otherwise path, port and/or prog could become an invalid pointer.
fix seccomp filter for ppc64le
before we matched ppc64le as ppc64 (which is big ending I presume), so the seccomp filter would always kill gmid #4 related
use -subj /CN=name when generating the keys for the tests
`printf | openssl` is ugly :/
configure: add --disable-sandbox
Calling `configure' with --disable-sandbox will disable the sandbox support *completely* at compile time. gmid will still complain at compile time and during the startup. Users shouldn't disable the sandbox if possible, but instead report problem upstream so they get fixed (hopefully.) #4 related
reworked seccomp filter
* SECCOMP_AUDIT_ARCH extended to support more architectures * relax fcntl policy: allow the syscall regardless of the flags * wrap every syscall in a ifdef, and add some (statx, fcntl64, ...) used in x86 Some bits were taken from dhcpcd[0], thanks! #4 related [0]: https://roy.marples.name/git/dhcpcd/blob/HEAD:/src/privsep-linux.c
revert 2c16dbd5486 -- macro names can't be reserved words
While one can define a macro using a reserved word as name using -Dname=val, inside the configuration file it'll fail.
don't expand macros inside the quotes
Now that we have this auto concat string thingy, macros can simply expand to standalone strings in place, as single words. Forgot to point it out in previous commits, but now we can cert = "/etc/keys" server "foo" { cert $cert "/foo.crt" ... }