Commit Briefs
convert remaining code to the imsg getters
Now gmid doesn't touch anymore the internals of the imsg structs.
please macos
for some reason that's not entirely clear to me, __dead doesn't seem to work on macos, so clang thinks datalen is used un-initialized. meh
convert most of gmid to the new imsg APIs
Makes parsing and handling of imsgs simpler / clearer. only crypto.c is left as-is.
convert to use imsg_get_fd()
since proc_forward_imsg() never forwards a file descriptor (it's never called actually) just use -1 there.
resurrect openlog() + tzset() in the logger
They're not needed on OpenBSD nor in other systems... except under sandbox. These were added for capsicum() if I remember correctly, but also with landlock it's better to initialize these things earlier.
add `log syslog facility' to use a different syslog(3) facility
Was requested ages ago by Karl Jeacle, now that there is some better support for configuring the logging there's no excuse to add this. It helps with filtering from syslog.d / syslog.conf.
logger use dprintf and a fd instead of a FILE
simplifies further handling. The stdio layer introduces its own buffering and for the logs I'd like to avoid it. fflush(3) is an option, but using a raw fd and dprintf(2) requires less code.
move log_request to gmid.c
so that ge can provide its own log_request without requiring a separate logger process.
rework the daemon to do fork+exec
It uses the 'common' proc.c from various OpenBSD-daemons. gmid grew organically bit by bit and it was also the first place where I tried to implement privsep. It wasn't done very well, in fact the parent process (that retains root privileges) just fork()s a generation of servers, all sharing *exactly* the same address space. No good! Now, we fork() and re-exec() ourselves, so that each process has a fresh address space. Some features (require client ca for example) are temporarly disabled, will be fixed in subsequent commits. The "ge" program is also temporarly disabled as it needs tweaks to do privsep too.