Commits
- Commit:
8af9da984379ae26d5ee17f47a6b12763a780851
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fix the build with some yacc implementations
- Commit:
611dffe81628683ebd2b48ae6f02f9bff6081ee9
- From:
- Omar Polo <op@omarpolo.com>
- Date:
remove regress/sha
we can use cmp to tell if two files are different, which also has
the benefit of being available everywhere and reporting the byte
offset of the first difference. Reduces the test dependencies on
some systems.
- Commit:
1b9031f1fccde6f61363328c6efebf045dd97dec
- From:
- Omar Polo <op@omarpolo.com>
- Date:
work around missing SOCK_NONBLOCK/CLOEXEC on macos
- Commit:
94893746ae158901a4896039a0c0dc29ca008d54
- From:
- Omar Polo <op@omarpolo.com>
- Date:
use the default prefork in tests
- Commit:
2cef5cf42a98f8b9c8c4f1a4d4da40b389de770a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
load_ca: get a buffer instead of a fd
We dup(1) the ca fd and send it to various processes, so they fail
loading it. Instead, use load_file to get a buffer with the file
content and pass that to load_ca which then loads via BIO.
- Commit:
89cfcb456921ed65a812b6e960de390553ac0ae5
- From:
- Omar Polo <op@omarpolo.com>
- Date:
simplify config_send_kp: use config_send_file
- Commit:
5d160453f27672bda82e8497aa96a4230705ffbd
- From:
- Omar Polo <op@omarpolo.com>
- Date:
remove proc_ispeer()
unused, and was dropped by other copies of proc.c; reduces the diff
with httpd' proc.c.
- Commit:
ba290ef3affaad8a51b789eeadab269df1ffd0af
- From:
- Omar Polo <op@omarpolo.com>
- Date:
disable the privsep crypto engine on !OpenBSD
it fails bandly at runtime on various linux distros and on freebsd.
Until a fix is found, disable it so I can move forward.
- Commit:
237095fd9a40120ef4e4bb7b7525d45c89c6cfb0
- From:
- Omar Polo <op@omarpolo.com>
- Date:
remove has_siginfo
and wrap siginfo behind #ifdef SIGINFO. avoids some warnings in !BSD.
- Commit:
1ef09e6313e6a7656899f1ce5a98bddb16498934
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add -Wpointer-sign to the mix
It's not present in -W -Wall -Wextra on OpenBSD but it is enabled
on other systems.
- Commit:
b8d68fc8e49b3eeac2ba3106e9694ef463a646e1
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fixes for -Wpointer-sign
- Commit:
d1739e3f03a014fa9baded61a49eeb49293c751f
- From:
- Omar Polo <op@omarpolo.com>
- Date:
cast uint64_t to unsigned long long
- Commit:
ec96a0ad3b80dd46a4d68359807c0c09560100cb
- From:
- Omar Polo <op@omarpolo.com>
- Date:
work around different signature for ecdsae_compute_key
- Commit:
86693a33abd5e8c31530adb3045c9f4664d4d6c9
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add a privsep crypto engine
Incorporate the OpenSMTPD' privsep crypto engine. The idea behind
it is to never load the certificate' private keys in a networked
process, instead they are loaded in a separate process (the `crypto'
one) which signs payloads on the behalf of the server processes.
This way, we greatly reduce the risk of leaking the certificate'
private key should the server process be compromised.
This currently compiles only on LibreSSL (portable fix is in the
way).
- Commit:
f81a97b3569478a36e5cbe95229efd1b831b7a7b
- From:
- Omar Polo <op@omarpolo.com>
- Date:
drop useless debug statement