Commits
- Commit:
df0c2926ccb753d07a3f20f3626a20f7079453ee
- From:
- Omar Polo <op@omarpolo.com>
- Date:
use memset(3) rather than bzero(3)
There's no difference, but bzero(3) says
STANDARDS
The bzero() function conforms to the X/Open System Interfaces option of
the IEEE Std 1003.1-2004 (“POSIX.1”) specification. It was removed from
the standard in IEEE Std 1003.1-2008 (“POSIX.1”), which recommends using
memset(3) instead.
so here we are.
- Commit:
a91ad7f2ffac3f1cec0c6c42e780ab5efc92ba5c
- From:
- Omar Polo <op@omarpolo.com>
- Date:
drop unnecessary bzero
the whole struct client is already memset'd to 0 in do_accept.
handle_handshake doesn't touch the request or iri buffer in the code
path that leads to handle_open_conn. (It does so in the error router
alone.)
- Commit:
79288c8b6077a573243c4654e3b3c4948febdb99
- From:
- Omar Polo <op@omarpolo.com>
- Date:
making more explicit the case of missing SNI
Missing SNI (i.e. servname == NULL) is already handled correctly.
puny_decode refuses to work on NULL servname, c->domain is still the
empty string and everything flows as expected towards the error at the
end. However, it's better to bail out early and make more explicit
how the case of missing SNI is handled.
- Commit:
2b38d395cdf3a5b9a91d0495fc322181341d5862
- From:
- Martin <devel@datenbrei.de>
- Via:
- Omar Polo <op@omarpolo.com>
- Date:
Improve gmid.service
Changed gmid.service to not to fork the server and forced to run under
user "gmid". gmid now waits for the network stack beeing available
before starting. Also "gmid" is now the syslog id.
- Commit:
36d2d7b4b39d91868b97c86e6242f19edf6e4103
- From:
- Omar Polo <op@omarpolo.com>
- Date:
sync changelog
- Commit:
b0be0653909864ac2ea070184f6fc4f0dcc62299
- From:
- Omar Polo <op@omarpolo.com>
- Date:
landlock the logger process too
Disallow everything landlock can handle. The logger process doesn't
need any fs access (on OpenBSD it runs with pledge("stdio recvfd")).
- Commit:
0ea22af2805935f4562fb537eb57d85809e70a84
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add helper function gmid_create_landlock_rs
- Commit:
67c49bc5c794c4375344ea010be608572d6f0070
- From:
- Omar Polo <op@omarpolo.com>
- Date:
mention landlock in the README
- Commit:
3499ce5a9ac180a805d8e507207accf8ea352f48
- From:
- Omar Polo <op@omarpolo.com>
- Date:
landlock the server process
Trying to implement some landlock policies (rules?) where possible.
The server process is, of course, the most dangerous process so start
with that.
The following should be equivalent to the unveil(2) call on OpenBSD:
allows only to read files and directories inside the vhost roots.
I'm assuming seccomp is enabled so I'm not trying to disallow actions
such as LANDLOCK_ACCESS_FS_EXECUTE or LANDLOCK_ACCESS_FS_REMOVE_FILE
which require syscalls that are already disallowed. I'm only trying
to limit the damage that the currently allowed system calls can do.
e.g. since write(2) is allowed, gmid could modify *any* file it has
access to; this is now forbidden by landlock.
There are still too many #ifdefs for my tastes, but it's still better
than the seccomp code.
- Commit:
d85aa60208bc38ff99fb170559188d5ec9545e04
- From:
- Omar Polo <op@omarpolo.com>
- Date:
define HAVE_LANDLOCK accordingly
- Commit:
4c31de2915cd2ef3e7d5463bde48cf9064c89d20
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add configure check and shim for landlock
First move towards landlock support (#3). The shim is needed until
libc provides the proper wrappers for the landlock APIs; I hope it
doesn't take too long, but landlock was merged back in May and are
still missing.
- Commit:
fba809b5c775fd4d3c28a012259ee3b1908d4e40
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tag 1.7.3
bump version number
- Commit:
ca3d8bfde617a2be55fda5f25faf071f40325f6f
- From:
- Omar Polo <op@omarpolo.com>
- Date:
retroactively mention the fstat64 fix
- Commit:
39c5bfd64bb020a6e8a17c2a5e96efa02ba85fcc
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fix changelog syntax
- Commit:
e30e5385f15dec8279c1ece2eb6cb6691b5d6d63
- From:
- Omar Polo <op@omarpolo.com>
- Date:
sort tests