Commits
- Commit:
f0a01fc742e83b3f4736b5d64af3ab18148afc5a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
two -n to dump the parsed configuration
This adds a barebone dumping of the parsed configuration. It is not
complete, but I'm interested in dumping the full path to `cert' and
`key' in order to write some scripts that can inspect the
configuration, extract the certificates and renew them when expired
automatically.
It's not easy to parse gmid configuration otherwise because the syntax
is flexible and users can use macros. Instead, the idea is to run
gmid and let it dump the configuration once it's been parsed in a
static and predictable format.
Now is possible to parse gmid configuration with, say, awk or perl.
- Commit:
5eb3fc905f5e3bd2f2d586fb1e0ceda879500b3e
- From:
- Omar Polo <op@omarpolo.com>
- Date:
don't work around a missing -Wno-unused-parameter
It's been there for a long time, and it's frankly annoying to pretend
to use parameters. Most of the time, they're there to satisfy an
interface and nothings more.
- Commit:
c6bcc919c658676844c857d59388d4108fcc7b8f
- From:
- Omar Polo <op@omarpolo.com>
- Date:
don't wrap the paths inside a <code></code>
- Commit:
c7b79c9eed3bf8beaa6a174e303cb4193c0f9749
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fix navigation in contrib page
- Commit:
1298e4307f587041ae2a31611a92bb92799bff5a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
split the cert generation example on multiple lines
- Commit:
679d5d1a61353b6dee4fda67ab35fabb7f4fba09
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tweak the style for the manpage exported in HTML
- Commit:
35340c9f1e87672e883da1df0f83a3882ecb94b1
- From:
- Omar Polo <op@omarpolo.com>
- Date:
typos
- Commit:
540d05dedc087b9216350906fa1310a59b6f6f37
- From:
- Omar Polo <op@omarpolo.com>
- Date:
typo
- Commit:
0111ad5d262970304b8e12a9cb79b707f030d4cc
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add the Quickstart page
- Commit:
a83ba84448ac4d02758a4aab090e8867d1ef03c0
- From:
- Omar Polo <op@omarpolo.com>
- Date:
mention gencert in contrib.{gmi,html}
- Commit:
d7e2e22c588996c2c4c3aea5a390327282b67f0e
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add gencert, a simple script to generate self-signed certs
- Commit:
9bb2f62e241164788b683971648e51e3cf174947
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tweak landlock comment
- Commit:
807869c14ee57aaa6035e6cba0df5d1369ced9ba
- From:
- Omar Polo <op@omarpolo.com>
- Date:
print the error too if we can't open a directory
It's not intuitive to print
open ... for domain xyz
it doesn't convey that the open failed.
now it appends the error string, at least the user can understand that
something went wrong.
reported by cage on irc, thanks!
- Commit:
492a274fd712e4589669254be327897868e44812
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add compat for sys/tree.h
- Commit:
207b3e80d867693ff74cf99c84f7dd41386adba1
- From:
- Omar Polo <op@omarpolo.com>
- Date:
Store clients inside a splay tree
From day one we've been using a static array of client struct to hold
the clients data. This has variuos drawbacks, among which:
* reuse of the storage ("shades of heartbleed")
* maximum fixed amount of clients connected at the same time
* bugs are harder to debug
The last point in particular is important because if we mess the client
ids, or try to execute some functions (e.g. the various fcgi_*) after a
client has been disconnected, it's harder to "see" this "use after
free"-tier kind of bug.
Now I'm using a splay tree to hold the data about the live connections.
Each client' data is managed by malloc. If we try to access a client
data after the disconnection we'll probably crash with a SIGSEGV and
find the bug is more easy.
Performance-wise the connection phase should be faster since we don't
have to loop anymore to find an empty spot in the clients array, but
some operations could be slightly slower (compare the O(1) access in an
array with a SPLAY_FIND operation -- still be faster than O(n) thought.)