| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
was reached. This is not what other servers are doing, it leads to
ugly log messages and might confuse some clients.
benno@ analyzed that the correct behavior is (probably) to send a 408
when we are in the middle of receiving headers and time out there and
just close the connection in all other cases.
In particular, if a connection gets opened and no request is received
at all just close the connection. If a connection is set to keep-alive
and a request was handled and no further request is coming in just
close the connection. The later is the usual cause for spurious log
messages and client confusion.
Reported over the years by many.
Input, explanations and OK benno
|
|
|
|
|
|
| |
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit extends the existing grammar by adding the param option
to the fastcgi directive: fastcgi param name value.
Example usage:
fastcgi param VAR1 hello
fastcgi param VAR2 world
With help and OK florian@
Rogue manpage bits, feel free to modify them.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
available.
Assuming a httpd.conf based on /etc/examples/httpd.conf, httpd(8)
will only listen on port 80 and serve the acme-challenge directory
for acme-client(1).
The workflow to get a certificate then becomes
acme-client -vAD example.com && rcctl reload httpd
Without the need to edit the httpd.conf yet again. Once the cert
is in place and httpd is reloaded it starts to serve on port 443.
Idea, tweaks & OK deraadt, OK benno
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
date: 2018/10/01 19:24:09; author: benno; state: Exp; lines: +7 -1;
commitid: 0O8fyHPNvPd8rvYU;
Only send 408 Timeout responses when we have seen at least part of a
request. Without a request, just close the connection when we hit
request timeout.
Prompted by a bug report from Nikola Kolev, thanks.
ok reyk@ and some suggestions from claudio@ and bluhm@
Mark Patruck (mark AT wrapped DOT cx) found a problem with it, thanks
for the report.
ok reyk@ bluhm@ sthen@ deraadt@
|
|
|
|
|
|
|
| |
request. Without a request, just close the connection when we hit
request timeout.
Prompted by a bug report from Nikola Kolev, thanks.
ok reyk@ and some suggestions from claudio@ and bluhm@
|
|
|
|
|
|
|
|
| |
From Jack Burton <jack at saosce dot com dot au> - thanks!
Also tested by Jan Klemkow <j.klemkow at wemelug dot de>.
ok beck@ reyk@
|
|
|
|
|
|
|
|
| |
This allows something external (like ocspcheck) to disable the stapling
deliberatly if it can not retreive a valid staple by truncating the
staple file to indicate "do not provide a staple", while the file not
existin will still be treated as a configuration error
ok claudio@ florian@, and prompted by @jsing
|
|
|
|
| |
ok claudio@ florian@
|
|
|
|
|
|
| |
to be specified, rather than a single curve.
ok beck@
|
|
|
|
|
|
|
|
|
|
| |
are no longer limited by the 16KB maximum size of a single imsg.
Configuration data that is larger than a single message is now chunked and
sent via multiple imsgs.
Prompted by a diff from Jack Burton <jack at saosce dot com dot au>.
ok reyk@
|
| |
|
|
|
|
|
|
|
| |
tls ticket lifetime default
to turn it on with a 2h ticket lifetime.
Rekeying happens after a quarter of that time.
OK reky@ and bob@
|
| |
|
|
|
|
| |
Tested & OK jung@
|
|
|
|
|
| |
using keypair_ocsp..
ok reyk@
|
| |
|
|
|
|
|
|
|
|
| |
added associated to a keypair used for SNI, and are usable for more than
just the "main" certificate. Modify httpd to use this.
Bump libtls minor.
ok jsing@
|
|
|
|
|
|
|
| |
Either libevent or the TLS callback can trigger an EOF when the
connection is closed.
OK sunil@ jung@ benno@
|
|
|
|
|
|
|
|
| |
This replaces log_verbose() and "extern int verbose" with the two functions
log_setverbose() and log_getverbose().
Pointed out by benno@
OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well)
|
|
|
|
| |
an int.
|
|
|
|
|
|
| |
and this way we can give a separate specific error message.
ok beck@ reyk@
|
|
|
|
| |
ok florian@
|
|
|
|
| |
ok jsing@
|
|
|
|
| |
ok jsing@ bcook@
|
|
|
|
|
|
| |
anymore. Also fix the process initialization prototypes.
ok reyk@
|
|
|
|
|
|
|
|
|
| |
To keep the debug functionality intact and correct we'll use the pid
field in the imsg header to pass the instance number. Remember to always
pass 'ps_instance + 1' otherwise libutil will fill imsg header pid field
with the imsgbuf pid (which is the current process pid).
ok reyk@
|
|
|
|
| |
ok reyk@
|
|
|
|
| |
ok reyk@
|
|
|
|
| |
ok natano reyk
|
|
|
|
|
|
| |
happens way too often and does not provide much information.
OK jung@
|
|
|
|
|
| |
the other server_tls_* functions (and I like the prefix notation
better). No functional change.
|
|
|
|
| |
which is actually the same thing (cluebat from reyk@).
|
|
|
|
| |
Requested by reyk@
|
|
|
|
|
|
|
|
|
|
|
|
| |
not allow TLS and non-TLS to be configured on the same port, do not allow
TLS options to be specified without a TLS listener and ensure that the TLS
options are the same when a server is specified on the same address/port.
Currently, these configurations are permitted but do not work as intended.
Also factor out and reuse the server matching code, which was previously
duplicated.
ok reyk@
|
|
|
|
| |
certificate and private key at the same time.
|
|
|
|
|
|
| |
resulted in errno being set.
ok reyk@
|
| |
|
|
|
|
|
|
| |
As done in iked and snmpd.
OK jung@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1) The main process listens on sockets and accepts connections. It
creates and opens log files, creates and kills child processes. On
start up and on receiving a HUP signal it parses the configuration. It
passes on file descriptors for logging or requests to it's children.
2) The logger process writes log messages to a file descriptor passed
in from the main process.
3) The server process reads the request from a file descriptor passed
in from the main process. It reads a file or creates a directory index
to send a response.
Additionally this process handles fastcgi requests. It connects to
AF_UNIX, AF_INET or AF_INET6 sockets. A re-factoring might make it
possible to drop the additional fastcgi privileges when only static
files are served.
with deraadt@ some time ago
prodding & OK deraadt@
tweaks and OK reyk@
|
|
|
|
|
|
| |
where the handshake has successfully completed.
ok beck@
|
|
|
|
| |
jointly with jsing@
|
|
|
|
| |
ok jsing@
|
|
|
|
| |
ok beck@
|
|
|
|
|
|
|
|
|
|
| |
srv_conf->auth in serverconfig_free() because it was not allocated in
config_getserver() but assigned as a reference by id from a global
list that is maintained independently. This fixes a potential
double-free. This fix also makes srv_conf->auth "const" to emphasize
that the read-only auth pointer was not allocated here.
OK jsing@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
of u_intN_t) and replace u_int with unsigned int. Mixing both
variants is a bad style and most contributors seem to prefer this
style; it also helps us to get used to it, portability, and
standardization.
Theoretically no binary change, except one in practice: httpd.o has a
different checksum because gcc with -O2 pads/optimizes "struct
privsep" differently when using "unsigned int" instead "u_int" for the
affected members. "u_int" is just a typedef of "unsigned int", -O0
doesn't build the difference and clang with -O2 doesn't do it either -
it is just another curiosity from gcc-land.
OK semarie@
|
|
|
|
|
|
|
|
| |
previously disabled it because we were reading to fast (from disk).
Problem noted and tracked down to that commit by weerd@ and
independently by stsp@.
Tested by weerd@, stsp@, reyk@
OK bluhm@, reyk@
|
|
|
|
|
|
| |
we need more care to find a proper fix for the fastcgi headers.
acknowledged by deraadt@
|
|
|
|
|
|
| |
parse it. Otherwise http headers can leak into the body.
Pointed out by Jean-Philippe Ouellet on bugs@ Thanks!
OK reyk, commit ASAP deraadt@
|
|
|
|
|
|
|
|
|
|
| |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER by default. This gives
tls_write() a similar short write semantics as write(2) and a
workaround in httpd to cope with the previous differences can be
removed. Specifically, httpd can stop copying data into a local
buffer that was used to keep it around for repeated writes.
OK bluhm@
|