aboutsummaryrefslogtreecommitdiffstats
path: root/src/conn-tools
Commit message (Collapse)AuthorAgeFilesLines
* Fix partial local/remote host resolution in s6-tcpserver-accessLaurent Bercot2024-07-301-1/+1
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* Prepare for 2.7.0.3; fix s6-tcpserverd fd bugLaurent Bercot2024-04-231-9/+4
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* No duplicate : in s6-tcpserver-access' prognameLaurent Bercot2023-12-131-1/+1
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* Fix clock programs that recv46; fix s6-tcpserver-access exitcodesLaurent Bercot2023-12-121-5/+17
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* version: 2.7.0.0v2.7.0.0Laurent Bercot2023-11-202-0/+3
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* Small bugfixes, update deps, update docLaurent Bercot2023-11-191-1/+1
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* /etc/hosts support for s6-tcpclient and s6-tcpserver-accessLaurent Bercot2023-11-182-45/+124
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* s6-tcpserverd: change terminology: allow -> accept, deny -> rejectLaurent Bercot2023-11-121-4/+4
| | | | | | Also change ip:port to ip_port in logs Signed-off-by: Laurent Bercot <ska@appnovation.com>
* s6-tcpserver-access: don't use errno in deny messagesLaurent Bercot2023-11-061-5/+5
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* Fix missing null terminatorLaurent Bercot2023-10-161-8/+9
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* Better iteration when sending signals in s6-tcpserverdLaurent Bercot2023-10-011-28/+33
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* Avoid stupid buffer overflows tyvmLaurent Bercot2023-10-011-1/+1
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* Refactor s6-tcpserverd loggingLaurent Bercot2023-10-011-51/+43
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* Great Tcpserver Unification. Prepare for 2.6.0.0.Laurent Bercot2023-09-3014-826/+121
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* Remove extra warning when s6-tcpserver-access has no rulesetLaurent Bercot2023-09-201-1/+0
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* Remove s6-tcpserver?d dependency on libs6Laurent Bercot2023-09-114-8/+22
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* New versions of s6-tcpserver4d and s6-tcpserver6dLaurent Bercot2023-09-084-153/+163
| | | | | | | | | | | - both now use posix_spawn when available - s6-tcpserver4d uses avltree for logarithmic lookups - s6-tcpserver6d still has the linear lookup - the point was to benchmark linear vs logarithmic, but the fork() overhead overshadowed everything - now with fork() out of the way, I'm going back to benchmarks Signed-off-by: Laurent Bercot <ska@appnovation.com>
* Prepare for 2.5.1.2Laurent Bercot2022-11-2911-11/+11
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* Adapt to skalibs-2.11.0.0Laurent Bercot2021-08-1010-49/+36
| | | | Signed-off-by: Laurent Bercot <ska@appnovation.com>
* bugfix: tcpserver should unignore SIGPIPELaurent Bercot2021-05-222-2/+4
|
* Trivial syscall number optimizationLaurent Bercot2021-05-212-2/+2
|
* Get rid of webipc.hLaurent Bercot2020-12-092-8/+8
|
* Convert to new exec.h syntaxLaurent Bercot2020-11-269-62/+84
|
* Move all tls stuff into its own subdirLaurent Bercot2020-11-2122-1299/+0
|
* Add s6-ucspitlscLaurent Bercot2020-11-219-78/+201
|
* Prepare for 2.4.0.0Laurent Bercot2020-11-211-1/+12
|
* Privs can only be dropped after reading key files.Laurent Bercot2020-11-216-29/+0
|
* Refactor tls code to support ucspi-tlsLaurent Bercot2020-11-2016-98/+654
| | | | | | | | | | | | | | | | | | That includes: - new architecture: the tls binary is now a child of the app instead of the other way around - the sbearssl_run engine now takes a post-handshake callback. This allows s6-tlsc and s6-tlsd to only exec into the app when the handshake succeeds (which was already the case with libressl). - new binaries s6-tlsc-io and s6-tlsd-io encapsulate the crypto code; they init and run the engine, connecting to 4 already open fds (stdin/stdout = network, argv[1] and argv[2] = local) - s6-tlsc is now a simple wrapper around s6-tlsc-io - s6-tlsd is now a simple wrapper around s6-tlsd-io - new binary: s6-ucspitlsd, which is also a wrapper around s6-tlsd-io, but differently: the parent execs the app which should be ucspi-tls-aware, the child waits for a command from the parent and execs into s6-tlsd-io if it receives it.
* Add -e option to s6-tlsserverLaurent Bercot2020-05-061-4/+12
|
* Remove tainnow.lib dependencyLaurent Bercot2019-09-215-5/+5
|
* Adapt to new stopwatch APILaurent Bercot2019-09-065-8/+5
|
* Use stopwatches and wallclocks where appropriateLaurent Bercot2019-09-045-0/+5
|
* Different code style for the maxconn spurious warning avoidanceLaurent Bercot2019-05-142-9/+6
|
* bugfix: have s6-tcpserver?d write localport to stdout on notifLaurent Bercot2018-10-062-2/+24
| | | | and not just a newline.
* change localip is6 flag based on destination ipJohn Regan2018-04-111-2/+6
| | | | | | | | | | | | | | | | By default, the localip flag is initialized with the is6 flag set to 0. The only time the flag is changed to 1 is when a user specifies a local IPv6 address to use. Because of this, socket_tcp46 always creates an IPv4 socket. This patch corrects that - if the user hasn't specified a local address, then the local 'is6' flag is updated to match the destination 'is6' flag. Signed-off-by: Laurent Bercot <ska-skaware@skarnet.org>
* Add -B (blocking) option to s6-tcpserver?-socketbinderLaurent Bercot2018-04-112-6/+12
|
* bugfix: spurious error message in s6-tcpserver?d when maxed connectionsLaurent Bercot2017-09-133-6/+8
|
* Optimize to xpathexec ; prepare for 2.3.0.2Laurent Bercot2017-08-229-20/+10
|
* Fix memcpy size in s6-tcpserver6dLaurent Bercot2017-03-151-1/+1
|
* Cleanup superfluous includesLaurent Bercot2017-03-142-2/+2
|
* Adapt to skalibs-2.5.0.0Laurent Bercot2017-03-1215-225/+197
|
* Types fix, first passLaurent Bercot2017-01-1014-60/+79
| | | | | | | XXX marks what must change when skalibs changes. Also started writing functions for client certificate support in sbearssl, but it's not working yet (need more high-level support from BearSSL before it can work)
* Remove s6-tls* dependency to libs6net. Improve gen-deps to make dynlinking ↵Laurent Bercot2016-12-042-2/+0
| | | | easier.
* s6-tls*: small bugfixes. Add documentation.Laurent Bercot2016-12-031-9/+3
|
* Fix several bugs in stls, make the engine workLaurent Bercot2016-12-012-0/+2
|
* Small sbearssl bugfixes and usability messagesLaurent Bercot2016-11-281-0/+2
|
* use S6_EXTBINPREFIX for s6-applyuidgid invocation in s6-tlsserverLaurent Bercot2016-11-271-1/+1
|
* Add -z option to s6-tlsc/s6-tlsd to clean TLS env vars before spawning ↵Laurent Bercot2016-11-266-12/+28
| | | | (default)
* Usability fixes for TLSLaurent Bercot2016-11-261-28/+38
|
* Fix build bugs. It builds!Laurent Bercot2016-11-254-16/+33
| | | | | | Two things remain to do: - how to pass SNI information to libtls - how to detect cert issuer key type for ECC in bearssl