summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Mark Wooding [Wed, 9 Aug 2017 10:08:57 +0000 (11:08 +0100)]
debian/: Update for Debhelper 10.
Mark Wooding [Mon, 4 Jun 2018 02:00:39 +0000 (03:00 +0100)]
Release 1.0.5.
Mark Wooding [Mon, 4 Jun 2018 01:56:44 +0000 (02:56 +0100)]
linux.c: Check for IPv4-mapped IPv6 addresses.
Clients which use IPv4-mapping rather than proper IPv4 sockets get
listed in `/proc/net/tcp6' rather than in `/proc/net/tcp'. Cope with
this by searching the latter if we can't find the entry we want in the
former.
Mark Wooding [Mon, 4 Jun 2018 01:18:44 +0000 (02:18 +0100)]
linux.c: Factor out trundling through the `tcp' file.
No functional change, but this lays important groundwork for the next
bugfix.
Mark Wooding [Mon, 4 Jun 2018 00:49:24 +0000 (01:49 +0100)]
linux.c: Detect hall-of-mirrors effect in `nf_conntrack'.
As well as NAT entries, this file contains entries for ordinary
connections, where both address pairs are equal and swapped. If we find
one of these -- because we failed to find the connection in the main
`tcp' table for some reason -- then we'll pick the other remote address
as an ident daemon to talk to. The problem is that that other daemon is
us, and we'll end up talking to another instance of ourselves, which
will fall into the same trap. Until there aren't any file descriptors
left.
Mark Wooding [Mon, 4 Jun 2018 00:48:51 +0000 (01:48 +0100)]
linux.c: Reformat to suppress a compiler warning.
Maybe -- maybe -- the code was overly compressed.
Mark Wooding [Thu, 18 Feb 2016 16:08:13 +0000 (16:08 +0000)]
Release 1.0.4.
Mark Wooding [Sat, 13 Feb 2016 19:33:40 +0000 (19:33 +0000)]
yaid.c: Use `socklen_t' as appropriate.
Mark Wooding [Thu, 18 Feb 2016 14:32:22 +0000 (14:32 +0000)]
debian/control: Update Build-Depends.
* We need pkg-config to find mLib.
Mark Wooding [Thu, 18 Feb 2016 14:26:44 +0000 (14:26 +0000)]
debian/source/format: Apparently we need one of these.
Mark Wooding [Sat, 13 Feb 2016 19:33:40 +0000 (19:33 +0000)]
Properly log fatal errors encountered after program startup.
The code used to use mLib's `die', which reports to stderr, but we ought
properly to report errors to syslog if that's been requested. So
introduce and use a new function `fatal' which does the right thing, and
use it in the places where it's necessary.
Mark Wooding [Fri, 5 Feb 2016 00:30:46 +0000 (00:30 +0000)]
yaid.c (logmsg): Split out a version which takes a captured argument list.
Mark Wooding [Fri, 5 Feb 2016 00:20:29 +0000 (00:20 +0000)]
Pull fetching random bytes into the system-specific code.
While we're at it, take the opportunity to make the error reporting more
useful.
Mark Wooding [Fri, 5 Feb 2016 00:19:41 +0000 (00:19 +0000)]
linux.c (init_sys): Describe the sections of initialization code.
There's only one so far, but more will come.
Mark Wooding [Fri, 5 Feb 2016 00:13:42 +0000 (00:13 +0000)]
linux.c: Mark debugging code with a more useful preprocessor macro name.
Mark Wooding [Fri, 5 Feb 2016 00:10:37 +0000 (00:10 +0000)]
debian/control: Currently only works with a Linux kernel.
Mark Wooding [Thu, 4 Feb 2016 19:26:48 +0000 (19:26 +0000)]
Release 1.0.3.
Mark Wooding [Thu, 4 Feb 2016 19:19:29 +0000 (19:19 +0000)]
yaid.8.in: Fix stupid typo.
Mark Wooding [Thu, 4 Feb 2016 10:22:39 +0000 (10:22 +0000)]
linux.c (parseaddr_ipv6): Fix operator spacing.
Purely cosmetic.
Mark Wooding [Mon, 22 Dec 2014 20:32:58 +0000 (20:32 +0000)]
yaid.c: Delay destruction of selbuf objects.
It's not safe to destroy them from inside the per-line callback
function, so make chains of defunct objects and arrange to destroy them
properly in the main loop.
Mark Wooding [Mon, 22 Dec 2014 20:32:58 +0000 (20:32 +0000)]
yaid.c (cancel_proxy): Reorder destruction a little.
Alas, `selbuf_enable' can invoke its per-line function, in this case
`client_line', immediately. So we need to make sure we've detached this
proxy structure before that happens: if we do it afterwards, we risk
clobbering any new proxy that `client_line' has acquired in the
meantime.
Mark Wooding [Mon, 22 Dec 2014 20:32:58 +0000 (20:32 +0000)]
yaid.c (client_line): Set remote address earlier.
We need it for the log message if we can't parse the request.
Mark Wooding [Sun, 18 Jan 2015 04:17:22 +0000 (04:17 +0000)]
debian/yaid.policy: Fix address for IPv6 loopback.
I'm not entirely sure how I managed to get this wrong.
Mark Wooding [Sun, 18 Jan 2015 04:11:53 +0000 (04:11 +0000)]
policy.c, yaid.h: Discuss `open_policy_file' and filesystem object types.
Mark Wooding [Sun, 18 Jan 2015 04:07:44 +0000 (04:07 +0000)]
linux.c: Implement the return-code protocol described.
It should return zero on success or -1 on failure, because it's an
operation which attempts to return a value, and so might fail -- as
opposed to a predicate asking a simple boolean question about the world.
No actual harm done, because the code was correct to begin with, but
potentially confusing later.
Mark Wooding [Sun, 18 Jan 2015 04:06:23 +0000 (04:06 +0000)]
yaid.8.in: Fix the system policy file name.
Mark Wooding [Mon, 21 Apr 2014 10:25:00 +0000 (11:25 +0100)]
Release 1.0.2.
It hardly seems worth a release for this, but the misformatted manpage
is annoying.
Mark Wooding [Sun, 23 Jun 2013 22:25:23 +0000 (23:25 +0100)]
yaid.c: Use new mLib function annotations.
Update dependency on mLib.
Mark Wooding [Sun, 23 Jun 2013 23:27:53 +0000 (00:27 +0100)]
yaid.8.in: Fix formatting.
Mark Wooding [Sun, 23 Jun 2013 22:32:01 +0000 (23:32 +0100)]
Release 1.0.1.
Mark Wooding [Sun, 23 Jun 2013 22:24:17 +0000 (23:24 +0100)]
Fix limits on reading user policy files.
The old code only checked the line code after a successful policy line.
A policy file consisting only of blank lines, comments, and erroneous
lines could cause the daemon to loop forever.
Modify `read_policy_file' to return `T_*' codes (like the comment says
it should!), and handle the various codes in the caller. Most
particularly, `client_line' gives up after the first error to avoid
spamming the log. Getting this to work properly involves applying a
different ordering to the `T_*' codes.
Mark Wooding [Sun, 23 Jun 2013 22:19:05 +0000 (23:19 +0100)]
debian/control: Fix Build-Depends on `mlib-dev'.
It should certainly match `configure.ac'.
Mark Wooding [Sun, 23 Jun 2013 17:01:19 +0000 (18:01 +0100)]
yaid.h: Avoid the macro name `N'.
Rename the helper macros of `RESPONSE' to `U_' and `N_'.
Mark Wooding [Sun, 21 Oct 2012 15:25:53 +0000 (16:25 +0100)]
Debian packaging.
Mark Wooding [Sun, 21 Oct 2012 21:30:26 +0000 (22:30 +0100)]
policy.c, yaid.c: Silently ignore missing user policy files.
Mark Wooding [Sun, 21 Oct 2012 14:52:25 +0000 (15:52 +0100)]
linux.c, yaid.c: Correct policy application for proxied queries.
The apparent remote address for a proxy connection is the gateway, but
in fact the information is going to some remote server. Therefore, once
we've identified a proxy connection, overwrite the remote address in
the query with the true remote host.
This means fixing up the query structure with the gateway address next
time, so keep track of the connection remote address and restore it on
each query.
Mark Wooding [Sun, 21 Oct 2012 14:49:58 +0000 (15:49 +0100)]
yaid.8.in: Add manual page.
Mark Wooding [Sun, 21 Oct 2012 14:12:41 +0000 (15:12 +0100)]
Makefile.am: Include `confsubst' machinery.
Mark Wooding [Sun, 21 Oct 2012 14:10:46 +0000 (15:10 +0100)]
configure.ac, yaid.c: Make it be a proper Unix daemon.
Forks into background, drops privilege, proper logging, and all the usual
trappings.
Mark Wooding [Sun, 21 Oct 2012 14:08:30 +0000 (15:08 +0100)]
yaid.c: Time out idle connections after 30s.
Mark Wooding [Sun, 21 Oct 2012 14:05:20 +0000 (15:05 +0100)]
policy.h, yaid.h: Allow policy rules to match on the user.
So we have a user pattern, and all the associated bits and pieces.
This breaks old policy files, but nobody has deployed yet.
Mark Wooding [Sun, 21 Oct 2012 14:02:46 +0000 (15:02 +0100)]
policy.c: Check that the input file is a proper file.
This is mainly useful for user policy files, to make sure they're not
completely mad.
Mark Wooding [Sun, 21 Oct 2012 14:01:36 +0000 (15:01 +0100)]
policy.h: Don't allow `user' actions in user policy files.
The turtles will overwhelm us.
Mark Wooding [Sat, 20 Oct 2012 17:30:21 +0000 (18:30 +0100)]
General spring-cleaning. Most of the code is pretty nice now.
Mark Wooding [Sat, 20 Oct 2012 14:31:44 +0000 (15:31 +0100)]
linux.c: Remove stray debugging code.
Mark Wooding [Sat, 20 Oct 2012 14:28:55 +0000 (15:28 +0100)]
linux.c: Do NAT detection using address-independent machinery.
Mark Wooding [Sat, 20 Oct 2012 12:55:30 +0000 (13:55 +0100)]
linux.c: Mark `get_default_gw' as static.
Nothing outside needs to know about it any more.
Mark Wooding [Sat, 20 Oct 2012 12:54:12 +0000 (13:54 +0100)]
yaid.c: Reorder `proxy_query': don't use `c' after `conn_init'.
It might have been freed if the connection completes immediately (so
`proxy_connected' is called synchronously) and then something goes
wrong (so `c' will be freed).
Mark Wooding [Sat, 20 Oct 2012 12:51:57 +0000 (13:51 +0100)]
yaid.c: Common function for fixing connected sockets.
Previously I'd forgotten to drag `out-of-band' data inline, which will
cause a select(2) spin, and to make the client connection be nonblocking.
Put all of the relevant stuff in a utility function.
Mark Wooding [Sat, 20 Oct 2012 12:35:21 +0000 (13:35 +0100)]
yaid.c: Beef up `reply' with an extra token argument.
Eliminates the need for `proxy_line' to call `write_to_client' explicitly,
duplicating functionality.
Mark Wooding [Thu, 18 Oct 2012 09:35:35 +0000 (10:35 +0100)]
linux.c, yaid.c, yaid.h: Open the NAT table just once at init time.
This file requires privileges to open, so it must be done before we
drop them. (We don't, yet, but it's coming.)
Mark Wooding [Thu, 18 Oct 2012 09:27:28 +0000 (10:27 +0100)]
addr.c, linux.h, yaid.h: Move things out of the address-type list macro.
Things which are only needed to initialize the table are now in
systematically named macros which are determined by the table population
machinery. This means we can build the system-specific operations
table in the same way.
Mark Wooding [Thu, 18 Oct 2012 09:23:45 +0000 (10:23 +0100)]
linux.c (identify): Don't leak the file handle.
Mark Wooding [Wed, 17 Oct 2012 23:11:56 +0000 (00:11 +0100)]
Dispatch to methods handling address-family specifics.
This is a fairly invasive change to the program. Rather than carry
around an address family type and switch on it throughout, carry around
a pointer to a vtable containing methods. Methods needed by the system-
specific machinery are properly integrated.
Mark Wooding [Wed, 17 Oct 2012 23:09:00 +0000 (00:09 +0100)]
Makefile.am, configure.ac, ident.c -> linux.c: System specifics.
Rename `ident.c' to indicate that this is where the system-specific
machinery lives, and provide build system support for other platforms
should they be contributed.
Mark Wooding [Wed, 17 Oct 2012 04:40:57 +0000 (05:40 +0100)]
ident.c, yaid.c, yaid.h: Make `get_default_gw' be internal to `ident.c'.
Don't really need the diagnostics any more.
Mark Wooding [Wed, 17 Oct 2012 04:39:41 +0000 (05:39 +0100)]
yaid.c: Don't fail if either IPv4 or IPv6 is unavailable.
Do continue to fail if the ports can't be bound, or if neither protocol
is available.
Mark Wooding [Wed, 17 Oct 2012 04:42:09 +0000 (05:42 +0100)]
policy.c: Implement IPv6 matching in match_addrpat.
Missing piece. Whoops.
Mark Wooding [Sun, 14 Oct 2012 23:21:21 +0000 (00:21 +0100)]
Apparently working version, but still ugly.
It needs a lot of commentary, a proper command-line interface, logging,
pidfiles, and so on.
Also, there's a bunch of inconsistency surrounding IPv4/IPv6 handling:
the core uses a vtable, while most of the rest of the code uses
switches. This ought to be sorted out before a proper release.
Mark Wooding [Sat, 29 Sep 2012 14:37:27 +0000 (15:37 +0100)]
Initial ugly non-portable core of an ident daemon.