| Commit message (Collapse) | Author | Age | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
slowcgi already has the -d flag to disable forking, but that particular
flag also stops slowcgi from logging to syslog and is intended for
debugging purposes.
Ordinarily this would be fine, but sadly we know of no clean way to
track the PID of a forked process with Gentoo's OpenRC and its
start-stop-daemon(8). We could add support to write a pidfile instead,
but since we want to support multiple invocations of slowcgi through
OpenRC and ${RC_SVCNAME}, we need a way of specifying the pidfile
location in the init script itself.
To solve this reasonably cleanly, add a flag that *only* controls
whether or not the program daemonizes or not. Make sure to mention this
in the manual too.
|
| |
|
|
|
|
|
| |
original diff from Alfred Morgan (alfred [at] 54 dot org)
ok florian@ and manpage tweaks by me.
|
| |
|
|
|
|
| |
all the time. Instead debug logging must be requested with the new -v flag. Problem reported and fix provided by weerd@
|
|
|
|
|
| |
This reverts commit bc9f2d8687625b7eafd70b9afba9fa71983a640a to make way
for the patch that has been accepted upstream.
|
|
|
|
| |
double traverse of the list which now is replaced with no traversal at all. Also stop double wrapping requests just for the list. OK millert@
|
|
|
|
| |
CGI. OK bluhm@ florian@
|
|
|
|
| |
Revision 1.21 removed the volatile from the cgi_inflight global but accept_reserve() was not updated to match. OK florian@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This partially reverts 56691b1 (Allow specifying -d multiple times,
2020-05-11). In that commit, a check for the debug variable in
syslog_debug was removed because a debug level of > 0 would have slowcgi
log to the console instead of syslog, making the check pointless.
However, this also means that slowcgi will now print debug messages by
default, even if run without the '-d' flag. The commit messages states
that the syslog daemon should handle debug output instead. We feel that
this is unsound reasoning, and that it goes against a de-facto standard
seen in the wild so far: only issue debug output (whether to console or
not), if specifically asked for.
Therefore, reintroduce the check for the debug variable. Whilst this
will in fact make the whole syslog_debug method pointless, we do not
want to commit to a complete rewrite of the debug functionality at this
time (even if such an undertaking is, in our opinion, warranted).
|
|
|
|
|
|
|
|
|
|
|
| |
To find the number of file descriptors that the process has currently
open, getdtablecount() counts the number of files under '/proc/self/fd'.
Previously, the special directories '.' and '..' were counted alongside
any symbolic links, making getdtablecount() return the wrong number of
file descriptors.
Make sure that these special directories are ignored by only counting
files whose name consists entirely of digits.
|
|
|
|
| |
> 1 (-dd) since it adds a lot of noise to the output. In syslog_debug do not check for the debug variable instead let syslog handle it. Currently syslog_debug() would never print anything since it is only called with debug = 0 (debug > 0 implies the console logger). OK florian@
|
| |
|
| |
|
|
|
|
|
| |
This change is needed to build slowcgi(8) successfully on musl-based
systems, as the musl libc does not define WAIT_ANY.
|
| |
|
|
|
|
| |
This was taken from https://github.com/Duncaen/lobase
|
|
|
|
| |
This is needed for setgroups(2)
|
|
|
|
|
| |
The original file location in the OpenBSD tree
- sys/sys/queue.h
|
|
|
|
|
| |
The original file location in the OpenBSD tree
- lib/libc/string/strlcpy.c
|
| |
|
| |
|
|
|
|
| |
for the inflight fds caused by the new connection. Without this slowcgi could fail when close to the limit because FD_RESERVE is smaller then FD_NEEDED. OK florian@, tested by Kristaps Dzonsons
|
|
|
|
| |
not a problem in slowcgi since it calls chroot(2) and then chdir(2) shortly afterwards but hopefully prevents copying code into daemons where it does matter. Problem first observed by dlg in ntpd(8) which keeps sitting in the directory from where it was started which might for example prevent an unmount. Discussed with deraadt@
|
|
|
|
|
|
|
|
|
|
| |
Andrew Daugherity (andrew.daugherity AT gmail) pointed out that this
is helpful for his port to linux. For example on openSUSE nginx and
Apache run as different users so a compile time default user won't cut
it.
Man page tweaks jmc@
While here, consistently log users at debug level; from Andrew.
|
|
|
|
| |
Pointed out by Andrew Daugherity (andrew.daugherity AT gmail), thanks! Tweaks and OK jmc
|
| |
|
|
|
|
|
|
|
|
|
| |
this is instead of setting the timeout up with event_set and
event_add, but removing it with evtimer_del. this uses evtimer_set
and evtimer_add.
prompted by dlg's commit to identd
OK dlg
|
|
|
|
|
|
| |
tftp-proxy and tftpd to the severity used in log.c style loggers. This also fixes an issue where syslog_err and syslog_errx logged with different severities.
Sure deraadt@
|
|
|
|
| |
Input & OK benno@
|
|
|
|
|
|
| |
aligned to 8 bytes. This matches what most other implementations are doing. While here, make sure that the allocated response buffers are zero'ed out.
OK florian@
|
|
|
|
| |
ok florian@
|
|
|
|
| |
socket, forks and execs. After fork we only need to close(2), chdir(2) and exec. OK benno@
|
| |
|
|
|
|
| |
in debugging interactions between httpd and slowcgi. OK florian@
|
|
|
|
| |
positive during grep'ing. OK reyk
|
|
|
|
|
|
| |
don't waste code setting it
improvment and ok florian@
|
|
|
|
| |
possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
|
|
|
| |
ok florian@
|
| |
|
|
|
|
| |
value. Found while investigating a dead store pointed out by llvm scan-build.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
socket(2) and accept4(2) that we want non-blocking-close-on-exec sockets. OK benno@
|
| |
|
| |
|
|
|
|
| |
initialized. OK florian@
|