| Commit message (Collapse) | Author | Lines |
|
|
|
This change is needed to build slowcgi(8) successfully on musl-based
systems, as the musl libc does not define WAIT_ANY.
|
|
This was taken from https://github.com/Duncaen/lobase
|
|
This is needed for setgroups(2)
|
|
The original file location in the OpenBSD tree
- sys/sys/queue.h
|
|
The original file location in the OpenBSD tree
- lib/libc/string/strlcpy.c
|
|
|
|
|
|
for the inflight fds caused by the new connection. Without this slowcgi could fail when close to the limit because FD_RESERVE is smaller then FD_NEEDED. OK florian@, tested by Kristaps Dzonsons
|
|
not a problem in slowcgi since it calls chroot(2) and then chdir(2) shortly afterwards but hopefully prevents copying code into daemons where it does matter. Problem first observed by dlg in ntpd(8) which keeps sitting in the directory from where it was started which might for example prevent an unmount. Discussed with deraadt@
|
|
Andrew Daugherity (andrew.daugherity AT gmail) pointed out that this
is helpful for his port to linux. For example on openSUSE nginx and
Apache run as different users so a compile time default user won't cut
it.
Man page tweaks jmc@
While here, consistently log users at debug level; from Andrew.
|
|
this is instead of setting the timeout up with event_set and
event_add, but removing it with evtimer_del. this uses evtimer_set
and evtimer_add.
prompted by dlg's commit to identd
OK dlg
|
|
tftp-proxy and tftpd to the severity used in log.c style loggers. This also fixes an issue where syslog_err and syslog_errx logged with different severities.
Sure deraadt@
|
|
Input & OK benno@
|
|
aligned to 8 bytes. This matches what most other implementations are doing. While here, make sure that the allocated response buffers are zero'ed out.
OK florian@
|
|
ok florian@
|
|
socket, forks and execs. After fork we only need to close(2), chdir(2) and exec. OK benno@
|
|
|
|
in debugging interactions between httpd and slowcgi. OK florian@
|
|
positive during grep'ing. OK reyk
|
|
don't waste code setting it
improvment and ok florian@
|
|
possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
|
ok florian@
|
|
value. Found while investigating a dead store pointed out by llvm scan-build.
|
|
|
|
|
|
|
|
|
|
socket(2) and accept4(2) that we want non-blocking-close-on-exec sockets. OK benno@
|
|
initialized. OK florian@
|
|
allows to run slowcgi non-chrooted with -p /, requested by at least ratchov@ and henning@. Input by many, OK ratchov@ on a previous diff, "looks good" millert@, man page bits tweak and OK schwarze@ (all some time ago); OK henning@
|
|
|
|
was not quite right. slowcgi would try to chdir("") with a SCRIPT_NAME of /foo.cgi; chdir("/") in that case. I'm not sure how one would configure nginx/slowcgi to get to that point though. OK benno@
|
|
for the 4 byte encoding. With this QUERY_STRING can be longer than 127 bytes. Found the hard way while playing with smokeping. OK benno@
|
|
might be scripts depending on this do the same in slowcgi(8).
pointed out and OK ratchov@
|
|
SCRIPT_NAME doesn't cut it. The spec says: "The SCRIPT_NAME variable MUST be set to a URL path". Use SCRIPT_FILENAME which can be an absolute filesystem path for these cases and fall back to using SCRIPT_NAME if SCRIPT_FILENAME is not present. Details how to handle this worked out by jturner and sthen. Based on an erlier diff by jturner. Tested by jturner OK jturner, sthen
|
|
log execve() failures to syslog (very useful for debugging SCRIPT_NAME
problems)
ok florian@
|
|
of socket path, more relevant now since an alternative socket can be specified. OK benno@
|
|
file descriptors zero to two are always open when starting slowcgi. pointed out, with and looks good to deraadt@
|
|
guaranteed to get one signal per child. pointed out by deraadt OK benno, blambert
|
|
|
|
|
|
|
|
|
|
actually run the cgi for them later on. mirrored on relayd. ok florian@ blambert@
|
|
Otherwise if there are parallel requests and the timing is just right we were closing random fds from other connections. OK blambert
|
|
slowcgi_add_response() function. This ensures that we always do an event_add. OK blambert
|
|
|
|
rid of shutdown(2) which might cause problems. OK blambert
|
|
|