Andreas Steffen
7bda0f0c8b
Added tzset memory leak to whitelist
2013-08-28 22:51:17 +02:00
Tobias Brunner
f0c54e8c15
chunk: Print chunks without separator if + modifier is used
2013-08-24 16:22:51 +02:00
Tobias Brunner
32a145fdbd
utils: Add case-insensitive version of strpfx()
2013-08-24 16:22:51 +02:00
Martin Willi
a24515c515
backtrace: rename clone() method clashing with system call
...
Fixes #376 .
2013-08-09 09:13:39 +02:00
Tobias Brunner
ed0efaef4c
host: Properly initialize struct sockaddr_in[6] when parsing strings
...
Otherwise struct members like sin6_flowinfo or sin6_scope_id might be
set to bogus values.
2013-07-31 22:16:58 +02:00
Tobias Brunner
b3393c88c1
asn1: Fix handling of invalid ASN.1 length in is_asn1()
...
Fixes CVE-2013-5018.
2013-07-31 22:16:58 +02:00
Martin Willi
83a0b74da8
keychain: be less verbose when loading certificates
2013-07-31 11:41:16 +02:00
Martin Willi
84044f9c73
utils: add round_up/down() helper functions
2013-07-29 09:00:48 +02:00
Tobias Brunner
1f2d9c7688
watcher: Made notify array initialization compatible with older GCC versions
2013-07-25 16:57:42 +02:00
Tobias Brunner
ebb4ad1baa
unit-tests: Add additional tests for host_t
2013-07-25 11:28:26 +02:00
Tobias Brunner
116363e5c6
array: Number of items in get_size() is unsigned
...
Otherwise, array->esize is promoted to int and if array->esize * num
results in a value > 0x7fffffff the return value would be incorrect due
the implicit sign extension when getting cast to size_t.
2013-07-25 11:28:01 +02:00
Tobias Brunner
d7dc4fedd1
stream: Ensure UNIX socket path is null terminated
2013-07-24 16:17:23 +02:00
Tobias Brunner
cfca183d55
pkcs5: Add missing break statements when checking crypto primitives
2013-07-24 16:17:22 +02:00
Tobias Brunner
5baec6448d
unit-tests: Add test for host_create_netmask()
2013-07-24 16:17:21 +02:00
Tobias Brunner
6e2ec33f9d
host: Prevent overflow in host_create_netmask() if mask is 0 or 32/128
2013-07-24 16:17:03 +02:00
Tobias Brunner
cfdd23b967
capabilities: Proper error handling when reading groups
2013-07-24 10:54:26 +02:00
Martin Willi
dcd5129c25
processor: force synchronous execute_job() if set_threads(0) has been called
...
During daemon shutdown, some idle threads might be lingering around even if
set_threads(0) already has been called. To avoid any races, we enforce
synchronous execution of the job.
2013-07-19 15:30:22 +02:00
Tobias Brunner
8f1b44b40c
keychain: Use AM_CPPFLAGS instead of INCLUDES
2013-07-19 09:01:39 +02:00
Tobias Brunner
0ceb288815
Fix various API doc issues and typos
...
Partially based on an old patch by Adrian-Ken Rueegsegger.
2013-07-18 18:30:36 +02:00
Martin Willi
cb6c4e0430
identification: parse identities having a "@@" prefix as ID_RFC822_ADDR
...
Original patch by Gerald Richter.
2013-07-18 16:45:10 +02:00
Martin Willi
b4b3959b22
stream-service: move CAP_CHOWN check from plugins to service constructor
...
A plugin service can be a TCP socket now, so it does not make much sense
to strictly check for CAP_CHOWN.
2013-07-18 16:00:31 +02:00
Martin Willi
1897dd730f
processor: remove the now unused get_threads() method again
2013-07-18 16:00:31 +02:00
Martin Willi
ea009869e9
watcher: use processors new execute_job() to notify FDs
...
Just queueing is problematic, as all threads might be busy waiting for events
that the queued (but never executed) job delivers.
2013-07-18 16:00:31 +02:00
Martin Willi
6653e6c13e
processor: add an execute_job() method to directly execute an important job
...
If all worker threads are busy and waiting for an event, we must ensure that
a job delivering that event gets executed. This new method has this property
for CRITICAL jobs, using a worker if we have one, but executing the job directly
if not.
2013-07-18 16:00:31 +02:00
Martin Willi
55240835b0
watcher: properly support multiple watch callback types for the same FD
2013-07-18 16:00:31 +02:00
Martin Willi
d0c25a3f23
watcher: read multiple notifications if available
...
Use non-blocking I/O on the read end of the notify pipe. This also makes sure
the read does not block should select() signal data while there is none.
2013-07-18 16:00:31 +02:00
Martin Willi
4d7a762871
credmgr: introduce a hook function to catch trust chain validation errors
2013-07-18 16:00:30 +02:00
Martin Willi
4701929266
stream: allow async read/write callback to destroy the stream explicitly
2013-07-18 16:00:29 +02:00
Martin Willi
c9d1742b5d
stream: don't close underlying socket when creating a stream from it
2013-07-18 16:00:29 +02:00
Martin Willi
58d0dadddc
watcher: add some debugging statements
2013-07-18 16:00:29 +02:00
Martin Willi
91a2ae644c
watcher: if the processor has no threads, execute the job with watcher thread
...
This is important during shutdown, where we might need to signal some FDs while
all idle threads are gone already.
2013-07-18 16:00:29 +02:00
Martin Willi
50720d7ce9
processor: add a getter for the threads passed to set_threads()
2013-07-18 16:00:29 +02:00
Martin Willi
a0e3a7363f
watcher: unregister a watcher FD if its thread gets cancelled
2013-07-18 16:00:29 +02:00
Martin Willi
a558ba16f3
watcher: release threads waiting in remove() when watcher thread gets cancelled
...
During daemon shutdown, users might call remove() after processor.set_threads(0)
has been called. This gets problematic, as a watch event might be unable
to signal completion when no threads are available anymore. Work around this
issue by cancelling waiters once processor.cancel() has been called.
2013-07-18 16:00:29 +02:00
Martin Willi
e6e8a2b2e0
stream: support keeping the service alive outside of service callback
2013-07-18 16:00:28 +02:00
Martin Willi
d57b9e7c82
stream: add read/write_all() methods to stream
2013-07-18 16:00:28 +02:00
Martin Willi
1d1ef9e7ca
stream: support cancellation of stream service callback
2013-07-18 16:00:28 +02:00
Martin Willi
047a190600
stream: use a service constructor to create services
...
It does not make much sense to reference running services in the manager,
especially as unregistration would need the URI (which a user would have to
store instead of the service reference).
2013-07-18 16:00:28 +02:00
Martin Willi
fbdc65debb
stream: replace print/vprint() convenience functions by a FILE* getter
...
While this will complicate the implementation of streams not based on a fd,
it allows us to unleash the full power of FILE based convenience functions.
2013-07-18 16:00:28 +02:00
Martin Willi
70d1ccec96
stream: add a concurrency option to services, limiting parallel callbacks
2013-07-18 16:00:28 +02:00
Martin Willi
db0e160ba2
stream: add a job priority option to stream services
2013-07-18 16:00:28 +02:00
Martin Willi
441bb9e7b7
stream: add backlog option to stream services, forward to listen()
2013-07-18 16:00:28 +02:00
Martin Willi
c5597a4b56
stream: add support for TCP stream services
2013-07-18 16:00:28 +02:00
Martin Willi
db1c8aa460
stream: add support for TCP streams
2013-07-18 16:00:28 +02:00
Martin Willi
f04746d9b4
stream: add support for UNIX stream services
2013-07-18 16:00:28 +02:00
Martin Willi
b785cfe05b
stream: add support for UNIX streams
2013-07-18 16:00:28 +02:00
Martin Willi
c1fd8c22ce
stream: support async operation using watcher
2013-07-18 16:00:28 +02:00
Martin Willi
7a23588195
stream: add printf()-style covenience functions
2013-07-18 16:00:28 +02:00
Martin Willi
2ba276017d
stream: create library instance of stream-manager
2013-07-18 16:00:28 +02:00
Martin Willi
d6ff53940f
stream: add a manager to dynamically register streams and services
2013-07-18 16:00:28 +02:00