#
1.22 |
|
22-Feb-2021 |
jmatthew |
Use the F_CHECK_SENT and F_CHECK_DONE flags to determine whether a previous attempt at running a check script has finished yet, so we can avoid building up a backlog of check requests.
ok dlg@ tb@ giovanni@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.21 |
|
28-May-2017 |
benno |
use __func__ in log messages. fix some whitespace while here. From Hiltjo Posthuma hiltjo -AT codemadness -DOT- org, thanks! ok florian, claudio
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.20 |
|
02-Sep-2016 |
reyk |
Split "struct relayd" into two structs: "struct relayd" and "struct relayd_config". This way we can send all the relevant global configuration to the children, not just the flags and the opts.
With input from and OK claudio@ benno@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.19 |
|
02-Dec-2015 |
reyk |
In most cases we don't need all arguments of proc_compose*_imsg(), so add a shortcut proc_compose*() that skips all of them. Only use the full argument list if needed. The functions with full argument lists can eventually be replaced with a nicer transaction-based approach later.
OK benno@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.18 |
|
22-Jan-2015 |
reyk |
Clean up the relayd headers with help of include-what-you-use and some manual review. Based on common practice, relayd.h now includes the necessary headers for itself.
OK benno@
|
#
1.17 |
|
16-Jan-2015 |
deraadt |
Adapt to <limits.h> universe. ok millert
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.16 |
|
25-Jun-2014 |
reyk |
sync copyright to reality according to my last changes
|
#
1.15 |
|
20-Apr-2014 |
reyk |
Check strlcpy of the script path names for overflow and use the size of the destination buffer instead of the source buffer as the argument.
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.14 |
|
26-May-2011 |
reyk |
Add additional check to prevent running scripts when not configured.
|
#
1.13 |
|
26-May-2011 |
reyk |
fix "check script" by sending all required information to the parent.
|
#
1.12 |
|
09-May-2011 |
reyk |
Reorganize the relayd code to use the proc.c privsep API/commodity functions that are based on work for iked and smtpd. This simplifies the setup of privsep processes and moves some redundant and repeated code to a single place - which is always good from a quality and security point of view. The relayd version of proc.c is different to the current version in iked because it uses 1:N communications between processes, eg. a single parent process is talking to many forked relay children while iked only needs 1:1 communications.
ok sthen@ pyr@
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.11 |
|
28-Feb-2011 |
sthen |
If 'check script' doesn't exit(), treat the service as 'down' rather than 'unknown'. Fixes a problem where the script is killed due to expiry of the interval timer. ok pyr@ deraadt@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.10 |
|
05-Jun-2009 |
pyr |
4 handed diff with eric: Stop pushing event handling in the imsg framework. Instead, provide a small glue layer on top of both imsg and libevent. This finally clearly separates event handling and imsg construction.
Sidetrack bonus: remove the mega-ugly hack of having a dummy imsg_event_add stub in relayctl.
This will make bgpd (and thus henning) happy. Next up are smtpd and ospfd.
ok eric@
|
#
1.9 |
|
05-Jun-2009 |
pyr |
Make imsg completely async model agnostic by not requiring an imsg_event_add function to be provided (which ended up being a named callback). Instead provide a wrapper in the daemon and call that everywhere. Previsously discussed with the usual suspects, ok eric@ though not too happy about the function name (imsg_compose_event).
|
#
1.8 |
|
17-Apr-2009 |
reyk |
close filedescriptors with closefrom(STDERR_FILENO + 1) before executing the script to prevent access to internal processes.
From jacekm@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.7 |
|
05-Dec-2008 |
reyk |
change the way relayd reports check results: instead of logging an arbitrary string in debugging mode, it will store an error code (HCE_*) for each host. the error code can be translated to a string (in log.c) for debugging but it will also be passed to relayctl via the control socket.
from a user point of view, this will print a human-readable error message in the "relayctl show hosts" output if a host is down because the check failed. the relayctl(8) manpage includes detailed explanations of the error messages including mitigations for the most-common problems.
ok jmc@ (manpages) ok phessler@
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.6 |
|
13-Feb-2008 |
reyk |
bump copyright
|
#
1.5 |
|
07-Dec-2007 |
reyk |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.4 |
|
24-Nov-2007 |
reyk |
sort includes, adjust to style(9)
|
#
1.3 |
|
13-Oct-2007 |
deraadt |
avoid errno trashing in signal handler
|
#
1.2 |
|
12-Jun-2007 |
msf |
put the fd passing from bgpd back in to hoststated's version of imsg, needed for layer 7 reload support.
ok pyr@
|
#
1.1 |
|
29-May-2007 |
reyk |
add a new check method which allows to run external scripts/programs for custom evaluations.
pyr agrees to put it in now but to do some improvements of the timeout handling later.
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.21 |
|
28-May-2017 |
benno |
use __func__ in log messages. fix some whitespace while here. From Hiltjo Posthuma hiltjo -AT codemadness -DOT- org, thanks! ok florian, claudio
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.20 |
|
02-Sep-2016 |
reyk |
Split "struct relayd" into two structs: "struct relayd" and "struct relayd_config". This way we can send all the relevant global configuration to the children, not just the flags and the opts.
With input from and OK claudio@ benno@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.19 |
|
02-Dec-2015 |
reyk |
In most cases we don't need all arguments of proc_compose*_imsg(), so add a shortcut proc_compose*() that skips all of them. Only use the full argument list if needed. The functions with full argument lists can eventually be replaced with a nicer transaction-based approach later.
OK benno@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.18 |
|
22-Jan-2015 |
reyk |
Clean up the relayd headers with help of include-what-you-use and some manual review. Based on common practice, relayd.h now includes the necessary headers for itself.
OK benno@
|
#
1.17 |
|
16-Jan-2015 |
deraadt |
Adapt to <limits.h> universe. ok millert
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.16 |
|
25-Jun-2014 |
reyk |
sync copyright to reality according to my last changes
|
#
1.15 |
|
20-Apr-2014 |
reyk |
Check strlcpy of the script path names for overflow and use the size of the destination buffer instead of the source buffer as the argument.
|
Revision tags: OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.14 |
|
26-May-2011 |
reyk |
Add additional check to prevent running scripts when not configured.
|
#
1.13 |
|
26-May-2011 |
reyk |
fix "check script" by sending all required information to the parent.
|
#
1.12 |
|
09-May-2011 |
reyk |
Reorganize the relayd code to use the proc.c privsep API/commodity functions that are based on work for iked and smtpd. This simplifies the setup of privsep processes and moves some redundant and repeated code to a single place - which is always good from a quality and security point of view. The relayd version of proc.c is different to the current version in iked because it uses 1:N communications between processes, eg. a single parent process is talking to many forked relay children while iked only needs 1:1 communications.
ok sthen@ pyr@
|
Revision tags: OPENBSD_4_9_BASE
|
#
1.11 |
|
28-Feb-2011 |
sthen |
If 'check script' doesn't exit(), treat the service as 'down' rather than 'unknown'. Fixes a problem where the script is killed due to expiry of the interval timer. ok pyr@ deraadt@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.10 |
|
05-Jun-2009 |
pyr |
4 handed diff with eric: Stop pushing event handling in the imsg framework. Instead, provide a small glue layer on top of both imsg and libevent. This finally clearly separates event handling and imsg construction.
Sidetrack bonus: remove the mega-ugly hack of having a dummy imsg_event_add stub in relayctl.
This will make bgpd (and thus henning) happy. Next up are smtpd and ospfd.
ok eric@
|
#
1.9 |
|
05-Jun-2009 |
pyr |
Make imsg completely async model agnostic by not requiring an imsg_event_add function to be provided (which ended up being a named callback). Instead provide a wrapper in the daemon and call that everywhere. Previsously discussed with the usual suspects, ok eric@ though not too happy about the function name (imsg_compose_event).
|
#
1.8 |
|
17-Apr-2009 |
reyk |
close filedescriptors with closefrom(STDERR_FILENO + 1) before executing the script to prevent access to internal processes.
From jacekm@
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.7 |
|
05-Dec-2008 |
reyk |
change the way relayd reports check results: instead of logging an arbitrary string in debugging mode, it will store an error code (HCE_*) for each host. the error code can be translated to a string (in log.c) for debugging but it will also be passed to relayctl via the control socket.
from a user point of view, this will print a human-readable error message in the "relayctl show hosts" output if a host is down because the check failed. the relayctl(8) manpage includes detailed explanations of the error messages including mitigations for the most-common problems.
ok jmc@ (manpages) ok phessler@
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.6 |
|
13-Feb-2008 |
reyk |
bump copyright
|
#
1.5 |
|
07-Dec-2007 |
reyk |
hoststated gets renamed to relayd. easier to type, and actually says what the daemon does - it is a relayer that pays attention to the status of pools of hosts; not a status checkers that happens to do some relaying
|
#
1.4 |
|
24-Nov-2007 |
reyk |
sort includes, adjust to style(9)
|
#
1.3 |
|
13-Oct-2007 |
deraadt |
avoid errno trashing in signal handler
|
#
1.2 |
|
12-Jun-2007 |
msf |
put the fd passing from bgpd back in to hoststated's version of imsg, needed for layer 7 reload support.
ok pyr@
|
#
1.1 |
|
29-May-2007 |
reyk |
add a new check method which allows to run external scripts/programs for custom evaluations.
pyr agrees to put it in now but to do some improvements of the timeout handling later.
|