Age | Commit message (Collapse) | Author | |
---|---|---|---|
2012-01-02 | Ported to OpenBSDHEADmaster | Genadijus Paleckis | |
* In particular use /dev/pf for transparent client lookups | |||
2011-10-21 | Add new make file bits for freshmeat upload | Stef Walter | |
2011-10-21 | Add upload-release make target, and start signing releases | Stef Walter | |
2011-10-21 | Release version 1.101.10 | Stef Walter | |
2011-10-21 | proxsmtpd: [PATCH] Close extra file descriptors for filter command | Keith Owens | |
Short form: Passing extra file descriptors to the filter command can prevent it from detecting EOF or EPIPE. Result, dead filter commands that never terminate. Close everything except fd 0, 1, 2 before running the filter command. Long form: At the point that the filter command is forked and executed, proxsmtd may have multiple children with multiple pipes open. fork() bumps the reference count on all the file descriptors that are open at that moment. When the parent closes its part of the pipe, the pipe fd may or may not be removed from the system, depending on how many children have accidentally inherited that pipe. The child code closes fd 0, 1 and 2, calls dup2() to map the pipes to 0, 1 and 2 then runs. If another child has accidentally bumped the reference count on the pipes to this child then fd 0 can have multiple writers. This prevents the filter from detecting EOF or EPIPE when proxsmtpd closes the pipe to this particular child. This bug is particularly evident if the filter program does another fork and uses more pipes to communicate with its own child. awk does this as a matter of course. The result is a dangling filter command just sitting there waiting for input and not detecting that stdin has been closed. The dangling commands are owned by pid 1 rather than proxsmtpd. The only way to get rid of them is to manually kill them. | |||
2011-09-16 | Test build. | Stef Walter | |
2011-09-16 | workaround for race between waitpid(-1) and waitpid(pid) | Keith Owens | |
Sometimes waitpid(-1) in cb_check_data reaps a child that has just terminated, before waitpid(pid) in wait_process can reap it. Linux waitpid(pid,,WNOHANG) may not return an error if the child has already terminated, which results in wait_process looping waiting for the child which has already terminated. The symptom is a spurious "timeout waiting for filter command to exit". | |||
2011-01-23 | Release version 1.9 | Stef Walter | |
2011-01-23 | Better message when skipping processing. | Stef Walter | |
2011-01-23 | Parse MAIL FROM and RCPT TO properly, and skip authenticated. | Stef Walter | |
2011-01-23 | Reject early before recipient server gets the envelope. | Stef Walter | |
2011-01-23 | Add client IP address to log line. | Stef Walter | |
2011-01-23 | Don't force connections to come from same source port. | Stef Walter | |
Also allow address reuse for connections in time wait state. | |||
2011-01-23 | Bump up the limit of top number of max connections. | Stef Walter | |
Used to be 1024, now is 10240 | |||
2011-01-23 | Fix TransparentProxy option to better reflect different types of proxy. | Stef Walter | |
2011-01-23 | Add a default reject message | Stef Walter | |
2011-01-23 | Fix compiler warnings. | Stef Walter | |
2011-01-23 | Refactor how data skip is done. | Stef Walter | |
2011-01-23 | Send the proper data end signature to server. | Stef Walter | |
2011-01-23 | Add status to logs for rejection and skipping | Stef Walter | |
2011-01-23 | Allow skipping processing data for unauthenticated connections. | Stef Walter | |
2011-01-23 | Track client authentication correctly. | Stef Walter | |
2011-01-23 | Implement reject filter for messages. | Stef Walter | |
2011-01-23 | Enable IP_TRANSPARENT on the main socket as well. | Stef Walter | |
2011-01-23 | Fix the build on ubuntu 10.4 | Stef Walter | |
2011-01-23 | Fix problems with the build of IP_TRANSPARENT support. | Stef Walter | |
2011-01-23 | Ignore tarballs | Stef Walter | |
2011-01-23 | Fix spelling mistakes in configure output. | Stef Walter | |
2011-01-23 | Proper build and configure support for transparent proxy | Stef Walter | |
2011-01-23 | Transparent proxying without running as root. | Stef Walter | |
Using linux capabilitiy CAP_NET_ADMIN | |||
2011-01-23 | Initial implementation of true transparent proxying on linux. | Stef Walter | |
2011-01-23 | Fix problem on linux not detecting netfilter header. | Stef Walter | |
2011-01-23 | Fix compiler warnings on 64-bit. | Stef Walter | |
2011-01-23 | Reorganize to better match git. | Stef Walter | |
2008-06-30 | 1.8 release | Stef Walter | |
2008-05-27 | - Make the XFOWARD HELO available as a environment variable in scripts. ↵ | Stef Walter | |
[Glenn Matthys] | |||
2007-10-26 | Fix uninitialized pid variable. | Stef Walter | |
2007-06-21 | Send an RSET to the server after filter fails some data. | Stef Walter | |
2007-05-28 | Use 'Stef' instead of 'Nate' | Stef Walter | |
2007-03-20 | - Resolve any DNS name for each connection. | Stef Walter | |
2007-03-20 | Fix version string. | Stef Walter | |
2006-11-14 | Version 1.6 | Stef Walter | |
2006-11-14 | Add header option back into proxsmtp | Stef Walter | |
2006-10-12 | Ignore built files | Stef Walter | |
2006-10-12 | Add strcasestr which is missing on solaris. | Stef Walter | |
2006-10-12 | Move last commit properly into 1.6 pre-release. | Stef Walter | |
2006-09-27 | - On FreeBSD fix problem where stderr wasn't processed when filter | Stef Walter | |
didn't read stdin. | |||
2006-09-27 | Commit release version increment. | Stef Walter | |
2006-08-30 | Bring in some changes from ClamSMTP | Stef Walter | |
2006-08-30 | - Added support for setting the REMOTE variable when an XFORWARD | Stef Walter | |
command is seen. |