- Description:
- The last popa3d from OpenBSD, changed to accept TLS 1.2 secure connections.
- Owner:
- Last Change:
- Clone URL:
Commit Briefs
Add BINDIR and MANDIR to Makefile to install in /usr/local (master)
add my name to the manpage sections AUTHORS and HISTORY and add on CAVEATS a little.
after (trying to) read of the libc's pw routines, I made the educated guess
that endpwent() is not needed here.
remove a crash condition if the user is root
remove a timeing a attack against users in the password database ie. if the user exists but is locked in some form the timing is longest for the strlen(pw->pw_passwd), for normal users the timing is medium near longest and for completely locked users (with passwd *) the timing is shortest...
select and write (with return value 0) were spinning, this should fix this
(and reduce cpu cycles)
do some CPU accounting for the TLS multiplexer, there is a setitimer that I
disabled in this commit that would cause a SIGVTALRM to go into a signal handler when a threshold of cpu time was used. May 14 10:37:31 orange popa3d[82360]: TLS multiplexer: parent of pid 35643 time used 8924 microseconds On my vps a session timeout uses arond 8 ms os CPU time, but this value is CPU dependent and not for all. I still think it's a worthy log.
set new timeout of 2 minutes
set new auth dummy salt make the server really close everything after 2 minutes (alarm)