... at least I was smart enough to remind me that I did not do
one test ;) That reminder was the compiler error. Now removed and
test done ;) [simple things tend to work, lol]
omudpspoof is now a dedicated output module. It's calling semantics so far
are based on omfwd, plus the need for the template to have the IP address
as a string in the starting position.
This patch disables non-spoofed mode, it is primarily a code contribution
to facilitate building a full-blown, configurable spoofing capabity. But
obviously it can also be used in cases where only spoofing is desired.
Signed-off-by: Rainer Gerhards <rgerhards@adiscon.com>
- bugfix: invalid error message issued if $inlcudeConfig was on an empty
set of files (e.g. *.conf, where none such files existed)
thanks to Michael Biebl for reporting this bug
- bugfix: when run in foreground (but not in debug mode), a
debug message ("DoDie called") was emitted at shutdown. Removed.
thanks to Michael Biebl for reporting this bug
- bugfix: some garbagge was emitted to stderr on shutdown. This
garbage consisted of file names, which were written during
startup (key point: not a pointer error)
thanks to Michael Biebl for reporting this bug
- bugfix: startup and shutdown message were emitted to stdout
thanks to Michael Biebl for reporting this bug
... by moving code to stream.c. Thanks to the new design, new cases are
not really needed, resulting in cleaner code.
I also did a cleanup of header file usage as a side-activity.
New config directive $ActionSendUDPRebindInterval
added for the purpose. By default, rebinding is disabled. This is
considered useful for load balancers.
the ai_socktype was incorrectly set to 1. On some platforms, this
lead to failing name resolution (e.g. FreeBSD 7). Thanks to HKS for
reporting the bug.
Conflicts:
ChangeLog
conf.c
doc/Makefile.am
doc/manual.html
omfwd.c
plugins/omgssapi/omgssapi.c
This was a bit hard to merge; if there are problems, they
may be in the area of the new "comment in action line" code
that came from the beta.
$ActionSendStreamDriverCertFingerprint is now
$ActionSendStreamDriverPermittedPeer and can be used both for
fingerprint and name authentication (similar to the input side)
The TLS server now checks the client fingerprint. This works, but
is highly experimental. Needs to be refined for practice. Also:
- implemented permittedPeers helper construct to store names
- changed omfwd implementation to use new permittedPeers
- made action logic pass optional auth params only if they are
actually configured
- added new authMode and Fingerprint methods to ptcp netstream
driver (keeping them once again generic)
- added diagnostics messages when invalid auth modes were
configured
This is very experimental and needs some more work. It probably even
segfaults - but the base code is there and running. The rest is
refinement.
While working on this, I did these two bugfixes:
- bugfix: small mem leak in omfwd on exit (strmdriver name was not freed)
- bugfix: $ActionSendStreamDriver had no effect
