When this code was moved from src/connection.c into src/tls_openssl.c
a return wouldn't break us out from kore_connection_handle() as
previously expected.
This ment that Kore would move the connection into established state
immediately even if SSL_accept() needed to read more.
This broke TLS client authentication as Kore its belts and suspenders
kept throwing a 403 due to the code not properly obtaining the client
certificate when expected.
The whole while (cnt-- >= 0) idiom is busted since cnt started
at 0 and if the first call to PyUnicode_FromStringAndSize() fails
then we're attempting to access -1.
use it in places explicit_bzero() used to be called.
The kore_mem_zero() is a best effort to try and let the compiler
not optimize the code away. Highly platform dependent.
This work moves all TLS / crypto related code into a tls_openssl.c
file and adds a tls_none.c which contains just stubs.
Allows compilation of Kore with TLS_BACKEND=none to remove building
against OpenSSL.
Also adds code for SHA1/SHA2 taken from openssh-portable so we don't
depend on those being present anymore in libcrypto.
It wasn't possible for the parent process to send messages
directly via kore_msg_send() to other worker processes.
This is now rectified to from the parent process one can call
kore_msg_send() with a worker destination and it'll work.
Wait for any process in our process group only instead of WAIT_ANY.
This allows the parent process to start subprocesses that end up
in different process groups which are handled in user code instead
completely (using signalfd for example).
Inside of the new route handlers the "authenticate" keyword can
be specified to let the route authenticate via a previously
configured authentication block.
The ability to do this went missing in a previous commit that overhauled
the routing structure of the configuration.
Just noticed the 5 seconds wasn't enough when renewing all
certificates in my own setup (i have about 30 ACME domains via Kore).
Bumped it to 30 seconds instead.
