Re: beta release

monit-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: beta release

From:	Christian Hopp
Subject:	Re: beta release
Date:	Fri, 1 Nov 2002 17:33:48 +0100 (CET)

On 1 Nov 2002, Jan-Henrik Haukeland wrote:

> First thing first. I have added a simple ASSERT macro I strongly
> advise everyone to use to test values that must not be wrong, like
> input parameters in functions and so on. Here is an example on usage:
>
>      static int check_file(char *filename, char *description,
>                     int permmask) {
>
>        struct stat buf;
>        errno= 0;
>
>        ASSERT(filename);
>        ASSERT(description);

Jep! Whenever I see something I gonna include it.

> I found out that we need something like this when I got a SIGSEGV when
> I tested the ssl functions and did not add a client cert.

By bug or fiddling in the code???

(...)

> 2) ssl - Initialization and start.
>
>    a) Alternativly two flags should be set, one for httpds support and
>    one for client ssl support (like imaps).

httpdssl -> the ssl server support [en|dis]abled
clientssl -> client cert check of the  ssl server support [en|dis]abled
servicessl -> ssl service check support [en|dis]abled

(..)

>   We should use something like this instead:
>
>   if(use_ssl()) {
>     (...)

Affirmative! (-:

>  Where the following method or something like it should be defined in
>  ssl.c and supersede (that is replace) the method check_ssl_files:

I don't like it to be in ssl.c.  The first plan of mine for ssl.c to
let it know the least of monit.  Unfortunately I implemented the
clientcert stuff later. So, I still have this ugly Run.clienthttpdpem
stuff in it.  It's on TODO: Clean up of ssl.c .

I prefer it to be in monitor.c, cause it has more the taste of an init
func  for monit.

Maybe we should build an init.c file to place there all the
initialization stuff from monitor.c.

Then we should clean up monitor.h.  All prototypes with do not belong
to monitor.c should be placed to an appropriate header file.

>  int use_ssl() {
>
>     (...)
>
>   }

I have made something following your sketch.

Furthermore I have filled ssl.c and the process stuff with appropriate
ASSERT statements.

Actually we don't need the start_ssl anymore in monitor.c.  I have
made ssl.c completely self initializing upon first object creation.
This is necessary, because I already use the ssl.c when the config
file is parsed for creating the ssl sockets for the services.

We can make use_ssl just to check all the necessary files.

> So I propose that we postpone the beta release until everything is tip
> top, what do you think?

Good idea.  Monit is a security related software.  And the code should
reflect it.  That includes that we have a critical eye on each others
code.

Christian

-- 
Christian Hopp                                email: address@hidden
Institut für Elektrische Informationstechnik             fon: +49-5323-72-2113
Technische Universität Clausthal                         fax: +49-5323-72-3197
  pgpkey: https://www.iei.tu-clausthal.de/pgp-keys/chopp.key.asc  (2001-11-22)

[Prev in Thread]

Current Thread

[Next in Thread]

beta release, Jan-Henrik Haukeland, 2002/11/01
- Re: beta release, Jan-Henrik Haukeland, 2002/11/01
- Re: beta release, Christian Hopp <=
  - RE: beta release, Jan-Henrik Haukeland, 2002/11/01
    - Re: beta release, Martin Pala, 2002/11/03

Prev by Date: monit monit.pod
Next by Date: Re: Problem with running monit from init and using 'kill -9' on linux
Previous by thread: Re: beta release
Next by thread: RE: beta release
Index(es):
- Date
- Thread