ouroboros/src/irmd, branch be

irmd: Remove dead code

2026-03-14T10:24:06+00:00

The oap.c source code was split into separate modules in the oap/ folder but some of it was never correctly removed. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Fix certificate DER encoding and key buffers

2026-03-14T10:23:59+00:00

i2d_X509() allocated buf->data via OPENSSL_malloc(), but callers free it with freebuf() which uses free(). Fix by allocating with malloc() and encoding directly into the buffer. Also replaces MSGBUFSZ with CRYPT_KEY_BUFSZ (4096) for key material buffers and removes leftover debug logging. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

irmd: Relax test flow accept timeout

2026-03-14T10:23:47+00:00

The reg_test still had false-positive failures on slow machines / woodpecker. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Fix missing cleanup in authentication path

2026-03-14T10:23:24+00:00

When auth_verify_crt fails (e.g., missing root CA), crypt_get_pubkey_crt has already allocated pk but only crt was freed. Adds a crypt_cleanup() function to wrap OpenSSL_cleanup(), as OpenSSL lazily initializes a global decoder/provider registry the first time PEM_read_bio or OSSL_DECODER_CTX_new_for_pkey is called, and this leaves some memory owned by OpenSSL that triggers the leak sanitizer. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Add tests for missing root CA

2026-03-14T10:23:18+00:00

This adds authentication tests to verify flows are rejected with a missing root CA certificate in the store. Also adds one for the OAP protocol. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

irmd: Fix bad merge in reg.c

2026-02-22T17:33:20+00:00

A merge conflict was left unresolved, resulting in compilation errors. Signed-off-by: Sander Vrijders Signed-off-by: Dimitri Staessens

irmd: Fix memleak in reg tests

2026-02-22T15:06:49+00:00

Call freebuf(pbuf) before returning from each test thread function. Since clrbuf zeroes pbuf.data to NULL on the success path, free(NULL) is safe. On the failure path of reg_respond_*, it now properly frees the still-allocated data. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

irmd: Allow direct rbuff between local processes

2026-02-22T15:02:16+00:00

This allows bypassing the IPCP for local processes that share the same packet pool, lowering latency between processes to comparable levels as Unix sockets (RTT in the order of a microsecond). For local processes, no IPCPs are needed: $ irm b prog oping n oping $ oping -l Ouroboros ping server started. New flow 64. Received 64 bytes on fd 64. The direct IPC can be disabled with the DISABLE_DIRECT_IPC build flag. Note that this is needed for rumba 'local' experiments to emulate network topologies. Without this flag all processes will just communicate directly. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

build: Add git hash to version string

2026-02-18T07:02:16+00:00

Embed git commit hash into version.h and irmd --version output using git describe. Regenerated at build time to stay current across commits. Ouroboros version MAJOR.MINOR.PATCH (TAG-COMMITS-GHASH-dirty) Example for dirty work tree (uncommitted changes): $ irmd --version Ouroboros version 0.22.0 (0.22.0-36-g86dba544-dirty) Example after commit: $ sudo irmd --version Ouroboros version 0.22.0-37-g55fa9445 Officical release (on tag): Ouroboros version 0.22.0 Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Add struct llist for lists tracking len

2026-02-18T06:58:21+00:00

The DHT uses a struct {struct list_head, size_t len} pattern, which is also useful in the registry and other places. Having a struct llist (defined in list.h) with consistent macros for addition/deletion etc removes a lot of duplication and boilerplate and reduces the risk of inconsistent updates. The list management is now a macro-only implementation. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders