This commit includes strict, but still compatible, service hardening for
transmission-daemon.service. The main goal is a defense-in-depth
strategy that protects users from unknown vulnerabilities in
transmission.
In practice, transmission does not use any of the features that are
blocked in this hardening. However, this is still a network facing
daemon that, by design, accepts connections from unknown peers. So
better safe than sorry.
This commit also installs the service via CMake
Co-authored-by: LaserEyess <LaserEyess@users.noreply.github.com>
* refactor: do not use tr_strlcpy() in tr_strratio()
* refactor: do not use tr_strlcpy() in bindUnixSocket()
* refactor: do not use tr_strlcpy() in trackerView()
* chore: remove tr_strlcpy() unit tests
* chore: remove tr_strlcpy()
* chore: remove -DHAVE_STRLCPY from Xcode build
* fixup! refactor: do not use tr_strlcpy() in trackerView()
chore: fix copypaste bug
* refactor: do not u se tr_str_is_empty() in tr_torrentSetLocation()
* refactor: do not use tr_str_is_empty() in remote.cc
* refactor: do not use tr_str_is_empty() in subprocess-win32
* refactor: remove tr_str_is_empty()
* Use screen.visibleFrame instead of screen.frame
NSScreen.frame does not account for the dock, which can be at the bottom or any of the sides. As a result, layout errors that smash things into the dock can occur in the Y or X direction. visibleFrame accounts for the dock.
Should fix#4779. Untested.
* Update TorrentTableView.mm
* Remove -= 50 in max height calculation
* fix: don't check `total_size` against `metadata_size_hint`
* refactor: remove `metadata_size_hint`
* refactor: restart metadata transfer from scratch on failing
* refactor: make tr_block_info::init_sizes() private
* refactor: remove unuse tr_file_piece_map::empty()
* refactor: remove tr_file_priorities::reset()
* refactor: remove tr_files_wanted::reset()
* refactor: rename method to tr_file_piece_map::piece_span_for_file()
more consistent naming with tr_block_info
* refactor: rename method to tr_file_piece_map::file_span_for_piece()
more consistent naming with tr_block_info
* refactor: use standard class field order in tr_block_info
* refactor: move CompareToSpan from header to cc file
* refactor: make tr_file_piece_map::reset() private
* refactor: rename method to tr_file_piece_map::file_count()
* refactor: rename method to tr_file_piece_map::byte_span_for_file()
* refactor: constify tr_block_info function args
* refactor: fix more signed vs unsigned
* refactor: move tr_preallocation_mode info tr_open_files
* refactor: remove unnecessary error nullptr check
* refactor: use snake_case for private method names in inout.cc
* refactor: extract-method get_fd() from read_or_write_bytes()
* refactor: make function args const where possible
* refactor: simplify read_or_write_bytes()
* refactor: make buflen a uint64_t in read_or_write_piece()
* refactor: move tr_torrentStop() logic from read_or_write_piece() to tr_ioWrite()
* refactor: make tr_ioFoo() functions take a const torrent
* refactor: make tr_cache::close_torrent_files() take a tor_id instead of a torrent
* perf: parse the .resume file contents inplace
* perf: use unmanaged strings in make_torrent_field()
* perf: accept moved strings in tr_error::set()
* perf: use small::vector in tr_peerMsgsImpl::sendPex()
the expected pex size is predictable and fits easily on the stack