From 8bf0d3f4aef1227eac0c38444677e2d5a01b9335 Mon Sep 17 00:00:00 2001 From: Vladimir Dubrovin <3proxy@3proxy.ru> Date: Mon, 20 Apr 2026 20:13:21 +0300 Subject: [PATCH] Fix authcachesize --- src/conf.c | 21 +++++++++++---------- src/hash.c | 26 ++++++++++++-------------- src/proxy.h | 2 +- src/structures.h | 6 +++--- 4 files changed, 27 insertions(+), 28 deletions(-) diff --git a/src/conf.c b/src/conf.c index a0606c7..1d1c84b 100644 --- a/src/conf.c +++ b/src/conf.c @@ -655,14 +655,14 @@ static int h_fakeresolve(int argc, unsigned char **argv){ } static int h_nscache(int argc, unsigned char **argv){ - int res; + unsigned res; - res = atoi((char *)argv[1]); + res = (unsigned)atoi((char *)argv[1]); if(res < 256) { fprintf(stderr, "Invalid NS cache size: %d\n", res); return 1; } - if(inithashtable(&dns_table, (unsigned)res)){ + if(inithashtable(&dns_table, (res << 2), (res << 2), res)){ fprintf(stderr, "Failed to initialize NS cache\n"); return 2; } @@ -678,14 +678,14 @@ static int h_parentretries(int argc, unsigned char **argv){ } static int h_nscache6(int argc, unsigned char **argv){ - int res; + unsigned res; - res = atoi((char *)argv[1]); + res = (unsigned)atoi((char *)argv[1]); if(res < 256) { fprintf(stderr, "Invalid NS cache size: %d\n", res); return 1; } - if(inithashtable(&dns6_table, (unsigned)res)){ + if(inithashtable(&dns6_table, (res<<2), (res<<2), res)){ fprintf(stderr, "Failed to initialize NS cache\n"); return 2; } @@ -1429,8 +1429,9 @@ static int h_radius(int argc, unsigned char **argv){ } #endif static int h_authcache(int argc, unsigned char **argv){ + int authcachesize = 0; + conf.authcachetype = 0; - int authcachesize; if(strstr((char *) *(argv + 1), "ip")) conf.authcachetype |= 1; if(strstr((char *) *(argv + 1), "user")) conf.authcachetype |= 2; if(strstr((char *) *(argv + 1), "pass")) conf.authcachetype |= 4; @@ -1438,14 +1439,14 @@ static int h_authcache(int argc, unsigned char **argv){ if(strstr((char *) *(argv + 1), "acl")) conf.authcachetype |= 16; if(strstr((char *) *(argv + 1), "ext")) conf.authcachetype |= 32; if(argc > 2) conf.authcachetime = (unsigned) atoi((char *) *(argv + 2)); - if(argc > 3) authcachesize = (unsigned) atoi((char *) *(argv + 2)); + if(argc > 3) authcachesize = (unsigned) atoi((char *) *(argv + 3)); if(!conf.authcachetype) conf.authcachetype = 6; if(!conf.authcachetime) conf.authcachetime = 600; - if(inithashtable(&auth_table, authcachesize? authcachesize : 4096)){ + if(!authcachesize) authcachesize = 65536*4; + if(inithashtable(&auth_table, 1024, 1024, authcachesize)){ fprintf(stderr, "Failed to initialize auth cache\n"); return 2; } - if(!authcachesize)auth_table.growlimit = 65536*4; return 0; } diff --git a/src/hash.c b/src/hash.c index 820c36a..a7055b8 100644 --- a/src/hash.c +++ b/src/hash.c @@ -35,9 +35,8 @@ void destroyhashtable(struct hashtable *ht){ #define hvalue(ht,I) ((struct hashentry *)(ht->hashvalues + (I-1)*(sizeof(struct hashentry) + ht->recsize - 4))) #define hhash(ht,I) ((ht->hashhashvalues + (I-1)*(ht->hash_size))) -int inithashtable(struct hashtable *ht, unsigned npoolsize){ +int inithashtable(struct hashtable *ht, unsigned tablesize, unsigned poolsize, unsigned growlimit){ unsigned i; - unsigned tablesize, poolsize; clock_t c; #ifdef _WIN32 @@ -52,8 +51,7 @@ int inithashtable(struct hashtable *ht, unsigned npoolsize){ #endif c = clock(); - poolsize = tablesize = (npoolsize >> 2); - if(tablesize < 2) return 1; + if(tablesize < 2 || poolsize < tablesize || growlimit < poolsize) return 1; pthread_mutex_lock(&hash_mutex); if(ht->ihashtable){ myfree(ht->ihashtable); @@ -82,7 +80,7 @@ int inithashtable(struct hashtable *ht, unsigned npoolsize){ } ht->poolsize = poolsize; ht->tablesize = tablesize; - ht->growlimit = npoolsize; + ht->growlimit = growlimit; memset(ht->ihashtable, 0, ht->tablesize * sizeof(uint32_t)); memset(ht->hashvalues, 0, ht->poolsize * (sizeof(struct hashentry) + ht->recsize - 4)); @@ -153,7 +151,7 @@ void hashadd(struct hashtable *ht, const void* name, const void* value, time_t e return; } - ht->index2hash(name, hash); + ht->index2hash(ht, name, hash); pthread_mutex_lock(&hash_mutex); index = hashindex(ht, hash); @@ -201,7 +199,7 @@ int hashresolv(struct hashtable *ht, const void* name, void* value, uint32_t *tt if(!ht || !ht->ihashtable || !name) { return 0; } - ht->index2hash(name, hash); + ht->index2hash(ht,name, hash); pthread_mutex_lock(&hash_mutex); index = hashindex(ht, hash); for(hep = ht->ihashtable + index; (he = *hep)!=0; ){ @@ -223,13 +221,13 @@ int hashresolv(struct hashtable *ht, const void* name, void* value, uint32_t *tt return 0; } -void char_index2hash(const void *index, uint8_t *hash){ +void char_index2hash(const struct hashtable *ht, const void *index, uint8_t *hash){ const char* name = index; - blake2b(hash, HASH_SIZE, index, strlen((const char*)index), NULL, 0); + blake2b(hash, ht->hash_size, index, strlen((const char*)index), NULL, 0); } -void param2hash(const void *index, uint8_t *hash){ +void param2hash(const struct hashtable *ht, const void *index, uint8_t *hash){ blake2b_state S; const struct clientparam *param = (struct clientparam *)index; @@ -238,9 +236,9 @@ void param2hash(const void *index, uint8_t *hash){ if((conf.authcachetype & 4) && param->password)blake2b_update(&S, param->password, strlen((const char *)param->password) + 1); if((conf.authcachetype & 1) && !(conf.authcachetype & 8))blake2b_update(&S, SAADDR(¶m->sincr), SAADDRLEN(¶m->sincr)); if((conf.authcachetype & 16))blake2b_update(&S, ¶m->srv->acl, sizeof(param->srv->acl)); - blake2b_final(&S, hash, HASH_SIZE); + blake2b_final(&S, hash, ht->hash_size); } -struct hashtable dns_table = {0, 0, 0, 4, HASH_SIZE, char_index2hash}; -struct hashtable dns6_table = {0, 0, 0, 16, HASH_SIZE, char_index2hash}; -struct hashtable auth_table = {0, 0, 0, sizeof(struct authcache), HASH_SIZE, param2hash}; +struct hashtable dns_table = {char_index2hash, 4, HASH_SIZE}; +struct hashtable dns6_table = {char_index2hash, 16, HASH_SIZE}; +struct hashtable auth_table = {param2hash, sizeof(struct authcache), HASH_SIZE}; diff --git a/src/proxy.h b/src/proxy.h index bb4df97..7770e94 100644 --- a/src/proxy.h +++ b/src/proxy.h @@ -244,7 +244,7 @@ void mschap(const unsigned char *win_password, const unsigned char *challenge, unsigned char *response); void destroyhashtable(struct hashtable *ht); -int inithashtable(struct hashtable *ht, unsigned nhashsize); +int inithashtable(struct hashtable *ht, unsigned tablesize, unsigned poolsize, unsigned growlimit); void hashadd(struct hashtable *ht, const void* name, const void* value, time_t expires); int hashresolv(struct hashtable *ht, const void* name, void* value, uint32_t *ttl); diff --git a/src/structures.h b/src/structures.h index d9732ab..a61595e 100644 --- a/src/structures.h +++ b/src/structures.h @@ -757,12 +757,12 @@ struct child { #define HASH_SIZE (16) struct hashtable { + void (*index2hash)(const struct hashtable *ht, const void *index, uint8_t *hash); + unsigned recsize; + unsigned hash_size; unsigned poolsize; unsigned tablesize; unsigned growlimit; - unsigned recsize; - unsigned hash_size; - void (*index2hash)(const void *index, unsigned char *hash); uint32_t * ihashtable; uint8_t * hashvalues; uint8_t * hashhashvalues;