diff --git a/src/auth.c b/src/auth.c index b7b3851..cbe3899 100644 --- a/src/auth.c +++ b/src/auth.c @@ -525,6 +525,7 @@ static void initbandlims (struct clientparam *param){ } } if(ibandlimsout[i] = NULL; + param->bandlimver = conf.bandlimver; } unsigned bandlimitfunc(struct clientparam *param, unsigned nbytesin, unsigned nbytesout){ @@ -550,7 +551,7 @@ unsigned bandlimitfunc(struct clientparam *param, unsigned nbytesin, unsigned nb if(!nbytesin && !nbytesout) return 0; pthread_mutex_lock(&bandlim_mutex); - if(param->paused != conf.paused && param->bandlimver != conf.paused){ + if(param->bandlimver != conf.bandlimver){ if(!conf.bandlimfunc){ param->bandlimfunc = NULL; pthread_mutex_unlock(&bandlim_mutex); @@ -643,35 +644,41 @@ int alwaysauth(struct clientparam * param){ if(conf.connlimiter && param->remsock == INVALID_SOCKET && startconnlims(param)) return 95; res = doconnect(param); if(!res){ - initbandlims(param); - for(tc = conf.trafcounter; tc; tc = tc->next) { - if(tc->disabled) continue; - if(ACLmatches(tc->ace, param)){ - if(tc->ace->action == NOCOUNTIN) break; - if(tc->ace->action != COUNTIN) { - countout = 1; - continue; - } - - if(tc->traflim64 <= tc->traf64) return 10; - param->trafcountfunc = conf.trafcountfunc; - param->maxtrafin64 = tc->traflim64 - tc->traf64; - } - } - if(countout)for(tc = conf.trafcounter; tc; tc = tc->next) { - if(tc->disabled) continue; - if(ACLmatches(tc->ace, param)){ - if(tc->ace->action == NOCOUNTOUT) break; - if(tc->ace->action != COUNTOUT) { - continue; - } - - if(tc->traflim64 <= tc->traf64) return 10; - param->trafcountfunc = conf.trafcountfunc; - param->maxtrafout64 = tc->traflim64 - tc->traf64; - } + if(conf.bandlimfunc && conf.bandlimiter){ + pthread_mutex_lock(&bandlim_mutex); + initbandlims(param); + pthread_mutex_unlock(&bandlim_mutex); } + if(conf.trafcountfunc && conf.trafcounter) { + pthread_mutex_lock(&tc_mutex); + for(tc = conf.trafcounter; tc; tc = tc->next) { + if(tc->disabled) continue; + if(ACLmatches(tc->ace, param)){ + if(tc->ace->action == NOCOUNTIN) break; + if(tc->ace->action != COUNTIN) { + countout = 1; + continue; + } + if(tc->traflim64 <= tc->traf64) return 10; + param->trafcountfunc = conf.trafcountfunc; + param->maxtrafin64 = tc->traflim64 - tc->traf64; + } + } + if(countout)for(tc = conf.trafcounter; tc; tc = tc->next) { + if(tc->disabled) continue; + if(ACLmatches(tc->ace, param)){ + if(tc->ace->action == NOCOUNTOUT) break; + if(tc->ace->action != COUNTOUT) { + continue; + } + if(tc->traflim64 <= tc->traf64) return 10; + param->trafcountfunc = conf.trafcountfunc; + param->maxtrafout64 = tc->traflim64 - tc->traf64; + } + } + pthread_mutex_unlock(&tc_mutex); + } } return res; } diff --git a/src/common.c b/src/common.c index 58f9f4b..aa73ce7 100644 --- a/src/common.c +++ b/src/common.c @@ -102,7 +102,7 @@ struct extparam conf = { NULL, 0, 0, -1, 0, 0, 0, 0, - 0, 500, 0, 0, 0, 0, + 0, 500, 0, 0, 0, 0, 0, 6, 600, 1048576, NULL, NULL, diff --git a/src/conf.c b/src/conf.c index afff2c9..c1d8875 100644 --- a/src/conf.c +++ b/src/conf.c @@ -372,6 +372,7 @@ static int h_daemon(int argc, unsigned char **argv){ static int h_config(int argc, unsigned char **argv){ if(conf.conffile)myfree(conf.conffile); conf.conffile = mystrdup((char *)argv[1]); + if(!conf.conffile) return 21; return 0; } @@ -478,6 +479,9 @@ static int h_auth(int argc, unsigned char **argv){ for(au = authfuncs; au; au=au->next){ if(!strcmp((char *)argv[argc], au->desc)){ newau = myalloc(sizeof(struct auth)); + if(!newau) { + return 21; + } newau->next = conf.authfuncs; conf.authfuncs = newau; conf.authfuncs->desc = au->desc; @@ -499,8 +503,7 @@ static int h_users(int argc, unsigned char **argv){ for (j = 1; juser = (unsigned char *)mystrdup((char *)argv[j]); + if((arg[1] == 'C' && arg[2] == 'L' && (pwl->pwtype = CL)) || (arg[1] == 'C' && arg[2] == 'R' && (pwl->pwtype = CR)) || (arg[1] == 'N' && arg[2] == 'T' && (pwl->pwtype = NT)) || @@ -522,7 +526,9 @@ static int h_users(int argc, unsigned char **argv){ pwl->password = (unsigned char *) mystrdup((char *)arg + 1); pwl->pwtype = UN; } + if(!pwl->password) return 3; } + if(!pwl->user) return 21; pthread_mutex_lock(&pwl_mutex); pwl->next = conf.pwl; conf.pwl = pwl; @@ -679,12 +685,14 @@ static int h_monitor(int argc, unsigned char **argv){ struct filemon * fm; fm = myalloc(sizeof (struct filemon)); + if(!fm) return 21; if(stat((char *)argv[1], &fm->sb)){ myfree(fm); fprintf(stderr, "Warning: file %s doesn't exist on line %d\n", argv[1], linenum); } else { fm->path = mystrdup((char *)argv[1]); + if(!fm->path) return 21; fm->next = conf.fmon; conf.fmon = fm; } @@ -705,8 +713,7 @@ static int h_parent(int argc, unsigned char **argv){ chains = myalloc(sizeof(struct chain)); if(!chains){ - fprintf(stderr, "Chainig error: unable to allocate memory for chain\n"); - return(2); + return(21); } memset(chains, 0, sizeof(struct chain)); chains->weight = (unsigned)atoi((char *)argv[1]); @@ -739,6 +746,7 @@ static int h_parent(int argc, unsigned char **argv){ getip46(46, argv[3], (struct sockaddr *)&chains->addr); #endif chains->exthost = (unsigned char *)mystrdup((char *)argv[3]); + if(!chains->exthost) return 21; *SAPORT(&chains->addr) = htons((unsigned short)atoi((char *)argv[4])); if(argc > 5) chains->extuser = (unsigned char *)mystrdup((char *)argv[5]); if(argc > 6) chains->extpass = (unsigned char *)mystrdup((char *)argv[6]); @@ -843,6 +851,7 @@ struct ace * make_ace (int argc, unsigned char ** argv){ } memset(userl, 0, sizeof(struct userlist)); userl->user=(unsigned char*)mystrdup((char *)arg); + if(!userl->user) return NULL; } while((arg = (unsigned char *)strtok((char *)NULL, ","))); } if(argc > 1 && strcmp("*", (char *)argv[1])) { @@ -1136,11 +1145,10 @@ static int h_ace(int argc, unsigned char **argv){ switch(acl->action){ case REDIRECT: acl->chains = myalloc(sizeof(struct chain)); - memset(acl->chains, 0, sizeof(struct chain)); if(!acl->chains) { - fprintf(stderr, "No memory for ACL entry, line %d\n", linenum); - return(2); + return(21); } + memset(acl->chains, 0, sizeof(struct chain)); acl->chains->type = R_HTTP; if(!getip46(46, argv[1], (struct sockaddr *)&acl->chains->addr)) return 5; *SAPORT(&acl->chains->addr) = htons((unsigned short)atoi((char *)argv[2])); @@ -1161,8 +1169,7 @@ static int h_ace(int argc, unsigned char **argv){ case NOCONNLIM: ncl = myalloc(sizeof(struct connlim)); if(!ncl) { - fprintf(stderr, "No memory to create connection limit filter\n"); - return(3); + return(21); } memset(ncl, 0, sizeof(struct connlim)); ncl->ace = acl; @@ -1188,8 +1195,7 @@ static int h_ace(int argc, unsigned char **argv){ nbl = myalloc(sizeof(struct bandlim)); if(!nbl) { - fprintf(stderr, "No memory to create band limit filter\n"); - return(3); + return(21); } memset(nbl, 0, sizeof(struct bandlim)); nbl->ace = acl; @@ -1223,7 +1229,7 @@ static int h_ace(int argc, unsigned char **argv){ bli->next = nbl; } } - + conf.bandlimver++; pthread_mutex_unlock(&bandlim_mutex); break; @@ -1235,8 +1241,7 @@ static int h_ace(int argc, unsigned char **argv){ case NOCOUNTALL: tl = myalloc(sizeof(struct trafcount)); if(!tl) { - fprintf(stderr, "No memory to create traffic limit filter\n"); - return(5); + return(21); } memset(tl, 0, sizeof(struct trafcount)); tl->ace = acl; @@ -1479,6 +1484,7 @@ static int h_chroot(int argc, unsigned char **argv){ *p = 0; } chrootp = mystrdup((char *)argv[1]); + if(!chrootp) return 21; } if (gid && setregid(gid,gid)) { fprintf(stderr, "Unable to set gid %d", (int)gid); @@ -1550,22 +1556,24 @@ struct commands commandhandlers[]={ {commandhandlers+44, "nocountin", h_ace, 1, 0}, {commandhandlers+45, "countout", h_ace, 4, 0}, {commandhandlers+46, "nocountout", h_ace, 1, 0}, - {commandhandlers+47, "connlim", h_ace, 4, 0}, - {commandhandlers+48, "noconnlim", h_ace, 1, 0}, - {commandhandlers+49, "plugin", h_plugin, 3, 0}, - {commandhandlers+50, "logdump", h_logdump, 2, 3}, - {commandhandlers+51, "filtermaxsize", h_filtermaxsize, 2, 2}, - {commandhandlers+52, "nolog", h_nolog, 1, 1}, - {commandhandlers+53, "weight", h_nolog, 2, 2}, - {commandhandlers+54, "authcache", h_authcache, 2, 3}, - {commandhandlers+55, "smtpp", h_proxy, 1, 0}, - {commandhandlers+56, "delimchar",h_delimchar, 2, 2}, - {commandhandlers+57, "authnserver", h_authnserver, 2, 2}, - {commandhandlers+58, "stacksize", h_stacksize, 2, 2}, - {commandhandlers+59, "force", h_force, 1, 1}, - {commandhandlers+60, "noforce", h_noforce, 1, 1}, + {commandhandlers+47, "countall", h_ace, 4, 0}, + {commandhandlers+48, "nocountall", h_ace, 1, 0}, + {commandhandlers+49, "connlim", h_ace, 4, 0}, + {commandhandlers+50, "noconnlim", h_ace, 1, 0}, + {commandhandlers+51, "plugin", h_plugin, 3, 0}, + {commandhandlers+52, "logdump", h_logdump, 2, 3}, + {commandhandlers+53, "filtermaxsize", h_filtermaxsize, 2, 2}, + {commandhandlers+54, "nolog", h_nolog, 1, 1}, + {commandhandlers+55, "weight", h_nolog, 2, 2}, + {commandhandlers+56, "authcache", h_authcache, 2, 3}, + {commandhandlers+57, "smtpp", h_proxy, 1, 0}, + {commandhandlers+58, "delimchar",h_delimchar, 2, 2}, + {commandhandlers+59, "authnserver", h_authnserver, 2, 2}, + {commandhandlers+60, "stacksize", h_stacksize, 2, 2}, + {commandhandlers+61, "force", h_force, 1, 1}, + {commandhandlers+62, "noforce", h_noforce, 1, 1}, #ifndef NORADIUS - {commandhandlers+61, "radius", h_radius, 3, 0}, + {commandhandlers+63, "radius", h_radius, 3, 0}, #endif {specificcommands, "", h_noop, 1, 0} }; @@ -1687,7 +1695,7 @@ int readconfig(FILE * fp){ argc = parsestr (buf, argv, NPARAMS-1, &buf, &inbuf, &bufsize); if(argc < 1) { fprintf(stderr, "Parse error line %d\n", linenum); - return(21); + return(11); } argv[argc] = NULL; if(!strcmp((char *)argv[0], "end") && argc == 1) { diff --git a/src/structures.h b/src/structures.h index 6e41a03..6848d33 100644 --- a/src/structures.h +++ b/src/structures.h @@ -572,7 +572,7 @@ struct extparam { struct srvparam *services; int stacksize, threadinit, counterd, haveerror, rotate, paused, archiverc, - demon, maxchild, needreload, timetoexit, version, noforce; + demon, maxchild, needreload, timetoexit, version, noforce, bandlimver; int authcachetype, authcachetime; int filtermaxsize; unsigned char *logname, **archiver;