bughz/tinyproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
192f8194e1
tinyproxy/src/main.c

429 lines
12 KiB
C
Raw Normal View History

Updated copyright, license notices in source code The notices have been changed to a more GNU look. Documentation comments have been separated from the copyright header. I've tried to keep all copyright notices intact. Some author contact details have been updated.
2008-05-24 16:05:49 +08:00
/* tinyproxy - A fast light-weight HTTP proxy
add muks' and my (C) to the main.c boilerplate comment. Michael
2009-10-07 07:08:03 +08:00
*
Updated copyright, license notices in source code The notices have been changed to a more GNU look. Documentation comments have been separated from the copyright header. I've tried to keep all copyright notices intact. Some author contact details have been updated.
2008-05-24 16:05:49 +08:00
* Copyright (C) 1998 Steven Young <sdyoung@miranda.org>
* Copyright (C) 1998-2002 Robert James Kaes <rjkaes@users.sourceforge.net>
* Copyright (C) 2000 Chris Lightfoot <chris@ex-parrot.com>
Happy new year 2010!
2010-01-10 20:51:33 +08:00
* Copyright (C) 2009-2010 Mukund Sivaraman <muks@banu.com>
* Copyright (C) 2009-2010 Michael Adam <obnox@samba.org>
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
*
Updated copyright, license notices in source code The notices have been changed to a more GNU look. Documentation comments have been separated from the copyright header. I've tried to keep all copyright notices intact. Some author contact details have been updated.
2008-05-24 16:05:49 +08:00
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/* The initialize routine. Basically sets up all the initial stuff (logfile,
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
* listening socket, config options, etc.) and then sits there and loops
* over the new connections until the daemon is closed. Also has additional
* functions to handle the "user friendly" aspects of a program (usage,
* stats, etc.) Like any good program, most of the work is actually done
* elsewhere.
*/
Rename tinyproxy.[ch] to main.[ch]
2009-08-07 06:12:53 +08:00
#include "main.h"
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
Fixed the change user/group ability. Log when tinyproxy is using default values rather than specific ones. Cleaned up the command line arguments since tinyproxy now uses a configuration file. Removed the USR1 signal and added the thread creation code.
2000-09-12 08:03:53 +08:00
#include "anonymous.h"
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
#include "buffer.h"
Rename conffile.[ch] to conf.[ch]
2009-09-21 12:11:59 +08:00
#include "conf.h"
Added a new signal handler to handle SIGCHLD signals because of the new dnsserver child process. Changed the set signal calls to use our new set_signal_handler() function. Added code to start the "dnsserver" child process.
2002-05-24 02:27:01 +08:00
#include "daemon.h"
#include "heap.h"
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
#include "filter.h"
Removed all the code relating to the DNS API (dnsclient.h) as it's no longer needed with the new pre-forked model.
2002-05-27 02:52:23 +08:00
#include "child.h"
Fixed the change user/group ability. Log when tinyproxy is using default values rather than specific ones. Cleaned up the command line arguments since tinyproxy now uses a configuration file. Removed the USR1 signal and added the thread creation code.
2000-09-12 08:03:53 +08:00
#include "log.h"
#include "reqs.h"
#include "sock.h"
#include "stats.h"
#include "utils.h"
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
Updated copyright, license notices in source code The notices have been changed to a more GNU look. Documentation comments have been separated from the copyright header. I've tried to keep all copyright notices intact. Some author contact details have been updated.
2008-05-24 16:05:49 +08:00
/*
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
* Global Structures
*/
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
struct config_s *config;
conf: use 2 swappable conf slots, so old config can stay valid ... in case reloading of it after SIGHUP fails, the old config can continue working. (apart from the logging-related issue mentioned in 27d96df99900c5a62ab0fdf2a37565e78f256d6a )
2020-01-16 01:02:22 +08:00
static struct config_s configs[2];
remove config file name item from conf struct since this is set via command line, we can deal with it easily from where it is actually needed.
2020-01-15 23:42:20 +08:00
static const char* config_file;
Convert tabs to spaces
2008-12-08 21:39:44 +08:00
unsigned int received_sighup = FALSE; /* boolean */
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
conf: use 2 swappable conf slots, so old config can stay valid ... in case reloading of it after SIGHUP fails, the old config can continue working. (apart from the logging-related issue mentioned in 27d96df99900c5a62ab0fdf2a37565e78f256d6a )
2020-01-16 01:02:22 +08:00
static struct config_s*
get_next_config(void)
{
if (config == &configs[0]) return &configs[1];
return &configs[0];
}
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
/*
* Handle a signal
*/
build: Remove use of the obsolete AC_TYPE_SIGNAL macro C89 compilers use void return type for signal handler functions.
2009-09-20 16:33:56 +08:00
static void
Minor indenting changes
2009-09-15 06:23:35 +08:00
takesig (int sig)
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
{
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
pid_t pid;
int status;
Added a new signal handler to handle SIGCHLD signals because of the new dnsserver child process. Changed the set signal calls to use our new set_signal_handler() function. Added code to start the "dnsserver" child process.
2002-05-24 02:27:01 +08:00
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
switch (sig) {
allow SIGUSR1 to be used as an alternative to SIGHUP this allows a tinyproxy session in terminal foreground mode to reload its configuration without dropping active connections.
2020-09-07 06:11:19 +08:00
case SIGUSR1:
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
case SIGHUP:
received_sighup = TRUE;
break;
Moved the log rotation code out of the signal handler and into it's own function. The signal handler now simply sets a flag which is monitored inside the thread_main_loop() function. The log rotation code has also been tightened to handle any error conditions better. Credit to Petr Lampa for suggesting that system functions inside of a signal handler is bad magic.
2002-04-19 00:57:06 +08:00
simplify codebase by using one thread/conn, instead of preforked procs the existing codebase used an elaborate and complex approach for its parallelism: 5 different config file options, namely - MaxClients - MinSpareServers - MaxSpareServers - StartServers - MaxRequestsPerChild were used to steer how (and how many) parallel processes tinyproxy would spin up at start, how many processes at each point needed to be idle, etc. it seems all preforked processes would listen on the server port and compete with each other about who would get assigned the new incoming connections. since some data needs to be shared across those processes, a half- baked "shared memory" implementation was provided for this purpose. that implementation used to use files in the filesystem, and since it had a big FIXME comment, the author was well aware of how hackish that approach was. this entire complexity is now removed. the main thread enters a loop which polls on the listening fds, then spins up a new thread per connection, until the maximum number of connections (MaxClients) is hit. this is the only of the 5 config options left after this cleanup. since threads share the same address space, the code necessary for shared memory access has been removed. this means that the other 4 mentioned config option will now produce a parse error, when encountered. currently each thread uses a hardcoded default of 256KB per thread for the thread stack size, which is quite lavish and should be sufficient for even the worst C libraries, but people may want to tweak this value to the bare minimum, thus we may provide a new config option for this purpose in the future. i suspect that on heavily optimized C libraries such a musl, a stack size of 8-16 KB per thread could be sufficient. since the existing list implementation in vector.c did not provide a way to remove a single item from an existing list, i added my own list implementation from my libulz library which offers this functionality, rather than trying to add an ad-hoc, and perhaps buggy implementation to the vector_t list code. the sblist code is contained in an 80 line C file and as simple as it can get, while offering good performance and is proven bugfree due to years of use in other projects.
2018-12-17 08:23:09 +08:00
case SIGINT:
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
case SIGTERM:
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
config->quit = TRUE;
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
break;
Added a new signal handler to handle SIGCHLD signals because of the new dnsserver child process. Changed the set signal calls to use our new set_signal_handler() function. Added code to start the "dnsserver" child process.
2002-05-24 02:27:01 +08:00
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
case SIGCHLD:
while ((pid = waitpid (-1, &status, WNOHANG)) > 0) ;
break;
}
Fixed a problem with polling for the number of active threads. No longer polls. :)
2000-12-08 11:35:07 +08:00
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
return;
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
}
/*
Fixed the change user/group ability. Log when tinyproxy is using default values rather than specific ones. Cleaned up the command line arguments since tinyproxy now uses a configuration file. Removed the USR1 signal and added the thread creation code.
2000-09-12 08:03:53 +08:00
* Display the version information for the user.
*/
Minor indenting changes
2009-09-15 06:23:35 +08:00
static void
display_version (void)
Fixed the change user/group ability. Log when tinyproxy is using default values rather than specific ones. Cleaned up the command line arguments since tinyproxy now uses a configuration file. Removed the USR1 signal and added the thread creation code.
2000-09-12 08:03:53 +08:00
{
Remove the target system information when the version is displayed If we require information about the runtime environment, it can be found using the uname program. And binutils can tell about what the tinyproxy binary contains. Tinyproxy doesn't have to report this information.
2009-09-20 15:10:52 +08:00
printf ("%s %s\n", PACKAGE, VERSION);
Renamed versiondisp() to display_version() and added the PACKAGE, VERSION, and TARGET_SYSTEM into the version list. Also moved the license into a separate function. Renamed usagedisp() to display_usage(). Fixed a problem where the anonymous search tree was being created _after_ it was being accessed.
2001-08-27 05:17:30 +08:00
}
Fixed the change user/group ability. Log when tinyproxy is using default values rather than specific ones. Cleaned up the command line arguments since tinyproxy now uses a configuration file. Removed the USR1 signal and added the thread creation code.
2000-09-12 08:03:53 +08:00
/*
* Display usage to the user.
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
*/
Minor indenting changes
2009-09-15 06:23:35 +08:00
static void
display_usage (void)
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
{
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
int features = 0;
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
printf ("Usage: %s [options]\n", PACKAGE);
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
printf ("\n"
"Options are:\n"
" -d Do not daemonize (run in foreground).\n"
" -c FILE Use an alternate configuration file.\n"
" -h Display this usage information.\n"
" -v Display version information.\n");
Fixed the change user/group ability. Log when tinyproxy is using default values rather than specific ones. Cleaned up the command line arguments since tinyproxy now uses a configuration file. Removed the USR1 signal and added the thread creation code.
2000-09-12 08:03:53 +08:00
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
/* Display the modes compiled into tinyproxy */
printf ("\nFeatures compiled in:\n");
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
Fixed the change user/group ability. Log when tinyproxy is using default values rather than specific ones. Cleaned up the command line arguments since tinyproxy now uses a configuration file. Removed the USR1 signal and added the thread creation code.
2000-09-12 08:03:53 +08:00
#ifdef XTINYPROXY_ENABLE
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
printf (" XTinyproxy header\n");
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
features++;
Reformat code to GNU coding style This is a commit which simply ran all C source code files through GNU indent. No other modifications were made.
2008-12-01 23:01:11 +08:00
#endif /* XTINYPROXY */
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
#ifdef FILTER_ENABLE
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
printf (" Filtering\n");
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
features++;
Reformat code to GNU coding style This is a commit which simply ran all C source code files through GNU indent. No other modifications were made.
2008-12-01 23:01:11 +08:00
#endif /* FILTER_ENABLE */
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
#ifndef NDEBUG
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
printf (" Debugging code\n");
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
features++;
Reformat code to GNU coding style This is a commit which simply ran all C source code files through GNU indent. No other modifications were made.
2008-12-01 23:01:11 +08:00
#endif /* NDEBUG */
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
(display_usage): Added a message indicating whether transparent proxy support has been compiled in.
2002-06-07 04:28:02 +08:00
#ifdef TRANSPARENT_PROXY
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
printf (" Transparent proxy support\n");
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
features++;
Reformat code to GNU coding style This is a commit which simply ran all C source code files through GNU indent. No other modifications were made.
2008-12-01 23:01:11 +08:00
#endif /* TRANSPARENT_PROXY */
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
Added reverse proxy support from Kim Holviala. His comments regarding this addition follow: The patch implements a simple reverse proxy (with one funky extra feature). It has all the regular features: mapping remote servers to local namespace (ReversePath), disabling forward proxying (ReverseOnly) and HTTP redirect rewriting (ReverseBaseURL). The funky feature is this: You map Google to /google/ and the Google front page opens up fine. Type in stuff and click "Google Search" and you'll get an error from tinyproxy. Reason for this is that Google's form submits to "/search" which unfortunately bypasses our /google/ mapping (if they'd submit to "search" without the slash it would have worked ok). Turn on ReverseMagic and it starts working.... ReverseMagic "hijacks" one cookie which it sends to the client browser. This cookie contains the current reverse proxy path mapping (in the above case /google/) so that even if the site uses absolute links the reverse proxy still knows where to map the request. And yes, it works. No, I've never seen this done before - I couldn't find _any_ working OSS reverse proxies, and the commercial ones I've seen try to parse the page and fix all links (in the above case changing "/search" to "/google/search"). The problem with modifying the html is that it might not be parsable (very common) or it might be encoded so that the proxy can't read it (mod_gzip or likes). Hope you like that patch. One caveat - I haven't coded with C in like three years so my code might be a bit messy.... There shouldn't be any security problems thou, but you never know. I did all the stuff out of my memory without reading any RFC's, but I tested everything with Moz, Konq, IE6, Links and Lynx and they all worked fine.
2004-01-27 03:11:52 +08:00
#ifdef REVERSE_SUPPORT
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
printf (" Reverse proxy support\n");
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
features++;
Reformat code to GNU coding style This is a commit which simply ran all C source code files through GNU indent. No other modifications were made.
2008-12-01 23:01:11 +08:00
#endif /* REVERSE_SUPPORT */
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
Display upstream proxy support in usage message
2010-02-18 01:41:45 +08:00
#ifdef UPSTREAM_SUPPORT
printf (" Upstream proxy support\n");
features++;
#endif /* UPSTREAM_SUPPORT */
Modify usage help text shown when Tinyproxy is run with -h
2009-09-26 15:00:54 +08:00
if (0 == features)
printf (" None\n");
printf ("\n"
Update help text a little
2010-02-17 02:59:29 +08:00
"For support and bug reporting instructions, please visit\n"
update URL
2016-01-04 05:16:21 +08:00
"<https://tinyproxy.github.io/>.\n");
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
}
Minor indenting changes
2009-09-15 06:23:35 +08:00
static int
get_id (char *str)
Allow numeric uid/gids in User and Group directives This change allows numeric uid/gids to be specified in the User and Group directives in tinyproxy.conf. Formerly, only username and group names were accepted. This fixes bug #15, which was created after looking at a case on the OpenWrt wiki. X-Banu-Bugzilla-Ids: 15
2008-07-14 20:10:20 +08:00
{
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
char *tstr;
Allow numeric uid/gids in User and Group directives This change allows numeric uid/gids to be specified in the User and Group directives in tinyproxy.conf. Formerly, only username and group names were accepted. This fixes bug #15, which was created after looking at a case on the OpenWrt wiki. X-Banu-Bugzilla-Ids: 15
2008-07-14 20:10:20 +08:00
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
if (str == NULL)
return -1;
Allow numeric uid/gids in User and Group directives This change allows numeric uid/gids to be specified in the User and Group directives in tinyproxy.conf. Formerly, only username and group names were accepted. This fixes bug #15, which was created after looking at a case on the OpenWrt wiki. X-Banu-Bugzilla-Ids: 15
2008-07-14 20:10:20 +08:00
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
tstr = str;
while (*tstr != 0) {
if (!isdigit (*tstr))
return -1;
tstr++;
}
Allow numeric uid/gids in User and Group directives This change allows numeric uid/gids to be specified in the User and Group directives in tinyproxy.conf. Formerly, only username and group names were accepted. This fixes bug #15, which was created after looking at a case on the OpenWrt wiki. X-Banu-Bugzilla-Ids: 15
2008-07-14 20:10:20 +08:00
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
return atoi (str);
Allow numeric uid/gids in User and Group directives This change allows numeric uid/gids to be specified in the User and Group directives in tinyproxy.conf. Formerly, only username and group names were accepted. This fixes bug #15, which was created after looking at a case on the OpenWrt wiki. X-Banu-Bugzilla-Ids: 15
2008-07-14 20:10:20 +08:00
}
Add doc for change_user()
2009-09-15 04:30:20 +08:00
/**
* change_user:
* @program: The name of the program. Pass argv[0] here.
*
* This function tries to change UID and GID to the ones specified in
* the config file. This function is typically called during
* initialization when the effective user is root.
**/
Extract setuid/setgid code into a function
2009-09-15 04:23:07 +08:00
static void
change_user (const char *program)
{
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
if (config->group && strlen (config->group) > 0) {
int gid = get_id (config->group);
Extract setuid/setgid code into a function
2009-09-15 04:23:07 +08:00
if (gid < 0) {
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
struct group *thisgroup = getgrnam (config->group);
Extract setuid/setgid code into a function
2009-09-15 04:23:07 +08:00
if (!thisgroup) {
fprintf (stderr,
"%s: Unable to find group \"%s\".\n",
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
program, config->group);
Extract setuid/setgid code into a function
2009-09-15 04:23:07 +08:00
exit (EX_NOUSER);
}
gid = thisgroup->gr_gid;
}
if (setgid (gid) < 0) {
fprintf (stderr,
"%s: Unable to change to group \"%s\".\n",
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
program, config->group);
Return correct error status when setuid() or setgid() fails
2009-09-15 04:24:26 +08:00
exit (EX_NOPERM);
Extract setuid/setgid code into a function
2009-09-15 04:23:07 +08:00
}
[BB#115] Drop supplementary groups Supplementary groups are inherited from the calling process. Drop all supplementary groups if the "Group" configuration directive is set to change to a different user. Otherwise the process may have more rights than expected. Reviewed-by: Michael Adam <obnox@samba.org>
2013-09-09 14:33:48 +08:00
#ifdef HAVE_SETGROUPS
/* Drop all supplementary groups, otherwise these are inherited from the calling process */
if (setgroups (0, NULL) < 0) {
fprintf (stderr,
"%s: Unable to drop supplementary groups.\n",
program);
exit (EX_NOPERM);
}
#endif
Extract setuid/setgid code into a function
2009-09-15 04:23:07 +08:00
log_message (LOG_INFO, "Now running as group \"%s\".",
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
config->group);
Extract setuid/setgid code into a function
2009-09-15 04:23:07 +08:00
}
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
if (config->user && strlen (config->user) > 0) {
int uid = get_id (config->user);
Extract setuid/setgid code into a function
2009-09-15 04:23:07 +08:00
if (uid < 0) {
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
struct passwd *thisuser = getpwnam (config->user);
Extract setuid/setgid code into a function
2009-09-15 04:23:07 +08:00
if (!thisuser) {
fprintf (stderr,
"%s: Unable to find user \"%s\".\n",
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
program, config->user);
Extract setuid/setgid code into a function
2009-09-15 04:23:07 +08:00
exit (EX_NOUSER);
}
uid = thisuser->pw_uid;
}
if (setuid (uid) < 0) {
fprintf (stderr,
"%s: Unable to change to user \"%s\".\n",
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
program, config->user);
Return correct error status when setuid() or setgid() fails
2009-09-15 04:24:26 +08:00
exit (EX_NOPERM);
Extract setuid/setgid code into a function
2009-09-15 04:23:07 +08:00
}
log_message (LOG_INFO, "Now running as user \"%s\".",
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
config->user);
Extract setuid/setgid code into a function
2009-09-15 04:23:07 +08:00
}
}
main: add convenience wrapper reload_config() for reload_config_file() Michael
2009-12-22 06:37:17 +08:00
/**
* convenience wrapper around reload_config_file
enhance reload_config to correctly re-initialize the logging subsystem. This includes reopening the log file (in append mode). Also switching from syslog to logfile and visa versa are included when called from the SIGHUP handler. Michael
2009-12-23 07:18:31 +08:00
* that also re-initializes logging.
main: add convenience wrapper reload_config() for reload_config_file() Michael
2009-12-22 06:37:17 +08:00
*/
remove duplicate code calling reload_config_file() as a side effect of not updating the config pointer when loading the config file fails, the "FIXME" level comment to take appropriate action in that case has been removed. the only issue remaining when receiving a SIGHUP and encountering a malformed config file would now be the case that output to syslog/logfile won't be resumed, if initially so configured.
2020-01-16 00:35:43 +08:00
int reload_config (int reload_logging)
main: add convenience wrapper reload_config() for reload_config_file() Michael
2009-12-22 06:37:17 +08:00
{
int ret;
conf: use 2 swappable conf slots, so old config can stay valid ... in case reloading of it after SIGHUP fails, the old config can continue working. (apart from the logging-related issue mentioned in 27d96df99900c5a62ab0fdf2a37565e78f256d6a )
2020-01-16 01:02:22 +08:00
struct config_s *c_next = get_next_config();
main: add convenience wrapper reload_config() for reload_config_file() Michael
2009-12-22 06:37:17 +08:00
remove duplicate code calling reload_config_file() as a side effect of not updating the config pointer when loading the config file fails, the "FIXME" level comment to take appropriate action in that case has been removed. the only issue remaining when receiving a SIGHUP and encountering a malformed config file would now be the case that output to syslog/logfile won't be resumed, if initially so configured.
2020-01-16 00:35:43 +08:00
if (reload_logging) shutdown_logging ();
enhance reload_config to correctly re-initialize the logging subsystem. This includes reopening the log file (in append mode). Also switching from syslog to logfile and visa versa are included when called from the SIGHUP handler. Michael
2009-12-23 07:18:31 +08:00
conf: use 2 swappable conf slots, so old config can stay valid ... in case reloading of it after SIGHUP fails, the old config can continue working. (apart from the logging-related issue mentioned in 27d96df99900c5a62ab0fdf2a37565e78f256d6a )
2020-01-16 01:02:22 +08:00
ret = reload_config_file (config_file, c_next);
remove duplicate code calling reload_config_file() as a side effect of not updating the config pointer when loading the config file fails, the "FIXME" level comment to take appropriate action in that case has been removed. the only issue remaining when receiving a SIGHUP and encountering a malformed config file would now be the case that output to syslog/logfile won't be resumed, if initially so configured.
2020-01-16 00:35:43 +08:00
enhance reload_config to correctly re-initialize the logging subsystem. This includes reopening the log file (in append mode). Also switching from syslog to logfile and visa versa are included when called from the SIGHUP handler. Michael
2009-12-23 07:18:31 +08:00
if (ret != 0) {
goto done;
}
fix free()ing of config items - we need to free the config after it has been succesfully loaded, not unconditionally before reloading. - we also need to free them before exiting from the main program to have clean valgrind output.
2020-09-16 06:01:44 +08:00
if(config) free_config (config);
conf: use 2 swappable conf slots, so old config can stay valid ... in case reloading of it after SIGHUP fails, the old config can continue working. (apart from the logging-related issue mentioned in 27d96df99900c5a62ab0fdf2a37565e78f256d6a )
2020-01-16 01:02:22 +08:00
config = c_next;
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
remove duplicate code calling reload_config_file() as a side effect of not updating the config pointer when loading the config file fails, the "FIXME" level comment to take appropriate action in that case has been removed. the only issue remaining when receiving a SIGHUP and encountering a malformed config file would now be the case that output to syslog/logfile won't be resumed, if initially so configured.
2020-01-16 00:35:43 +08:00
if (reload_logging) ret = setup_logging ();
main: add convenience wrapper reload_config() for reload_config_file() Michael
2009-12-22 06:37:17 +08:00
enhance reload_config to correctly re-initialize the logging subsystem. This includes reopening the log file (in append mode). Also switching from syslog to logfile and visa versa are included when called from the SIGHUP handler. Michael
2009-12-23 07:18:31 +08:00
done:
main: add convenience wrapper reload_config() for reload_config_file() Michael
2009-12-22 06:37:17 +08:00
return ret;
}
main.c: remove set_signal_handler code duplication
2020-09-07 06:08:10 +08:00
static void setup_sig(int sig, signal_func *sigh,
const char* signame, const char* argv0) {
if (set_signal_handler (sig, sigh) == SIG_ERR) {
fprintf (stderr, "%s: Could not set the \"%s\" signal.\n",
argv0, signame);
exit (EX_OSERR);
}
}
Extract cmdline parsing code into a function
2009-09-15 04:04:30 +08:00
int
main (int argc, char **argv)
{
remove godaemon member from config structure since this option can't be set via config file, it makes sense to factor it out and use it only where strictly needed, e.g. in startup code.
2020-01-15 23:26:40 +08:00
int opt, daemonized = TRUE;
move commandline parsing to main()
2020-01-15 22:45:23 +08:00
simplify codebase by using one thread/conn, instead of preforked procs the existing codebase used an elaborate and complex approach for its parallelism: 5 different config file options, namely - MaxClients - MinSpareServers - MaxSpareServers - StartServers - MaxRequestsPerChild were used to steer how (and how many) parallel processes tinyproxy would spin up at start, how many processes at each point needed to be idle, etc. it seems all preforked processes would listen on the server port and compete with each other about who would get assigned the new incoming connections. since some data needs to be shared across those processes, a half- baked "shared memory" implementation was provided for this purpose. that implementation used to use files in the filesystem, and since it had a big FIXME comment, the author was well aware of how hackish that approach was. this entire complexity is now removed. the main thread enters a loop which polls on the listening fds, then spins up a new thread per connection, until the maximum number of connections (MaxClients) is hit. this is the only of the 5 config options left after this cleanup. since threads share the same address space, the code necessary for shared memory access has been removed. this means that the other 4 mentioned config option will now produce a parse error, when encountered. currently each thread uses a hardcoded default of 256KB per thread for the thread stack size, which is quite lavish and should be sufficient for even the worst C libraries, but people may want to tweak this value to the bare minimum, thus we may provide a new config option for this purpose in the future. i suspect that on heavily optimized C libraries such a musl, a stack size of 8-16 KB per thread could be sufficient. since the existing list implementation in vector.c did not provide a way to remove a single item from an existing list, i added my own list implementation from my libulz library which offers this functionality, rather than trying to add an ad-hoc, and perhaps buggy implementation to the vector_t list code. the sblist code is contained in an 80 line C file and as simple as it can get, while offering good performance and is proven bugfree due to years of use in other projects.
2018-12-17 08:23:09 +08:00
srand(time(NULL)); /* for hashmap seeds */
Extract cmdline parsing code into a function
2009-09-15 04:04:30 +08:00
/* Only allow u+rw bits. This may be required for some versions
* of glibc so that mkstemp() doesn't make us vulnerable.
*/
umask (0177);
change loglevel of start/stop/reload messages to NOTICE this allows to see them when the verbose INFO loglevel is not desired. closes #78
2020-09-07 23:59:37 +08:00
log_message (LOG_NOTICE, "Initializing " PACKAGE " ...");
main: move a log message.
2010-03-03 05:05:28 +08:00
Remove excessive code
2010-06-02 12:41:10 +08:00
if (config_compile_regex()) {
[BB#89] Don't recompile regular expressions This is a modification of a patch originally written by John van der Kamp <john@kirika.demon.nl> at <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=579427#12> The modification was done by the committer.
2010-06-01 10:24:25 +08:00
exit (EX_SOFTWARE);
}
remove config file name item from conf struct since this is set via command line, we can deal with it easily from where it is actually needed.
2020-01-15 23:42:20 +08:00
config_file = SYSCONFDIR "/tinyproxy.conf";
move commandline parsing to main()
2020-01-15 22:45:23 +08:00
while ((opt = getopt (argc, argv, "c:vdh")) != EOF) {
switch (opt) {
case 'v':
display_version ();
exit (EX_OK);
case 'd':
remove godaemon member from config structure since this option can't be set via config file, it makes sense to factor it out and use it only where strictly needed, e.g. in startup code.
2020-01-15 23:26:40 +08:00
daemonized = FALSE;
move commandline parsing to main()
2020-01-15 22:45:23 +08:00
break;
case 'c':
remove config file name item from conf struct since this is set via command line, we can deal with it easily from where it is actually needed.
2020-01-15 23:42:20 +08:00
config_file = optarg;
move commandline parsing to main()
2020-01-15 22:45:23 +08:00
break;
case 'h':
display_usage ();
exit (EX_OK);
default:
display_usage ();
exit (EX_USAGE);
}
}
main: move initialization of default config values closer together Michael
2009-11-04 07:29:35 +08:00
remove duplicate code calling reload_config_file() as a side effect of not updating the config pointer when loading the config file fails, the "FIXME" level comment to take appropriate action in that case has been removed. the only issue remaining when receiving a SIGHUP and encountering a malformed config file would now be the case that output to syslog/logfile won't be resumed, if initially so configured.
2020-01-16 00:35:43 +08:00
if (reload_config(0)) {
main: separate loading of config and setup_logging at startup This is the first part of a fix for bug #74 (making reloading of config work if running as non-privileged user) Michael
2010-03-03 04:57:03 +08:00
exit (EX_SOFTWARE);
}
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
init_stats ();
Minor indenting changes Also changed the text "configuration file" to read "config file".
2009-09-15 06:37:06 +08:00
/* If ANONYMOUS is turned on, make sure that Content-Length is
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
* in the list of allowed headers, since it is required in a
Minor indenting changes Also changed the text "configuration file" to read "config file".
2009-09-15 06:37:06 +08:00
* HTTP/1.0 request. Also add the Content-Type header since it
* goes hand in hand with Content-Length. */
anonymous: fix segfault loading config item unlike other functions called from the config parser code, anonymous_insert() accesses the global config variable rather than passing it as an argument. however the global variable is only set after successful loading of the entire config. we fix this by adding a conf argument to each anonymous_* function, passing the global pointer in calls done from outside the config parser. fixes #292
2020-03-16 21:19:39 +08:00
if (is_anonymous_enabled (config)) {
replace leftover users of hashmap with htab also fixes a bug where the ErrorFile directive would create a new hashmap on every added item, effectively allowing only the use of the last specified errornumber, and producing memory leaks on each config reload.
2020-09-13 04:33:59 +08:00
anonymous_insert (config, safestrdup("Content-Length"));
anonymous_insert (config, safestrdup("Content-Type"));
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
}
remove godaemon member from config structure since this option can't be set via config file, it makes sense to factor it out and use it only where strictly needed, e.g. in startup code.
2020-01-15 23:26:40 +08:00
if (daemonized == TRUE) {
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
if (!config->syslog && config->logf_name == NULL)
log to stdout if no logfile specified some users want to run tinyproxy on an as-needed basis in a terminal, without setting it up permanently to run as a daemon/service. in such use case, it is very annoying that tinyproxy didn't have an option to log to stdout, so the user has to keep a second terminal open to `tail -f` the log. additionally, this precluded usage with runit service supervisor, which runs all services in foreground and creates logfiles from the service's stdout/stderr. since logging to stdout doesn't make sense when daemonized, now if no logfile is specified and daemon mode activated, a warning is printed to stderr once, and nothing is logged. the original idea was to fail with an error message, though some users might actually want to run tinyproxy as daemon and no logging at all.
2017-11-05 03:40:42 +08:00
fprintf(stderr, "WARNING: logging deactivated "
"(can't log to stdout when daemonized)\n");
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
makedaemon ();
log to stdout if no logfile specified some users want to run tinyproxy on an as-needed basis in a terminal, without setting it up permanently to run as a daemon/service. in such use case, it is very annoying that tinyproxy didn't have an option to log to stdout, so the user has to keep a second terminal open to `tail -f` the log. additionally, this precluded usage with runit service supervisor, which runs all services in foreground and creates logfiles from the service's stdout/stderr. since logging to stdout doesn't make sense when daemonized, now if no logfile is specified and daemon mode activated, a warning is printed to stderr once, and nothing is logged. the original idea was to fail with an error message, though some users might actually want to run tinyproxy as daemon and no logging at all.
2017-11-05 03:40:42 +08:00
}
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
main.c: remove set_signal_handler code duplication
2020-09-07 06:08:10 +08:00
setup_sig(SIGPIPE, SIG_IGN, "SIGPIPE", argv[0]);
Minor indenting changes Also changed the text "configuration file" to read "config file".
2009-09-15 06:37:06 +08:00
Fixed the change user/group ability. Log when tinyproxy is using default values rather than specific ones. Cleaned up the command line arguments since tinyproxy now uses a configuration file. Removed the USR1 signal and added the thread creation code.
2000-09-12 08:03:53 +08:00
#ifdef FILTER_ENABLE
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
if (config->filter)
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
filter_init ();
Reformat code to GNU coding style This is a commit which simply ran all C source code files through GNU indent. No other modifications were made.
2008-12-01 23:01:11 +08:00
#endif /* FILTER_ENABLE */
Minor indenting changes Also changed the text "configuration file" to read "config file".
2009-09-15 06:37:06 +08:00
/* Start listening on the selected port. */
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
if (child_listening_sockets(config->listen_addrs, config->port) < 0) {
[BB#63] conf: Allow multiple Listen statements in the config. This introduces a list (vector) of addresses instead of having just one address string. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-07 18:00:19 +08:00
fprintf (stderr, "%s: Could not create listening sockets.\n",
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
argv[0]);
exit (EX_OSERR);
Convert tabs to spaces
2008-12-08 21:39:44 +08:00
}
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
Fix CVE-2017-11747: Create PID file before dropping privileges. Resolves #106 Signed-off-by: Michael Adam <obnox@samba.org>
2017-11-16 08:52:55 +08:00
/* Create pid file before we drop privileges */
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
if (config->pidpath) {
if (pidfile_create (config->pidpath) < 0) {
Fix CVE-2017-11747: Create PID file before dropping privileges. Resolves #106 Signed-off-by: Michael Adam <obnox@samba.org>
2017-11-16 08:52:55 +08:00
fprintf (stderr, "%s: Could not create PID file.\n",
argv[0]);
exit (EX_OSERR);
}
}
Revert "main: drop privileges right after reading the config" This reverts commit 7a9abc2a04dd8ed1f113aa9c803af24adfb22773. It should fix the issue in bug #87.
2010-04-21 22:40:56 +08:00
/* Switch to a different user if we're running as root */
if (geteuid () == 0)
change_user (argv[0]);
else
log_message (LOG_WARNING,
"Not running as root, so not changing UID/GID.");
[BB#74] Create log and pid files after we drop privs
2010-06-02 12:49:49 +08:00
/* Create log file after we drop privileges */
if (setup_logging ()) {
exit (EX_SOFTWARE);
}
Minor indenting changes Also changed the text "configuration file" to read "config file".
2009-09-15 06:37:06 +08:00
/* These signals are only for the parent process. */
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
log_message (LOG_INFO, "Setting the various signals.");
Minor indenting changes Also changed the text "configuration file" to read "config file".
2009-09-15 06:37:06 +08:00
main.c: remove set_signal_handler code duplication
2020-09-07 06:08:10 +08:00
setup_sig (SIGCHLD, takesig, "SIGCHLD", argv[0]);
setup_sig (SIGTERM, takesig, "SIGTERM", argv[0]);
main: orderly shutdown on SIGINT too the appropriate code in the signal handler was already set up, but for some reason the signal itself not being handled.
2020-09-15 03:55:52 +08:00
setup_sig (SIGINT, takesig, "SIGINT", argv[0]);
main.c: remove set_signal_handler code duplication
2020-09-07 06:08:10 +08:00
if (daemonized) setup_sig (SIGHUP, takesig, "SIGHUP", argv[0]);
allow SIGUSR1 to be used as an alternative to SIGHUP this allows a tinyproxy session in terminal foreground mode to reload its configuration without dropping active connections.
2020-09-07 06:11:19 +08:00
setup_sig (SIGUSR1, takesig, "SIGUSR1", argv[0]);
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
free() loop records too
2020-09-16 06:11:09 +08:00
loop_records_init();
Minor indenting changes Also changed the text "configuration file" to read "config file".
2009-09-15 06:37:06 +08:00
/* Start the main loop */
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
log_message (LOG_INFO, "Starting main loop. Accepting connections.");
child_main_loop ();
change loglevel of start/stop/reload messages to NOTICE this allows to see them when the verbose INFO loglevel is not desired. closes #78
2020-09-07 23:59:37 +08:00
log_message (LOG_NOTICE, "Shutting down.");
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
Change child_kill_children() to take the signal as an argument.
2009-10-26 03:25:06 +08:00
child_kill_children (SIGTERM);
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
child_close_sock ();
shutdown: free children from right place
2020-09-16 05:32:25 +08:00
child_free_children();
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
free() loop records too
2020-09-16 06:11:09 +08:00
loop_records_destroy();
Minor indenting changes Also changed the text "configuration file" to read "config file".
2009-09-15 06:37:06 +08:00
/* Remove the PID file */
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
if (config->pidpath != NULL && unlink (config->pidpath) < 0) {
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
log_message (LOG_WARNING,
"Could not remove PID file \"%s\": %s.",
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
config->pidpath, strerror (errno));
Convert tabs to spaces
2008-12-08 21:39:44 +08:00
}
Minor indenting changes Also changed the text "configuration file" to read "config file".
2009-09-15 06:37:06 +08:00
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
#ifdef FILTER_ENABLE
access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2020-01-16 00:09:41 +08:00
if (config->filter)
Indent code to Tinyproxy coding style The modified files were indented with GNU indent using the following command: indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \ -saf -sai -saw -sc -cdw -ce -nut -il0 No other changes of any sort were made.
2009-09-15 03:41:25 +08:00
filter_destroy ();
Reformat code to GNU coding style This is a commit which simply ran all C source code files through GNU indent. No other modifications were made.
2008-12-01 23:01:11 +08:00
#endif /* FILTER_ENABLE */
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
fix free()ing of config items - we need to free the config after it has been succesfully loaded, not unconditionally before reloading. - we also need to free them before exiting from the main program to have clean valgrind output.
2020-09-16 06:01:44 +08:00
free_config (config);
Use shutdown_logging() in main(). Michael
2009-12-23 07:30:11 +08:00
shutdown_logging ();
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
Return instead of exit() at end of main()
2009-09-15 06:36:26 +08:00
return EXIT_SUCCESS;
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
2000-02-17 01:32:49 +08:00
}
Reference in New Issue Copy Permalink