Merge 66abfe58a1 into 05f6e4e000

2025-01-01 00:52:50 +00:00 · 2025-01-01 00:52:50 +00:00 · 5bcc37f910
commit 5bcc37f910
parent 05f6e4e000 66abfe58a1
6 changed files with 31 additions and 5 deletions
--- a/docs/man5/tinyproxy.conf.txt.in
+++ b/docs/man5/tinyproxy.conf.txt.in
@ -60,6 +60,8 @@ This allows you to specify which address Tinyproxy will bind
 to for outgoing connections.
 This parameter may be specified multiple times, then Tinyproxy
 will try all the specified addresses in order.
+When SO_BINDTODEVICE present, this parameter allows interface
+names.

 =item B<BindSame>

--- a/etc/tinyproxy.conf.in
+++ b/etc/tinyproxy.conf.in
@ -33,7 +33,7 @@ Port 8888
 # Bind: This allows you to specify which interface will be used for
 # outgoing connections.  This is useful for multi-home'd machines where
 # you want all traffic to appear outgoing from one particular interface.
-#
+# This allows using the name of an interface, useful for tun devices.
 #Bind 192.168.0.1

 #
--- a/src/conf.c
+++ b/src/conf.c
@ -225,7 +225,11 @@ struct {
                 handle_allow),
        STDCONF (deny, "(" "(" IPMASK "|" IPV6MASK ")" "|" ALNUM ")",
                 handle_deny),
-        STDCONF (bind, "(" IP "|" IPV6 ")", handle_bind),
+        STDCONF (bind, "(" IP "|" IPV6
+#ifdef SO_BINDTODEVICE
+                 "|" INTERFACE
+#endif
+	         ")", handle_bind),
        /* other */
        STDCONF (basicauth, USERNAME WS PASSWORD, handle_basicauth),
        STDCONF (errorfile, INT WS STR, handle_errorfile),
--- a/src/main.c
+++ b/src/main.c
@ -145,6 +145,10 @@ display_usage (void)
        printf ("    Upstream proxy support\n");
        features++;
 #endif /* UPSTREAM_SUPPORT */
+#ifdef SO_BINDTODEVICE
+        printf ("    BindToDevice\n");
+        features++;
+#endif

        if (0 == features)
                printf ("    None\n");
--- a/src/network.c
+++ b/src/network.c
@ -156,8 +156,7 @@ ssize_t readline (int fd, char **whole_buffer)
        struct read_lines_s *first_line, *line_ptr;

        first_line =
-            (struct read_lines_s *) safecalloc (sizeof (struct read_lines_s),
-                                                1);
+            (struct read_lines_s *) safecalloc (1, sizeof (struct read_lines_s));
        if (!first_line)
                return -ENOMEM;

@ -206,7 +205,7 @@ ssize_t readline (int fd, char **whole_buffer)

                line_ptr->next =
                    (struct read_lines_s *)
-                    safecalloc (sizeof (struct read_lines_s), 1);
+                    safecalloc (1, sizeof (struct read_lines_s));
                if (!line_ptr->next) {
                        ret = -ENOMEM;
                        goto CLEANUP;
--- a/src/sock.c
+++ b/src/sock.c
@ -71,6 +71,23 @@ bind_socket (int sockfd, const char *addr, int family)
        assert (sockfd >= 0);
        assert (addr != NULL && strlen (addr) != 0);

+#ifdef SO_BINDTODEVICE
+        if (addr && if_nametoindex(addr)) {
+		struct ifreq interface = {};
+
+		strcpy(interface.ifr_name, addr);
+		n = setsockopt(sockfd, SOL_SOCKET, SO_BINDTODEVICE,
+			&interface, sizeof(interface));
+		if (n < 0) {
+		        log_message (LOG_INFO,
+                                     "bind_socket: SO_BINDTODEVICE to %s %s",
+                                     addr, get_gai_error (n));
+	                return n;
+		}
+                return sockfd;
+	}
+#endif
+
        memset (&hints, 0, sizeof (struct addrinfo));
        hints.ai_family = family;
        hints.ai_socktype = SOCK_STREAM;