bughz/tinyproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge 78e4a6d902 into c4df45b7e4

Browse Source
This commit is contained in:
rofl0r 2023-11-20 02:11:41 -07:00 committed by GitHub
commit bb728594a7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 167 additions and 186 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Makefile.am
View File

@ -50,7 +50,7 @@ tinyproxy_SOURCES = \
base64.c base64.h \
sblist.c sblist.h \
hsearch.c hsearch.h \
orderedmap.c orderedmap.h \
pseudomap.c pseudomap.h \
loop.c loop.h \
mypoll.c mypoll.h \
connect-ports.c connect-ports.h

115
src/orderedmap.c
View File

@ -1,115 +0,0 @@
#ifdef HAVE_CONFIG_H
# include <config.h>
#else
# define _ALL_SOURCE
# define _GNU_SOURCE
#endif
#include <string.h>
#include "sblist.h"
#include "orderedmap.h"
static void orderedmap_destroy_contents(struct orderedmap *o) {
char **p, *q;
size_t i;
htab_value *v;
if(!o) return;
if(o->values) {
while(sblist_getsize(o->values)) {
p = sblist_get(o->values, 0);
if(p) free(*p);
sblist_delete(o->values, 0);
}
sblist_free(o->values);
}
if(o->map) {
i = 0;
while((i = htab_next(o->map, i, &q, &v)))
free(q);
htab_destroy(o->map);
}
}
struct orderedmap *orderedmap_create(size_t nbuckets) {
struct orderedmap o = {0}, *new;
o.values = sblist_new(sizeof(void*), 32);
if(!o.values) goto oom;
o.map = htab_create(nbuckets);
if(!o.map) goto oom;
new = malloc(sizeof o);
if(!new) goto oom;
memcpy(new, &o, sizeof o);
return new;
oom:;
orderedmap_destroy_contents(&o);
return 0;
}
void* orderedmap_destroy(struct orderedmap *o) {
orderedmap_destroy_contents(o);
free(o);
return 0;
}
int orderedmap_append(struct orderedmap *o, const char *key, char *value) {
size_t index;
char *nk, *nv;
nk = nv = 0;
nk = strdup(key);
nv = strdup(value);
if(!nk || !nv) goto oom;
index = sblist_getsize(o->values);
if(!sblist_add(o->values, &nv)) goto oom;
if(!htab_insert(o->map, nk, HTV_N(index))) {
sblist_delete(o->values, index);
goto oom;
}
return 1;
oom:;
free(nk);
free(nv);
return 0;
}
char* orderedmap_find(struct orderedmap *o, const char *key) {
char **p;
htab_value *v = htab_find(o->map, key);
if(!v) return 0;
p = sblist_get(o->values, v->n);
return p?*p:0;
}
int orderedmap_remove(struct orderedmap *o, const char *key) {
size_t i;
char *lk;
char *sk;
char **sv;
htab_value *lv, *v = htab_find2(o->map, key, &sk);
if(!v) return 0;
sv = sblist_get(o->values, v->n);
free(*sv);
sblist_delete(o->values, v->n);
i = 0;
while((i = htab_next(o->map, i, &lk, &lv))) {
if(lv->n > v->n) lv->n--;
}
htab_delete(o->map, key);
free(sk);
return 1;
}
size_t orderedmap_next(struct orderedmap *o, size_t iter, char** key, char** value) {
size_t h_iter;
htab_value* hval;
char **p;
if(iter < sblist_getsize(o->values)) {
h_iter = 0;
while((h_iter = htab_next(o->map, h_iter, key, &hval))) {
if(hval->n == iter) {
p = sblist_get(o->values, iter);
*value = p?*p:0;
return iter+1;
}
}
}
return 0;
}

20
src/orderedmap.h
View File

@ -1,20 +0,0 @@
#ifndef ORDEREDMAP_H
#define ORDEREDMAP_H
#include <stdlib.h>
#include "sblist.h"
#include "hsearch.h"
typedef struct orderedmap {
sblist* values;
struct htab *map;
} *orderedmap;
struct orderedmap *orderedmap_create(size_t nbuckets);
void* orderedmap_destroy(struct orderedmap *o);
int orderedmap_append(struct orderedmap *o, const char *key, char *value );
char* orderedmap_find(struct orderedmap *o, const char *key);
int orderedmap_remove(struct orderedmap *o, const char *key);
size_t orderedmap_next(struct orderedmap *o, size_t iter, char** key, char** value);
#endif

99
src/pseudomap.c Normal file
View File

@ -0,0 +1,99 @@
#include "config.h"
#include "pseudomap.h"
#include <strings.h>
#include <stdlib.h>
#include <string.h>
/* this data structure implements a pseudo hashmap.
tinyproxy originally used a hashmap for keeping the key/value pairs
in HTTP requests; however later it turned out that items need to be
returned in order - so we implemented an "orderedmap".
again, later it turned out that there are are special case headers,
namely Set-Cookie that can happen more than once, so a hashmap isn't the
right structure to hold the key-value pairs in HTTP headers.
it's expected that:
1) the number of headers in a HTTP request we have to process is
not big enough to cause a noticable performance drop when we have
to iterate through our list to find the right header; and
2) use of plain HTTP is getting exceedingly extinct by the day, so
in most usecases CONNECT method is used anyway.
*/
/* restrict the number of headers to 256 to prevent an attacker from
launching a denial of service attack. */
#define MAX_SIZE 256
pseudomap *pseudomap_create(void) {
return sblist_new(sizeof(struct pseudomap_entry), 64);
}
void pseudomap_destroy(pseudomap *o) {
if(!o) return;
while(sblist_getsize(o)) {
/* retrieve latest element, and "shrink" list in place,
so we don't have to constantly rearrange list items
by using sblist_delete(). */
struct pseudomap_entry *e = sblist_get(o, sblist_getsize(o)-1);
free(e->key);
free(e->value);
--o->count;
}
sblist_free(o);
}
int pseudomap_append(pseudomap *o, const char *key, char *value ) {
struct pseudomap_entry e;
if(sblist_getsize(o) >= MAX_SIZE) return 0;
e.key = strdup(key);
e.value = strdup(value);
if(!e.key || !e.value) goto oom;
if(!sblist_add(o, &e)) goto oom;
return 1;
oom:
free(e.key);
free(e.value);
return 0;
}
static size_t pseudomap_find_index(pseudomap *o, const char *key) {
size_t i;
struct pseudomap_entry *e;
for(i = 0; i < sblist_getsize(o); ++i) {
e = sblist_get(o, i);
if(!strcasecmp(key, e->key)) return i;
}
return (size_t)-1;
}
char* pseudomap_find(pseudomap *o, const char *key) {
struct pseudomap_entry *e;
size_t i = pseudomap_find_index(o, key);
if(i == (size_t)-1) return 0;
e = sblist_get(o, i);
return e->value;
}
/* remove *all* entries that match key, to mimic behaviour of hashmap */
int pseudomap_remove(pseudomap *o, const char *key) {
struct pseudomap_entry *e;
size_t i;
int ret = 0;
while((i = pseudomap_find_index(o, key)) != (size_t)-1) {
e = sblist_get(o, i);
free(e->key);
free(e->value);
sblist_delete(o, i);
ret = 1;
}
return ret;
}
size_t pseudomap_next(pseudomap *o, size_t iter, char** key, char** value) {
struct pseudomap_entry *e;
if(iter >= sblist_getsize(o)) return 0;
e = sblist_get(o, iter);
*key = e->key;
*value = e->value;
return iter + 1;
}

22
src/pseudomap.h Normal file
View File

@ -0,0 +1,22 @@
#ifndef PSEUDOMAP_H
#define PSEUDOMAP_H
#include <stdlib.h>
#include "sblist.h"
struct pseudomap_entry {
char *key;
char *value;
};
typedef sblist pseudomap;
pseudomap *pseudomap_create(void);
void pseudomap_destroy(pseudomap *o);
int pseudomap_append(pseudomap *o, const char *key, char *value );
char* pseudomap_find(pseudomap *o, const char *key);
int pseudomap_remove(pseudomap *o, const char *key);
size_t pseudomap_next(pseudomap *o, size_t iter, char** key, char** value);
#endif

79
src/reqs.c
View File

@ -33,7 +33,7 @@
#include "conns.h"
#include "filter.h"
#include "hsearch.h"
#include "orderedmap.h"
#include "pseudomap.h"
#include "heap.h"
#include "html-error.h"
#include "log.h"
@ -318,7 +318,7 @@ static int send_connect_method_response (struct conn_s *connptr)
* build a new request line. Finally connect to the remote server.
*/
static struct request_s *process_request (struct conn_s *connptr,
orderedmap hashofheaders)
pseudomap *hashofheaders)
{
char *url;
struct request_s *request;
@ -645,7 +645,7 @@ static int add_xtinyproxy_header (struct conn_s *connptr)
* can be retrieved and manipulated later.
*/
static int
add_header_to_connection (orderedmap hashofheaders, char *header, size_t len)
add_header_to_connection (pseudomap *hashofheaders, char *header, size_t len)
{
char *sep;
@ -663,7 +663,7 @@ add_header_to_connection (orderedmap hashofheaders, char *header, size_t len)
/* Calculate the new length of just the data */
len -= sep - header - 1;
return orderedmap_append (hashofheaders, header, sep);
return pseudomap_append (hashofheaders, header, sep);
}
/*
@ -676,7 +676,7 @@ add_header_to_connection (orderedmap hashofheaders, char *header, size_t len)
/*
* Read all the headers from the stream
*/
static int get_all_headers (int fd, orderedmap hashofheaders)
static int get_all_headers (int fd, pseudomap *hashofheaders)
{
char *line = NULL;
char *header = NULL;
@ -769,7 +769,7 @@ static int get_all_headers (int fd, orderedmap hashofheaders)
* Extract the headers to remove. These headers were listed in the Connection
* and Proxy-Connection headers.
*/
static int remove_connection_headers (orderedmap hashofheaders)
static int remove_connection_headers (pseudomap *hashofheaders)
{
static const char *headers[] = {
"connection",
@ -783,7 +783,7 @@ static int remove_connection_headers (orderedmap hashofheaders)
for (i = 0; i != (sizeof (headers) / sizeof (char *)); ++i) {
/* Look for the connection header. If it's not found, return. */
data = orderedmap_find(hashofheaders, headers[i]);
data = pseudomap_find(hashofheaders, headers[i]);
if (!data)
return 0;
@ -804,7 +804,7 @@ static int remove_connection_headers (orderedmap hashofheaders)
*/
ptr = data;
while (ptr < data + len) {
orderedmap_remove (hashofheaders, ptr);
pseudomap_remove (hashofheaders, ptr);
/* Advance ptr to the next token */
ptr += strlen (ptr) + 1;
@ -813,7 +813,7 @@ static int remove_connection_headers (orderedmap hashofheaders)
}
/* Now remove the connection header it self. */
orderedmap_remove (hashofheaders, headers[i]);
pseudomap_remove (hashofheaders, headers[i]);
}
return 0;
@ -823,12 +823,12 @@ static int remove_connection_headers (orderedmap hashofheaders)
* If there is a Content-Length header, then return the value; otherwise, return
* -1.
*/
static long get_content_length (orderedmap hashofheaders)
static long get_content_length (pseudomap *hashofheaders)
{
char *data;
long content_length = -1;
data = orderedmap_find (hashofheaders, "content-length");
data = pseudomap_find (hashofheaders, "content-length");
if (data)
content_length = atol (data);
@ -836,10 +836,10 @@ static long get_content_length (orderedmap hashofheaders)
return content_length;
}
static int is_chunked_transfer (orderedmap hashofheaders)
static int is_chunked_transfer (pseudomap *hashofheaders)
{
char *data;
data = orderedmap_find (hashofheaders, "transfer-encoding");
data = pseudomap_find (hashofheaders, "transfer-encoding");
return data ? !strcmp (data, "chunked") : 0;
}
@ -851,7 +851,7 @@ static int is_chunked_transfer (orderedmap hashofheaders)
* purposes.
*/
static int
write_via_header (int fd, orderedmap hashofheaders,
write_via_header (int fd, pseudomap *hashofheaders,
unsigned int major, unsigned int minor)
{
char hostname[512];
@ -873,14 +873,14 @@ write_via_header (int fd, orderedmap hashofheaders,
* See if there is a "Via" header. If so, again we need to do a bit
* of processing.
*/
data = orderedmap_find (hashofheaders, "via");
data = pseudomap_find (hashofheaders, "via");
if (data) {
ret = write_message (fd,
"Via: %s, %hu.%hu %s (%s/%s)\r\n",
data, major, minor, hostname, PACKAGE,
VERSION);
orderedmap_remove (hashofheaders, "via");
pseudomap_remove (hashofheaders, "via");
} else {
ret = write_message (fd,
"Via: %hu.%hu %s (%s/%s)\r\n",
@ -891,11 +891,6 @@ done:
return ret;
}
/*
* Number of buckets to use internally in the hashmap.
*/
#define HEADER_BUCKETS 32
/*
* Here we loop through all the headers the client is sending. If we
* are running in anonymous mode, we will _only_ send the headers listed
@ -903,7 +898,7 @@ done:
* - rjkaes
*/
static int
process_client_headers (struct conn_s *connptr, orderedmap hashofheaders)
process_client_headers (struct conn_s *connptr, pseudomap *hashofheaders)
{
static const char *skipheaders[] = {
"host",
@ -951,7 +946,7 @@ process_client_headers (struct conn_s *connptr, orderedmap hashofheaders)
* Delete the headers listed in the skipheaders list
*/
for (i = 0; i != (sizeof (skipheaders) / sizeof (char *)); i++) {
orderedmap_remove (hashofheaders, skipheaders[i]);
pseudomap_remove (hashofheaders, skipheaders[i]);
}
/* Send, or add the Via header */
@ -972,7 +967,7 @@ process_client_headers (struct conn_s *connptr, orderedmap hashofheaders)
* Output all the remaining headers to the remote machine.
*/
iter = 0;
while((iter = orderedmap_next(hashofheaders, iter, &data, &header))) {
while((iter = pseudomap_next(hashofheaders, iter, &data, &header))) {
if (!is_anonymous_enabled (config)
|| anonymous_search (config, data) > 0) {
ret =
@ -1027,7 +1022,7 @@ static int process_server_headers (struct conn_s *connptr)
char *response_line;
orderedmap hashofheaders;
pseudomap *hashofheaders;
size_t iter;
char *data, *header;
ssize_t len;
@ -1057,7 +1052,7 @@ retry:
goto retry;
}
hashofheaders = orderedmap_create (HEADER_BUCKETS);
hashofheaders = pseudomap_create ();
if (!hashofheaders) {
safefree (response_line);
return -1;
@ -1069,7 +1064,7 @@ retry:
if (get_all_headers (connptr->server_fd, hashofheaders) < 0) {
log_message (LOG_WARNING,
"Could not retrieve all the headers from the remote server.");
orderedmap_destroy (hashofheaders);
pseudomap_destroy (hashofheaders);
safefree (response_line);
indicate_http_error (connptr, 503,
@ -1088,7 +1083,7 @@ retry:
* Instead we'll free all the memory and return.
*/
if (connptr->protocol.major < 1) {
orderedmap_destroy (hashofheaders);
pseudomap_destroy (hashofheaders);
safefree (response_line);
return 0;
}
@ -1115,7 +1110,7 @@ retry:
* Delete the headers listed in the skipheaders list
*/
for (i = 0; i != (sizeof (skipheaders) / sizeof (char *)); i++) {
orderedmap_remove (hashofheaders, skipheaders[i]);
pseudomap_remove (hashofheaders, skipheaders[i]);
}
/* Send, or add the Via header */
@ -1137,7 +1132,7 @@ retry:
/* Rewrite the HTTP redirect if needed */
if (config->reversebaseurl &&
(header = orderedmap_find (hashofheaders, "location"))) {
(header = pseudomap_find (hashofheaders, "location"))) {
/* Look for a matching entry in the reversepath list */
while (reverse) {
@ -1162,7 +1157,7 @@ retry:
"Rewriting HTTP redirect: %s -> %s%s%s",
header, config->reversebaseurl,
(reverse->path + 1), (header + len));
orderedmap_remove (hashofheaders, "location");
pseudomap_remove (hashofheaders, "location");
}
}
#endif
@ -1171,14 +1166,14 @@ retry:
* All right, output all the remaining headers to the client.
*/
iter = 0;
while ((iter = orderedmap_next(hashofheaders, iter, &data, &header))) {
while ((iter = pseudomap_next(hashofheaders, iter, &data, &header))) {
ret = write_message (connptr->client_fd,
"%s: %s\r\n", data, header);
if (ret < 0)
goto ERROR_EXIT;
}
orderedmap_destroy (hashofheaders);
pseudomap_destroy (hashofheaders);
/* Write the final blank line to signify the end of the headers */
if (safe_write (connptr->client_fd, "\r\n", 2) < 0)
@ -1187,7 +1182,7 @@ retry:
return 0;
ERROR_EXIT:
orderedmap_destroy (hashofheaders);
pseudomap_destroy (hashofheaders);
return -1;
}
@ -1577,7 +1572,7 @@ void handle_connection (struct conn_s *connptr, union sockaddr_union* addr)
int got_headers = 0, fd = connptr->client_fd;
size_t i;
struct request_s *request = NULL;
orderedmap hashofheaders = NULL;
pseudomap *hashofheaders = NULL;
char sock_ipaddr[IP_LENGTH];
char peer_ipaddr[IP_LENGTH];
@ -1632,7 +1627,7 @@ void handle_connection (struct conn_s *connptr, union sockaddr_union* addr)
/*
* The "hashofheaders" store the client's headers.
*/
hashofheaders = orderedmap_create (HEADER_BUCKETS);
hashofheaders = pseudomap_create ();
if (hashofheaders == NULL) {
update_stats (STAT_BADCONN);
indicate_http_error (connptr, 503, "Internal error",
@ -1661,12 +1656,12 @@ void handle_connection (struct conn_s *connptr, union sockaddr_union* addr)
if (config->basicauth_list != NULL) {
char *authstring;
int failure = 1, stathost_connect = 0;
authstring = orderedmap_find (hashofheaders, "proxy-authorization");
authstring = pseudomap_find (hashofheaders, "proxy-authorization");
if (!authstring && config->stathost) {
authstring = orderedmap_find (hashofheaders, "host");
authstring = pseudomap_find (hashofheaders, "host");
if (authstring && !strncmp(authstring, config->stathost, strlen(config->stathost))) {
authstring = orderedmap_find (hashofheaders, "authorization");
authstring = pseudomap_find (hashofheaders, "authorization");
stathost_connect = 1;
} else authstring = 0;
}
@ -1699,7 +1694,7 @@ e401:
NULL);
HC_FAIL();
}
orderedmap_remove (hashofheaders, "proxy-authorization");
pseudomap_remove (hashofheaders, "proxy-authorization");
}
/*
@ -1710,7 +1705,7 @@ e401:
for (i = 0; i < sblist_getsize (config->add_headers); i++) {
http_header_t *header = sblist_get (config->add_headers, i);
orderedmap_append (hashofheaders, header->name, header->value);
pseudomap_append (hashofheaders, header->name, header->value);
}
request = process_request (connptr, hashofheaders);
@ -1788,7 +1783,7 @@ e401:
done:
free_request_struct (request);
orderedmap_destroy (hashofheaders);
pseudomap_destroy (hashofheaders);
conn_destroy_contents (connptr);
return;
#undef HC_FAIL

4
src/reverse-proxy.c
View File

@ -127,7 +127,7 @@ void free_reversepath_list (struct reversepath *reverse)
/*
* Rewrite the URL for reverse proxying.
*/
char *reverse_rewrite_url (struct conn_s *connptr, orderedmap hashofheaders,
char *reverse_rewrite_url (struct conn_s *connptr, pseudomap *hashofheaders,
char *url, int *status)
{
char *rewrite_url = NULL;
@ -153,7 +153,7 @@ char *reverse_rewrite_url (struct conn_s *connptr, orderedmap hashofheaders,
sprintf (rewrite_url, "%s%s", reverse->url, url + lrp);
}
} else if (config->reversemagic
&& (cookie = orderedmap_find (hashofheaders,
&& (cookie = pseudomap_find (hashofheaders,
"cookie"))) {
/* No match - try the magical tracking cookie next */

4
src/reverse-proxy.h
View File

@ -22,7 +22,7 @@
#define TINYPROXY_REVERSE_PROXY_H
#include "conns.h"
#include "orderedmap.h"
#include "pseudomap.h"
struct reversepath {
struct reversepath *next;
@ -38,7 +38,7 @@ extern struct reversepath *reversepath_get (char *url,
struct reversepath *reverse);
void free_reversepath_list (struct reversepath *reverse);
extern char *reverse_rewrite_url (struct conn_s *connptr,
orderedmap hashofheaders, char *url,
pseudomap *hashofheaders, char *url,
int *status);
#endif

4
src/transparent-proxy.c
View File

@ -53,7 +53,7 @@ static int build_url (char **url, const char *host, int port, const char *path)
}
int
do_transparent_proxy (struct conn_s *connptr, orderedmap hashofheaders,
do_transparent_proxy (struct conn_s *connptr, pseudomap *hashofheaders,
struct request_s *request, struct config_s *conf,
char **url)
{
@ -62,7 +62,7 @@ do_transparent_proxy (struct conn_s *connptr, orderedmap hashofheaders,
size_t ulen = strlen (*url);
size_t i;
data = orderedmap_find (hashofheaders, "host");
data = pseudomap_find (hashofheaders, "host");
if (!data) {
union sockaddr_union dest_addr;
const void *dest_inaddr;

4
src/transparent-proxy.h
View File

@ -26,11 +26,11 @@
#ifdef TRANSPARENT_PROXY
#include "conns.h"
#include "orderedmap.h"
#include "pseudomap.h"
#include "reqs.h"
extern int do_transparent_proxy (struct conn_s *connptr,
orderedmap hashofheaders,
pseudomap *hashofheaders,
struct request_s *request,
struct config_s *config, char **url);