From c63d5d26b47b44d70af54aa31f811e4815fe4ad9 Mon Sep 17 00:00:00 2001 From: rofl0r Date: Wed, 15 Jan 2020 16:09:41 +0000 Subject: [PATCH] access config via a pointer, not a hardcoded struct address this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour. --- src/anonymous.c | 16 ++++++------ src/child.c | 6 ++--- src/filter.c | 10 +++---- src/html-error.c | 20 +++++++------- src/log.c | 22 ++++++++-------- src/main.c | 54 ++++++++++++++++++++------------------ src/main.h | 2 +- src/reqs.c | 64 ++++++++++++++++++++++----------------------- src/reverse-proxy.c | 8 +++--- src/sock.c | 6 ++--- src/stats.c | 2 +- 11 files changed, 107 insertions(+), 103 deletions(-) diff --git a/src/anonymous.c b/src/anonymous.c index 3049acf..8d44465 100644 --- a/src/anonymous.c +++ b/src/anonymous.c @@ -30,7 +30,7 @@ short int is_anonymous_enabled (void) { - return (config.anonymous_map != NULL) ? 1 : 0; + return (config->anonymous_map != NULL) ? 1 : 0; } /* @@ -40,9 +40,9 @@ short int is_anonymous_enabled (void) int anonymous_search (const char *s) { assert (s != NULL); - assert (config.anonymous_map != NULL); + assert (config->anonymous_map != NULL); - return hashmap_search (config.anonymous_map, s); + return hashmap_search (config->anonymous_map, s); } /* @@ -57,17 +57,17 @@ int anonymous_insert (const char *s) assert (s != NULL); - if (!config.anonymous_map) { - config.anonymous_map = hashmap_create (32); - if (!config.anonymous_map) + if (!config->anonymous_map) { + config->anonymous_map = hashmap_create (32); + if (!config->anonymous_map) return -1; } - if (hashmap_search (config.anonymous_map, s) > 0) { + if (hashmap_search (config->anonymous_map, s) > 0) { /* The key was already found, so return a positive number. */ return 0; } /* Insert the new key */ - return hashmap_insert (config.anonymous_map, s, &data, sizeof (data)); + return hashmap_insert (config->anonymous_map, s, &data, sizeof (data)); } diff --git a/src/child.c b/src/child.c index 861606b..4a94b98 100644 --- a/src/child.c +++ b/src/child.c @@ -86,7 +86,7 @@ void child_main_loop (void) pthread_attr_t *attrp, attr; struct child *child; - childs = sblist_new(sizeof (struct child*), config.maxclients); + childs = sblist_new(sizeof (struct child*), config->maxclients); loop_records_init(); @@ -94,11 +94,11 @@ void child_main_loop (void) * We have to wait for connections on multiple fds, * so use select. */ - while (!config.quit) { + while (!config->quit) { collect_threads(); - if (sblist_getsize(childs) >= config.maxclients) { + if (sblist_getsize(childs) >= config->maxclients) { if (!was_full) log_message (LOG_NOTICE, "Maximum number of connections reached. " diff --git a/src/filter.c b/src/filter.c index e18132e..206bf31 100644 --- a/src/filter.c +++ b/src/filter.c @@ -59,7 +59,7 @@ void filter_init (void) return; } - fd = fopen (config.filter, "r"); + fd = fopen (config->filter, "r"); if (!fd) { return; } @@ -67,9 +67,9 @@ void filter_init (void) p = NULL; cflags = REG_NEWLINE | REG_NOSUB; - if (config.filter_extended) + if (config->filter_extended) cflags |= REG_EXTENDED; - if (!config.filter_casesensitive) + if (!config->filter_casesensitive) cflags |= REG_ICASE; while (fgets (buf, FILTER_BUFFER_LEN, fd)) { @@ -121,7 +121,7 @@ void filter_init (void) if (err != 0) { fprintf (stderr, "Bad regex in %s: %s\n", - config.filter, p->pat); + config->filter, p->pat); exit (EX_DATAERR); } } @@ -157,7 +157,7 @@ void filter_destroy (void) */ void filter_reload (void) { - if (config.filter) { + if (config->filter) { log_message (LOG_NOTICE, "Re-reading filter file."); filter_destroy (); filter_init (); diff --git a/src/html-error.c b/src/html-error.c index 2b15c08..3018b46 100644 --- a/src/html-error.c +++ b/src/html-error.c @@ -41,13 +41,13 @@ int add_new_errorpage (char *filepath, unsigned int errornum) { char errornbuf[ERRORNUM_BUFSIZE]; - config.errorpages = hashmap_create (ERRPAGES_BUCKETCOUNT); - if (!config.errorpages) + config->errorpages = hashmap_create (ERRPAGES_BUCKETCOUNT); + if (!config->errorpages) return (-1); snprintf (errornbuf, ERRORNUM_BUFSIZE, "%u", errornum); - if (hashmap_insert (config.errorpages, errornbuf, + if (hashmap_insert (config->errorpages, errornbuf, filepath, strlen (filepath) + 1) < 0) return (-1); @@ -66,19 +66,19 @@ static char *get_html_file (unsigned int errornum) assert (errornum >= 100 && errornum < 1000); - if (!config.errorpages) - return (config.errorpage_undef); + if (!config->errorpages) + return (config->errorpage_undef); snprintf (errornbuf, ERRORNUM_BUFSIZE, "%u", errornum); - result_iter = hashmap_find (config.errorpages, errornbuf); + result_iter = hashmap_find (config->errorpages, errornbuf); - if (hashmap_is_end (config.errorpages, result_iter)) - return (config.errorpage_undef); + if (hashmap_is_end (config->errorpages, result_iter)) + return (config->errorpage_undef); - if (hashmap_return_entry (config.errorpages, result_iter, + if (hashmap_return_entry (config->errorpages, result_iter, &key, (void **) &val) < 0) - return (config.errorpage_undef); + return (config->errorpage_undef); return (val); } diff --git a/src/log.c b/src/log.c index 7158492..755a913 100644 --- a/src/log.c +++ b/src/log.c @@ -129,7 +129,7 @@ void log_message (int level, const char *fmt, ...) return; #endif - if (config.syslog && level == LOG_CONN) + if (config && config->syslog && level == LOG_CONN) level = LOG_INFO; va_start (args, fmt); @@ -161,10 +161,10 @@ void log_message (int level, const char *fmt, ...) goto out; } - if(!config.syslog && log_file_fd == -1) + if(!config->syslog && log_file_fd == -1) goto out; - if (config.syslog) { + if (config->syslog) { pthread_mutex_lock(&log_mutex); #ifdef HAVE_VSYSLOG_H vsyslog (level, fmt, args); @@ -203,11 +203,11 @@ void log_message (int level, const char *fmt, ...) pthread_mutex_unlock(&log_mutex); if (ret == -1) { - config.syslog = TRUE; + config->syslog = TRUE; log_message(LOG_CRIT, "ERROR: Could not write to log " "file %s: %s.", - config.logf_name, strerror(errno)); + config->logf_name, strerror(errno)); log_message(LOG_CRIT, "Falling back to syslog logging"); } @@ -272,23 +272,23 @@ static void send_stored_logs (void) */ int setup_logging (void) { - if (!config.syslog) { - if (open_log_file (config.logf_name) < 0) { + if (!config->syslog) { + if (open_log_file (config->logf_name) < 0) { /* * If opening the log file fails, we try * to fall back to syslog logging... */ - config.syslog = TRUE; + config->syslog = TRUE; log_message (LOG_CRIT, "ERROR: Could not create log " "file %s: %s.", - config.logf_name, strerror (errno)); + config->logf_name, strerror (errno)); log_message (LOG_CRIT, "Falling back to syslog logging."); } } - if (config.syslog) { + if (config->syslog) { openlog ("tinyproxy", LOG_PID, LOG_USER); } @@ -307,7 +307,7 @@ void shutdown_logging (void) return; } - if (config.syslog) { + if (config->syslog) { closelog (); } else { close_log_file (); diff --git a/src/main.c b/src/main.c index b4a5e53..4a5f8ea 100644 --- a/src/main.c +++ b/src/main.c @@ -47,8 +47,9 @@ /* * Global Structures */ -struct config_s config; -struct config_s config_defaults; +struct config_s *config; +static struct config_s config_main; +static struct config_s config_defaults; static const char* config_file; unsigned int received_sighup = FALSE; /* boolean */ @@ -68,7 +69,7 @@ takesig (int sig) case SIGINT: case SIGTERM: - config.quit = TRUE; + config->quit = TRUE; break; case SIGCHLD: @@ -174,16 +175,16 @@ get_id (char *str) static void change_user (const char *program) { - if (config.group && strlen (config.group) > 0) { - int gid = get_id (config.group); + if (config->group && strlen (config->group) > 0) { + int gid = get_id (config->group); if (gid < 0) { - struct group *thisgroup = getgrnam (config.group); + struct group *thisgroup = getgrnam (config->group); if (!thisgroup) { fprintf (stderr, "%s: Unable to find group \"%s\".\n", - program, config.group); + program, config->group); exit (EX_NOUSER); } @@ -193,7 +194,7 @@ change_user (const char *program) if (setgid (gid) < 0) { fprintf (stderr, "%s: Unable to change to group \"%s\".\n", - program, config.group); + program, config->group); exit (EX_NOPERM); } @@ -208,19 +209,19 @@ change_user (const char *program) #endif log_message (LOG_INFO, "Now running as group \"%s\".", - config.group); + config->group); } - if (config.user && strlen (config.user) > 0) { - int uid = get_id (config.user); + if (config->user && strlen (config->user) > 0) { + int uid = get_id (config->user); if (uid < 0) { - struct passwd *thisuser = getpwnam (config.user); + struct passwd *thisuser = getpwnam (config->user); if (!thisuser) { fprintf (stderr, "%s: Unable to find user \"%s\".\n", - program, config.user); + program, config->user); exit (EX_NOUSER); } @@ -230,12 +231,12 @@ change_user (const char *program) if (setuid (uid) < 0) { fprintf (stderr, "%s: Unable to change to user \"%s\".\n", - program, config.user); + program, config->user); exit (EX_NOPERM); } log_message (LOG_INFO, "Now running as user \"%s\".", - config.user); + config->user); } } @@ -249,12 +250,14 @@ int reload_config (void) shutdown_logging (); - ret = reload_config_file (config_file, &config, + ret = reload_config_file (config_file, &config_main, &config_defaults); if (ret != 0) { goto done; } + config = &config_main; + ret = setup_logging (); done: @@ -308,10 +311,11 @@ main (int argc, char **argv) initialize_config_defaults (&config_defaults); if (reload_config_file (config_file, - &config, + &config_main, &config_defaults)) { exit (EX_SOFTWARE); } + config = &config_main; init_stats (); @@ -325,7 +329,7 @@ main (int argc, char **argv) } if (daemonized == TRUE) { - if (!config.syslog && config.logf_name == NULL) + if (!config->syslog && config->logf_name == NULL) fprintf(stderr, "WARNING: logging deactivated " "(can't log to stdout when daemonized)\n"); @@ -339,20 +343,20 @@ main (int argc, char **argv) } #ifdef FILTER_ENABLE - if (config.filter) + if (config->filter) filter_init (); #endif /* FILTER_ENABLE */ /* Start listening on the selected port. */ - if (child_listening_sockets(config.listen_addrs, config.port) < 0) { + if (child_listening_sockets(config->listen_addrs, config->port) < 0) { fprintf (stderr, "%s: Could not create listening sockets.\n", argv[0]); exit (EX_OSERR); } /* Create pid file before we drop privileges */ - if (config.pidpath) { - if (pidfile_create (config.pidpath) < 0) { + if (config->pidpath) { + if (pidfile_create (config->pidpath) < 0) { fprintf (stderr, "%s: Could not create PID file.\n", argv[0]); exit (EX_OSERR); @@ -403,14 +407,14 @@ main (int argc, char **argv) child_close_sock (); /* Remove the PID file */ - if (config.pidpath != NULL && unlink (config.pidpath) < 0) { + if (config->pidpath != NULL && unlink (config->pidpath) < 0) { log_message (LOG_WARNING, "Could not remove PID file \"%s\": %s.", - config.pidpath, strerror (errno)); + config->pidpath, strerror (errno)); } #ifdef FILTER_ENABLE - if (config.filter) + if (config->filter) filter_destroy (); #endif /* FILTER_ENABLE */ diff --git a/src/main.h b/src/main.h index ca2ee4b..5890d4a 100644 --- a/src/main.h +++ b/src/main.h @@ -29,7 +29,7 @@ #define MAX_IDLE_TIME (60 * 10) /* 10 minutes of no activity */ /* Global Structures used in the program */ -extern struct config_s config; +extern struct config_s *config; extern unsigned int received_sighup; /* boolean */ extern int reload_config (void); diff --git a/src/reqs.c b/src/reqs.c index 3adc473..310871c 100644 --- a/src/reqs.c +++ b/src/reqs.c @@ -61,8 +61,8 @@ * enabled. */ #ifdef UPSTREAM_SUPPORT -# define UPSTREAM_CONFIGURED() (config.upstream_list != NULL) -# define UPSTREAM_HOST(host) upstream_get(host, config.upstream_list) +# define UPSTREAM_CONFIGURED() (config->upstream_list != NULL) +# define UPSTREAM_HOST(host) upstream_get(host, config->upstream_list) # define UPSTREAM_IS_HTTP(conn) (conn->upstream_proxy != NULL && conn->upstream_proxy->type == PT_HTTP) #else # define UPSTREAM_CONFIGURED() (0) @@ -373,7 +373,7 @@ BAD_REQUEST_ERROR: } #ifdef REVERSE_SUPPORT - if (config.reversepath_list != NULL) { + if (config->reversepath_list != NULL) { /* * Rewrite the URL based on the reverse path. After calling * reverse_rewrite_url "url" can be freed since we either @@ -387,7 +387,7 @@ BAD_REQUEST_ERROR: if (reverse_url != NULL) { safefree (url); url = reverse_url; - } else if (config.reverseonly) { + } else if (config->reverseonly) { log_message (LOG_ERR, "Bad request, no mapping for '%s' found", url); @@ -420,7 +420,7 @@ BAD_REQUEST_ERROR: /* Verify that the port in the CONNECT method is allowed */ if (!check_allowed_connect_ports (request->port, - config.connect_ports)) + config->connect_ports)) { indicate_http_error (connptr, 403, "Access violation", "detail", @@ -437,7 +437,7 @@ BAD_REQUEST_ERROR: } else { #ifdef TRANSPARENT_PROXY if (!do_transparent_proxy - (connptr, hashofheaders, request, &config, &url)) { + (connptr, hashofheaders, request, config, &url)) { goto fail; } #else @@ -455,8 +455,8 @@ BAD_REQUEST_ERROR: /* * Filter restricted domains/urls */ - if (config.filter) { - if (config.filter_url) + if (config->filter) { + if (config->filter_url) ret = filter_url (url); else ret = filter_domain (request->host); @@ -464,7 +464,7 @@ BAD_REQUEST_ERROR: if (ret) { update_stats (STAT_DENIED); - if (config.filter_url) + if (config->filter_url) log_message (LOG_NOTICE, "Proxying refused on filtered url \"%s\"", url); @@ -486,7 +486,7 @@ BAD_REQUEST_ERROR: /* * Check to see if they're requesting the stat host */ - if (config.stathost && strcmp (config.stathost, request->host) == 0) { + if (config->stathost && strcmp (config->stathost, request->host) == 0) { log_message (LOG_NOTICE, "Request for the stathost."); connptr->show_stats = TRUE; goto fail; @@ -804,13 +804,13 @@ write_via_header (int fd, hashmap_t hashofheaders, char *data; int ret; - if (config.disable_viaheader) { + if (config->disable_viaheader) { ret = 0; goto done; } - if (config.via_proxy_name) { - strlcpy (hostname, config.via_proxy_name, sizeof (hostname)); + if (config->via_proxy_name) { + strlcpy (hostname, config->via_proxy_name, sizeof (hostname)); } else if (gethostname (hostname, sizeof (hostname)) < 0) { strlcpy (hostname, "unknown", 512); } @@ -938,7 +938,7 @@ process_client_headers (struct conn_s *connptr, hashmap_t hashofheaders) } } #if defined(XTINYPROXY_ENABLE) - if (config.add_xtinyproxy) + if (config->add_xtinyproxy) add_xtinyproxy_header (connptr); #endif @@ -981,7 +981,7 @@ static int process_server_headers (struct conn_s *connptr) int ret; #ifdef REVERSE_SUPPORT - struct reversepath *reverse = config.reversepath_list; + struct reversepath *reverse = config->reversepath_list; #endif /* Get the response line from the remote server. */ @@ -1073,7 +1073,7 @@ retry: #ifdef REVERSE_SUPPORT /* Write tracking cookie for the magical reverse proxy path hack */ - if (config.reversemagic && connptr->reversepath) { + if (config->reversemagic && connptr->reversepath) { ret = write_message (connptr->client_fd, "Set-Cookie: " REVERSE_COOKIE "=%s; path=/\r\n", connptr->reversepath); @@ -1082,7 +1082,7 @@ retry: } /* Rewrite the HTTP redirect if needed */ - if (config.reversebaseurl && + if (config->reversebaseurl && hashmap_entry_by_key (hashofheaders, "location", (void **) &header) > 0) { @@ -1100,14 +1100,14 @@ retry: ret = write_message (connptr->client_fd, "Location: %s%s%s\r\n", - config.reversebaseurl, + config->reversebaseurl, (reverse->path + 1), (header + len)); if (ret < 0) goto ERROR_EXIT; log_message (LOG_INFO, "Rewriting HTTP redirect: %s -> %s%s%s", - header, config.reversebaseurl, + header, config->reversebaseurl, (reverse->path + 1), (header + len)); hashmap_remove (hashofheaders, "location"); } @@ -1181,7 +1181,7 @@ static void relay_connection (struct conn_s *connptr) FD_ZERO (&wset); tv.tv_sec = - config.idletimeout - difftime (time (NULL), last_access); + config->idletimeout - difftime (time (NULL), last_access); tv.tv_usec = 0; if (buffer_size (connptr->sbuffer) > 0) @@ -1197,10 +1197,10 @@ static void relay_connection (struct conn_s *connptr) if (ret == 0) { tdiff = difftime (time (NULL), last_access); - if (tdiff > config.idletimeout) { + if (tdiff > config->idletimeout) { log_message (LOG_INFO, "Idle Timeout (after select) as %g > %u.", - tdiff, config.idletimeout); + tdiff, config->idletimeout); return; } else { continue; @@ -1546,16 +1546,16 @@ void handle_connection (int fd, union sockaddr_union* addr) getpeer_information (addr, peer_ipaddr, sizeof(peer_ipaddr)); - if (config.bindsame) + if (config->bindsame) getsock_ip (fd, sock_ipaddr); - log_message (LOG_CONN, config.bindsame ? + log_message (LOG_CONN, config->bindsame ? "Connect (file descriptor %d): %s at [%s]" : "Connect (file descriptor %d): %s", fd, peer_ipaddr, sock_ipaddr); connptr = initialize_conn (fd, peer_ipaddr, - config.bindsame ? sock_ipaddr : NULL); + config->bindsame ? sock_ipaddr : NULL); if (!connptr) { close (fd); return; @@ -1575,7 +1575,7 @@ void handle_connection (int fd, union sockaddr_union* addr) } - if (check_acl (peer_ipaddr, addr, config.access_list) <= 0) { + if (check_acl (peer_ipaddr, addr, config->access_list) <= 0) { update_stats (STAT_DENIED); indicate_http_error (connptr, 403, "Access denied", "detail", @@ -1622,17 +1622,17 @@ void handle_connection (int fd, union sockaddr_union* addr) goto fail; } - if (config.basicauth_list != NULL) { + if (config->basicauth_list != NULL) { ssize_t len; char *authstring; int failure = 1, stathost_connect = 0; len = hashmap_entry_by_key (hashofheaders, "proxy-authorization", (void **) &authstring); - if (len == 0 && config.stathost) { + if (len == 0 && config->stathost) { len = hashmap_entry_by_key (hashofheaders, "host", (void **) &authstring); - if (len && !strncmp(authstring, config.stathost, strlen(config.stathost))) { + if (len && !strncmp(authstring, config->stathost, strlen(config->stathost))) { len = hashmap_entry_by_key (hashofheaders, "authorization", (void **) &authstring); stathost_connect = 1; @@ -1651,7 +1651,7 @@ void handle_connection (int fd, union sockaddr_union* addr) if ( /* currently only "basic" auth supported */ (strncmp(authstring, "Basic ", 6) == 0 || strncmp(authstring, "basic ", 6) == 0) && - basicauth_check (config.basicauth_list, authstring + 6) == 1) + basicauth_check (config->basicauth_list, authstring + 6) == 1) failure = 0; if(failure) { e401: @@ -1670,9 +1670,9 @@ e401: * Add any user-specified headers (AddHeader directive) to the * outgoing HTTP request. */ - for (i = 0; i < vector_length (config.add_headers); i++) { + for (i = 0; i < vector_length (config->add_headers); i++) { http_header_t *header = (http_header_t *) - vector_getentry (config.add_headers, i, NULL); + vector_getentry (config->add_headers, i, NULL); hashmap_insert (hashofheaders, header->name, diff --git a/src/reverse-proxy.c b/src/reverse-proxy.c index 0264787..32bd2a7 100644 --- a/src/reverse-proxy.c +++ b/src/reverse-proxy.c @@ -122,14 +122,14 @@ char *reverse_rewrite_url (struct conn_s *connptr, hashmap_t hashofheaders, /* Reverse requests always start with a slash */ if (*url == '/') { /* First try locating the reverse mapping by request url */ - reverse = reversepath_get (url, config.reversepath_list); + reverse = reversepath_get (url, config->reversepath_list); if (reverse) { rewrite_url = (char *) safemalloc (strlen (url) + strlen (reverse->url) + 1); strcpy (rewrite_url, reverse->url); strcat (rewrite_url, url + strlen (reverse->path)); - } else if (config.reversemagic + } else if (config->reversemagic && hashmap_entry_by_key (hashofheaders, "cookie", (void **) &cookie) > 0) { @@ -139,7 +139,7 @@ char *reverse_rewrite_url (struct conn_s *connptr, hashmap_t hashofheaders, && (reverse = reversepath_get (cookieval + strlen (REVERSE_COOKIE) + 1, - config.reversepath_list))) + config->reversepath_list))) { rewrite_url = (char *) safemalloc @@ -163,7 +163,7 @@ char *reverse_rewrite_url (struct conn_s *connptr, hashmap_t hashofheaders, log_message (LOG_CONN, "Rewriting URL: %s -> %s", url, rewrite_url); /* Store reverse path so that the magical tracking cookie can be set */ - if (config.reversemagic && reverse) + if (config->reversemagic && reverse) connptr->reversepath = safestrdup (reverse->path); return rewrite_url; diff --git a/src/sock.c b/src/sock.c index 8513ba8..73ddebd 100644 --- a/src/sock.c +++ b/src/sock.c @@ -134,8 +134,8 @@ int opensock (const char *host, int port, const char *bind_to) close (sockfd); continue; /* can't bind, so try again */ } - } else if (config.bind_address) { - if (bind_socket (sockfd, config.bind_address, + } else if (config->bind_address) { + if (bind_socket (sockfd, config->bind_address, res->ai_family) < 0) { close (sockfd); continue; /* can't bind, so try again */ @@ -147,7 +147,7 @@ int opensock (const char *host, int port, const char *bind_to) int af = res->ai_addr->sa_family; unsigned dport = ntohs(af == AF_INET ? p->v4.sin_port : p->v6.sin6_port); socklen_t slen = sizeof u; - if (dport == config.port) { + if (dport == config->port) { getsockname(sockfd, (void*)&u, &slen); loop_records_add(&u); } diff --git a/src/stats.c b/src/stats.c index 93a30cf..9f4acc3 100644 --- a/src/stats.c +++ b/src/stats.c @@ -77,7 +77,7 @@ showstats (struct conn_s *connptr) pthread_mutex_lock(&stats_file_lock); - if (!config.statpage || (!(statfile = fopen (config.statpage, "r")))) { + if (!config->statpage || (!(statfile = fopen (config->statpage, "r")))) { message_buffer = (char *) safemalloc (MAXBUFFSIZE); if (!message_buffer) { err_minus_one: