Included code to disable the sending of the Via header. This is now

controlled by the ViaHeader configure directive.
2002-11-26 21:44:43 +00:00 · 2002-11-26 21:44:43 +00:00 · e58343012f
commit e58343012f
parent c826b18437
5 changed files with 41 additions and 17 deletions
--- a/doc/tinyproxy.conf
+++ b/doc/tinyproxy.conf
@ -110,6 +110,13 @@ MaxRequestsPerChild 0
 Allow 127.0.0.1
 Allow 192.168.1.0/25

+#
+# Control whether the HTTP Via header should be included in requests or
+# responses.  The RFC says it should be there, but it could be a security
+# concern.  The default is off.
+#
+#ViaHeader On
+
 #
 # The location of the filter file.
 #
--- a/src/grammar.y
+++ b/src/grammar.y
@ -1,4 +1,4 @@
-/* $Id: grammar.y,v 1.16 2002-11-03 17:10:32 rjkaes Exp $
+/* $Id: grammar.y,v 1.17 2002-11-26 21:44:43 rjkaes Exp $
 *
 * This is the grammar for tinyproxy's configuration file. It needs to be
 * in sync with scanner.l. If you know more about yacc and lex than I do
@ -49,7 +49,7 @@ int yylex(void);
 %token KW_ANONYMOUS KW_XTINYPROXY
 %token KW_FILTER KW_FILTERURLS KW_FILTEREXTENDED KW_FILTER_DEFAULT_DENY
 %token KW_UPSTREAM
-%token KW_CONNECTPORT KW_BIND
+%token KW_CONNECTPORT KW_BIND KW_HTTP_VIA
 %token KW_ALLOW KW_DENY

 /* yes/no switches */
@ -179,6 +179,15 @@ statement
 		  log_message(LOG_WARNING, "The 'Bind' directive can not be used with transparent proxy support.  Ignoring the directive.");
 #endif
          }
+        | KW_HTTP_VIA yesno
+          {
+	          if ($2) {
+			  log_message(LOG_INFO, "Enabling HTTP Via header.");
+			  config.via_http_header = TRUE;
+		  } else {
+			  config.via_http_header = FALSE;
+		  }
+          }
 	;

 loglevels
--- a/src/reqs.c
+++ b/src/reqs.c
@ -1,4 +1,4 @@
-/* $Id: reqs.c,v 1.85 2002-11-13 17:48:48 rjkaes Exp $
+/* $Id: reqs.c,v 1.86 2002-11-26 21:44:43 rjkaes Exp $
 *
 * This is where all the work in tinyproxy is actually done. Incoming
 * connections have a new child created for them. The child then
@ -791,7 +791,7 @@ process_client_headers(struct conn_s *connptr, hashmap_t hashofheaders)
 	int i;
 	hashmap_iter iter;
 	long content_length = -1;
-	int ret;
+	int ret = 0;

 	char *data, *header;

@ -826,13 +826,15 @@ process_client_headers(struct conn_s *connptr, hashmap_t hashofheaders)
 	}

 	/* Send, or add the Via header */
-	ret = write_via_header(connptr->server_fd, hashofheaders,
-			       connptr->protocol.major,
-			       connptr->protocol.minor);
-	if (ret < 0) {
-		indicate_http_error(connptr, 503,
-				    "Could not send data to remote server.");
-		goto PULL_CLIENT_DATA;
+	if (config.via_http_header) {
+		ret = write_via_header(connptr->server_fd, hashofheaders,
+				       connptr->protocol.major,
+				       connptr->protocol.minor);
+		if (ret < 0) {
+			indicate_http_error(connptr, 503,
+					    "Could not send data to remote server.");
+			goto PULL_CLIENT_DATA;
+		}
 	}

 	/*
@ -969,10 +971,13 @@ process_server_headers(struct conn_s *connptr)
 	}

 	/* Send, or add the Via header */
-        ret = write_via_header(connptr->client_fd, hashofheaders,
-			       connptr->protocol.major, connptr->protocol.minor);
-	if (ret < 0)
-		goto ERROR_EXIT;
+	if (config.via_http_header) {
+		ret = write_via_header(connptr->client_fd, hashofheaders,
+				       connptr->protocol.major,
+				       connptr->protocol.minor);
+		if (ret < 0)
+			goto ERROR_EXIT;
+	}

 	/*
 	 * All right, output all the remaining headers to the client.
--- a/src/scanner.l
+++ b/src/scanner.l
@ -1,4 +1,4 @@
-/* $Id: scanner.l,v 1.15 2002-11-03 17:10:32 rjkaes Exp $
+/* $Id: scanner.l,v 1.16 2002-11-26 21:44:43 rjkaes Exp $
 *
 * This builds the scanner for the tinyproxy configuration file. This
 * file needs to stay in sync with grammar.y. If someone knows lex and yacc
@ -53,6 +53,7 @@ static struct keyword keywords[] = {
        { "deny",                KW_DENY },
        { "connectport",         KW_CONNECTPORT },
        { "bind",                KW_BIND },
+        { "viaheader",           KW_HTTP_VIA },

        /* loglevel and the settings */
        { "loglevel",            KW_LOGLEVEL },
--- a/src/tinyproxy.h
+++ b/src/tinyproxy.h
@ -1,4 +1,4 @@
-/* $Id: tinyproxy.h,v 1.34 2002-11-03 17:10:32 rjkaes Exp $
+/* $Id: tinyproxy.h,v 1.35 2002-11-26 21:44:43 rjkaes Exp $
 *
 * See 'tinyproxy.c' for a detailed description.
 *
@ -52,6 +52,8 @@ struct config_s {

 	char* dnsserver_location;
 	char* dnsserver_socket;
+
+	bool_t via_http_header;
 };

 /* Global Structures used in the program */