bughz/tinyproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,503 Commits 7 Branches 77 Tags 2.8 MiB
2e0250fbf1
Commit Graph

50 Commits

Author SHA1 Message Date
Mukund Sivaraman
e8426f6662 [BB#90]: Fix bug in ACL netmask generation 
Thanks to John Horne who diagnosed this issue and found the problem.
 2011-03-04 14:47:05 +05:30
Mukund Sivaraman
f84fb98766 Precompute network addresses for increased performance 2010-05-30 08:08:04 +05:30
Mukund Sivaraman
0963c4c71f Minor indent of code 2010-05-30 08:01:14 +05:30
David Shanks
184d07e47c check_numeric_acl() should return -1 when IPs don't match. 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-01-14 07:46:31 +01:00
Michael Adam
8cb182e1b8 Add access_list to the config struct instead of a global variable in acl.c. 
Change insert_acl, check_acl and flush_access_list to take a corresponding
argument.

Michael
 2009-12-07 00:22:46 +01:00
Michael Adam
6266197e92 acl: add function flush_access_list(). 2009-12-07 00:22:46 +01:00
Michael Adam
607e8ec0e7 acl: split initialization of the access_list out into a function 2009-11-17 17:30:19 +01:00
Michael Adam
4292fe7795 Fix a segfault in insert_acl and checks against string-type acls 
The "address" member of struct acl_s is a union of a char *
and the numeric ip. So freeing the string after appending it to the
vector list is bad in two respects:

1. If the acl type was numeric, then this could (and would)
   lead to a segfault due to the numeric IP data interpreted
   as pointer to the string to be freed.

2. If the acl type was string, then the acl inserted into the
   list contained a reference to this address string that
   was freed. So in the worst case dereferencing this freed
   string could segfault, or at least this could lead to
   unexpectedly failing acl checks.

Michael
 2009-11-10 00:37:57 +01:00
Michael Adam
07d993cbc1 acl: Fix "comparison between signed and unsigned" warning on 32bit 
This reads the mask bits as an unsigned int instead of as signend.
This is also what mask bits really are - there is no negative mask. :-)

Michael
 2009-10-10 01:11:53 +02:00
Michael Adam
a89d987e8a Use size_t not ssize_t for len argument. This is always >= 0. 2009-10-10 01:11:10 +02:00
Mukund Sivaraman
641e5823c0 Use ssize_t for len argument 2009-10-09 13:50:12 +05:30
Mukund Sivaraman
f08f0218af Include limits.h for LONG_MAX and LONG_MIN 
Not including limits.h caused an issue when building on FreeBSD.
 2009-09-28 13:41:36 +05:30
Mukund Sivaraman
f0cc213c5a Remove trailing comma from acl_type enum 2009-09-21 09:59:11 +05:30
Mukund Sivaraman
919eedc7f9 Remove inline keyword from static functions 
The compiler inlines static functions as necessary anyway.
No more inline keywords exist in Tinyproxy source code. We want to
avoid using this keyword anyway.
 2009-09-20 13:58:50 +05:30
Mukund Sivaraman
7b9234f394 Indent code to Tinyproxy coding style 
The modified files were indented with GNU indent using the
following command:

indent -npro -kr -i8 -ts8 -sob -l80 -ss -cs -cp1 -bs -nlps -nprs -pcs \
    -saf -sai -saw -sc -cdw -ce -nut -il0

No other changes of any sort were made.
 2009-09-15 01:11:25 +05:30
Mukund Sivaraman
a21cd7e3ed Rename tinyproxy.[ch] to main.[ch] 2009-08-07 03:42:53 +05:30
Michael Adam
ab4df6edb8 check_acl(): initialize "perm" to eliminate compiler warning. 
Provides safe fallback for switch statement, just in case..

Michael
 2009-08-04 23:47:27 +02:00
Michael Adam
14a3e187ee check_acl(): remove the fd argument - it is not used. 
Host name and IP address are provided instead.

Michael
 2009-08-04 23:47:27 +02:00
Michael Adam
64ff313260 check_acl(): fix function header comment. 
Michael
 2009-08-04 23:47:27 +02:00
Michael Adam
0abd82b7e9 check_acl(): add explicit cast to return value of vector_getentry() 
to reduce compiler warnings.

Michael
 2009-08-04 23:47:27 +02:00
Michael Adam
b9f2325c54 check_acl(): add cast to recuce compiler warning (unsigned / signed comparison) 
vector_lenth() returns < 0 if the vectore is NULL but this has been
checked before, so we can safely cast.

Michael
 2009-08-04 23:47:27 +02:00
Mukund Sivaraman
0b191f16fe Indenting change 2008-12-29 13:28:02 +00:00
Mukund Sivaraman
024b317de0 Convert tabs to spaces 2008-12-08 13:39:44 +00:00
Mukund Sivaraman
a257703e59 Reformat code to GNU coding style 
This is a commit which simply ran all C source code files
through GNU indent. No other modifications were made.
 2008-12-01 15:01:11 +00:00
Mukund Sivaraman
62ddbd5e74 pos can never be less than 0 as it's of type size_t 
Also fix the type which is passed in from various places.
 2008-08-24 10:58:16 +05:30
Robert James Kaes
c8cf89a954 Add strtol conversion error checking 
Moved the strtol() call into fill_netmask_array() and added additional
error checking to ensure that the strtol() call succeeded.

Error checking code taken from strtol() manpage.

Signed-off-by: Robert James Kaes <rjk@wormbytes.ca>
 2008-06-17 13:32:20 +05:30
Robert James Kaes
51fb15be2c Refactored netmask array fill with range check 
When building a numeric ACL with netmask, range check the supplied
value.  In addition, the code to walk the array has been extracted and
"simplified".

Signed-off-by: Robert James Kaes <rjk@wormbytes.ca>
 2008-06-17 13:31:04 +05:30
Mukund Sivaraman
249d4b7f33 Updated copyright, license notices in source code 
The notices have been changed to a more GNU look. Documentation
comments have been separated from the copyright header. I've tried to
keep all copyright notices intact. Some author contact details have
been updated.
 2008-05-24 13:35:49 +05:30
Robert James Kaes
c0299e1868 * [Indent] Ran Source Through indent 
I re-indented the source code using indent with the following options:

indent -kr -bad -bap -nut -i8 -l80 -psl -sob -ss -ncs

There are now _no_ tabs in the source files, and all indentation is
eight spaces.  Lines are 80 characters long, and the procedure type is
on it's own line.  Read the indent manual for more information about
what each option means.
 2005-08-15 03:54:31 +00:00
Robert James Kaes
a59117c7ca * Updated Copyright Email Addresses 
Updated the copyright email addresses for Robert James Kaes.  The
users.sourceforge.net address should always exist.
 2005-07-12 17:39:44 +00:00
Robert James Kaes
d41260fe2d Fixed up the acl_s structure so that it compiles correctly under 
gcc 2.95.
 2004-08-24 16:31:45 +00:00
Robert James Kaes
924da17c17 Completely rewrote the ACL functionality. The new system is intended 
to handle IPv6 style addresses along with the existing IPv4 and string
addresses.  In addition, the hand-rolled "list" code has been replaced
with a vector (code reuse.)  Also, the code should be a little easier
to understand (relatively speaking.)

I do need to add some kind of testing framework (in general) to check
that the new code does work with all the formats that will be thrown
at it.
 2004-08-11 20:09:20 +00:00
Robert James Kaes
aee5a63849 Removed unnecessary casts (mostly dealing with memory allocation.) I 
should never have added them in the first place.  They don't really
buy anything, and they can hide bugs.
 2004-02-13 21:27:42 +00:00
Robert James Kaes
6aaa863432 Added appropriate casts from (void*) so that the code will compile 
cleanly with a C++ compiler.  (Tested using GCC 3.3)
 2003-07-31 23:38:28 +00:00
Robert James Kaes
b697ebf16b (acl_string_processing): Moved the string processing code out of check_acl() and into it's own function because it now does two (2) tests. If the ACL string is a complete host name, in other words doesn't start with a period, than a reverse DNS look-up is done on the host name and compared to the IP address of the client; otherwise, the normal text string comparison is done. 
(check_acl): Moved the string text out of the function and removed some logging code by jumping to the "Deny" code at the end of the function.
 2002-06-05 16:59:21 +00:00
Robert James Kaes
451fad1ed2 Changed the header includes around to reflect the new source layout. 2002-05-23 18:20:27 +00:00
Robert James Kaes
9a8d732a13 Changed all calls to strdup to safestrdup. This should provide better 
memory usage tracking.
 2002-04-18 17:59:21 +00:00
Robert James Kaes
44bbdb2623 Changed the check_acl() function to require the peer IP address and string 
address from the calling function.
 2002-04-17 20:52:45 +00:00
Robert James Kaes
3c631c6e5c James Flemer cleaned up the make_netmask() function to remove the static 
table.  Very nice.
 2002-04-09 19:11:09 +00:00
Robert James Kaes
787ece6c01 Reformated text. 2001-11-22 00:31:10 +00:00
Robert James Kaes
9f0c8f18fb Tightened the string/numeric ACL checks. 2001-11-03 06:08:37 +00:00
Robert James Kaes
4ac03908fc Header reorganization. Basically all system headers are now included in 
tinyproxy.h and all the other files include the tinyproxy.h header. This
moves all the dependancy issues into one file.
 2001-10-25 17:27:39 +00:00
Robert James Kaes
48ddb827a7 Updated the authorization string. 2001-09-15 21:21:01 +00:00
Robert James Kaes
c04ffd3913 Comment cleanup. 2001-09-11 04:12:47 +00:00
Robert James Kaes
0668e42e8f Changed all the mallocs and callocs to use the new safemalloc and 
safecalloc.
 2001-09-08 18:58:37 +00:00
Robert James Kaes
1a9dc4e7e8 Error message cleanup. 2001-09-07 04:21:07 +00:00
Robert James Kaes
bf477e9dff Renamed the access member of struct acl_s to acl_access. 
Changed some of the types for the various variables to better reflect what
they are actually being used for.
 2001-05-27 02:20:54 +00:00
Robert James Kaes
36d84f4bc1 Make the netmask static and include the asserts. 2001-05-23 17:57:22 +00:00
Robert James Kaes
fd61e791b5 Updated the free() calls to the safefree() calls. 2000-09-26 04:57:46 +00:00
Robert James Kaes
de6f42d9fa Improvied access control semantics. Allows for a finger control for 
allowing and denying hosts.
 2000-09-12 00:08:48 +00:00