ret will be used in enclosing scope.
so rename this special varibale.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit c27b6d15e2)
Check the return code of fcntl via socket_nonblocking
in pull_client_data()
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 9efa5799f0)
Check the return code of fcntl via socket_blocking
in pull_client_data().
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 0a99803425)
check the return code of fcntl via socket_nonblocking
on the listen sockets in child_main()
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 38ef36d998)
Effectively, the return code of fcntl was not checked
by not checking the return code of socket_nonblocking()
for the server fd.
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 68bd0b61b5)
Effectively, the return code of fcntl was not checked
by not checking the return code of socket_nonblocking()
for the client fd.
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 2004abc1e3)
Use extract_url instead of the old extract_ssl_url:
extract_url is generic and handles ipv6 literal addresses correctly.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 9f43cfd488)
There is in fact nothing http-specific any more about this function, hence
the rename. The input has been stripped of the <proto>:// header anyways.
This in preparation of fixing bug BB#106: ssl fails with literal ipv6 addrs.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 98f77ef8c7)
When removing the '[' and ']' characers from the ipv6 literal address, make sure
the pointer that is later free'd stays a malloced pointer by memmoving the
string one place left.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit bb2e894e0d)
This introduces a list (vector) of addresses instead of
having just one address string.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit e82080a5f6)
This is achieved by not stopping at the first result of getaddrinfo
that we managed to listen on: Without "Listen" in the config, we
call getraddrinfo with NULL address. With AI_PASSIVE, this gives results
for both IPv4 and IPv6 wildcard addresses (if both are supported).
This lets tinyproxy listen on both IPv4 and IPv6 wildcard if the system
supports them.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit d0732f9ade)
This also reverses the exit logic of the loop.
It prepares listening on multiple addresses.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit fa26ad4d56)
This prepares listenting on multiple sockets, which will be ussed to
fix listening on the wildcard (listen on both ipv6 and ipv4) and
help add the support for multiple Listen statements in the config
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 2ebfd456ef)
instead of using config.ipAddr internally.
This is in preparation to make it possible
to call it for multiple addresses.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 2bd919f01e)
This changes listen_sock() to not return the
addrlen of the used address from getaddrinfo call
to the caller, stored in global addrlen in child.c.
This was only used to be able to allocate enough space for the
arguments to the later accept call depending on whether
IPv4 or IPv6 is used.
This removes the need to pass this info by always allocating
sizeof(struct sockaddr_storage) instead, which is enough
to carry both sockaddr_in and sockaddr_in6.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 7eea1638bc)
Supplementary groups are inherited from the calling process. Drop all
supplementary groups if the "Group" configuration directive is set to
change to a different user. Otherwise the process may have more rights
than expected.
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit c8b8247f70)
Use AC_CONFIG_HEADERS instead of obsolete AM_CONFIG_HEADER.
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 3cc59ec3be)
Conflicts:
configure.ac
Pass a pointer to a char pointer to do_transparent_proxy so the reassembled URL
will actually end up back in the caller where it is needed for filtering
decisions. This fixes the problem that a tinyproxy configured with the
transparent proxy functionality and "FilterURLs Yes" would filter on everything
but the domain.
Signed-off-by: daniel.egger@sphairon.com
Signed-off-by: Michael Adam <obnox@samba.org>
