bughz/tinyproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,699 Commits 7 Branches 77 Tags 2.8 MiB
aeb7b19c53
Commit Graph

1040 Commits

Author SHA1 Message Date
rofl0r
81a93f9e4f configure: do not check for standard POSIX headers 
addresses #65
 2016-12-21 21:01:37 +00:00
rofl0r
39c92a3f70 configure: do not check for standard C headers 
addresses #65
 2016-12-21 20:45:06 +00:00
Stephan Leemburg
c5da1cc934 Continue with forward proxy if ReverseOnly is not true and no mapping available (#35) 
allow non-reverse mappings if reverseonly is not enabled
 2016-09-10 19:22:45 +02:00
rofl0r
ee83293285 update URL 2016-01-03 21:16:21 +00:00
Michael Adam
800c3a250c BB#110 Increase number of hash buckets from 32 to 256. 
This should make hash processing generally faster.

There is a treadeoff between memory footprint and
speed of processing. 10 KB instead of 1.2 KB of
hash table per process should not be a huge problem
even on very limited current systems.

Who really needs to stick to 32 buckets could
recompile. We could also think about making
this configurable at some point.

Signed-off-by: Michael Adam <obnox@samba.org>
 2014-12-13 01:41:56 +01:00
Michael Adam
545463c75d BB#110 limit the number of headers per request to prevent DoS 
Based on patch provided by gpernot@praksys.org on bugzilla.

Signed-off-by: Michael Adam <obnox@samba.org>
 2014-12-13 01:28:07 +01:00
Michael Adam
308305d827 BB#110 secure the hashmaps by adding a seed 
Based on a patch provided by gpernot@praksys.org on bugzilla.

Signed-off-by: Michael Adam <obnox@samba.org>
 2014-12-13 01:21:02 +01:00
Peter H. Froehlich
ab6255393d BB#110 Replace hash function with Dan Bernstein's. 
This hash function distributes much better than the
original one. The effect is not as visible with
hashes taken modulo 32 than with a bigger modulus,
but it is there. And larger number of buckets migh
become possible in the future...

Reviewed-by: Michael Adam <obnox@samba.org>
 2014-12-13 01:20:56 +01:00
Michael Adam
b59ecd0c66 buffer: fix log message in read_buffer(). 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-23 12:21:59 +01:00
Michael Adam
ffa3a56ab8 buffer: reduce indentation in read_buffer() 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-23 12:09:59 +01:00
Michael Adam
76bd008cf9 reqs: fix typo in a debug message in get_request_entity() 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-23 11:59:47 +01:00
Michael Adam
b3ac7d2c7b transparent: make transparent support compile after introduction of multi Listen 
I seem to have forgotten to compile with transparent support enabled...
This belongs to the fix for bug BB#63.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-23 00:18:04 +01:00
Michael Adam
b92d70be07 child: remove use of config.listen_addrs in child_listening_sockets() 
This was accidentially used instead of the function parameter listen_addrs
This still belongs to the fix for bug BB#63.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-23 00:17:55 +01:00
Michael Adam
3710accf72 reqs: Fix CID 1130969 (part 3) - unchecked return value from library. 
Check the return value of socket_blocking (fcntl) at the
end of relay_connection() for client socket.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-22 21:56:39 +01:00
Michael Adam
e07c363df2 reqs: Fix CID 1130969 (part 2) - unchecked return value from library. 
Check the return value of socket_blocking (fcntl) at the
end of relay_connection().

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-22 21:44:12 +01:00
Michael Adam
c82840bfcb reqs: Fix CID 1130972 - remove logically dead code. 
url == NULL is caught above.

Found by coverity.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-22 18:58:19 +01:00
Michael Adam
49c55ed26c network: Fix CID 113095 - unchecked return value from library 
Check return of "recv" in readline().

Found by coverity.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-22 18:54:22 +01:00
Michael Adam
198600ce42 child: check return code of socket_blocking for accept in child_main 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-22 18:49:45 +01:00
Michael Adam
38ef36d998 child: Fix CID 1130966 - unchecked return value from library 
check the return code of fcntl via socket_nonblocking
on the listen sockets in child_main()

Found by coverity.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-22 18:49:45 +01:00
Michael Adam
0a99803425 reqs: Fix CID 1130967 - unchecked return value from library. 
Check the return code of fcntl via socket_blocking
in pull_client_data().

Found by coverity.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-22 18:49:45 +01:00
Michael Adam
9efa5799f0 reqs: Fix CID 1130968 - unchecked return value from library 
Check the return code of fcntl via socket_nonblocking
in pull_client_data()

Found by coverity.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-22 18:49:45 +01:00
Michael Adam
c27b6d15e2 reqs: rename a variable. 
ret will be used in enclosing scope.
so rename this special varibale.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-22 18:49:45 +01:00
Michael Adam
68bd0b61b5 reqs: fix CID 1130969 - unchecked return code from library 
Effectively, the return code of fcntl was not checked
by not checking the return code of socket_nonblocking()
for the server fd.

Found by coverity.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-22 17:35:59 +01:00
Michael Adam
2004abc1e3 reqs: fix CID 1130970 - unchecked return code from library 
Effectively, the return code of fcntl was not checked
by not checking the return code of socket_nonblocking()
for the client fd.

Found by coverity.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-22 17:35:54 +01:00
Michael Adam
a244c1d4aa conf: Fix CID 1130973 - resource leak. 
Found by coverity.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-22 16:08:47 +01:00
Michael Adam
0f18e4fc3a BB#106: remove now unused extract_ssl_url. 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-16 15:26:06 +01:00
Michael Adam
9f43cfd488 BB#106: fix CONNECT requsts with IPv6 literal addresses as host. 
Use extract_url instead of the old extract_ssl_url:
extract_url is generic and handles ipv6 literal addresses correctly.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-16 15:25:44 +01:00
Michael Adam
98f77ef8c7 BB#106: add default_port argument to extract_http_url and rename it to extract_url 
There is in fact nothing http-specific any more about this function, hence
the rename. The input has been stripped of the <proto>:// header anyways.

This in preparation of fixing bug BB#106: ssl fails with literal ipv6 addrs.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-16 15:09:48 +01:00
Michael Adam
69c348ce6d req: move a variable into the scope where it is used in extract_http_url() 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-16 13:10:03 +01:00
Michael Adam
bb2e894e0d BB#116: fix invalid free when connecting to ipv6 literal address 
When removing the '[' and ']' characers from the ipv6 literal address, make sure
the pointer that is later free'd stays a malloced pointer by memmoving the
string one place left.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-16 13:07:19 +01:00
Michael Adam
836d4534d6 sock: add debug messages to opensock() 
log entering opensock and successful return of getaddrinfo.
This allows to detect dns timeouts from looking at the logs.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-16 11:30:07 +01:00
Michael Adam
e82080a5f6 [BB#63] conf: Allow multiple Listen statements in the config. 
This introduces a list (vector) of addresses instead of
having just one address string.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
d0732f9ade [BB#81] allow listening on multiple families when no Listen is provided in config 
This is achieved by not stopping at the first result of getaddrinfo
that we managed to listen on: Without "Listen" in the config, we
call getraddrinfo with NULL address. With AI_PASSIVE, this gives results
for both IPv4 and IPv6 wildcard addresses (if both are supported).

This lets tinyproxy listen on both IPv4 and IPv6 wildcard if the system
supports them.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
e40b91974a sock: add a starting debug message to listen_sock() 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
22587d3d41 sock: update introductory comment for listen_sock() 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
0698e4d180 sock: set IPV6_V6ONLY on the socket before binding an IPv6 address 
so that we can bind wildcard for both IPv4 and IPv6.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
d7f67768eb sock: factor listening on one socket out of the gai-result-loop in listen_sock() 
for clarity of the code

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
157879d4f6 sock: in listen_sock(), move variable for setsockopt() into scope 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
a7898a2c98 sock: log each result of getaddrinfo() in listen_sock() 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
947e255d19 sock: in listen_sock(), add a log message for when bind() has failed 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
b41d140984 sock: in listen_sock(), detect and log failure to call setsockopt() 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
5392e9829c sock: in listen_sock(), add debug message when socket() call failed. 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
fa26ad4d56 sock: move listen() into the getaddrinfo result loop in listen_sock() 
This also reverses the exit logic of the loop.
It prepares listening on multiple addresses.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
2ebfd456ef child: use a list of listen_fds instead of one single listenfd. 
This prepares listenting on multiple sockets, which will be ussed to
fix listening on the wildcard (listen on both ipv6 and ipv4) and
help add the support for multiple Listen statements in the config

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
070d621534 child: add addr argument to child_listening_sock(). 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
2bd919f01e sock: add addr argument to listen_sock() 
instead of using config.ipAddr internally.
This is in preparation to make it possible
to call it for multiple addresses.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
7eea1638bc sock/child: remove global variable addrlen. 
This changes listen_sock() to not return the
addrlen of the used address from getaddrinfo call
to the caller, stored in global addrlen in child.c.

This was only used to be able to allocate enough space for the
arguments to the later accept call depending on whether
IPv4 or IPv6 is used.

This removes the need to pass this info by always allocating
sizeof(struct sockaddr_storage) instead, which is enough
to carry both sockaddr_in and sockaddr_in6.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
4bbd6e8626 [BB#109] Fix crash (infinite loop) when writing to log file fails. 
Fall back to syslog logging in that case.

Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Michael Adam
d652681e8a log: remove extra newline characters in log messages. 
Signed-off-by: Michael Adam <obnox@samba.org>
 2013-11-09 13:34:33 +01:00
Gaudenz Steinlin
c8b8247f70 [BB#115] Drop supplementary groups 
Supplementary groups are inherited from the calling process. Drop all
supplementary groups if the "Group" configuration directive is set to
change to a different user. Otherwise the process may have more rights
than expected.

Reviewed-by: Michael Adam <obnox@samba.org>
 2013-11-01 06:38:53 +01:00
Mukund Sivaraman
983d241db6 Update authors 2012-01-23 16:32:35 +05:30
Mukund Sivaraman
32563a4ed6 Bug #103: Move files installed in /etc/ to /etc/tinyproxy/ 2011-08-23 14:46:04 +05:30
Mukund Sivaraman
e8426f6662 [BB#90]: Fix bug in ACL netmask generation 
Thanks to John Horne who diagnosed this issue and found the problem.
 2011-03-04 14:47:05 +05:30
Mukund Sivaraman
97b9984484 Validate port number specified in Port directive 
This was asked in bug #90 comment #8.
 2011-03-04 14:07:07 +05:30
Mukund Sivaraman
5ad24ba99d Update URLs of Tinyproxy 2011-02-28 12:36:05 +05:30
Mukund Sivaraman
7378c97524 Surround IPv6 literals with [] in Host: headers 2011-02-07 18:00:39 +05:30
Mukund Sivaraman
2d02e2211e Handle IPv6 literals in URLs correctly 2011-02-04 20:28:48 +05:30
Michael Adam
8fd3808ad3 [BB#95] remove two comments that have become wrong by the fix. 2010-12-01 22:25:44 +01:00
Daniel Egger
62443a6391 [BB#95] Fix FilterURLs with transparent proxy support. 
Pass a pointer to a char pointer to do_transparent_proxy so the reassembled URL
will actually end up back in the caller where it is needed for filtering
decisions. This fixes the problem that a tinyproxy configured with the
transparent proxy functionality and "FilterURLs Yes" would filter on everything
but the domain.

Signed-off-by: daniel.egger@sphairon.com
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-12-01 22:25:44 +01:00
Michael Adam
b672ca03fe [BB#91] Fix upstream proxy support. 
Patch by Jordi Mallach.
 2010-08-24 22:47:35 +02:00
Michael Adam
52cad36352 upstream: clarify debug messages 
There are frequent questions "what does 'No proxy for ...' mean?"
on the mailing list and IRC. Be more specific. (No upstream proxy ...)
Correspondingly, log "Found upstream proxy ... for ..."
 2010-08-24 22:46:10 +02:00
Mukund Sivaraman
691415a8f9 [BB#74] Create log and pid files after we drop privs 2010-06-02 10:36:05 +05:30
Mukund Sivaraman
56257d3da3 Remove excessive code 2010-06-02 10:11:17 +05:30
Mukund Sivaraman
df9e6d3163 Add authors to authors.xml and regen 2010-06-01 08:16:53 +05:30
John van der Kamp
a7933bdd36 [BB#89] Don't recompile regular expressions 
This is a modification of a patch originally written by
John van der Kamp <john@kirika.demon.nl> at
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=579427#12>

The modification was done by the committer.
 2010-06-01 07:54:55 +05:30
Mukund Sivaraman
f84fb98766 Precompute network addresses for increased performance 2010-05-30 08:08:04 +05:30
Mukund Sivaraman
0963c4c71f Minor indent of code 2010-05-30 08:01:14 +05:30
Dmitry Semyonov
7edb6e047c Fix crash in send_stored_logs() 2010-04-21 20:35:50 +05:30
Mukund Sivaraman
d30ee746a7 Revert "main: drop privileges right after reading the config" 
This reverts commit 7a9abc2a04. It should
fix the issue in bug #87.
 2010-04-21 20:10:56 +05:30
Mukund Sivaraman
1e0ad98f7f Just fix the support URLs 2010-03-28 10:33:38 +05:30
Mukund Sivaraman
34088e2175 Revert "Update Tinyproxy website URLs" 
This reverts commit b108162dfb.
 2010-03-28 10:27:40 +05:30
Mukund Sivaraman
b108162dfb Update Tinyproxy website URLs 2010-03-27 08:22:51 +05:30
Mukund Sivaraman
d37a6b2c12 Revert "Revert "Pass address family when binding to outgoing socket"" 
This reverts commit 70885bf029. It looks
like bug #69 needs this fix after all.
 2010-03-09 17:08:37 +05:30
Mukund Sivaraman
2f86b79d85 Use AI_PASSIVE flag to make tinyproxy listen on wildcard interface 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-03-03 01:03:45 +01:00
Michael Adam
e87c856487 change the default pid file location to "@LOCALSTATEDIR@/run/tinyproxy/tinyproxy.pid" 
I.e., add a tinyproxy subdirectory.
This is meant to ease running tinyproxy as non-root user.
The subdirectory can be used to give the tinyproxy user
write permission.

Michael
 2010-03-02 23:39:30 +01:00
Michael Adam
cfa5792880 change the default log file location to "@LOCALSTATEDIR@/log/tinyproxy/tinyproxy.log" 
i.e. add a tinyproxy subdirectory.
This is meant to ease running tinyproxy as non-root user
the subdirectory can be used to give the tinyproxy user
write permission.

Michael
 2010-03-02 23:39:21 +01:00
Michael Adam
f640c6fbb1 main: some tabs->spaces 2010-03-02 22:17:34 +01:00
Michael Adam
fcf5fd2129 main: move a log message. 2010-03-02 22:05:28 +01:00
Michael Adam
7a9abc2a04 main: drop privileges right after reading the config 
This is the second part of fixing bug #74.
I lets tinyproxy create its log and pid files as the
user as which it is running, so that later on at SIGHUP,
the log file can successfully be reopened.

Michael
 2010-03-02 22:02:46 +01:00
Michael Adam
2235a97f05 main: separate loading of config and setup_logging at startup 
This is the first part of a fix for bug #74
(making reloading of config work if running as non-privileged user)

Michael
 2010-03-02 21:57:03 +01:00
Mukund Sivaraman
2f6840fd85 Use format string when logging messages 2010-02-19 21:04:02 +05:30
Mukund Sivaraman
907a6c2420 Display upstream proxy support in usage message 2010-02-17 23:11:45 +05:30
Mukund Sivaraman
c6d4c68c99 Update help text a little 2010-02-17 00:29:29 +05:30
Mukund Sivaraman
9434b27cc1 Remove bogus static qualifiers for these auto variables 2010-01-25 23:40:03 +05:30
Mukund Sivaraman
2d85a69e49 Remove unnecessary cast to (void **) 
Fixes a compiler warning about dereferencing type-punned pointers.
 2010-01-25 21:36:18 +05:30
Mukund Sivaraman
19b9bff888 Fix compiler warning about dereferencing type-punned pointers 2010-01-25 13:06:58 +05:30
Mukund Sivaraman
70885bf029 Revert "Pass address family when binding to outgoing socket" 
This reverts commit 65ef313cc4.
This patch could've been the reason for BB#69.
 2010-01-21 06:29:15 +05:30
Mukund Sivaraman
b08420ec13 List all authors when license is requested 
(Not just recent authors.)
 2010-01-19 19:04:39 +05:30
Mukund Sivaraman
7ac13d7924 Change to for loop 2010-01-19 05:14:06 +05:30
Mukund Sivaraman
edea7e37d0 Show authors and documenters when license is requested 2010-01-18 19:05:31 +05:30
Michael Adam
9c500d06f2 Fix bug #68: Allow all ports for CONNECT at absence of ConnectPort in config. 2010-01-17 13:41:02 +01:00
Mukund Sivaraman
9c68b94136 Do an openlog() on fallback to syslog 2010-01-17 14:27:49 +05:30
Mukund Sivaraman
26b4ab07a4 Remove extra argument to log_message() 2010-01-17 14:27:19 +05:30
Mukund Sivaraman
a34ce8f4f9 Remove ret variable as 0 is always returned 2010-01-17 14:26:56 +05:30
Mukund Sivaraman
e2b367a169 Remove unused label 2010-01-17 14:26:08 +05:30
Michael Adam
8070023643 log: when opening the log file fails, fall back to syslog logging. 2010-01-17 01:10:21 +01:00
Michael Adam
54a613b9db conf: reduce indentation in load_config_file() 
This replaces a do { ... } while (0) with break statements
ba gotos. Imho, this is much clearer.

Michael
 2010-01-16 13:26:18 +01:00
Mukund Sivaraman
09d11ace60 Fix leak of file handle in load_config_file() 2010-01-16 11:09:14 +05:30
Mukund Sivaraman
bf820013df Use HTTPS link in URLs to Tinyproxy websites 2010-01-16 10:22:22 +05:30
David Shanks
184d07e47c check_numeric_acl() should return -1 when IPs don't match. 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-01-14 07:46:31 +01:00
Michael Adam
5e387e6ee7 log: turn tabs into spaces =) 
Michael
 2010-01-13 00:58:55 +01:00
Michael Adam
dc86ebaf28 log: change internal logic to choose syslog over file logging. 
Now that there is always a log file set, we just check for
syslog being set to TRUE and in that case use syslog logging,
file logging otherwiese.

Michael
 2010-01-13 00:57:32 +01:00
Michael Adam
fa0c4963e9 conf: add a default for PidFile: LOCALSTATEDIR/run/tinyproxy.pid 
Michael
 2010-01-13 00:30:50 +01:00
Michael Adam
9fec507daf log: remove a (now) useless fprintf in setup_logging. 
Now that there is a default value for LogFile, the case
that neither the log file name nor syslog is configured
can not happen any more.

Michael
 2010-01-13 00:23:48 +01:00
Michael Adam
74b0b63da8 conf: set default LogFile to LOCALSTATEDIR/log/tinyproxy.log 
Michael
 2010-01-13 00:21:39 +01:00
Michael Adam
fb07cb380c Export configure variable localstatedir to C as define LOCALSTATEDIR. 
So that it can be used for default values of some paths later on.

Michael
 2010-01-13 00:16:02 +01:00
Michael Adam
bcca20a3e6 log: remove an fprintf "not configured" error message in setup_logging(). 
Now that we exit early when !logging_initialized, this
can actually not happen anymore anyways: When logging is
initialized, it was also properly configured.

Michael
 2010-01-10 19:29:33 +01:00
Michael Adam
1dd1c2796a log: shortcut return in shutdown_logging() if logging_initialized == false 
This does for instance happen at startup when logging has not yet been set up.

Michael
 2010-01-10 19:24:23 +01:00
Mukund Sivaraman
65ef313cc4 Pass address family when binding to outgoing socket 2010-01-10 19:51:24 +05:30
Michael Adam
52e333af0b Happy new year 2010! 2010-01-10 13:51:33 +01:00
Michael Adam
12026c32de Fix bug #55: Read request entity before sending error page to client. 
https://www.banu.com/bugzilla/show_bug.cgi?id=55

This is achieved by streamlining handle_connection, adding
a common cleanup-and-exit poing ("done") and a common
failure exit point ("fail") that reads any pending data
from the client fd first before trying to send back
data (error page or stats page).

The new function get_request_entity that is used here,
does not honour any content-length header. It just calls
select on the client-fd and gets any data that is there
to read.

Michael
 2010-01-10 02:17:37 +01:00
Michael Adam
6c9a647576 reqs:handle_connection: untangle assignment from check 
Michael
 2010-01-10 01:49:14 +01:00
Michael Adam
e1e9e53d45 reqs:process_client_headers: polish logic flow a bit. 
Michael
 2010-01-10 01:49:14 +01:00
Michael Adam
0bfc0e90c1 reqs: simply process_request a bit: create common fail exit point 
Michael
 2010-01-10 01:49:14 +01:00
Mukund Sivaraman
9c0c3d5ced [BB#17] Add custom HTTP request headers to outgoing HTTP requests 2010-01-08 22:05:17 +05:30
Mukund Sivaraman
b96a3a3250 Fix case in log message 2010-01-06 11:54:57 +05:30
Michael Adam
e0fabc6127 log: confess - add my (C) after substantial changes. 
Michael
 2009-12-23 00:33:31 +01:00
Michael Adam
5e8c8508ef conf: confess - add my (C) after substantial changes. 
Michael
 2009-12-23 00:33:21 +01:00
Michael Adam
4a11f9f08f log: remove unneeded truncate_log_file(). 
Michael
 2009-12-23 00:31:56 +01:00
Michael Adam
c07cd2e44e Use shutdown_logging() in main(). 
Michael
 2009-12-23 00:31:56 +01:00
Michael Adam
71a035d619 Use reload_config() in main() to load config and init logging. 
Michael
 2009-12-23 00:31:55 +01:00
Michael Adam
bc10479452 log: fix log_message so do only one write before the fsync. 
This way the logging from the various child processes does not
get clobbered up. Formerly, the different write portions
(time stamp, message, newline) would get mixed from the
various child processes' log messages.

Michael
 2009-12-23 00:31:55 +01:00
Michael Adam
adf4640104 log: add start/end debug messages for "sending stored logs". 
Michael
 2009-12-23 00:31:55 +01:00
Michael Adam
0466526b1d Add warning comments to SIGHUP handlers, that we ignore the retrun code of reload_config(). 
This can actually fail, and we probably need some way to handle this.
Like an emergency error exit or so...

Michael
 2009-12-23 00:31:55 +01:00
Michael Adam
8346a20aa0 Don't truncate the log file in the SIGHUP handler. 
Logging is re-initialized by reload_config() now.
And truncation is wrong anyways: A syslog mechanism will
move the current log file and the reopen-action will just
create a new empty log file upon SIGHUP.

Michael
 2009-12-23 00:31:55 +01:00
Michael Adam
fb2e65f40b enhance reload_config to correctly re-initialize the logging subsystem. 
This includes reopening the log file (in append mode).
Also switching from syslog to logfile and visa versa are included
when called from the SIGHUP handler.

Michael
 2009-12-23 00:31:55 +01:00
Michael Adam
c4b9454807 log: enhance close_log_file to reset logfile_fd to -1 after closing 
Michael
 2009-12-23 00:31:55 +01:00
Michael Adam
f3c8424515 log.c: remove superfluous uses of #ifdef HAVE_SYSLOG_H 
When this code is hit, availability of syslog has already
been checked (when reading the config file). So config.syslog == TRUE
only when HAVE_SYSLOG_H is defined.

So I remove the preprocessor checks which only clobber the logic
and make the code harder to read (IMHO).

Michael
 2009-12-23 00:31:55 +01:00
Michael Adam
2c14f89bfc main: remove global bool processed_config_file. 
This seemed out of place. Now the information is
stored in the correct places (as log.c:logging_initialized).

This way, we will be able to cleanly re-initialize
logging during config reload (SIGHUP) in subsequent
commits.

Michael
 2009-12-23 00:27:32 +01:00
Michael Adam
210e82d08d log: call send_stored_logs in setup_logging instead of in main(). 
This is where it actually belongs.

Michael
 2009-12-23 00:27:32 +01:00
Michael Adam
891846f23e log: add boolean local variable logging_initialized. 
This controls whether log_messages should write to the
log file / syslog or rather to the log_message_storage.
This will make the global processed_config_file variable
from main unneccessary in the next step.

Michael
 2009-12-23 00:27:26 +01:00
Michael Adam
649b2c0683 log: add function shutdown_logging(). 
Michael
 2009-12-23 00:27:26 +01:00
Michael Adam
479562ad2b reload config upon SIGHUP 
Michael
 2009-12-22 00:15:00 +01:00
Michael Adam
91492773b1 conf: add a log messate ("reloading config file") 
Michael
 2009-12-22 00:15:00 +01:00
Michael Adam
e9baa2977c conf: adapt a log message (add quotes to string value) 
Michael
 2009-12-22 00:15:00 +01:00
Michael Adam
f7419c60be conf: elaborate a comment 
Michael
 2009-12-22 00:15:00 +01:00
Michael Adam
93dfb1ac5b conf: change a log message (to be more reasonable?) 
Michael
 2009-12-22 00:15:00 +01:00
Michael Adam
8bf91ce80f main: add convenience wrapper reload_config() for reload_config_file() 
Michael
 2009-12-22 00:14:59 +01:00
Michael Adam
72632f6569 conf.h: add "extern" to prototype of reload_config_file 
Michael
 2009-12-22 00:14:59 +01:00
Michael Adam
6ea160ffff conf: make free_config static 
Michael
 2009-12-22 00:14:59 +01:00
Michael Adam
c15434df2b conf: make load_config_file static. 
Michael
 2009-12-22 00:14:59 +01:00
Michael Adam
d3d31b434a conf: rename reload_config --> reload_config_file 
Michael
 2009-12-22 00:14:59 +01:00
Michael Adam
d522221668 Fix restarting of tinyproxy: call setsockopt with REUSEADDR _before_ calling bind 
Somehow this got moved too far down in the ipv6 changes.
Thanks to Mathew Mrosko for helping me debugging this.

Michael
 2009-12-08 01:24:31 +01:00
Michael Adam
5bba62bcde Fix the build with --enable-transaparent after conf changes. 
Michael
 2009-12-07 23:42:55 +01:00
Michael Adam
0ba5cbea4f fix build with "--enable-reverse" after conf changes 
Michael
 2009-12-07 23:40:24 +01:00
Michael Adam
7290691142 Move definition of "struct config_s" from main.h to conf.h 
Michael
 2009-12-07 22:33:27 +01:00
Michael Adam
34e4be193e main.h: fix tabs ---> spaces 
Michael
 2009-12-07 22:33:27 +01:00
Michael Adam
4b54fc203f conf: remove direct use of config from reload_config() 
The "conf" argument has to be used.

Michael
 2009-12-07 22:33:27 +01:00
Michael Adam
ad2f478c46 conf: remove direct reference to config from load_config_file() 
This has to use the parameter "conf".

Michael
 2009-12-07 22:33:26 +01:00
Michael Adam
947d85cefc Use reload_config() in main. 
Michael
 2009-12-07 01:11:35 +01:00
Michael Adam
0d0de2fcc5 Add reload_config() - (re-)load the config file, keeping defaults. 
This allows for later reloading the config at SIGHUP (e.g.).
First the old config data is freed, then the defaults that
are given as a parameter are copied over in a rather clumsy
manual fashion (maybe something more clever can be done here)
and finally, the actual config file is loaded.

Michael
 2009-12-07 01:11:35 +01:00
Michael Adam
2ccebf7a95 main: Move setup_logging to after the config post-processing checks. 
Michael
 2009-12-07 00:40:25 +01:00
Michael Adam
dcbf99d334 Add free_config() - free all config data. 
Michael
 2009-12-07 00:32:22 +01:00
Michael Adam
1360f530f1 Don't make config_file const in the config struct. 
Michael
 2009-12-07 00:32:22 +01:00
Michael Adam
d0a91c2f9b Add the anonymous_map hasmap to the config struct. 
Michael
 2009-12-07 00:22:53 +01:00
Michael Adam
fa073543c4 Add free_connect_ports_list(). 
Michael
 2009-12-07 00:22:52 +01:00
Michael Adam
4c0a4d985f Add connect_ports list to config struct instead of keeping extra global var. 
Michael
 2009-12-07 00:22:52 +01:00
Michael Adam
c981b246ce Move handling of connect_ports list to its own source module. 
Michael
 2009-12-07 00:22:52 +01:00
Michael Adam
8cb182e1b8 Add access_list to the config struct instead of a global variable in acl.c. 
Change insert_acl, check_acl and flush_access_list to take a corresponding
argument.

Michael
 2009-12-07 00:22:46 +01:00
Michael Adam
6266197e92 acl: add function flush_access_list(). 2009-12-07 00:22:46 +01:00
Michael Adam
2e6999df4a Add free_reversepath_list(). 
Michael
 2009-12-07 00:22:46 +01:00
Michael Adam
3f1201c8b3 Add a reversepath argument to reversepath_get(). 
This abstracts the setter/getter functions for the reversepath
list from the concrete list in config.reversepath_list.

Michael
 2009-12-07 00:22:46 +01:00
Michael Adam
624d146cd6 Add reversepath_list parameter to reversepath_add. 
Michael
 2009-12-07 00:22:36 +01:00
Michael Adam
21aa3ecf60 upstream: add free_upstream_list () 
Michael
 2009-12-07 00:22:36 +01:00
Michael Adam
4a8ea0d23b upstream: Add upstream list parameter to upstream_get() 
to abstract it from the concrete list in the config struct.
Now upstream.c does not use any reference to config any more.

Michael
 2009-12-07 00:22:36 +01:00
Michael Adam
22fba83df2 upstream: add upstream list parameter to upstream_add() 
to abstract it from the concrete list in the config struct.

Michael
 2009-12-07 00:22:28 +01:00
Michael Adam
fd987e97f0 move handling of upstream list to new module upstream.{c,h} 
Michael
 2009-12-06 13:17:18 +01:00
Michael Adam
56ba3d45bd upstream: refactor assembly of upstream out of upstream_add 
Michael
 2009-12-06 13:17:18 +01:00
Michael Adam
34dbeb3626 main/conf: add maxidletimeout to initialize_config_defaults 
But keep the resetting check after processing the conf file.

Michael
 2009-12-06 01:57:04 +01:00
Michael Adam
c853cec164 main: fix tab -> spaces 
Michael
 2009-12-06 01:57:04 +01:00
Michael Adam
073233b9f1 conf: move setting of default stathost to initialize_config_defaults() 
Michael
 2009-12-06 01:56:59 +01:00
Michael Adam
055c11f63c conf: fix tab->spaces 
Michael
 2009-12-06 01:55:53 +01:00
Michael Adam
f60aa47715 conf: allow set_string_arg to overwrite previous values (i.e. don't leak) 
Michael
 2009-12-06 01:55:53 +01:00
Michael Adam
5e399a7e17 main: use safestrdup instead of strdup in process_cmdline 
Michael
 2009-12-06 01:55:53 +01:00
Mukund Sivaraman
0480185d07 Use capitalized name in error messages 2009-12-04 05:41:36 +05:30
Michael Adam
607e8ec0e7 acl: split initialization of the access_list out into a function 2009-11-17 17:30:19 +01:00
Mukund Sivaraman
ec4b4d979f Use NULL for pointers 2009-11-17 02:40:03 +05:30
Michael Adam
a664dee4f6 set_string_arg: Remove unneccesary check for determining the return code. 2009-11-16 21:52:34 +01:00
Mukund Sivaraman
45a56e468d Remove excessive copying 2009-11-17 02:20:27 +05:30
Mukund Sivaraman
d7fada25e5 Make position into an enum 2009-11-17 01:52:23 +05:30
Mukund Sivaraman
4b6a25ac06 Use snprintf() with size of the portstr buf 2009-11-17 01:44:21 +05:30
Mathew Mrosko
238e3ffb34 Fix format string warnings 
C90 doesn't support z modifier in printf's, so cast values
to (unsigned long) which should be the same size as size_t
on both ILP32 and LP64.
 2009-11-16 21:50:40 +05:30
Mukund Sivaraman
2f05d8dd32 Fix typo in log string 2009-11-14 18:57:31 +05:30
Michael Adam
fba81e4174 conf: refactor loading of config file out into load_config_file() 
and make config_compile and config_parse static to conf.c

Michael
 2009-11-14 12:13:10 +01:00
Michael Adam
a09dd9cd00 main: add a config struct argument to process_cmdline. 
Michael
 2009-11-14 12:13:10 +01:00
Michael Adam
8945d9f0ae main: put initialization of config defaults into a function of its own 
Michael
 2009-11-14 12:13:10 +01:00
Michael Adam
ea2eaef173 extract setup of the logging subsystem into a function of its own. 
Signed-off-by: Michael Adam <obnox@samba.org>
 2009-11-14 12:13:10 +01:00
Michael Adam
d8da7f55f7 main: move initialization of default config values closer together 
Michael
 2009-11-14 12:13:10 +01:00
Michael Adam
feea6db815 daemon.c: fix #if NDEBUG --> #ifdef NDEBUG 
Thanks to Mathew Mrosko for pointing that out.
 2009-11-10 17:59:40 +01:00
Michael Adam
444ad35250 intentation: convert a tab to spaces 
Michael
 2009-11-10 13:59:07 +01:00
Michael Adam
fd879e45c8 conf: fix reverspath parsing: the string in the 2nd arg is actually the inner match 
this fixes bug #64, https://www.banu.com/bugzilla/show_bug.cgi?id=64

the quotes of the string were part of the revers path after parseing.

Michael
 2009-11-10 01:17:27 +01:00
Michael Adam
f63c29c886 conf: make the WS optional too, before the optional 2nd argument to reversepath 
Michael
 2009-11-10 01:17:27 +01:00
Michael Adam
60d738626b conf: fix ipv6 regex patterns, take three 
This extends the pattern by an alternative where there are no double colons.
This is for instance the case for and IPv6 address of the form
1111:222:33:4:55:666:7777:888

Michael
 2009-11-10 00:55:39 +01:00
Michael Adam
4292fe7795 Fix a segfault in insert_acl and checks against string-type acls 
The "address" member of struct acl_s is a union of a char *
and the numeric ip. So freeing the string after appending it to the
vector list is bad in two respects:

1. If the acl type was numeric, then this could (and would)
   lead to a segfault due to the numeric IP data interpreted
   as pointer to the string to be freed.

2. If the acl type was string, then the acl inserted into the
   list contained a reference to this address string that
   was freed. So in the worst case dereferencing this freed
   string could segfault, or at least this could lead to
   unexpectedly failing acl checks.

Michael
 2009-11-10 00:37:57 +01:00
Michael Adam
2b73e2183f conf: fix the IPV6 regex patterns, take two 
The patterns should not end with the end of line marker,
since they might be part of a continuing pattern,
say of the form ipv6address/mask (used for allow/deny)

Michael
 2009-11-09 23:26:46 +01:00
Michael Adam
f4f14419c4 conf: fix the IPV6 regex patterns 
These are not matched against the beginning of a line
but somewhere in the middle (as in "listen <IPv6 address>").

Michael
 2009-11-09 13:53:44 +01:00
Mukund Sivaraman
cd834de190 Close listenfd upon errors 2009-11-09 11:16:38 +05:30
Mukund Sivaraman
c8c9abc669 Fix validation of IPv6 addresses 2009-11-09 02:44:14 +05:30
Mukund Sivaraman
c978015af1 Add IPV6 support to listen_sock() 2009-11-09 01:13:41 +05:30
Michael Adam
25057baf54 propagate reload of filter file to child procs by sending HUP signals 2009-10-25 23:33:37 +01:00