Commit Graph

73 Commits

Author SHA1 Message Date
rofl0r
40afaeb637 move commandline parsing to main() 2020-01-15 14:45:23 +00:00
rofl0r
25205fd1f3 move initialize_config_defaults to conf.c 2020-01-15 14:17:13 +00:00
rofl0r
b935dc85c3 simplify codebase by using one thread/conn, instead of preforked procs
the existing codebase used an elaborate and complex approach for
its parallelism:

5 different config file options, namely

- MaxClients
- MinSpareServers
- MaxSpareServers
- StartServers
- MaxRequestsPerChild

were used to steer how (and how many) parallel processes tinyproxy
would spin up at start, how many processes at each point needed to
be idle, etc.
it seems all preforked processes would listen on the server port
and compete with each other about who would get assigned the new
incoming connections.
since some data needs to be shared across those processes, a half-
baked "shared memory" implementation was provided for this purpose.
that implementation used to use files in the filesystem, and since
it had a big FIXME comment, the author was well aware of how hackish
that approach was.

this entire complexity is now removed. the main thread enters
a loop which polls on the listening fds, then spins up a new
thread per connection, until the maximum number of connections
(MaxClients) is hit. this is the only of the 5 config options
left after this cleanup. since threads share the same address space,
the code necessary for shared memory access has been removed.
this means that the other 4 mentioned config option will now
produce a parse error, when encountered.

currently each thread uses a hardcoded default of 256KB per thread
for the thread stack size, which is quite lavish and should be
sufficient for even the worst C libraries, but people may want
to tweak this value to the bare minimum, thus we may provide a new
config option for this purpose in the future.
i suspect that on heavily optimized C libraries such a musl, a
stack size of 8-16 KB per thread could be sufficient.

since the existing list implementation in vector.c did not provide
a way to remove a single item from an existing list, i added my
own list implementation from my libulz library which offers this
functionality, rather than trying to add an ad-hoc, and perhaps
buggy implementation to the vector_t list code. the sblist
code is contained in an 80 line C file and as simple as it can get,
while offering good performance and is proven bugfree due to years
of use in other projects.
2019-12-21 00:43:45 +00:00
Michael Adam
56f30a4386 main: remove the "-l" switch to display the license and authors
Signed-off-by: Michael Adam <obnox@samba.org>
2018-09-01 04:06:59 +02:00
Michael Adam
9acb0cb16c Fix CVE-2017-11747: Create PID file before dropping privileges.
Resolves #106

Signed-off-by: Michael Adam <obnox@samba.org>
2018-02-09 15:21:14 +01:00
rofl0r
ccbbb81aa9 log to stdout if no logfile specified
some users want to run tinyproxy on an as-needed basis in a terminal,
without setting it up permanently to run as a daemon/service.
in such use case, it is very annoying that tinyproxy didn't have
an option to log to stdout, so the user has to keep a second terminal
open to `tail -f` the log.

additionally, this precluded usage with runit service supervisor,
which runs all services in foreground and creates logfiles from the
service's stdout/stderr.

since logging to stdout doesn't make sense when daemonized, now if
no logfile is specified and daemon mode activated, a warning is
printed to stderr once, and nothing is logged.
the original idea was to fail with an error message, though some users
might actually want to run tinyproxy as daemon and no logging at all.
2017-11-16 19:26:14 +01:00
rofl0r
64b29c5f4e do not create a pidfile, if none is specified in config
some people want to run tinyproxy with minimal configuration from
the command line (and as non-root), but tinyproxy insists on writing
a pid file, which only makes sense for usage as a service, hereby
forcing the user to either run it as root so it can write to the
default location, or start editing the default config file to work
around it.
and if no pidfile is specified in the config, it frankly doesn't
make sense to force creation of one anyway.
2017-11-16 19:26:14 +01:00
rofl0r
ee83293285 update URL 2016-01-03 21:16:21 +00:00
Michael Adam
e82080a5f6 [BB#63] conf: Allow multiple Listen statements in the config.
This introduces a list (vector) of addresses instead of
having just one address string.

Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09 13:34:33 +01:00
Michael Adam
070d621534 child: add addr argument to child_listening_sock().
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09 13:34:33 +01:00
Gaudenz Steinlin
c8b8247f70 [BB#115] Drop supplementary groups
Supplementary groups are inherited from the calling process. Drop all
supplementary groups if the "Group" configuration directive is set to
change to a different user. Otherwise the process may have more rights
than expected.

Reviewed-by: Michael Adam <obnox@samba.org>
2013-11-01 06:38:53 +01:00
Mukund Sivaraman
5ad24ba99d Update URLs of Tinyproxy 2011-02-28 12:36:05 +05:30
Mukund Sivaraman
691415a8f9 [BB#74] Create log and pid files after we drop privs 2010-06-02 10:36:05 +05:30
Mukund Sivaraman
56257d3da3 Remove excessive code 2010-06-02 10:11:17 +05:30
John van der Kamp
a7933bdd36 [BB#89] Don't recompile regular expressions
This is a modification of a patch originally written by
John van der Kamp <john@kirika.demon.nl> at
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=579427#12>

The modification was done by the committer.
2010-06-01 07:54:55 +05:30
Mukund Sivaraman
d30ee746a7 Revert "main: drop privileges right after reading the config"
This reverts commit 7a9abc2a04. It should
fix the issue in bug #87.
2010-04-21 20:10:56 +05:30
Mukund Sivaraman
1e0ad98f7f Just fix the support URLs 2010-03-28 10:33:38 +05:30
Mukund Sivaraman
34088e2175 Revert "Update Tinyproxy website URLs"
This reverts commit b108162dfb.
2010-03-28 10:27:40 +05:30
Mukund Sivaraman
b108162dfb Update Tinyproxy website URLs 2010-03-27 08:22:51 +05:30
Michael Adam
e87c856487 change the default pid file location to "@LOCALSTATEDIR@/run/tinyproxy/tinyproxy.pid"
I.e., add a tinyproxy subdirectory.
This is meant to ease running tinyproxy as non-root user.
The subdirectory can be used to give the tinyproxy user
write permission.

Michael
2010-03-02 23:39:30 +01:00
Michael Adam
cfa5792880 change the default log file location to "@LOCALSTATEDIR@/log/tinyproxy/tinyproxy.log"
i.e. add a tinyproxy subdirectory.
This is meant to ease running tinyproxy as non-root user
the subdirectory can be used to give the tinyproxy user
write permission.

Michael
2010-03-02 23:39:21 +01:00
Michael Adam
f640c6fbb1 main: some tabs->spaces 2010-03-02 22:17:34 +01:00
Michael Adam
fcf5fd2129 main: move a log message. 2010-03-02 22:05:28 +01:00
Michael Adam
7a9abc2a04 main: drop privileges right after reading the config
This is the second part of fixing bug #74.
I lets tinyproxy create its log and pid files as the
user as which it is running, so that later on at SIGHUP,
the log file can successfully be reopened.

Michael
2010-03-02 22:02:46 +01:00
Michael Adam
2235a97f05 main: separate loading of config and setup_logging at startup
This is the first part of a fix for bug #74
(making reloading of config work if running as non-privileged user)

Michael
2010-03-02 21:57:03 +01:00
Mukund Sivaraman
907a6c2420 Display upstream proxy support in usage message 2010-02-17 23:11:45 +05:30
Mukund Sivaraman
c6d4c68c99 Update help text a little 2010-02-17 00:29:29 +05:30
Mukund Sivaraman
7ac13d7924 Change to for loop 2010-01-19 05:14:06 +05:30
Mukund Sivaraman
edea7e37d0 Show authors and documenters when license is requested 2010-01-18 19:05:31 +05:30
Michael Adam
fa0c4963e9 conf: add a default for PidFile: LOCALSTATEDIR/run/tinyproxy.pid
Michael
2010-01-13 00:30:50 +01:00
Michael Adam
74b0b63da8 conf: set default LogFile to LOCALSTATEDIR/log/tinyproxy.log
Michael
2010-01-13 00:21:39 +01:00
Michael Adam
52e333af0b Happy new year 2010! 2010-01-10 13:51:33 +01:00
Michael Adam
c07cd2e44e Use shutdown_logging() in main().
Michael
2009-12-23 00:31:56 +01:00
Michael Adam
71a035d619 Use reload_config() in main() to load config and init logging.
Michael
2009-12-23 00:31:55 +01:00
Michael Adam
fb2e65f40b enhance reload_config to correctly re-initialize the logging subsystem.
This includes reopening the log file (in append mode).
Also switching from syslog to logfile and visa versa are included
when called from the SIGHUP handler.

Michael
2009-12-23 00:31:55 +01:00
Michael Adam
2c14f89bfc main: remove global bool processed_config_file.
This seemed out of place. Now the information is
stored in the correct places (as log.c:logging_initialized).

This way, we will be able to cleanly re-initialize
logging during config reload (SIGHUP) in subsequent
commits.

Michael
2009-12-23 00:27:32 +01:00
Michael Adam
210e82d08d log: call send_stored_logs in setup_logging instead of in main().
This is where it actually belongs.

Michael
2009-12-23 00:27:32 +01:00
Michael Adam
8bf91ce80f main: add convenience wrapper reload_config() for reload_config_file()
Michael
2009-12-22 00:14:59 +01:00
Michael Adam
d3d31b434a conf: rename reload_config --> reload_config_file
Michael
2009-12-22 00:14:59 +01:00
Michael Adam
947d85cefc Use reload_config() in main.
Michael
2009-12-07 01:11:35 +01:00
Michael Adam
2ccebf7a95 main: Move setup_logging to after the config post-processing checks.
Michael
2009-12-07 00:40:25 +01:00
Michael Adam
1360f530f1 Don't make config_file const in the config struct.
Michael
2009-12-07 00:32:22 +01:00
Michael Adam
34dbeb3626 main/conf: add maxidletimeout to initialize_config_defaults
But keep the resetting check after processing the conf file.

Michael
2009-12-06 01:57:04 +01:00
Michael Adam
c853cec164 main: fix tab -> spaces
Michael
2009-12-06 01:57:04 +01:00
Michael Adam
073233b9f1 conf: move setting of default stathost to initialize_config_defaults()
Michael
2009-12-06 01:56:59 +01:00
Michael Adam
5e399a7e17 main: use safestrdup instead of strdup in process_cmdline
Michael
2009-12-06 01:55:53 +01:00
Michael Adam
fba81e4174 conf: refactor loading of config file out into load_config_file()
and make config_compile and config_parse static to conf.c

Michael
2009-11-14 12:13:10 +01:00
Michael Adam
a09dd9cd00 main: add a config struct argument to process_cmdline.
Michael
2009-11-14 12:13:10 +01:00
Michael Adam
8945d9f0ae main: put initialization of config defaults into a function of its own
Michael
2009-11-14 12:13:10 +01:00
Michael Adam
ea2eaef173 extract setup of the logging subsystem into a function of its own.
Signed-off-by: Michael Adam <obnox@samba.org>
2009-11-14 12:13:10 +01:00