diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..5eaa92f5 --- /dev/null +++ b/.gitignore @@ -0,0 +1,22 @@ +INSTALL +Makefile +Makefile.in +aclocal.m4 +config.cache +config.guess +config.h +config.h.in +config.log +config.status +config.sub +configure +depcomp +install-sh +libtool +missing +mkinstalldirs +stamp-h1 +ylwrap +autom4te.cache +cscope.files +cscope.out diff --git a/COPYING b/COPYING new file mode 100644 index 00000000..d511905c --- /dev/null +++ b/COPYING @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/ChangeLog b/ChangeLog index 900d00e7..f607ac8b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,58 @@ +2004-08-10 Robert James Kaes + + Released tinyproxy 1.6.3 (2004-08-10) + + * src/daemon.c (makedaemon): Close the standard file descriptors + when compiling a production executable. I only need these left + open when doing debugging. + +2004-08-06 Robert James Kaes + + * src/conns.c, src/conns.h, src/reqs.c, src/tinyproxy.h: + [Fixes Bug 996518] + Merged in a patch from Hans-Dieter that fixes a problem with upstream + proxy support. + +2004-06-14 Robert James Kaes + + * src/child.h (child_configure): Change the "val" type to a + signed integer. + + * src/child.c: Changed the fields in the child_config_s structure + to use regular signed integers since the servers_waiting variable + is signed and therefore, all the tests must use signed arithmetic. + +2003-11-19 Robert James Kaes + + * src/reqs.c (upstream_add): Fixed a spelling mistake with + "Nonsence" + +2003-10-17 Robert James Kaes + + Released tinyproxy 1.6.2 (2003-10-17) + + * Makefile.am: + Removed a redundant "mkdir" command, since the $(mkinstalldirs) + command handles it correctly. + +2003-10-16 Robert James Kaes + + * src/filter.c (filter_init): + Fixed up the comment handling code. Closes bug 822226 + [https://sourceforge.net/tracker/index.php?func=detail&aid=822226&group_id=2632&atid=102632] + +2003-08-06 Robert James Kaes + + Released tinyproxy 1.6.1 (2003-08-06) + + * heap.c (debugging_realloc): + Remove the assert on the ptr being NULL since a NULL pointer is + allowed by the realloc() spec. + + * child.c (child_main): + Fixed an off-by-one error with the maxrequestsperchild + variable. [Fix proposed by Yannick Koehler] + 2003-07-14 Robert James Kaes Released tinyproxy 1.6.0 (2003-07-14) diff --git a/Makefile.am b/Makefile.am index 926dda0b..3246b6be 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,15 +1,5 @@ -# Redhat spec files (from RPMs) -REDHAT_DIR = packaging/redhat -REDHAT = \ - $(REDHAT_DIR)/tinyproxy-1.5.2-config-patch \ - $(REDHAT_DIR)/tinyproxy-initd \ - $(REDHAT_DIR)/tinyproxy.spec - -# Packaging files -PACKAGING = $(REDHAT) - -EXTRA_DIST = TODO $(PACKAGING) -SUBDIRS = src doc +EXTRA_DIST = $(CONFIG_FILES) TODO autogen.sh +SUBDIRS = src doc packaging install-data-local: tinyproxy-configure-file tinyproxy-html-files @@ -40,7 +30,6 @@ tinyproxy-configure-file: tinyproxy-html-files: $(mkinstalldirs) $(DESTDIR)$(datadir)/tinyproxy - test -d $(datadir)/tinyproxy || mkdir $(datadir)/tinyproxy for file in debug default stats; do \ $(INSTALL) -m 644 $(srcdir)/doc/$$file.html $(DESTDIR)$(datadir)/tinyproxy/$$file.html.dist ; \ test -f $(DESTDIR)$(datadir)/tinyproxy/$$file.html || \ diff --git a/NEWS b/NEWS new file mode 100644 index 00000000..080c7a3c --- /dev/null +++ b/NEWS @@ -0,0 +1,22 @@ +Tinyproxy NEWS +============== + +Version 1.6.5 +------------- + + * Fixed memset bug where wrong buffer size was being passed + * Updated Tinyproxy website URLs + * Fixed various other bugs + +Bugs fixed since version 1.6.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + * BB#10: Do not filter out transfer-encoding header + * BB#14: Do not change order of HTTP headers + * BB#18: Fix pointer aliasing issues + * BB#53: Add a GPLv2 COPYING file + +Contributors +~~~~~~~~~~~~ + +Michael Adam, Mukund Sivaraman, Robert James Kaes. diff --git a/README b/README index 75c4c106..2e682b60 100644 --- a/README +++ b/README @@ -15,6 +15,8 @@ allowed, then tinyproxy is a great tool for the network administrator. + For more info, please visit: https://www.banu.com/tinyproxy/ + INSTALLATION ------------ @@ -62,18 +64,19 @@ SUPPORT ------- - If you are having problems with tinyproxy, please submit a bug to the - tinyproxy Bug Tracking system hosted by SourceForge and located at: + If you are having problems with tinyproxy, please submit a bug at: - http://sourceforge.net/tracker/?group_id=2632 + https://www.banu.com/bugzilla/enter_bug.cgi?product=Tinyproxy - You may also wish to subscribe to the tinyproxy-user mailing list. To - do so please visit: + You may also wish to subscribe to the tinyproxy mailing lists. To do + so please visit: - http://lists.sourceforge.net/lists/listinfo/tinyproxy-users + https://www.banu.com/mailman/listinfo/tinyproxy-announce-list + https://www.banu.com/mailman/listinfo/tinyproxy-users-list + https://www.banu.com/mailman/listinfo/tinyproxy-developers-list for more information on how to subscribe and post messages to the - list. + lists. Please recompile tinyproxy with full debug support (--enable-debug) and include a copy of the log file, and any assert errors reported by diff --git a/autogen.sh b/autogen.sh new file mode 100755 index 00000000..a871f252 --- /dev/null +++ b/autogen.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# -*- sh -*- +# +# Make the Autotools scripts after checking out the source code from CVS. +# This script was taken from the Autotool Book. I wonder if autoreconf +# can now be used... +# + +set -x +aclocal \ + && autoheader \ + && automake --gnu --add-missing \ + && autoconf diff --git a/configure.ac b/configure.ac index 1299edaf..a9d21750 100644 --- a/configure.ac +++ b/configure.ac @@ -1,31 +1,16 @@ -dnl $Id: configure.ac,v 2.60 2003-07-14 17:43:26 rjkaes Exp $ - -dnl Devlopers, please strive to achieve this order: -dnl -dnl 0. Initialization and options processing -dnl 1. Programs -dnl 2. Libraries -dnl 3. Header files -dnl 4. Types -dnl 5. Structures -dnl 6. Compiler characteristics -dnl 7. Functions, global variables -dnl 8. System services -dnl -dnl Read the Autoconf manual for details. - -AC_INIT([tinyproxy], [1.6.0], [rjkaes@users.sourceforge.net]) -AC_CONFIG_SRCDIR([src/tinyproxy.c]) -AC_PREREQ(2.52) +AC_PREREQ(2.54) +AC_INIT([Tinyproxy], [1.6.5], [https://www.banu.com/bugzilla/enter_bug.cgi?product=Tinyproxy], [tinyproxy]) AC_CANONICAL_TARGET +AM_INIT_AUTOMAKE +AM_CONFIG_HEADER(config.h) +AM_MAINTAINER_MODE + AH_TEMPLATE([TARGET_SYSTEM], [A string containing the target system for which tinyproxy was built.]) AC_DEFINE_UNQUOTED(TARGET_SYSTEM, ["$target"]) -AM_INIT_AUTOMAKE($PACKAGE_NAME, $PACKAGE_VERSION) -AM_CONFIG_HEADER(config.h) dnl Check if we're compiling on a weird platform :) AC_AIX @@ -153,10 +138,8 @@ AC_PROG_MAKE_SET AC_PROG_CC AC_ISC_POSIX AC_PROG_INSTALL -AC_PROG_LN_S AM_PROG_LEX AC_PROG_YACC -AC_PROG_LIBTOOL dnl If a CFLAGS variable was passed during configure, set the initial dnl CFLAGS variable to it; otherwise, start with an empty CFLAGS @@ -351,5 +334,5 @@ AC_SUBST(ADDITIONAL_OBJECTS) AC_SUBST(TINYPROXY_CONFIG_DIR) AC_SUBST(TINYPROXY_CONFIG_FILE) -AC_CONFIG_FILES([Makefile src/Makefile doc/Makefile]) +AC_CONFIG_FILES([Makefile src/Makefile doc/Makefile packaging/Makefile packaging/fedora/Makefile packaging/fedora/tinyproxy.spec]) AC_OUTPUT diff --git a/doc/Makefile.am b/doc/Makefile.am index b046cb62..0f1aaffe 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -4,7 +4,6 @@ man_MANS = tinyproxy.8 EXTRA_DIST = $(man_MANS) tinyproxy.conf \ HTTP_ERROR_CODES RFC_INFO \ - releases.txt \ filter-howto.txt \ report.sh.tmpl \ $(HTML_VAR_SUBST) diff --git a/packaging/Makefile.am b/packaging/Makefile.am new file mode 100644 index 00000000..6fc8a1cf --- /dev/null +++ b/packaging/Makefile.am @@ -0,0 +1,5 @@ + +# The various packaging directories + +SUBDIRS = fedora + diff --git a/packaging/fedora/.gitignore b/packaging/fedora/.gitignore new file mode 100644 index 00000000..b8b29538 --- /dev/null +++ b/packaging/fedora/.gitignore @@ -0,0 +1 @@ +tinyproxy.spec diff --git a/packaging/fedora/Makefile.am b/packaging/fedora/Makefile.am new file mode 100644 index 00000000..f3b4a7b9 --- /dev/null +++ b/packaging/fedora/Makefile.am @@ -0,0 +1,9 @@ + +# Packaging files + +PACKAGING_FILES = \ + tinyproxy.init \ + tinyproxy.spec + +EXTRA_DIST = $(PACKAGING_FILES) + diff --git a/packaging/fedora/tinyproxy.init b/packaging/fedora/tinyproxy.init new file mode 100644 index 00000000..92096741 --- /dev/null +++ b/packaging/fedora/tinyproxy.init @@ -0,0 +1,106 @@ +#!/bin/sh +# +# tinyproxy Startup script for the tinyproxy server +# +# chkconfig: - 85 15 +# description: small, efficient HTTP/SSL proxy daemon +# +# processname: tinyproxy +# config: /etc/tinyproxy/tinyproxy.conf +# config: /etc/sysconfig/tinyproxy +# pidfile: /var/run/tinyproxy.pid +# +# Note: pidfile is created by tinyproxy in its config +# see PidFile in the configuration file. + +# Source function library. +. /etc/rc.d/init.d/functions + +# Source networking configuration. +. /etc/sysconfig/network + +# Check that networking is up. +[ "$NETWORKING" = "no" ] && exit 0 + +exec="/usr/sbin/tinyproxy" +prog=$(basename $exec) +config="/etc/tinyproxy/tinyproxy.conf" + +[ -e /etc/sysconfig/tinyproxy ] && . /etc/sysconfig/tinyproxy + +lockfile=/var/lock/subsys/tinyproxy + +start() { + [ -x $exec ] || exit 5 + [ -f $config ] || exit 6 + echo -n $"Starting $prog: " + daemon $exec -c $config + retval=$? + echo + [ $retval -eq 0 ] && touch $lockfile + return $retval +} + +stop() { + echo -n $"Stopping $prog: " + # stop it here, often "killproc $prog" + killproc $prog + retval=$? + echo + [ $retval -eq 0 ] && rm -f $lockfile + return $retval +} + +restart() { + stop + start +} + +reload() { + restart +} + +force_reload() { + restart +} + +rh_status() { + status $prog +} + +rh_status_q() { + rh_status >/dev/null 2>&1 +} + +case "$1" in + start) + rh_status_q && exit 0 + $1 + ;; + stop) + rh_status_q || exit 0 + $1 + ;; + restart) + $1 + ;; + reload) + rh_status_q || exit 7 + $1 + ;; + force-reload) + force_reload + ;; + status) + rh_status + ;; + condrestart|try-restart) + rh_status_q || exit 0 + restart + ;; + *) + echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" + exit 2 +esac +exit $? + diff --git a/packaging/fedora/tinyproxy.spec.in b/packaging/fedora/tinyproxy.spec.in new file mode 100644 index 00000000..53736725 --- /dev/null +++ b/packaging/fedora/tinyproxy.spec.in @@ -0,0 +1,92 @@ +%define tinyproxy_confdir %{_sysconfdir}/tinyproxy +%define tinyproxy_datadir %{_datadir}/tinyproxy + +Name: tinyproxy +Version: @VERSION@ +Release: 2%{?dist} +Summary: A small, efficient HTTP/SSL proxy daemon + +Group: System Environment/Daemons +License: GPLv2+ +URL: https://www.banu.com/tinyproxy/ +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + +Source0: https://www.banu.com/pub/tinyproxy/1.6/%{name}-%{version}.tar.gz +Source1: %{name}.init +Source2: %{name}.conf + +Requires(post): chkconfig +Requires(preun): chkconfig +Requires(preun): initscripts + +%description +tinyproxy is a small, efficient HTTP/SSL proxy daemon released under the +GNU General Public License (GPL). tinyproxy is very useful in a small +network setting, where a larger proxy like Squid would either be too +resource intensive, or a security risk. + +%prep +%setup -q + + +%build +%configure --with-config=%{tinyproxy_confdir}/%{name}.conf +make %{?_smp_mflags} + + +%install +rm -rf %{buildroot} +make install-exec DESTDIR=%{buildroot} + +# The default 'make install' installs too many items, so we trim it down +# and install manually +%{__install} -p -D -m 0755 %{SOURCE1} %{buildroot}%{_initrddir}/%{name} +%{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{tinyproxy_confdir}/%{name}.conf +%{__install} -d -m 0755 %{buildroot}%{tinyproxy_datadir} +%{__install} -p -D -m 0644 ./doc/%{name}.8 %{buildroot}%{_mandir}/man8/%{name}.8 + +for htmlfile in $(find ./doc/ -type f -name '*.html') +do + %{__install} -p -m 0644 $htmlfile %{buildroot}%{tinyproxy_datadir} +done + +%clean +rm -rf %{buildroot} + + +%post +/sbin/chkconfig --add %{name} + + +%preun +if [ $1 = 0 ]; then + /sbin/service %{name} stop >/dev/null 2>&1 + /sbin/chkconfig --del %{name} +fi + + +%postun +if [ "$1" -ge "1" ]; then + /sbin/service %{name} condrestart > /dev/null 2>&1 || : +fi + + + +%files +%defattr(-,root,root,-) +%doc AUTHORS COPYING README doc/*.txt +%{_sbindir}/%{name} +%{_mandir}/man8/%{name}.8.gz +%{_initrddir}/%{name} +%dir %{tinyproxy_datadir} +%dir %{tinyproxy_datadir}/* +%dir %{tinyproxy_confdir} +%config(noreplace) %{tinyproxy_confdir}/%{name}.conf + +%changelog +* Wed Apr 16 2008 Jeremy Hinegardner - 1.6.3-2 +- fix spec review issues +- fix initscript + +* Sun Mar 09 2008 Jeremy Hinegardner - 1.6.3-1 +- Initial rpm configuration diff --git a/packaging/redhat/tinyproxy-1.5.2-config-patch b/packaging/redhat/tinyproxy-1.5.2-config-patch deleted file mode 100644 index a54dd3aa..00000000 --- a/packaging/redhat/tinyproxy-1.5.2-config-patch +++ /dev/null @@ -1,18 +0,0 @@ ---- doc/tinyproxy.conf 2003-02-01 22:03:25.000000000 -0500 -+++ doc/tinyproxy.conf 2003-02-01 22:05:01.000000000 -0500 -@@ -7,7 +7,7 @@ - # has been bound. - # - User nobody --Group nogroup -+Group nobody - - # - # Port to listen on. -## -108,7 +108,7 @@ - # are tested against the controls based on order. - # - Allow 127.0.0.1 -- Allow 192.168.1.0/25 -+# Allow 192.168.1.0/25 - diff --git a/packaging/redhat/tinyproxy-initd b/packaging/redhat/tinyproxy-initd deleted file mode 100644 index a1896bdb..00000000 --- a/packaging/redhat/tinyproxy-initd +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash - -# initfile for tinyproxy -# -# description: A small, efficient HTTP/SSL proxy daemon. -# -# processname: tinyproxy -# -# chkconfig 2345 -# - -. /etc/rc.d/init.d/functions - -case "$1" in - start) - echo -n "Starting tinyproxy: " - daemon /usr/sbin/tinyproxy - touch /var/lock/subsys/tinyproxy - echo - ;; - stop) - echo -n "Shutting down tinyproxy: " - killproc tinyproxy - rm -f /var/lock/subsys/tinyproxy - echo - ;; - restart) - $0 stop - $0 start - ;; - status) - status tinyproxy - ;; - *) - echo "Usage: tinyproxy {start|stop|restart|status}" - exit 1 -esac - -exit 0 - - diff --git a/packaging/redhat/tinyproxy.spec b/packaging/redhat/tinyproxy.spec deleted file mode 100644 index c234f33a..00000000 --- a/packaging/redhat/tinyproxy.spec +++ /dev/null @@ -1,76 +0,0 @@ -Summary: A small, efficient HTTP/SSL proxy daemon. -Name: tinyproxy -Version: 1.5.2 -Release: 1 -License: GPL -Group: System Environment/Daemons -URL: http://tinyproxy.sourceforge.net -Prefix: %{_prefix} -Packager: S. A. Hutchins -Source: tinyproxy-1.5.2.tar.gz -Source1: tinyproxy-initd -Patch0: tinyproxy-1.5.2-config-patch -BuildRoot: %{_tmppath}/%{name}-%{version}-root - -%description -tinyproxy is a small, efficient HTTP/SSL proxy daemon released under the GNU -General Public License (GPL). tinyproxy is very useful in a small network -setting, where a larger proxy like Squid would either be too resource -intensive, or a security risk. - -%prep -%setup -%patch - -%build - ./configure --enable-transparent-proxy --prefix=%{_prefix} \ - --mandir=%{_mandir} - make - -%install - if [ "$RPM_BUILD_ROOT" != "/" ]; then - rm -rf $RPM_BUILD_ROOT - fi - - pwd - - cd $RPM_BUILD_DIR/%{name}-%{version} - make install prefix=%{_prefix} DESTDIR="$RPM_BUILD_ROOT" - - mkdir -p $RPM_BUILD_ROOT/etc/init.d - cp -f $RPM_SOURCE_DIR/tinyproxy-initd $RPM_BUILD_ROOT/etc/init.d/tinyproxy - -%files -%defattr(-, root, root) - %{_sbindir}/tinyproxy - %{_mandir}/* - -%defattr(0755, root, root) - /etc/init.d/tinyproxy - -%defattr(0600, root, root) - /etc/tinyproxy/tinyproxy.conf - /etc/tinyproxy/tinyproxy.conf-dist - -%doc AUTHORS COPYING INSTALL NEWS README TODO -%doc ChangeLog -%doc doc/filter-howto.txt -%doc doc/HTTP_ERROR_CODES -%doc doc/releases.txt -%doc doc/RFC_INFO -%doc doc/report.sh - -%clean - if [ "$RPM_BUILD_DIR" != "/" ]; then - rm -rf $RPM_BUILD_DIR/%{name}-%{version} - fi - if [ "$RPM_BUILD_ROOT" != "/" ]; then - rm -rf $RPM_BUILD_ROOT - fi - -%changelog -* Sat Feb 01 2003 S. A. Hutchins -- From the depths of the void this beast I spawn. I added an initrd script for - this so it can be started/stopped from /sbin/service. My version of RedHat - doesn't have a 'nogroup' so used nobody instead. - diff --git a/src/.gitignore b/src/.gitignore new file mode 100644 index 00000000..4ab3b655 --- /dev/null +++ b/src/.gitignore @@ -0,0 +1,11 @@ +.deps +.libs +Makefile +Makefile.in +grammar.c +grammar.h +grammar.output +scanner.c +tinyproxy +*.o +*.pcno diff --git a/src/Makefile.am b/src/Makefile.am index 4a9c42f8..66889117 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -13,9 +13,6 @@ # General Public License for more details. # -YFLAGS = @YFLAGS@ -LDFLAGS = @LDFLAGS@ - sbin_PROGRAMS = tinyproxy tinyproxy_SOURCES = \ @@ -50,6 +47,3 @@ tinyproxy_LDADD = @ADDITIONAL_OBJECTS@ scanner.c: scanner.l grammar.h $(LEX) $(LEX_FLAGS) $(LFLAGS) -i $< && mv $(LEX_OUTPUT_ROOT).c $@ -clean: - rm -f *.da - rm -f gmon.out diff --git a/src/buffer.c b/src/buffer.c index 1d48e0cf..07a2e7b0 100644 --- a/src/buffer.c +++ b/src/buffer.c @@ -212,7 +212,7 @@ ssize_t read_buffer(int fd, struct buffer_s * buffptr) { ssize_t bytesin; - unsigned char buffer[READ_BUFFER_SIZE]; + unsigned char *buffer; assert(fd >= 0); assert(buffptr != NULL); @@ -223,20 +223,23 @@ read_buffer(int fd, struct buffer_s * buffptr) if (buffptr->size >= MAXBUFFSIZE) return 0; + buffer = safemalloc(READ_BUFFER_SIZE); + if (!buffer) { + return -ENOMEM; + } + bytesin = read(fd, buffer, READ_BUFFER_SIZE); if (bytesin > 0) { if (add_to_buffer(buffptr, buffer, bytesin) < 0) { log_message(LOG_ERR, "readbuff: add_to_buffer() error."); - return -1; + bytesin = -1; } - - return bytesin; } else { if (bytesin == 0) { /* connection was closed by client */ - return -1; + bytesin = -1; } else { switch (errno) { #ifdef EWOULDBLOCK @@ -247,15 +250,20 @@ read_buffer(int fd, struct buffer_s * buffptr) # endif #endif case EINTR: - return 0; + bytesin = 0; + break; default: log_message(LOG_ERR, "readbuff: recv() error \"%s\" on file descriptor %d", strerror(errno), fd); - return -1; + bytesin = -1; + break; } } } + + safefree(buffer); + return bytesin; } /* diff --git a/src/child.c b/src/child.c index 9726aa80..bcb480d2 100644 --- a/src/child.c +++ b/src/child.c @@ -1,4 +1,4 @@ -/* $Id: child.c,v 1.11 2003-05-31 23:02:21 rjkaes Exp $ +/* $Id: child.c,v 1.11.2.2 2004-06-14 20:08:12 rjkaes Exp $ * * Handles the creation/destruction of the various children required for * processing incoming connections. @@ -46,8 +46,8 @@ struct child_s { static struct child_s *child_ptr; static struct child_config_s { - unsigned int maxclients, maxrequestsperchild; - unsigned int maxspareservers, minspareservers, startservers; + int maxclients, maxrequestsperchild; + int maxspareservers, minspareservers, startservers; } child_config; static int* servers_waiting; /* servers waiting for a connection */ @@ -73,6 +73,11 @@ _child_lock_init(void) { char lock_file[] = "/tmp/tinyproxy.servers.lock.XXXXXX"; + /* Only allow u+rw bits. This may be required for some versions + * of glibc so that mkstemp() doesn't make us vulnerable. + */ + umask(0177); + lock_fd = mkstemp(lock_file); unlink(lock_file); @@ -127,7 +132,7 @@ _child_lock_release(void) * Set the configuration values for the various child related settings. */ short int -child_configure(child_config_t type, unsigned int val) +child_configure(child_config_t type, int val) { switch (type) { case CHILD_MAXCLIENTS: @@ -212,7 +217,7 @@ child_main(struct child_s* ptr) DEBUG2("%u connections so far...", ptr->connects); - if (ptr->connects == child_config.maxrequestsperchild - 1) { + if (ptr->connects == child_config.maxrequestsperchild) { log_message(LOG_NOTICE, "Child has reached MaxRequestsPerChild (%u). Killing child.", ptr->connects); diff --git a/src/child.h b/src/child.h index 2ae5b3d7..95447ee2 100644 --- a/src/child.h +++ b/src/child.h @@ -1,4 +1,4 @@ -/* $Id: child.h,v 1.1 2002-05-26 18:45:26 rjkaes Exp $ +/* $Id: child.h,v 1.1.2.1 2004-06-14 20:49:57 rjkaes Exp $ * * See 'child.c' for more information. * @@ -32,6 +32,6 @@ extern void child_close_sock(void); extern void child_main_loop(void); extern void child_kill_children(void); -extern short int child_configure(child_config_t type, unsigned int val); +extern short int child_configure(child_config_t type, int val); #endif diff --git a/src/conns.c b/src/conns.c index 1de8f404..d8aee10f 100644 --- a/src/conns.c +++ b/src/conns.c @@ -1,4 +1,4 @@ -/* $Id: conns.c,v 1.17 2003-05-31 23:02:21 rjkaes Exp $ +/* $Id: conns.c,v 1.17.2.1 2004-08-06 16:56:55 rjkaes Exp $ * * Create and free the connection structure. One day there could be * other connection related tasks put here, but for now the header @@ -75,6 +75,8 @@ initialize_conn(int client_fd, const char* ipaddr, const char* string_addr) connptr->client_ip_addr = safestrdup(ipaddr); connptr->client_string_addr = safestrdup(string_addr); + connptr->upstream_proxy = NULL; + update_stats(STAT_OPEN); return connptr; diff --git a/src/conns.h b/src/conns.h index a2c9017a..cc08e985 100644 --- a/src/conns.h +++ b/src/conns.h @@ -1,4 +1,4 @@ -/* $Id: conns.h,v 1.14 2003-05-04 04:35:10 rjkaes Exp $ +/* $Id: conns.h,v 1.14.2.1 2004-08-06 16:56:55 rjkaes Exp $ * * See 'conns.c' for a detailed description. * @@ -70,6 +70,10 @@ struct conn_s { unsigned int major; unsigned int minor; } protocol; + /* + * Pointer to upstream proxy. + */ + struct upstream *upstream_proxy; }; /* diff --git a/src/daemon.c b/src/daemon.c index 10bda1da..a6419ba1 100644 --- a/src/daemon.c +++ b/src/daemon.c @@ -1,4 +1,4 @@ -/* $Id: daemon.c,v 1.2 2002-10-03 20:38:06 rjkaes Exp $ +/* $Id: daemon.c,v 1.2.2.1 2004-08-10 03:38:13 rjkaes Exp $ * * This file contains functions which are useful when writing a * daemon process. The functions include a "makedaemon" function and @@ -38,9 +38,13 @@ makedaemon(void) exit(0); chdir("/"); - umask(077); + umask(0177); -#if 0 +#if NDEBUG + /* + * When not in debugging mode, close the standard file + * descriptors. + */ close(0); close(1); close(2); diff --git a/src/filter.c b/src/filter.c index 585b344f..4d88b2cc 100644 --- a/src/filter.c +++ b/src/filter.c @@ -1,4 +1,4 @@ -/* $Id: filter.c,v 1.16 2003-01-27 17:57:39 rjkaes Exp $ +/* $Id: filter.c,v 1.16.2.1 2003-10-16 21:19:09 rjkaes Exp $ * * Copyright (c) 1999 George Talusan (gstalusan@uwaterloo.ca) * Copyright (c) 2002 James E. Flemer (jflemer@acm.jhu.edu) @@ -49,7 +49,7 @@ filter_init(void) FILE *fd; struct filter_list *p; char buf[FILTER_BUFFER_LEN]; - char *s, *t; + char *s; int cflags; if (!fl && !already_init) { @@ -64,7 +64,35 @@ filter_init(void) cflags |= REG_ICASE; while (fgets(buf, FILTER_BUFFER_LEN, fd)) { + /* + * Remove any trailing white space and + * comments. + */ s = buf; + while (*s) { + if (isspace((unsigned char)*s)) break; + if (*s == '#') { + /* + * If the '#' char is preceeded by + * an escape, it's not a comment + * string. + */ + if (s == buf || *(s - 1) != '\\') + break; + } + ++s; + } + *s = '\0'; + + /* skip leading whitespace */ + s = buf; + while (*s && isspace((unsigned char)*s)) + s++; + + /* skip blank lines and comments */ + if (*s == '\0') + continue; + if (!p) /* head of list */ fl = p = safecalloc(1, @@ -78,23 +106,6 @@ filter_init(void) p = p->next; } - /* strip trailing whitespace & comments */ - t = s; - while (*s && *s != '#') { - if (!isspace((unsigned char)*(s++))) - t = s; - } - *t = '\0'; - - /* skip leading whitespace */ - s = buf; - while (*s && isspace((unsigned char)*s)) - s++; - - /* skip blank lines and comments */ - if (*s == '\0') - continue; - p->pat = safestrdup(s); p->cpat = safemalloc(sizeof(regex_t)); if ((err = regcomp(p->cpat, p->pat, cflags)) != 0) { diff --git a/src/hashmap.c b/src/hashmap.c index 4f7773d5..0ce10739 100644 --- a/src/hashmap.c +++ b/src/hashmap.c @@ -44,11 +44,16 @@ struct hashentry_s { struct hashentry_s *prev, *next; }; + +struct hashbucket_s { + struct hashentry_s *head, *tail; +}; + struct hashmap_s { unsigned int size; hashmap_iter end_iterator; - struct hashentry_s **buckets; + struct hashbucket_s *buckets; }; /* @@ -102,7 +107,7 @@ hashmap_create(unsigned int nbuckets) return NULL; ptr->size = nbuckets; - ptr->buckets = safecalloc(nbuckets, sizeof(struct hashentry_s *)); + ptr->buckets = safecalloc(nbuckets, sizeof(struct hashbucket_s)); if (!ptr->buckets) { safefree(ptr); return NULL; @@ -122,15 +127,15 @@ hashmap_create(unsigned int nbuckets) * negative number is returned if "entry" was NULL */ static inline int -delete_hashbucket(struct hashentry_s* entry) +delete_hashbucket(struct hashbucket_s* bucket) { struct hashentry_s *nextptr; struct hashentry_s *ptr; - if (entry == NULL) + if (bucket == NULL || bucket->head == NULL) return -EINVAL; - ptr = entry; + ptr = bucket->head; while (ptr) { nextptr = ptr->next; @@ -159,9 +164,8 @@ hashmap_delete(hashmap_t map) return -EINVAL; for (i = 0; i != map->size; i++) { - if (map->buckets[i] != NULL) { - delete_hashbucket(map->buckets[i]); - map->buckets[i] = NULL; + if (map->buckets[i].head != NULL) { + delete_hashbucket(&map->buckets[i]); } } @@ -234,15 +238,17 @@ hashmap_insert(hashmap_t map, const char *key, ptr->data = data_copy; ptr->len = len; - /* - * Put the entry at the beginning of the chain. This is a constant - * time insert. Thanks to Justin Guyett for the code. - */ - ptr->prev = NULL; - ptr->next = map->buckets[hash]; - map->buckets[hash] = ptr; - if (ptr->next) - ptr->next->prev = ptr; + /* + * Now add the entry to the end of the bucket chain. + */ + ptr->next = NULL; + ptr->prev = map->buckets[hash].tail; + if (map->buckets[hash].tail) + map->buckets[hash].tail->next = ptr; + + map->buckets[hash].tail = ptr; + if (!map->buckets[hash].head) + map->buckets[hash].head = ptr; map->end_iterator++; return 0; @@ -314,7 +320,7 @@ hashmap_find(hashmap_t map, const char* key) * of a particular key. */ for (i = 0; i != map->size; i++) { - ptr = map->buckets[i]; + ptr = map->buckets[i].head; while (ptr) { if (strcasecmp(ptr->key, key) == 0) { @@ -354,7 +360,7 @@ hashmap_return_entry(hashmap_t map, hashmap_iter iter, return -EINVAL; for (i = 0; i != map->size; i++) { - ptr = map->buckets[i]; + ptr = map->buckets[i].head; while (ptr) { if (count == iter) { /* This is the data so return it */ @@ -392,7 +398,7 @@ hashmap_search(hashmap_t map, const char *key) if (hash < 0) return hash; - ptr = map->buckets[hash]; + ptr = map->buckets[hash].head; /* All right, there is an entry here, now see if it's the one we want */ while (ptr) { @@ -427,7 +433,7 @@ hashmap_entry_by_key(hashmap_t map, const char* key, void** data) if (hash < 0) return hash; - ptr = map->buckets[hash]; + ptr = map->buckets[hash].head; while (ptr) { if (strcasecmp(ptr->key, key) == 0) { @@ -453,7 +459,7 @@ ssize_t hashmap_remove(hashmap_t map, const char *key) { int hash; - struct hashentry_s* ptr; + struct hashentry_s *ptr, *next; short int deleted = 0; if (map == NULL || key == NULL) @@ -463,25 +469,25 @@ hashmap_remove(hashmap_t map, const char *key) if (hash < 0) return hash; - ptr = map->buckets[hash]; + ptr = map->buckets[hash].head; while (ptr) { if (strcasecmp(ptr->key, key) == 0) { /* * Found the data, now need to remove everything * and update the hashmap. */ - struct hashentry_s* prevptr = ptr->prev; - if (prevptr != NULL) { - prevptr->next = ptr->next; - if (ptr->next) - ptr->next->prev = prevptr; - } else { - /* Entry was first in map */ - map->buckets[hash] = ptr->next; - if (ptr->next) - ptr->next->prev = NULL; - } - + next = ptr->next; + + if (ptr->prev) + ptr->prev->next = ptr->next; + if (ptr->next) + ptr->next->prev = ptr->prev; + + if (map->buckets[hash].head == ptr) + map->buckets[hash].head = ptr->next; + if (map->buckets[hash].tail == ptr) + map->buckets[hash].tail = ptr->prev; + safefree(ptr->key); safefree(ptr->data); safefree(ptr); @@ -489,11 +495,7 @@ hashmap_remove(hashmap_t map, const char *key) ++deleted; --map->end_iterator; - if (prevptr) - ptr = prevptr; - else - ptr = map->buckets[hash]; - + ptr = next; continue; } diff --git a/src/heap.c b/src/heap.c index 167147ab..c92ddaf1 100644 --- a/src/heap.c +++ b/src/heap.c @@ -1,4 +1,4 @@ -/* $Id: heap.c,v 1.6 2003-06-26 18:14:13 rjkaes Exp $ +/* $Id: heap.c,v 1.6.2.1 2003-08-06 20:44:09 rjkaes Exp $ * * Debugging versions of various heap related functions are combined * here. The debugging versions include assertions and also print @@ -33,8 +33,8 @@ debugging_calloc(size_t nmemb, size_t size, const char *file, assert(size > 0); ptr = calloc(nmemb, size); - fprintf(stderr, "{calloc: %p:%u x %u} %s:%lu\n", ptr, nmemb, size, file, - line); + fprintf(stderr, "{calloc: %p:%zu x %zu} %s:%lu\n", + ptr, nmemb, size, file, line); return ptr; } @@ -46,7 +46,8 @@ debugging_malloc(size_t size, const char *file, unsigned long line) assert(size > 0); ptr = malloc(size); - fprintf(stderr, "{malloc: %p:%u} %s:%lu\n", ptr, size, file, line); + fprintf(stderr, "{malloc: %p:%zu} %s:%lu\n", + ptr, size, file, line); return ptr; } @@ -54,13 +55,12 @@ void * debugging_realloc(void *ptr, size_t size, const char *file, unsigned long line) { void *newptr; - - assert(ptr != NULL); + assert(size > 0); - + newptr = realloc(ptr, size); - fprintf(stderr, "{realloc: %p -> %p:%u} %s:%lu\n", ptr, newptr, size, - file, line); + fprintf(stderr, "{realloc: %p -> %p:%zu} %s:%lu\n", + ptr, newptr, size, file, line); return newptr; } @@ -75,7 +75,7 @@ debugging_free(void *ptr, const char *file, unsigned long line) } char* -debugging_strdup(const char* s, const char* file, unsigned long line) +debugging_strdup(const char *s, const char *file, unsigned long line) { char* ptr; size_t len; @@ -88,7 +88,8 @@ debugging_strdup(const char* s, const char* file, unsigned long line) return NULL; memcpy(ptr, s, len); - fprintf(stderr, "{strdup: %p:%u} %s:%lu\n", ptr, len, file, line); + fprintf(stderr, "{strdup: %p:%zu} %s:%lu\n", + ptr, len, file, line); return ptr; } @@ -113,6 +114,11 @@ malloc_shared_memory(size_t size) strlcpy(buffer, shared_file, sizeof(buffer)); + /* Only allow u+rw bits. This may be required for some versions + * of glibc so that mkstemp() doesn't make us vulnerable. + */ + umask(0177); + if ((fd = mkstemp(buffer)) == -1) return (void *)MAP_FAILED; unlink(buffer); diff --git a/src/heap.h b/src/heap.h index 5431e112..75220d63 100644 --- a/src/heap.h +++ b/src/heap.h @@ -37,21 +37,16 @@ extern char *debugging_strdup(const char* s, const char* file, # define safemalloc(x) debugging_malloc(x, __FILE__, __LINE__) # define saferealloc(x, y) debugging_realloc(x, y, __FILE__, __LINE__) # define safestrdup(x) debugging_strdup(x, __FILE__, __LINE__) -# define safefree(x) do { \ -void **__safefree_tmp = (void *)&(x); \ -debugging_free(*__safefree_tmp, __FILE__, __LINE__); \ -*__safefree_tmp = NULL; \ -} while (0) +# define safefree(x) (debugging_free(x, __FILE__, __LINE__), *(&(x)) = NULL) + #else + # define safecalloc(x, y) calloc(x, y) # define safemalloc(x) malloc(x) # define saferealloc(x, y) realloc(x, y) -# define safefree(x) do { \ -void **__safefree_tmp = (void *)&(x); \ -free(*__safefree_tmp); \ -*__safefree_tmp = NULL; \ -} while (0) +# define safefree(x) (free (x), *(&(x)) = NULL) # define safestrdup(x) strdup(x) + #endif /* diff --git a/src/log.c b/src/log.c index bb0d79c1..63bfc0e7 100644 --- a/src/log.c +++ b/src/log.c @@ -137,20 +137,25 @@ log_message(int level, char *fmt, ...) if (!log_message_storage) { log_message_storage = vector_create(); - if (!log_message_storage) + if (!log_message_storage) { + va_end(args); return; + } } vsnprintf(str, STRING_LENGTH, fmt, args); entry_buffer = safemalloc(strlen(str) + 6); - if (!entry_buffer) + if (!entry_buffer) { + va_end(args); return; - + } + sprintf(entry_buffer, "%d %s", level, str); vector_append(log_message_storage, entry_buffer, strlen(entry_buffer) + 1); + safefree(entry_buffer); va_end(args); return; @@ -199,7 +204,7 @@ send_stored_logs(void) int level; - int i; + size_t i; for (i = 0; i != vector_length(log_message_storage); ++i) { string = vector_getentry(log_message_storage, i, NULL); diff --git a/src/reqs.c b/src/reqs.c index 9a443362..bc77f8cc 100644 --- a/src/reqs.c +++ b/src/reqs.c @@ -1,4 +1,4 @@ -/* $Id: reqs.c,v 1.105 2003-06-26 18:19:57 rjkaes Exp $ +/* $Id: reqs.c,v 1.105.2.2 2004-08-06 16:56:55 rjkaes Exp $ * * This is where all the work in tinyproxy is actually done. Incoming * connections have a new child created for them. The child then @@ -117,7 +117,7 @@ add_connect_port_allowed(int port) static int check_allowed_connect_ports(int port) { - ssize_t i; + size_t i; int *data; /* @@ -330,7 +330,7 @@ upstream_add(const char *host, int port, const char *domain) if (domain == NULL) { if (!host || host[0] == '\0' || port < 1) { - log_message(LOG_WARNING, "Nonsence upstream rule: invalid host or port"); + log_message(LOG_WARNING, "Nonsense upstream rule: invalid host or port"); goto upstream_cleanup; } @@ -1057,7 +1057,6 @@ process_client_headers(struct conn_s *connptr, hashmap_t hashofheaders) "proxy-connection", "te", "trailers", - "transfer-encoding", "upgrade" }; int i; @@ -1072,7 +1071,7 @@ process_client_headers(struct conn_s *connptr, hashmap_t hashofheaders) * proxy is in use.) */ if (connptr->server_fd == -1 || connptr->show_stats - || (connptr->connect_method && !UPSTREAM_CONFIGURED())) { + || (connptr->connect_method && (connptr->upstream_proxy == NULL))) { log_message(LOG_INFO, "Not sending client headers to remote machine"); return 0; } @@ -1166,7 +1165,6 @@ process_server_headers(struct conn_s *connptr) "proxy-authenticate", "proxy-authorization", "proxy-connection", - "transfer-encoding", }; char *response_line; @@ -1410,7 +1408,7 @@ connect_to_upstream(struct conn_s *connptr, struct request_s *request) char *combined_string; int len; - struct upstream *cur_upstream = upstream_get(request->host); + struct upstream *cur_upstream = connptr->upstream_proxy; if(!cur_upstream) { log_message(LOG_WARNING, "No upstream proxy defined for %s.", @@ -1554,7 +1552,8 @@ handle_connection(int fd) goto send_error; } - if (UPSTREAM_CONFIGURED() && (UPSTREAM_HOST(request->host) != NULL)) { + connptr->upstream_proxy = UPSTREAM_HOST(request->host); + if (connptr->upstream_proxy != NULL) { if (connect_to_upstream(connptr, request) < 0) { goto send_error; } @@ -1599,7 +1598,7 @@ handle_connection(int fd) return; } - if (!connptr->connect_method || UPSTREAM_CONFIGURED()) { + if (!connptr->connect_method || (connptr->upstream_proxy != NULL)) { if (process_server_headers(connptr) < 0) { if (connptr->error_variables) send_http_error_message(connptr); diff --git a/src/sock.c b/src/sock.c index 3b55cdf2..66264312 100644 --- a/src/sock.c +++ b/src/sock.c @@ -198,7 +198,7 @@ int getpeer_information(int fd, char* ipaddr, char* string_addr) { struct sockaddr_in name; - size_t namelen = sizeof(name); + socklen_t namelen = sizeof(name); struct hostent* result; assert(fd >= 0); diff --git a/src/stats.c b/src/stats.c index ea0b629c..c38017b2 100644 --- a/src/stats.c +++ b/src/stats.c @@ -49,7 +49,7 @@ init_stats(void) if (stats == MAP_FAILED) return; - memset(stats, 0, sizeof(struct stat)); + memset(stats, 0, sizeof(struct stat_s)); } /* diff --git a/src/tinyproxy.c b/src/tinyproxy.c index 76ff9936..636fca74 100644 --- a/src/tinyproxy.c +++ b/src/tinyproxy.c @@ -165,6 +165,11 @@ main(int argc, char **argv) } #endif /* HAVE_SETRLIMIT */ + /* Only allow u+rw bits. This may be required for some versions + * of glibc so that mkstemp() doesn't make us vulnerable. + */ + umask(0177); + /* Default configuration file location */ config.config_file = DEFAULT_CONF_FILE; diff --git a/src/tinyproxy.h b/src/tinyproxy.h index d014748d..c4fb1ef3 100644 --- a/src/tinyproxy.h +++ b/src/tinyproxy.h @@ -1,4 +1,4 @@ -/* $Id: tinyproxy.h,v 1.41 2003-06-20 17:02:12 rjkaes Exp $ +/* $Id: tinyproxy.h,v 1.41.2.1 2004-08-06 16:56:55 rjkaes Exp $ * * See 'tinyproxy.c' for a detailed description. * @@ -25,7 +25,10 @@ #define MAXBUFFSIZE ((size_t)(1024 * 96)) /* Max size of buffer */ #define MAX_IDLE_TIME (60 * 10) /* 10 minutes of no activity */ -#ifdef UPSTREAM_SUPPORT +/* + * Even if upstream support is not compiled into tinyproxy, this + * structure still needs to be defined. + */ struct upstream { struct upstream *next; char *domain; /* optional */ @@ -33,7 +36,6 @@ struct upstream { int port; in_addr_t ip, mask; }; -#endif struct config_s { char *logf_name; diff --git a/src/vector.c b/src/vector.c index e90a3f24..8a96f70c 100644 --- a/src/vector.c +++ b/src/vector.c @@ -180,7 +180,7 @@ vector_getentry(vector_t vector, size_t pos, size_t* size) struct vectorentry_s *ptr; size_t loc; - if (!vector || pos < 0 || pos >= vector->num_entries) + if (!vector || pos >= vector->num_entries) return NULL; loc = 0; diff --git a/src/vector.h b/src/vector.h index c125e85d..948bab4c 100644 --- a/src/vector.h +++ b/src/vector.h @@ -1,4 +1,4 @@ -/* $Id: vector.h,v 1.4 2003-05-30 16:21:47 rjkaes Exp $ +/* $Id: vector.h,v 1.4.2.1 2003-08-06 20:46:04 rjkaes Exp $ * * A vector implementation. The vector can be of an arbritrary length, and * the data for each entry is an lump of data (the size is stored in the @@ -80,7 +80,7 @@ extern void* vector_getentry(vector_t vector, size_t pos, size_t* size); */ extern ssize_t vector_length(vector_t vector); -#if defined(_cplusplus) +#if defined(__cplusplus) } #endif /* C++ */