Age | Commit message (Collapse) | Author | Files | Lines |
|
unless explicitly allowed by a configuration directive.
|
|
connptr->server_fd variable and moved it into an assert since we
should never be called with invalid data. Also made the function an
inline function since it's only called in one place.
|
|
to handle IPv6 style addresses along with the existing IPv4 and string
addresses. In addition, the hand-rolled "list" code has been replaced
with a vector (code reuse.) Also, the code should be a little easier
to understand (relatively speaking.)
I do need to add some kind of testing framework (in general) to check
that the new code does work with all the formats that will be thrown
at it.
|
|
it's no longer needed. Reorganized the function to make it more
obvious what was actually being done.
|
|
|
|
This allows tinyproxy to respond to a request bound to the same
interface that the request came in on. As Oswald explains:
"attached is a patch that adds the BindSame option. it causes
binding an outgoing connection to the ip address of the respective
incoming connection. that way one can simulate an entire proxy farm
with a single instance of tinyproxy on a multi-homed machine."
Cool.
|
|
properly. (The sizeof "struct stat" was being used rather than the
proper "struct stat_s". On my system, "struct stat" is 88 bytes long,
while "struct stat_s" is 20 bytes long. Quite a difference!)
|
|
looking at the CVS status information a little cleaner.
|
|
addresses.
|
|
- get_ip_string() converts a binary network address into either a
dotted-decimal IPv4 address, or a IPv6 hex-string
- full_inet_pton() converts a numeric character string into an IPv6
network address (binary form). It's like the system inet_pton()
function, but it will work with bot IPv4 and IPv6 character
strings.
These functions are required for the conversion to Internet protocol
independence. (Or to put it more clearly: allow tinyproxy to work in
an IPv6 network.)
|
|
"major" addition authors.
|
|
should never have added them in the first place. They don't really
buy anything, and they can hide bugs.
|
|
string and return the port. I cleaned up and added error handling to
the code, but it's basically "alex"'s fix.
(extract_http_url): Rewrote this function to remove all the sscanf()
calls. It's much easier to just split on the path slash (if it's
present) and then strip the user name/password and port from the host
string. Less code, handles more cases!
|
|
|
|
this addition follow:
The patch implements a simple reverse proxy (with one funky extra
feature). It has all the regular features: mapping remote servers to local
namespace (ReversePath), disabling forward proxying (ReverseOnly) and HTTP
redirect rewriting (ReverseBaseURL).
The funky feature is this: You map Google to /google/ and the Google front
page opens up fine. Type in stuff and click "Google Search" and you'll get
an error from tinyproxy. Reason for this is that Google's form submits to
"/search" which unfortunately bypasses our /google/ mapping (if they'd
submit to "search" without the slash it would have worked ok). Turn on
ReverseMagic and it starts working....
ReverseMagic "hijacks" one cookie which it sends to the client browser.
This cookie contains the current reverse proxy path mapping (in the above
case /google/) so that even if the site uses absolute links the reverse
proxy still knows where to map the request.
And yes, it works. No, I've never seen this done before - I couldn't find
_any_ working OSS reverse proxies, and the commercial ones I've seen try
to parse the page and fix all links (in the above case changing "/search"
to "/google/search"). The problem with modifying the html is that it might
not be parsable (very common) or it might be encoded so that the proxy
can't read it (mod_gzip or likes).
Hope you like that patch. One caveat - I haven't coded with C in like
three years so my code might be a bit messy.... There shouldn't be any
security problems thou, but you never know. I did all the stuff out of my
memory without reading any RFC's, but I tested everything with Moz, Konq,
IE6, Links and Lynx and they all worked fine.
|
|
and the HTML installation script.)
|
|
from the stable branch.
|
|
understandability of the documentation.
|
|
so these files needed to be modified to only use the system's
installed regular expression library.
|
|
standard on any reasonably modern system.
|
|
|
|
tinyproxy man page.
|
|
|
|
through.
|
|
manage the HTML error pages. It simplifies the source, and also make
the object file smaller. Nice. Also added any casting from (void*)
to ensure that the code compiles using a C++ compiler.
|
|
cleanly using a C++ compiler.
Changed the servers_waiting variable to an unsigned int, since the
number of servers waiting can never be negative, and added an assert()
to ensure this invariant.
|
|
realloc() can take a NULL pointer, as defined by the realloc() man
page.
Fixed the cast in both safefree() macros to compile cleaning using a
C++ compiler.
|
|
C++ compiler.
|
|
|
|
cleanly with a C++ compiler. (Tested using GCC 3.3)
|
|
a problem with the scanner.c file.
|
|
|
|
|
|
function.
|
|
|
|
flags to flex if it really is flex.
|
|
|
|
|
|
types of upstream configurations correctly. Hopefully, the code is
also a little clearer in it's implementation.
|
|
IDENTIFIER directive and also the keyword directives.
|
|
defined in the tinyproxy.conf documentation.
|
|
pointer and return.
|
|
|
|
|
|
SunOS (solaris 2.8) does not include this define. [Thank to Ben
Hartshorne for pointing this out.]
|
|
|
|
|
|
HTML files. In the future the installation script should modify the
tinyproxy.conf file.
|
|
|
|
"ViaProxyName" directive. The "Via" HTTP header is _required_ by the
HTTP spec, so the code has been changed to always send the header.
However, including the proxy's host name could be considered a
security threat, so the "ViaProxyName" directive is used to set the
token sent in the "Via" header. If the directive is not enabled the
proxy's host name will be used.
|