summaryrefslogtreecommitdiff
path: root/src (follow)
AgeCommit message (Collapse)AuthorFilesLines
2004-08-24(get_bool_arg): Moved the initialization of "p" _before_ the assert()Robert James Kaes1-3/+3
calls. The code doesn't compile under gcc 2.95 otherwise. (I'm surprised it compiles under gcc 3.3 without a problem.)
2004-08-24Changed some of the variable types so that the code compiles cleanlyRobert James Kaes1-4/+4
on other operating systems. (Used cf.sourceforge.net as the test system for cross compiling.)
2004-08-24Fixed up the acl_s structure so that it compiles correctly underRobert James Kaes1-21/+21
gcc 2.95.
2004-08-14Changed the calls to the config_compile() and config_parse()Robert James Kaes1-20/+21
functions. Also, if the "logfile" directive is used, it will now override use of the syslog system. Added an error message if neither is defined.
2004-08-14(log_message): Added a fsync() call after each line outputted to theRobert James Kaes1-1/+2
log file.
2004-08-14Reorganized the source code. Added the missing reverse proxyRobert James Kaes1-109/+143
directives. Added a bunch of comments to clarify how the code works.
2004-08-14Removed the last code relating to the old configuration parsingRobert James Kaes1-6/+1
system. The grammar.y and scanner.l files still need to be removed.
2004-08-13Removed the grammar.y and scanner.l files from the list of filesRobert James Kaes1-3/+3
required by tinyproxy.
2004-08-13Added some error logging information for directives that areRobert James Kaes1-13/+49
conditionally compiled. Still need to add info messages for the directives.
2004-08-13Change the code to use the new config_parse() method rather than theRobert James Kaes1-7/+12
flex/bison based configuration system.
2004-08-13Added the new configuration parsing system (conffile.c andRobert James Kaes3-1/+638
conffile.h.) The new system is intended to replace the existing grammar.y and scanner.l files. I don't want to depend on flex/bison any longer.
2004-08-12(check_allowed_connect_ports): By default DENY any CONNECT requestsRobert James Kaes1-13/+9
unless explicitly allowed by a configuration directive.
2004-08-12(add_xtinyproxy_header): Removed the runtime error checking of theRobert James Kaes1-8/+3
connptr->server_fd variable and moved it into an assert since we should never be called with invalid data. Also made the function an inline function since it's only called in one place.
2004-08-11Completely rewrote the ACL functionality. The new system is intendedRobert James Kaes1-158/+184
to handle IPv6 style addresses along with the existing IPv4 and string addresses. In addition, the hand-rolled "list" code has been replaced with a vector (code reuse.) Also, the code should be a little easier to understand (relatively speaking.) I do need to add some kind of testing framework (in general) to check that the new code does work with all the formats that will be thrown at it.
2004-08-11(strip_username_password): Removed one of the pointer variables sinceRobert James Kaes1-11/+16
it's no longer needed. Reorganized the function to make it more obvious what was actually being done.
2004-08-10Merged in changes from 1.6.3Robert James Kaes7-18/+32
2004-04-27Added the "BindSame" configure directive from Oswald Buddenhagen.Robert James Kaes8-32/+87
This allows tinyproxy to respond to a request bound to the same interface that the request came in on. As Oswald explains: "attached is a patch that adds the BindSame option. it causes binding an outgoing connection to the ip address of the respective incoming connection. that way one can simulate an entire proxy farm with a single instance of tinyproxy on a multi-homed machine." Cool.
2004-04-27(init_stats): Fixed a memset bug, where the structure was not clearedRobert James Kaes1-2/+2
properly. (The sizeof "struct stat" was being used rather than the proper "struct stat_s". On my system, "struct stat" is 88 bytes long, while "struct stat_s" is 20 bytes long. Quite a difference!)
2004-04-27These files list all the other files that CVS should ignore. It makesRobert James Kaes1-0/+8
looking at the CVS status information a little cleaner.
2004-02-18Converted the various socket functions to work with both IPv4 and IPv6Robert James Kaes2-91/+90
addresses.
2004-02-18Added two functions:Robert James Kaes2-4/+85
- get_ip_string() converts a binary network address into either a dotted-decimal IPv4 address, or a IPv6 hex-string - full_inet_pton() converts a numeric character string into an IPv6 network address (binary form). It's like the system inet_pton() function, but it will work with bot IPv4 and IPv6 character strings. These functions are required for the conversion to Internet protocol independence. (Or to put it more clearly: allow tinyproxy to work in an IPv6 network.)
2004-02-13Removed unnecessary casts (mostly dealing with memory allocation.) IRobert James Kaes13-62/+56
should never have added them in the first place. They don't really buy anything, and they can hide bugs.
2004-02-04(strip_return_port): Patch from "alex" to strip the port from the hostRobert James Kaes1-19/+41
string and return the port. I cleaned up and added error handling to the code, but it's basically "alex"'s fix. (extract_http_url): Rewrote this function to remove all the sscanf() calls. It's much easier to just split on the path slash (if it's present) and then strip the user name/password and port from the host string. Less code, handles more cases!
2004-01-26Added reverse proxy support from Kim Holviala. His comments regardingRobert James Kaes8-30/+279
this addition follow: The patch implements a simple reverse proxy (with one funky extra feature). It has all the regular features: mapping remote servers to local namespace (ReversePath), disabling forward proxying (ReverseOnly) and HTTP redirect rewriting (ReverseBaseURL). The funky feature is this: You map Google to /google/ and the Google front page opens up fine. Type in stuff and click "Google Search" and you'll get an error from tinyproxy. Reason for this is that Google's form submits to "/search" which unfortunately bypasses our /google/ mapping (if they'd submit to "search" without the slash it would have worked ok). Turn on ReverseMagic and it starts working.... ReverseMagic "hijacks" one cookie which it sends to the client browser. This cookie contains the current reverse proxy path mapping (in the above case /google/) so that even if the site uses absolute links the reverse proxy still knows where to map the request. And yes, it works. No, I've never seen this done before - I couldn't find _any_ working OSS reverse proxies, and the commercial ones I've seen try to parse the page and fix all links (in the above case changing "/search" to "/google/search"). The problem with modifying the html is that it might not be parsable (very common) or it might be encoded so that the proxy can't read it (mod_gzip or likes). Hope you like that patch. One caveat - I haven't coded with C in like three years so my code might be a bit messy.... There shouldn't be any security problems thou, but you never know. I did all the stuff out of my memory without reading any RFC's, but I tested everything with Moz, Konq, IE6, Links and Lynx and they all worked fine.
2003-10-17Merged in changes from the 1.6.2 release. (Fixes for the filtering codeRobert James Kaes1-23/+32
and the HTML installation script.)
2003-08-07tinyproxy no longer includes a fall-back regular expression library,Robert James Kaes4-9/+8
so these files needed to be modified to only use the system's installed regular expression library.
2003-08-07Removed the included regular expression library, since it should comeRobert James Kaes3-6457/+0
standard on any reasonably modern system.
2003-08-07# Merged in changes from the stable 1.6 branch.Robert James Kaes1-4/+3
2003-08-05# Fixed a comment to actually reflect what the function does.Robert James Kaes1-2/+2
2003-08-01Included patches from Steven Young to use the hashmap functionality toRobert James Kaes4-82/+64
manage the HTML error pages. It simplifies the source, and also make the object file smaller. Nice. Also added any casting from (void*) to ensure that the code compiles using a C++ compiler.
2003-07-31Added appropriate casts (void*) casts to allow the code to compileRobert James Kaes1-9/+12
cleanly using a C++ compiler. Changed the servers_waiting variable to an unsigned int, since the number of servers waiting can never be negative, and added an assert() to ensure this invariant.
2003-07-31(debugging_realloc): Removed the assert for the NULL pointer, sinceRobert James Kaes1-3/+2
realloc() can take a NULL pointer, as defined by the realloc() man page. Fixed the cast in both safefree() macros to compile cleaning using a C++ compiler.
2003-07-31Fixed the cast in both safefree() macros to compile cleaning using aRobert James Kaes1-3/+3
C++ compiler.
2003-07-31# Fixed a preprocessor test (misspelled __cplusplus)Robert James Kaes1-2/+2
2003-07-31Added appropriate casts from (void*) so that the code will compileRobert James Kaes11-58/+67
cleanly with a C++ compiler. (Tested using GCC 3.3)
2003-07-14(indicate_http_error): Added calls to va_end() before leaving theRobert James Kaes1-2/+6
function.
2003-06-26# Removed the debugging information.Robert James Kaes1-8/+2
2003-06-26# Added debugging flags for the flex scanner.Robert James Kaes1-2/+2
2003-06-26(upstream_add): Rewrote the function to actually handle the variousRobert James Kaes1-33/+37
types of upstream configurations correctly. Hopefully, the code is also a little clearer in it's implementation.
2003-06-26# Removed the STRING_ADDRESS token since it was conflicting with theRobert James Kaes1-6/+4
IDENTIFIER directive and also the keyword directives.
2003-06-26Modified the patterns to allow the new upstream directives to work asRobert James Kaes1-9/+14
defined in the tinyproxy.conf documentation.
2003-06-26(debugging_free): Rather than assert on a NULL pointer, log the NULLRobert James Kaes1-4/+4
pointer and return.
2003-06-25Added a test to define INADDR_NONE if it's not present. For example,Robert James Kaes1-1/+8
SunOS (solaris 2.8) does not include this define. [Thank to Ben Hartshorne for pointing this out.]
2003-06-20Removed the "ViaHeader" directive and replaced it with theRobert James Kaes4-40/+42
"ViaProxyName" directive. The "Via" HTTP header is _required_ by the HTTP spec, so the code has been changed to always send the header. However, including the proxy's host name could be considered a security threat, so the "ViaProxyName" directive is used to set the token sent in the "Via" header. If the directive is not enabled the proxy's host name will be used.
2003-06-06(connect_to_upstream): Fixed an off-by-one error in the snprintf()Robert James Kaes1-5/+6
call used to build the URL for the upstream proxy. [Patch suggested by David T. Pierso]
2003-06-02(upstream_get):Robert James Kaes2-38/+67
(upstream_add): Added support to allow ip addresses and networks to be used when matching an upstream proxy directive. [Code by Peter da Silva]
2003-05-31Changed the safefree() macro to make it safe to use a conditionalRobert James Kaes1-3/+11
statement, and also safe to use with a rvalue that has a side effect. [Bug fix recommended by Peter da Silva]
2003-05-31# Changed all the for calls to use the != test rather than < test.Robert James Kaes7-31/+31
The change was recommended in the C/C++ User Journal magazine.
2003-05-30# Changed the calls to vector_getentry() to use the new callingRobert James Kaes2-4/+5
convention.
2003-05-30(vector_getentry): Changed the API to return the data pointer and haveRobert James Kaes2-18/+19
the length returned in a argument variable pointer. This should be a more natural way of using the function.