1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
|
2000-10-23 Robert James Kaes <rjkaes@flarenet.com>
* src/dnscache.c (new_dnscache): Creates a new DNS tree. Called
before any other DNS requests.
* src/dnscache.c (dnscache): Removed the garbage collection
routine since I haven't figured out how to delete the tree without
causing a SEGFAULT. Ugh.
* src/anonymous.c (new_anonymous): Create a new Anonymous tree.
* src/tinyproxy.c (main): Initialize the DNS and Anonymous
subsytems.
2000-09-25 Robert James Kaes <rjkaes@flarenet.com>
* src/dnscache.c (dns_insert): If the insert fails, delete the
allocated memory. No more memory leak.
* src/ternary.c (ternary_insert): Return an error if the key is
already in the tree.
2000-09-21 Robert James Kaes <rjkaes@flarenet.com>
* src/log.c: Added the LOG_NOTICE level for more important than
LOG_INFO messages.
2000-09-14 Robert James Kaes <rjkaes@flarenet.com>
* configure.in:
* src/tinyproxy.h: Check for the <stdint.h> header.
2000-08-23 Robert James Kaes <rjkaes@flarenet.com>
* src/utils.c (pidfile_create): Improved the security of this
function. Prevents cracker abuse of the pid file creation.
* sec/ternary.c: Overhauled to improve the robustness of the code.
Prevents people from effecting the internal system from outside
the official API. I think this is a good example of how all the
functions should be coded. It is a little more complex, but it
handles "problems" much better.
2000-08-21 Robert James Kaes <rjkaes@flarenet.com>
* src/utils.c (strlcat)
* src/utils.c (strlcpy): Added these two functions which take their
API from the OpenBSD versions. Replaces strncpy/strncat.
2000-08-17 Robert James Kaes <rjkaes@flarenet.com>
* src/ternary.c: Added a ternary tree module to replace the uses
of hashes in the source. There _were_ two different hash methods
before, which have been replaced with this general purpose module.
2000-08-12 Robert James Kaes <rjkaes@flarenet.com>
* src/log.c (log): Removed the static variables by changing them to
automatic.
2000-08-03 Robert James Kaes <rjkaes@flarenet.com>
* doc/tinyproxy.8: Updated the manual documentation to match what
tinyproxy actually does. :)
* src/grammar.y: Finished handling the various config keywords.
2000-08-02 Robert James Kaes <rjkaes@flarenet.com>
* src/tinyproxy.c (main): Fixed the change user/group ability.
2000-07-31 Robert James Kaes <rjkaes@flarenet.com>
* src/reqs.c (process_method): Trying to change to a 1.1 compliant
browser. So, the Host header is set and sent. Also, tinyproxy doesn't
handle persistent connections, so tinyproxy needs to send the
Connection: close header.
2000-07-30 Robert James Kaes <rjkaes@flarenet.com>
* src/thread.c (thread_main_loop): Added in the controls for handling
the creating and destruction of threads based on their numbers.
This is used for load control. Adjust MaxSpareServers, MinSpareServers,
and MaxClients.
2000-07-29 Robert James Kaes <rjkaes@flarenet.com>
* src/acl.c: Added the ACL control system. This is much more advanced
then the simple one IP address test. Read doc/tinyproxy.conf for
more information.
2000-07-22 Robert James Kaes <rjkaes@flarenet.com>
* src/log.h: Paired down the logging levels and provided a
description for each level. Please try to be consistent with
these. Also, added the two DEBUG?() function macros for use with
debugging.
* src/thread.c (thread_pool_create): Make sure we don't try to start
more than MaxClients servers.
* src/tinyproxy.c (main): Log when tinyproxy is using default
values rather than specified ones.
* src/reqs.c (relay_connection): Fixed a few difftime() problems
where the two arguments were being reversed.
(relay_connection): Added logging to handle if an Idle Timeout
occured on a connection.
2000-07-19 Robert James Kaes <rjkaes@flarenet.com>
* src/tinyproxy.c (main): Cleaned up the command line arguments
since we now have a configuration file. See grammar.y and
scanner.l for more information.
(versiondisp): Moved the version information out of usagedisp().
2000-07-11 Robert James Kaes <rjkaes@flarenet.com>
* src/utils.c (pidfile_create): Moved from tinyproxy.c
* src/thread.c: Moved all the thread creation code into a seperate
file.
2000-07-10 Robert James Kaes <rjkaes@flarenet.com>
* src/tinyproxy.c (pidfile_create): All the process to write it's
PID to the specified file.
(thread_main, thread_make): Instread of creating a new thread on
each connection, we now have a pool of threads. Right now the pool
is hard coded, but I'd like to have a system similar to Apache
where the pool can change as demand changes.
* src/sock.c (getpeer_string): Needed to add locking around the call
to gethostbyname(). Could use gethostbyname_r() but I can't find a
consistent definition for the function.
2000-07-03 Robert James Kaes <rjkaes@flarenet.com>
* src/reqs.c (safe_write): Added safe_write so that EINTR errors
would be handled correctly when trying to write on a blocking
socket. Non blocking is already handled in the writebuff function.
(safe_read): Matched pair for safe_write(). Same reason.
(pull_client_data): Removed the malloc of the length, and switched
to a fixed buffer. This prevents a DoS where the client specifies
a HUGE buffer and exhausted memory.
2000-07-01 Robert James Kaes <rjkaes@flarenet.com>
* src/reqs.c: Added the ability for sheding connections due to high
system load.
* src/buffer.c (readbuff): Now you can not have a buffer larger
than MAXBUFFSIZE. The read() function will attempt to read in
MAXBUFFSIZE - buffer_size().
* src/tinyproxy.h (MAXBUFFSIZE): This is the main control for all
the buffers in tinyproxy. Currently it is set to 48K since that is
nicely divisable by 2 and 3. The key is by 3 since this give
you 16K which is more than enough for a header line.
* src/stats.c: New file to handle the statistic functions. Needed
since with multiple threads, there has to be some locking around
any changes to the values. Moved the showstats() function here from
utils.c since logically it should be with the other stats routines.
* src/tinyproxy.c (main): Removed the USR1 signal since
LinuxThreads on a libc5 system needs the USR1 and USR2 for internal
processing. This means the USR1 signal dump stats is removed.
* src/reqs.c (handle_connection): Log incoming connections here so
that the information is logged even if we are doing an upstream
relay.
* src/tinyproxy.h: Moved all the common header files here to help
remove the clutter from all the other source files. Removed the
references to client_header and server_header from struct conn_s
since they are no longer used.
* src/reqs.c (validuser): Had the test for a valid user in reverse.
Fixed.
* src/tinyproxy.c (main): Moved the getreqs() function back into
the main function.
2000-06-30 Robert James Kaes <rjkaes@flarenet.com>
* src/dnscache.c (dnscache): Added back the garbage collection
phase of the DNS caching system. Also, cleaned up the source so
only dnscache() is exposed to the rest of the system.
* src/buffer.c: Moved the structure definitions into src/buffer.c
from src/buffer.h. Removed *_buffer() functions. Made buffer_size()
a function so the structure definition does not need to be included
in the header. Removed the references to working_string and
working_length in struct buffer_s since it is no longer needed.
* configure.in: Added the checks for various "standard" data types.
Cleaned up the source, and fixed a problem with SOCKs support.
* acinclude.m4: Added the AC_UNP_CHECK_TYPE macro from
Unix Network Programming, W. Richard Stevens.
* src/reqs.c (handle_connection): Added the UPSTREAM_PROXY code
back into tinyproxy. It uses GOTOs, but it doesn't create spaghetti
code, at least it better not! :)
* src/utils.h:
* src/utils.c: Removed the xmalloc and xstrdup functions since they
really did not add anything to the standard malloc and strdup
functions.
* (all) Went through and removed all the references to xmalloc and
xstrdup. Still need to add the error checking to all these calls
though.
2000-06-29 Robert James Kaes <rjkaes@flarenet.com>
* src/sock.c (opensock): Added mutex locking around the call to
dnscache since I don't want more than one thread to be adding to
the linked list.
* configure.in: moved the tests for USE_PROC, UPTIME_PATH,
DEFAULT_CUTOFFLOAD, DEFAULT_STATHOST from src/config.h
* src/tinyproxy.c: Moved the LOAD_RECALCTIMER define from
src/config.h
* src/reqs.c (handle_method, process_server_headers,
handle_connection):
Handle simple and HTTP/0.9 requests properly.
* src/buffer.h: Changed the default MAXBUFFSIZE to 24 KB.
2000-06-28 Robert James Kaes <rjkaes@flarenet.com>
* src/sock.c (listen_sock): This replaces the init_listen_sock
function and removed the global sockaddr and setup_fd variables.
* src/tinyproxy.c (getreqs): Not at all like the old function by the
same name. This just blocks on accept for new connections and then
creates a new thread for each connection.
* src/tinyproxy.h: Moved the struct conn_s into this header so
we can completely remove the src/conns.h and src/conns.c files as
they are no longer needed.
* src/reqs.c (process_server_headers): Handle server headers
separately from relay_connection since we'll need to be able to read
them in the future if we want to support caching.
(process_client_headers): Check for the Content-Length header. If
it is present then we need to read in all the client's data before
we can process any server headers or send back an error message.
(pull_client_header): Read in Content-Length number of bytes from
the client.
2000-06-27 Robert James Kaes <rjkaes@flarenet.com>
* src/sock.c (socket_blocking, socket_nonblocking): Added the
functions since we need to selectively change a socket's state as
the program runs.
(opensock): Removed the call for making the socket nonblocking since
it should only be switched into nonblocking when it's absolutely
needed.
* src/buffer.c (readbuff, writebuff): Added tests at the beginning of
the functions to return if the limits on the buffer size have been
exceeded. Maybe this should be an assert instead, since these
functions should not be called with exceeded limits.
* src/config.h: Moved this to ./config.h instead. Updated the source
to reflect this change.
* src/log.c: Added logging levels which are duplicates of the syslog
levels. Helps to make the logfile a little easier to parse. This
also means all the calls to log(...) needed to be changed to
log(level, ...)
2000-06-26 Robert James Kaes <rjkaes@flarenet.com>
* src/sock.c (readline): Completely gutted the function and replaced
it with a simpler function which is very similar to the original
function back in version 1.0. :) We can reuse this function again
since the sockets are now blocking again.
2000-06-22 Robert James Kaes <rjkaes@flarenet.com>
* src/reqs.c: A _MASSIVE_ rewrite of the whole connection process.
The old state machine is now gone. Each new connection is now a
separate thread. This allows the sockets to be blocking most of
the time, which made the rest of the functions a lot easier to
code. Some functions have been renamed and a bunch are new. The
changes are really too numerous to list, but the main idea is that
there is a separate function to handle each part of a connection and
the non-blocking code is only needed in the relay_connection
function. Take a look at the code, it's a lot easier to understand
now.
2000-06-21 Robert James Kaes <rjkaes@flarenet.com>
* src/dnscache.h:
* src/dnscache.c: Renamed the functions lookup and insert to
dns_lookup and dns_insert.
(dns_lookup): Cleaned up the code to make it more streamlined.
2000-06-06 Robert James Kaes <rjkaes@flarenet.com>
* fixed the links in doc/tinyproxy.8 for locating tinyproxy to
point to the new location at SourceForge.net. Thanks to Simon Baker
for pointing this out.
2000-04-26 Robert James Kaes <rjkaes@flarenet.com>
* src/uri.c: Added the #include <sys/types.h> for compatibility
with FreeBSD.
* src/dnscache.c: Moved the #include <sys/types.h> above the
#include <sys/socket.h> reference for compatibility with FreeBSD.
2000-03-31 Robert James Kaes <rjkaes@flarenet.com>
* src/reqs.c (clientreq): Removed the hack for POST methods with
regard to anonymous access.
(clientreq): fixed a bug with the request line. If the PATH was
empty, it would send an malformed request to the server. This is
checked now and if the path is empty, a "/" is used instread.
* src/config.h (SOCK_TIMEOUT): Increased the time out to 10
seconds.
* src/buffer.c (new_buffer): Additional initialization code for
new elements of the buffer_s structure.
(delete_buffer): Code to delete the working_* fields.
* src/buffer.h: Added the working_string and working_length method
for use as a scratch pad in the readline function.
* src/sock.c (readline): A major rewrite of this routine. Lines of
text are now built incrementally with a new scratch pad built into
the buffer.
2000-03-30 Robert James Kaes <rjkaes@flarenet.com>
* src/Makefile.am (tinyproxy_SOURCES): include the line for the
anonymous.* files.
* src/tinyproxy.h: removed all references to struct allowed_hdrs.
* src/tinyproxy.c (main): removed all the old anonymous code, and
added a test for the anonymous code so the Content-Type and
Content-Length headers are allowed to pass through if the
anonymous mode is turned on. This is needed for POSTs to work.
* src/reqs.c (anonheader): removed all the code which used the old
method of anonymous headers and replaced it using the new API.
* src/anonymous.h:
* src/anonymous.c: Moved the anonymous header code into it's own
sections with a well defined API. Internally it uses a Ternary
Search Tree.
2000-03-29 Robert James Kaes <rjkaes@flarenet.com>
* src/dnscache.c: added the <sys/types.h> header.
* src/reqs.c (clientreq): fixed a problem with the anonymous
headers. There was a test for the POST line since we have to send
all headers at the moment to handle that (actually, that might not
be true anymore...), but the test was incorrect and would send all
the headers through on all requests. Fixed the test and now only
the selected headers are sent.
2000-03-28 Robert James Kaes <rjkaes@flarenet.com>
* src/reqs.c (clientreq): Fixed a bug which would cause a SEGV if
the scheme was NULL. The cause was the error logging code to
report an invalid scheme. Fixed another bug with the
uri->authority. If a request in the form of
http:\\www.somewhere.com/ was entered, tinyproxy would SEGV.
2000-03-12 Robert James Kaes <rjkaes@flarenet.com>
* src/tinyproxy.c: include the upstream command line option. Also,
re-organized the help to have the options in be in alphabetical
order.
* src/reqs.c: include the code for handling the upstream proxy.
* src/dnscache.c: removed an assert from lookup so that it can be
used as method to simply verify if a domain name is already in the
cache.
* src/config.h: removed the defines dealing with DEFAULT_* and
UPSTREAM declarations.
* doc/tinyproxy.8: expanded the manual to include all the
command line options. Also, organized the options in alphabetical
order.
* acconfig.h: fixed the defines for DEFAULT_LOG, DEFAULT_PORT,
and DEFAULT_USER to have real default values.
* configure.in: include support for upstream proxies with
the --enable-upstream option. Also, fixed the AC_MSG_CHECKING
functions to include better wording.
1.3.2 2000/02/15
- Fixed null requests bug.
- Fixed fd leak bug.
- Fixed connptr bug.
- Updated docs.
1.3.1 1999/12/21
- made the dns cache hashing algorithm case-insensitive.
- fixed a bug in log() that would cause it to dump garbage to
the log file when in unrestricted mode.
- this is an interim release to fix the above log() bug.
1.3.0 1999/12/01
- autoconf enabled the source tree and moved some of the
documentation files into the proper locations. Also, added any
files which were needed to conform with the GNU autoconf directory
structure.
- Changed the debugging code to use asserts(). I don't know if I'm
completely happy with this. One the one hand it shrinks the size
of the executable, but on the other, it doesn't handle weird
situations in production code. It's still a toss up.
- Did a major reorganization of the source tree. The biggest
change is moving a lot of code from reqs.c into more appropriate
files.
- ANON mode is now always compiled in (since it doesn't take up
that much space) and is enabled from the command line.
- Changed the states a connection can be in, and also merged both
sockets (server/client) into one structure. Makes the code a lot
cleaner.
- Added a DNS caching mechanism. What happens it that a hash of
previously looked up names is maintained, so additional host names
will not need to be fetched from the DNS server again. Helps on
most web pages, which have a lot of images from the same server.
- Removed the global error variable (tinyerr) by making the
functions more consistent with what they return for an error.
- Removed the global.* files and merged them back into the
tinyproxy.* source.
- Added bug fixes in reqs.c to handle bad servers, which do not
follow the basic RFC protocol (i.e. using just a LF instead of a
CRLF).
- Most of reqs.c has been changed to use the readline
function. Also, it has been organized around the new connection
states and connection structure.
- xstrstr can now be both case sensitive or insensitive. Also,
added a check to make sure the haystack is longer than the needle.
1.2.10 1999/08/20
- Found a memory free bug in the buffer code, and also, a bug in
allocating memory for the buffer. Both could be fatal. One leaked
memory, and the other could allow all memory to be exhausted. Both
are now fixed.
- Reorganized some of the code. Moved global variables into the
proper files. Should help to eliminate them altogether someday.
- Shaun Johnson fixed a problem with compiling with syslog enabled
on a SunOS box.
1.2.9 1999/08/17
- Changed the writebuff to more explicitly be designed to write
from the other connection's buffer. A connection reads into it's
own buffer, but write's the other connection's buffer.
- You can now specify a particular IP address to listen on. By
default, tinyproxy listens on all IP addresses.
1.2.8.1 1999/08/13 (Internal release)
- Improved the portability by removing the daemon call and
removing the calls to index().
- added the buffer.* source into the CVS tree.
1.2.8 1999/08/06
- Better logging of incoming connections. Now both the IP address
and the requested URL are logged.
- You can now specify that only a certain subnet is allowed to
access tinyproxy. Currently it only supports one subnet with
matching against a string with the IP address.
- a bunch of just general code clean up. Mostly stylistic stuff.
1.2.7 1999/07/28
- Incoming connections are now logged to the log file/syslog
- An "XTinyproxy" header can now sent with each request which
includes the IP address of the client.
- Fixed some of the size of the members in the structures.
- Fixed an argument problem in listen_sock which was using the
size of the wrong variable.
1.2.6 1999/06/05
- Added the ability to send the HTTP requests to a proxy
server running on a different machine (or even the same
machine if you like)
- Fixed a bug in the clientreq() routine which would choke on
requests in the form of GET http://www.url.com HTTP/1.0 (thanks
to Bruno Viaris <viaris@galilee.univ-paris13.fr> for pointing
out the bug and providing the initial fix.)
1.2.5 1999/05/21
- Now maintained by Robert James Kaes (rjkaes@flarenet.com)
- Non-blocking sockets
- Cleaned up the style, and code. Compiles cleanly with -Wall
- Logs to syslogd with -S command line argument
- Rewrote the clientreq routine to remove tonnes of code
- Removed unused routines (rstrtolower, xstrndup, readline, etc.)
- Moved the user configurable options into config.h
1.1 1998/09/15
- Load average monitoring added
- Remote proxy monitoring added
- Added -u (change user).
1.0d
- ANON mode now supports -a to let user-specified headers
through
- various bug fixes in readline()
1.0c
- Support for ANON mode
1.0b
- Cleaned up exit codes (now uses sysexits.h)
- Uses daemon() from -lbsf instead of daemonize()
- Now supports ports other than 80
1.0a
- Created by Steven Young (sdyoung@well.com)
|