summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert James Kaes <rjkaes@users.sourceforge.net>2002-11-26 21:44:43 +0000
committerRobert James Kaes <rjkaes@users.sourceforge.net>2002-11-26 21:44:43 +0000
commite58343012fa999a33ed2bcfd569fbbe3e861d0a1 (patch)
tree4b66b79746a3ec8a9fced14034db0fbe481425c8
parentc826b18437dfc460e0d360c375241ce65a7ef7f8 (diff)
downloadtinyproxy-e58343012fa999a33ed2bcfd569fbbe3e861d0a1.tar.gz
tinyproxy-e58343012fa999a33ed2bcfd569fbbe3e861d0a1.zip
Included code to disable the sending of the Via header. This is now
controlled by the ViaHeader configure directive.
-rw-r--r--doc/tinyproxy.conf7
-rw-r--r--src/grammar.y13
-rw-r--r--src/reqs.c31
-rw-r--r--src/scanner.l3
-rw-r--r--src/tinyproxy.h4
5 files changed, 41 insertions, 17 deletions
diff --git a/doc/tinyproxy.conf b/doc/tinyproxy.conf
index 152e91e..d215477 100644
--- a/doc/tinyproxy.conf
+++ b/doc/tinyproxy.conf
@@ -111,6 +111,13 @@ Allow 127.0.0.1
Allow 192.168.1.0/25
#
+# Control whether the HTTP Via header should be included in requests or
+# responses. The RFC says it should be there, but it could be a security
+# concern. The default is off.
+#
+#ViaHeader On
+
+#
# The location of the filter file.
#
#Filter "/etc/tinyproxy/filter"
diff --git a/src/grammar.y b/src/grammar.y
index cf28e9a..4131dd3 100644
--- a/src/grammar.y
+++ b/src/grammar.y
@@ -1,4 +1,4 @@
-/* $Id: grammar.y,v 1.16 2002-11-03 17:10:32 rjkaes Exp $
+/* $Id: grammar.y,v 1.17 2002-11-26 21:44:43 rjkaes Exp $
*
* This is the grammar for tinyproxy's configuration file. It needs to be
* in sync with scanner.l. If you know more about yacc and lex than I do
@@ -49,7 +49,7 @@ int yylex(void);
%token KW_ANONYMOUS KW_XTINYPROXY
%token KW_FILTER KW_FILTERURLS KW_FILTEREXTENDED KW_FILTER_DEFAULT_DENY
%token KW_UPSTREAM
-%token KW_CONNECTPORT KW_BIND
+%token KW_CONNECTPORT KW_BIND KW_HTTP_VIA
%token KW_ALLOW KW_DENY
/* yes/no switches */
@@ -179,6 +179,15 @@ statement
log_message(LOG_WARNING, "The 'Bind' directive can not be used with transparent proxy support. Ignoring the directive.");
#endif
}
+ | KW_HTTP_VIA yesno
+ {
+ if ($2) {
+ log_message(LOG_INFO, "Enabling HTTP Via header.");
+ config.via_http_header = TRUE;
+ } else {
+ config.via_http_header = FALSE;
+ }
+ }
;
loglevels
diff --git a/src/reqs.c b/src/reqs.c
index ebd788e..276f975 100644
--- a/src/reqs.c
+++ b/src/reqs.c
@@ -1,4 +1,4 @@
-/* $Id: reqs.c,v 1.85 2002-11-13 17:48:48 rjkaes Exp $
+/* $Id: reqs.c,v 1.86 2002-11-26 21:44:43 rjkaes Exp $
*
* This is where all the work in tinyproxy is actually done. Incoming
* connections have a new child created for them. The child then
@@ -791,7 +791,7 @@ process_client_headers(struct conn_s *connptr, hashmap_t hashofheaders)
int i;
hashmap_iter iter;
long content_length = -1;
- int ret;
+ int ret = 0;
char *data, *header;
@@ -826,13 +826,15 @@ process_client_headers(struct conn_s *connptr, hashmap_t hashofheaders)
}
/* Send, or add the Via header */
- ret = write_via_header(connptr->server_fd, hashofheaders,
- connptr->protocol.major,
- connptr->protocol.minor);
- if (ret < 0) {
- indicate_http_error(connptr, 503,
- "Could not send data to remote server.");
- goto PULL_CLIENT_DATA;
+ if (config.via_http_header) {
+ ret = write_via_header(connptr->server_fd, hashofheaders,
+ connptr->protocol.major,
+ connptr->protocol.minor);
+ if (ret < 0) {
+ indicate_http_error(connptr, 503,
+ "Could not send data to remote server.");
+ goto PULL_CLIENT_DATA;
+ }
}
/*
@@ -969,10 +971,13 @@ process_server_headers(struct conn_s *connptr)
}
/* Send, or add the Via header */
- ret = write_via_header(connptr->client_fd, hashofheaders,
- connptr->protocol.major, connptr->protocol.minor);
- if (ret < 0)
- goto ERROR_EXIT;
+ if (config.via_http_header) {
+ ret = write_via_header(connptr->client_fd, hashofheaders,
+ connptr->protocol.major,
+ connptr->protocol.minor);
+ if (ret < 0)
+ goto ERROR_EXIT;
+ }
/*
* All right, output all the remaining headers to the client.
diff --git a/src/scanner.l b/src/scanner.l
index e6c33a9..f6dbd51 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -1,4 +1,4 @@
-/* $Id: scanner.l,v 1.15 2002-11-03 17:10:32 rjkaes Exp $
+/* $Id: scanner.l,v 1.16 2002-11-26 21:44:43 rjkaes Exp $
*
* This builds the scanner for the tinyproxy configuration file. This
* file needs to stay in sync with grammar.y. If someone knows lex and yacc
@@ -53,6 +53,7 @@ static struct keyword keywords[] = {
{ "deny", KW_DENY },
{ "connectport", KW_CONNECTPORT },
{ "bind", KW_BIND },
+ { "viaheader", KW_HTTP_VIA },
/* loglevel and the settings */
{ "loglevel", KW_LOGLEVEL },
diff --git a/src/tinyproxy.h b/src/tinyproxy.h
index 3f9abdf..6340488 100644
--- a/src/tinyproxy.h
+++ b/src/tinyproxy.h
@@ -1,4 +1,4 @@
-/* $Id: tinyproxy.h,v 1.34 2002-11-03 17:10:32 rjkaes Exp $
+/* $Id: tinyproxy.h,v 1.35 2002-11-26 21:44:43 rjkaes Exp $
*
* See 'tinyproxy.c' for a detailed description.
*
@@ -52,6 +52,8 @@ struct config_s {
char* dnsserver_location;
char* dnsserver_socket;
+
+ bool_t via_http_header;
};
/* Global Structures used in the program */