summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2013-11-22child: check return code of socket_blocking for accept in child_mainMichael Adam1-1/+7
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22child: Fix CID 1130966 - unchecked return value from libraryMichael Adam1-1/+8
check the return code of fcntl via socket_nonblocking on the listen sockets in child_main() Found by coverity. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: Fix CID 1130967 - unchecked return value from library.Michael Adam1-1/+7
Check the return code of fcntl via socket_blocking in pull_client_data(). Found by coverity. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: Fix CID 1130968 - unchecked return value from libraryMichael Adam1-1/+8
Check the return code of fcntl via socket_nonblocking in pull_client_data() Found by coverity. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: rename a variable.Michael Adam1-3/+3
ret will be used in enclosing scope. so rename this special varibale. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: fix CID 1130969 - unchecked return code from libraryMichael Adam1-1/+6
Effectively, the return code of fcntl was not checked by not checking the return code of socket_nonblocking() for the server fd. Found by coverity. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: fix CID 1130970 - unchecked return code from libraryMichael Adam1-1/+7
Effectively, the return code of fcntl was not checked by not checking the return code of socket_nonblocking() for the client fd. Found by coverity. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22conf: Fix CID 1130973 - resource leak.Michael Adam1-0/+1
Found by coverity. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-16BB#106: remove now unused extract_ssl_url.Michael Adam1-25/+0
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-16BB#106: fix CONNECT requsts with IPv6 literal addresses as host.Michael Adam1-1/+1
Use extract_url instead of the old extract_ssl_url: extract_url is generic and handles ipv6 literal addresses correctly. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-16BB#106: add default_port argument to extract_http_url and rename it to ↵Michael Adam1-5/+9
extract_url There is in fact nothing http-specific any more about this function, hence the rename. The input has been stripped of the <proto>:// header anyways. This in preparation of fixing bug BB#106: ssl fails with literal ipv6 addrs. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-16req: move a variable into the scope where it is used in extract_http_url()Michael Adam1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-16BB#116: fix invalid free when connecting to ipv6 literal addressMichael Adam1-1/+4
When removing the '[' and ']' characers from the ipv6 literal address, make sure the pointer that is later free'd stays a malloced pointer by memmoving the string one place left. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-16build: check for memmoveMichael Adam1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-16sock: add debug messages to opensock()Michael Adam1-0/+6
log entering opensock and successful return of getaddrinfo. This allows to detect dns timeouts from looking at the logs. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09[BB#63] conf: Allow multiple Listen statements in the config.Michael Adam5-14/+75
This introduces a list (vector) of addresses instead of having just one address string. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09[BB#81] allow listening on multiple families when no Listen is provided in ↵Michael Adam1-2/+9
config This is achieved by not stopping at the first result of getaddrinfo that we managed to listen on: Without "Listen" in the config, we call getraddrinfo with NULL address. With AI_PASSIVE, this gives results for both IPv4 and IPv6 wildcard addresses (if both are supported). This lets tinyproxy listen on both IPv4 and IPv6 wildcard if the system supports them. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09sock: add a starting debug message to listen_sock()Michael Adam1-0/+3
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09sock: update introductory comment for listen_sock()Michael Adam1-1/+7
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09sock: set IPV6_V6ONLY on the socket before binding an IPv6 addressMichael Adam1-0/+12
so that we can bind wildcard for both IPv4 and IPv6. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09sock: factor listening on one socket out of the gai-result-loop in listen_sock()Michael Adam1-48/+62
for clarity of the code Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09sock: in listen_sock(), move variable for setsockopt() into scopeMichael Adam1-1/+1
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09sock: log each result of getaddrinfo() in listen_sock()Michael Adam1-0/+14
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09sock: in listen_sock(), add a log message for when bind() has failedMichael Adam1-0/+2
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09sock: in listen_sock(), detect and log failure to call setsockopt()Michael Adam1-2/+10
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09sock: in listen_sock(), add debug message when socket() call failed.Michael Adam1-1/+5
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09sock: move listen() into the getaddrinfo result loop in listen_sock()Michael Adam1-22/+22
This also reverses the exit logic of the loop. It prepares listening on multiple addresses. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09child: use a list of listen_fds instead of one single listenfd.Michael Adam3-7/+90
This prepares listenting on multiple sockets, which will be ussed to fix listening on the wildcard (listen on both ipv6 and ipv4) and help add the support for multiple Listen statements in the config Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09child: add addr argument to child_listening_sock().Michael Adam3-4/+4
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09sock: add addr argument to listen_sock()Michael Adam3-4/+4
instead of using config.ipAddr internally. This is in preparation to make it possible to call it for multiple addresses. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09sock/child: remove global variable addrlen.Michael Adam3-13/+8
This changes listen_sock() to not return the addrlen of the used address from getaddrinfo call to the caller, stored in global addrlen in child.c. This was only used to be able to allocate enough space for the arguments to the later accept call depending on whether IPv4 or IPv6 is used. This removes the need to pass this info by always allocating sizeof(struct sockaddr_storage) instead, which is enough to carry both sockaddr_in and sockaddr_in6. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09[BB#109] Fix crash (infinite loop) when writing to log file fails.Michael Adam1-2/+7
Fall back to syslog logging in that case. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-09log: remove extra newline characters in log messages.Michael Adam1-2/+2
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-01[BB#115] Drop supplementary groupsGaudenz Steinlin2-1/+11
Supplementary groups are inherited from the calling process. Drop all supplementary groups if the "Group" configuration directive is set to change to a different user. Otherwise the process may have more rights than expected. Reviewed-by: Michael Adam <obnox@samba.org>
2013-04-09[BB#112] build: fix build with autoconf >= 2.69Michael Adam1-1/+1
Use AC_CONFIG_HEADERS instead of obsolete AM_CONFIG_HEADER. Signed-off-by: Michael Adam <obnox@samba.org>
2012-01-23Update authorsMukund Sivaraman3-0/+6
2012-01-23build: Prepend to LDFLAGS instead of replacing its contentsMukund Sivaraman1-1/+1
2011-09-11Make .xz compressed dist targets tooMukund Sivaraman1-1/+1
2011-08-23Bug #103: Move files installed in /etc/ to /etc/tinyproxy/Mukund Sivaraman3-4/+8
2011-08-16Minor whitespace fixMukund Sivaraman1-1/+1
2011-03-04[BB#90]: Fix bug in ACL netmask generationMukund Sivaraman1-4/+21
Thanks to John Horne who diagnosed this issue and found the problem.
2011-03-04Validate port number specified in Port directiveMukund Sivaraman1-1/+9
This was asked in bug #90 comment #8.
2011-02-28Update URLs of TinyproxyMukund Sivaraman4-10/+8
2011-02-07Surround IPv6 literals with [] in Host: headersMukund Sivaraman1-6/+18
2011-02-04Handle IPv6 literals in URLs correctlyMukund Sivaraman1-1/+14
2010-12-01[BB#95] remove two comments that have become wrong by the fix.Michael Adam1-6/+0
2010-12-01[BB#95] Fix FilterURLs with transparent proxy support.Daniel Egger3-12/+12
Pass a pointer to a char pointer to do_transparent_proxy so the reassembled URL will actually end up back in the caller where it is needed for filtering decisions. This fixes the problem that a tinyproxy configured with the transparent proxy functionality and "FilterURLs Yes" would filter on everything but the domain. Signed-off-by: daniel.egger@sphairon.com Signed-off-by: Michael Adam <obnox@samba.org>
2010-12-01README: correctly list --enable-transparentMichael Adam1-1/+1
--enable-transparent-proxy was renamed to --enable-transparent in August 2004... :-)
2010-08-24[BB#91] Fix upstream proxy support.Michael Adam1-2/+2
Patch by Jordi Mallach.
2010-08-24upstream: clarify debug messagesMichael Adam1-2/+2
There are frequent questions "what does 'No proxy for ...' mean?" on the mailing list and IRC. Be more specific. (No upstream proxy ...) Correspondingly, log "Found upstream proxy ... for ..."