summaryrefslogtreecommitdiff
path: root/src (follow)
AgeCommit message (Collapse)AuthorFilesLines
2004-08-13Change the code to use the new config_parse() method rather than theRobert James Kaes1-7/+12
flex/bison based configuration system.
2004-08-13Added the new configuration parsing system (conffile.c andRobert James Kaes3-1/+638
conffile.h.) The new system is intended to replace the existing grammar.y and scanner.l files. I don't want to depend on flex/bison any longer.
2004-08-12(check_allowed_connect_ports): By default DENY any CONNECT requestsRobert James Kaes1-13/+9
unless explicitly allowed by a configuration directive.
2004-08-12(add_xtinyproxy_header): Removed the runtime error checking of theRobert James Kaes1-8/+3
connptr->server_fd variable and moved it into an assert since we should never be called with invalid data. Also made the function an inline function since it's only called in one place.
2004-08-11Completely rewrote the ACL functionality. The new system is intendedRobert James Kaes1-158/+184
to handle IPv6 style addresses along with the existing IPv4 and string addresses. In addition, the hand-rolled "list" code has been replaced with a vector (code reuse.) Also, the code should be a little easier to understand (relatively speaking.) I do need to add some kind of testing framework (in general) to check that the new code does work with all the formats that will be thrown at it.
2004-08-11(strip_username_password): Removed one of the pointer variables sinceRobert James Kaes1-11/+16
it's no longer needed. Reorganized the function to make it more obvious what was actually being done.
2004-08-10Merged in changes from 1.6.3Robert James Kaes7-18/+32
2004-04-27Added the "BindSame" configure directive from Oswald Buddenhagen.Robert James Kaes8-32/+87
This allows tinyproxy to respond to a request bound to the same interface that the request came in on. As Oswald explains: "attached is a patch that adds the BindSame option. it causes binding an outgoing connection to the ip address of the respective incoming connection. that way one can simulate an entire proxy farm with a single instance of tinyproxy on a multi-homed machine." Cool.
2004-04-27(init_stats): Fixed a memset bug, where the structure was not clearedRobert James Kaes1-2/+2
properly. (The sizeof "struct stat" was being used rather than the proper "struct stat_s". On my system, "struct stat" is 88 bytes long, while "struct stat_s" is 20 bytes long. Quite a difference!)
2004-04-27These files list all the other files that CVS should ignore. It makesRobert James Kaes1-0/+8
looking at the CVS status information a little cleaner.
2004-02-18Converted the various socket functions to work with both IPv4 and IPv6Robert James Kaes2-91/+90
addresses.
2004-02-18Added two functions:Robert James Kaes2-4/+85
- get_ip_string() converts a binary network address into either a dotted-decimal IPv4 address, or a IPv6 hex-string - full_inet_pton() converts a numeric character string into an IPv6 network address (binary form). It's like the system inet_pton() function, but it will work with bot IPv4 and IPv6 character strings. These functions are required for the conversion to Internet protocol independence. (Or to put it more clearly: allow tinyproxy to work in an IPv6 network.)
2004-02-13Removed unnecessary casts (mostly dealing with memory allocation.) IRobert James Kaes13-62/+56
should never have added them in the first place. They don't really buy anything, and they can hide bugs.
2004-02-04(strip_return_port): Patch from "alex" to strip the port from the hostRobert James Kaes1-19/+41
string and return the port. I cleaned up and added error handling to the code, but it's basically "alex"'s fix. (extract_http_url): Rewrote this function to remove all the sscanf() calls. It's much easier to just split on the path slash (if it's present) and then strip the user name/password and port from the host string. Less code, handles more cases!
2004-01-26Added reverse proxy support from Kim Holviala. His comments regardingRobert James Kaes8-30/+279
this addition follow: The patch implements a simple reverse proxy (with one funky extra feature). It has all the regular features: mapping remote servers to local namespace (ReversePath), disabling forward proxying (ReverseOnly) and HTTP redirect rewriting (ReverseBaseURL). The funky feature is this: You map Google to /google/ and the Google front page opens up fine. Type in stuff and click "Google Search" and you'll get an error from tinyproxy. Reason for this is that Google's form submits to "/search" which unfortunately bypasses our /google/ mapping (if they'd submit to "search" without the slash it would have worked ok). Turn on ReverseMagic and it starts working.... ReverseMagic "hijacks" one cookie which it sends to the client browser. This cookie contains the current reverse proxy path mapping (in the above case /google/) so that even if the site uses absolute links the reverse proxy still knows where to map the request. And yes, it works. No, I've never seen this done before - I couldn't find _any_ working OSS reverse proxies, and the commercial ones I've seen try to parse the page and fix all links (in the above case changing "/search" to "/google/search"). The problem with modifying the html is that it might not be parsable (very common) or it might be encoded so that the proxy can't read it (mod_gzip or likes). Hope you like that patch. One caveat - I haven't coded with C in like three years so my code might be a bit messy.... There shouldn't be any security problems thou, but you never know. I did all the stuff out of my memory without reading any RFC's, but I tested everything with Moz, Konq, IE6, Links and Lynx and they all worked fine.
2003-10-17Merged in changes from the 1.6.2 release. (Fixes for the filtering codeRobert James Kaes1-23/+32
and the HTML installation script.)
2003-08-07tinyproxy no longer includes a fall-back regular expression library,Robert James Kaes4-9/+8
so these files needed to be modified to only use the system's installed regular expression library.
2003-08-07Removed the included regular expression library, since it should comeRobert James Kaes3-6457/+0
standard on any reasonably modern system.
2003-08-07# Merged in changes from the stable 1.6 branch.Robert James Kaes1-4/+3
2003-08-05# Fixed a comment to actually reflect what the function does.Robert James Kaes1-2/+2
2003-08-01Included patches from Steven Young to use the hashmap functionality toRobert James Kaes4-82/+64
manage the HTML error pages. It simplifies the source, and also make the object file smaller. Nice. Also added any casting from (void*) to ensure that the code compiles using a C++ compiler.
2003-07-31Added appropriate casts (void*) casts to allow the code to compileRobert James Kaes1-9/+12
cleanly using a C++ compiler. Changed the servers_waiting variable to an unsigned int, since the number of servers waiting can never be negative, and added an assert() to ensure this invariant.
2003-07-31(debugging_realloc): Removed the assert for the NULL pointer, sinceRobert James Kaes1-3/+2
realloc() can take a NULL pointer, as defined by the realloc() man page. Fixed the cast in both safefree() macros to compile cleaning using a C++ compiler.
2003-07-31Fixed the cast in both safefree() macros to compile cleaning using aRobert James Kaes1-3/+3
C++ compiler.
2003-07-31# Fixed a preprocessor test (misspelled __cplusplus)Robert James Kaes1-2/+2
2003-07-31Added appropriate casts from (void*) so that the code will compileRobert James Kaes11-58/+67
cleanly with a C++ compiler. (Tested using GCC 3.3)
2003-07-14(indicate_http_error): Added calls to va_end() before leaving theRobert James Kaes1-2/+6
function.
2003-06-26# Removed the debugging information.Robert James Kaes1-8/+2
2003-06-26# Added debugging flags for the flex scanner.Robert James Kaes1-2/+2
2003-06-26(upstream_add): Rewrote the function to actually handle the variousRobert James Kaes1-33/+37
types of upstream configurations correctly. Hopefully, the code is also a little clearer in it's implementation.
2003-06-26# Removed the STRING_ADDRESS token since it was conflicting with theRobert James Kaes1-6/+4
IDENTIFIER directive and also the keyword directives.
2003-06-26Modified the patterns to allow the new upstream directives to work asRobert James Kaes1-9/+14
defined in the tinyproxy.conf documentation.
2003-06-26(debugging_free): Rather than assert on a NULL pointer, log the NULLRobert James Kaes1-4/+4
pointer and return.
2003-06-25Added a test to define INADDR_NONE if it's not present. For example,Robert James Kaes1-1/+8
SunOS (solaris 2.8) does not include this define. [Thank to Ben Hartshorne for pointing this out.]
2003-06-20Removed the "ViaHeader" directive and replaced it with theRobert James Kaes4-40/+42
"ViaProxyName" directive. The "Via" HTTP header is _required_ by the HTTP spec, so the code has been changed to always send the header. However, including the proxy's host name could be considered a security threat, so the "ViaProxyName" directive is used to set the token sent in the "Via" header. If the directive is not enabled the proxy's host name will be used.
2003-06-06(connect_to_upstream): Fixed an off-by-one error in the snprintf()Robert James Kaes1-5/+6
call used to build the URL for the upstream proxy. [Patch suggested by David T. Pierso]
2003-06-02(upstream_get):Robert James Kaes2-38/+67
(upstream_add): Added support to allow ip addresses and networks to be used when matching an upstream proxy directive. [Code by Peter da Silva]
2003-05-31Changed the safefree() macro to make it safe to use a conditionalRobert James Kaes1-3/+11
statement, and also safe to use with a rvalue that has a side effect. [Bug fix recommended by Peter da Silva]
2003-05-31# Changed all the for calls to use the != test rather than < test.Robert James Kaes7-31/+31
The change was recommended in the C/C++ User Journal magazine.
2003-05-30# Changed the calls to vector_getentry() to use the new callingRobert James Kaes2-4/+5
convention.
2003-05-30(vector_getentry): Changed the API to return the data pointer and haveRobert James Kaes2-18/+19
the length returned in a argument variable pointer. This should be a more natural way of using the function.
2003-05-29# Added a vector_prepend() function and recoded the old vector_insert()Robert James Kaes2-15/+41
to be a general "insert" for both vector_append() and vector_prepend()
2003-05-29# Renamed the vector_insert() calls to vector_append()Robert James Kaes2-4/+4
2003-05-29(vector_append): Renamed the vector_insert() function to moreRobert James Kaes2-9/+9
accurately indicate that entries are appended to the end of the vector.
2003-05-29Improved the upstream proxy support by making the upstream proxyRobert James Kaes4-23/+184
server configurable based on the destination host. [Code written by Peter da Silva]
2003-05-05(establish_http_connection): If the port being requested is not aRobert James Kaes1-7/+23
standard HTTP port (80 or 443) append the port string to the host header; otherwise, leave the host string with only the host's domain name. Replaced all occurrences of constant 80 and 443 with defines HTTP_PORT and HTTP_PORT_SSL.
2003-05-04Fixed a bug that would kill a child process because of an invalidRobert James Kaes2-5/+4
safefree() call. Basically, destroy_conn() was trying to free memory not allocated by malloc. [Fix by David T. Pierson]
2003-04-16(build_url): Rebuild the URL from the component pieces. This functionRobert James Kaes1-13/+53
is used by the transparent proxy code. [Anatole Shaw] (process_request): Fixed up the transparent proxy code so that filtering can be done on the whole URL. [Anatole Shaw] (pull_client_data): Added a bug fix for Internet Explorer (IE). IE will leave an extra CR and LF after the data in an HTTP POST. The new code will eat the extra bytes if they're present. Thanks to Yannick Koehler for finding the bug and offering an explanation as to why it was happening. Changed all calls of connptr->remote_content_length to connptr->content_length.server
2003-04-16# Changed it again to this time use the TINYPROXY_DEBUG environmentRobert James Kaes1-7/+13
variable to determine whether to wait for a connection from GDB.
2003-04-16# The programmer is now made to _explicitly_ enable the GDB support inRobert James Kaes1-2/+3
the child handling function.