Age | Commit message (Collapse) | Author |
|
the existing codebase used an elaborate and complex approach for
its parallelism:
5 different config file options, namely
- MaxClients
- MinSpareServers
- MaxSpareServers
- StartServers
- MaxRequestsPerChild
were used to steer how (and how many) parallel processes tinyproxy
would spin up at start, how many processes at each point needed to
be idle, etc.
it seems all preforked processes would listen on the server port
and compete with each other about who would get assigned the new
incoming connections.
since some data needs to be shared across those processes, a half-
baked "shared memory" implementation was provided for this purpose.
that implementation used to use files in the filesystem, and since
it had a big FIXME comment, the author was well aware of how hackish
that approach was.
this entire complexity is now removed. the main thread enters
a loop which polls on the listening fds, then spins up a new
thread per connection, until the maximum number of connections
(MaxClients) is hit. this is the only of the 5 config options
left after this cleanup. since threads share the same address space,
the code necessary for shared memory access has been removed.
this means that the other 4 mentioned config option will now
produce a parse error, when encountered.
currently each thread uses a hardcoded default of 256KB per thread
for the thread stack size, which is quite lavish and should be
sufficient for even the worst C libraries, but people may want
to tweak this value to the bare minimum, thus we may provide a new
config option for this purpose in the future.
i suspect that on heavily optimized C libraries such a musl, a
stack size of 8-16 KB per thread could be sufficient.
since the existing list implementation in vector.c did not provide
a way to remove a single item from an existing list, i added my
own list implementation from my libulz library which offers this
functionality, rather than trying to add an ad-hoc, and perhaps
buggy implementation to the vector_t list code. the sblist
code is contained in an 80 line C file and as simple as it can get,
while offering good performance and is proven bugfree due to years
of use in other projects.
|
|
|
|
closes #50
|
|
loosely based on @valenbg1's code from PR #38
closes #38
closes #96
|
|
using the "BasicAuth" keyword in tinyproxy.conf.
base64 code was written by myself and taken from my own library "libulz".
for this purpose it is relicensed under the usual terms of the tinyproxy
license.
|
|
|
|
|
|
some users want to run tinyproxy on an as-needed basis in a terminal,
without setting it up permanently to run as a daemon/service.
in such use case, it is very annoying that tinyproxy didn't have
an option to log to stdout, so the user has to keep a second terminal
open to `tail -f` the log.
additionally, this precluded usage with runit service supervisor,
which runs all services in foreground and creates logfiles from the
service's stdout/stderr.
since logging to stdout doesn't make sense when daemonized, now if
no logfile is specified and daemon mode activated, a warning is
printed to stderr once, and nothing is logged.
the original idea was to fail with an error message, though some users
might actually want to run tinyproxy as daemon and no logging at all.
|
|
some people want to run tinyproxy with minimal configuration from
the command line (and as non-root), but tinyproxy insists on writing
a pid file, which only makes sense for usage as a service, hereby
forcing the user to either run it as root so it can write to the
default location, or start editing the default config file to work
around it.
and if no pidfile is specified in the config, it frankly doesn't
make sense to force creation of one anyway.
|
|
tinyproxy conservatively defaulted to allow CONNECT method only
on two ports used by SSL in the ancient past, but since HTTPS usage
got much more widespread (actually, it's now the default for the
majority of websites), it makes sense now to allow it without
restriction by default to accomodate for the new situation.
|
|
|
|
These are compiled in defaults now.
Michael
|
|
"@LOCALSTATEDIR@/run/tinyproxy/tinyproxy.pid"
I.e., add a tinyproxy subdirectory.
This is meant to ease running tinyproxy as non-root user.
The subdirectory can be used to give the tinyproxy user
write permission.
Michael
|
|
"@LOCALSTATEDIR@/log/tinyproxy/tinyproxy.log"
i.e. add a tinyproxy subdirectory.
This is meant to ease running tinyproxy as non-root user
the subdirectory can be used to give the tinyproxy user
write permission.
Michael
|
|
|
|
|
|
|
|
Michael
|
|
|
|
|
|
This is a first cut at providing a tinyproxy.conf file with
more useful default or example directories. It uses datadir,
sysconfdir and localstatedir.
Because automake is a little special here, this template can
not simply be processed by configure (AC_CONFIG_FILES(...)),
as these variables can only be used like this in makefiles.
Instead, we need a little sed-processor in the Makfile in etc/.
Michael
|