summaryrefslogtreecommitdiffhomepage
path: root/src/reqs.c
AgeCommit message (Collapse)Author
2020-11-10WIPMikael Magnusson
2020-11-10WIP: BindIPv6MappedMikael Magnusson
2020-11-07WIP: BindIPv4MappedMikael Magnusson
2020-10-19reqs: fix UB passing ssize_t to format string expecting introfl0r
2020-09-17tune error messages to show select or poll depending on what is usedrofl0r
2020-09-16remove vector remainsrofl0r
2020-09-16add_header: use sblistrofl0r
note that the old code inserted added headers at the beginning of the list, reasoning unknown. this seems counter-intuitive as the headers would end up in the request in the reverse order they were added, but this was irrelevant, as the headers were originally first put into the hashmap hashofheaders before sending it to the client. since the hashmap didn't preserve ordering, the headers would appear in random order anyway.
2020-09-15prepare transition to poll()rofl0r
usage of select() is inefficient (because a huge fd_set array has to be initialized on each call) and insecure (because an fd >= FD_SETSIZE will cause out-of-bounds accesses using the FD_*SET macros, and a system can be set up to allow more than that number of fds using ulimit). for the moment we prepared a poll-like wrapper that still runs select() to test for regressions, and so we have fallback code for systems without poll().
2020-09-15refactor conns.[ch], put conn_s into child structrofl0r
this allows to access the conn member from the main thread handling the childs, plus simplifies the code.
2020-09-15replace leftover users of hashmap with htabrofl0r
also fixes a bug where the ErrorFile directive would create a new hashmap on every added item, effectively allowing only the use of the last specified errornumber, and producing memory leaks on each config reload.
2020-09-15save headers in an ordered dictionaryrofl0r
due to the usage of a hashmap to store headers, when relaying them to the other side the order was not prevented. even though correct from a standards point-of-view, this caused issues with various programs, and it allows to fingerprint the use of tinyproxy. to implement this, i imported the MIT-licensed hsearch.[ch] from https://github.com/rofl0r/htab which was originally taken from musl libc. it's a simple and efficient hashtable implementation with far better performance characteristic than the one previously used by tinyproxy. additionally it has an API much more well-suited for this purpose. orderedmap.[ch] was implemented from scratch to address this issue. behind the scenes it uses an sblist to store string values, and a htab to store keys and the indices into the sblist. this allows us to iterate linearly over the sblist and then find the corresponding key in the hash table, so the headers can be reproduced in the order they were received. closes #73
2020-09-13fix get_request_entity()rofl0r
get_request_entity()'s purpose is to drain remaining unread bytes in the request read pipe before handing out an error page, and kinda surprisingly, also when connection to the stathost is done. in the stathost case tinyproxy just skipped proper processing and jumped to the error handler code, and remembering whether a connection to the stathost was desired in a variable, then doing things a bit differently depending on whether it's set. i tried to fix issues with get_request_entity in 88153e944f7d28f57cccc77f3228a3f54f78ce4e (which is basically the right fix for the issue it tried to solve, but incomplete), and resulting from there in 78cc5b72b18a3c0d196126bfbc5d3b6473386da9. the latter fix wasn't quite right since we're not supposed to check whether the socket is ready for writing, and having a return value of 2 instead of 1 got resulted in some of the if statements not kicking in when they should have. this also resulted in the stathost page no longer working. after in-depth study of the issue i realized that we only need to call get_request_entity() when the headers aren't completely read, additional to setting the proper connection timeout as 88153e944f7d28f57cccc77f3228a3f54f78ce4e already implemented. the changes of 78cc5b72b18a3c0d196126bfbc5d3b6473386da9 have been reverted.
2020-09-10handle_connection(): print process_*_headers errno informationrofl0r
2020-09-10handle_connection: replace "goto fail" with func callrofl0r
this allows to see in a backtrace from where the error was triggered.
2020-09-10handle_connection(): factor out failure coderofl0r
this allows us in a next step to replace goto fail with a call to that function, so we can see in a backtrace from where the failure was triggered.
2020-09-09remove bogus custom timeout handling coderofl0r
in networking, hitting a timeout requires that *nothing* happens during the interval. whenever anything happens, the timeout is reset. there's no need to do custom time calculations, it's perfectly fine to let the kernel handle it using the select() syscall. additionally the code added in 0b9a74c29036f9215b2b97a301b7b25933054302 assures that read and write syscalls() don't block indefinitely and return on the timeout too, so there's no need to switch sockets back and forth between blocking/nonblocking.
2020-09-09fix negative timeout resulting in select() EINVALrofl0r
2020-09-08get_request_entity: fix regression w/ CONNECT methodrofl0r
introduced in 88153e944f7d28f57cccc77f3228a3f54f78ce4e. when connect method is used (HTTPS), and e.g. a filtered domain requested, there's no data on readfds, only on writefds. this caused the response from the connection to hang until the timeout was hit. in the past in such scenario always a "no entity" response was produced in tinyproxy logs.
2020-09-07get_request_entity: respect user-set timeoutrofl0r
get_request_entity() is only called on error, for example if a client doesn't pass a check_acl() check. in such a case it's possible that the client fd isn't yet ready to read from. using select() with a timeout timeval of {0,0} causes it to return immediately and return 0 if there's no data ready to be read. this resulted in immediate connection termination rather than returning the 403 access denied error page to the client and a confusing "no entity" message displayed in the proxy log.
2020-09-07Do not give error while storing invalid header[anp/hsw]
2020-09-05filter: reduce memory usage, fix OOM crashesrofl0r
* check return values of memory allocation and abort gracefully in out-of-memory situations * use sblist (linear dynamic array) instead of linked list - this removes one pointer per filter rule - removes need to manually allocate/free every single list item (instead block allocation is used) - simplifies code * remove storage of (unused) input rule - removes one char* pointer per filter rule - removes storage of the raw bytes of each filter rule * add line number to display on out-of-memory/invalid regex situation * replace duplicate filter_domain()/filter_host() code with a single function filter_run() - reduces code size and management effort with these improvements, >1 million regex rules can be loaded with 4 GB of RAM, whereas previously it crashed with about 950K. the list for testing was assembled from http://www.shallalist.de/Downloads/shallalist.tar.gz closes #20
2020-07-15enforce socket timeout on new sockets via setsockopt()rofl0r
the timeout option set by the config file wasn't respected at all so it could happen that connections became stale and were never released, which eventually caused tinyproxy to hit the limit of open connections and never accepting new ones. addresses #274
2020-03-16anonymous: fix segfault loading config itemrofl0r
unlike other functions called from the config parser code, anonymous_insert() accesses the global config variable rather than passing it as an argument. however the global variable is only set after successful loading of the entire config. we fix this by adding a conf argument to each anonymous_* function, passing the global pointer in calls done from outside the config parser. fixes #292
2020-01-15access config via a pointer, not a hardcoded struct addressrofl0r
this is required so we can elegantly swap out an old config for a new one in the future and remove lots of boilerplate from config initialization code. unfortunately this is a quite intrusive change as the config struct was accessed in numerous places, but frankly it should have been done via a pointer right from the start. right now, we simply point to a static struct in main.c, so there shouldn't be any noticeable changes in behaviour.
2019-12-21implement detection and denial of endless connection loopsrofl0r
it is quite easy to bring down a proxy server by forcing it to make connections to one of its own ports, because this will result in an endless loop spawning more and more connections, until all available fds are exhausted. since there's a potentially infinite number of potential DNS/ip addresses resolving to the proxy, it is impossible to detect an endless loop by simply looking at the destination ip address and port. what *is* possible though is to record the ip/port tuples assigned to outgoing connections, and then compare them against new incoming connections. if they match, the sender was the proxy itself and therefore needs to reject that connection. fixes #199.
2019-12-21do hostname resolution only when it is absolutely necessary for ACL checkrofl0r
tinyproxy used to do a full hostname resolution whenever a new client connection happened, which could cause very long delays (as reported in #198). there's only a single place/scenario that actually requires a hostname, and that is when an Allow/Deny rule exists for a hostname or domain, rather than a raw IP address. since it is very likely this feature is not very widely used, it makes absolute sense to only do the costly resolution when it is unavoidable.
2019-06-14fix usage of stathost in combination with basic authrofl0r
http protocol requires different treatment of proxy auth vs server auth. fixes #246
2018-05-29fix socks5 upstream user/pass subnegotiation checkrofl0r
RFC 1929 specifies that the user/pass auth subnegotation repurposes the version field for the version of that specification, which is 1, not 5. however there's quite a good deal of software out there which got it wrong and replies with version 5 to a successful authentication, so let's just accept both forms - other socks5 client programs like curl do the same. closes #172
2018-02-27implement user/password auth for socks5 upstream proxyrofl0r
just like the rest of the socks code, this was stolen from proxychains-ng, of which i'm happen to be the maintainer of, so it's not an issue (the licenses are identical, too).
2018-02-25rename members of proxy_type enum to have a common prefixrofl0r
and add a NONE member.
2018-02-25implement HTTP basic auth for upstream proxiesrofl0r
loosely based on @valenbg1's code from PR #38 closes #38 closes #96
2018-02-06Basic Auth: send correct response codes and headers acc. to rfc7235rofl0r
as reported by @natedogith1
2018-02-06add support for basic HTTP authenticationrofl0r
using the "BasicAuth" keyword in tinyproxy.conf. base64 code was written by myself and taken from my own library "libulz". for this purpose it is relicensed under the usual terms of the tinyproxy license.
2018-02-06fix types used in SOCKS4/5 support coderofl0r
the line len = buff[0]; /* max = 255 */ could lead to a negative length if the value in buff[0] is > 127.
2018-02-06add SOCKS upstream proxy support (socks4/socks5)Gonzalo Tornaria
original patch submitted in 2006 to debian mailing list: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=392848%29#12 this version was rebased to git and updated by Russ Dill <russ.dill@gmail.com> in 2015 (the original patch used a different config file format). as discussed in #40. commit message by @rofl0r.
2016-09-10Continue with forward proxy if ReverseOnly is not true and no mapping ↵Stephan Leemburg
available (#35) allow non-reverse mappings if reverseonly is not enabled
2014-12-13BB#110 Increase number of hash buckets from 32 to 256.Michael Adam
This should make hash processing generally faster. There is a treadeoff between memory footprint and speed of processing. 10 KB instead of 1.2 KB of hash table per process should not be a huge problem even on very limited current systems. Who really needs to stick to 32 buckets could recompile. We could also think about making this configurable at some point. Signed-off-by: Michael Adam <obnox@samba.org>
2014-12-13BB#110 limit the number of headers per request to prevent DoSMichael Adam
Based on patch provided by gpernot@praksys.org on bugzilla. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-23reqs: fix typo in a debug message in get_request_entity()Michael Adam
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: Fix CID 1130969 (part 3) - unchecked return value from library.Michael Adam
Check the return value of socket_blocking (fcntl) at the end of relay_connection() for client socket. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: Fix CID 1130969 (part 2) - unchecked return value from library.Michael Adam
Check the return value of socket_blocking (fcntl) at the end of relay_connection(). Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: Fix CID 1130972 - remove logically dead code.Michael Adam
url == NULL is caught above. Found by coverity. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: Fix CID 1130967 - unchecked return value from library.Michael Adam
Check the return code of fcntl via socket_blocking in pull_client_data(). Found by coverity. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: Fix CID 1130968 - unchecked return value from libraryMichael Adam
Check the return code of fcntl via socket_nonblocking in pull_client_data() Found by coverity. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: rename a variable.Michael Adam
ret will be used in enclosing scope. so rename this special varibale. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: fix CID 1130969 - unchecked return code from libraryMichael Adam
Effectively, the return code of fcntl was not checked by not checking the return code of socket_nonblocking() for the server fd. Found by coverity. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-22reqs: fix CID 1130970 - unchecked return code from libraryMichael Adam
Effectively, the return code of fcntl was not checked by not checking the return code of socket_nonblocking() for the client fd. Found by coverity. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-16BB#106: remove now unused extract_ssl_url.Michael Adam
Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-16BB#106: fix CONNECT requsts with IPv6 literal addresses as host.Michael Adam
Use extract_url instead of the old extract_ssl_url: extract_url is generic and handles ipv6 literal addresses correctly. Signed-off-by: Michael Adam <obnox@samba.org>
2013-11-16BB#106: add default_port argument to extract_http_url and rename it to ↵Michael Adam
extract_url There is in fact nothing http-specific any more about this function, hence the rename. The input has been stripped of the <proto>:// header anyways. This in preparation of fixing bug BB#106: ssl fails with literal ipv6 addrs. Signed-off-by: Michael Adam <obnox@samba.org>