| Age | Commit message (Collapse) | Author |
|---|
|
it will be needed to add support for upstream proxy auth.
|
|
as reported by @natedogith1
|
|
using the "BasicAuth" keyword in tinyproxy.conf.
base64 code was written by myself and taken from my own library "libulz".
for this purpose it is relicensed under the usual terms of the tinyproxy
license.
|
|
the line
len = buff[0]; /* max = 255 */
could lead to a negative length if the value in buff[0] is > 127.
|
|
original patch submitted in 2006 to debian mailing list:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=392848%29#12
this version was rebased to git and updated by Russ Dill <russ.dill@gmail.com>
in 2015 (the original patch used a different config file format).
as discussed in #40.
commit message by @rofl0r.
|
|
if using one of unsigned or signed char for the function prototype, one
gets nasty warnings when using it with the other type. the only proper
solution is to put void* into the prototype, and then specialize the pointer
inside the function using an automatic variable.
for exactly this reason, libc functions like read(), write(), etc use void*
too.
|
|
some users want to run tinyproxy on an as-needed basis in a terminal,
without setting it up permanently to run as a daemon/service.
in such use case, it is very annoying that tinyproxy didn't have
an option to log to stdout, so the user has to keep a second terminal
open to `tail -f` the log.
additionally, this precluded usage with runit service supervisor,
which runs all services in foreground and creates logfiles from the
service's stdout/stderr.
since logging to stdout doesn't make sense when daemonized, now if
no logfile is specified and daemon mode activated, a warning is
printed to stderr once, and nothing is logged.
the original idea was to fail with an error message, though some users
might actually want to run tinyproxy as daemon and no logging at all.
|
|
some people want to run tinyproxy with minimal configuration from
the command line (and as non-root), but tinyproxy insists on writing
a pid file, which only makes sense for usage as a service, hereby
forcing the user to either run it as root so it can write to the
default location, or start editing the default config file to work
around it.
and if no pidfile is specified in the config, it frankly doesn't
make sense to force creation of one anyway.
|
|
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Configure trim
|
|
Prevent child from calling exit() on interrupt
|
|
src/Makefile.am: fix spaces vs TAB
|
|
this causes a build failure on several platforms using older versions
of autotools or GNU make.
make[2]: Entering directory `src'
Makefile:670: *** missing separator (did you mean TAB instead of 8 spaces?). Stop.
make[2]: Leaving directory `src'
fixes #72
|
|
A proposed fix for the logrotate SIGHUP issue.
|
|
|
|
|
|
addresses #65
|
|
addresses #65
|
|
available (#35)
allow non-reverse mappings if reverseonly is not enabled
|
|
|
|
This should make hash processing generally faster.
There is a treadeoff between memory footprint and
speed of processing. 10 KB instead of 1.2 KB of
hash table per process should not be a huge problem
even on very limited current systems.
Who really needs to stick to 32 buckets could
recompile. We could also think about making
this configurable at some point.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Based on patch provided by gpernot@praksys.org on bugzilla.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Based on a patch provided by gpernot@praksys.org on bugzilla.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
This hash function distributes much better than the
original one. The effect is not as visible with
hashes taken modulo 32 than with a bigger modulus,
but it is there. And larger number of buckets migh
become possible in the future...
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
I seem to have forgotten to compile with transparent support enabled...
This belongs to the fix for bug BB#63.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
This was accidentially used instead of the function parameter listen_addrs
This still belongs to the fix for bug BB#63.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Check the return value of socket_blocking (fcntl) at the
end of relay_connection() for client socket.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Check the return value of socket_blocking (fcntl) at the
end of relay_connection().
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
url == NULL is caught above.
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Check return of "recv" in readline().
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
check the return code of fcntl via socket_nonblocking
on the listen sockets in child_main()
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Check the return code of fcntl via socket_blocking
in pull_client_data().
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Check the return code of fcntl via socket_nonblocking
in pull_client_data()
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
ret will be used in enclosing scope.
so rename this special varibale.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Effectively, the return code of fcntl was not checked
by not checking the return code of socket_nonblocking()
for the server fd.
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Effectively, the return code of fcntl was not checked
by not checking the return code of socket_nonblocking()
for the client fd.
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Found by coverity.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Use extract_url instead of the old extract_ssl_url:
extract_url is generic and handles ipv6 literal addresses correctly.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
extract_url
There is in fact nothing http-specific any more about this function, hence
the rename. The input has been stripped of the <proto>:// header anyways.
This in preparation of fixing bug BB#106: ssl fails with literal ipv6 addrs.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
When removing the '[' and ']' characers from the ipv6 literal address, make sure
the pointer that is later free'd stays a malloced pointer by memmoving the
string one place left.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
log entering opensock and successful return of getaddrinfo.
This allows to detect dns timeouts from looking at the logs.
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
This introduces a list (vector) of addresses instead of
having just one address string.
Signed-off-by: Michael Adam <obnox@samba.org>
|
