Changeset 5502


Ignore:
Timestamp:
Jul 13, 2017, 9:41:54 AM (17 months ago)
Author:
Juanma
Message:

Initial release

Location:
squid-ssl/trunk/fuentes
Files:
56 added
15 edited

Legend:

Unmodified
Added
Removed
  • squid-ssl/trunk/fuentes/src/LogTags.h

    r5499 r5502  
    2828    LOG_TCP_CLIENT_REFRESH_MISS,
    2929    LOG_TCP_IMS_HIT,
     30    LOG_TCP_INM_HIT,
    3031    LOG_TCP_SWAPFAIL_MISS,
    3132    LOG_TCP_NEGATIVE_HIT,
     
    5455        (code == LOG_TCP_HIT) ||
    5556        (code == LOG_TCP_IMS_HIT) ||
     57        (code == LOG_TCP_INM_HIT) ||
    5658        (code == LOG_TCP_REFRESH_FAIL_OLD) ||
    5759        (code == LOG_TCP_REFRESH_UNMODIFIED) ||
  • squid-ssl/trunk/fuentes/src/Makefile.am

    r5499 r5502  
    910910DEFAULT_CONFIG_DIR      = $(sysconfdir)
    911911DEFAULT_CONFIG_FILE     = $(DEFAULT_CONFIG_DIR)/squid.conf
    912 DEFAULT_MIME_TABLE      = $(DEFAULT_CONFIG_DIR)/mime.conf
     912DEFAULT_MIME_TABLE      = $(datadir)/mime.conf
    913913DEFAULT_SSL_CRTD        = $(libexecdir)/`echo ssl_crtd  | sed '$(transform);s/$$/$(EXEEXT)/'`
    914914DEFAULT_LOG_PREFIX      = $(DEFAULT_LOG_DIR)
  • squid-ssl/trunk/fuentes/src/Makefile.in

    r5499 r5502  
    32583258DEFAULT_CONFIG_DIR = $(sysconfdir)
    32593259DEFAULT_CONFIG_FILE = $(DEFAULT_CONFIG_DIR)/squid.conf
    3260 DEFAULT_MIME_TABLE = $(DEFAULT_CONFIG_DIR)/mime.conf
     3260DEFAULT_MIME_TABLE = $(datadir)/mime.conf
    32613261DEFAULT_SSL_CRTD = $(libexecdir)/`echo ssl_crtd  | sed '$(transform);s/$$/$(EXEEXT)/'`
    32623262DEFAULT_LOG_PREFIX = $(DEFAULT_LOG_DIR)
  • squid-ssl/trunk/fuentes/src/cf.data.pre

    r5499 r5502  
    12071207# Adapt to list your (internal) IP networks from where browsing
    12081208# should be allowed
    1209 acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
    1210 acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
    1211 acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
    1212 acl localnet src fc00::/7       # RFC 4193 local private network range
    1213 acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
     1209#acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
     1210#acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
     1211#acl localnet src 192.168.0.0/16        # RFC1918 possible internal network
     1212#acl localnet src fc00::/7       # RFC 4193 local private network range
     1213#acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
    12141214
    12151215acl SSL_ports port 443
     
    14601460# Adapt localnet in the ACL section to list your (internal) IP networks
    14611461# from where browsing should be allowed
    1462 http_access allow localnet
     1462#http_access allow localnet
    14631463http_access allow localhost
    14641464
     
    32113211                        reference a combined file containing both the
    32123212                        certificate and the key.
     3213
     3214        Notes:
     3215       
     3216        On Debian/Ubuntu systems a default snakeoil certificate is
     3217    available in /etc/ssl and users can set:
     3218
     3219                cert=/etc/ssl/certs/ssl-cert-snakeoil.pem
     3220
     3221        and
     3222
     3223                key=/etc/ssl/private/ssl-cert-snakeoil.key
     3224
     3225        for testing.
    32133226       
    32143227        sslversion=1|2|3|4|5|6
     
    45344547NAME: logfile_rotate
    45354548TYPE: int
    4536 DEFAULT: 10
     4549DEFAULT: 0
    45374550LOC: Config.Log.rotateNumber
    45384551DOC_START
     
    45534566        Note, from Squid-3.1 this option is only a default for cache.log,
    45544567        that log can be rotated separately by using debug_options.
     4568
     4569        Note2, for Debian/Linux the default of logfile_rotate is
     4570        zero, since it includes external logfile-rotation methods.
    45554571DOC_END
    45564572
     
    54315447refresh_pattern ^gopher:        1440    0%      1440
    54325448refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
     5449refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
     5450# example lin deb packages
     5451#refresh_pattern (\.deb|\.udeb)$   129600 100% 129600
    54335452refresh_pattern .               0       20%     4320
    54345453NOCOMMENT_END
     
    88978916        WARNING:
    88988917          This option will restrict the situations under which IPv6
    8899           connectivity is used (and tested). Hiding network problems
    8900           which would otherwise be detected and warned about.
     8918          connectivity is used (and tested), potentially hiding network
     8919          problems which would otherwise be detected and warned about.
    89018920DOC_END
    89028921
  • squid-ssl/trunk/fuentes/src/client_side.cc

    r5499 r5502  
    416416        break;
    417417
     418    case LOG_TCP_INM_HIT:
    418419    case LOG_TCP_IMS_HIT:
    419420        statCounter.client_http.nearMissSvcTime.count(svc_time);
     
    26612662            return;
    26622663        }
     2664
     2665        // when absolute-URI is provided Host header should be ignored. However
     2666        // some code still uses Host directly so normalize it.
     2667        // For now preserve the case where Host is completely absent. That matters.
     2668        if (request->header.has(HDR_HOST)) {
     2669            const char *host = request->header.getStr(HDR_HOST);
     2670            SBuf authority(request->GetHost());
     2671            if (request->port != urlDefaultPort(request->url.getScheme()))
     2672                authority.appendf(":%d", request->port);
     2673            debugs(33, 5, "URL domain " << authority << " overrides header Host: " << host);
     2674            // URL authority overrides Host header
     2675            request->header.delById(HDR_HOST);
     2676            request->header.putStr(HDR_HOST, authority.c_str());
     2677        }
    26632678    }
    26642679
  • squid-ssl/trunk/fuentes/src/client_side_reply.h

    r5499 r5502  
    115115    int checkTransferDone();
    116116    void processOnlyIfCachedMiss();
    117     void processConditional(StoreIOBuffer &result);
     117    bool processConditional(StoreIOBuffer &result);
    118118    void cacheHit(StoreIOBuffer result);
    119119    void handleIMSReply(StoreIOBuffer result);
  • squid-ssl/trunk/fuentes/src/client_side_request.cc

    r5499 r5502  
    142142    al = new AccessLogEntry;
    143143    al->cache.start_time = current_time;
    144     al->tcpClient = clientConnection = aConn->clientConnection;
    145     al->cache.port = aConn->port;
    146     al->cache.caddr = aConn->log_addr;
     144    if (aConn) {
     145        al->tcpClient = clientConnection = aConn->clientConnection;
     146        al->cache.port = aConn->port;
     147        al->cache.caddr = aConn->log_addr;
    147148
    148149#if USE_OPENSSL
    149     if (aConn->clientConnection != NULL && aConn->clientConnection->isOpen()) {
    150         if (SSL *ssl = fd_table[aConn->clientConnection->fd].ssl)
    151             al->cache.sslClientCert.reset(SSL_get_peer_certificate(ssl));
    152     }
    153 #endif
     150        if (aConn->clientConnection != NULL && aConn->clientConnection->isOpen()) {
     151            if (SSL *ssl = fd_table[aConn->clientConnection->fd].ssl)
     152                al->cache.sslClientCert.reset(SSL_get_peer_certificate(ssl));
     153        }
     154#endif
     155    }
    154156    dlinkAdd(this, &active, &ClientActiveRequests);
    155157#if USE_ADAPTATION
  • squid-ssl/trunk/fuentes/src/esi/Context.h

    r5499 r5502  
    1414#include "esi/Element.h"
    1515#include "esi/Parser.h"
     16#include "HttpReply.h"
    1617#include "http/StatusCode.h"
    1718
     
    9293    Http::StatusCode errorstatus; /* if we error, what code to return */
    9394    char *errormessage; /* error to pass to error page */
    94     HttpReply *rep; /* buffered until we pass data downstream */
     95    HttpReply::Pointer rep; /* buffered until we pass data downstream */
    9596    ESISegment::Pointer buffered; /* unprocessed data - for whatever reason */
    9697    ESISegment::Pointer incoming;
  • squid-ssl/trunk/fuentes/src/esi/Esi.cc

    r5499 r5502  
    574574#endif
    575575
    576     if (!(rep || (outbound.getRaw() &&
     576    if (!(rep != NULL || (outbound.getRaw() &&
    577577                  outbound->len && (outbound_offset <= outbound->len)))) {
    578578        debugs(86, 5, "ESIContext::send: Nothing to send.");
     
    619619    debugs(86, 5, "ESIContext::send: this=" << this << " Client no longer wants data ");
    620620    /* Deal with re-entrancy */
    621     HttpReply *temprep = rep;
     621    HttpReply::Pointer temprep = rep;
    622622    rep = NULL; /* freed downstream */
    623623
    624     if (temprep && varState)
    625         varState->buildVary (temprep);
     624    if (temprep != NULL && varState)
     625        varState->buildVary(temprep.getRaw());
    626626
    627627    {
     
    630630        tempBuffer.offset = pos - len;
    631631        tempBuffer.data = next->readBuffer.data;
    632         clientStreamCallback (thisNode, http, temprep, tempBuffer);
     632        clientStreamCallback (thisNode, http, temprep.getRaw(), tempBuffer);
    633633    }
    634634
     
    967967    int specifiedattcount = attrCount * 2;
    968968    char *position;
    969     assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */
     969    Must(ellen < sizeof(localbuf)); /* prevent unexpected overruns. */
    970970
    971971    debugs(86, 5, "ESIContext::Start: element '" << el << "' with " << specifiedattcount << " tags");
     
    981981        localbuf[0] = '<';
    982982        localbuf[1] = '\0';
    983         assert (xstrncpy (&localbuf[1], el, sizeof(localbuf) - 2));
     983        xstrncpy(&localbuf[1], el, sizeof(localbuf) - 2);
    984984        position = localbuf + strlen (localbuf);
    985985
    986986        for (i = 0; i < specifiedattcount && attr[i]; i += 2) {
     987            Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1);
    987988            *position = ' ';
    988989            ++position;
    989990            /* TODO: handle thisNode gracefully */
    990             assert (xstrncpy (position, attr[i], sizeof(localbuf) + (position - localbuf)));
     991            xstrncpy(position, attr[i], sizeof(localbuf) - (position - localbuf));
    991992            position += strlen (position);
     993            Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2);
    992994            *position = '=';
    993995            ++position;
     
    9981000            while ((ch = *chPtr++) != '\0') {
    9991001                if (ch == '\"') {
    1000                     assert( xstrncpy(position, "&quot;", sizeof(localbuf) + (position-localbuf)) );
     1002                    Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 6);
     1003                    xstrncpy(position, "&quot;", sizeof(localbuf) - (position-localbuf));
    10011004                    position += 6;
    10021005                } else {
     1006                    Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1);
    10031007                    *position = ch;
    10041008                    ++position;
    10051009                }
    10061010            }
    1007             position += strlen (position);
     1011            Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1);
    10081012            *position = '\"';
    10091013            ++position;
    10101014        }
    10111015
     1016        Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2);
    10121017        *position = '>';
    10131018        ++position;
     
    10951100
    10961101    case ESIElement::ESI_ELEMENT_NONE:
    1097         assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */
     1102        Must(ellen < sizeof(localbuf) - 3); /* prevent unexpected overruns. */
    10981103        /* Add elements we aren't interested in */
    10991104        localbuf[0] = '<';
    11001105        localbuf[1] = '/';
    1101         assert (xstrncpy (&localbuf[2], el, sizeof(localbuf) - 3));
     1106        xstrncpy(&localbuf[2], el, sizeof(localbuf) - 3);
    11021107        position = localbuf + strlen (localbuf);
    11031108        *position = '>';
     
    12551260    }
    12561261
    1257     if (rep && !parserState.inited())
     1262    if (rep != NULL && !parserState.inited())
    12581263        parserState.init(this);
    12591264
     
    13941399    debugs(86, 5, HERE << "Freeing for this=" << this);
    13951400
    1396     HTTPMSGUNLOCK(rep);
     1401    rep = NULL; // refcounted
    13971402
    13981403    finishChildren ();
  • squid-ssl/trunk/fuentes/src/icmp/Icmp6.cc

    r5499 r5502  
    257257
    258258        ip = (struct ip6_hdr *) pkt;
    259         pkt += sizeof(ip6_hdr);
     259        NP: echo size needs to +sizeof(ip6_hdr);
    260260
    261261    debugs(42, DBG_CRITICAL, HERE << "ip6_nxt=" << ip->ip6_nxt <<
     
    268268
    269269    icmp6header = (struct icmp6_hdr *) pkt;
    270     pkt += sizeof(icmp6_hdr);
    271270
    272271    if (icmp6header->icmp6_type != ICMP6_ECHO_REPLY) {
     
    293292    }
    294293
    295     echo = (icmpEchoData *) pkt;
     294    echo = (icmpEchoData *) (pkt + sizeof(icmp6_hdr));
    296295
    297296    preply.opcode = echo->opcode;
  • squid-ssl/trunk/fuentes/src/mime_header.cc

    r5499 r5502  
    3737    debugs(25, 5, "mime_get_header: looking for '" << name << "'");
    3838
    39     for (p = mime; *p; p += strcspn(p, "\n\r")) {
    40         if (strcmp(p, "\r\n\r\n") == 0 || strcmp(p, "\n\n") == 0)
     39    for (p = mime; *p; p += strcspn(p, "\n")) {
     40        if (strcmp(p, "\n\r\n") == 0 || strcmp(p, "\n\n") == 0)
    4141            return NULL;
    4242
    43         while (xisspace(*p))
     43        if (*p == '\n')
    4444            ++p;
    4545
  • squid-ssl/trunk/fuentes/src/tests/stub_cbdata.cc

    r5499 r5502  
    1414
    1515void cbdataRegisterWithCacheManager(void) STUB
    16 
     16void *cbdataInternalAlloc(cbdata_type type, const char *, int sz) {
     17    return xcalloc(1, sz);
     18}
     19void *cbdataInternalFree(void *p, const char *, int) {
     20    xfree(p);
     21    return NULL;
     22}
    1723#if USE_CBDATA_DEBUG
    1824void *cbdataInternalAllocDbg(cbdata_type type, const char *, int) STUB_RETVAL(NULL)
  • squid-ssl/trunk/fuentes/src/tests/stub_mem.cc

    r5499 r5502  
    1515#define STUB_API "stub_mem.cc"
    1616#include "Mem.h"
    17 #include "STUB.h"
     17#include "tests/STUB.h"
    1818
    1919void
  • squid-ssl/trunk/fuentes/tools/Makefile.am

    r5499 r5502  
    3535        cp $(top_srcdir)/src/tests/stub_debug.cc .
    3636
     37MemBuf.cc: $(top_srcdir)/src/MemBuf.cc
     38        cp $(top_srcdir)/src/MemBuf.cc $@
     39
    3740time.cc: $(top_srcdir)/src/time.cc
    3841        cp $(top_srcdir)/src/time.cc .
     42
     43stub_cbdata.cc: $(top_srcdir)/src/tests/stub_cbdata.cc
     44        cp $(top_srcdir)/src/tests/stub_cbdata.cc $@
     45
     46stub_mem.cc: $(top_srcdir)/src/tests/stub_mem.cc
     47        cp $(top_srcdir)/src/tests/stub_mem.cc $@
    3948
    4049# stock tools for unit tests - library independent versions of dlink_list
     
    4352# Neither of these should be disted from here.
    4453TESTSOURCES= test_tools.cc
    45 CLEANFILES += test_tools.cc stub_debug.cc time.cc
     54CLEANFILES += test_tools.cc MemBuf.cc stub_debug.cc time.cc stub_cbdata.cc stub_mem.cc
    4655
    4756## ##### helper-mux #####
     
    6170
    6271cachemgr__CGIEXT__SOURCES = cachemgr.cc \
     72        MemBuf.cc \
     73        stub_cbdata.cc \
    6374        stub_debug.cc \
     75        stub_mem.cc \
    6476        test_tools.cc \
    6577        time.cc
  • squid-ssl/trunk/fuentes/tools/cachemgr.cc

    r5499 r5502  
    1212#include "html_quote.h"
    1313#include "ip/Address.h"
     14#include "MemBuf.h"
    1415#include "rfc1123.h"
    1516#include "rfc1738.h"
     
    424425}
    425426
    426 static const char *
    427 munge_menu_line(const char *buf, cachemgr_request * req)
     427static void
     428munge_menu_line(MemBuf &out, const char *buf, cachemgr_request * req)
    428429{
    429430    char *x;
     
    433434    char *a_url;
    434435    char *buf_copy;
    435     static char html[2 * 1024];
    436 
    437     if (strlen(buf) < 1)
    438         return buf;
    439 
    440     if (*buf != ' ')
    441         return buf;
    442 
    443     buf_copy = x = xstrdup(buf);
     436
     437    const char bufLen = strlen(buf);
     438    if (bufLen < 1 || *buf != ' ') {
     439        out.append(buf, bufLen);
     440        return;
     441    }
     442
     443    buf_copy = x = xstrndup(buf, bufLen);
    444444
    445445    a = xstrtok(&x, '\t');
     
    453453    /* no reason to give a url for a disabled action */
    454454    if (!strcmp(p, "disabled"))
    455         snprintf(html, sizeof(html), "<LI type=\"circle\">%s (disabled)<A HREF=\"%s\">.</A>\n", d, a_url);
     455        out.Printf("<LI type=\"circle\">%s (disabled)<A HREF=\"%s\">.</A>\n", d, a_url);
    456456    else
    457457        /* disable a hidden action (requires a password, but password is not in squid.conf) */
    458458        if (!strcmp(p, "hidden"))
    459             snprintf(html, sizeof(html), "<LI type=\"circle\">%s (hidden)<A HREF=\"%s\">.</A>\n", d, a_url);
     459            out.Printf("<LI type=\"circle\">%s (hidden)<A HREF=\"%s\">.</A>\n", d, a_url);
    460460        else
    461461            /* disable link if authentication is required and we have no password */
    462462            if (!strcmp(p, "protected") && !req->passwd)
    463                 snprintf(html, sizeof(html), "<LI type=\"circle\">%s (requires <a href=\"%s\">authentication</a>)<A HREF=\"%s\">.</A>\n",
    464                          d, menu_url(req, "authenticate"), a_url);
     463                out.Printf("<LI type=\"circle\">%s (requires <a href=\"%s\">authentication</a>)<A HREF=\"%s\">.</A>\n",
     464                            d, menu_url(req, "authenticate"), a_url);
    465465            else
    466466                /* highlight protected but probably available entries */
    467467                if (!strcmp(p, "protected"))
    468                     snprintf(html, sizeof(html), "<LI type=\"square\"><A HREF=\"%s\"><font color=\"#FF0000\">%s</font></A>\n",
    469                              a_url, d);
     468                    out.Printf("<LI type=\"square\"><A HREF=\"%s\"><font color=\"#FF0000\">%s</font></A>\n",
     469                                a_url, d);
    470470
    471471    /* public entry or unknown type of protection */
    472472                else
    473                     snprintf(html, sizeof(html), "<LI type=\"disk\"><A HREF=\"%s\">%s</A>\n", a_url, d);
     473                    out.Printf("<LI type=\"disk\"><A HREF=\"%s\">%s</A>\n", a_url, d);
    474474
    475475    xfree(a_url);
    476476
    477477    xfree(buf_copy);
    478 
    479     return html;
    480 }
    481 
    482 static const char *
    483 munge_other_line(const char *buf, cachemgr_request * req)
     478}
     479
     480static void
     481munge_other_line(MemBuf &out, const char *buf, cachemgr_request *)
    484482{
    485483    static const char *ttags[] = {"td", "th"};
    486484
    487     static char html[4096];
    488485    static int table_line_num = 0;
    489486    static int next_is_header = 0;
     
    492489    char *buf_copy;
    493490    char *x, *p;
    494     int l = 0;
    495491    /* does it look like a table? */
    496492
    497493    if (!strchr(buf, '\t') || *buf == '\t') {
    498494        /* nope, just text */
    499         snprintf(html, sizeof(html), "%s%s",
    500                  table_line_num ? "</table>\n<pre>" : "", html_quote(buf));
     495        if (table_line_num)
     496            out.append("</table>\n<pre>", 14);
     497        out.Printf("%s", html_quote(buf));
    501498        table_line_num = 0;
    502         return html;
     499        return;
    503500    }
    504501
    505502    /* start html table */
    506503    if (!table_line_num) {
    507         l += snprintf(html + l, sizeof(html) - l, "</pre><table cellpadding=\"2\" cellspacing=\"1\">\n");
     504        out.append("</pre><table cellpadding=\"2\" cellspacing=\"1\">\n", 46);
    508505        next_is_header = 0;
    509506    }
     
    515512
    516513    /* record starts */
    517     l += snprintf(html + l, sizeof(html) - l, "<tr>");
     514    out.append("<tr>", 4);
    518515
    519516    /* substitute '\t' */
     
    532529        }
    533530
    534         l += snprintf(html + l, sizeof(html) - l, "<%s colspan=\"%d\" align=\"%s\">%s</%s>",
    535                       ttag, column_span,
    536                       is_header ? "center" : is_number(cell) ? "right" : "left",
    537                       html_quote(cell), ttag);
     531        out.Printf("<%s colspan=\"%d\" align=\"%s\">%s</%s>",
     532                    ttag, column_span,
     533                    is_header ? "center" : is_number(cell) ? "right" : "left",
     534                    html_quote(cell), ttag);
    538535    }
    539536
    540537    xfree(buf_copy);
    541538    /* record ends */
    542     snprintf(html + l, sizeof(html) - l, "</tr>\n");
     539    out.append("</tr>\n", 6);
    543540    next_is_header = is_header && strstr(buf, "\t\t");
    544541    ++table_line_num;
    545     return html;
    546542}
    547543
     
    700696
    701697        case isBody:
     698        {
    702699            /* interpret [and reformat] cache response */
    703 
     700            MemBuf out;
     701            out.init();
    704702            if (parse_menu)
    705                 fputs(munge_menu_line(buf, req), stdout);
     703                munge_menu_line(out, buf, req);
    706704            else
    707                 fputs(munge_other_line(buf, req), stdout);
    708 
    709             break;
     705                munge_other_line(out, buf, req);
     706
     707            fputs(out.buf, stdout);
     708        }
     709        break;
    710710
    711711        case isForward:
Note: See TracChangeset for help on using the changeset viewer.