From: Fabian Keil <fk@fabiankeil.de>
Date: Sun, 26 Aug 2007 16:47:14 +0000 (+0000)
Subject: Add Stephen Gildea's --pre-chroot-nslookup patch [#1276666],
X-Git-Tag: v_3_0_7~164
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/faq/@default-cgi@/static/@default-cgi@show-url-info?a=commitdiff_plain;h=a0d27be015948b09b3903108377a4b1b6d0924c8;p=privoxy.git

Add Stephen Gildea's --pre-chroot-nslookup patch [#1276666],
extensive comments moved to user manual.
---

diff --git a/AUTHORS b/AUTHORS
index 9e6f01f3..caa55ee0 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -51,6 +51,7 @@ alphabetical order):
  Florian Effenberger
  Markus Elfring
  Dean Gaudet
+ Stephen Gildea
  Daniel Griscom
  Felix Gröbert
  Aaron Hamid
diff --git a/ChangeLog b/ChangeLog
index 2e1176ea..561f06ae 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -117,9 +117,13 @@ ChangeLog for Privoxy
 - Fix socks requests on big-endian platforms. Patch provided by Song Weijia.
 - Rejected CONNECT requests are logged with log level info
   (enabled by default) and the reason for the block.
+- New command line option "--pre-chroot-nslookup hostname" to
+  intialize the resolver library before chroot'ing. On some systems this
+  reduces the number of files that must be copied into the chroot tree.
+  (Patch provided by Stephen Gildea)
 - Minor code clean-ups, filter and action file updates.
-  (Some of them reported by Davide Alberani, Markus Elfring
-  and Adam Piggott)
+  (Some of them reported by Davide Alberani, Markus Elfring,
+   Stefan Huehner and Adam Piggott)
 
 *** Version 3.0.6 ***
 
diff --git a/doc/source/user-manual.sgml b/doc/source/user-manual.sgml
index b503ef44..e1c0ff1f 100644
--- a/doc/source/user-manual.sgml
+++ b/doc/source/user-manual.sgml
@@ -33,7 +33,7 @@
                 This file belongs into
                 ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
 
- $Id: user-manual.sgml,v 2.34 2007/08/05 15:19:50 fabiankeil Exp $
+ $Id: user-manual.sgml,v 2.35 2007/08/26 14:59:49 fabiankeil Exp $
 
  Copyright (C) 2001-2007 Privoxy Developers http://www.privoxy.org/
  See LICENSE.
@@ -59,7 +59,7 @@
  </subscript>
 </pubdate>
 
-<pubdate>$Id: user-manual.sgml,v 2.34 2007/08/05 15:19:50 fabiankeil Exp $</pubdate>
+<pubdate>$Id: user-manual.sgml,v 2.35 2007/08/26 14:59:49 fabiankeil Exp $</pubdate>
 
 <!--
 
@@ -1513,7 +1513,6 @@ must find a better place for this paragraph
  <listitem>
   <para>
    <emphasis>--pidfile FILE</emphasis>
-  
   </para>
   <para>
    On startup, write the process ID to <emphasis>FILE</emphasis>. Delete the
@@ -1525,7 +1524,6 @@ must find a better place for this paragraph
  <listitem>
   <para>
    <emphasis>--user USER[.GROUP]</emphasis>
-  
   </para>
   <para>
    After (optionally) writing the PID file, assume the user  ID  of
@@ -1533,10 +1531,9 @@ must find a better place for this paragraph
    privileges are not sufficient to do so. Unix only.
   </para>
  </listitem>
-  <listitem>
+ <listitem>
   <para>
    <emphasis>--chroot</emphasis>
-  
   </para>
   <para>
    Before changing to the user ID given in the <emphasis>--user</emphasis> option, 
@@ -1546,6 +1543,24 @@ must find a better place for this paragraph
    Unix only.
   </para>
  </listitem>
+ <listitem>
+  <para>
+   <emphasis>--pre-chroot-nslookup hostname</emphasis>
+  </para>
+  <para>
+   Specifies a hostname to look up before doing a chroot. On some systems, initializing the
+   resolver library involves reading config files from /etc and/or loading additional shared
+   libraries from /lib. On these systems, doing a hostname lookup before the chroot reduces
+   the number of files that must be copied into the chroot tree.
+  </para>
+  <para>
+   For fastest startup speed, a good value is a hostname that is not in /etc/hosts but that
+   your local name server (listed in /etc/resolv.conf) can resolve without recursion
+   (that is, without having to ask any other name servers). The hostname doesn't need not exist,
+   but if it doesn't, an error message (which can be ignored) will be output.
+  </para>
+ </listitem>
+
  <listitem>
   <para>
     <emphasis>configfile</emphasis>
@@ -8942,6 +8957,9 @@ In file: user.action <guibutton>[ View ]</guibutton> <guibutton>[ Edit ]</guibut
  USA
 
  $Log: user-manual.sgml,v $
+ Revision 2.35  2007/08/26 14:59:49  fabiankeil
+ Minor rewordings and fixes.
+
  Revision 2.34  2007/08/05 15:19:50  fabiankeil
  - Don't claim HTTP/1.1 compliance.
  - Use $ in some of the path pattern examples.
diff --git a/jcc.c b/jcc.c
index 0708b7aa..a4e430ef 100644
--- a/jcc.c
+++ b/jcc.c
@@ -1,4 +1,4 @@
-const char jcc_rcs[] = "$Id: jcc.c,v 1.146 2007/08/20 17:09:32 fabiankeil Exp $";
+const char jcc_rcs[] = "$Id: jcc.c,v 1.147 2007/08/25 14:42:40 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/jcc.c,v $
@@ -33,6 +33,9 @@ const char jcc_rcs[] = "$Id: jcc.c,v 1.146 2007/08/20 17:09:32 fabiankeil Exp $"
  *
  * Revisions   :
  *    $Log: jcc.c,v $
+ *    Revision 1.147  2007/08/25 14:42:40  fabiankeil
+ *    Don't crash if a broken header filter wiped out the request line.
+ *
  *    Revision 1.146  2007/08/20 17:09:32  fabiankeil
  *    Fix byte_count calculation in case of flushes
  *    and don't parse the server headers a second time.
@@ -2892,7 +2895,7 @@ static void usage(const char *myname)
 #endif /* defined(unix) */
           "[--help] "
 #if defined(unix)
-          "[--no-daemon] [--pidfile pidfile] [--user user[.group]] "
+          "[--no-daemon] [--pidfile pidfile] [--pre-chroot-nslookup hostname] [--user user[.group]] "
 #endif /* defined(unix) */
           "[--version] [configfile]\n"
           "Aborting\n", myname);
@@ -3005,6 +3008,7 @@ int main(int argc, const char *argv[])
    struct group *grp = NULL;
    char *p;
    int do_chroot = 0;
+   char *pre_chroot_nslookup_to_load_resolver = NULL;
 #endif
 
    Argc = argc;
@@ -3099,6 +3103,12 @@ int main(int argc, const char *argv[])
          if (p != NULL) *--p = '\0';
       }
 
+      else if (strcmp(argv[argc_pos], "--pre-chroot-nslookup" ) == 0)
+      {
+         if (++argc_pos == argc) usage(argv[0]);
+         pre_chroot_nslookup_to_load_resolver = strdup(argv[argc_pos]);
+      }
+
       else if (strcmp(argv[argc_pos], "--chroot" ) == 0)
       {
          do_chroot = 1;
@@ -3307,6 +3317,14 @@ int main(int argc, const char *argv[])
          {
             log_error(LOG_LEVEL_FATAL, "Home directory for %s undefined", pw->pw_name);
          }
+         /* Read the time zone file from /etc before doing chroot. */
+         tzset();
+         if (NULL != pre_chroot_nslookup_to_load_resolver
+             && '\0' != pre_chroot_nslookup_to_load_resolver[0])
+         {
+            /* Initialize resolver library. */
+            (void) resolve_hostname_to_ip(pre_chroot_nslookup_to_load_resolver);
+         }
          if (chroot(pw->pw_dir) < 0)
          {
             log_error(LOG_LEVEL_FATAL, "Cannot chroot to %s", pw->pw_dir);