X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=jcc.c;h=edb15588634c1a2db0c40864ff4dc7e70eae24b1;hp=1979e2c93c6326579ecee1d43a0d89f6753998ce;hb=d7a36242a9dc017c20019563454de0781b3775dc;hpb=f0d3fb1a7acf4961f126879da8cdd9f2e64a0946 diff --git a/jcc.c b/jcc.c index 1979e2c9..edb15588 100644 --- a/jcc.c +++ b/jcc.c @@ -1,4 +1,4 @@ -const char jcc_rcs[] = "$Id: jcc.c,v 1.66 2002/03/03 15:06:55 oes Exp $"; +const char jcc_rcs[] = "$Id: jcc.c,v 1.78 2002/03/08 21:35:04 oes Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/jcc.c,v $ @@ -33,6 +33,58 @@ const char jcc_rcs[] = "$Id: jcc.c,v 1.66 2002/03/03 15:06:55 oes Exp $"; * * Revisions : * $Log: jcc.c,v $ + * Revision 1.78 2002/03/08 21:35:04 oes + * Added optional group supplement to --user option. Will now use default group of user if no group given + * + * Revision 1.77 2002/03/07 03:52:06 oes + * - Fixed compiler warnings etc + * - Improved handling of failed DNS lookups + * + * Revision 1.76 2002/03/06 22:54:35 jongfoster + * Automated function-comment nitpicking. + * + * Revision 1.75 2002/03/06 10:02:19 oes + * Fixed stupid bug when --user was not given + * + * Revision 1.74 2002/03/06 00:49:31 jongfoster + * Fixing warning on Windows + * Making #ifdefs that refer to the same variable consistently + * use #ifdef unix rather than mixing #ifdef unix & #ifndef OS2 + * + * Revision 1.73 2002/03/05 23:57:30 hal9 + * Stray character 's' on line 1618 was breaking build. + * + * Revision 1.72 2002/03/05 21:33:45 david__schmidt + * - Re-enable OS/2 building after new parms were added + * - Fix false out of memory report when resolving CGI templates when no IP + * address is available of failed attempt (a la no such domain) + * + * Revision 1.71 2002/03/05 18:13:56 oes + * Added --user option + * + * Revision 1.70 2002/03/05 04:52:42 oes + * Deleted non-errlog debugging code + * + * Revision 1.69 2002/03/04 23:50:00 jongfoster + * Splitting off bind_port() call into bind_port_helper(), with + * improved logging. + * + * Revision 1.68 2002/03/04 20:17:32 oes + * Fixed usage info + * + * Revision 1.67 2002/03/04 18:18:57 oes + * - Removed _DEBUG mode + * - Cleand up cmdline parsing + * - Introduced --no-daemon, --pidfile options + * - Cleaned up signal handling: + * - Terminate cleanly on INT, TERM and ABRT + * - Schedule logfile for re-opening on HUP + * - Ignore CHLD and PIPE + * - Leave the rest with their default handlers + * - Uniform handler registration + * - Added usage() function + * - Played styleguide police + * * Revision 1.66 2002/03/03 15:06:55 oes * Re-enabled automatic config reloading * @@ -443,6 +495,11 @@ const char jcc_rcs[] = "$Id: jcc.c,v 1.66 2002/03/03 15:06:55 oes Exp $"; #include #endif /* sun */ +#ifdef unix +#include +#include +#endif + # include # ifdef __BEOS__ @@ -542,7 +599,7 @@ static const char VANILLA_WAFER[] = * to be reopened by the main thread on HUP. * * Parameters : - * 1 : the_signal - the signal cause this function to call + * 1 : the_signal = the signal cause this function to call * * Returns : - * @@ -621,13 +678,18 @@ static void chat(struct client_state *csp) #define IS_ENABLED_AND IS_TOGGLED_ON_AND IS_NOT_FORCED_AND char buf[BUFFER_SIZE]; - char *hdr, *p, *req; + char *hdr; + char *p; + char *req; fd_set rfds; - int n, maxfd, server_body; + int n; + jb_socket maxfd; + int server_body; int ms_iis5_hack = 0; int byte_count = 0; const struct forward_spec * fwd; struct http_request *http; + int len; /* for buffer sizes */ #ifdef FEATURE_KILL_POPUPS int block_popups; /* bool, 1==will block popups */ int block_popups_now = 0; /* bool, 1==currently blocking popups */ @@ -651,11 +713,11 @@ static void chat(struct client_state *csp) while (FOREVER) { - n = read_socket(csp->cfd, buf, sizeof(buf)); + len = read_socket(csp->cfd, buf, sizeof(buf)); - if (n <= 0) break; /* error! */ + if (len <= 0) break; /* error! */ - add_to_iob(csp, buf, n); + add_to_iob(csp, buf, len); req = get_header(csp); @@ -868,13 +930,13 @@ static void chat(struct client_state *csp) { if ( ( p = get_header(csp) ) && ( *p == '\0' ) ) { - n = read_socket(csp->cfd, buf, sizeof(buf)); - if (n <= 0) + len = read_socket(csp->cfd, buf, sizeof(buf)); + if (len <= 0) { log_error(LOG_LEVEL_ERROR, "read from client failed: %E"); return; } - add_to_iob(csp, buf, n); + add_to_iob(csp, buf, len); continue; } @@ -912,8 +974,8 @@ static void chat(struct client_state *csp) ) { /* Write the answer to the client */ - if ((write_socket(csp->cfd, rsp->head, rsp->head_length) != rsp->head_length) - || (write_socket(csp->cfd, rsp->body, rsp->content_length) != rsp->content_length)) + if (write_socket(csp->cfd, rsp->head, rsp->head_length) + || write_socket(csp->cfd, rsp->body, rsp->content_length)) { log_error(LOG_LEVEL_ERROR, "write to: %s failed: %E", http->host); } @@ -948,7 +1010,7 @@ static void chat(struct client_state *csp) csp->sfd = forwarded_connect(fwd, http, csp); - if (csp->sfd < 0) + if (csp->sfd == JB_INVALID_SOCKET) { log_error(LOG_LEVEL_CONNECT, "connect to: %s failed: %E", http->hostport); @@ -972,8 +1034,8 @@ static void chat(struct client_state *csp) /* Write the answer to the client */ if(rsp) { - if ((write_socket(csp->cfd, rsp->head, rsp->head_length) != rsp->head_length) - || (write_socket(csp->cfd, rsp->body, rsp->content_length) != rsp->content_length)) + if (write_socket(csp->cfd, rsp->head, rsp->head_length) + || write_socket(csp->cfd, rsp->body, rsp->content_length)) { log_error(LOG_LEVEL_ERROR, "write to: %s failed: %E", http->host); } @@ -1000,10 +1062,8 @@ static void chat(struct client_state *csp) * (along with anything else that may be in the buffer) */ - n = strlen(hdr); - - if ((write_socket(csp->sfd, hdr, n) != n) - || (flush_socket(csp->sfd, csp ) < 0)) + if (write_socket(csp->sfd, hdr, strlen(hdr)) + || (flush_socket(csp->sfd, csp) < 0)) { log_error(LOG_LEVEL_CONNECT, "write header to: %s failed: %E", http->hostport); @@ -1015,8 +1075,8 @@ static void chat(struct client_state *csp) if(rsp) { - if ((write_socket(csp->cfd, rsp->head, rsp->head_length) != rsp->head_length) - || (write_socket(csp->cfd, rsp->body, rsp->content_length) != rsp->content_length)) + if (write_socket(csp->cfd, rsp->head, rsp->head_length) + || write_socket(csp->cfd, rsp->body, rsp->content_length)) { log_error(LOG_LEVEL_ERROR, "write to: %s failed: %E", http->host); } @@ -1037,7 +1097,7 @@ static void chat(struct client_state *csp) log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 200 2\n", csp->ip_addr_str, http->ocmd); - if (write_socket(csp->cfd, CSUCCEED, sizeof(CSUCCEED)-1) < 0) + if (write_socket(csp->cfd, CSUCCEED, sizeof(CSUCCEED)-1)) { freez(hdr); return; @@ -1077,14 +1137,14 @@ static void chat(struct client_state *csp) if (FD_ISSET(csp->cfd, &rfds)) { - n = read_socket(csp->cfd, buf, sizeof(buf)); + len = read_socket(csp->cfd, buf, sizeof(buf)); - if (n <= 0) + if (len <= 0) { break; /* "game over, man" */ } - if (write_socket(csp->sfd, buf, n) != n) + if (write_socket(csp->sfd, buf, len)) { log_error(LOG_LEVEL_ERROR, "write to: %s failed: %E", http->host); return; @@ -1102,9 +1162,9 @@ static void chat(struct client_state *csp) if (FD_ISSET(csp->sfd, &rfds)) { fflush( 0 ); - n = read_socket(csp->sfd, buf, sizeof(buf) - 1); + len = read_socket(csp->sfd, buf, sizeof(buf) - 1); - if (n < 0) + if (len < 0) { log_error(LOG_LEVEL_ERROR, "read from: %s failed: %E", http->host); @@ -1115,8 +1175,8 @@ static void chat(struct client_state *csp) if(rsp) { - if ((write_socket(csp->cfd, rsp->head, rsp->head_length) != rsp->head_length) - || (write_socket(csp->cfd, rsp->body, rsp->content_length) != rsp->content_length)) + if (write_socket(csp->cfd, rsp->head, rsp->head_length) + || write_socket(csp->cfd, rsp->body, rsp->content_length)) { log_error(LOG_LEVEL_ERROR, "write to: %s failed: %E", http->host); } @@ -1129,7 +1189,7 @@ static void chat(struct client_state *csp) /* Add a trailing zero. This lets filter_popups * use string operations. */ - buf[n] = '\0'; + buf[len] = '\0'; #ifdef FEATURE_KILL_POPUPS /* Filter the popups on this read. */ @@ -1157,7 +1217,7 @@ static void chat(struct client_state *csp) * doesn't generate a valid header, then we won't * transmit anything to the client. */ - if (n == 0) + if (len == 0) { if (server_body || http->ssl) @@ -1186,10 +1246,8 @@ static void chat(struct client_state *csp) log_error(LOG_LEVEL_FATAL, "Out of memory parsing server header"); } - n = strlen(hdr); - - if ((write_socket(csp->cfd, hdr, n) != n) - || (write_socket(csp->cfd, p != NULL ? p : csp->iob->cur, csp->content_length) != (int)csp->content_length)) + if (write_socket(csp->cfd, hdr, strlen(hdr)) + || write_socket(csp->cfd, p != NULL ? p : csp->iob->cur, csp->content_length)) { log_error(LOG_LEVEL_ERROR, "write modified content to client failed: %E"); return; @@ -1208,7 +1266,7 @@ static void chat(struct client_state *csp) * This is NOT the body, so * Let's pretend the server just sent us a blank line. */ - n = sprintf(buf, "\r\n"); + len = sprintf(buf, "\r\n"); /* * Now, let the normal header parsing algorithm below do its @@ -1228,7 +1286,7 @@ static void chat(struct client_state *csp) { if (content_filter) { - add_to_iob(csp, buf, n); + add_to_iob(csp, buf, len); /* * If the buffer limit will be reached on the next read, @@ -1246,11 +1304,11 @@ static void chat(struct client_state *csp) log_error(LOG_LEVEL_FATAL, "Out of memory parsing server header"); } - n = strlen(hdr); - byte_count += n; + len = strlen(hdr); + byte_count += len; - if (((write_socket(csp->cfd, hdr, n) != n) - || (n = flush_socket(csp->cfd, csp) < 0))) + if (write_socket(csp->cfd, hdr, len) + || (len = flush_socket(csp->cfd, csp) < 0)) { log_error(LOG_LEVEL_CONNECT, "write header to client failed: %E"); @@ -1259,7 +1317,7 @@ static void chat(struct client_state *csp) } freez(hdr); - byte_count += n; + byte_count += len; content_filter = NULL; server_body = 1; @@ -1268,13 +1326,13 @@ static void chat(struct client_state *csp) } else { - if (write_socket(csp->cfd, buf, n) != n) + if (write_socket(csp->cfd, buf, len)) { log_error(LOG_LEVEL_ERROR, "write to client failed: %E"); return; } } - byte_count += n; + byte_count += len; continue; } else @@ -1285,7 +1343,7 @@ static void chat(struct client_state *csp) */ /* buffer up the data we just read */ - add_to_iob(csp, buf, n); + add_to_iob(csp, buf, len); /* get header lines from the iob */ @@ -1340,13 +1398,6 @@ static void chat(struct client_state *csp) log_error(LOG_LEVEL_FATAL, "Out of memory parsing server header"); } - n = strlen(hdr); - - /* write the server's (modified) header to - * the client (along with anything else that - * may be in the buffer) - */ - #ifdef FEATURE_KILL_POPUPS /* Start blocking popups if appropriate. */ @@ -1382,24 +1433,33 @@ static void chat(struct client_state *csp) content_filter = gif_deanimate_response; } - /* * Only write if we're not buffering for content modification */ - if (!content_filter && ((write_socket(csp->cfd, hdr, n) != n) - || (n = flush_socket(csp->cfd, csp) < 0))) + if (!content_filter) { - log_error(LOG_LEVEL_CONNECT, "write header to client failed: %E"); - - /* the write failed, so don't bother - * mentioning it to the client... - * it probably can't hear us anyway. + /* write the server's (modified) header to + * the client (along with anything else that + * may be in the buffer) */ - freez(hdr); - return; - } - if(!content_filter) byte_count += n; + len = strlen(hdr); + + if (write_socket(csp->cfd, hdr, len) + || (len = flush_socket(csp->cfd, csp) < 0)) + { + log_error(LOG_LEVEL_CONNECT, "write header to client failed: %E"); + + /* the write failed, so don't bother + * mentioning it to the client... + * it probably can't hear us anyway. + */ + freez(hdr); + return; + } + + byte_count += len; + } /* we're finished with the server's header */ @@ -1449,7 +1509,7 @@ static void serve(struct client_state *csp) chat(csp); close_socket(csp->cfd); - if (csp->sfd >= 0) + if (csp->sfd != JB_INVALID_SOCKET) { close_socket(csp->sfd); } @@ -1495,7 +1555,7 @@ static int32 server_thread(void *data) void usage(const char *myname) { printf("JunkBuster proxy version " VERSION " (" HOME_PAGE_URL ")\n" - "Usage: %s [--no-daemon] [--pidfile pidfile] [--help] [configfile]\n" + "Usage: %s [--help] [--version] [--no-daemon] [--pidfile pidfile] [--user user[.group]] [configfile]\n" "Aborting.\n", myname); exit(2); @@ -1533,6 +1593,11 @@ int main(int argc, const char *argv[]) #endif { int argc_pos = 0; +#ifdef unix + struct passwd *pw = NULL; + struct group *grp = NULL; + char *p; +#endif Argc = argc; Argv = argv; @@ -1567,16 +1632,36 @@ int main(int argc, const char *argv[]) { no_daemon = 1; } - +#if defined(unix) else if (strcmp(argv[argc_pos], "--pidfile" ) == 0) { if (++argc_pos == argc) usage(argv[0]); pidfile = strdup(argv[argc_pos]); } -#endif /* !defined(_WIN32) || defined(_WIN_CONSOLE) */ + else if (strcmp(argv[argc_pos], "--user" ) == 0) + { + if (++argc_pos == argc) usage(argv[argc_pos]); + + if ((NULL != (p = strchr(argv[argc_pos], '.'))) && *(p + 1) != '0') + { + *p++ = '\0'; + if (NULL == (grp = getgrnam(p))) + { + log_error(LOG_LEVEL_FATAL, "Group %s not found.", p); + } + } + + if (NULL == (pw = getpwnam(argv[argc_pos]))) + { + log_error(LOG_LEVEL_FATAL, "User %s not found.", argv[argc_pos]); + } + if (p != NULL) *--p = '\0'; + } +#endif /* defined(unix) */ else +#endif /* defined(_WIN32) && !defined(_WIN_CONSOLE) */ { configfile = argv[argc_pos]; } @@ -1588,15 +1673,13 @@ int main(int argc, const char *argv[]) { char *abs_file; - DBG(1, ("configfile before '%s'\n",configfile) ); - /* make config-filename absolute here */ if ( !(basedir = getcwd( NULL, 1024 ))) { perror("get working dir failed"); exit( 1 ); } - DBG(1, ("working dir '%s'\n",basedir) ); + if ( !(abs_file = malloc( strlen( basedir ) + strlen( configfile ) + 5 ))) { perror("malloc failed"); @@ -1606,7 +1689,6 @@ int main(int argc, const char *argv[]) strcat( abs_file, "/" ); strcat( abs_file, configfile ); configfile = abs_file; - DBG(1, ("configfile after '%s'\n",configfile) ); } #endif /* defined unix */ @@ -1729,13 +1811,28 @@ int main(int argc, const char *argv[]) close( 1 ); chdir("/"); - write_pid_file(); - } /* -END- if (!no_daemon) */ + + /* + * As soon as we have written the PID file, we can switch + * to the user and group ID indicated by the --user option + */ + write_pid_file(); + + if (NULL != pw) + { + if (((NULL != grp) && setgid(grp->gr_gid)) || (setgid(pw->pw_gid))) + { + log_error(LOG_LEVEL_FATAL, "Cannot setgid(): Insufficient permissions."); + } + if (setuid(pw->pw_uid)) + { + log_error(LOG_LEVEL_FATAL, "Cannot setuid(): Insufficient permissions."); + } + } } #endif /* defined unix */ - DBG(1, ("call listen_loop() \n") ); listen_loop(); /* NOTREACHED */ @@ -1744,6 +1841,78 @@ int main(int argc, const char *argv[]) } +/********************************************************************* + * + * Function : bind_port_helper + * + * Description : Bind the listen port. Handles logging, and aborts + * on failure. + * + * Parameters : + * 1 : config = Junkbuster configuration. Specifies port + * to bind to. + * + * Returns : Port that was opened. + * + *********************************************************************/ +static jb_socket bind_port_helper(struct configuration_spec * config) +{ + int result; + jb_socket bfd; + + if ( (config->haddr != NULL) + && (config->haddr[0] == '1') + && (config->haddr[1] == '2') + && (config->haddr[2] == '7') + && (config->haddr[3] == '.') ) + { + log_error(LOG_LEVEL_INFO, "Listening on port %d for local connections only", + config->hport); + } + else if (config->haddr == NULL) + { + log_error(LOG_LEVEL_INFO, "Listening on port %d on all IP addresses", + config->hport); + } + else + { + log_error(LOG_LEVEL_INFO, "Listening on port %d on IP address %s", + config->hport, config->haddr); + } + + result = bind_port(config->haddr, config->hport, &bfd); + + if (result < 0) + { + switch(result) + { + case -3 : + log_error(LOG_LEVEL_FATAL, "can't bind to %s:%d: " + "There may be another junkbuster or some other " + "proxy running on port %d", + (NULL != config->haddr) ? config->haddr : "INADDR_ANY", + config->hport, config->hport); + + case -2 : + log_error(LOG_LEVEL_FATAL, "can't bind to %s:%d: " + "The hostname is not resolvable", + (NULL != config->haddr) ? config->haddr : "INADDR_ANY", config->hport); + + default : + log_error(LOG_LEVEL_FATAL, "can't bind to %s:%d: because %E", + (NULL != config->haddr) ? config->haddr : "INADDR_ANY", config->hport); + } + + /* shouldn't get here */ + return JB_INVALID_SOCKET; + } + + config->need_bind = 0; + + return bfd; +} + + /********************************************************************* * * Function : listen_loop @@ -1758,29 +1927,12 @@ int main(int argc, const char *argv[]) static void listen_loop(void) { struct client_state *csp = NULL; - int bfd; + jb_socket bfd; struct configuration_spec * config; config = load_config(); - log_error(LOG_LEVEL_CONNECT, "bind (%s, %d)", - config->haddr ? config->haddr : "INADDR_ANY", config->hport); - - bfd = bind_port(config->haddr, config->hport); - - if (bfd < 0) - { - log_error(LOG_LEVEL_FATAL, "can't bind %s:%d: %E " - "- There may be another junkbuster or some other " - "proxy running on port %d", - (NULL != config->haddr) ? config->haddr : "INADDR_ANY", - config->hport, config->hport - ); - /* shouldn't get here */ - return; - } - - config->need_bind = 0; + bfd = bind_port_helper(config); while (FOREVER) { @@ -1796,6 +1948,7 @@ static void listen_loop(void) */ sweep(); +#if defined(unix) /* * Re-open the errlog after HUP signal */ @@ -1804,6 +1957,7 @@ static void listen_loop(void) init_error_log(Argv[0], config->logfile, config->debug); received_hup_signal = 0; } +#endif if ( NULL == (csp = (struct client_state *) zalloc(sizeof(*csp))) ) { @@ -1812,7 +1966,7 @@ static void listen_loop(void) } csp->flags |= CSP_FLAG_ACTIVE; - csp->sfd = -1; + csp->sfd = JB_INVALID_SOCKET; csp->config = config = load_config(); @@ -1833,23 +1987,7 @@ static void listen_loop(void) close_socket(bfd); - log_error(LOG_LEVEL_CONNECT, "bind (%s, %d)", - config->haddr ? config->haddr : "INADDR_ANY", config->hport); - bfd = bind_port(config->haddr, config->hport); - - if (bfd < 0) - { - log_error(LOG_LEVEL_FATAL, "can't bind %s:%d: %E " - "- There may be another junkbuster or some other " - "proxy running on port %d", - (NULL != config->haddr) ? config->haddr : "INADDR_ANY", - config->hport, config->hport - ); - /* shouldn't get here */ - return; - } - - config->need_bind = 0; + bfd = bind_port_helper(config); } log_error(LOG_LEVEL_CONNECT, "accept connection ... ");