X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=project.h;h=8b6c429029934b4b1f7f8e92fdb8e0706cb9b5e4;hp=8bf30209ef7cd4800c888bb0a7558865dd9451f7;hb=8a5751cc96dd085fcbcc34bef77499306bddc0c0;hpb=cf9f517a263476946c02425c48dcf9118314454a

diff --git a/project.h b/project.h
index 8bf30209..8b6c4290 100644
--- a/project.h
+++ b/project.h
@@ -1,7 +1,7 @@
 #ifndef PROJECT_H_INCLUDED
 #define PROJECT_H_INCLUDED
 /** Version string. */
-#define PROJECT_H_VERSION "$Id: project.h,v 1.117 2008/08/30 12:03:07 fabiankeil Exp $"
+#define PROJECT_H_VERSION "$Id: project.h,v 1.136 2009/05/13 18:20:54 fabiankeil Exp $"
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/project.h,v $
@@ -10,7 +10,7 @@
  *                project.  Does not define any variables or functions
  *                (though it does declare some macros).
  *
- * Copyright   :  Written by and Copyright (C) 2001-2008 the SourceForge
+ * Copyright   :  Written by and Copyright (C) 2001-2009 the
  *                Privoxy team. http://www.privoxy.org/
  *
  *                Based on the Internet Junkbuster originally written
@@ -37,6 +37,80 @@
  *
  * Revisions   :
  *    $Log: project.h,v $
+ *    Revision 1.136  2009/05/13 18:20:54  fabiankeil
+ *    There's no reason for keep_alive_timeout to be signed.
+ *
+ *    Revision 1.135  2009/05/10 10:19:23  fabiankeil
+ *    Reenable server-side-only keep-alive support, but only share
+ *    outgoing connections if the connection-sharing option is set.
+ *
+ *    Revision 1.134  2009/05/10 10:12:30  fabiankeil
+ *    Initial keep-alive support for the client socket.
+ *    Temporarily disable the server-side-only keep-alive code.
+ *
+ *    Revision 1.133  2009/04/24 15:29:43  fabiankeil
+ *    Allow to limit the number of of client connections.
+ *
+ *    Revision 1.132  2009/04/17 11:45:19  fabiankeil
+ *    Replace HAVE_GETADDRINFO and HAVE_GETNAMEINFO macros
+ *    with HAVE_RFC2553 macro. Original patch by Petr Pisar.
+ *
+ *    Revision 1.131  2009/04/17 11:34:35  fabiankeil
+ *    Style cosmetics for the IPv6 code.
+ *
+ *    Revision 1.130  2009/04/17 11:27:49  fabiankeil
+ *    Petr Pisar's privoxy-3.0.12-ipv6-3.diff.
+ *
+ *    Revision 1.129  2009/03/08 14:12:51  fabiankeil
+ *    All the CSP_FLAG_FOO bit masks should be unsigned ints.
+ *
+ *    Revision 1.128  2009/03/07 13:09:17  fabiankeil
+ *    Change csp->expected_content and_csp->expected_content_length from
+ *    size_t to unsigned long long to reduce the likelihood of integer
+ *    overflows that would let us close the connection prematurely.
+ *    Bug found while investigating #2669131, reported by cyberpatrol.
+ *
+ *    Revision 1.127  2008/12/20 14:53:55  fabiankeil
+ *    Add config option socket-timeout to control the time
+ *    Privoxy waits for data to arrive on a socket. Useful
+ *    in case of stale ssh tunnels or when fuzz-testing.
+ *
+ *    Revision 1.126  2008/12/14 17:02:54  fabiankeil
+ *    Fix a cparser warning.
+ *
+ *    Revision 1.125  2008/11/20 08:22:28  fabiankeil
+ *    Remove an obsolete comment.
+ *
+ *    Revision 1.124  2008/11/16 12:43:49  fabiankeil
+ *    Turn keep-alive support into a runtime feature
+ *    that is disabled by setting keep-alive-timeout
+ *    to a negative value.
+ *
+ *    Revision 1.123  2008/11/10 16:55:59  fabiankeil
+ *    Fix a gcc44 warning (in filters.c).
+ *
+ *    Revision 1.122  2008/10/16 07:11:34  fabiankeil
+ *    Fix a bunch of gcc44 conversion warnings.
+ *
+ *    Revision 1.121  2008/10/09 18:21:41  fabiankeil
+ *    Flush work-in-progress changes to keep outgoing connections
+ *    alive where possible. Incomplete and mostly #ifdef'd out.
+ *
+ *    Revision 1.120  2008/09/21 13:36:52  fabiankeil
+ *    If change-x-forwarded-for{add} is used and the client
+ *    sends multiple X-Forwarded-For headers, append the client's
+ *    IP address to each one of them. "Traditionally" we would
+ *    lose all but the last one.
+ *
+ *    Revision 1.119  2008/09/20 10:04:33  fabiankeil
+ *    Remove hide-forwarded-for-headers action which has
+ *    been obsoleted by change-x-forwarded-for{block}.
+ *
+ *    Revision 1.118  2008/09/19 15:26:29  fabiankeil
+ *    Add change-x-forwarded-for{} action to block or add
+ *    X-Forwarded-For headers. Mostly based on code removed
+ *    before 3.0.7.
+ *
  *    Revision 1.117  2008/08/30 12:03:07  fabiankeil
  *    Remove FEATURE_COOKIE_JAR.
  *
@@ -660,6 +734,12 @@
 /* Needed for pcre choice */
 #include "config.h"
 
+#ifdef HAVE_RFC2553
+/* Need for struct sockaddr_storage */
+#include <sys/socket.h>
+#endif
+
+
 /*
  * Include appropriate regular expression libraries.
  * Note that pcrs and pcre (native) are needed for cgi
@@ -785,7 +865,7 @@ typedef int jb_err;
 /**
  * Max length of CGI parameters (arbitrary limit).
  */
-#define CGI_PARAM_LEN_MAX 500
+#define CGI_PARAM_LEN_MAX 500U
 
 /**
  * Buffer size for capturing struct hostent data in the
@@ -811,16 +891,10 @@ typedef int jb_err;
 #define FOREVER 1
 
 /**
- * Default IP address to listen on, as a string.
- * Set to "127.0.0.1".
- */
-#define HADDR_DEFAULT   "127.0.0.1"
-
-/**
- * Default port to listen on, as a number.
- * Set to 8118.
+ * Default TCP/IP address to listen on, as a string.
+ * Set to "127.0.0.1:8118".
  */
-#define HADDR_PORT      8118
+#define HADDR_DEFAULT   "127.0.0.1:8118"
 
 
 /* Forward def for struct client_state */
@@ -1062,8 +1136,8 @@ struct iob
 #define ACTION_DOWNGRADE                             0x00000004UL
 /** Action bitmap: Fast redirects. */
 #define ACTION_FAST_REDIRECTS                        0x00000008UL
-/** Action bitmap: Remove existing "Forwarded" header, and do not add another. */
-#define ACTION_HIDE_FORWARDED                        0x00000010UL
+/** Action bitmap: Remove or add "X-Forwarded-For" header. */
+#define ACTION_CHANGE_X_FORWARDED_FOR                0x00000010UL
 /** Action bitmap: Hide "From" header. */
 #define ACTION_HIDE_FROM                             0x00000020UL
 /** Action bitmap: Hide "Referer" header.  (sic - follow HTTP, not English). */
@@ -1108,8 +1182,6 @@ struct iob
 #define ACTION_OVERWRITE_LAST_MODIFIED               0x02000000UL
 /** Action bitmap: Replace or block Accept-Language header */
 #define ACTION_HIDE_ACCEPT_LANGUAGE                  0x04000000UL
-/** Action bitmap: Remove or add "X-Forwarded-For" header. */
-#define ACTION_CHANGE_X_FORWARDED_FOR                0x08000000UL
 
 
 /** Action string index: How to deanimate GIFs */
@@ -1243,6 +1315,31 @@ struct url_actions
 };
 
 
+/*
+ * Structure to make sure we only reuse the server socket
+ * if the host and forwarding settings are the same.
+ */
+struct reusable_connection
+{
+   jb_socket sfd;
+   int       in_use;
+   time_t    timestamp;
+   /*
+    * Number of seconds after which this
+    * connection will no longer be reused.
+    */
+   unsigned int keep_alive_timeout;
+
+   char *host;
+   int  port;
+   int  forwarder_type;
+   char *gateway_host;
+   int  gateway_port;
+   char *forward_host;
+   int  forward_port;
+};
+
+
 /*
  * Flags for use in csp->flags
  */
@@ -1251,65 +1348,91 @@ struct url_actions
  * Flag for csp->flags: Set if this client is processing data.
  * Cleared when the thread associated with this structure dies.
  */
-#define CSP_FLAG_ACTIVE     0x01
+#define CSP_FLAG_ACTIVE     0x01U
 
 /**
  * Flag for csp->flags: Set if the server's reply is in "chunked"
  * transfer encoding
  */
-#define CSP_FLAG_CHUNKED    0x02
+#define CSP_FLAG_CHUNKED    0x02U
 
 /**
  * Flag for csp->flags: Set if this request was enforced, although it would
  * normally have been blocked.
  */
-#define CSP_FLAG_FORCED     0x04
+#define CSP_FLAG_FORCED     0x04U
 
 /**
  * Flag for csp->flags: Set if any modification to the body was done.
  */
-#define CSP_FLAG_MODIFIED   0x08
+#define CSP_FLAG_MODIFIED   0x08U
 
 /**
  * Flag for csp->flags: Set if request was blocked.
  */
-#define CSP_FLAG_REJECTED   0x10
+#define CSP_FLAG_REJECTED   0x10U
 
 /**
  * Flag for csp->flags: Set if we are toggled on (FEATURE_TOGGLE).
  */
-#define CSP_FLAG_TOGGLED_ON 0x20
+#define CSP_FLAG_TOGGLED_ON 0x20U
 
 /**
- * Flag for csp->flags: Set if adding the 'Connection: close' header
- * for the client isn't necessary.
+ * Flag for csp->flags: Set if an acceptable Connection header
+ * has already been set by the client.
  */
-#define CSP_FLAG_CLIENT_CONNECTION_CLOSE_SET   0x00000040UL
+#define CSP_FLAG_CLIENT_CONNECTION_HEADER_SET  0x00000040U
 
 /**
- * Flag for csp->flags: Set if adding the 'Connection: close' header
- * for the server isn't necessary.
+ * Flag for csp->flags: Set if an acceptable Connection header
+ * has already been set by the server.
  */
-#define CSP_FLAG_SERVER_CONNECTION_CLOSE_SET   0x00000080UL
+#define CSP_FLAG_SERVER_CONNECTION_HEADER_SET  0x00000080U
 
 /**
  * Flag for csp->flags: Signals header parsers whether they
  * are parsing server or client headers.
  */
-#define CSP_FLAG_CLIENT_HEADER_PARSING_DONE    0x00000100UL
+#define CSP_FLAG_CLIENT_HEADER_PARSING_DONE    0x00000100U
 
 /**
  * Flag for csp->flags: Set if adding the Host: header
  * isn't necessary.
  */
-#define CSP_FLAG_HOST_HEADER_IS_SET            0x00000200UL
+#define CSP_FLAG_HOST_HEADER_IS_SET            0x00000200U
 
 /**
  * Flag for csp->flags: Set if filtering is disabled by X-Filter: No
  * XXX: As we now have tags we might as well ditch this.
  */
-#define CSP_FLAG_NO_FILTERING                  0x00000400UL
+#define CSP_FLAG_NO_FILTERING                  0x00000400U
+
+/**
+ * Flag for csp->flags: Set the client IP has appended to
+ * an already existing X-Forwarded-For header in which case
+ * no new header has to be generated.
+ */
+#define CSP_FLAG_X_FORWARDED_FOR_APPENDED      0x00000800U
+
+/**
+ * Flag for csp->flags: Set if the server wants to keep
+ * the connection alive.
+ */
+#define CSP_FLAG_SERVER_CONNECTION_KEEP_ALIVE  0x00001000U
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+/**
+ * Flag for csp->flags: Set if the server specified the
+ * content length.
+ */
+#define CSP_FLAG_CONTENT_LENGTH_SET            0x00002000U
 
+/**
+ * Flag for csp->flags: Set if the client wants to keep
+ * the connection alive.
+ */
+#define CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE  0x00004000U
+#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
 
 /*
  * Flags for use in return codes of child processes
@@ -1350,15 +1473,24 @@ struct client_state
    /** socket to talk to server (web server or proxy) */
    jb_socket sfd;
 
+   /** current connection to the server (may go through a proxy) */
+   struct reusable_connection server_connection;
+
    /** Multi-purpose flag container, see CSP_FLAG_* above */
    unsigned int flags;
 
    /** Client PC's IP address, as reported by the accept() function.
        As a string. */
    char *ip_addr_str;
+#ifdef HAVE_RFC2553
+   /** Client PC's TCP address, as reported by the accept() function.
+       As a sockaddr. */
+   struct sockaddr_storage tcp_addr;
+#else
    /** Client PC's IP address, as reported by the accept() function.
        As a number. */
-   long  ip_addr_long;
+   unsigned long ip_addr_long;
+#endif /* def HAVE_RFC2553 */
 
    /** The URL that was requested */
    struct http_request http[1];
@@ -1382,13 +1514,6 @@ struct client_state
    /** MIME-Type key, see CT_* above */
    unsigned int content_type;
 
-   /** The "X-Forwarded-For:" header sent by the client */
-   /*
-    * XXX: this is a hack that causes problems if
-    * there's more than one X-Forwarded-For header.
-    */
-   char *x_forwarded_for;
-
    /** Actions files associated with this client */
    struct file_list *actions_list[MAX_AF_FILES];
 
@@ -1396,7 +1521,15 @@ struct client_state
    struct file_list *rlist[MAX_AF_FILES];
 
    /** Length after content modification. */
-   size_t content_length;
+   unsigned long long content_length;
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+   /** Expected length of content after which we
+    * should stop reading from the server socket.
+    */
+   /* XXX: is this the right location? */
+   unsigned long long expected_content_length;
+#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
 
 #ifdef FEATURE_TRUST
 
@@ -1591,9 +1724,14 @@ struct re_filterfile_spec
  */
 struct access_control_addr
 {
+#ifdef HAVE_RFC2553
+   struct sockaddr_storage addr; /* <The TCP address in network order. */
+   struct sockaddr_storage mask; /* <The TCP mask in network order. */
+#else
    unsigned long addr;  /**< The IP address as an integer. */
    unsigned long mask;  /**< The network mask as an integer. */
    unsigned long port;  /**< The port number. */
+#endif /* HAVE_RFC2553 */
 };
 
 /**
@@ -1605,6 +1743,9 @@ struct access_control_list
 {
    struct access_control_addr src[1];  /**< Client IP address */
    struct access_control_addr dst[1];  /**< Website or parent proxy IP address */
+#ifdef HAVE_RFC2553
+   int wildcard_dst;                   /** < dst address is wildcard */
+#endif
 
    short action;                       /**< ACL_PERMIT or ACL_DENY */
    struct access_control_list *next;   /**< The next entry in the ACL. */
@@ -1618,26 +1759,31 @@ struct access_control_list
 
 
 /** configuration_spec::feature_flags: CGI actions editor. */
-#define RUNTIME_FEATURE_CGI_EDIT_ACTIONS             1
+#define RUNTIME_FEATURE_CGI_EDIT_ACTIONS             1U
 
 /** configuration_spec::feature_flags: Web-based toggle. */
-#define RUNTIME_FEATURE_CGI_TOGGLE                   2
+#define RUNTIME_FEATURE_CGI_TOGGLE                   2U
 
 /** configuration_spec::feature_flags: HTTP-header-based toggle. */
-#define RUNTIME_FEATURE_HTTP_TOGGLE                  4
+#define RUNTIME_FEATURE_HTTP_TOGGLE                  4U
 
 /** configuration_spec::feature_flags: Split large forms to limit the number of GET arguments. */
-#define RUNTIME_FEATURE_SPLIT_LARGE_FORMS            8
+#define RUNTIME_FEATURE_SPLIT_LARGE_FORMS            8U
 
 /** configuration_spec::feature_flags: Check the host header for requests with host-less request lines. */
-#define RUNTIME_FEATURE_ACCEPT_INTERCEPTED_REQUESTS 16
+#define RUNTIME_FEATURE_ACCEPT_INTERCEPTED_REQUESTS 16U
 
 /** configuration_spec::feature_flags: Don't allow to circumvent blocks with the force prefix. */
-#define RUNTIME_FEATURE_ENFORCE_BLOCKS              32
+#define RUNTIME_FEATURE_ENFORCE_BLOCKS              32U
 
 /** configuration_spec::feature_flags: Allow to block or redirect CGI requests. */
-#define RUNTIME_FEATURE_CGI_CRUNCHING               64
+#define RUNTIME_FEATURE_CGI_CRUNCHING               64U
+
+/** configuration_spec::feature_flags: Try to keep the connection to the server alive. */
+#define RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE      128U
 
+/** configuration_spec::feature_flags: Share outgoing connections between different client connections. */
+#define RUNTIME_FEATURE_CONNECTION_SHARING         256U
 
 /**
  * Data loaded from the configuration file.
@@ -1732,7 +1878,18 @@ struct configuration_spec
    struct forward_spec *forward;
 
    /** Number of retries in case a forwarded connection attempt fails */
-   int         forwarded_connect_retries;
+   int forwarded_connect_retries;
+
+   /** Maximum number of client connections. */
+   int max_client_connections;
+
+   /* Timeout when waiting on sockets for data to become available. */
+   int socket_timeout;
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+   /* Maximum number of seconds after which an open connection will no longer be reused. */
+   unsigned int keep_alive_timeout;
+#endif
 
    /** All options from the config file, HTML-formatted. */
    char *proxy_args;