--------------------- PatchSet 1672 Date: 2001/02/27 14:18:21 Author: rvenning Branch: ipv6 Tag: (none) Log: OK, getting sick of this... need faster network so as to discover my stupidity quicker Members: SPONSORS:1.3->1.3.16.1 auth_modules/Makefile.in:1.2->1.2.8.1(DEAD) auth_modules/LDAP/Makefile.in:1.2->1.2.8.1(DEAD) auth_modules/LDAP/README:1.1.1.1->1.1.1.1.32.1(DEAD) auth_modules/LDAP/squid_ldap_auth.c:1.1.1.1->1.1.1.1.32.1(DEAD) auth_modules/MSNT/COPYING-2.0:1.1.1.1->1.1.1.1.32.1(DEAD) auth_modules/MSNT/Makefile.in:1.3->1.3.6.1(DEAD) auth_modules/MSNT/README.html:1.1->1.1.20.1(DEAD) auth_modules/MSNT/allowusers.c:1.1->1.1.20.1(DEAD) auth_modules/MSNT/byteorder.h:1.2->1.2.8.1(DEAD) auth_modules/MSNT/confload.c:1.1->1.1.20.1(DEAD) auth_modules/MSNT/denyusers.c:1.3->1.3.6.1(DEAD) auth_modules/MSNT/md4.c:1.1.1.1->1.1.1.1.32.1(DEAD) auth_modules/MSNT/msntauth-v2.0.lsm:1.1->1.1.20.1(DEAD) auth_modules/MSNT/msntauth.c:1.1->1.1.20.1(DEAD) auth_modules/MSNT/msntauth.conf:1.1->1.1.20.1(DEAD) auth_modules/MSNT/rfcnb-common.h:1.2->1.2.8.1(DEAD) auth_modules/MSNT/rfcnb-error.h:1.2->1.2.8.1(DEAD) auth_modules/MSNT/rfcnb-io.c:1.2->1.2.8.1(DEAD) auth_modules/MSNT/rfcnb-io.h:1.1.1.1->1.1.1.1.32.1(DEAD) auth_modules/MSNT/rfcnb-priv.h:1.2->1.2.8.1(DEAD) auth_modules/MSNT/rfcnb-util.c:1.2->1.2.8.1(DEAD) auth_modules/MSNT/rfcnb-util.h:1.2->1.2.8.1(DEAD) auth_modules/MSNT/rfcnb.h:1.1.1.1->1.1.1.1.32.1(DEAD) auth_modules/MSNT/session.c:1.2->1.2.8.1(DEAD) auth_modules/MSNT/smbdes.c:1.1.1.1->1.1.1.1.32.1(DEAD) auth_modules/MSNT/smbencrypt.c:1.2->1.2.8.1(DEAD) auth_modules/MSNT/smblib-common.h:1.2->1.2.8.1(DEAD) auth_modules/MSNT/smblib-priv.h:1.2->1.2.8.1(DEAD) auth_modules/MSNT/smblib-util.c:1.2->1.2.8.1(DEAD) auth_modules/MSNT/smblib.c:1.3->1.3.6.1(DEAD) auth_modules/MSNT/smblib.c.patch:1.1->1.1.20.1(DEAD) auth_modules/MSNT/smblib.h:1.2->1.2.8.1(DEAD) auth_modules/MSNT/std-defines.h:1.2->1.2.8.1(DEAD) auth_modules/MSNT/std-includes.h:1.2->1.2.8.1(DEAD) auth_modules/MSNT/valid.c:1.2->1.2.8.1(DEAD) auth_modules/MSNT/valid.h:1.1.1.1->1.1.1.1.32.1(DEAD) auth_modules/NCSA/Makefile.in:1.2->1.2.6.1(DEAD) auth_modules/NCSA/ncsa_auth.c:1.1.1.1->1.1.1.1.38.1(DEAD) auth_modules/PAM/Makefile.in:1.3->1.3.6.1(DEAD) auth_modules/PAM/pam_auth.c:1.3->1.3.6.1(DEAD) auth_modules/SMB/COPYING-2.0:1.1.1.1->1.1.1.1.42.1(DEAD) auth_modules/SMB/Changelog:1.1.1.2->1.1.1.2.32.1(DEAD) auth_modules/SMB/Makefile.in:1.3->1.3.6.1(DEAD) auth_modules/SMB/README:1.1.1.2->1.1.1.2.42.1(DEAD) auth_modules/SMB/smb_auth.c:1.1.1.2->1.1.1.2.30.1(DEAD) auth_modules/SMB/smb_auth.sh:1.1.1.2->1.1.1.2.32.1(DEAD) auth_modules/getpwnam/Makefile.in:1.2->1.2.6.1(DEAD) auth_modules/getpwnam/getpwnam_auth.c:1.1.1.1->1.1.1.1.38.1(DEAD) auth_modules/multi-domain-NTLM/README.txt:1.2->1.2.8.1(DEAD) auth_modules/multi-domain-NTLM/smb_auth.pl:1.2->1.2.8.1(DEAD) contrib/rredir.c:1.2->1.2.6.1 doc/README.cygwin:1.2->1.2.8.1(DEAD) doc/Release-Notes-1.0.txt:1.2->1.2.6.1(DEAD) doc/Release-Notes-1.1.txt:1.2->1.2.6.1(DEAD) doc/debug-sections.txt:1.2->1.2.8.1 doc/squid.8:1.1->1.1.42.1 doc/Programming-Guide/prog-guide.sgml:1.3->1.3.6.1 errors/Makefile.in:1.3->1.3.6.1 errors/Danish/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.32.1 errors/Dutch/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/English/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/Estonian/ERR_CACHE_ACCESS_DENIED:1.2->1.2.8.1 errors/Finnish/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.32.1 errors/French/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/German/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/Hungarian/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/Italian/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/Japanese/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/Korean/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.32.1 errors/Polish/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/Portuguese/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/Romanian/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.32.1 errors/Russian-1251/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/Russian-koi8-r/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/Serbian/ERR_ACCESS_DENIED:1.1->1.1.30.1 errors/Serbian/ERR_CACHE_ACCESS_DENIED:1.1->1.1.30.1 errors/Serbian/ERR_CACHE_MGR_ACCESS_DENIED:1.1->1.1.30.1 errors/Serbian/ERR_CANNOT_FORWARD:1.1->1.1.30.1 errors/Serbian/ERR_CONNECT_FAIL:1.1->1.1.30.1 errors/Serbian/ERR_DNS_FAIL:1.1->1.1.30.1 errors/Serbian/ERR_FORWARDING_DENIED:1.1->1.1.30.1 errors/Serbian/ERR_FTP_DISABLED:1.1->1.1.30.1 errors/Serbian/ERR_FTP_FAILURE:1.1->1.1.30.1 errors/Serbian/ERR_FTP_FORBIDDEN:1.1->1.1.30.1 errors/Serbian/ERR_FTP_NOT_FOUND:1.1->1.1.30.1 errors/Serbian/ERR_FTP_PUT_CREATED:1.1->1.1.30.1 errors/Serbian/ERR_FTP_PUT_ERROR:1.1->1.1.30.1 errors/Serbian/ERR_FTP_PUT_MODIFIED:1.1->1.1.30.1 errors/Serbian/ERR_FTP_UNAVAILABLE:1.1->1.1.30.1 errors/Serbian/ERR_INVALID_REQ:1.1->1.1.30.1 errors/Serbian/ERR_INVALID_URL:1.1->1.1.30.1 errors/Serbian/ERR_LIFETIME_EXP:1.1->1.1.30.1 errors/Serbian/ERR_NO_RELAY:1.1->1.1.30.1 errors/Serbian/ERR_ONLY_IF_CACHED_MISS:1.1->1.1.30.1 errors/Serbian/ERR_READ_ERROR:1.1->1.1.30.1 errors/Serbian/ERR_READ_TIMEOUT:1.1->1.1.30.1 errors/Serbian/ERR_SHUTTING_DOWN:1.1->1.1.30.1 errors/Serbian/ERR_SOCKET_FAILURE:1.1->1.1.30.1 errors/Serbian/ERR_TOO_BIG:1.1->1.1.30.1 errors/Serbian/ERR_UNSUP_REQ:1.1->1.1.30.1 errors/Serbian/ERR_URN_RESOLVE:1.1->1.1.30.1 errors/Serbian/ERR_WRITE_ERROR:1.1->1.1.30.1 errors/Serbian/ERR_ZERO_SIZE_OBJECT:1.1->1.1.30.1 errors/Serbian/README:1.1->1.1.30.1 errors/Serbian/generic:1.1->1.1.30.1 errors/Simplify_Chinese/ERR_CACHE_ACCESS_DENIED:1.2->1.2.8.1 errors/Slovak/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/Spanish/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_ACCESS_DENIED:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_CACHE_MGR_ACCESS_DENIED:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_CANNOT_FORWARD:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_CONNECT_FAIL:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_DNS_FAIL:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_FORWARDING_DENIED:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_FTP_DISABLED:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_FTP_FAILURE:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_FTP_FORBIDDEN:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_FTP_NOT_FOUND:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_FTP_PUT_ERROR:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_FTP_UNAVAILABLE:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_INVALID_REQ:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_INVALID_URL:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_LIFETIME_EXP:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_NO_RELAY:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_ONLY_IF_CACHED_MISS:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_READ_ERROR:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_READ_TIMEOUT:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_SHUTTING_DOWN:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_SOCKET_FAILURE:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_TOO_BIG:1.2->1.2.8.1 errors/Swedish/ERR_UNSUP_REQ:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_URN_RESOLVE:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_WRITE_ERROR:1.1.1.1->1.1.1.1.32.1 errors/Swedish/ERR_ZERO_SIZE_OBJECT:1.1.1.1->1.1.1.1.32.1 errors/Swedish/generic:1.1.1.1->1.1.1.1.32.1 errors/Traditional_Chinese/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 errors/Turkish/ERR_CACHE_ACCESS_DENIED:1.1.1.1->1.1.1.1.42.1 icons/Makefile.in:1.3->1.3.6.1 include/Array.h:1.2->1.2.6.1 include/Stack.h:1.2->1.2.6.1 include/asn1.h:1.2->1.2.6.1 include/config.h.in:1.3.6.1->1.3.6.2 include/heap.h:1.3->1.3.10.1 include/md5.h:1.2->1.2.6.1 include/ntlmauth.h:1.4->1.4.2.1 include/radix.h:1.2->1.2.6.1 include/rfc1035.h:1.3.6.1->1.3.6.2 include/rfc2617.h:1.2->1.2.20.1 include/snmp_client.h:1.2->1.2.6.1 include/snmp_pdu.h:1.2->1.2.6.1 include/snmp_util.h:1.2->1.2.6.1 include/snmp_vars.h:1.2->1.2.6.1 include/snprintf.h:1.2->1.2.6.1 include/splay.h:1.3->1.3.6.1 include/util.h:1.4.4.2->1.4.4.3 lib/Array.c:1.3->1.3.6.1 lib/GNUregex.c:1.2->1.2.6.1 lib/Makefile.in:1.4->1.4.4.1 lib/Stack.c:1.3->1.3.6.1 lib/base64.c:1.2->1.2.6.1 lib/getfullhostname.c:1.3->1.3.6.1 lib/hash.c:1.4->1.4.6.1 lib/heap.c:1.3->1.3.10.1 lib/html.c:1.3->1.3.10.1(DEAD) lib/html_quote.c:1.2->1.2.16.1 lib/iso3307.c:1.2->1.2.6.1 lib/md5.c:1.2->1.2.6.1 lib/ntlmauth.c:1.3->1.3.14.1 lib/radix.c:1.3->1.3.6.1 lib/rfc1035.c:1.4.6.1->1.4.6.2 lib/rfc1123.c:1.4->1.4.4.1 lib/rfc1738.c:1.3->1.3.6.1 lib/rfc2617.c:1.5->1.5.12.1 lib/safe_inet_addr.c:1.2.6.2->1.2.6.3 lib/snprintf.c:1.2->1.2.6.1 lib/strerror.c:1.3->1.3.6.1 lib/stub_memaccount.c:1.2->1.2.6.1 lib/util.c:1.3->1.3.6.1 scripts/Makefile.in:1.1.1.1->1.1.1.1.42.1 snmplib/coexistance.c:1.1.1.1->1.1.1.1.42.1 snmplib/mib.c:1.1.1.1->1.1.1.1.42.1 snmplib/snmp_api.c:1.1.1.1->1.1.1.1.42.1 snmplib/snmp_api_error.c:1.1.1.1->1.1.1.1.42.1 snmplib/snmp_msg.c:1.1.1.1->1.1.1.1.42.1 snmplib/snmp_pdu.c:1.1.1.1->1.1.1.1.42.1 src/CacheDigest.c:1.3->1.3.6.1 src/ETag.c:1.3->1.3.6.1 src/HttpBody.c:1.3->1.3.6.1 src/HttpHdrCc.c:1.4->1.4.4.1 src/HttpHdrContRange.c:1.3->1.3.6.1 src/HttpHdrExtField.c:1.3->1.3.6.1 src/HttpHdrRange.c:1.4->1.4.6.1 src/HttpHeader.c:1.3->1.3.6.1 src/HttpHeaderTools.c:1.3->1.3.6.1 src/HttpMsg.c:1.4->1.4.2.1 src/HttpReply.c:1.4->1.4.2.1 src/HttpRequest.c:1.3->1.3.6.1 src/HttpStatusLine.c:1.4->1.4.2.1 src/Makefile.in:1.3->1.3.6.1 src/MemBuf.c:1.3->1.3.6.1 src/MemPool.c:1.4->1.4.6.1 src/Packer.c:1.3->1.3.6.1 src/StatHist.c:1.3->1.3.6.1 src/String.c:1.3->1.3.6.1 src/access_log.c:1.5.2.1->1.5.2.2 src/acl.c:1.4.6.1->1.4.6.2 src/asn.c:1.4.4.1->1.4.4.2 src/auth_modules.sh:1.2->1.2.26.1 src/authenticate.c:1.4->1.4.6.1 src/cache_cf.c:1.4.2.2->1.4.2.3 src/cache_diff.c:1.4->1.4.6.1 src/cache_manager.c:1.4->1.4.2.1 src/cachemgr.c:1.3.6.1->1.3.6.2 src/carp.c:1.3->1.3.6.1 src/cbdata.c:1.4->1.4.6.1 src/cf.data.pre:1.4->1.4.6.1 src/cf_gen.c:1.3->1.3.6.1 src/client.c:1.3.6.1->1.3.6.2 src/client_db.c:1.4.6.1->1.4.6.2 src/client_side.c:1.7.2.1->1.7.2.2 src/comm.c:1.4.6.1->1.4.6.2 src/comm_select.c:1.3->1.3.6.1 src/debug.c:1.3->1.3.6.1 src/defines.h:1.3.6.2->1.3.6.3 src/delay_pools.c:1.3->1.3.6.1 src/disk.c:1.4->1.4.6.1 src/dns.c:1.3.6.1->1.3.6.2 src/dns_internal.c:1.5.6.1->1.5.6.2 src/dnsserver.c:1.3.6.2->1.3.6.3 src/enums.h:1.5->1.5.4.1 src/errorpage.c:1.5.2.1->1.5.2.2 src/event.c:1.3->1.3.6.1 src/fd.c:1.3->1.3.6.1 src/filemap.c:1.3->1.3.6.1 src/forward.c:1.4.6.1->1.4.6.2 src/fqdncache.c:1.4.6.1->1.4.6.2 src/ftp.c:1.5.2.1->1.5.2.2 src/globals.h:1.4.4.1->1.4.4.2 src/gopher.c:1.4->1.4.4.1 src/helper.c:1.3->1.3.6.1 src/htcp.c:1.4.6.1->1.4.6.2 src/http.c:1.5->1.5.2.1 src/icmp.c:1.3.6.1->1.3.6.2 src/icp_v2.c:1.3.6.1->1.3.6.2 src/icp_v3.c:1.3.6.1->1.3.6.2 src/ident.c:1.4.6.1->1.4.6.2 src/internal.c:1.5.2.1->1.5.2.2 src/ipc.c:1.3.6.1->1.3.6.2 src/ipcache.c:1.4.6.2->1.4.6.3 src/leakfinder.c:1.4->1.4.6.1 src/logfile.c:1.2->1.2.8.1 src/main.c:1.5.4.2->1.5.4.3 src/mem.c:1.3->1.3.6.1 src/mime.c:1.4->1.4.2.1 src/multicast.c:1.3.6.1->1.3.6.2 src/neighbors.c:1.5.4.1->1.5.4.2 src/net_db.c:1.6.2.1->1.6.2.2 src/pconn.c:1.4->1.4.6.1 src/peer_digest.c:1.3->1.3.6.1 src/peer_select.c:1.3.6.1->1.3.6.2 src/pinger.c:1.3.6.1->1.3.6.2 src/protos.h:1.5.2.1->1.5.2.2 src/pump.c:1.4->1.4.6.1(DEAD) src/recv-announce.c:1.3.6.1->1.3.6.2 src/redirect.c:1.3.6.1->1.3.6.2 src/referer.c:1.2->1.2.8.1 src/refresh.c:1.5->1.5.4.1 src/send-announce.c:1.3.6.1->1.3.6.2 src/snmp_agent.c:1.3->1.3.6.1 src/snmp_core.c:1.3.6.1->1.3.6.2 src/squid.h:1.3->1.3.6.1 src/ssl.c:1.3.6.1->1.3.6.2 src/stat.c:1.4.6.1->1.4.6.2 src/stmem.c:1.4->1.4.6.1 src/store.c:1.5->1.5.2.1 src/store_client.c:1.4->1.4.6.1 src/store_digest.c:1.5->1.5.2.1 src/store_dir.c:1.4->1.4.6.1 src/store_key_md5.c:1.4->1.4.6.1 src/store_log.c:1.4->1.4.6.1 src/store_rebuild.c:1.5->1.5.4.1 src/store_swapin.c:1.4->1.4.6.1 src/store_swapmeta.c:1.4->1.4.6.1 src/store_swapout.c:1.4->1.4.6.1 src/structs.h:1.7.2.1->1.7.2.2 src/test_cache_digest.c:1.4->1.4.6.1 src/tools.c:1.4.2.2->1.4.2.3 src/typedefs.h:1.4->1.4.2.1 src/unlinkd.c:1.3->1.3.6.1 src/url.c:1.3->1.3.6.1 src/urn.c:1.4->1.4.2.1 src/useragent.c:1.3->1.3.6.1 src/wais.c:1.3->1.3.6.1 src/auth/Makefile.in:1.2->1.2.26.1 src/auth/basic/Makefile.in:1.2->1.2.26.1 src/auth/basic/auth_basic.c:1.9->1.9.12.1 src/auth/basic/auth_basic.h:1.2->1.2.26.1 src/auth/basic/helpers/Makefile.in:1.3->1.3.18.1 src/auth/basic/helpers/LDAP/Makefile.in:1.3->1.3.16.1 src/auth/basic/helpers/LDAP/README:1.2->1.2.28.1 src/auth/basic/helpers/LDAP/squid_ldap_auth.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/COPYING-2.0:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/Makefile.in:1.3->1.3.16.1 src/auth/basic/helpers/MSNT/README.html:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/allowusers.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/byteorder.h:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/confload.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/denyusers.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/md4.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/msntauth-v2.0.lsm:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/msntauth.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/msntauth.conf:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/rfcnb-common.h:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/rfcnb-error.h:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/rfcnb-io.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/rfcnb-io.h:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/rfcnb-priv.h:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/rfcnb-util.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/rfcnb-util.h:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/rfcnb.h:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/session.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/smbdes.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/smbencrypt.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/smblib-common.h:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/smblib-priv.h:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/smblib-util.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/smblib.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/smblib.h:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/std-defines.h:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/std-includes.h:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/valid.c:1.2->1.2.28.1 src/auth/basic/helpers/MSNT/valid.h:1.2->1.2.28.1 src/auth/basic/helpers/NCSA/Makefile.in:1.3->1.3.16.1 src/auth/basic/helpers/NCSA/ncsa_auth.c:1.2->1.2.28.1 src/auth/basic/helpers/PAM/Makefile.in:1.3->1.3.16.1 src/auth/basic/helpers/PAM/pam_auth.c:1.3->1.3.18.1 src/auth/basic/helpers/SMB/COPYING-2.0:1.2->1.2.28.1 src/auth/basic/helpers/SMB/Changelog:1.2->1.2.28.1 src/auth/basic/helpers/SMB/Makefile.in:1.3->1.3.16.1 src/auth/basic/helpers/SMB/README:1.2->1.2.28.1 src/auth/basic/helpers/SMB/smb_auth.c:1.3->1.3.18.1 src/auth/basic/helpers/SMB/smb_auth.sh:1.2->1.2.28.1 src/auth/basic/helpers/YP/Makefile.in:1.3->1.3.16.1 src/auth/basic/helpers/YP/nis_support.c:1.2->1.2.28.1 src/auth/basic/helpers/YP/yp_auth.c:1.2->1.2.28.1 src/auth/basic/helpers/getpwnam/Makefile.in:1.3->1.3.16.1 src/auth/basic/helpers/getpwnam/getpwnam_auth.c:1.2->1.2.28.1 src/auth/basic/helpers/multi-domain-NTLM/README.txt:1.2->1.2.28.1 src/auth/basic/helpers/multi-domain-NTLM/smb_auth.pl:1.2->1.2.28.1 src/auth/digest/Makefile.in:1.2->1.2.20.1 src/auth/digest/auth_digest.c:1.4->1.4.12.1 src/auth/digest/auth_digest.h:1.2->1.2.20.1 src/auth/digest/helpers/Makefile.in:1.2->1.2.20.1 src/auth/digest/helpers/password/Makefile.in:1.2->1.2.20.1 src/auth/digest/helpers/password/digest_pw_auth.c:1.2->1.2.20.1 src/auth/ntlm/Makefile.in:1.2->1.2.26.1 src/auth/ntlm/auth_ntlm.c:1.7->1.7.14.1 src/auth/ntlm/auth_ntlm.h:1.3->1.3.18.1 src/auth/ntlm/helpers/Makefile.in:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/Makefile.in:1.3->1.3.16.1 src/auth/ntlm/helpers/NTLMSSP/libntlmssp.c:1.4->1.4.14.1 src/auth/ntlm/helpers/NTLMSSP/ntlm.h:1.3->1.3.14.1 src/auth/ntlm/helpers/NTLMSSP/ntlm_auth.c:1.5->1.5.14.1 src/auth/ntlm/helpers/NTLMSSP/smbval/Makefile.in:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/byteorder.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/md4.c:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/md4.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/rfcnb-common.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/rfcnb-error.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/rfcnb-io.c:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/rfcnb-io.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/rfcnb-priv.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/rfcnb-util.c:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/rfcnb-util.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/rfcnb.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/session.c:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/smbdes.c:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/smbdes.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/smbencrypt.c:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/smbencrypt.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/smblib-common.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/smblib-priv.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/smblib-util.c:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/smblib.c:1.4->1.4.12.1 src/auth/ntlm/helpers/NTLMSSP/smbval/smblib.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/std-defines.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/std-includes.h:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/valid.c:1.2->1.2.28.1 src/auth/ntlm/helpers/NTLMSSP/smbval/valid.h:1.2->1.2.28.1 src/auth/ntlm/helpers/fakeauth/Makefile.in:1.3->1.3.16.1 src/auth/ntlm/helpers/fakeauth/fakeauth_auth.c:1.2->1.2.28.1 src/auth/ntlm/helpers/fakeauth/ntlm.h:1.3->1.3.18.1 src/auth/ntlm/helpers/no_check/Makefile.in:1.3->1.3.16.1 src/auth/ntlm/helpers/no_check/README.no_check_ntlm_auth:1.2->1.2.28.1 src/auth/ntlm/helpers/no_check/no_check:1.2->1.2.28.1 src/fs/aufs/aiops.c:1.3->1.3.4.1 src/fs/aufs/async_io.c:1.3->1.3.4.1 src/fs/aufs/store_asyncufs.h:1.3->1.3.4.1 src/fs/aufs/store_dir_aufs.c:1.5->1.5.4.1 src/fs/aufs/store_io_aufs.c:1.3->1.3.4.1 src/fs/coss/store_coss.h:1.2->1.2.8.1 src/fs/coss/store_dir_coss.c:1.3->1.3.6.1 src/fs/coss/store_io_coss.c:1.2->1.2.8.1 src/fs/diskd/diskd.c:1.4->1.4.2.1 src/fs/diskd/store_dir_diskd.c:1.4->1.4.4.1 src/fs/diskd/store_io_diskd.c:1.2->1.2.8.1 src/fs/null/Makefile.in:1.2->1.2.12.1 src/fs/null/store_null.c:1.2->1.2.24.1 src/fs/ufs/store_dir_ufs.c:1.4->1.4.4.1 src/fs/ufs/store_io_ufs.c:1.2->1.2.8.1 src/repl/heap/store_heap_replacement.c:1.3->1.3.6.1 src/repl/heap/store_repl_heap.c:1.3->1.3.6.1 src/repl/lru/store_repl_lru.c:1.2->1.2.8.1 test-suite/hash.c:1.2->1.2.6.1 test-suite/hash.h:1.1.1.1->1.1.1.1.42.1 test-suite/membanger.c:1.1.1.1->1.1.1.1.42.1 test-suite/pconn-banger.c:1.1.1.1->1.1.1.1.42.1 test-suite/tcp-banger3.c:1.1.1.2->1.1.1.2.42.1 test-suite/waiter.c:1.1.1.1->1.1.1.1.42.1 --- squid/auth_modules/Makefile.in Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,38 +0,0 @@ -# Makefile for storage modules in the Squid Object Cache server -# -# $Id$ -# - -# The 'nop' is in the SUBDIRS list because some Unixes that can't -# handle empty for lists. - -SUBDIRS = @AUTH_MODULES@ nop - -all: - @for dir in $(SUBDIRS); do \ - if [ -f $$dir/Makefile ]; then \ - sh -c "cd $$dir && $(MAKE) all" || exit 1; \ - fi; \ - done; - -clean: - -for dir in *; do \ - if [ -f $$dir/Makefile ]; then \ - sh -c "cd $$dir && $(MAKE) clean"; \ - fi; \ - done - -distclean: - -rm -f Makefile - -for dir in *; do \ - if [ -f $$dir/Makefile ]; then \ - sh -c "cd $$dir && $(MAKE) distclean"; \ - fi; \ - done - -.DEFAULT: - @for dir in $(SUBDIRS); do \ - if [ -f $$dir/Makefile ]; then \ - sh -c "cd $$dir && $(MAKE) $@" || exit 1; \ - fi; \ - done; --- squid/auth_modules/LDAP/Makefile.in Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,76 +0,0 @@ - -OBJS = squid_ldap_auth.o -LIBS = -lldap -llber -LDAP_EXE = squid_ldap_auth - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -exec_suffix = @exec_suffix@ -cgi_suffix = @cgi_suffix@ -top_srcdir = @top_srcdir@ -bindir = @bindir@ -libexecdir = @libexecdir@ -sysconfdir = @sysconfdir@ -localstatedir = @localstatedir@ -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -MAKEDEPEND = @MAKEDEPEND@ -INSTALL = @INSTALL@ -INSTALL_BIN = @INSTALL_PROGRAM@ -INSTALL_FILE = @INSTALL_DATA@ -INSTALL_SUID = @INSTALL_PROGRAM@ -o root -m 4755 -RANLIB = @RANLIB@ -LN_S = @LN_S@ -PERL = @PERL@ -CRYPTLIB = @CRYPTLIB@ -REGEXLIB = @REGEXLIB@ -PTHREADLIB = @PTHREADLIB@ -MALLOCLIB = @LIB_MALLOC@ -AC_CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ -XTRA_LIBS = @XTRA_LIBS@ -XTRA_OBJS = @XTRA_OBJS@ -MV = @MV@ -RM = @RM@ -SHELL = /bin/sh - - -all: $(LDAP_EXE) - -$(LDAP_EXE): $(OBJS) - $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(XTRA_LIBS) - -install-mkdirs: - -@if test ! -d $(prefix); then \ - echo "mkdir $(prefix)"; \ - mkdir $(prefix); \ - fi - -@if test ! -d $(libexecdir); then \ - echo "mkdir $(libexecdir)"; \ - mkdir $(libexecdir); \ - fi - -# Michael Lupp wants to know about additions -# to the install target. -install: all install-mkdirs - @for f in $(LDAP_EXE); do \ - if test -f $(libexecdir)/$$f; then \ - echo $(MV) $(libexecdir)/$$f $(libexecdir)/-$$f; \ - $(MV) $(libexecdir)/$$f $(libexecdir)/-$$f; \ - fi; \ - echo $(INSTALL_BIN) $$f $(libexecdir); \ - $(INSTALL_BIN) $$f $(libexecdir); \ - if test -f $(libexecdir)/-$$f; then \ - echo $(RM) -f $(libexecdir)/-$$f; \ - $(RM) -f $(libexecdir)/-$$f; \ - fi; \ - done - -clean: - -$(RM) -f $(OBJS) - -$(RM) -f $(LDAP_EXE) - -distclean: clean - -$(RM) -f Makefile --- squid/auth_modules/LDAP/README Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,8 +0,0 @@ -This LDAP Authentication code is written by Glen Newton -. - -Please see his Web page at: -http://orca.cisti.nrc.ca/~gnewton/opensource/squid_ldap_auth/ - -In order to use squid_ldap_auth, you will also need to install -the OpenLDAP libraries (ldap lber) from http://www.openldap.org. --- squid/auth_modules/LDAP/squid_ldap_auth.c Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,106 +0,0 @@ -/* - - squid_ldap_auth: authentication via ldap for squid proxy server - - Author: Glen Newton - glen.newton@nrc.ca - Advanced Services - CISTI - National Research Council - - Usage: squid_ldap_auth - - Dependencies: You need to get the OpenLDAP libraries - from http://www.openldap.org - - License: squid_ldap_auth is free software; you can redistribute it - and/or modify it under the terms of the GNU General Public License - as published by the Free Software Foundation; either version 2, - or (at your option) any later version. - */ - -#include -#include -#include -#include -#include - -/* Change this to your search base */ -#define SEARCHBASE "ou=people,o=nrc.ca" - -int checkLDAP( LDAP *ld, char *userid, char *password); - -int main(int argc, char **argv) -{ - char buf[256]; - char *user, *passwd, *p; - char *ldapServer; - LDAP *ld; - LDAPMessage *result, *e; - - setbuf(stdout, NULL); - - if (argc != 2) - { - fprintf(stderr, "Usage: squid_ldap_auth ldap_server_name\n"); - exit(1); - } - - ldapServer = (char*)argv[1]; - - while (fgets(buf, 256, stdin) != NULL) - { - /* You can put this ldap connect outside the loop, but i didn't want to - have the connection open too much. If you have a site which will - be doing >1 authentication per second, you should move this (and the - below ldap_unbind()) outside the loop. - */ - if( (ld = ldap_init(ldapServer, LDAP_PORT)) == NULL) - { - fprintf(stderr, "\nUnable to connect to LDAP server:%s port:%d\n", - ldapServer, LDAP_PORT); - exit(1); - } - - if ((p = strchr(buf, '\n')) != NULL) - *p = '\0'; /* strip \n */ - - if ((user = strtok(buf, " ")) == NULL) - { - printf("ERR\n"); - continue; - } - if ((passwd = strtok(NULL, "")) == NULL) - { - printf("ERR\n"); - continue; - } - if(checkLDAP(ld, user, passwd) != 0) - { - printf("ERR\n"); - continue; - } - else - { - printf("OK\n"); - } - ldap_unbind(ld); - } -} - - - -int checkLDAP( LDAP *ld, char *userid, char *password) -{ - char str[256]; - - /*sprintf(str,"uid=[%s][%s], %s",userid, password, SEARCHBASE); */ - sprintf(str,"uid=%s, %s",userid, SEARCHBASE); - - if(ldap_simple_bind_s(ld, str, password) != LDAP_SUCCESS) - { - /*fprintf(stderr, "\nUnable to bind\n");*/ - return 33; - } - return 0; -} --- squid/auth_modules/MSNT/COPYING-2.0 Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,341 +0,0 @@ - - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 675 Mass Ave, Cambridge, MA 02139, USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - Appendix: How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) 19yy - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) 19yy name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - , 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General -Public License instead of this License. - --- squid/auth_modules/MSNT/Makefile.in Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,98 +0,0 @@ -# -# Makefile for the Squid Object Cache server -# -# $Id$ -# -# Uncomment and customize the following to suit your needs: -# - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -exec_suffix = @exec_suffix@ -cgi_suffix = @cgi_suffix@ -top_srcdir = @top_srcdir@ -bindir = @bindir@ -libexecdir = @libexecdir@ -sysconfdir = @sysconfdir@ -localstatedir = @localstatedir@ -srcdir = @srcdir@ -VPATH = @srcdir@ - -# Gotta love the DOS legacy -# -AUTH_EXE = msnt_auth$(exec_suffix) - -CC = @CC@ -MAKEDEPEND = @MAKEDEPEND@ -INSTALL = @INSTALL@ -INSTALL_BIN = @INSTALL_PROGRAM@ -INSTALL_FILE = @INSTALL_DATA@ -INSTALL_SUID = @INSTALL_PROGRAM@ -o root -m 4755 -RANLIB = @RANLIB@ -LN_S = @LN_S@ -PERL = @PERL@ -CRYPTLIB = @CRYPTLIB@ -REGEXLIB = @REGEXLIB@ -PTHREADLIB = @PTHREADLIB@ -SNMPLIB = @SNMPLIB@ -MALLOCLIB = @LIB_MALLOC@ -AC_CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ -XTRA_LIBS = @XTRA_LIBS@ -XTRA_OBJS = @XTRA_OBJS@ -MV = @MV@ -RM = @RM@ -SHELL = /bin/sh -DEFINES = - -INCLUDE = -I. -I../../include -I$(top_srcdir)/include -CFLAGS = $(AC_CFLAGS) $(INCLUDE) $(DEFINES) -AUTH_LIBS = $(XTRA_LIBS) - -LIBPROGS = $(AUTH_EXE) -OBJS = md4.o rfcnb-io.o rfcnb-util.o session.o msntauth.o \ - smbdes.o smbencrypt.o smblib-util.o smblib.o \ - valid.o denyusers.o allowusers.o confload.o - -all: $(AUTH_EXE) - -$(AUTH_EXE): $(OBJS) - $(CC) $(LDFLAGS) $(OBJS) -o $@ $(AUTH_LIBS) - -install-mkdirs: - -@if test ! -d $(prefix); then \ - echo "mkdir $(prefix)"; \ - mkdir $(prefix); \ - fi - -@if test ! -d $(libexecdir); then \ - echo "mkdir $(libexecdir)"; \ - mkdir $(libexecdir); \ - fi - -# Michael Lupp wants to know about additions -# to the install target. -install: all install-mkdirs - @for f in $(LIBPROGS); do \ - if test -f $(libexecdir)/$$f; then \ - echo $(MV) $(libexecdir)/$$f $(libexecdir)/-$$f; \ - $(MV) $(libexecdir)/$$f $(libexecdir)/-$$f; \ - fi; \ - echo $(INSTALL_BIN) $$f $(libexecdir); \ - $(INSTALL_BIN) $$f $(libexecdir); \ - if test -f $(libexecdir)/-$$f; then \ - echo $(RM) -f $(libexecdir)/-$$f; \ - $(RM) -f $(libexecdir)/-$$f; \ - fi; \ - done - -clean: - -rm -rf *.o *.a *pure_* core $(LIBPROGS) - -distclean: clean - -rm -f Makefile - -tags: - ctags *.[ch] - -depend: - $(MAKEDEPEND) -fMakefile *.c --- squid/auth_modules/MSNT/README.html Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,317 +0,0 @@ - - -MSNTAUTH readme - - - - - -

-MSNT Auth v2.0.1
-Squid web proxy Authentication module
-Antonino Iannella, Stellar-X Pty Ltd
-Fri Sep 29 15:53:33 CST 2000 -

- -

Contents

- - - -

Introduction

- -

-This is an authentication module for the Squid proxy server -to authenticate users on an NT domain. - -

-It originates from the Samba and SMB packages by Andrew Tridgell -and Richard Sharpe. This version is sourced from the Pike -authentication module by William Welliver (hwellive@intersil.com). - -

-Usage is simple. It accepts a username and password on standard input -and will return OK if the username/password is valid for the domain, -or ERR if there was some problem. -Check syslog messages for reported problems. - -

-Msntauth is released under the GNU General Public License and -is available from http://stellarx.tripod.com. - -

Installation

- -

-Make any changes to the source code you need. - -

-Type 'make', then 'make install', then 'make clean'. - -

-To avoid using the makefile, it may compile with - - gcc -O2 -s -o msntauth *.c - -

-'Make install' will put 'msntauth' into -/usr/local/squid/bin by default. - -

-Hopefully nobody has problems compiling msntauth. -In the future I plan to use GNU automake. - -

Other compiling issues

- -

-The Makefile uses the GCC compiler, and assumes that it is in the current PATH. -Msntauth is known to compile properly on Redhat Linux 6, and FreeBSD 3.1 -without problems. Other operating systems are untested, -but use a recent copy of the GNU C compiler. -Smbencrypt.c has the '#include ' line commented out. -Remove the comment for S5R4 systems, like Solaris. - -

-When compiling under Solaris, the socket libraries must be linked to. -In the Makefile, hash the default CFLAGS line, and unhash the Solaris -CFLAGS line. It always helps to have /usr/ccs/bin in your path -prior to compiling. - -

Configuration file

- -

-Msntauth uses a configuration file which is a break from previous -releases. The file is /usr/local/squid/etc/msntauth.conf. -If this needs to be changed, it is defined in confload.h. - -

-An example configuration file is provided. It looks like - -

-# Sample MSNT authenticator configuration file
-# Antonino Iannella, Stellar-X Pty Ltd
-# Tue Sep 26 17:26:59 CST 2000
-
-server my_PDC           my_BDC          my_NTdomain
-server other_PDC        other_BDC       otherdomain
-
-denyusers       /usr/local/squid/etc/denyusers
-allowusers      /usr/local/squid/etc/allowusers
-
- -

-All comments start with '#'. - -

-NT servers are used to query user accounts. The 'server' lines -are used for this, with the PDC, BDC, and NT domain as parameters. -Up to 5 servers/domains can be queried. If this is not enough -modify the MAXSERVERS define in confload.h. -At least one server must be specified, or msntauth will not -run. - -

-When a user provides a username/password, each of these -servers will be queried to authenticate the username. -It stops after a user has been successfully authenticated, -so it makes sense to specify the most commonly queried -server first. Make sure the servers can be reached and -are active, or else msntauth will start failing user accounts! - -

-The 'denyusers' and 'allowusers' lines give the absolute path -to files of user accounts. They can be used to deny or allow -access to the proxy. Do not use these directives if you -do not need these features. - -

Denying users

- -

-Users who are not allowed to access the web proxy can be added to -the denied user list. This list is read around every minute, or when -the msntauth process receives a SIGHUP signal. - -

-The denied user file is set using the 'denyusers' directive -in msntauth.h. The denied user file -contains a list of usernames in no particular structure or form. -If the file does not exist, no users are denied. -The file must be readable by the web proxy user. - -

-Msntauth will send syslog messages if a user was denied, -at LOG_USER facility. - -

Allowing users

- -

-Similar to denying users, you can allow users to access the proxy -by username. This is useful if only a number of people are -allowed supposed to be accessing a proxy. - -

-The allowed user file is set using the 'allowusers' directive -in msntauth.h. -If the file does not exist or if empty, all users are allowed. - -

-You could make use of the SHOWMBRS tool in Microsoft Technet. -This gives you a list of users which are in a particular -NT Domain Group. This list can be made into the allowed users -file. - -

-Some other rules - - -

    -
  1. The operation of the denied user file is independent of the -allowed user file. The former file is checked first. -
  2. You can use none, one, or both files. -
  3. If a username appears in the denied user file, they will -be denied, even if they are in the allowed user file. -
  4. If a username is not in either file, they will be denied, -because they have not been allowed. -
  5. If the allowed user file is in use and is empty, all -users will be allowed. -
- -

-Hopefully this wasn't too confusing. - -

Squid.conf changes

- -

-Refer to Squid documentation for the required changes to squid.conf. -You will need to set the following lines to enable authentication for -your access list - - -

-  acl  proxy_auth REQUIRED
-  http_access allow password
-  http_access allow 
-  http_access deny all
-
-
- -

-You will also need to review the following directives - - -

-  proxy_auth_realm enterprise web gateway
-  authenticate_program /usr/local/squid/bin/msntauth
-  authenticate_ttl 5
-  authenticate_children 20
-
- -

Testing

- -

-I strongly urge that Msntauth is tested prior to being used in a -production environment. It may behave differently on different platforms. -To test it, run it from the command line. Enter username and password -pairs separated by a space. - -

-It should behave in the following way - -

- - Press ENTER to get an OK or ERR message.
- - Make sure pressing CTRL-D behaves the same as a carriage return.
- - Make sure pressing CTRL-C aborts the program.
- - Test that entering no details does not result in an OK or ERR message.
- - Test that entering an invalid username and password results in
-   an ERR message. Note that if NT guest user access is allowed on
-   the PDC, an OK message may be returned instead of ERR.
- - Test that entering an valid username and password results in an OK message.
-   Try usernames which are and aren't in the denied/allowed user files,
-   if they're in use.
- - Test that entering a guest username and password returns the correct response.
-
- -

-If the above didn't work as expected, you may need to modify the main() -function in msntauth.c. Inform the maintainer of any problems. - -

Contact details

- -

-To contact the maintainer of this package, email Antonino Iannella -at antonino@usa.net, antonino.iannella@usa.net, or -antonino.iannella@camtech.com.au. - -

-The latest version may be found on http://members.tripod.com/stellarx. -It is also distributed as part of Squid. - -

Reported problem

- -

-For an unknown username, Msntauth returns OK. -This is because the PDC returns guest access for unknown users, -even if guest access is disabled. -This problem was reported by Mr Vadim Popov (vap@iilsr.minsk.by). -I am not able to replicate this. - -

-The tested environment consisted of PDC on Windows NT 4, SP 6. -Squid 2.3 and Msntauth was tested on SuSe, RedHat, and Debian Linux. -A fix was provided in case you have this problem. -Apply the provided patch before compiling, using - -

-  patch smblib.c < smblib.c.patch
-
- -

Known limitation

- -

-Usernames are checked if they are allowed or denied. If a username -is found as a substring of a different username in these files, -the user will be affected somehow. For example, if 'jpeterman' has -been explicitly denied in the denyusers file, then 'jpeter' who -is trying to use the proxy, will be denied. If this causes anyone -any problems, then I'll fix it. - -

-As of version 2.0.1, this problem has been fixed. - -

Changes since last revision

- -

-The following list of changes have been made to improve msntauth. -I have not had a chance to do too much testing due -to lack of resources. There should be no problems, though. - -

    -
  • Added many patches from Duane Wessels to stop compilation errors (?) -
  • Improved the main() function yet again -
  • Created a more informative Makefile -
  • Added an 'allowed users' feature to complement the 'denied users' feature -
  • Stopped the use of alarm() which was causing problems under Solaris -
  • Added more syslog messages for authentication problems -
  • Added the use of a configuration file, instead of hard-coding NT server details -
  • Allowed for querying multiple NT servers and domains (this was a hot issue) -
  • Changed README into an HTML document to improve readability -
  • Didn't make use of GNU autoconf. I will in future, I promise. -
  • Removed denied/allowed username substring search limitation. -
- -

-Hopefully msntauth and Squid is now a more valuable product. -Feel free to send me success or problem stories. - - - --- squid/auth_modules/MSNT/allowusers.c Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,210 +0,0 @@ - -/* - allowusers.c - (C) 2000 Antonino Iannella, Stellar-X Pty Ltd - Released under GPL, see COPYING-2.0 for details. - - These routines are to allow users attempting to use the proxy which - have been explicitly allowed by the system administrator. - The code originated from denyusers.c. -*/ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define NAMELEN 50 /* Maximum username length */ - -/* Global variables */ - -char *AllowedUsers; /* Pointer to string of allowed users */ -off_t AllowUserSize; /* Size of allowed users file */ -struct stat FileBuf; /* Stat data buffer */ -time_t LastModTime; /* Last allowed user file modification time */ - -char Allowuserpath[MAXPATHLEN]; /* MAXPATHLEN defined in param.h */ - -/* Function declarations */ - -int Read_allowusers(); -int Check_ifuserallowed(char *); -void Checkforchange(); -void Checktimer(); - -/* - Reads the allowed users file for all users to be permitted. - Returns 0 if the user list was successfully loaded, - and 1 in case of error. - Logs any messages to the syslog daemon. -*/ - -int Read_allowusers() -{ - FILE *AFile; /* Allowed users file pointer */ - off_t APos = 0; /* File counter */ - char AChar; /* Character buffer */ - - /* Stat the file. If it does not exist, save the size as zero. - Clear the allowed user string. Return. */ - if (stat(Allowuserpath, &FileBuf) == -1) - { - if (errno == ENOENT) - { - LastModTime = (time_t) 0; - AllowUserSize = 0; - free(AllowedUsers); - AllowedUsers = malloc(sizeof(char)); - AllowedUsers[0] = '\0'; - return 0; - } - else - { - syslog(LOG_USER | LOG_ERR, strerror(errno)); - return 1; - } - } - - /* If it exists, save the modification time and size */ - LastModTime = FileBuf.st_mtime; - AllowUserSize = FileBuf.st_size; - - /* Handle the special case of a zero length file */ - if (AllowUserSize == 0) - { - free(AllowedUsers); - AllowedUsers = malloc(sizeof(char)); - AllowedUsers[0] = '\0'; - return 0; - } - - /* Free and allocate space for a string to store the allowed usernames */ - free(AllowedUsers); - - if ((AllowedUsers = malloc(sizeof(char) * (AllowUserSize + 3))) == NULL) - { - syslog(LOG_USER | LOG_ERR, "Read_allowusers: malloc(AllowedUsers) failed."); - return 1; - } - - /* Open the allowed users file. Report any errors. */ - - if ((AFile = fopen(Allowuserpath, "r")) == NULL) - { - syslog(LOG_USER | LOG_ERR, "Read_allowusers: Failed to open allowed user file."); - syslog(LOG_USER | LOG_ERR, strerror(errno)); - return 1; - } - - /* Read user names into the AllowedUsers string. - Make sure each string is delimited by a space. */ - - AllowedUsers[APos++] = ' '; - - while (!feof(AFile)) - { - if ((AChar = fgetc(AFile)) == EOF) - break; - else - { - if (isspace(AChar)) - AllowedUsers[APos++] = ' '; - else - AllowedUsers[APos++] = toupper(AChar); - } - } - - AllowedUsers[APos++] = ' '; - AllowedUsers[APos] = '\0'; - fclose(AFile); - return 0; -} - -/* - Check to see if the username provided by Squid appears in the allowed - user list. Returns 0 if the user was not found, and 1 if they were. -*/ - -int Check_ifuserallowed(char *ConnectingUser) -{ - static char CUBuf[NAMELEN + 1]; - static int x; - static char AllowMsg[256]; - - /* If user string is empty, allow */ - if (ConnectingUser[0] == '\0') - return 1; - - /* If allowed user list is empty, allow all users. - If no users are supposed to be using the proxy, stop squid instead. */ - if (AllowUserSize == 0) - return 1; - - /* Check if username string is found in the allowed user list. - If so, allow. If not, deny. Reconstruct the username - to have whitespace, to avoid finding wrong string subsets. */ - - sscanf(ConnectingUser, " %s ", CUBuf); - sprintf(CUBuf, " %s ", CUBuf); - - for (x = 0; x <= strlen(CUBuf); x++) - CUBuf[x] = toupper(CUBuf[x]); - - if (strstr(AllowedUsers, CUBuf) != NULL) - return 1; - else /* If NULL, they are not allowed to use the proxy */ - { - sprintf(AllowMsg, "Denied access to user '%s'.", CUBuf); - syslog(LOG_USER | LOG_ERR, AllowMsg); - return 0; - } -} - -/* - Checks if there has been a change in the allowed users file. - If the modification time has changed, then reload the allowed user list. - This function is called by the SIGHUP signal handler. -*/ - -void Check_forallowchange() -{ - struct stat ChkBuf; /* Stat data buffer */ - - /* Stat the allowed users file. If it cannot be accessed, return. */ - - if (stat(Allowuserpath, &ChkBuf) == -1) - { - if (errno == ENOENT) - { - LastModTime = (time_t) 0; - AllowUserSize = 0; - free(AllowedUsers); - AllowedUsers = malloc(sizeof(char)); - AllowedUsers[0] = '\0'; - return; - } - else /* Report error when accessing file */ - { - syslog(LOG_USER | LOG_ERR, strerror(errno)); - return; - } - } - - /* If found, compare the modification time with the previously-recorded - modification time. - If the modification time has changed, reload the allowed user list. - Log a message of its actions. */ - - if (ChkBuf.st_mtime != LastModTime) - { - syslog(LOG_USER | LOG_INFO, "Check_forallowchange: Reloading allowed user list."); - Read_allowusers(); - } -} - --- squid/auth_modules/MSNT/byteorder.h Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,87 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - SMB Byte handling - Copyright (C) Andrew Tridgell 1992-1995 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _BYTEORDER_H_ -#define _BYTEORDER_H_ - -/* - This file implements macros for machine independent short and - int manipulation -*/ - -#undef CAREFUL_ALIGNMENT - -/* we know that the 386 can handle misalignment and has the "right" - byteorder */ -#ifdef __i386__ -#define CAREFUL_ALIGNMENT 0 -#endif - -#ifndef CAREFUL_ALIGNMENT -#define CAREFUL_ALIGNMENT 1 -#endif - -#define CVAL(buf,pos) (((unsigned char *)(buf))[pos]) -#define PVAL(buf,pos) ((unsigned)CVAL(buf,pos)) -#define SCVAL(buf,pos,val) (CVAL(buf,pos) = (val)) - -typedef unsigned short uint16; -typedef unsigned int uint32; - -#if CAREFUL_ALIGNMENT -#define SVAL(buf,pos) (PVAL(buf,pos)|PVAL(buf,(pos)+1)<<8) -#define IVAL(buf,pos) (SVAL(buf,pos)|SVAL(buf,(pos)+2)<<16) -#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8) -#define SIVALX(buf,pos,val) (SSVALX(buf,pos,val&0xFFFF),SSVALX(buf,pos+2,val>>16)) -#define SVALS(buf,pos) ((int16)SVAL(buf,pos)) -#define IVALS(buf,pos) ((int32)IVAL(buf,pos)) -#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((uint16)(val))) -#define SIVAL(buf,pos,val) SIVALX((buf),(pos),((uint32)(val))) -#define SSVALS(buf,pos,val) SSVALX((buf),(pos),((int16)(val))) -#define SIVALS(buf,pos,val) SIVALX((buf),(pos),((int32)(val))) -#else -/* this handles things for architectures like the 386 that can handle - alignment errors */ -/* - WARNING: This section is dependent on the length of int16 and int32 - being correct -*/ -#define SVAL(buf,pos) (*(uint16 *)((char *)(buf) + (pos))) -#define IVAL(buf,pos) (*(uint32 *)((char *)(buf) + (pos))) -#define SVALS(buf,pos) (*(int16 *)((char *)(buf) + (pos))) -#define IVALS(buf,pos) (*(int32 *)((char *)(buf) + (pos))) -#define SSVAL(buf,pos,val) SVAL(buf,pos)=((uint16)(val)) -#define SIVAL(buf,pos,val) IVAL(buf,pos)=((uint32)(val)) -#define SSVALS(buf,pos,val) SVALS(buf,pos)=((int16)(val)) -#define SIVALS(buf,pos,val) IVALS(buf,pos)=((int32)(val)) -#endif - - -/* now the reverse routines - these are used in nmb packets (mostly) */ -#define SREV(x) ((((x)&0xFF)<<8) | (((x)>>8)&0xFF)) -#define IREV(x) ((SREV(x)<<16) | (SREV((x)>>16))) - -#define RSVAL(buf,pos) SREV(SVAL(buf,pos)) -#define RIVAL(buf,pos) IREV(IVAL(buf,pos)) -#define RSSVAL(buf,pos,val) SSVAL(buf,pos,SREV(val)) -#define RSIVAL(buf,pos,val) SIVAL(buf,pos,IREV(val)) - -#endif /* _BYTEORDER_H_ */ --- squid/auth_modules/MSNT/confload.c Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,250 +0,0 @@ - -/* - confload.c - (C) 2000 Antonino Iannella, Stellar-X Pty Ltd - Released under GPL, see COPYING-2.0 for details. - - These routines load the msntauth configuration file. - It stores the servers to query, sets the denied and - allowed user files, and provides the - authenticating function. -*/ - -#include -#include -#include -#include -#include -#include - -#define CONFIGFILE "/usr/local/squid/etc/msntauth.conf" /* Path to configuration file */ -#define DENYUSERSDEFAULT "/usr/local/squid/etc/denyusers" -#define ALLOWUSERSDEFAULT "/usr/local/squid/etc/allowusers" - -#define MAXSERVERS 5 /* Maximum number of servers to query. This number can be increased. */ -#define NTHOSTLEN 65 - -extern char Denyuserpath[MAXPATHLEN]; /* MAXPATHLEN defined in param.h */ -extern char Allowuserpath[MAXPATHLEN]; - -typedef struct _ServerTuple -{ - char pdc[NTHOSTLEN]; - char bdc[NTHOSTLEN]; - char domain[NTHOSTLEN]; -} ServerTuple; - -ServerTuple ServerArray[MAXSERVERS]; /* Array of servers to query */ -int Serversqueried = 0; /* Number of servers queried */ - -/* Declarations */ - -int OpenConfigFile(); -void ProcessLine(char *); -void AddServer(char *, char *, char *); -int QueryServers(char *, char *); -int QueryServerForUser(int, char *, char *); -extern int Valid_User(char *,char *,char *,char *, char *); - - -/* - Opens and reads the configuration file. - Returns 0 on success, or 1 for error. -*/ - -int OpenConfigFile() -{ - FILE *ConfigFile; - char Confbuf[2049]; /* Line reading buffer */ - - /* Initialise defaults */ - - Serversqueried = 0; - strcpy(Denyuserpath, DENYUSERSDEFAULT); - strcpy(Allowuserpath, ALLOWUSERSDEFAULT); - - /* Open file */ - if ((ConfigFile = fopen(CONFIGFILE, "r")) == NULL) - { - syslog(LOG_USER | LOG_ERR, "OpenConfigFile: Failed to open %s.", CONFIGFILE); - syslog(LOG_USER | LOG_ERR, strerror(errno)); - return 1; - } - - /* Read in, one line at a time */ - - while (!feof(ConfigFile)) - { - Confbuf[0] = '\0'; - fgets(Confbuf, 2049, ConfigFile); - ProcessLine(Confbuf); - } - - /* Check that at least one server is being queried. Report error if not. - Denied and allowed user files are hardcoded, so it's fine if they're - not set in the confugration file. */ - - if (Serversqueried == 0) - { - syslog(LOG_USER | LOG_ERR, "OpenConfigFile: No servers set in %s. At least one is needed.", CONFIGFILE); - return 1; - } - - fclose(ConfigFile); - return 0; -} - -/* Parses a configuration file line. */ - -void ProcessLine(char *Linebuf) -{ - char *Directive; - char *Param1; - char *Param2; - char *Param3; - - /* Ignore empty lines */ - if (strlen(Linebuf) == 0) - return; - - /* Break up on whitespaces */ - if ((Directive = strtok(Linebuf, " \t\n")) == NULL) - return; - - /* Check for a comment line. If found, stop . */ - if (Directive[0] == '#') - return; - - /* Check for server line. Check for 3 parameters. */ - if (strcasecmp(Directive, "server") == 0) - { - Param1 = strtok(NULL, " \t\n"); - Param2 = strtok(NULL, " \t\n"); - Param3 = strtok(NULL, " \t\n"); - - if ((Param1[0] == '\0') || - (Param2[0] == '\0') || - (Param3[0] == '\0')) - { - syslog(LOG_USER | LOG_ERR, "ProcessLine: A 'server' line needs PDC, BDC, and domain parameters."); - return; - } - - AddServer(Param1, Param2, Param3); - return; - } - - /* Check for denyusers line */ - if (strcasecmp(Directive, "denyusers") == 0) - { - Param1 = strtok(NULL, " \t\n"); - - if (Param1[0] == '\0') - { - syslog(LOG_USER | LOG_ERR, "ProcessLine: A 'denyusers' line needs a filename parameter."); - return; - } - - strcpy(Denyuserpath, Param1); - return; - } - - /* Check for allowusers line */ - if (strcasecmp(Directive, "allowusers") == 0) - { - Param1 = strtok(NULL, " \t\n"); - - if (Param1[0] == '\0') - { - syslog(LOG_USER | LOG_ERR, "ProcessLine: An 'allowusers' line needs a filename parameter."); - return; - } - - strcpy(Allowuserpath, Param1); - return; - } - - /* Reports error for unknown line */ - syslog(LOG_USER | LOG_ERR, "ProcessLine: Ignoring '%s' line.", Directive); -} - -/* - Adds a server to query to the server array. - Checks if the number of servers to query is not exceeded. - Does not allow parameters longer than NTHOSTLEN. -*/ - -void AddServer(char *ParamPDC, char *ParamBDC, char *ParamDomain) -{ - if (Serversqueried + 1 > MAXSERVERS) - { - syslog(LOG_USER | LOG_ERR, "ProcessLine: Ignoring '%s' server line; too many servers.", ParamPDC); - return; - } - - Serversqueried++; - strncpy(ServerArray[Serversqueried].pdc, ParamPDC, NTHOSTLEN); - strncpy(ServerArray[Serversqueried].bdc, ParamBDC, NTHOSTLEN); - strncpy(ServerArray[Serversqueried].domain, ParamDomain, NTHOSTLEN); - ServerArray[Serversqueried].pdc[NTHOSTLEN - 1] = '\0'; - ServerArray[Serversqueried].bdc[NTHOSTLEN - 1] = '\0'; - ServerArray[Serversqueried].domain[NTHOSTLEN - 1] = '\0'; -} - -/* - Cycles through all servers to query. - Returns 0 if one server could authenticate the user. - Returns 1 if no server authenticated the user. -*/ - -int QueryServers(char *username, char *password) -{ - int Queryresult = 1; /* Default result is an error */ - int x = 1; - - while (x <= Serversqueried) - { /* Query one server. Change Queryresult if user passed. */ - if (QueryServerForUser(x++, username, password) == 0) - { - Queryresult = 0; - break; - } - } - - return Queryresult; -} - -/* - Attempts to authenticate the user with one server. - Logs syslog messages for different errors. - Returns 0 on success, non-zero on failure. -*/ - -int QueryServerForUser(int x, char *username, char *password) -{ - int result = 1; - - result = Valid_User(username, password, ServerArray[x].pdc, - ServerArray[x].bdc, ServerArray[x].domain); - - switch (result) /* Write any helpful syslog messages */ - { - case 0 : break; - case 1 : syslog(LOG_AUTHPRIV | LOG_INFO, "Server error when checking %s.", username); - break; - case 2 : syslog(LOG_AUTHPRIV | LOG_INFO, "Protocol error when checking %s.", username); - break; - case 3 : syslog(LOG_AUTHPRIV | LOG_INFO, "Authentication failed for %s.", username); - } - - return result; -} - -/* Valid_User return codes - - - 0 - User authenticated successfully. - 1 - Server error. - 2 - Protocol error. - 3 - Logon error; Incorrect password or username given. -*/ - --- squid/auth_modules/MSNT/denyusers.c Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,249 +0,0 @@ - -/* - * denyusers.c - * (C) 2000 Antonino Iannella, Stellar-X Pty Ltd - * Released under GPL, see COPYING-2.0 for details. - * - * These routines are to block users attempting to use the proxy which - * have been explicitly denied by the system administrator. - * Routines at the bottom also use the allowed user functions. - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define NAMELEN 50 /* Maximum username length */ - -/* Global variables */ - -char *DeniedUsers; /* Pointer to string of denied users */ -off_t DenyUserSize; /* Size of denied user file */ -struct stat FileBuf; /* Stat data buffer */ -time_t LastModTime; /* Last denied user file modification time */ - -char Denyuserpath[MAXPATHLEN]; /* MAXPATHLEN defined in param.h */ - -/* Function declarations */ - -int Read_denyusers(); -int Check_ifuserdenied(char *); -int Check_user(char *); -void Checktimer(); -void Check_forchange(); -void Check_fordenychange(); -extern void Check_forallowchange(); /* For allowed users */ -extern int Check_ifuserallowed(char *); - -/* - * Reads Denyuserpath for all users to be excluded. - * Returns 0 if the user list was successfully loaded, - * and 1 in case of error. - * Logs any messages to the syslog daemon. - */ - -int -Read_denyusers() -{ - FILE *DFile; /* Denied user file pointer */ - off_t DPos = 0; /* File counter */ - char DChar; /* Character buffer */ - - /* Stat the file. If it does not exist, save the size as zero. - * Clear the denied user string. Return. */ - if (stat(Denyuserpath, &FileBuf) == -1) { - if (errno == ENOENT) { - LastModTime = (time_t) 0; - DenyUserSize = 0; - free(DeniedUsers); - DeniedUsers = malloc(sizeof(char)); - DeniedUsers[0] = '\0'; - return 0; - } else { - syslog(LOG_USER | LOG_ERR, strerror(errno)); - return 1; - } - } - /* If it exists, save the modification time and size */ - LastModTime = FileBuf.st_mtime; - DenyUserSize = FileBuf.st_size; - - /* Handle the special case of a zero length file */ - if (DenyUserSize == 0) { - free(DeniedUsers); - DeniedUsers = malloc(sizeof(char)); - DeniedUsers[0] = '\0'; - return 0; - } - /* Free and allocate space for a string to store the denied usernames */ - free(DeniedUsers); - - if ((DeniedUsers = malloc(sizeof(char) * (DenyUserSize + 3))) == NULL) { - syslog(LOG_USER | LOG_ERR, "Read_denyusers: malloc(DeniedUsers) failed."); - return 1; - } - /* Open the denied user file. Report any errors. */ - - if ((DFile = fopen(Denyuserpath, "r")) == NULL) { - syslog(LOG_USER | LOG_ERR, "Read_denyusers: Failed to open denied user file."); - syslog(LOG_USER | LOG_ERR, strerror(errno)); - return 1; - } - /* Read user names into the DeniedUsers string. - * Make sure each string is delimited by a space. */ - - DeniedUsers[DPos++] = ' '; - - while (!feof(DFile)) { - if ((DChar = fgetc(DFile)) == EOF) - break; - else { - if (isspace(DChar)) - DeniedUsers[DPos++] = ' '; - else - DeniedUsers[DPos++] = toupper(DChar); - } - } - - DeniedUsers[DPos++] = ' '; - DeniedUsers[DPos] = '\0'; - fclose(DFile); - return 0; -} - -/* - * Check to see if the username provided by Squid appears in the denied - * user list. Returns 0 if the user was not found, and 1 if they were. - */ - -int -Check_ifuserdenied(char *ConnectingUser) -{ - static char CUBuf[NAMELEN + 1]; - static int x; - static char DenyMsg[256]; - - /* If user string is empty, deny */ - if (ConnectingUser[0] == '\0') - return 1; - - /* If denied user list is empty, allow */ - if (DenyUserSize == 0) - return 0; - - /* Check if username string is found in the denied user list. - * If so, deny. If not, allow. Reconstruct the username - * to have whitespace, to avoid finding wrong string subsets. */ - - sscanf(ConnectingUser, " %s ", CUBuf); - sprintf(CUBuf, " %s ", CUBuf); - - for (x = 0; x <= strlen(CUBuf); x++) - CUBuf[x] = toupper(CUBuf[x]); - - if (strstr(DeniedUsers, CUBuf) == NULL) - return 0; - else { - sprintf(DenyMsg, "Denied access to user '%s'.", CUBuf); - syslog(LOG_USER | LOG_ERR, DenyMsg); - return 1; - } -} - -/* - * Checks if there has been a change in the denied user file. - * If the modification time has changed, then reload the denied user list. - * This function is called by the SIGHUP signal handler. - */ - -void -Check_fordenychange() -{ - struct stat ChkBuf; /* Stat data buffer */ - - /* Stat the denied user file. If it cannot be accessed, return. */ - - if (stat(Denyuserpath, &ChkBuf) == -1) { - if (errno == ENOENT) { - LastModTime = (time_t) 0; - DenyUserSize = 0; - free(DeniedUsers); - DeniedUsers = malloc(sizeof(char)); - DeniedUsers[0] = '\0'; - return; - } else { /* Report error when accessing file */ - syslog(LOG_USER | LOG_ERR, strerror(errno)); - return; - } - } - /* If found, compare the modification time with the previously-recorded - * modification time. - * If the modification time has changed, reload the denied user list. - * Log a message of its actions. */ - - if (ChkBuf.st_mtime != LastModTime) { - syslog(LOG_USER | LOG_INFO, "Check_fordenychange: Reloading denied user list."); - Read_denyusers(); - } -} - -/* - * Decides if a user is denied or allowed. - * If they have been denied, or not allowed, return 1. - * Else return 0. - */ - -int -Check_user(char *ConnectingUser) -{ - if (Check_ifuserdenied(ConnectingUser) == 1) - return 1; - - if (Check_ifuserallowed(ConnectingUser) == 0) - return 1; - - return 0; -} - -/* - * Checks the denied and allowed user files for change. - * This function is invoked when a SIGHUP signal is received. - * It is also run after every 60 seconds, at the next request. - */ - -void -Check_forchange() -{ - Check_fordenychange(); - Check_forallowchange(); -} - -/* - * Checks the timer. If longer than 1 minute has passed since the last - * time someone has accessed the proxy, then check for changes in the - * denied user file. If longer than one minute hasn't passed, return. - */ - -void -Checktimer() -{ - static time_t Lasttime; /* The last time the timer was checked */ - static time_t Currenttime; /* The current time */ - - Currenttime = time(NULL); - - /* If timeout has expired, check the denied user file, else return */ - if (difftime(Currenttime, Lasttime) < 60) - return; - else { - Check_forchange(); - Lasttime = Currenttime; - } -} --- squid/auth_modules/MSNT/md4.c Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,171 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - a implementation of MD4 designed for use in the SMB authentication protocol - Copyright (C) Andrew Tridgell 1997 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - - -/* NOTE: This code makes no attempt to be fast! - - It assumes that a int is at least 32 bits long -*/ - -typedef unsigned int uint32; - -static uint32 A, B, C, D; - -static uint32 F(uint32 X, uint32 Y, uint32 Z) -{ - return (X&Y) | ((~X)&Z); -} - -static uint32 G(uint32 X, uint32 Y, uint32 Z) -{ - return (X&Y) | (X&Z) | (Y&Z); -} - -static uint32 H(uint32 X, uint32 Y, uint32 Z) -{ - return X^Y^Z; -} - -static uint32 lshift(uint32 x, int s) -{ - x &= 0xFFFFFFFF; - return ((x<>(32-s)); -} - -#define ROUND1(a,b,c,d,k,s) a = lshift(a + F(b,c,d) + X[k], s) -#define ROUND2(a,b,c,d,k,s) a = lshift(a + G(b,c,d) + X[k] + (uint32)0x5A827999,s) -#define ROUND3(a,b,c,d,k,s) a = lshift(a + H(b,c,d) + X[k] + (uint32)0x6ED9EBA1,s) - -/* this applies md4 to 64 byte chunks */ -static void mdfour64(uint32 *M) -{ - int j; - uint32 AA, BB, CC, DD; - uint32 X[16]; - - for (j=0;j<16;j++) - X[j] = M[j]; - - AA = A; BB = B; CC = C; DD = D; - - ROUND1(A,B,C,D, 0, 3); ROUND1(D,A,B,C, 1, 7); - ROUND1(C,D,A,B, 2, 11); ROUND1(B,C,D,A, 3, 19); - ROUND1(A,B,C,D, 4, 3); ROUND1(D,A,B,C, 5, 7); - ROUND1(C,D,A,B, 6, 11); ROUND1(B,C,D,A, 7, 19); - ROUND1(A,B,C,D, 8, 3); ROUND1(D,A,B,C, 9, 7); - ROUND1(C,D,A,B, 10, 11); ROUND1(B,C,D,A, 11, 19); - ROUND1(A,B,C,D, 12, 3); ROUND1(D,A,B,C, 13, 7); - ROUND1(C,D,A,B, 14, 11); ROUND1(B,C,D,A, 15, 19); - - ROUND2(A,B,C,D, 0, 3); ROUND2(D,A,B,C, 4, 5); - ROUND2(C,D,A,B, 8, 9); ROUND2(B,C,D,A, 12, 13); - ROUND2(A,B,C,D, 1, 3); ROUND2(D,A,B,C, 5, 5); - ROUND2(C,D,A,B, 9, 9); ROUND2(B,C,D,A, 13, 13); - ROUND2(A,B,C,D, 2, 3); ROUND2(D,A,B,C, 6, 5); - ROUND2(C,D,A,B, 10, 9); ROUND2(B,C,D,A, 14, 13); - ROUND2(A,B,C,D, 3, 3); ROUND2(D,A,B,C, 7, 5); - ROUND2(C,D,A,B, 11, 9); ROUND2(B,C,D,A, 15, 13); - - ROUND3(A,B,C,D, 0, 3); ROUND3(D,A,B,C, 8, 9); - ROUND3(C,D,A,B, 4, 11); ROUND3(B,C,D,A, 12, 15); - ROUND3(A,B,C,D, 2, 3); ROUND3(D,A,B,C, 10, 9); - ROUND3(C,D,A,B, 6, 11); ROUND3(B,C,D,A, 14, 15); - ROUND3(A,B,C,D, 1, 3); ROUND3(D,A,B,C, 9, 9); - ROUND3(C,D,A,B, 5, 11); ROUND3(B,C,D,A, 13, 15); - ROUND3(A,B,C,D, 3, 3); ROUND3(D,A,B,C, 11, 9); - ROUND3(C,D,A,B, 7, 11); ROUND3(B,C,D,A, 15, 15); - - A += AA; B += BB; C += CC; D += DD; - - A &= 0xFFFFFFFF; B &= 0xFFFFFFFF; - C &= 0xFFFFFFFF; D &= 0xFFFFFFFF; - - for (j=0;j<16;j++) - X[j] = 0; -} - -static void copy64(uint32 *M, unsigned char *in) -{ - int i; - - for (i=0;i<16;i++) - M[i] = (in[i*4+3]<<24) | (in[i*4+2]<<16) | - (in[i*4+1]<<8) | (in[i*4+0]<<0); -} - -static void copy4(unsigned char *out,uint32 x) -{ - out[0] = x&0xFF; - out[1] = (x>>8)&0xFF; - out[2] = (x>>16)&0xFF; - out[3] = (x>>24)&0xFF; -} - -/* produce a md4 message digest from data of length n bytes */ -void mdfour(unsigned char *out, unsigned char *in, int n) -{ - unsigned char buf[128]; - uint32 M[16]; - uint32 b = n * 8; - int i; - - A = 0x67452301; - B = 0xefcdab89; - C = 0x98badcfe; - D = 0x10325476; - - while (n > 64) { - copy64(M, in); - mdfour64(M); - in += 64; - n -= 64; - } - - for (i=0;i<128;i++) - buf[i] = 0; - memcpy(buf, in, n); - buf[n] = 0x80; - - if (n <= 55) { - copy4(buf+56, b); - copy64(M, buf); - mdfour64(M); - } else { - copy4(buf+120, b); - copy64(M, buf); - mdfour64(M); - copy64(M, buf+64); - mdfour64(M); - } - - for (i=0;i<128;i++) - buf[i] = 0; - copy64(M, buf); - - copy4(out, A); - copy4(out+4, B); - copy4(out+8, C); - copy4(out+12, D); - - A = B = C = D = 0; -} - - --- squid/auth_modules/MSNT/msntauth-v2.0.lsm Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,13 +0,0 @@ -Begin3 -Title: msntauth -Version: 2.0 -Entered-date: 10OCT00 -Description: Squid web proxy NT domain authentication module -Keywords: Squid WWW proxy SMB NT domain authentication module source -Author: antonino.iannella@usa.net (Antonino Iannella) -Maintained-by: antonino.iannella@usa.net (Antonino Iannella) -Primary-site: sunsite.unc.edu /pub/Linux/system/network/misc - msntauth-v2.0.tgz -Original-site: http://stellarx.tripod.com -Copying-policy: GPL -End --- squid/auth_modules/MSNT/msntauth.c Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,121 +0,0 @@ - -/* - MSNT - Microsoft Windows NT domain squid authenticator module - Version 1.2 by Stellar-X Pty Ltd, Antonino Iannella - Fri Sep 22 00:56:05 CST 2000 - - Modified to act as a Squid authenticator module. - Removed all Pike stuff. - Returns OK for a successful authentication, or ERR upon error. - - Uses code from - - Andrew Tridgell 1997 - Richard Sharpe 1996 - Bill Welliver 1999 - Duane Wessels 2000 - - Released under GNU Public License - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include -#include -#include -#include - -extern int OpenConfigFile(); -extern int QueryServers(char *, char *); -extern void Checktimer(); -extern void Check_forchange(); -extern int Read_denyusers(void); -extern int Read_allowusers(void); -extern int Check_user(char *); - -/* Main program for simple authentication. - Reads the denied user file. Sets alarm timer. - Scans and checks for Squid input, and attempts to validate the user. -*/ - -int main() -{ - char username[256]; - char password[256]; - char wstr[256]; - - /* Read configuration file. Abort wildly if error. */ - if (OpenConfigFile() == 1) - return 1; - - /* Read denied and allowed user files. - If they fails, there is a serious problem. - Check syslog messages. Deny all users while in this state. - The msntauth process should then be killed. */ - - if ((Read_denyusers() == 1) || (Read_allowusers() == 1)) - { - while (1) - { - fgets(wstr, 255, stdin); - puts("ERR"); - fflush(stdout); - } - } - - /* Make Check_forchange() the handle for HUP signals. - Don't use alarms any more. I don't think it was very - portable between systems. */ - signal(SIGHUP, Check_forchange); - - while (1) - { - /* Read whole line from standard input. Terminate on break. */ - if (fgets(wstr, 255, stdin) == NULL) - break; - - /* Clear any current settings */ - username[0] = '\0'; - password[0] = '\0'; - sscanf(wstr, "%s %s", username, password); /* Extract parameters */ - - /* Check for invalid or blank entries */ - if ((username[0] == '\0') || (password[0] == '\0')) - { - puts("ERR"); - fflush(stdout); - continue; - } - - Checktimer(); /* Check if the user lists have changed */ - - /* Check if user is explicitly denied or allowed. - If user passes both checks, they can be authenticated. */ - - if (Check_user(username) == 1) - puts("ERR"); - else - { - if (QueryServers(username, password) == 0) - puts("OK"); - else - puts("ERR"); - } - - fflush(stdout); - } - - return 0; -} - --- squid/auth_modules/MSNT/msntauth.conf Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,11 +0,0 @@ - -# Sample MSNT authenticator configuration file -# Antonino Iannella, Stellar-X Pty Ltd -# Tue Sep 26 17:26:59 CST 2000 - -server my_PDC my_BDC my_NTdomain -server other_PDC other_BDC otherdomain - -denyusers /usr/local/squid/etc/denyusers -allowusers /usr/local/squid/etc/allowusers - --- squid/auth_modules/MSNT/rfcnb-common.h Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,40 +0,0 @@ -/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation - - Version 1.0 - RFCNB Common Structures etc Defines - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _RFCNB_COMMON_H_ -#define _RFCNB_COMMON_H_ - -/* A data structure we need */ - -typedef struct RFCNB_Pkt { - - char * data; /* The data in this portion */ - int len; - struct RFCNB_Pkt *next; - -} RFCNB_Pkt; - - -#endif /* _RFCNB_COMMON_H_ */ --- squid/auth_modules/MSNT/rfcnb-error.h Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,57 +0,0 @@ -/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation - - Version 1.0 - RFCNB Error Response Defines - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _RFCNB_ERROR_H_ -#define _RFCNB_ERROR_H_ - -/* Error responses */ - -#define RFCNBE_Bad -1 /* Bad response */ -#define RFCNBE_OK 0 - -/* these should follow the spec ... is there one ?*/ - -#define RFCNBE_NoSpace 1 /* Could not allocate space for a struct */ -#define RFCNBE_BadName 2 /* Could not translate a name */ -#define RFCNBE_BadRead 3 /* Read sys call failed */ -#define RFCNBE_BadWrite 4 /* Write Sys call failed */ -#define RFCNBE_ProtErr 5 /* Protocol Error */ -#define RFCNBE_ConGone 6 /* Connection dropped */ -#define RFCNBE_BadHandle 7 /* Handle passed was bad */ -#define RFCNBE_BadSocket 8 /* Problems creating socket */ -#define RFCNBE_ConnectFailed 9 /* Connect failed */ -#define RFCNBE_CallRejNLOCN 10 /* Call rejected, not listening on CN */ -#define RFCNBE_CallRejNLFCN 11 /* Call rejected, not listening for CN */ -#define RFCNBE_CallRejCNNP 12 /* Call rejected, called name not present */ -#define RFCNBE_CallRejInfRes 13/* Call rejetced, name ok, no resources */ -#define RFCNBE_CallRejUnSpec 14/* Call rejected, unspecified error */ -#define RFCNBE_BadParam 15/* Bad parameters passed ... */ -#define RFCNBE_Timeout 16/* IO Timed out */ - -/* Text strings for the error responses */ - -extern char *RFCNB_Error_Strings[]; - -#endif /* _RFCNB_ERROR_H_ */ --- squid/auth_modules/MSNT/rfcnb-io.c Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,423 +0,0 @@ -/* UNIX RFCNB (RFC1001/RFC1002) NEtBIOS implementation - - Version 1.0 - RFCNB IO Routines ... - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ -/* #include */ -#include "std-includes.h" -#include "rfcnb-priv.h" -#include "rfcnb-util.h" -#include "rfcnb-io.h" -#include -#include - -int RFCNB_Timeout = 0; /* Timeout in seconds ... */ - -void rfcnb_alarm(int sig) - -{ - - fprintf(stderr, "IO Timed out ...\n"); - -} - -/* Set timeout value and setup signal handling */ - -int RFCNB_Set_Timeout(int seconds) - -{ -#ifdef __GLIBC__ - int temp; -#endif - /* If we are on a Bezerkeley system, use sigvec, else sigaction */ -#ifndef SA_RESTART - struct sigvec invec, outvec; -#else - struct sigaction inact, outact; -#endif - - RFCNB_Timeout = seconds; - - if (RFCNB_Timeout > 0) { /* Set up handler to ignore but not restart */ - -#ifndef SA_RESTART - invec.sv_handler = (void (*)())rfcnb_alarm; - invec.sv_mask = 0; - invec.sv_flags = SV_INTERRUPT; - - if (sigvec(SIGALRM, &invec, &outvec) < 0) - return(-1); -#else - inact.sa_handler = (void (*)())rfcnb_alarm; -#ifdef SOLARIS - /* Solaris seems to have an array of vectors ... */ - inact.sa_mask.__sigbits[0] = 0; - inact.sa_mask.__sigbits[1] = 0; - inact.sa_mask.__sigbits[2] = 0; - inact.sa_mask.__sigbits[3] = 0; -#else -#ifdef __GLIBC__ - for (temp = 0 ; temp < 32 ; temp ++) - inact.sa_mask.__val[temp]=0; -#else - inact.sa_mask = 0; -#endif -#endif - inact.sa_flags = 0; /* Don't restart */ - - if (sigaction(SIGALRM, &inact, &outact) < 0) - return(-1); - -#endif - - } - - return(0); - -} - -/* Discard the rest of an incoming packet as we do not have space for it - in the buffer we allocated or were passed ... */ - -int RFCNB_Discard_Rest(struct RFCNB_Con *con, int len) - -{ char temp[100]; /* Read into here */ - int rest, this_read, bytes_read; - - /* len is the amount we should read */ - -#ifdef RFCNB_DEBUG - fprintf(stderr, "Discard_Rest called to discard: %i\n", len); -#endif - - rest = len; - - while (rest > 0) { - - this_read = (rest > sizeof(temp)?sizeof(temp):rest); - - bytes_read = read(con -> fd, temp, this_read); - - if (bytes_read <= 0) { /* Error so return */ - - if (bytes_read < 0) - RFCNB_errno = RFCNBE_BadRead; - else - RFCNB_errno = RFCNBE_ConGone; - - RFCNB_saved_errno = errno; - return(RFCNBE_Bad); - - } - - rest = rest - bytes_read; - - } - - return(0); - -} - - -/* Send an RFCNB packet to the connection. - - We just send each of the blocks linked together ... - - If we can, try to send it as one iovec ... - -*/ - -int RFCNB_Put_Pkt(struct RFCNB_Con *con, struct RFCNB_Pkt *pkt, int len) - -{ int len_sent, tot_sent, this_len; - struct RFCNB_Pkt *pkt_ptr; - char *this_data; - int i; - struct iovec io_list[10]; /* We should never have more */ - /* If we do, this will blow up ...*/ - - /* Try to send the data ... We only send as many bytes as len claims */ - /* We should try to stuff it into an IOVEC and send as one write */ - - - pkt_ptr = pkt; - len_sent = tot_sent = 0; /* Nothing sent so far */ - i = 0; - - while ((pkt_ptr != NULL) & (i < 10)) { /* Watch that magic number! */ - - this_len = pkt_ptr -> len; - this_data = pkt_ptr -> data; - if ((tot_sent + this_len) > len) - this_len = len - tot_sent; /* Adjust so we don't send too much */ - - /* Now plug into the iovec ... */ - - io_list[i].iov_len = this_len; - io_list[i].iov_base = this_data; - i++; - - tot_sent += this_len; - - if (tot_sent == len) break; /* Let's not send too much */ - - pkt_ptr = pkt_ptr -> next; - - } - -#ifdef RFCNB_DEBUG - fprintf(stderr, "Frags = %i, tot_sent = %i\n", i, tot_sent); -#endif - - /* Set up an alarm if timeouts are set ... */ - - if (RFCNB_Timeout > 0) - alarm(RFCNB_Timeout); - - if ((len_sent = writev(con -> fd, io_list, i)) < 0) { /* An error */ - - con -> rfc_errno = errno; - if (errno == EINTR) /* We were interrupted ... */ - RFCNB_errno = RFCNBE_Timeout; - else - RFCNB_errno = RFCNBE_BadWrite; - RFCNB_saved_errno = errno; - return(RFCNBE_Bad); - - } - - if (len_sent < tot_sent) { /* Less than we wanted */ - if (errno == EINTR) /* We were interrupted */ - RFCNB_errno = RFCNBE_Timeout; - else - RFCNB_errno = RFCNBE_BadWrite; - RFCNB_saved_errno = errno; - return(RFCNBE_Bad); - } - - if (RFCNB_Timeout > 0) - alarm(0); /* Reset that sucker */ - -#ifdef RFCNB_DEBUG - - fprintf(stderr, "Len sent = %i ...\n", len_sent); - RFCNB_Print_Pkt(stderr, "sent", pkt, len_sent); /* Print what send ... */ - -#endif - - return(len_sent); - -} - -/* Read an RFCNB packet off the connection. - - We read the first 4 bytes, that tells us the length, then read the - rest. We should implement a timeout, but we don't just yet - -*/ - - -int RFCNB_Get_Pkt(struct RFCNB_Con *con, struct RFCNB_Pkt *pkt, int len) - -{ int read_len, pkt_len; - char hdr[RFCNB_Pkt_Hdr_Len]; /* Local space for the header */ - struct RFCNB_Pkt *pkt_frag; - int more, this_time, offset, frag_len, this_len; - BOOL seen_keep_alive = TRUE; - - /* Read that header straight into the buffer */ - - if (len < RFCNB_Pkt_Hdr_Len) { /* What a bozo */ - -#ifdef RFCNB_DEBUG - fprintf(stderr, "Trying to read less than a packet:"); - perror(""); -#endif - RFCNB_errno = RFCNBE_BadParam; - return(RFCNBE_Bad); - - } - - /* We discard keep alives here ... */ - - if (RFCNB_Timeout > 0) - alarm(RFCNB_Timeout); - - while (seen_keep_alive) { - - if ((read_len = read(con -> fd, hdr, sizeof(hdr))) < 0) { /* Problems */ -#ifdef RFCNB_DEBUG - fprintf(stderr, "Reading the packet, we got:"); - perror(""); -#endif - if (errno == EINTR) - RFCNB_errno = RFCNBE_Timeout; - else - RFCNB_errno = RFCNBE_BadRead; - RFCNB_saved_errno = errno; - return(RFCNBE_Bad); - - } - - /* Now we check out what we got */ - - if (read_len == 0) { /* Connection closed, send back eof? */ - -#ifdef RFCNB_DEBUG - fprintf(stderr, "Connection closed reading\n"); -#endif - - if (errno == EINTR) - RFCNB_errno = RFCNBE_Timeout; - else - RFCNB_errno = RFCNBE_ConGone; - RFCNB_saved_errno = errno; - return(RFCNBE_Bad); - - } - - if (RFCNB_Pkt_Type(hdr) == RFCNB_SESSION_KEEP_ALIVE) { - -#ifdef RFCNB_DEBUG - fprintf(stderr, "RFCNB KEEP ALIVE received\n"); -#endif - - } - else { - seen_keep_alive = FALSE; - } - - } - - /* What if we got less than or equal to a hdr size in bytes? */ - - if (read_len < sizeof(hdr)) { /* We got a small packet */ - - /* Now we need to copy the hdr portion we got into the supplied packet */ - - memcpy(pkt -> data, hdr, read_len); /*Copy data */ - -#ifdef RFCNB_DEBUG - RFCNB_Print_Pkt(stderr, "rcvd", pkt, read_len); -#endif - - return(read_len); - - } - - /* Now, if we got at least a hdr size, alloc space for rest, if we need it */ - - pkt_len = RFCNB_Pkt_Len(hdr); - -#ifdef RFCNB_DEBUG - fprintf(stderr, "Reading Pkt: Length = %i\n", pkt_len); -#endif - - /* Now copy in the hdr */ - - memcpy(pkt -> data, hdr, sizeof(hdr)); - - /* Get the rest of the packet ... first figure out how big our buf is? */ - /* And make sure that we handle the fragments properly ... Sure should */ - /* use an iovec ... */ - - if (len < pkt_len) /* Only get as much as we have space for */ - more = len - RFCNB_Pkt_Hdr_Len; - else - more = pkt_len; - - this_time = 0; - - /* We read for each fragment ... */ - - if (pkt -> len == read_len){ /* If this frag was exact size */ - pkt_frag = pkt -> next; /* Stick next lot in next frag */ - offset = 0; /* then we start at 0 in next */ - } - else { - pkt_frag = pkt; /* Otherwise use rest of this frag */ - offset = RFCNB_Pkt_Hdr_Len; /* Otherwise skip the header */ - } - - frag_len = pkt_frag -> len; - - if (more <= frag_len) /* If len left to get less than frag space */ - this_len = more; /* Get the rest ... */ - else - this_len = frag_len - offset; - - while (more > 0) { - - if ((this_time = read(con -> fd, (pkt_frag -> data) + offset, this_len)) <= 0) { /* Problems */ - - if (errno == EINTR) { - - RFCNB_errno = RFCNB_Timeout; - - } - else { - if (this_time < 0) - RFCNB_errno = RFCNBE_BadRead; - else - RFCNB_errno = RFCNBE_ConGone; - } - - RFCNB_saved_errno = errno; - return(RFCNBE_Bad); - - } - -#ifdef RFCNB_DEBUG - fprintf(stderr, "Frag_Len = %i, this_time = %i, this_len = %i, more = %i\n", frag_len, - this_time, this_len, more); -#endif - - read_len = read_len + this_time; /* How much have we read ... */ - - /* Now set up the next part */ - - if (pkt_frag -> next == NULL) break; /* That's it here */ - - pkt_frag = pkt_frag -> next; - this_len = pkt_frag -> len; - offset = 0; - - more = more - this_time; - - } - -#ifdef RFCNB_DEBUG - fprintf(stderr,"Pkt Len = %i, read_len = %i\n", pkt_len, read_len); - RFCNB_Print_Pkt(stderr, "rcvd", pkt, read_len + sizeof(hdr)); -#endif - - if (read_len < (pkt_len + sizeof(hdr))) { /* Discard the rest */ - - return(RFCNB_Discard_Rest(con, (pkt_len + sizeof(hdr)) - read_len)); - - } - - if (RFCNB_Timeout > 0) - alarm(0); /* Reset that sucker */ - - return(read_len + sizeof(RFCNB_Hdr)); -} --- squid/auth_modules/MSNT/rfcnb-io.h Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,28 +0,0 @@ -/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation - - Version 1.0 - RFCNB IO Routines Defines - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -int RFCNB_Put_Pkt(struct RFCNB_Con *con, struct RFCNB_Pkt *pkt, int len); - -int RFCNB_Get_Pkt(struct RFCNB_Con *con, struct RFCNB_Pkt *pkt, int len); --- squid/auth_modules/MSNT/rfcnb-priv.h Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,150 +0,0 @@ -/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation - - Version 1.0 - RFCNB Defines - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/* Defines we need */ - - -#define GLOBAL extern - -#include "rfcnb-error.h" -#include "rfcnb-common.h" -#include "byteorder.h" - -#ifdef RFCNB_PORT -#define RFCNB_Default_Port RFCNB_PORT -#else -#define RFCNB_Default_Port 139 -#endif - -#define RFCNB_MAX_STATS 1 - -/* Protocol defines we need */ - -#define RFCNB_SESSION_MESSAGE 0 -#define RFCNB_SESSION_REQUEST 0x81 -#define RFCNB_SESSION_ACK 0x82 -#define RFCNB_SESSION_REJ 0x83 -#define RFCNB_SESSION_RETARGET 0x84 -#define RFCNB_SESSION_KEEP_ALIVE 0x85 - -/* Structures */ - -typedef struct redirect_addr * redirect_ptr; - -struct redirect_addr { - - struct in_addr ip_addr; - int port; - redirect_ptr next; - -}; - -typedef struct RFCNB_Con { - - int fd; /* File descripter for TCP/IP connection */ - int rfc_errno; /* last error */ - int timeout; /* How many milli-secs before IO times out */ - int redirects; /* How many times we were redirected */ - struct redirect_addr *redirect_list; /* First is first address */ - struct redirect_addr *last_addr; - -} RFCNB_Con; - -typedef char RFCNB_Hdr[4]; /* The header is 4 bytes long with */ - /* char[0] as the type, char[1] the */ - /* flags, and char[2..3] the length */ - -/* Macros to extract things from the header. These are for portability - between architecture types where we are worried about byte order */ - -#define RFCNB_Pkt_Hdr_Len 4 -#define RFCNB_Pkt_Sess_Len 72 -#define RFCNB_Pkt_Retarg_Len 10 -#define RFCNB_Pkt_Nack_Len 5 -#define RFCNB_Pkt_Type_Offset 0 -#define RFCNB_Pkt_Flags_Offset 1 -#define RFCNB_Pkt_Len_Offset 2 /* Length is 2 bytes plus a flag bit */ -#define RFCNB_Pkt_N1Len_Offset 4 -#define RFCNB_Pkt_Called_Offset 5 -#define RFCNB_Pkt_N2Len_Offset 38 -#define RFCNB_Pkt_Calling_Offset 39 -#define RFCNB_Pkt_Error_Offset 4 -#define RFCNB_Pkt_IP_Offset 4 -#define RFCNB_Pkt_Port_Offset 8 - -/* The next macro isolates the length of a packet, including the bit in the - flags */ - -#define RFCNB_Pkt_Len(p) (PVAL(p, 3) | (PVAL(p, 2) << 8) | \ - ((PVAL(p, RFCNB_Pkt_Flags_Offset) & 0x01) << 16)) - -#define RFCNB_Put_Pkt_Len(p, v) (p[1] = ((v >> 16) & 1)); \ - (p[2] = ((v >> 8) & 0xFF)); \ - (p[3] = (v & 0xFF)); - -#define RFCNB_Pkt_Type(p) (CVAL(p, RFCNB_Pkt_Type_Offset)) - -/*typedef struct RFCNB_Hdr { - - unsigned char type; - unsigned char flags; - int16 len; - - } RFCNB_Hdr; - -typedef struct RFCNB_Sess_Pkt { - unsigned char type; - unsigned char flags; - int16 length; - unsigned char n1_len; - char called_name[33]; - unsigned char n2_len; - char calling_name[33]; - } RFCNB_Sess_Pkt; - - -typedef struct RFCNB_Nack_Pkt { - - struct RFCNB_Hdr hdr; - unsigned char error; - - } RFCNB_Nack_Pkt; - -typedef struct RFCNB_Retarget_Pkt { - - struct RFCNB_Hdr hdr; - int dest_ip; - unsigned char port; - - } RFCNB_Redir_Pkt; */ - -/* Static variables */ - -/* Only declare this if not defined */ - -#ifndef RFCNB_ERRNO -extern int RFCNB_errno; -extern int RFCNB_saved_errno; /* Save this from point of error */ -#endif --- squid/auth_modules/MSNT/rfcnb-util.c Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,562 +0,0 @@ -/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation - - Version 1.0 - RFCNB Utility Routines ... - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "std-includes.h" -#include "rfcnb-priv.h" -#include "rfcnb-util.h" -#include "rfcnb-io.h" - -#include -#include -#include -#include -#include -#include -#include - -char *RFCNB_Error_Strings[] = { - - "RFCNBE_OK: Routine completed successfully.", - "RFCNBE_NoSpace: No space available for a malloc call.", - "RFCNBE_BadName: NetBIOS name could not be translated to IP address.", - "RFCNBE_BadRead: Read system call returned an error. Check errno.", - "RFCNBE_BadWrite: Write system call returned an error. Check errno.", - "RFCNBE_ProtErr: A protocol error has occurred.", - "RFCNBE_ConGone: Connection dropped during a read or write system call.", - "RFCNBE_BadHandle: Bad connection handle passed.", - "RFCNBE_BadSocket: Problems creating socket.", - "RFCNBE_ConnectFailed: Connection failed. See errno.", - "RFCNBE_CallRejNLOCN: Call rejected. Not listening on called name.", - "RFCNBE_CallRejNLFCN: Call rejected. Not listening for called name.", - "RFCNBE_CallRejCNNP: Call rejected. Called name not present.", - "RFCNBE_CallRejInfRes: Call rejected. Name present, but insufficient resources.", - "RFCNBE_CallRejUnSpec: Call rejected. Unspecified error.", - "RFCNBE_BadParam: Bad parameters passed to a routine.", - "RFCNBE_Timeout: IO Operation timed out ..." - -}; - -extern void (*Prot_Print_Routine)(); /* Pointer to protocol print routine */ - -/* Convert name and pad to 16 chars as needed */ -/* Name 1 is a C string with null termination, name 2 may not be */ -/* If SysName is true, then put a <00> on end, else space> */ - -void RFCNB_CvtPad_Name(char *name1, char *name2) - -{ char c, c1, c2; - int i, len; - - len = strlen(name1); - - for (i = 0; i < 16; i++) { - - if (i >= len) { - - c1 = 'C'; c2 = 'A'; /* CA is a space */ - - } else { - - c = name1[i]; - c1 = (char)((int)c/16 + (int)'A'); - c2 = (char)((int)c%16 + (int)'A'); - } - - name2[i*2] = c1; - name2[i*2+1] = c2; - - } - - name2[32] = 0; /* Put in the nll ...*/ - -} - -/* Converts an Ascii NB Name (16 chars) to an RFCNB Name (32 chars) - Uses the encoding in RFC1001. Each nibble of byte is added to 'A' - to produce the next byte in the name. - - This routine assumes that AName is 16 bytes long and that NBName has - space for 32 chars, so be careful ... - -*/ - -void RFCNB_AName_To_NBName(char *AName, char *NBName) - -{ char c, c1, c2; - int i; - - for (i=0; i < 16; i++) { - - c = AName[i]; - - c1 = (char)((c >> 4) + 'A'); - c2 = (char)((c & 0xF) + 'A'); - - NBName[i*2] = c1; - NBName[i*2+1] = c2; - } - - NBName[32] = 0; /* Put in a null */ - -} - -/* Do the reverse of the above ... */ - -void RFCNB_NBName_To_AName(char *NBName, char *AName) - -{ char c, c1, c2; - int i; - - for (i=0; i < 16; i++) { - - c1 = NBName[i*2]; - c2 = NBName[i*2+1]; - - c = (char)(((int)c1 - (int)'A') * 16 + ((int)c2 - (int)'A')); - - AName[i] = c; - - } - - AName[i] = 0; /* Put a null on the end ... */ - -} - -/* Print a string of bytes in HEX etc */ - -void RFCNB_Print_Hex(FILE *fd, struct RFCNB_Pkt *pkt, int Offset, int Len) - -{ char c1, c2, outbuf1[33]; - unsigned char c; - int i, j; - struct RFCNB_Pkt *pkt_ptr = pkt; - static char Hex_List[17] = "0123456789ABCDEF"; - - j = 0; - - /* We only want to print as much as sepcified in Len */ - - while (pkt_ptr != NULL) { - - for (i = 0; - i < ((Len > (pkt_ptr -> len)?pkt_ptr -> len:Len) - Offset); - i++) { - - c = pkt_ptr -> data[i + Offset]; - c1 = Hex_List[c >> 4]; - c2 = Hex_List[c & 0xF]; - - outbuf1[j++] = c1; outbuf1[j++] = c2; - - if (j == 32){ /* Print and reset */ - outbuf1[j] = 0; - fprintf(fd, " %s\n", outbuf1); - j = 0; - } - - } - - Offset = 0; - Len = Len - pkt_ptr -> len; /* Reduce amount by this much */ - pkt_ptr = pkt_ptr -> next; - - } - - /* Print last lot in the buffer ... */ - - if (j > 0) { - - outbuf1[j] = 0; - fprintf(fd, " %s\n", outbuf1); - - } - - fprintf(fd, "\n"); - -} - -/* Get a packet of size n */ - -struct RFCNB_Pkt *RFCNB_Alloc_Pkt(int n) - -{ RFCNB_Pkt *pkt; - - if ((pkt = (struct RFCNB_Pkt *)malloc(sizeof(struct RFCNB_Pkt))) == NULL) { - - RFCNB_errno = RFCNBE_NoSpace; - RFCNB_saved_errno = errno; - return(NULL); - - } - - pkt -> next = NULL; - pkt -> len = n; - - if (n == 0) return(pkt); - - if ((pkt -> data = (char *)malloc(n)) == NULL) { - - RFCNB_errno = RFCNBE_NoSpace; - RFCNB_saved_errno = errno; - free(pkt); - return(NULL); - - } - - return(pkt); - -} - -/* Free up a packet */ - -void RFCNB_Free_Pkt(struct RFCNB_Pkt *pkt) - -{ struct RFCNB_Pkt *pkt_next; char *data_ptr; - - while (pkt != NULL) { - - pkt_next = pkt -> next; - - data_ptr = pkt -> data; - - if (data_ptr != NULL) - free(data_ptr); - - free(pkt); - - pkt = pkt_next; - - } - -} - -/* Print an RFCNB packet */ - -void RFCNB_Print_Pkt(FILE *fd, char *dirn, struct RFCNB_Pkt *pkt, int len) - -{ char lname[17]; - - /* We assume that the first fragment is the RFCNB Header */ - /* We should loop through the fragments printing them out */ - - fprintf(fd, "RFCNB Pkt %s:", dirn); - - switch (RFCNB_Pkt_Type(pkt -> data)) { - - case RFCNB_SESSION_MESSAGE: - - fprintf(fd, "SESSION MESSAGE: Length = %i\n", RFCNB_Pkt_Len(pkt -> data)); - RFCNB_Print_Hex(fd, pkt, RFCNB_Pkt_Hdr_Len, -#ifdef RFCNB_PRINT_DATA - RFCNB_Pkt_Len(pkt -> data) - RFCNB_Pkt_Hdr_Len); -#else - 40); -#endif - - if (Prot_Print_Routine != 0) { /* Print the rest of the packet */ - - Prot_Print_Routine(fd, strcmp(dirn, "sent"), pkt, RFCNB_Pkt_Hdr_Len, - RFCNB_Pkt_Len(pkt -> data) - RFCNB_Pkt_Hdr_Len); - - } - - break; - - case RFCNB_SESSION_REQUEST: - - fprintf(fd, "SESSION REQUEST: Length = %i\n", - RFCNB_Pkt_Len(pkt -> data)); - RFCNB_NBName_To_AName((char *)(pkt -> data + RFCNB_Pkt_Called_Offset), lname); - fprintf(fd, " Called Name: %s\n", lname); - RFCNB_NBName_To_AName((char *)(pkt -> data + RFCNB_Pkt_Calling_Offset), lname); - fprintf(fd, " Calling Name: %s\n", lname); - - break; - - case RFCNB_SESSION_ACK: - - fprintf(fd, "RFCNB SESSION ACK: Length = %i\n", - RFCNB_Pkt_Len(pkt -> data)); - - break; - - case RFCNB_SESSION_REJ: - fprintf(fd, "RFCNB SESSION REJECT: Length = %i\n", - RFCNB_Pkt_Len(pkt -> data)); - - if (RFCNB_Pkt_Len(pkt -> data) < 1) { - fprintf(fd, " Protocol Error, short Reject packet!\n"); - } - else { - fprintf(fd, " Error = %x\n", CVAL(pkt -> data, RFCNB_Pkt_Error_Offset)); - } - - break; - - case RFCNB_SESSION_RETARGET: - - fprintf(fd, "RFCNB SESSION RETARGET: Length = %i\n", - RFCNB_Pkt_Len(pkt -> data)); - - /* Print out the IP address etc and the port? */ - - break; - - case RFCNB_SESSION_KEEP_ALIVE: - - fprintf(fd, "RFCNB SESSION KEEP ALIVE: Length = %i\n", - RFCNB_Pkt_Len(pkt -> data)); - break; - - default: - - break; - } - -} - -/* Resolve a name into an address */ - -int RFCNB_Name_To_IP(char *host, struct in_addr *Dest_IP) - -{ int addr; /* Assumes IP4, 32 bit network addresses */ - struct hostent *hp; - - /* Use inet_addr to try to convert the address */ - - if ((addr = inet_addr(host)) == INADDR_NONE) { /* Oh well, a good try :-) */ - - /* Now try a name look up with gethostbyname */ - - if ((hp = gethostbyname(host)) == NULL) { /* Not in DNS */ - - /* Try NetBIOS name lookup, how the hell do we do that? */ - - RFCNB_errno = RFCNBE_BadName; /* Is this right? */ - RFCNB_saved_errno = errno; - return(RFCNBE_Bad); - - } - else { /* We got a name */ - - memcpy((void *)Dest_IP, (void *)hp -> h_addr_list[0], sizeof(struct in_addr)); - - } - } - else { /* It was an IP address */ - - memcpy((void *)Dest_IP, (void *)&addr, sizeof(struct in_addr)); - - } - - return 0; - -} - -/* Disconnect the TCP connection to the server */ - -int RFCNB_Close(int socket) - -{ - - close(socket); - - /* If we want to do error recovery, here is where we put it */ - - return 0; - -} - -/* Connect to the server specified in the IP address. - Not sure how to handle socket options etc. */ - -int RFCNB_IP_Connect(struct in_addr Dest_IP, int port) - -{ struct sockaddr_in Socket; - int fd; - - /* Create a socket */ - - if ((fd = socket(PF_INET, SOCK_STREAM, 0)) < 0) { /* Handle the error */ - - RFCNB_errno = RFCNBE_BadSocket; - RFCNB_saved_errno = errno; - return(RFCNBE_Bad); - } - - bzero((char *)&Socket, sizeof(Socket)); - memcpy((char *)&Socket.sin_addr, (char *)&Dest_IP, sizeof(Dest_IP)); - - Socket.sin_port = htons(port); - Socket.sin_family = PF_INET; - - /* Now connect to the destination */ - - if (connect(fd, (struct sockaddr *)&Socket, sizeof(Socket)) < 0) { /* Error */ - - close(fd); - RFCNB_errno = RFCNBE_ConnectFailed; - RFCNB_saved_errno = errno; - return(RFCNBE_Bad); - } - - return(fd); - -} - -/* handle the details of establishing the RFCNB session with remote - end - -*/ - -int RFCNB_Session_Req(struct RFCNB_Con *con, - char *Called_Name, - char *Calling_Name, - BOOL *redirect, - struct in_addr *Dest_IP, - int * port) - -{ char *sess_pkt; - - /* Response packet should be no more than 9 bytes, make 16 jic */ - - char resp[16]; - int len; - struct RFCNB_Pkt *pkt, res_pkt; - - /* We build and send the session request, then read the response */ - - pkt = RFCNB_Alloc_Pkt(RFCNB_Pkt_Sess_Len); - - if (pkt == NULL) { - - return(RFCNBE_Bad); /* Leave the error that RFCNB_Alloc_Pkt gives) */ - - } - - sess_pkt = pkt -> data; /* Get pointer to packet proper */ - - sess_pkt[RFCNB_Pkt_Type_Offset] = RFCNB_SESSION_REQUEST; - RFCNB_Put_Pkt_Len(sess_pkt, (RFCNB_Pkt_Sess_Len-RFCNB_Pkt_Hdr_Len)); - sess_pkt[RFCNB_Pkt_N1Len_Offset] = 32; - sess_pkt[RFCNB_Pkt_N2Len_Offset] = 32; - - RFCNB_CvtPad_Name(Called_Name, (sess_pkt + RFCNB_Pkt_Called_Offset)); - RFCNB_CvtPad_Name(Calling_Name, (sess_pkt + RFCNB_Pkt_Calling_Offset)); - - /* Now send the packet */ - -#ifdef RFCNB_DEBUG - - fprintf(stderr, "Sending packet: "); - -#endif - - if ((len = RFCNB_Put_Pkt(con, pkt, RFCNB_Pkt_Sess_Len)) < 0) { - - return(RFCNBE_Bad); /* Should be able to write that lot ... */ - - } - -#ifdef RFCNB_DEBUG - - fprintf(stderr, "Getting packet.\n"); - -#endif - - res_pkt.data = resp; - res_pkt.len = sizeof(resp); - res_pkt.next = NULL; - - if ((len = RFCNB_Get_Pkt(con, &res_pkt, sizeof(resp))) < 0) { - - return(RFCNBE_Bad); - - } - - /* Now analyze the packet ... */ - - switch (RFCNB_Pkt_Type(resp)) { - - case RFCNB_SESSION_REJ: /* Didnt like us ... too bad */ - - /* Why did we get rejected ? */ - - switch (CVAL(resp,RFCNB_Pkt_Error_Offset)) { - - case 0x80: - RFCNB_errno = RFCNBE_CallRejNLOCN; - break; - case 0x81: - RFCNB_errno = RFCNBE_CallRejNLFCN; - break; - case 0x82: - RFCNB_errno = RFCNBE_CallRejCNNP; - break; - case 0x83: - RFCNB_errno = RFCNBE_CallRejInfRes; - break; - case 0x8F: - RFCNB_errno = RFCNBE_CallRejUnSpec; - break; - default: - RFCNB_errno = RFCNBE_ProtErr; - break; - } - - return(RFCNBE_Bad); - break; - - case RFCNB_SESSION_ACK: /* Got what we wanted ... */ - - return(0); - break; - - case RFCNB_SESSION_RETARGET: /* Go elsewhere */ - - *redirect = TRUE; /* Copy port and ip addr */ - - memcpy(Dest_IP, (resp + RFCNB_Pkt_IP_Offset), sizeof(struct in_addr)); - *port = SVAL(resp, RFCNB_Pkt_Port_Offset); - - return(0); - break; - - default: /* A protocol error */ - - RFCNB_errno = RFCNBE_ProtErr; - return(RFCNBE_Bad); - break; - } -} - - - - - - - - - --- squid/auth_modules/MSNT/rfcnb-util.h Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,51 +0,0 @@ -/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation - - Version 1.0 - RFCNB Utility Defines - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -void RFCNB_CvtPad_Name(char *name1, char *name2); - -void RFCNB_AName_To_NBName(char *AName, char *NBName); - -void RFCNB_NBName_To_AName(char *NBName, char *AName); - -void RFCNB_Print_Hex(FILE *fd, struct RFCNB_Pkt *pkt, int Offset, int Len); - -struct RFCNB_Pkt *RFCNB_Alloc_Pkt(int n); - -void RFCNB_Print_Pkt(FILE *fd, char *dirn, struct RFCNB_Pkt *pkt, int len); - -int RFCNB_Name_To_IP(char *host, struct in_addr *Dest_IP); - -int RFCNB_Close(int socket); - -int RFCNB_IP_Connect(struct in_addr Dest_IP, int port); - -int RFCNB_Session_Req(RFCNB_Con *con, - char *Called_Name, - char *Calling_Name, - BOOL *redirect, - struct in_addr *Dest_IP, - int * port); - -void RFCNB_Free_Pkt(struct RFCNB_Pkt *pkt); --- squid/auth_modules/MSNT/rfcnb.h Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,48 +0,0 @@ -/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation - - Version 1.0 - RFCNB Defines - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/* Error responses */ - -#include "rfcnb-error.h" -#include "rfcnb-common.h" - -/* Defines we need */ - -#define RFCNB_Default_Port 139 - -/* Definition of routines we define */ - -void *RFCNB_Call(char *Called_Name, char *Calling_Name, char *Called_Address, - int port); - -int RFCNB_Send(void *Con_Handle, struct RFCNB_Pkt *Data, int Length); - -int RFCNB_Recv(void *Con_Handle, struct RFCNB_Pkt *Data, int Length); - -int RFCNB_Hangup(void *con_Handle); - -void *RFCNB_Listen(); - -void RFCNB_Get_Error(char *buffer, int buf_len); --- squid/auth_modules/MSNT/session.c Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,370 +0,0 @@ -/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation - - Version 1.0 - Session Routines ... - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -int RFCNB_errno = 0; -int RFCNB_saved_errno = 0; -#define RFCNB_ERRNO - -#include "std-includes.h" -#include -#include "rfcnb-priv.h" -#include "rfcnb-util.h" -#include "rfcnb-io.h" - -#include -#include -#include - -int RFCNB_Stats[RFCNB_MAX_STATS]; - -void (*Prot_Print_Routine)() = NULL; /* Pointer to print routine */ - -/* Set up a session with a remote name. We are passed Called_Name as a - string which we convert to a NetBIOS name, ie space terminated, up to - 16 characters only if we need to. If Called_Address is not empty, then - we use it to connect to the remote end, but put in Called_Name ... Called - Address can be a DNS based name, or a TCP/IP address ... -*/ - -void *RFCNB_Call(char *Called_Name, char *Calling_Name, char *Called_Address, - int port) - -{ struct RFCNB_Con *con; - struct in_addr Dest_IP; - int Client; - BOOL redirect; struct redirect_addr *redir_addr; - char *Service_Address; - - /* Now, we really should look up the port in /etc/services ... */ - - if (port == 0) port = RFCNB_Default_Port; - - /* Create a connection structure first */ - - if ((con = (struct RFCNB_Con *)malloc(sizeof(struct RFCNB_Con))) == NULL) { /* Error in size */ - - RFCNB_errno = RFCNBE_NoSpace; - RFCNB_saved_errno = errno; - return(NULL); - - } - - con -> fd = -0; /* no descriptor yet */ - con -> rfc_errno = 0; /* no error yet */ - con -> timeout = 0; /* no timeout */ - con -> redirects = 0; - con -> redirect_list = NULL; /* Fix bug still in version 0.50 */ - - /* Resolve that name into an IP address */ - - Service_Address = Called_Name; - if (strcmp(Called_Address, "") != 0) { /* If the Called Address = "" */ - Service_Address = Called_Address; - } - - if ((errno = RFCNB_Name_To_IP(Service_Address, &Dest_IP)) < 0) { /* Error */ - - /* No need to modify RFCNB_errno as it was done by RFCNB_Name_To_IP */ - - return(NULL); - - } - - /* Now connect to the remote end */ - - redirect = TRUE; /* Fudge this one so we go once through */ - - while (redirect) { /* Connect and get session info etc */ - - redirect = FALSE; /* Assume all OK */ - - /* Build the redirect info. First one is first addr called */ - /* And tack it onto the list of addresses we called */ - - if ((redir_addr = (struct redirect_addr *)malloc(sizeof(struct redirect_addr))) == NULL) { /* Could not get space */ - - RFCNB_errno = RFCNBE_NoSpace; - RFCNB_saved_errno = errno; - return(NULL); - - } - - memcpy((char *)&(redir_addr -> ip_addr), (char *)&Dest_IP, sizeof(Dest_IP)); - redir_addr -> port = port; - redir_addr -> next = NULL; - - if (con -> redirect_list == NULL) { /* Stick on head */ - - con -> redirect_list = con -> last_addr = redir_addr; - - } else { - - con -> last_addr -> next = redir_addr; - con -> last_addr = redir_addr; - - } - - /* Now, make that connection */ - - if ((Client = RFCNB_IP_Connect(Dest_IP, port)) < 0) { /* Error */ - - /* No need to modify RFCNB_errno as it was done by RFCNB_IP_Connect */ - - return(NULL); - - } - - con -> fd = Client; - - /* Now send and handle the RFCNB session request */ - /* If we get a redirect, we will comeback with redirect true - and a new IP address in DEST_IP */ - - if ((errno = RFCNB_Session_Req(con, - Called_Name, - Calling_Name, - &redirect, &Dest_IP, &port)) < 0) { - - /* No need to modify RFCNB_errno as it was done by RFCNB_Session.. */ - - return(NULL); - - } - - if (redirect) { - - /* We have to close the connection, and then try again */ - - (con -> redirects)++; - - RFCNB_Close(con -> fd); /* Close it */ - - } - } - - return(con); - -} - -/* We send a packet to the other end ... for the moment, we treat the - data as a series of pointers to blocks of data ... we should check the - length ... */ - -int RFCNB_Send(struct RFCNB_Con *Con_Handle, struct RFCNB_Pkt *udata, int Length) - -{ struct RFCNB_Pkt *pkt; char *hdr; - int len; - - /* Plug in the header and send the data */ - - pkt = RFCNB_Alloc_Pkt(RFCNB_Pkt_Hdr_Len); - - if (pkt == NULL) { - - RFCNB_errno = RFCNBE_NoSpace; - RFCNB_saved_errno = errno; - return(RFCNBE_Bad); - - } - - pkt -> next = udata; /* The user data we want to send */ - - hdr = pkt -> data; - - /* Following crap is for portability across multiple UNIX machines */ - - *(hdr + RFCNB_Pkt_Type_Offset) = RFCNB_SESSION_MESSAGE; - RFCNB_Put_Pkt_Len(hdr, Length); - -#ifdef RFCNB_DEBUG - - fprintf(stderr, "Sending packet: "); - -#endif - - if ((len = RFCNB_Put_Pkt(Con_Handle, pkt, Length + RFCNB_Pkt_Hdr_Len)) < 0) { - - /* No need to change RFCNB_errno as it was done by put_pkt ... */ - - return(RFCNBE_Bad); /* Should be able to write that lot ... */ - - } - - /* Now we have sent that lot, let's get rid of the RFCNB Header and return */ - - pkt -> next = NULL; - - RFCNB_Free_Pkt(pkt); - - return(len); - -} - -/* We pick up a message from the internet ... We have to worry about - non-message packets ... */ - -int RFCNB_Recv(void *con_Handle, struct RFCNB_Pkt *Data, int Length) - -{ struct RFCNB_Pkt *pkt; - int ret_len; - - if (con_Handle == NULL){ - - RFCNB_errno = RFCNBE_BadHandle; - RFCNB_saved_errno = errno; - return(RFCNBE_Bad); - - } - - /* Now get a packet from below. We allocate a header first */ - - /* Plug in the header and send the data */ - - pkt = RFCNB_Alloc_Pkt(RFCNB_Pkt_Hdr_Len); - - if (pkt == NULL) { - - RFCNB_errno = RFCNBE_NoSpace; - RFCNB_saved_errno = errno; - return(RFCNBE_Bad); - - } - - pkt -> next = Data; /* Plug in the data portion */ - - if ((ret_len = RFCNB_Get_Pkt(con_Handle, pkt, Length + RFCNB_Pkt_Hdr_Len)) < 0) { - -#ifdef RFCNB_DEBUG - fprintf(stderr, "Bad packet return in RFCNB_Recv... \n"); -#endif - - return(RFCNBE_Bad); - - } - - /* We should check that we go a message and not a keep alive */ - - pkt -> next = NULL; - - RFCNB_Free_Pkt(pkt); - - return(ret_len); - -} - -/* We just disconnect from the other end, as there is nothing in the RFCNB */ -/* protocol that specifies any exchange as far as I can see */ - -int RFCNB_Hangup(struct RFCNB_Con *con_Handle) - -{ - - if (con_Handle != NULL) { - RFCNB_Close(con_Handle -> fd); /* Could this fail? */ - free(con_Handle); - } - - return 0; - - -} - -/* Set TCP_NODELAY on the socket */ - -int RFCNB_Set_Sock_NoDelay(struct RFCNB_Con *con_Handle, BOOL yn) - -{ - - return(setsockopt(con_Handle -> fd, IPPROTO_TCP, TCP_NODELAY, - (char *)&yn, sizeof(yn))); - -} - - -/* Listen for a connection on a port???, when */ -/* the connection comes in, we return with the connection */ - -void RFCNB_Listen() - -{ - -} - -/* Pick up the last error response as a string, hmmm, this routine should */ -/* have been different ... */ - -void RFCNB_Get_Error(char *buffer, int buf_len) - -{ - - if (RFCNB_saved_errno <= 0) { - sprintf(buffer, "%s", RFCNB_Error_Strings[RFCNB_errno]); - } - else { - sprintf(buffer, "%s\n\terrno:%s", RFCNB_Error_Strings[RFCNB_errno], - strerror(RFCNB_saved_errno)); - } - -} - -/* Pick up the last error response and returns as a code */ - -int RFCNB_Get_Last_Error() - -{ - - return(RFCNB_errno); - -} - -/* Pick up saved errno as well */ - -int RFCNB_Get_Last_Errno() - -{ - - return(RFCNB_saved_errno); - -} - -/* Pick up the last error response and return in string ... */ - -void RFCNB_Get_Error_Msg(int code, char *msg_buf, int len) - -{ - - strncpy(msg_buf, RFCNB_Error_Strings[abs(code)], len); - -} - -/* Register a higher level protocol print routine */ - -void RFCNB_Register_Print_Routine(void (*fn)()) - -{ - - Prot_Print_Routine = fn; - -} --- squid/auth_modules/MSNT/smbdes.c Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,337 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - - a partial implementation of DES designed for use in the - SMB authentication protocol - - Copyright (C) Andrew Tridgell 1997 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - - -/* NOTES: - - This code makes no attempt to be fast! In fact, it is a very - slow implementation - - This code is NOT a complete DES implementation. It implements only - the minimum necessary for SMB authentication, as used by all SMB - products (including every copy of Microsoft Windows95 ever sold) - - In particular, it can only do a unchained forward DES pass. This - means it is not possible to use this code for encryption/decryption - of data, instead it is only useful as a "hash" algorithm. - - There is no entry point into this code that allows normal DES operation. - - I believe this means that this code does not come under ITAR - regulations but this is NOT a legal opinion. If you are concerned - about the applicability of ITAR regulations to this code then you - should confirm it for yourself (and maybe let me know if you come - up with a different answer to the one above) -*/ - - - -static int perm1[56] = {57, 49, 41, 33, 25, 17, 9, - 1, 58, 50, 42, 34, 26, 18, - 10, 2, 59, 51, 43, 35, 27, - 19, 11, 3, 60, 52, 44, 36, - 63, 55, 47, 39, 31, 23, 15, - 7, 62, 54, 46, 38, 30, 22, - 14, 6, 61, 53, 45, 37, 29, - 21, 13, 5, 28, 20, 12, 4}; - -static int perm2[48] = {14, 17, 11, 24, 1, 5, - 3, 28, 15, 6, 21, 10, - 23, 19, 12, 4, 26, 8, - 16, 7, 27, 20, 13, 2, - 41, 52, 31, 37, 47, 55, - 30, 40, 51, 45, 33, 48, - 44, 49, 39, 56, 34, 53, - 46, 42, 50, 36, 29, 32}; - -static int perm3[64] = {58, 50, 42, 34, 26, 18, 10, 2, - 60, 52, 44, 36, 28, 20, 12, 4, - 62, 54, 46, 38, 30, 22, 14, 6, - 64, 56, 48, 40, 32, 24, 16, 8, - 57, 49, 41, 33, 25, 17, 9, 1, - 59, 51, 43, 35, 27, 19, 11, 3, - 61, 53, 45, 37, 29, 21, 13, 5, - 63, 55, 47, 39, 31, 23, 15, 7}; - -static int perm4[48] = { 32, 1, 2, 3, 4, 5, - 4, 5, 6, 7, 8, 9, - 8, 9, 10, 11, 12, 13, - 12, 13, 14, 15, 16, 17, - 16, 17, 18, 19, 20, 21, - 20, 21, 22, 23, 24, 25, - 24, 25, 26, 27, 28, 29, - 28, 29, 30, 31, 32, 1}; - -static int perm5[32] = { 16, 7, 20, 21, - 29, 12, 28, 17, - 1, 15, 23, 26, - 5, 18, 31, 10, - 2, 8, 24, 14, - 32, 27, 3, 9, - 19, 13, 30, 6, - 22, 11, 4, 25}; - - -static int perm6[64] ={ 40, 8, 48, 16, 56, 24, 64, 32, - 39, 7, 47, 15, 55, 23, 63, 31, - 38, 6, 46, 14, 54, 22, 62, 30, - 37, 5, 45, 13, 53, 21, 61, 29, - 36, 4, 44, 12, 52, 20, 60, 28, - 35, 3, 43, 11, 51, 19, 59, 27, - 34, 2, 42, 10, 50, 18, 58, 26, - 33, 1, 41, 9, 49, 17, 57, 25}; - - -static int sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1}; - -static int sbox[8][4][16] = { - {{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7}, - {0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8}, - {4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0}, - {15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13}}, - - {{15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10}, - {3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5}, - {0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15}, - {13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9}}, - - {{10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8}, - {13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1}, - {13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7}, - {1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12}}, - - {{7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15}, - {13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9}, - {10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4}, - {3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14}}, - - {{2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9}, - {14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6}, - {4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14}, - {11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3}}, - - {{12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11}, - {10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8}, - {9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6}, - {4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13}}, - - {{4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1}, - {13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6}, - {1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2}, - {6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12}}, - - {{13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7}, - {1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2}, - {7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8}, - {2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}}; - -static void permute(char *out, char *in, int *p, int n) -{ - int i; - for (i=0;i>1; - key[1] = ((str[0]&0x01)<<6) | (str[1]>>2); - key[2] = ((str[1]&0x03)<<5) | (str[2]>>3); - key[3] = ((str[2]&0x07)<<4) | (str[3]>>4); - key[4] = ((str[3]&0x0F)<<3) | (str[4]>>5); - key[5] = ((str[4]&0x1F)<<2) | (str[5]>>6); - key[6] = ((str[5]&0x3F)<<1) | (str[6]>>7); - key[7] = str[6]&0x7F; - for (i=0;i<8;i++) { - key[i] = (key[i]<<1); - } -} - - -static void smbhash(unsigned char *out, unsigned char *in, unsigned char *key) -{ - int i; - char outb[64]; - char inb[64]; - char keyb[64]; - unsigned char key2[8]; - - str_to_key(key, key2); - - for (i=0;i<64;i++) { - inb[i] = (in[i/8] & (1<<(7-(i%8)))) ? 1 : 0; - keyb[i] = (key2[i/8] & (1<<(7-(i%8)))) ? 1 : 0; - outb[i] = 0; - } - - dohash(outb, inb, keyb); - - for (i=0;i<8;i++) { - out[i] = 0; - } - - for (i=0;i<64;i++) { - if (outb[i]) - out[i/8] |= (1<<(7-(i%8))); - } -} - -void E_P16(unsigned char *p14,unsigned char *p16) -{ - unsigned char sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25}; - smbhash(p16, sp8, p14); - smbhash(p16+8, sp8, p14+7); -} - -void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24) -{ - smbhash(p24, c8, p21); - smbhash(p24+8, c8, p21+7); - smbhash(p24+16, c8, p21+14); -} - -void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key) -{ - unsigned char buf[8]; - - smbhash(buf, in, key); - smbhash(out, buf, key+9); -} - -void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key) -{ - unsigned char buf[8]; - static unsigned char key2[8]; - - smbhash(buf, in, key); - key2[0] = key[7]; - smbhash(out, buf, key2); -} - --- squid/auth_modules/MSNT/smbencrypt.c Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,203 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - SMB parameters and setup - Copyright (C) Andrew Tridgell 1992-1997 - Modified by Jeremy Allison 1995. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include -#include -#include -#include -#include -#include -#include -#include -/* Antonino #include */ - -#include "smblib-priv.h" -#define uchar unsigned char -extern int DEBUGLEVEL; - -#include "byteorder.h" - -char *StrnCpy(char *dest,char *src,int n); -void strupper(char *s); -extern void E_P16(unsigned char *,unsigned char *); -extern void E_P24(unsigned char *, unsigned char *, unsigned char *); -extern void mdfour(unsigned char *, unsigned char *, int); - - -/* - This implements the X/Open SMB password encryption - It takes a password, a 8 byte "crypt key" and puts 24 bytes of - encrypted password into p24 */ -void SMBencrypt(uchar *passwd, uchar *c8, uchar *p24) -{ - uchar p14[15], p21[21]; - - memset(p21,'\0',21); - memset(p14,'\0',14); - StrnCpy((char *)p14,(char *)passwd,14); - - strupper((char *)p14); - E_P16(p14, p21); - E_P24(p21, c8, p24); -} - -/* Routines for Windows NT MD4 Hash functions. */ -static int _my_wcslen(int16 *str) -{ - int len = 0; - while(*str++ != 0) - len++; - return len; -} - -/* - * Convert a string into an NT UNICODE string. - * Note that regardless of processor type - * this must be in intel (little-endian) - * format. - */ - -static int _my_mbstowcs(int16 *dst, uchar *src, int len) -{ - int i; - int16 val; - - for(i = 0; i < len; i++) { - val = *src; - SSVAL(dst,0,val); - dst++; - src++; - if(val == 0) - break; - } - return i; -} - -/* - * Creates the MD4 Hash of the users password in NT UNICODE. - */ - -void E_md4hash(uchar *passwd, uchar *p16) -{ - int len; - int16 wpwd[129]; - - /* Password cannot be longer than 128 characters */ - len = strlen((char *)passwd); - if(len > 128) - len = 128; - /* Password must be converted to NT unicode */ - _my_mbstowcs(wpwd, passwd, len); - wpwd[len] = 0; /* Ensure string is null terminated */ - /* Calculate length in bytes */ - len = _my_wcslen(wpwd) * sizeof(int16); - - mdfour(p16, (unsigned char *)wpwd, len); -} - -/* Does the NT MD4 hash then des encryption. */ - -void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24) -{ - uchar p21[21]; - - memset(p21,'\0',21); - - E_md4hash(passwd, p21); - E_P24(p21, c8, p24); -} - -/* Does both the NT and LM owfs of a user's password */ - -void nt_lm_owf_gen(char *pwd, char *nt_p16, char *p16) -{ - char passwd[130]; - StrnCpy(passwd, pwd, sizeof(passwd)-1); - - /* Calculate the MD4 hash (NT compatible) of the password */ - memset(nt_p16, '\0', 16); - E_md4hash((uchar *)passwd, (uchar *)nt_p16); - - /* Mangle the passwords into Lanman format */ - passwd[14] = '\0'; - strupper(passwd); - - /* Calculate the SMB (lanman) hash functions of the password */ - - memset(p16, '\0', 16); - E_P16((uchar *) passwd, (uchar *)p16); - - /* clear out local copy of user's password (just being paranoid). */ - bzero(passwd, sizeof(passwd)); -} - -/**************************************************************************** -line strncpy but always null terminates. Make sure there is room! -****************************************************************************/ -char *StrnCpy(char *dest,char *src,int n) -{ - char *d = dest; - if (!dest) return(NULL); - if (!src) { - *dest = 0; - return(dest); - } - while (n-- && (*d++ = *src++)) ; - *d = 0; - return(dest); -} - -void strupper(char *s) -{ - while (*s) - { - /* -#if !defined(KANJI_WIN95_COMPATIBILITY) - if(lp_client_code_page() == KANJI_CODEPAGE) - { - - if (is_shift_jis (*s)) - { - if (is_sj_lower (s[0], s[1])) - s[1] = sj_toupper2 (s[1]); - s += 2; - } - else if (is_kana (*s)) - { - s++; - } - else - { - if (islower(*s)) - *s = toupper(*s); - s++; - } - } - else -#endif */ /* KANJI_WIN95_COMPATIBILITY */ - { - if (islower(*s)) - *s = toupper(*s); - s++; - } - } -} --- squid/auth_modules/MSNT/smblib-common.h Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,189 +0,0 @@ -/* UNIX SMBlib NetBIOS implementation - - Version 1.0 - SMBlib Common Defines - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -/* To get the error class we want the first 8 bits */ -/* Because we just grab 4bytes from the SMB header, we have to re-order */ -/* here, but it makes the NtStatus part easier in future */ - -#ifndef _SMBLIB_COMMON_H_ -#define _SMBLIB_COMMON_H_ - -#define SMBlib_Error_Class(p) (p & 0x000000FF) - -/* To get the error code, we want the bottom 16 bits */ - -#define SMBlib_Error_Code(p) (((unsigned int)p & 0xFFFF0000) >>16) - -/* Error CLASS codes and etc ... */ - -#define SMBC_SUCCESS 0 -#define SMBC_ERRDOS 0x01 -#define SMBC_ERRSRV 0x02 -#define SMBC_ERRHRD 0x03 -#define SMBC_ERRCMD 0xFF - -/* Success error codes */ - -#define SMBS_BUFFERED 0x54 -#define SMBS_LOGGED 0x55 -#define SMBS_DISPLAYED 0x56 - -/* ERRDOS Error codes */ - -#define SMBD_badfunc 0x01 -#define SMBD_badfile 0x02 -#define SMBD_badpath 0x03 -#define SMBD_nofids 0x04 -#define SMBD_noaccess 0x05 -#define SMBD_badfid 0x06 -#define SMBD_badmcb 0x07 -#define SMBD_nomem 0x08 -#define SMBD_badmem 0x09 -#define SMBD_badenv 0x0A -#define SMBD_badformat 0x0B -#define SMBD_badaccess 0x0C -#define SMBD_baddata 0x0D -#define SMBD_reserved 0x0E -#define SMBD_baddrive 0x0F -#define SMBD_remcd 0x10 -#define SMBD_diffdevice 0x11 -#define SMBD_nofiles 0x12 -#define SMBD_badshare 0x20 -#define SMBD_errlock 0x21 -#define SMBD_filexists 0x50 - -/* Server errors ... */ - -#define SMBV_error 0x01 /* Generic error */ -#define SMBV_badpw 0x02 -#define SMBV_badtype 0x03 -#define SMBV_access 0x04 -#define SMBV_invnid 0x05 -#define SMBV_invnetname 0x06 -#define SMBV_invdevice 0x07 -#define SMBV_qfull 0x31 -#define SMBV_qtoobig 0x32 -#define SMBV_qeof 0x33 -#define SMBV_invpfid 0x34 -#define SMBV_paused 0x51 -#define SMBV_msgoff 0x52 -#define SMBV_noroom 0x53 -#define SMBV_rmuns 0x57 -#define SMBV_nosupport 0xFFFF - -/* Hardware error codes ... */ - -#define SMBH_nowrite 0x13 -#define SMBH_badunit 0x14 -#define SMBH_notready 0x15 -#define SMBH_badcmd 0x16 -#define SMBH_data 0x17 -#define SMBH_badreq 0x18 -#define SMBH_seek 0x19 -#define SMBH_badmedia 0x1A -#define SMBH_badsector 0x1B -#define SMBH_nopaper 0x1C -#define SMBH_write 0x1D -#define SMBH_read 0x1E -#define SMBH_general 0x1F -#define SMBH_badshare 0x20 - -/* Access mode defines ... */ - -#define SMB_AMODE_WTRU 0x4000 -#define SMB_AMODE_NOCACHE 0x1000 -#define SMB_AMODE_COMPAT 0x0000 -#define SMB_AMODE_DENYRWX 0x0010 -#define SMB_AMODE_DENYW 0x0020 -#define SMB_AMODE_DENYRX 0x0030 -#define SMB_AMODE_DENYNONE 0x0040 -#define SMB_AMODE_OPENR 0x0000 -#define SMB_AMODE_OPENW 0x0001 -#define SMB_AMODE_OPENRW 0x0002 -#define SMB_AMODE_OPENX 0x0003 -#define SMB_AMODE_FCBOPEN 0x00FF -#define SMB_AMODE_LOCUNKN 0x0000 -#define SMB_AMODE_LOCMSEQ 0x0100 -#define SMB_AMODE_LOCMRAN 0x0200 -#define SMB_AMODE_LOCRAL 0x0300 - -/* File attribute encoding ... */ - -#define SMB_FA_ORD 0x00 -#define SMB_FA_ROF 0x01 -#define SMB_FA_HID 0x02 -#define SMB_FA_SYS 0x04 -#define SMB_FA_VOL 0x08 -#define SMB_FA_DIR 0x10 -#define SMB_FA_ARC 0x20 - -/* Define the protocol types ... */ - -#define SMB_P_Unknown -1 /* Hmmm, is this smart? */ -#define SMB_P_Core 0 -#define SMB_P_CorePlus 1 -#define SMB_P_DOSLanMan1 2 -#define SMB_P_LanMan1 3 -#define SMB_P_DOSLanMan2 4 -#define SMB_P_LanMan2 5 -#define SMB_P_DOSLanMan2_1 6 -#define SMB_P_LanMan2_1 7 -#define SMB_P_NT1 8 - -/* SMBlib return codes */ -/* We want something that indicates whether or not the return code was a */ -/* remote error, a local error in SMBlib or returned from lower layer ... */ -/* Wonder if this will work ... */ -/* SMBlibE_Remote = 1 indicates remote error */ -/* SMBlibE_ values < 0 indicate local error with more info available */ -/* SMBlibE_ values >1 indicate local from SMBlib code errors? */ - -#define SMBlibE_Success 0 -#define SMBlibE_Remote 1 /* Remote error, get more info from con */ -#define SMBlibE_BAD -1 -#define SMBlibE_LowerLayer 2 /* Lower layer error */ -#define SMBlibE_NotImpl 3 /* Function not yet implemented */ -#define SMBlibE_ProtLow 4 /* Protocol negotiated does not support req */ -#define SMBlibE_NoSpace 5 /* No space to allocate a structure */ -#define SMBlibE_BadParam 6 /* Bad parameters */ -#define SMBlibE_NegNoProt 7 /* None of our protocols was liked */ -#define SMBlibE_SendFailed 8 /* Sending an SMB failed */ -#define SMBlibE_RecvFailed 9 /* Receiving an SMB failed */ -#define SMBlibE_GuestOnly 10 /* Logged in as guest */ -#define SMBlibE_CallFailed 11 /* Call remote end failed */ -#define SMBlibE_ProtUnknown 12 /* Protocol unknown */ -#define SMBlibE_NoSuchMsg 13 /* Keep this up to date */ - -typedef struct { /* A structure for a Dirent */ - - unsigned char resume_key[21]; /* Don't touch this */ - unsigned char file_attributes; /* Attributes of file */ - unsigned int date_time; /* date and time of last mod */ - unsigned int size; - char filename[13]; /* The name of the file */ - -} SMB_CP_dirent; - -#endif /* _SMBLIB_COMMON_H_ */ --- squid/auth_modules/MSNT/smblib-priv.h Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,598 +0,0 @@ -/* UNIX SMBlib NetBIOS implementation - - Version 1.0 - SMBlib private Defines - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _SMBLIB_PRIV_H_ -#define _SMBLIB_PRIV_H_ - -#include "std-defines.h" -#include "smblib-common.h" -#include -#include - -#include "byteorder.h" /* Hmmm ... hot good */ - -#define max(a,b) (a < b ? b : a) - -#define SMB_DEF_IDF 0x424D53FF /* "\377SMB" */ - -/* Core protocol commands */ - -#define SMBmkdir 0x00 /* create directory */ -#define SMBrmdir 0x01 /* delete directory */ -#define SMBopen 0x02 /* open file */ -#define SMBcreate 0x03 /* create file */ -#define SMBclose 0x04 /* close file */ -#define SMBflush 0x05 /* flush file */ -#define SMBunlink 0x06 /* delete file */ -#define SMBmv 0x07 /* rename file */ -#define SMBgetatr 0x08 /* get file attributes */ -#define SMBsetatr 0x09 /* set file attributes */ -#define SMBread 0x0A /* read from file */ -#define SMBwrite 0x0B /* write to file */ -#define SMBlock 0x0C /* lock byte range */ -#define SMBunlock 0x0D /* unlock byte range */ -#define SMBctemp 0x0E /* create temporary file */ -#define SMBmknew 0x0F /* make new file */ -#define SMBchkpth 0x10 /* check directory path */ -#define SMBexit 0x11 /* process exit */ -#define SMBlseek 0x12 /* seek */ -#define SMBtcon 0x70 /* tree connect */ -#define SMBtdis 0x71 /* tree disconnect */ -#define SMBnegprot 0x72 /* negotiate protocol */ -#define SMBdskattr 0x80 /* get disk attributes */ -#define SMBsearch 0x81 /* search directory */ -#define SMBsplopen 0xC0 /* open print spool file */ -#define SMBsplwr 0xC1 /* write to print spool file */ -#define SMBsplclose 0xC2 /* close print spool file */ -#define SMBsplretq 0xC3 /* return print queue */ -#define SMBsends 0xD0 /* send single block message */ -#define SMBsendb 0xD1 /* send broadcast message */ -#define SMBfwdname 0xD2 /* forward user name */ -#define SMBcancelf 0xD3 /* cancel forward */ -#define SMBgetmac 0xD4 /* get machine name */ -#define SMBsendstrt 0xD5 /* send start of multi-block message */ -#define SMBsendend 0xD6 /* send end of multi-block message */ -#define SMBsendtxt 0xD7 /* send text of multi-block message */ - -/* CorePlus protocol */ - -#define SMBlockread 0x13 /* Lock a range and read it */ -#define SMBwriteunlock 0x14 /* Unlock a range and then write */ -#define SMBreadbraw 0x1a /* read a block of data without smb header ohead*/ -#define SMBwritebraw 0x1d /* write a block of data without smb header ohead*/ -#define SMBwritec 0x20 /* secondary write request */ -#define SMBwriteclose 0x2c /* write a file and then close it */ - -/* DOS Extended Protocol */ - -#define SMBreadBraw 0x1A /* read block raw */ -#define SMBreadBmpx 0x1B /* read block multiplexed */ -#define SMBreadBs 0x1C /* read block (secondary response) */ -#define SMBwriteBraw 0x1D /* write block raw */ -#define SMBwriteBmpx 0x1E /* write block multiplexed */ -#define SMBwriteBs 0x1F /* write block (secondary request) */ -#define SMBwriteC 0x20 /* write complete response */ -#define SMBsetattrE 0x22 /* set file attributes expanded */ -#define SMBgetattrE 0x23 /* get file attributes expanded */ -#define SMBlockingX 0x24 /* lock/unlock byte ranges and X */ -#define SMBtrans 0x25 /* transaction - name, bytes in/out */ -#define SMBtranss 0x26 /* transaction (secondary request/response) */ -#define SMBioctl 0x27 /* IOCTL */ -#define SMBioctls 0x28 /* IOCTL (secondary request/response) */ -#define SMBcopy 0x29 /* copy */ -#define SMBmove 0x2A /* move */ -#define SMBecho 0x2B /* echo */ -#define SMBopenX 0x2D /* open and X */ -#define SMBreadX 0x2E /* read and X */ -#define SMBwriteX 0x2F /* write and X */ -#define SMBsesssetupX 0x73 /* Session Set Up & X (including User Logon) */ -#define SMBtconX 0x75 /* tree connect and X */ -#define SMBffirst 0x82 /* find first */ -#define SMBfunique 0x83 /* find unique */ -#define SMBfclose 0x84 /* find close */ -#define SMBinvalid 0xFE /* invalid command */ - -/* Any more ? */ - -#define SMBdatablockID 0x01 /* A data block identifier */ -#define SMBdialectID 0x02 /* A dialect id */ -#define SMBpathnameID 0x03 /* A pathname ID */ -#define SMBasciiID 0x04 /* An ascii string ID */ -#define SMBvariableblockID 0x05 /* A variable block ID */ - -/* some other defines we need */ - -/* Flags defines ... */ - -#define SMB_FLG2_NON_DOS 0x01 /* We know non dos names */ -#define SMB_FLG2_EXT_ATR 0x02 /* We know about Extended Attributes */ -#define SMB_FLG2_LNG_NAM 0x04 /* Long names ? */ - -typedef unsigned short WORD; -typedef unsigned short UWORD; -typedef unsigned int ULONG; -typedef unsigned char BYTE; -typedef unsigned char UCHAR; - -/* Some macros to allow access to actual packet data so that we */ -/* can change the underlying representation of packets. */ -/* */ -/* The current formats vying for attention are a fragment */ -/* approach where the SMB header is a fragment linked to the */ -/* data portion with the transport protocol (rfcnb or whatever) */ -/* being linked on the front. */ -/* */ -/* The other approach is where the whole packet is one array */ -/* of bytes with space allowed on the front for the packet */ -/* headers. */ - -#define SMB_Hdr(p) (char *)(p -> data) - -/* SMB Hdr def for File Sharing Protocol? From MS and Intel, */ -/* Intel PN 138446 Doc Version 2.0, Nov 7, 1988. This def also */ -/* applies to LANMAN1.0 as well as the Core Protocol */ -/* The spec states that wct and bcc must be present, even if 0 */ - -/* We define these as offsets into a char SMB[] array for the */ -/* sake of portability */ - -/* NOTE!. Some of the lenght defines, SMB__len do not include */ -/* the data that follows in the SMB packet, so the code will have to */ -/* take that into account. */ - -#define SMB_hdr_idf_offset 0 /* 0xFF,'SMB' 0-3 */ -#define SMB_hdr_com_offset 4 /* BYTE 4 */ -#define SMB_hdr_rcls_offset 5 /* BYTE 5 */ -#define SMB_hdr_reh_offset 6 /* BYTE 6 */ -#define SMB_hdr_err_offset 7 /* WORD 7 */ -#define SMB_hdr_reb_offset 9 /* BYTE 9 */ -#define SMB_hdr_flg_offset 9 /* same as reb ...*/ -#define SMB_hdr_res_offset 10 /* 7 WORDs 10 */ -#define SMB_hdr_res0_offset 10 /* WORD 10 */ -#define SMB_hdr_flg2_offset 10 /* WORD */ -#define SMB_hdr_res1_offset 12 /* WORD 12 */ -#define SMB_hdr_res2_offset 14 -#define SMB_hdr_res3_offset 16 -#define SMB_hdr_res4_offset 18 -#define SMB_hdr_res5_offset 20 -#define SMB_hdr_res6_offset 22 -#define SMB_hdr_tid_offset 24 -#define SMB_hdr_pid_offset 26 -#define SMB_hdr_uid_offset 28 -#define SMB_hdr_mid_offset 30 -#define SMB_hdr_wct_offset 32 - -#define SMB_hdr_len 33 /* 33 byte header? */ - -#define SMB_hdr_axc_offset 33 /* AndX Command */ -#define SMB_hdr_axr_offset 34 /* AndX Reserved */ -#define SMB_hdr_axo_offset 35 /* Offset from start to WCT of AndX cmd */ - -/* Format of the Negotiate Protocol SMB */ - -#define SMB_negp_bcc_offset 33 -#define SMB_negp_buf_offset 35 /* Where the buffer starts */ -#define SMB_negp_len 35 /* plus the data */ - -/* Format of the Negotiate Response SMB, for CoreProtocol, LM1.2 and */ -/* NT LM 0.12. wct will be 1 for CoreProtocol, 13 for LM 1.2, and 17 */ -/* for NT LM 0.12 */ - -#define SMB_negrCP_idx_offset 33 /* Response to the neg req */ -#define SMB_negrCP_bcc_offset 35 -#define SMB_negrLM_idx_offset 33 /* dialect index */ -#define SMB_negrLM_sec_offset 35 /* Security mode */ -#define SMB_sec_user_mask 0x01 /* 0 = share, 1 = user */ -#define SMB_sec_encrypt_mask 0x02 /* pick out encrypt */ -#define SMB_negrLM_mbs_offset 37 /* max buffer size */ -#define SMB_negrLM_mmc_offset 39 /* max mpx count */ -#define SMB_negrLM_mnv_offset 41 /* max number of VCs */ -#define SMB_negrLM_rm_offset 43 /* raw mode support bit vec*/ -#define SMB_read_raw_mask 0x01 -#define SMB_write_raw_mask 0x02 -#define SMB_negrLM_sk_offset 45 /* session key, 32 bits */ -#define SMB_negrLM_st_offset 49 /* Current server time */ -#define SMB_negrLM_sd_offset 51 /* Current server date */ -#define SMB_negrLM_stz_offset 53 /* Server Time Zone */ -#define SMB_negrLM_ekl_offset 55 /* encryption key length */ -#define SMB_negrLM_res_offset 57 /* reserved */ -#define SMB_negrLM_bcc_offset 59 /* bcc */ -#define SMB_negrLM_len 61 /* 61 bytes ? */ -#define SMB_negrLM_buf_offset 61 /* Where the fun begins */ - -#define SMB_negrNTLM_idx_offset 33 /* Selected protocol */ -#define SMB_negrNTLM_sec_offset 35 /* Security more */ -#define SMB_negrNTLM_mmc_offset 36 /* Different format above */ -#define SMB_negrNTLM_mnv_offset 38 /* Max VCs */ -#define SMB_negrNTLM_mbs_offset 40 /* MBS now a long */ -#define SMB_negrNTLM_mrs_offset 44 /* Max raw size */ -#define SMB_negrNTLM_sk_offset 48 /* Session Key */ -#define SMB_negrNTLM_cap_offset 52 /* Capabilities */ -#define SMB_negrNTLM_stl_offset 56 /* Server time low */ -#define SMB_negrNTLM_sth_offset 60 /* Server time high */ -#define SMB_negrNTLM_stz_offset 64 /* Server time zone */ -#define SMB_negrNTLM_ekl_offset 66 /* Encrypt key len */ -#define SMB_negrNTLM_bcc_offset 67 /* Bcc */ -#define SMB_negrNTLM_len 69 -#define SMB_negrNTLM_buf_offset 69 - -/* Offsets related to Tree Connect */ - -#define SMB_tcon_bcc_offset 33 -#define SMB_tcon_buf_offset 35 /* where the data is for tcon */ -#define SMB_tcon_len 35 /* plus the data */ - -#define SMB_tconr_mbs_offset 33 /* max buffer size */ -#define SMB_tconr_tid_offset 35 /* returned tree id */ -#define SMB_tconr_bcc_offset 37 -#define SMB_tconr_len 39 - -#define SMB_tconx_axc_offset 33 /* And X Command */ -#define SMB_tconx_axr_offset 34 /* reserved */ -#define SMB_tconx_axo_offset 35 /* Next command offset */ -#define SMB_tconx_flg_offset 37 /* Flags, bit0=1 means disc TID */ -#define SMB_tconx_pwl_offset 39 /* Password length */ -#define SMB_tconx_bcc_offset 41 /* bcc */ -#define SMB_tconx_buf_offset 43 /* buffer */ -#define SMB_tconx_len 43 /* up to data ... */ - -#define SMB_tconxr_axc_offset 33 /* Where the AndX Command is */ -#define SMB_tconxr_axr_offset 34 /* Reserved */ -#define SMB_tconxr_axo_offset 35 /* AndX offset location */ - -/* Offsets related to tree_disconnect */ - -#define SMB_tdis_bcc_offset 33 /* bcc */ -#define SMB_tdis_len 35 /* total len */ - -#define SMB_tdisr_bcc_offset 33 /* bcc */ -#define SMB_tdisr_len 35 - -/* Offsets related to Open Request */ - -#define SMB_open_mod_offset 33 /* Mode to open with */ -#define SMB_open_atr_offset 35 /* Attributes of file */ -#define SMB_open_bcc_offset 37 /* bcc */ -#define SMB_open_buf_offset 39 /* File name */ -#define SMB_open_len 39 /* Plus the file name */ - -#define SMB_openx_axc_offset 33 /* Next command */ -#define SMB_openx_axr_offset 34 /* Reserved */ -#define SMB_openx_axo_offset 35 /* offset of next wct */ -#define SMB_openx_flg_offset 37 /* Flags, bit0 = need more info */ - /* bit1 = exclusive oplock */ - /* bit2 = batch oplock */ -#define SMB_openx_mod_offset 39 /* mode to open with */ -#define SMB_openx_atr_offset 41 /* search attributes */ -#define SMB_openx_fat_offset 43 /* File attributes */ -#define SMB_openx_tim_offset 45 /* time and date of creat */ -#define SMB_openx_ofn_offset 49 /* Open function */ -#define SMB_openx_als_offset 51 /* Space to allocate on */ -#define SMB_openx_res_offset 55 /* reserved */ -#define SMB_openx_bcc_offset 63 /* bcc */ -#define SMB_openx_buf_offset 65 /* Where file name goes */ -#define SMB_openx_len 65 - -#define SMB_openr_fid_offset 33 /* FID returned */ -#define SMB_openr_atr_offset 35 /* Attributes opened with */ -#define SMB_openr_tim_offset 37 /* Last mod time of file */ -#define SMB_openr_fsz_offset 41 /* File size 4 bytes */ -#define SMB_openr_acc_offset 45 /* Access allowed */ -#define SMB_openr_bcc_offset 47 -#define SMB_openr_len 49 - -#define SMB_openxr_axc_offset 33 /* And X command */ -#define SMB_openxr_axr_offset 34 /* reserved */ -#define SMB_openxr_axo_offset 35 /* offset to next command */ -#define SMB_openxr_fid_offset 37 /* FID returned */ -#define SMB_openxr_fat_offset 39 /* File attributes returned*/ -#define SMB_openxr_tim_offset 41 /* File creation date etc */ -#define SMB_openxr_fsz_offset 45 /* Size of file */ -#define SMB_openxr_acc_offset 49 /* Access granted */ - -#define SMB_clos_fid_offset 33 /* FID to close */ -#define SMB_clos_tim_offset 35 /* Last mod time */ -#define SMB_clos_bcc_offset 39 /* bcc */ -#define SMB_clos_len 41 - -/* Offsets related to Write requests */ - -#define SMB_write_fid_offset 33 /* FID to write */ -#define SMB_write_cnt_offset 35 /* bytes to write */ -#define SMB_write_ofs_offset 37 /* location to write to */ -#define SMB_write_clf_offset 41 /* advisory count left */ -#define SMB_write_bcc_offset 43 /* bcc = data bytes + 3 */ -#define SMB_write_buf_offset 45 /* Data=0x01, len, data */ -#define SMB_write_len 45 /* plus the data ... */ - -#define SMB_writr_cnt_offset 33 /* Count of bytes written */ -#define SMB_writr_bcc_offset 35 /* bcc */ -#define SMB_writr_len 37 - -/* Offsets related to read requests */ - -#define SMB_read_fid_offset 33 /* FID of file to read */ -#define SMB_read_cnt_offset 35 /* count of words to read */ -#define SMB_read_ofs_offset 37 /* Where to read from */ -#define SMB_read_clf_offset 41 /* Advisory count to go */ -#define SMB_read_bcc_offset 43 -#define SMB_read_len 45 - -#define SMB_readr_cnt_offset 33 /* Count of bytes returned */ -#define SMB_readr_res_offset 35 /* 4 shorts reserved, 8 bytes */ -#define SMB_readr_bcc_offset 43 /* bcc */ -#define SMB_readr_bff_offset 45 /* buffer format char = 0x01 */ -#define SMB_readr_len_offset 46 /* buffer len */ -#define SMB_readr_len 45 /* length of the readr before data */ - -/* Offsets for Create file */ - -#define SMB_creat_atr_offset 33 /* Attributes of new file ... */ -#define SMB_creat_tim_offset 35 /* Time of creation */ -#define SMB_creat_dat_offset 37 /* 4004BCE :-) */ -#define SMB_creat_bcc_offset 39 /* bcc */ -#define SMB_creat_buf_offset 41 -#define SMB_creat_len 41 /* Before the data */ - -#define SMB_creatr_fid_offset 33 /* FID of created file */ - -/* Offsets for Delete file */ - -#define SMB_delet_sat_offset 33 /* search attribites */ -#define SMB_delet_bcc_offset 35 /* bcc */ -#define SMB_delet_buf_offset 37 -#define SMB_delet_len 37 - -/* Offsets for SESSION_SETUP_ANDX for both LM and NT LM protocols */ - -#define SMB_ssetpLM_mbs_offset 37 /* Max buffer Size, allow for AndX */ -#define SMB_ssetpLM_mmc_offset 39 /* max multiplex count */ -#define SMB_ssetpLM_vcn_offset 41 /* VC number if new VC */ -#define SMB_ssetpLM_snk_offset 43 /* Session Key */ -#define SMB_ssetpLM_pwl_offset 47 /* password length */ -#define SMB_ssetpLM_res_offset 49 /* reserved */ -#define SMB_ssetpLM_bcc_offset 53 /* bcc */ -#define SMB_ssetpLM_len 55 /* before data ... */ -#define SMB_ssetpLM_buf_offset 55 - -#define SMB_ssetpNTLM_mbs_offset 37 /* Max Buffer Size for NT LM 0.12 */ - /* and above */ -#define SMB_ssetpNTLM_mmc_offset 39 /* Max Multiplex count */ -#define SMB_ssetpNTLM_vcn_offset 41 /* VC Number */ -#define SMB_ssetpNTLM_snk_offset 43 /* Session key */ -#define SMB_ssetpNTLM_cipl_offset 47 /* Case Insensitive PW Len */ -#define SMB_ssetpNTLM_cspl_offset 49 /* Unicode pw len */ -#define SMB_ssetpNTLM_res_offset 51 /* reserved */ -#define SMB_ssetpNTLM_cap_offset 55 /* server capabilities */ -#define SMB_ssetpNTLM_bcc_offset 59 /* bcc */ -#define SMB_ssetpNTLM_len 61 /* before data */ -#define SMB_ssetpNTLM_buf_offset 61 - -#define SMB_ssetpr_axo_offset 35 /* Offset of next response ... */ -#define SMB_ssetpr_act_offset 37 /* action, bit 0 = 1 => guest */ -#define SMB_ssetpr_bcc_offset 39 /* bcc */ -#define SMB_ssetpr_buf_offset 41 /* Native OS etc */ - -/* Offsets for SMB create directory */ - -#define SMB_creatdir_bcc_offset 33 /* only a bcc here */ -#define SMB_creatdir_buf_offset 35 /* Where things start */ -#define SMB_creatdir_len 35 - -/* Offsets for SMB delete directory */ - -#define SMB_deletdir_bcc_offset 33 /* only a bcc here */ -#define SMB_deletdir_buf_offset 35 /* where things start */ -#define SMB_deletdir_len 35 - -/* Offsets for SMB check directory */ - -#define SMB_checkdir_bcc_offset 33 /* Only a bcc here */ -#define SMB_checkdir_buf_offset 35 /* where things start */ -#define SMB_checkdir_len 35 - -/* Offsets for SMB search */ - -#define SMB_search_mdc_offset 33 /* Max Dir ents to return */ -#define SMB_search_atr_offset 35 /* Search attributes */ -#define SMB_search_bcc_offset 37 /* bcc */ -#define SMB_search_buf_offset 39 /* where the action is */ -#define SMB_search_len 39 - -#define SMB_searchr_dec_offset 33 /* Dir ents returned */ -#define SMB_searchr_bcc_offset 35 /* bcc */ -#define SMB_searchr_buf_offset 37 /* Where the action starts */ -#define SMB_searchr_len 37 /* before the dir ents */ - -#define SMB_searchr_dirent_len 43 /* 53 bytes */ - -/* Defines for SMB transact and transact2 calls */ - -#define SMB_trans_tpc_offset 33 /* Total param count */ -#define SMB_trans_tdc_offset 35 /* total Data count */ -#define SMB_trans_mpc_offset 37 /* Max params bytes to return */ -#define SMB_trans_mdc_offset 39 /* Max data bytes to return */ -#define SMB_trans_msc_offset 41 /* Max setup words to return */ -#define SMB_trans_rs1_offset 42 /* Reserved byte */ -#define SMB_trans_flg_offset 43 /* flags */ -#define SMB_trans_tmo_offset 45 /* Timeout, long */ -#define SMB_trans_rs2_offset 49 /* Next reserved */ -#define SMB_trans_pbc_offset 51 /* Param Byte count in buf */ -#define SMB_trans_pbo_offset 53 /* Offset to param bytes */ -#define SMB_trans_dbc_offset 55 /* Data byte count in buf */ -#define SMB_trans_dbo_offset 57 /* Data byte offset */ -#define SMB_trans_suc_offset 59 /* Setup count - byte */ -#define SMB_trans_rs3_offset 60 /* Reserved to pad ... */ -#define SMB_trans_len 61 /* Up to setup, still need bcc */ - -#define SMB_transr_tpc_offset 33 /* Total param bytes returned */ -#define SMB_transr_tdc_offset 35 -#define SMB_transr_rs1_offset 37 -#define SMB_transr_pbc_offset 39 -#define SMB_transr_pbo_offset 41 -#define SMB_transr_pdi_offset 43 /* parameter displacement */ -#define SMB_transr_dbc_offset 45 -#define SMB_transr_dbo_offset 47 -#define SMB_transr_ddi_offset 49 -#define SMB_transr_suc_offset 51 -#define SMB_transr_rs2_offset 52 -#define SMB_transr_len 53 - -/* Bit masks for SMB Capabilities ... */ - -#define SMB_cap_raw_mode 0x0001 -#define SMB_cap_mpx_mode 0x0002 -#define SMB_cap_unicode 0x0004 -#define SMB_cap_large_files 0x0008 -#define SMB_cap_nt_smbs 0x0010 -#define SMB_rpc_remote_apis 0x0020 -#define SMB_cap_nt_status 0x0040 -#define SMB_cap_level_II_oplocks 0x0080 -#define SMB_cap_lock_and_read 0x0100 -#define SMB_cap_nt_find 0x0200 - -/* SMB LANMAN api call defines */ - -#define SMB_LMapi_SetUserInfo 0x0072 -#define SMB_LMapi_UserPasswordSet 0x0073 - -/* Structures and defines we use in the client interface */ - -/* The protocols we might support. Perhaps a bit ambitious, as only RFCNB */ -/* has any support so far 0(sometimes called NBT) */ - -typedef enum {SMB_RFCNB, SMB_IPXNB, SMB_NETBEUI, SMB_X25} SMB_Transport_Types; - -typedef enum {SMB_Con_FShare, SMB_Con_PShare, SMB_Con_IPC} SMB_Con_Types; - -typedef enum {SMB_State_NoState, SMB_State_Stopped, SMB_State_Started} SMB_State_Types; - -/* The following two arrays need to be in step! */ -/* We must make it possible for callers to specify these ... */ - - -extern char *SMB_Prots[]; -extern int SMB_Types[]; - -typedef struct SMB_Status { - - union { - struct { - unsigned char ErrorClass; - unsigned char Reserved; - unsigned short Error; - } DosError; - unsigned int NtStatus; - } status; -} SMB_Status; - -typedef struct SMB_Tree_Structure * SMB_Tree_Handle; - -typedef struct SMB_Connect_Def * SMB_Handle_Type; - -struct SMB_Connect_Def { - - SMB_Handle_Type Next_Con, Prev_Con; /* Next and previous conn */ - int protocol; /* What is the protocol */ - int prot_IDX; /* And what is the index */ - void *Trans_Connect; /* The connection */ - - /* All these strings should be malloc'd */ - - char service[80], username[80], password[80], desthost[80], sock_options[80]; - char address[80], myname[80]; - - SMB_Tree_Handle first_tree, last_tree; /* List of trees on this server */ - - int gid; /* Group ID, do we need it? */ - int mid; /* Multiplex ID? We might need one per con */ - int pid; /* Process ID */ - - int uid; /* Authenticated user id. */ - - /* It is pretty clear that we need to bust some of */ - /* these out into a per TCon record, as there may */ - /* be multiple TCon's per server, etc ... later */ - - int port; /* port to use in case not default, this is a TCPism! */ - - int max_xmit; /* Max xmit permitted by server */ - int Security; /* 0 = share, 1 = user */ - int Raw_Support; /* bit 0 = 1 = Read Raw supported, 1 = 1 Write raw */ - BOOL encrypt_passwords; /* FALSE = don't */ - int MaxMPX, MaxVC, MaxRaw; - unsigned int SessionKey, Capabilities; - int SvrTZ; /* Server Time Zone */ - int Encrypt_Key_Len; - char Encrypt_Key[80], Domain[80], PDomain[80], OSName[80], LMType[40]; - char Svr_OS[80], Svr_LMType[80], Svr_PDom[80]; - -}; - -#define SMBLIB_DEFAULT_DOMAIN "STAFF" -#define SMBLIB_DEFAULT_OSNAME "UNIX of some type" -#define SMBLIB_DEFAULT_LMTYPE "SMBlib LM2.1 minus a bit" -#define SMBLIB_MAX_XMIT 65535 - -#define SMB_Sec_Mode_Share 0 -#define SMB_Sec_Mode_User 1 - -/* A Tree_Structure */ - -struct SMB_Tree_Structure { - - SMB_Tree_Handle next, prev; - SMB_Handle_Type con; - char path[129]; - char device_type[20]; - int mbs; /* Local MBS */ - int tid; - -}; - -typedef struct SMB_File_Def SMB_File; - -struct SMB_File_Def { - - SMB_Tree_Handle tree; - char filename[256]; /* We should malloc this ... */ - UWORD fid; - unsigned int lastmod; - unsigned int size; /* Could blow up if 64bit files supported */ - UWORD access; - off_t fileloc; - -}; - -/* global Variables for the library */ - -extern SMB_State_Types SMBlib_State; - -#ifndef SMBLIB_ERRNO -extern int SMBlib_errno; -extern int SMBlib_SMB_Error; /* last Error */ -#endif - -#endif /* _SMBLIB_PRIV_H_ */ --- squid/auth_modules/MSNT/smblib-util.c Wed Feb 14 00:50:51 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,820 +0,0 @@ -/* UNIX SMBlib NetBIOS implementation - - Version 1.0 - SMBlib Utility Routines - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "smblib-priv.h" - -#include "rfcnb.h" -#include "rfcnb-priv.h" -#include "rfcnb-util.h" - -#include -#include - -char *SMB_Prots[] = {"PC NETWORK PROGRAM 1.0", - "MICROSOFT NETWORKS 1.03", - "MICROSOFT NETWORKS 3.0", - "DOS LANMAN1.0", - "LANMAN1.0", - "DOS LM1.2X002", - "LM1.2X002", - "DOS LANMAN2.1", - "LANMAN2.1", - "Samba", - "NT LM 0.12", - "NT LANMAN 1.0", - NULL}; - -int SMB_Types[] = {SMB_P_Core, - SMB_P_CorePlus, - SMB_P_DOSLanMan1, - SMB_P_DOSLanMan1, - SMB_P_LanMan1, - SMB_P_DOSLanMan2, - SMB_P_LanMan2, - SMB_P_LanMan2_1, - SMB_P_LanMan2_1, - SMB_P_NT1, - SMB_P_NT1, - SMB_P_NT1, - -1}; - -/* Print out an SMB pkt in all its gory detail ... */ - -void SMB_Print_Pkt(FILE fd, RFCNB_Pkt *pkt, BOOL command, int Offset, int Len) - -{ - - /* Well, just how do we do this ... print it I suppose */ - - /* Print out the SMB header ... */ - - /* Print the command */ - - /* Print the other bits in the header */ - - - /* etc */ - -} - -/* Convert a DOS Date_Time to a local host type date time for printing */ - -char *SMB_DOSTimToStr(int DOS_time) - -{ static char SMB_Time_Temp[48]; - int DOS_sec, DOS_min, DOS_hour, DOS_day, DOS_month, DOS_year; - - SMB_Time_Temp[0] = 0; - - DOS_sec = (DOS_time & 0x001F) * 2; - DOS_min = (DOS_time & 0x07E0) >> 5; - DOS_hour = ((DOS_time & 0xF800) >> 11); - - DOS_day = (DOS_time & 0x001F0000) >> 16; - DOS_month = (DOS_time & 0x01E00000) >> 21; - DOS_year = ((DOS_time & 0xFE000000) >> 25) + 80; - - sprintf(SMB_Time_Temp, "%2d/%02d/%2d %2d:%02d:%02d", DOS_day, DOS_month, - DOS_year, DOS_hour, DOS_min, DOS_sec); - - return(SMB_Time_Temp); - -} - -/* Convert an attribute byte/word etc to a string ... We return a pointer - to a static string which we guarantee is long enough. If verbose is - true, we print out long form of strings ... */ - -char *SMB_AtrToStr(int attribs, BOOL verbose) - -{ static char SMB_Attrib_Temp[128]; - - SMB_Attrib_Temp[0] = 0; - - if (attribs & SMB_FA_ROF) - strcat(SMB_Attrib_Temp, (verbose?"Read Only ":"R")); - - if (attribs & SMB_FA_HID) - strcat(SMB_Attrib_Temp, (verbose?"Hidden ":"H")); - - if (attribs & SMB_FA_SYS) - strcat(SMB_Attrib_Temp, (verbose?"System ":"S")); - - if (attribs & SMB_FA_VOL) - strcat(SMB_Attrib_Temp, (verbose?"Volume ":"V")); - - if (attribs & SMB_FA_DIR) - strcat(SMB_Attrib_Temp, (verbose?"Directory ":"D")); - - if (attribs & SMB_FA_ARC) - strcat(SMB_Attrib_Temp, (verbose?"Archive ":"A")); - - return(SMB_Attrib_Temp); - -} - -/* Pick up the Max Buffer Size from the Tree Structure ... */ - -int SMB_Get_Tree_MBS(SMB_Tree_Handle tree) - -{ - if (tree != NULL) { - return(tree -> mbs); - } - else { - return(SMBlibE_BAD); - } -} - -/* Pick up the Max buffer size */ - -int SMB_Get_Max_Buf_Siz(SMB_Handle_Type Con_Handle) - -{ - if (Con_Handle != NULL) { - return(Con_Handle -> max_xmit); - } - else { - return(SMBlibE_BAD); - } - -} -/* Pickup the protocol index from the connection structure */ - -int SMB_Get_Protocol_IDX(SMB_Handle_Type Con_Handle) - -{ - if (Con_Handle != NULL) { - return(Con_Handle -> prot_IDX); - } - else { - return(0xFFFF); /* Invalid protocol */ - } - -} - -/* Pick up the protocol from the connection structure */ - -int SMB_Get_Protocol(SMB_Handle_Type Con_Handle) - -{ - if (Con_Handle != NULL) { - return(Con_Handle -> protocol); - } - else { - return(0xFFFF); /* Invalid protocol */ - } - -} - -/* Figure out what protocol was accepted, given the list of dialect strings */ -/* We offered, and the index back from the server. We allow for a user */ -/* supplied list, and assume that it is a subset of our list */ - -int SMB_Figure_Protocol(char *dialects[], int prot_index) - -{ int i; - - if (dialects == SMB_Prots) { /* The jobs is easy, just index into table */ - - return(SMB_Types[prot_index]); - } - else { /* Search through SMB_Prots looking for a match */ - - for (i = 0; SMB_Prots[i] != NULL; i++) { - - if (strcmp(dialects[prot_index], SMB_Prots[i]) == 0) { /* A match */ - - return(SMB_Types[i]); - - } - - } - - /* If we got here, then we are in trouble, because the protocol was not */ - /* One we understand ... */ - - return(SMB_P_Unknown); - - } - -} - - -/* Negotiate the protocol we will use from the list passed in Prots */ -/* we return the index of the accepted protocol in NegProt, -1 indicates */ -/* none acceptible, and our return value is 0 if ok, <0 if problems */ - -int SMB_Negotiate(SMB_Handle_Type Con_Handle, char *Prots[]) -{ - struct RFCNB_Pkt *pkt; - int prots_len, i, pkt_len, prot, alloc_len; - char *p; - - /* Figure out how long the prot list will be and allocate space for it */ - - prots_len = 0; - - for (i = 0; Prots[i] != NULL; i++) { - - prots_len = prots_len + strlen(Prots[i]) + 2; /* Account for null etc */ - - } - - /* The -1 accounts for the one byte smb_buf we have because some systems */ - /* don't like char msg_buf[] */ - - pkt_len = SMB_negp_len + prots_len; - - /* Make sure that the pkt len is long enough for the max response ... */ - /* Which is a problem, because the encryption key len eec may be long */ - - if (pkt_len < (SMB_hdr_wct_offset + (19 * 2) + 40)) { - - alloc_len = SMB_hdr_wct_offset + (19 * 2) + 40; - - } - else { - - alloc_len = pkt_len; - - } - - pkt = (struct RFCNB_Pkt *)RFCNB_Alloc_Pkt(alloc_len); - - if (pkt == NULL) { - - SMBlib_errno = SMBlibE_NoSpace; - return(SMBlibE_BAD); - - } - - /* Now plug in the bits we need */ - - bzero(SMB_Hdr(pkt), SMB_negp_len); - SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ - *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBnegprot; - SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle -> pid); - SSVAL(SMB_Hdr(pkt), SMB_hdr_tid_offset, 0); - SSVAL(SMB_Hdr(pkt), SMB_hdr_mid_offset, Con_Handle -> mid); - SSVAL(SMB_Hdr(pkt), SMB_hdr_uid_offset, Con_Handle -> uid); - *(SMB_Hdr(pkt) + SMB_hdr_wct_offset) = 0; - - SSVAL(SMB_Hdr(pkt), SMB_negp_bcc_offset, prots_len); - - /* Now copy the prot strings in with the right stuff */ - - p = (char *)(SMB_Hdr(pkt) + SMB_negp_buf_offset); - - for (i = 0; Prots[i] != NULL; i++) { - - *p = SMBdialectID; - strcpy(p + 1, Prots[i]); - p = p + strlen(Prots[i]) + 2; /* Adjust len of p for null plus dialectID */ - - } - - /* Now send the packet and sit back ... */ - - if (RFCNB_Send(Con_Handle -> Trans_Connect, pkt, pkt_len) < 0){ - - -#ifdef DEBUG - fprintf(stderr, "Error sending negotiate protocol\n"); -#endif - - RFCNB_Free_Pkt(pkt); - SMBlib_errno = -SMBlibE_SendFailed; /* Failed, check lower layer errno */ - return(SMBlibE_BAD); - - } - - /* Now get the response ... */ - - if (RFCNB_Recv(Con_Handle -> Trans_Connect, pkt, alloc_len) < 0) { - -#ifdef DEBUG - fprintf(stderr, "Error receiving response to negotiate\n"); -#endif - - RFCNB_Free_Pkt(pkt); - SMBlib_errno = -SMBlibE_RecvFailed; /* Failed, check lower layer errno */ - return(SMBlibE_BAD); - - } - - if (CVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset) != SMBC_SUCCESS) { /* Process error */ - -#ifdef DEBUG - fprintf(stderr, "SMB_Negotiate failed with errorclass = %i, Error Code = %i\n", - CVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset), - SVAL(SMB_Hdr(pkt), SMB_hdr_err_offset)); -#endif - - SMBlib_SMB_Error = IVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset); - RFCNB_Free_Pkt(pkt); - SMBlib_errno = SMBlibE_Remote; - return(SMBlibE_BAD); - - } - - if (SVAL(SMB_Hdr(pkt), SMB_negrCP_idx_offset) == 0xFFFF) { - -#ifdef DEBUG - fprintf(stderr, "None of our protocols was accepted ... "); -#endif - - RFCNB_Free_Pkt(pkt); - SMBlib_errno = SMBlibE_NegNoProt; - return(SMBlibE_BAD); - - } - - /* Now, unpack the info from the response, if any and evaluate the proto */ - /* selected. We must make sure it is one we like ... */ - - Con_Handle -> prot_IDX = prot = SVAL(SMB_Hdr(pkt), SMB_negrCP_idx_offset); - Con_Handle -> protocol = SMB_Figure_Protocol(Prots, prot); - - if (Con_Handle -> protocol == SMB_P_Unknown) { /* No good ... */ - - RFCNB_Free_Pkt(pkt); - SMBlib_errno = SMBlibE_ProtUnknown; - return(SMBlibE_BAD); - - } - - switch (CVAL(SMB_Hdr(pkt), SMB_hdr_wct_offset)) { - - case 0x01: /* No more info ... */ - - break; - - case 13: /* Up to and including LanMan 2.1 */ - - Con_Handle -> Security = SVAL(SMB_Hdr(pkt), SMB_negrLM_sec_offset); - Con_Handle -> encrypt_passwords = ((Con_Handle -> Security & SMB_sec_encrypt_mask) != 0x00); - Con_Handle -> Security = Con_Handle -> Security & SMB_sec_user_mask; - - Con_Handle -> max_xmit = SVAL(SMB_Hdr(pkt), SMB_negrLM_mbs_offset); - Con_Handle -> MaxMPX = SVAL(SMB_Hdr(pkt), SMB_negrLM_mmc_offset); - Con_Handle -> MaxVC = SVAL(SMB_Hdr(pkt), SMB_negrLM_mnv_offset); - Con_Handle -> Raw_Support = SVAL(SMB_Hdr(pkt), SMB_negrLM_rm_offset); - Con_Handle -> SessionKey = IVAL(SMB_Hdr(pkt), SMB_negrLM_sk_offset); - Con_Handle -> SvrTZ = SVAL(SMB_Hdr(pkt), SMB_negrLM_stz_offset); - Con_Handle -> Encrypt_Key_Len = SVAL(SMB_Hdr(pkt), SMB_negrLM_ekl_offset); - - p = (SMB_Hdr(pkt) + SMB_negrLM_buf_offset); - fprintf(stderr, "%d", (int)(SMB_Hdr(pkt) + SMB_negrLM_buf_offset)); - memcpy(Con_Handle->Encrypt_Key, p, 8); - - p = (SMB_Hdr(pkt) + SMB_negrLM_buf_offset + Con_Handle -> Encrypt_Key_Len); - - strncpy(p, Con_Handle -> Svr_PDom, sizeof(Con_Handle -> Svr_PDom) - 1); - - break; - - case 17: /* NT LM 0.12 and LN LM 1.0 */ - - Con_Handle -> Security = SVAL(SMB_Hdr(pkt), SMB_negrNTLM_sec_offset); - Con_Handle -> encrypt_passwords = ((Con_Handle -> Security & SMB_sec_encrypt_mask) != 0x00); - Con_Handle -> Security = Con_Handle -> Security & SMB_sec_user_mask; - - Con_Handle -> max_xmit = IVAL(SMB_Hdr(pkt), SMB_negrNTLM_mbs_offset); - Con_Handle -> MaxMPX = SVAL(SMB_Hdr(pkt), SMB_negrNTLM_mmc_offset); - Con_Handle -> MaxVC = SVAL(SMB_Hdr(pkt), SMB_negrNTLM_mnv_offset); - Con_Handle -> MaxRaw = IVAL(SMB_Hdr(pkt), SMB_negrNTLM_mrs_offset); - Con_Handle -> SessionKey = IVAL(SMB_Hdr(pkt), SMB_negrNTLM_sk_offset); - Con_Handle -> SvrTZ = SVAL(SMB_Hdr(pkt), SMB_negrNTLM_stz_offset); - Con_Handle -> Encrypt_Key_Len = CVAL(SMB_Hdr(pkt), SMB_negrNTLM_ekl_offset); - - p = (SMB_Hdr(pkt) + SMB_negrNTLM_buf_offset ); - memcpy(Con_Handle -> Encrypt_Key, p, 8); - p = (SMB_Hdr(pkt) + SMB_negrNTLM_buf_offset + Con_Handle -> Encrypt_Key_Len); - - strncpy(p, Con_Handle -> Svr_PDom, sizeof(Con_Handle -> Svr_PDom) - 1); - - break; - - default: - -#ifdef DEBUG - fprintf(stderr, "Unknown NegProt response format ... Ignored\n"); - fprintf(stderr, " wct = %i\n", CVAL(SMB_Hdr(pkt), SMB_hdr_wct_offset)); -#endif - - break; - } - -#ifdef DEBUG - fprintf(stderr, "Protocol selected is: %i:%s\n", prot, Prots[prot]); -#endif - - RFCNB_Free_Pkt(pkt); - return(0); - -} - -/* Get our hostname */ - -void SMB_Get_My_Name(char *name, int len) - -{ - - if (gethostname(name, len) < 0) { /* Error getting name */ - - strncpy(name, "unknown", len); - - /* Should check the error */ - -#ifdef DEBUG - fprintf(stderr, "gethostname in SMB_Get_My_Name returned error:"); - perror(""); -#endif - - } - - /* only keep the portion up to the first "." */ - - -} - -/* Send a TCON to the remote server ... */ - -SMB_Tree_Handle SMB_TreeConnect(SMB_Handle_Type Con_Handle, - SMB_Tree_Handle Tree_Handle, - char *path, - char *password, - char *device) - -{ struct RFCNB_Pkt *pkt; - int param_len, pkt_len; - char *p; - SMB_Tree_Handle tree; - - /* Figure out how much space is needed for path, password, dev ... */ - - if ((path == NULL) | (password == NULL) | (device == NULL)) { - -#ifdef DEBUG - fprintf(stderr, "Bad parameter passed to SMB_TreeConnect\n"); -#endif - - SMBlib_errno = SMBlibE_BadParam; - return(NULL); - - } - - /* The + 2 is because of the \0 and the marker ... */ - - param_len = strlen(path) + 2 + strlen(password) + 2 + strlen(device) + 2; - - /* The -1 accounts for the one byte smb_buf we have because some systems */ - /* don't like char msg_buf[] */ - - pkt_len = SMB_tcon_len + param_len; - - pkt = (struct RFCNB_Pkt *)RFCNB_Alloc_Pkt(pkt_len); - - if (pkt == NULL) { - - SMBlib_errno = SMBlibE_NoSpace; - return(NULL); /* Should handle the error */ - - } - - /* Now allocate a tree for this to go into ... */ - - if (Tree_Handle == NULL) { - - tree = (SMB_Tree_Handle)malloc(sizeof(struct SMB_Tree_Structure)); - - if (tree == NULL) { - - RFCNB_Free_Pkt(pkt); - SMBlib_errno = SMBlibE_NoSpace; - return(NULL); - - } - } - else { - - tree = Tree_Handle; - - } - - tree -> next = tree -> prev = NULL; - tree -> con = Con_Handle; - strncpy(tree -> path, path, sizeof(tree -> path)); - strncpy(tree -> device_type, device, sizeof(tree -> device_type)); - - /* Now plug in the values ... */ - - bzero(SMB_Hdr(pkt), SMB_tcon_len); - SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ - *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBtcon; - SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle -> pid); - SSVAL(SMB_Hdr(pkt), SMB_hdr_tid_offset, 0); - SSVAL(SMB_Hdr(pkt), SMB_hdr_mid_offset, Con_Handle -> mid); - SSVAL(SMB_Hdr(pkt), SMB_hdr_uid_offset, Con_Handle -> uid); - *(SMB_Hdr(pkt) + SMB_hdr_wct_offset) = 0; - - SSVAL(SMB_Hdr(pkt), SMB_tcon_bcc_offset, param_len); - - /* Now copy the param strings in with the right stuff */ - - p = (char *)(SMB_Hdr(pkt) + SMB_tcon_buf_offset); - *p = SMBasciiID; - strcpy(p + 1, path); - p = p + strlen(path) + 2; - *p = SMBasciiID; - strcpy(p + 1, password); - p = p + strlen(password) + 2; - *p = SMBasciiID; - strcpy(p + 1, device); - - /* Now send the packet and sit back ... */ - - if (RFCNB_Send(Con_Handle -> Trans_Connect, pkt, pkt_len) < 0){ - -#ifdef DEBUG - fprintf(stderr, "Error sending TCon request\n"); -#endif - - if (Tree_Handle == NULL) - free(tree); - RFCNB_Free_Pkt(pkt); - SMBlib_errno = -SMBlibE_SendFailed; - return(NULL); - - } - - /* Now get the response ... */ - - if (RFCNB_Recv(Con_Handle -> Trans_Connect, pkt, pkt_len) < 0) { - -#ifdef DEBUG - fprintf(stderr, "Error receiving response to TCon\n"); -#endif - - if (Tree_Handle == NULL) - free(tree); - RFCNB_Free_Pkt(pkt); - SMBlib_errno = -SMBlibE_RecvFailed; - return(NULL); - - } - - /* Check out the response type ... */ - - if (CVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset) != SMBC_SUCCESS) { /* Process error */ - -#ifdef DEBUG - fprintf(stderr, "SMB_TCon failed with errorclass = %i, Error Code = %i\n", - CVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset), - SVAL(SMB_Hdr(pkt), SMB_hdr_err_offset)); -#endif - - if (Tree_Handle == NULL) - free(tree); - SMBlib_SMB_Error = IVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset); - RFCNB_Free_Pkt(pkt); - SMBlib_errno = SMBlibE_Remote; - return(NULL); - - } - - tree -> tid = SVAL(SMB_Hdr(pkt), SMB_tconr_tid_offset); - tree -> mbs = SVAL(SMB_Hdr(pkt), SMB_tconr_mbs_offset); - -#ifdef DEBUG - fprintf(stderr, "TConn succeeded, with TID=%i, Max Xmit=%i\n", - tree -> tid, tree -> mbs); -#endif - - /* Now link the Tree to the Server Structure ... */ - - if (Con_Handle -> first_tree == NULL) { - - Con_Handle -> first_tree = tree; - Con_Handle -> last_tree = tree; - - } - else { - - Con_Handle -> last_tree -> next = tree; - tree -> prev = Con_Handle -> last_tree; - Con_Handle -> last_tree = tree; - - } - - RFCNB_Free_Pkt(pkt); - return(tree); - -} - -int SMB_TreeDisconnect(SMB_Tree_Handle Tree_Handle, BOOL discard) - -{ struct RFCNB_Pkt *pkt; - int pkt_len; - - pkt_len = SMB_tdis_len; - - pkt = (struct RFCNB_Pkt *)RFCNB_Alloc_Pkt(pkt_len); - - if (pkt == NULL) { - - SMBlib_errno = SMBlibE_NoSpace; - return(SMBlibE_BAD); /* Should handle the error */ - - } - - /* Now plug in the values ... */ - - bzero(SMB_Hdr(pkt), SMB_tdis_len); - SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ - *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBtdis; - SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Tree_Handle -> con -> pid); - SSVAL(SMB_Hdr(pkt), SMB_hdr_mid_offset, Tree_Handle -> con -> mid); - SSVAL(SMB_Hdr(pkt), SMB_hdr_uid_offset, Tree_Handle -> con -> uid); - *(SMB_Hdr(pkt) + SMB_hdr_wct_offset) = 0; - - SSVAL(SMB_Hdr(pkt), SMB_hdr_tid_offset, Tree_Handle -> tid); - SSVAL(SMB_Hdr(pkt), SMB_tcon_bcc_offset, 0); - - /* Now send the packet and sit back ... */ - - if (RFCNB_Send(Tree_Handle -> con -> Trans_Connect, pkt, pkt_len) < 0){ - -#ifdef DEBUG - fprintf(stderr, "Error sending TDis request\n"); -#endif - - RFCNB_Free_Pkt(pkt); - SMBlib_errno = -SMBlibE_SendFailed; - return(SMBlibE_BAD); - - } - - /* Now get the response ... */ - - if (RFCNB_Recv(Tree_Handle -> con -> Trans_Connect, pkt, pkt_len) < 0) { - -#ifdef DEBUG - fprintf(stderr, "Error receiving response to TCon\n"); -#endif - - RFCNB_Free_Pkt(pkt); - SMBlib_errno = -SMBlibE_RecvFailed; - return(SMBlibE_BAD); - - } - - /* Check out the response type ... */ - - if (CVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset) != SMBC_SUCCESS) { /* Process error */ - -#ifdef DEBUG - fprintf(stderr, "SMB_TDis failed with errorclass = %i, Error Code = %i\n", - CVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset), - SVAL(SMB_Hdr(pkt), SMB_hdr_err_offset)); -#endif - - SMBlib_SMB_Error = IVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset); - RFCNB_Free_Pkt(pkt); - SMBlib_errno = SMBlibE_Remote; - return(SMBlibE_BAD); - - } - - Tree_Handle -> tid = 0xFFFF; /* Invalid TID */ - Tree_Handle -> mbs = 0; /* Invalid */ - -#ifdef DEBUG - - fprintf(stderr, "Tree disconnect successful ...\n"); - -#endif - - /* What about the tree handle ? */ - - if (discard == TRUE) { /* Unlink it and free it ... */ - - if (Tree_Handle -> next == NULL) - Tree_Handle -> con -> first_tree = Tree_Handle -> prev; - else - Tree_Handle -> next -> prev = Tree_Handle -> prev; - - if (Tree_Handle -> prev == NULL) - Tree_Handle -> con -> last_tree = Tree_Handle -> next; - else - Tree_Handle -> prev -> next = Tree_Handle -> next; - - } - - RFCNB_Free_Pkt(pkt); - return(0); - -} - -/* Pick up the last LMBlib error ... */ - -int SMB_Get_Last_Error() - -{ - - return(SMBlib_errno); - -} - -/* Pick up the last error returned in an SMB packet */ -/* We will need macros to extract error class and error code */ - -int SMB_Get_Last_SMB_Err() - -{ - - return(SMBlib_SMB_Error); - -} - -/* Pick up the error message associated with an error from SMBlib */ - -/* Keep this table in sync with the message codes in smblib-common.h */ - -static char *SMBlib_Error_Messages[] = { - - "Request completed sucessfully.", - "Server returned a non-zero SMB Error Class and Code.", - "A lower layer protocol error occurred.", - "Function not yet implemented.", - "The protocol negotiated does not support the request.", - "No space available for operation.", - "One or more bad parameters passed.", - "None of the protocols we offered were accepted.", - "The attempt to send an SMB request failed. See protocol error info.", - "The attempt to get an SMB response failed. See protocol error info.", - "The logon request failed, but you were logged in as guest.", - "The attempt to call the remote server failed. See protocol error info.", - "The protocol dialect specified in a NegProt and accepted by the server is unknown.", - /* This next one simplifies error handling */ - "No such error code.", - NULL}; - -void SMB_Get_Error_Msg(int msg, char *msgbuf, int len) - -{ - - if (msg >= 0) { - - strncpy(msgbuf, - SMBlib_Error_Messages[msg>SMBlibE_NoSuchMsg?SMBlibE_NoSuchMsg:msg], - len - 1); - msgbuf[len - 1] = 0; /* Make sure it is a string */ - } - else { /* Add the lower layer message ... */ - - char prot_msg[1024]; - - msg = -msg; /* Make it positive */ - - strncpy(msgbuf, - SMBlib_Error_Messages[msg>SMBlibE_NoSuchMsg?SMBlibE_NoSuchMsg:msg], - len - 1); - - msgbuf[len - 1] = 0; /* make sure it is a string */ - - if (strlen(msgbuf) < len) { /* If there is space, put rest in */ - - strncat(msgbuf, "\n\t", len - strlen(msgbuf)); - - RFCNB_Get_Error(prot_msg, sizeof(prot_msg) - 1); - - strncat(msgbuf, prot_msg, len - strlen(msgbuf)); - - } - } - -} --- squid/auth_modules/MSNT/smblib.c Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,568 +0,0 @@ -/* UNIX SMBlib NetBIOS implementation - - Version 1.0 - SMBlib Routines - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -int SMBlib_errno; -int SMBlib_SMB_Error; -#define SMBLIB_ERRNO -#define uchar unsigned char -#include "smblib-priv.h" -#include "smblib.h" -#include "rfcnb-priv.h" -#include "rfcnb.h" -#include "rfcnb-util.h" - -#include -#include -#include - -#include - -SMB_State_Types SMBlib_State; - -extern int RFCNB_Set_Sock_NoDelay(RFCNB_Con *, BOOL); -extern void SMB_Get_My_Name(char *, int); - -/* Initialize the SMBlib package */ - -int SMB_Init() - -{ - - SMBlib_State = SMB_State_Started; - - signal(SIGPIPE, SIG_IGN); /* Ignore these ... */ - -/* If SMBLIB_Instrument is defines, turn on the instrumentation stuff */ -#ifdef SMBLIB_INSTRUMENT - - SMBlib_Instrument_Init(); - -#endif - - return 0; - -} - -int SMB_Term() - -{ - -#ifdef SMBLIB_INSTRUMENT - - SMBlib_Instrument_Term(); /* Clean up and print results */ - -#endif - - return 0; - -} - -/* SMB_Create: Create a connection structure and return for later use */ -/* We have other helper routines to set variables */ - -SMB_Handle_Type SMB_Create_Con_Handle(void) - -{ - - SMBlib_errno = SMBlibE_NotImpl; - return(NULL); - -} - -int SMBlib_Set_Sock_NoDelay(SMB_Handle_Type Con_Handle, BOOL yn) - -{ - - - if (RFCNB_Set_Sock_NoDelay(Con_Handle -> Trans_Connect, yn) < 0) { - -#ifdef DEBUG -#endif - - fprintf(stderr, "Setting no-delay on TCP socket failed ...\n"); - - } - - return(0); - -} - -/* SMB_Connect_Server: Connect to a server, but don't negotiate protocol */ -/* or anything else ... */ - -SMB_Handle_Type SMB_Connect_Server(SMB_Handle_Type Con_Handle, - char *server, char *NTdomain) - -{ SMB_Handle_Type con; - char called[80], calling[80], *address; - int i; - - /* Get a connection structure if one does not exist */ - - con = Con_Handle; - - if (Con_Handle == NULL) { - - if ((con = (struct SMB_Connect_Def *)malloc(sizeof(struct SMB_Connect_Def))) == NULL) { - - - SMBlib_errno = SMBlibE_NoSpace; - return NULL; - } - - } - - /* Init some things ... */ - - strcpy(con -> service, ""); - strcpy(con -> username, ""); - strcpy(con -> password, ""); - strcpy(con -> sock_options, ""); - strcpy(con -> address, ""); - strcpy(con -> desthost, server); - strcpy(con -> PDomain, NTdomain); - strcpy(con -> OSName, SMBLIB_DEFAULT_OSNAME); - strcpy(con -> LMType, SMBLIB_DEFAULT_LMTYPE); - con -> first_tree = con -> last_tree = NULL; - - SMB_Get_My_Name(con -> myname, sizeof(con -> myname)); - - con -> port = 0; /* No port selected */ - - /* Get some things we need for the SMB Header */ - - con -> pid = getpid(); - con -> mid = con -> pid; /* This will do for now ... */ - con -> uid = 0; /* Until we have done a logon, no uid ... */ - con -> gid = getgid(); - - /* Now connect to the remote end, but first upper case the name of the - service we are going to call, sine some servers want it in uppercase */ - - for (i=0; i < strlen(server); i++) - called[i] = toupper(server[i]); - - called[strlen(server)] = 0; /* Make it a string */ - - for (i=0; i < strlen(con -> myname); i++) - calling[i] = toupper(con -> myname[i]); - - calling[strlen(con -> myname)] = 0; /* Make it a string */ - - if (strcmp(con -> address, "") == 0) - address = con -> desthost; - else - address = con -> address; - - con -> Trans_Connect = RFCNB_Call(called, - calling, - address, /* Protocol specific */ - con -> port); - - /* Did we get one? */ - - if (con -> Trans_Connect == NULL) { - - if (Con_Handle == NULL) { - Con_Handle = NULL; - free(con); - } - SMBlib_errno = -SMBlibE_CallFailed; - return NULL; - - } - - return(con); - -} - -/* SMB_Connect: Connect to the indicated server */ -/* If Con_Handle == NULL then create a handle and connect, otherwise */ -/* use the handle passed */ - -char *SMB_Prots_Restrict[] = {"PC NETWORK PROGRAM 1.0", - NULL}; - - -SMB_Handle_Type SMB_Connect(SMB_Handle_Type Con_Handle, - SMB_Tree_Handle *tree, - char *service, - char *username, - char *password) - -{ SMB_Handle_Type con; - char *host, *address; - char temp[80], called[80], calling[80]; - int i; - - /* Get a connection structure if one does not exist */ - - con = Con_Handle; - - if (Con_Handle == NULL) { - - if ((con = (struct SMB_Connect_Def *)malloc(sizeof(struct SMB_Connect_Def))) == NULL) { - - SMBlib_errno = SMBlibE_NoSpace; - return NULL; - } - - } - - /* Init some things ... */ - - strcpy(con -> service, service); - strcpy(con -> username, username); - strcpy(con -> password, password); - strcpy(con -> sock_options, ""); - strcpy(con -> address, ""); - strcpy(con -> PDomain, SMBLIB_DEFAULT_DOMAIN); - strcpy(con -> OSName, SMBLIB_DEFAULT_OSNAME); - strcpy(con -> LMType, SMBLIB_DEFAULT_LMTYPE); - con -> first_tree = con -> last_tree = NULL; - - SMB_Get_My_Name(con -> myname, sizeof(con -> myname)); - - con -> port = 0; /* No port selected */ - - /* Get some things we need for the SMB Header */ - - con -> pid = getpid(); - con -> mid = con -> pid; /* This will do for now ... */ - con -> uid = 0; /* Until we have done a logon, no uid */ - con -> gid = getgid(); - - /* Now figure out the host portion of the service */ - - strcpy(temp, service); - /* AI - Added (char *) to stop compiler warnings */ - host = (char *) strtok(temp, "/\\"); /* Separate host name portion */ - strcpy(con -> desthost, host); - - /* Now connect to the remote end, but first upper case the name of the - service we are going to call, sine some servers want it in uppercase */ - - for (i=0; i < strlen(host); i++) - called[i] = toupper(host[i]); - - called[strlen(host)] = 0; /* Make it a string */ - - for (i=0; i < strlen(con -> myname); i++) - calling[i] = toupper(con -> myname[i]); - - calling[strlen(con -> myname)] = 0; /* Make it a string */ - - if (strcmp(con -> address, "") == 0) - address = con -> desthost; - else - address = con -> address; - - con -> Trans_Connect = RFCNB_Call(called, - calling, - address, /* Protocol specific */ - con -> port); - - /* Did we get one? */ - - if (con -> Trans_Connect == NULL) { - - if (Con_Handle == NULL) { - free(con); - Con_Handle = NULL; - } - SMBlib_errno = -SMBlibE_CallFailed; - return NULL; - - } - - /* Now, negotiate the protocol */ - - if (SMB_Negotiate(con, SMB_Prots_Restrict) < 0) { - - /* Hmmm what should we do here ... We have a connection, but could not - negotiate ... */ - - return NULL; - - } - - /* Now connect to the service ... */ - - if ((*tree = SMB_TreeConnect(con, NULL, service, password, "A:")) == NULL) { - - return NULL; - - } - - return(con); - -} - -/* Logon to the server. That is, do a session setup if we can. We do not do */ -/* Unicode yet! */ - -int SMB_Logon_Server(SMB_Handle_Type Con_Handle, char *UserName, - char *PassWord) - -{ struct RFCNB_Pkt *pkt; - int param_len, pkt_len, pass_len; - char *p, pword[128]; - - /* First we need a packet etc ... but we need to know what protocol has */ - /* been negotiated to figure out if we can do it and what SMB format to */ - /* use ... */ - - if (Con_Handle -> protocol < SMB_P_LanMan1) { - - SMBlib_errno = SMBlibE_ProtLow; - return(SMBlibE_BAD); - - } - - strcpy(pword, PassWord); -#ifdef PAM_SMB_ENC_PASS - if (Con_Handle -> encrypt_passwords) - { - pass_len=24; - SMBencrypt((uchar *) PassWord, (uchar *)Con_Handle -> Encrypt_Key,(uchar *)pword); - } - else -#endif - pass_len=strlen(pword); - - - /* Now build the correct structure */ - - if (Con_Handle -> protocol < SMB_P_NT1) { - - param_len = strlen(UserName) + 1 + pass_len + 1 + - strlen(Con_Handle -> PDomain) + 1 + - strlen(Con_Handle -> OSName) + 1; - - pkt_len = SMB_ssetpLM_len + param_len; - - pkt = (struct RFCNB_Pkt *)RFCNB_Alloc_Pkt(pkt_len); - - if (pkt == NULL) { - - SMBlib_errno = SMBlibE_NoSpace; - return(SMBlibE_BAD); /* Should handle the error */ - - } - - bzero(SMB_Hdr(pkt), SMB_ssetpLM_len); - SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ - *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBsesssetupX; - SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle -> pid); - SSVAL(SMB_Hdr(pkt), SMB_hdr_tid_offset, 0); - SSVAL(SMB_Hdr(pkt), SMB_hdr_mid_offset, Con_Handle -> mid); - SSVAL(SMB_Hdr(pkt), SMB_hdr_uid_offset, Con_Handle -> uid); - *(SMB_Hdr(pkt) + SMB_hdr_wct_offset) = 10; - *(SMB_Hdr(pkt) + SMB_hdr_axc_offset) = 0xFF; /* No extra command */ - SSVAL(SMB_Hdr(pkt), SMB_hdr_axo_offset, 0); - - SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_mbs_offset, SMBLIB_MAX_XMIT); - SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_mmc_offset, 2); - SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_vcn_offset, Con_Handle -> pid); - SIVAL(SMB_Hdr(pkt), SMB_ssetpLM_snk_offset, 0); - SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_pwl_offset, pass_len + 1); - SIVAL(SMB_Hdr(pkt), SMB_ssetpLM_res_offset, 0); - SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_bcc_offset, param_len); - - /* Now copy the param strings in with the right stuff */ - - p = (char *)(SMB_Hdr(pkt) + SMB_ssetpLM_buf_offset); - - /* Copy in password, then the rest. Password has a null at end */ - - memcpy(p, pword, pass_len); - - p = p + pass_len + 1; - - strcpy(p, UserName); - p = p + strlen(UserName); - *p = 0; - - p = p + 1; - - strcpy(p, Con_Handle -> PDomain); - p = p + strlen(Con_Handle -> PDomain); - *p = 0; - p = p + 1; - - strcpy(p, Con_Handle -> OSName); - p = p + strlen(Con_Handle -> OSName); - *p = 0; - - } - else { - - /* We don't admit to UNICODE support ... */ - - param_len = strlen(UserName) + 1 + pass_len + - strlen(Con_Handle -> PDomain) + 1 + - strlen(Con_Handle -> OSName) + 1 + - strlen(Con_Handle -> LMType) + 1; - - pkt_len = SMB_ssetpNTLM_len + param_len; - - pkt = (struct RFCNB_Pkt *)RFCNB_Alloc_Pkt(pkt_len); - - if (pkt == NULL) { - - SMBlib_errno = SMBlibE_NoSpace; - return(-1); /* Should handle the error */ - - } - - bzero(SMB_Hdr(pkt), SMB_ssetpNTLM_len); - SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ - *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBsesssetupX; - SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle -> pid); - SSVAL(SMB_Hdr(pkt), SMB_hdr_tid_offset, 0); - SSVAL(SMB_Hdr(pkt), SMB_hdr_mid_offset, Con_Handle -> mid); - SSVAL(SMB_Hdr(pkt), SMB_hdr_uid_offset, Con_Handle -> uid); - *(SMB_Hdr(pkt) + SMB_hdr_wct_offset) = 13; - *(SMB_Hdr(pkt) + SMB_hdr_axc_offset) = 0xFF; /* No extra command */ - SSVAL(SMB_Hdr(pkt), SMB_hdr_axo_offset, 0); - - SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_mbs_offset, SMBLIB_MAX_XMIT); - SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_mmc_offset, 0); - SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_vcn_offset, 0); - SIVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_snk_offset, 0); - SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_cipl_offset, pass_len); - SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_cspl_offset, 0); - SIVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_res_offset, 0); - SIVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_cap_offset, 0); - SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_bcc_offset, param_len); - - /* Now copy the param strings in with the right stuff */ - - p = (char *)(SMB_Hdr(pkt) + SMB_ssetpNTLM_buf_offset); - - /* Copy in password, then the rest. Password has no null at end */ - - memcpy(p, pword, pass_len); - - p = p + pass_len; - - strcpy(p, UserName); - p = p + strlen(UserName); - *p = 0; - - p = p + 1; - - strcpy(p, Con_Handle -> PDomain); - p = p + strlen(Con_Handle -> PDomain); - *p = 0; - p = p + 1; - - strcpy(p, Con_Handle -> OSName); - p = p + strlen(Con_Handle -> OSName); - *p = 0; - p = p + 1; - - strcpy(p, Con_Handle -> LMType); - p = p + strlen(Con_Handle -> LMType); - *p = 0; - - } - - /* Now send it and get a response */ - - if (RFCNB_Send(Con_Handle -> Trans_Connect, pkt, pkt_len) < 0){ - -#ifdef DEBUG - fprintf(stderr, "Error sending SessSetupX request\n"); -#endif - - RFCNB_Free_Pkt(pkt); - SMBlib_errno = SMBlibE_SendFailed; - return(SMBlibE_BAD); - - } - - /* Now get the response ... */ - - if (RFCNB_Recv(Con_Handle -> Trans_Connect, pkt, pkt_len) < 0) { - -#ifdef DEBUG - fprintf(stderr, "Error receiving response to SessSetupAndX\n"); -#endif - - RFCNB_Free_Pkt(pkt); - SMBlib_errno = SMBlibE_RecvFailed; - return(SMBlibE_BAD); - - } - - /* Check out the response type ... */ - - if (CVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset) != SMBC_SUCCESS) { /* Process error */ - -#ifdef DEBUG - fprintf(stderr, "SMB_SessSetupAndX failed with errorclass = %i, Error Code = %i\n", - CVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset), - SVAL(SMB_Hdr(pkt), SMB_hdr_err_offset)); -#endif - - SMBlib_SMB_Error = IVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset); - RFCNB_Free_Pkt(pkt); - SMBlib_errno = SMBlibE_Remote; - return(SMBlibE_BAD); - - } - -#ifdef DEBUG - fprintf(stderr, "SessSetupAndX response. Action = %i\n", - SVAL(SMB_Hdr(pkt), SMB_ssetpr_act_offset)); -#endif - - /* Now pick up the UID for future reference ... */ - - Con_Handle -> uid = SVAL(SMB_Hdr(pkt), SMB_hdr_uid_offset); - RFCNB_Free_Pkt(pkt); - - return(0); - -} - - -/* Disconnect from the server, and disconnect all tree connects */ - -int SMB_Discon(SMB_Handle_Type Con_Handle, BOOL KeepHandle) - -{ - - /* We just disconnect the connection for now ... */ - - RFCNB_Hangup(Con_Handle -> Trans_Connect); - - if (!KeepHandle) - free(Con_Handle); - - return(0); - -} --- squid/auth_modules/MSNT/smblib.c.patch Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,25 +0,0 @@ -7a8,9 -> (2000/02/11) Added some tricks to SMB_Logon_Server to control logons of users with illegal name -> Vadim A. Popov -520c522 -< ---- -> -523a526,542 -> return(SMBlibE_BAD); -> -> } -> -> /* Check out the special case: illegal user reported as Action=0x01 ... */ -> -> if (SVAL(SMB_Hdr(pkt), SMB_ssetpr_act_offset)&&0x01 != 0) { /* Process error */ -> -> #ifdef DEBUG -> fprintf(stderr, "SMB_SessSetupAndX failed with errorclass = %i, Error Code = %i\n", -> CVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset), -> SVAL(SMB_Hdr(pkt), SMB_hdr_err_offset)); -> #endif -> -> SMBlib_SMB_Error = IVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset); -> RFCNB_Free_Pkt(pkt); -> SMBlib_errno = SMBlibE_GuestOnly; --- squid/auth_modules/MSNT/smblib.h Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,98 +0,0 @@ -/* UNIX SMBlib NetBIOS implementation - - Version 1.0 - SMBlib Defines - - Copyright (C) Richard Sharpe 1996 - -*/ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "std-defines.h" -#include "smblib-common.h" - -/* Just define all the entry points */ - -/* Create a handle to allow us to set/override some parameters ... */ - -SMB_Handle_Type SMB_Create_Con_Handle(); - -/* Connect to a server, but do not do a tree con etc ... */ - -SMB_Handle_Type SMB_Connect_Server(SMB_Handle_Type, char *server, char *NTdomain); - -/* Connect to a server and give us back a handle. If Con == NULL, create */ -/* The handle and populate it with defaults */ - -SMB_Handle_Type SMB_Connect(SMB_Handle_Type Con_Handle, - SMB_Tree_Handle *tree, - char *service, - char *username, - char *password); - -/* Negotiate a protocol */ - -int SMB_Negotiate(void *Con_Handle, char *Prots[]); - -/* Connect to a tree ... */ - -void *SMB_TreeConnect(void *con_handle, void *tree_handle, - char *path, char *password, char *dev); - -/* Disconnect a tree ... */ - -int SMB_TreeDisconect(void *tree_handle); - -/* Open a file */ - -void *SMB_Open(void *tree_handle, - void *file_handle, - char *file_name, - unsigned short mode, - unsigned short search); - -/* Close a file */ - -int SMB_Close(void *file_handle); - -/* Disconnect from server. Has flag to specify whether or not we keep the */ -/* handle. */ - -int SMB_Discon(SMB_Handle_Type Con_Handle, BOOL KeepHandle); - -void *SMB_Create(void *Tree_Handle, - void *File_Handle, - char *file_name, - short search); - -int SMB_Delete(void *tree, char *file_name, short search); - -int SMB_Create_Dir(void *tree, char *dir_name); - -int SMB_Delete_Dir(void *tree, char *dir_name); - -int SMB_Check_Dir(void *tree, char *dir_name); - -int SMB_Get_Last_Error(); - -int SMB_Get_Last_SMB_Err(); - -int SMB_Get_Error_Msg(int msg, char *msgbuf, int len); - -void *SMB_Logon_And_TCon(void *con, void *tree, char *user, char *pass, - char *service, char *st); --- squid/auth_modules/MSNT/std-defines.h Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,45 +0,0 @@ -/* RFCNB Standard includes ... */ -/* - - SMBlib Standard Includes - - Copyright (C) 1996, Richard Sharpe -*/ -/* One day we will conditionalize these on OS types ... */ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _STD_DEFINES_H_ -#define _STD_DEFINES_H_ - -#define BOOL int -typedef short int16; - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define TRUE 1 -#define FALSE 0 - -#endif _STD_DEFINES_H_ --- squid/auth_modules/MSNT/std-includes.h Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,45 +0,0 @@ -/* RFCNB Standard includes ... */ -/* - - RFCNB Standard Includes - - Copyright (C) 1996, Richard Sharpe -*/ -/* One day we will conditionalize these on OS types ... */ - -/* - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#define BOOL int -typedef short int16; - -#include -#include -#include -#include -#include -#include -#include -#include - -#define TRUE 1 -#define FALSE 0 - -/* Pick up define for INADDR_NONE */ - -#ifndef INADDR_NONE -#define INADDR_NONE -1 -#endif --- squid/auth_modules/MSNT/valid.c Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,44 +0,0 @@ -#include -#include -#include -#include "smblib-priv.h" -#include "smblib.h" -#include "valid.h" - -extern int SMB_Init(void); -extern int SMB_Logon_Server(SMB_Handle_Type, char *, char *); - - -int Valid_User(char *USERNAME,char *PASSWORD,char *SERVER,char *BACKUP, char *DOMAIN) -{ - char *SMB_Prots[] = {"PC NETWORK PROGRAM 1.0", - "MICROSOFT NETWORKS 1.03", - "MICROSOFT NETWORKS 3.0", - "LANMAN1.0", - "LM1.2X002", - "Samba", - "NT LM 0.12", - "NT LANMAN 1.0", - NULL}; - void *con; - - SMB_Init(); - con = SMB_Connect_Server(NULL, SERVER, DOMAIN); - if (con == NULL) { /* Error ... */ - con = SMB_Connect_Server(NULL, BACKUP, DOMAIN); - if (con == NULL) { - return(NTV_SERVER_ERROR); - } - } - if (SMB_Negotiate(con, SMB_Prots) < 0) { /* An error */ - SMB_Discon(con,0); - return(NTV_PROTOCOL_ERROR); - } - if (SMB_Logon_Server(con, USERNAME, PASSWORD) < 0) { - SMB_Discon(con,0); - return(NTV_LOGON_ERROR); - } - - SMB_Discon(con,0); - return(NTV_NO_ERROR); -} --- squid/auth_modules/MSNT/valid.h Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,12 +0,0 @@ -#ifndef _VALID_H_ -#define _VALID_H_ -/* SMB User verification function */ - -#define NTV_NO_ERROR 0 -#define NTV_SERVER_ERROR 1 -#define NTV_PROTOCOL_ERROR 2 -#define NTV_LOGON_ERROR 3 - -int Valid_User(char *USERNAME,char *PASSWORD,char *SERVER, char *BACKUP, char *DOMAIN); - -#endif --- squid/auth_modules/NCSA/Makefile.in Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,100 +0,0 @@ -# -# Makefile for the Squid Object Cache server -# -# $Id: Makefile.in,v 1.2 2000/10/23 15:04:17 hno Exp $ -# -# Uncomment and customize the following to suit your needs: -# - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -exec_suffix = @exec_suffix@ -cgi_suffix = @cgi_suffix@ -top_srcdir = @top_srcdir@ -bindir = @bindir@ -libexecdir = @libexecdir@ -sysconfdir = @sysconfdir@ -localstatedir = @localstatedir@ -srcdir = @srcdir@ -VPATH = @srcdir@ - -# Gotta love the DOS legacy -# -NCSA_AUTH_EXE = ncsa_auth$(exec_suffix) - -DEFAULT_PASSWD_FILE = $(sysconfdir)/passwd - -CC = @CC@ -MAKEDEPEND = @MAKEDEPEND@ -INSTALL = @INSTALL@ -INSTALL_BIN = @INSTALL_PROGRAM@ -INSTALL_FILE = @INSTALL_DATA@ -INSTALL_SUID = @INSTALL_PROGRAM@ -o root -m 4755 -RANLIB = @RANLIB@ -LN_S = @LN_S@ -PERL = @PERL@ -CRYPTLIB = @CRYPTLIB@ -REGEXLIB = @REGEXLIB@ -PTHREADLIB = @PTHREADLIB@ -SNMPLIB = @SNMPLIB@ -MALLOCLIB = @LIB_MALLOC@ -AC_CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ -XTRA_LIBS = @XTRA_LIBS@ -XTRA_OBJS = @XTRA_OBJS@ -MV = @MV@ -RM = @RM@ -SHELL = /bin/sh - - -INCLUDE = -I. -I../../include -I$(top_srcdir)/include -CFLAGS = $(AC_CFLAGS) $(INCLUDE) $(DEFINES) -AUTH_LIBS = -L../../lib -lmiscutil $(CRYPTLIB) $(XTRA_LIBS) - -PROGS = $(NCSA_AUTH_EXE) -OBJS = ncsa_auth.o - -all: $(NCSA_AUTH_EXE) - -$(OBJS): $(top_srcdir)/include/version.h - -$(NCSA_AUTH_EXE): ncsa_auth.o - $(CC) $(LDFLAGS) ncsa_auth.o -o $@ $(AUTH_LIBS) - -install-mkdirs: - -@if test ! -d $(prefix); then \ - echo "mkdir $(prefix)"; \ - mkdir $(prefix); \ - fi - -@if test ! -d $(bindir); then \ - echo "mkdir $(bindir)"; \ - mkdir $(bindir); \ - fi - -# Michael Lupp wants to know about additions -# to the install target. -install: all install-mkdirs - @for f in $(PROGS); do \ - if test -f $(bindir)/$$f; then \ - echo $(MV) $(bindir)/$$f $(bindir)/-$$f; \ - $(MV) $(bindir)/$$f $(bindir)/-$$f; \ - fi; \ - echo $(INSTALL_BIN) $$f $(bindir); \ - $(INSTALL_BIN) $$f $(bindir); \ - if test -f $(bindir)/-$$f; then \ - echo $(RM) -f $(bindir)/-$$f; \ - $(RM) -f $(bindir)/-$$f; \ - fi; \ - done - -clean: - -rm -rf *.o *pure_* core $(PROGS) - -distclean: clean - -rm -f Makefile - -tags: - ctags *.[ch] ../include/*.h ../lib/*.[ch] - -depend: - $(MAKEDEPEND) -I../include -I. -fMakefile *.c --- squid/auth_modules/NCSA/ncsa_auth.c Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,143 +0,0 @@ -/* - * ncsa_auth.c - * - * AUTHOR: Arjan de Vet - * - * Example authentication program for Squid, based on the original - * proxy_auth code from client_side.c, written by - * Jon Thackray . - * - * Uses a NCSA httpd style password file for authentication with the - * following improvements suggested by various people: - * - * - comment lines are possible and should start with a '#'; - * - empty or blank lines are possible; - * - extra fields in the password file are ignored; this makes it - * possible to use a Unix password file but I do not recommend that. - * - */ - -#include "config.h" -#if HAVE_STDIO_H -#include -#endif -#if HAVE_STDLIB_H -#include -#endif -#if HAVE_UNISTD_H -#include -#endif -#if HAVE_STRING_H -#include -#endif -#if HAVE_SYS_TYPES_H -#include -#endif -#if HAVE_SYS_STAT_H -#include -#endif -#if HAVE_CRYPT_H -#include -#endif - -#include "util.h" -#include "hash.h" - -static hash_table *hash = NULL; -static HASHFREE my_free; - -typedef struct _user_data { - /* first two items must be same as hash_link */ - char *user; - struct _user_data *next; - char *passwd; -} user_data; - -static void -my_free(void *p) -{ - user_data *u = p; - xfree(u->user); - xfree(u->passwd); - xfree(u); -} - -static void -read_passwd_file(const char *passwdfile) -{ - FILE *f; - char buf[8192]; - user_data *u; - char *user; - char *passwd; - if (hash != NULL) { - hashFreeItems(hash, my_free); - } - /* initial setup */ - hash = hash_create((HASHCMP *) strcmp, 7921, hash_string); - if (NULL == hash) { - fprintf(stderr, "ncsa_auth: cannot create hash table\n"); - exit(1); - } - f = fopen(passwdfile, "r"); - while (fgets(buf, 8192, f) != NULL) { - if ((buf[0] == '#') || (buf[0] == ' ') || (buf[0] == '\t') || - (buf[0] == '\n')) - continue; - user = strtok(buf, ":\n"); - passwd = strtok(NULL, ":\n"); - if ((strlen(user) > 0) && passwd) { - u = xmalloc(sizeof(*u)); - u->user = xstrdup(user); - u->passwd = xstrdup(passwd); - hash_join(hash, (hash_link *) u); - } - } - fclose(f); -} - -int -main(int argc, char **argv) -{ - struct stat sb; - time_t change_time = 0; - char buf[256]; - char *user, *passwd, *p; - user_data *u; - setbuf(stdout, NULL); - if (argc != 2) { - fprintf(stderr, "Usage: ncsa_auth \n"); - exit(1); - } - if (stat(argv[1], &sb) != 0) { - fprintf(stderr, "cannot stat %s\n", argv[1]); - exit(1); - } - while (fgets(buf, 256, stdin) != NULL) { - if ((p = strchr(buf, '\n')) != NULL) - *p = '\0'; /* strip \n */ - if (stat(argv[1], &sb) == 0) { - if (sb.st_mtime != change_time) { - read_passwd_file(argv[1]); - change_time = sb.st_mtime; - } - } - if ((user = strtok(buf, " ")) == NULL) { - printf("ERR\n"); - continue; - } - if ((passwd = strtok(NULL, "")) == NULL) { - printf("ERR\n"); - continue; - } - u = hash_lookup(hash, user); - if (u == NULL) { - printf("ERR\n"); - } else if (strcmp(u->passwd, (char *) crypt(passwd, u->passwd))) { - printf("ERR\n"); - } else { - printf("OK\n"); - } - } - exit(0); -} --- squid/auth_modules/PAM/Makefile.in Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,96 +0,0 @@ -# -# Makefile for the Squid Object Cache server -# -# $Id: Makefile.in,v 1.3 2000/10/23 15:04:17 hno Exp $ -# -# Uncomment and customize the following to suit your needs: -# - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -exec_suffix = @exec_suffix@ -cgi_suffix = @cgi_suffix@ -top_srcdir = @top_srcdir@ -bindir = @bindir@ -libexecdir = @libexecdir@ -sysconfdir = @sysconfdir@ -localstatedir = @localstatedir@ -srcdir = @srcdir@ -VPATH = @srcdir@ - -# Gotta love the DOS legacy -# -PAM_AUTH_EXE = pam_auth$(exec_suffix) - -CC = @CC@ -MAKEDEPEND = @MAKEDEPEND@ -INSTALL = @INSTALL@ -INSTALL_BIN = @INSTALL_PROGRAM@ -INSTALL_FILE = @INSTALL_DATA@ -INSTALL_SUID = @INSTALL_PROGRAM@ -o root -m 4755 -RANLIB = @RANLIB@ -LN_S = @LN_S@ -PERL = @PERL@ -CRYPTLIB = @CRYPTLIB@ -REGEXLIB = @REGEXLIB@ -PTHREADLIB = @PTHREADLIB@ -SNMPLIB = @SNMPLIB@ -MALLOCLIB = @LIB_MALLOC@ -AC_CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ -XTRA_LIBS = @XTRA_LIBS@ @DLLIB@ -XTRA_OBJS = @XTRA_OBJS@ -MV = @MV@ -RM = @RM@ -SHELL = /bin/sh -DEFINES = - -INCLUDE = -I. -I../../include -I$(top_srcdir)/include -CFLAGS = $(AC_CFLAGS) $(INCLUDE) $(DEFINES) -AUTH_LIBS = -lpam $(XTRA_LIBS) - -LIBPROGS = $(PAM_AUTH_EXE) -OBJS = pam_auth.o - -all: $(PAM_AUTH_EXE) - -$(PAM_AUTH_EXE): pam_auth.o - $(CC) $(LDFLAGS) pam_auth.o -o $@ $(AUTH_LIBS) - -install-mkdirs: - -@if test ! -d $(prefix); then \ - echo "mkdir $(prefix)"; \ - mkdir $(prefix); \ - fi - -@if test ! -d $(libexecdir); then \ - echo "mkdir $(libexecdir)"; \ - mkdir $(libexecdir); \ - fi - -# Michael Lupp wants to know about additions -# to the install target. -install: all install-mkdirs - @for f in $(LIBPROGS); do \ - if test -f $(libexecdir)/$$f; then \ - echo $(MV) $(libexecdir)/$$f $(libexecdir)/-$$f; \ - $(MV) $(libexecdir)/$$f $(libexecdir)/-$$f; \ - fi; \ - echo $(INSTALL_BIN) $$f $(libexecdir); \ - $(INSTALL_BIN) $$f $(libexecdir); \ - if test -f $(libexecdir)/-$$f; then \ - echo $(RM) -f $(libexecdir)/-$$f; \ - $(RM) -f $(libexecdir)/-$$f; \ - fi; \ - done - -clean: - -rm -rf *.o *pure_* core $(LIBPROGS) - -distclean: clean - -rm -f Makefile - -tags: - ctags *.[ch] - -depend: - $(MAKEDEPEND) -fMakefile *.c --- squid/auth_modules/PAM/pam_auth.c Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,190 +0,0 @@ -/* - * $Id: pam_auth.c,v 1.3 2000/10/23 15:04:17 hno Exp $ - * - * PAM authenticator module for Squid. - * Copyright (C) 1999 Henrik Nordstrom - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. - * - * Install instructions: - * - * This program authenticates users against a PAM configured authentication - * service "squid". This allows you to authenticate Squid users to any - * authentication source for which you have a PAM module. Commonly available - * PAM modules includes "UNIX", RADIUS, Kerberos and SMB, but a lot of other - * PAM modules are available from various sources. - * - * Example PAM configuration for standard UNIX passwd authentication: - * /etc/pam.conf: - * squid auth required /lib/security/pam_unix.so.1 - * squid account required /lib/security/pam_unix.so.1 - * - * Note that some PAM modules (for example shadow password authentication) - * requires the program to be installed suid root, or PAM will not allow - * it to authenticate other users than it runs as (this is a security - * limitation of PAM to avoid automated probing of passwords). - * - * Compile this program with: gcc -o pam_auth pam_auth.c -lpam -ldl - * - */ - -#include -#include -#include -#include -#include -#include - -#include - -#define BUFSIZE 8192 - - -/* The default PAM service name */ -#ifndef SQUID_PAM_SERVICE -#define SQUID_PAM_SERVICE "squid" -#endif - -/* How often to reinitialize PAM, in seconds. Undefined = never, 0=always */ -/* #define PAM_CONNECTION_TTL 60 */ - -static int reset_pam = 1; /* Set to one if it is time to reset PAM processing */ - -static char *password = NULL; /* Workaround for Solaris 2.6 brokenness */ - -/* - * A simple "conversation" function returning the supplied password. - * Has a bit to much error control, but this is my first PAM application - * so I'd rather check everything than make any mistakes. The function - * expects a single converstation message of type PAM_PROMPT_ECHO_OFF. - */ -static int -password_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) -{ - if (num_msg != 1 || msg[0]->msg_style != PAM_PROMPT_ECHO_OFF) { - fprintf(stderr, "ERROR: Unexpected PAM converstaion '%d/%s'\n", msg[0]->msg_style, msg[0]->msg); - return PAM_CONV_ERR; - } - if (!appdata_ptr) { - /* Workaround for Solaris 2.6 where the PAM library is broken - * and does not pass appdata_ptr to the conversation routine - */ - appdata_ptr = password; - } - if (!appdata_ptr) { - fprintf(stderr, "ERROR: No password available to password_converstation!\n"); - return PAM_CONV_ERR; - } - *resp = calloc(num_msg, sizeof(struct pam_response)); - if (!*resp) { - fprintf(stderr, "ERROR: Out of memory!\n"); - return PAM_CONV_ERR; - } - (*resp)[0].resp = strdup((char *) appdata_ptr); - (*resp)[0].resp_retcode = 0; - - return ((*resp)[0].resp ? PAM_SUCCESS : PAM_CONV_ERR); -} - -static struct pam_conv conv = -{ - &password_conversation, - NULL -}; - -void -signal_received(int sig) -{ - reset_pam = 1; - signal(sig, signal_received); -} - -int -main(int argc, char *argv[]) -{ - pam_handle_t *pamh = NULL; - int retval; - char *user; - /* char *password; */ - char buf[BUFSIZE]; - time_t pamh_created = 0; - - signal(SIGHUP, signal_received); - - /* make standard output line buffered */ - setvbuf(stdout, NULL, _IOLBF, 0); - - while (retval = PAM_SUCCESS, fgets(buf, BUFSIZE, stdin)) { - user = buf; - password = strchr(buf, '\n'); - if (!password) { - fprintf(stderr, "authenticator: Unexpected input '%s'\n", buf); - fprintf(stdout, "ERR\n"); - continue; - } - *password = '\0'; - password = strchr(buf, ' '); - if (!password) { - fprintf(stderr, "authenticator: Unexpected input '%s'\n", buf); - fprintf(stdout, "ERR\n"); - continue; - } - *password++ = '\0'; - conv.appdata_ptr = (char *) password; /* from buf above. not allocated */ -#ifdef PAM_CONNECTION_TTL - if (pamh_created + PAM_CONNECTION_TTL >= time(NULL)) - reset_pam = 1; -#endif - if (reset_pam && pamh) { - /* Close previous PAM connection */ - retval = pam_end(pamh, retval); - if (retval != PAM_SUCCESS) { - fprintf(stderr, "ERROR: failed to release PAM authenticator\n"); - } - pamh = NULL; - } - if (!pamh) { - /* Initialize PAM connection */ - retval = pam_start(SQUID_PAM_SERVICE, "squid@", &conv, &pamh); - if (retval != PAM_SUCCESS) { - fprintf(stderr, "ERROR: failed to create PAM authenticator\n"); - } - reset_pam = 0; - pamh_created = time(NULL); - } - if (retval == PAM_SUCCESS) - retval = pam_set_item(pamh, PAM_USER, user); - if (retval == PAM_SUCCESS) - retval = pam_set_item(pamh, PAM_CONV, &conv); - if (retval == PAM_SUCCESS) - retval = pam_authenticate(pamh, 0); - if (retval == PAM_SUCCESS) - retval = pam_acct_mgmt(pamh, 0); - if (retval == PAM_SUCCESS) { - fprintf(stdout, "OK\n"); - } else { - fprintf(stdout, "ERR\n"); - } - } - - if (pamh) { - retval = pam_end(pamh, retval); - if (retval != PAM_SUCCESS) { - pamh = NULL; - fprintf(stderr, "ERROR: failed to release PAM authenticator\n"); - } - } - return (retval == PAM_SUCCESS ? 0 : 1); /* indicate success */ -} --- squid/auth_modules/SMB/COPYING-2.0 Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,341 +0,0 @@ - - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 675 Mass Ave, Cambridge, MA 02139, USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - Appendix: How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) 19yy - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) 19yy name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - , 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General -Public License instead of this License. - --- squid/auth_modules/SMB/Changelog Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,56 +0,0 @@ -28 September 1999, version 0.05 - -- Easier debugging: added the -d option to smb_auth. - -- Bugfix: a password containing a backslash character was always - denied. Reported by Menno Stevens. - -- The -S option now accepts both slashes and backslashes and - allows the share name to be preceded by a (back)slash. - -5 June 1999, version 0.04 - -- Allow for both \n and \r\n end-of-line termination in the - proxyauth file located on the PDC. This eliminates the most - common installation problem. - -- The location of the proxyauth file can be changed (for each - domain) using the new -S option. Useful when the NETLOGON - share is located on a FAT filesystem. - Thanks to Colin Manning . - -2 Februari 1999, version 0.03 - -- Support for pass-through authentication (trust relationships) - added. Suggested by Matthew Wood . - -- Bugfix: smb_auth.sh searched for the PDC only. - -- Many documentation improvements. - -9 December 1998, version 0.02 - -- smb_auth now uses Samba instead of pam_smb. This simplifies the - installation of smb_auth and increases platform support. - -- Access control by user and group: smb_auth now tries to read - the file \netlogon\proxyauth. By restricting read access on - this file access to the proxy can be controlled. - -- Easier configuration: - - - smb_auth is now fully configurable with command-line options - (i.e. in squid.conf). No more hacking in the source code. - - - In most cases it is sufficient to specify just the domain name. - smb_auth searches for a working domain controller on each - authentication request (note that Squid caches valid requests). - -- Easier installation: Makefile added. Simply typing "make install" - will work for most people. - -- In a multi-domain situation, users must now enter domain\user - instead of user\domain. This conforms to NT notation. Thanks to - Jason Haar for pointing this out. - -31 July 1998, version 0.01 --- squid/auth_modules/SMB/Makefile.in Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,118 +0,0 @@ -# -# Makefile for the Squid Object Cache server -# -# $Id: Makefile.in,v 1.3 2000/10/23 15:04:17 hno Exp $ -# -# Uncomment and customize the following to suit your needs: -# - -# SAMBAPREFIX must point to the directory where Samba has been installed. -# By default, Samba is installed in /usr/local/samba. If you changed this -# by using the --prefix option when configuring Samba, you need to change -# SAMBAPREFIX accordingly. - -SAMBAPREFIX=/usr/local/samba - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -exec_suffix = @exec_suffix@ -cgi_suffix = @cgi_suffix@ -top_srcdir = @top_srcdir@ -bindir = @bindir@ -libexecdir = @libexecdir@ -sysconfdir = @sysconfdir@ -localstatedir = @localstatedir@ -srcdir = @srcdir@ -VPATH = @srcdir@ - -# Gotta love the DOS legacy -# -SMB_AUTH_EXE = smb_auth$(exec_suffix) -SMB_AUTH_HELPER = smb_auth.sh -SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER) - -CC = @CC@ -MAKEDEPEND = @MAKEDEPEND@ -INSTALL = @INSTALL@ -INSTALL_BIN = @INSTALL_PROGRAM@ -INSTALL_FILE = @INSTALL_DATA@ -INSTALL_SUID = @INSTALL_PROGRAM@ -o root -m 4755 -RANLIB = @RANLIB@ -LN_S = @LN_S@ -PERL = @PERL@ -CRYPTLIB = @CRYPTLIB@ -REGEXLIB = @REGEXLIB@ -PTHREADLIB = @PTHREADLIB@ -SNMPLIB = @SNMPLIB@ -MALLOCLIB = @LIB_MALLOC@ -AC_CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ -XTRA_LIBS = @XTRA_LIBS@ -XTRA_OBJS = @XTRA_OBJS@ -MV = @MV@ -RM = @RM@ -SHELL = /bin/sh -DEFINES = -DSAMBAPREFIX=\"$(SAMBAPREFIX)\" -DHELPERSCRIPT=\"$(SMB_AUTH_HELPER_PATH)\" - -INCLUDE = -I. -I../../include -I$(top_srcdir)/include -CFLAGS = $(AC_CFLAGS) $(INCLUDE) $(DEFINES) -AUTH_LIBS = $(XTRA_LIBS) - -LIBPROGS = $(SMB_AUTH_EXE) -LIBSCRIPTS = $(SMB_AUTH_HELPER) -OBJS = smb_auth.o - -all: $(LIBPROGS) - -$(SMB_AUTH_EXE): smb_auth.o - $(CC) $(LDFLAGS) smb_auth.o -o $@ $(AUTH_LIBS) - -install-mkdirs: - -@if test ! -d $(prefix); then \ - echo "mkdir $(prefix)"; \ - mkdir $(prefix); \ - fi - -@if test ! -d $(libexecdir); then \ - echo "mkdir $(libexecdir)"; \ - mkdir $(libexecdir); \ - fi - -# Michael Lupp wants to know about additions -# to the install target. -install: all install-mkdirs - @for f in $(LIBPROGS); do \ - if test -f $(libexecdir)/$$f; then \ - echo $(MV) $(libexecdir)/$$f $(libexecdir)/-$$f; \ - $(MV) $(libexecdir)/$$f $(libexecdir)/-$$f; \ - fi; \ - echo $(INSTALL_BIN) $$f $(libexecdir); \ - $(INSTALL_BIN) $$f $(libexecdir); \ - if test -f $(libexecdir)/-$$f; then \ - echo $(RM) -f $(libexecdir)/-$$f; \ - $(RM) -f $(libexecdir)/-$$f; \ - fi; \ - done - @for f in $(LIBSCRIPTS); do \ - if test -f $(libexecdir)/$$f; then \ - echo $(MV) $(libexecdir)/$$f $(libexecdir)/-$$f; \ - $(MV) $(libexecdir)/$$f $(libexecdir)/-$$f; \ - fi; \ - echo $(INSTALL_BIN) $$f $(libexecdir); \ - $(INSTALL_BIN) $(srcdir)/$$f $(libexecdir); \ - if test -f $(libexecdir)/-$$f; then \ - echo $(RM) -f $(libexecdir)/-$$f; \ - $(RM) -f $(libexecdir)/-$$f; \ - fi; \ - done - -clean: - -rm -rf *.o *pure_* core $(LIBPROGS) - -distclean: clean - -rm -f Makefile - -tags: - ctags *.[ch] - -depend: - $(MAKEDEPEND) -fMakefile *.c --- squid/auth_modules/SMB/README Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,3 +0,0 @@ -For documentation, please refer to - - http://www.hacom.nl/~richard/software/smb_auth.html --- squid/auth_modules/SMB/smb_auth.c Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,261 +0,0 @@ -/* - * smb_auth - SMB proxy authentication module - * Copyright (C) 1998 Richard Huveneers - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - */ - -#include -#include -#include - -#define BUFSIZE 256 -#define NMB_UNICAST 1 -#define NMB_BROADCAST 2 - -struct SMBDOMAIN -{ - char *name; /* domain name */ - char *sname; /* match this with user input */ - char *passthrough; /* pass-through authentication */ - char *nmbaddr; /* name service address */ - int nmbcast; /* broadcast or unicast */ - char *authshare; /* share name of auth file */ - char *authfile; /* pathname of auth file */ - struct SMBDOMAIN *next; /* linked list */ -}; - -struct SMBDOMAIN *firstdom = NULL; -struct SMBDOMAIN *lastdom = NULL; - -/* - * escape the backslash character, since it has a special meaning - * to the read command of the bourne shell. - */ - -void print_esc(FILE *p, char *s) -{ - char buf[256]; - char *t; - int i = 0; - - for (t = s; *t != '\0'; t++) - { - if (i > 250) - { - buf[i] = '\0'; - (void) fputs(buf, p); - i = 0; - } - - if (*t == '\\') - buf[i++] = '\\'; - - buf[i++] = *t; - } - - if (i > 0) - { - buf[i] = '\0'; - (void) fputs(buf, p); - } -} - -void main(int argc, char *argv[]) -{ - int i; - char buf[BUFSIZE]; - struct SMBDOMAIN *dom; - char *s; - char *user; - char *pass; - char *domname; - FILE *p; - int debug = 0; - char *shcmd; - - /* make standard output line buffered */ - if (setvbuf(stdout, NULL, _IOLBF, 0) != 0) - return; - - /* parse command line arguments */ - for (i = 1; i < argc; i++) - { - if (strcmp(argv[i], "-d") == 0) - { - debug = 1; - continue; - } - - /* the next options require an argument */ - if (i + 1 == argc) - break; - - if (strcmp(argv[i], "-W") == 0) - { - if ((dom = (struct SMBDOMAIN *) malloc(sizeof(struct SMBDOMAIN))) == NULL) - return; - - dom->name = dom->sname = argv[++i]; - dom->passthrough = ""; - dom->nmbaddr = ""; - dom->nmbcast = NMB_BROADCAST; - dom->authshare = "NETLOGON"; - dom->authfile = "proxyauth"; - dom->next = NULL; - - /* append to linked list */ - if (lastdom != NULL) - lastdom->next = dom; - else - firstdom = dom; - - lastdom = dom; - continue; - } - - if (strcmp(argv[i], "-w") == 0) - { - if (lastdom != NULL) - lastdom->sname = argv[++i]; - continue; - } - - if (strcmp(argv[i], "-P") == 0) - { - if (lastdom != NULL) - lastdom->passthrough = argv[++i]; - continue; - } - - if (strcmp(argv[i], "-B") == 0) - { - if (lastdom != NULL) - { - lastdom->nmbaddr = argv[++i]; - lastdom->nmbcast = NMB_BROADCAST; - } - continue; - } - - if (strcmp(argv[i], "-U") == 0) - { - if (lastdom != NULL) - { - lastdom->nmbaddr = argv[++i]; - lastdom->nmbcast = NMB_UNICAST; - } - continue; - } - - if (strcmp(argv[i], "-S") == 0) - { - if (lastdom != NULL) - { - if ((lastdom->authshare = strdup(argv[++i])) == NULL) - return; - - /* convert backslashes to forward slashes */ - for (s = lastdom->authshare; *s != '\0'; s++) - if (*s == '\\') - *s = '/'; - - /* strip leading forward slash from share name */ - if (*lastdom->authshare == '/') - lastdom->authshare++; - - if ((s = strchr(lastdom->authshare, '/')) != NULL) - { - *s = '\0'; - lastdom->authfile = s + 1; - } - } - continue; - } - } - - shcmd = debug ? HELPERSCRIPT : HELPERSCRIPT " > /dev/null 2>&1"; - - /* pass to helper script */ - if (putenv("SAMBAPREFIX=" SAMBAPREFIX) != 0) - return; - - while (1) - { - if (fgets(buf, BUFSIZE, stdin) == NULL) - break; - - if ((s = strchr(buf, '\n')) == NULL) - continue; - *s = '\0'; - - if ((s = strchr(buf, ' ')) == NULL) - { - (void) printf("ERR\n"); - continue; - } - *s = '\0'; - - user = buf; - pass = s + 1; - domname = NULL; - - if ((s = strchr(user, '\\')) != NULL) - { - *s = '\0'; - domname = user; - user = s + 1; - } - - /* match domname with linked list */ - if (domname != NULL && strlen(domname) > 0) - { - for (dom = firstdom; dom != NULL; dom = dom->next) - if (strcasecmp(dom->sname, domname) == 0) - break; - } else - dom = firstdom; - - if (dom == NULL) - { - (void) printf("ERR\n"); - continue; - } - - if ((p = popen(shcmd, "w")) == NULL) - { - (void) printf("ERR\n"); - continue; - } - - (void) fprintf(p, "%s\n", dom->name); - (void) fprintf(p, "%s\n", dom->passthrough); - (void) fprintf(p, "%s\n", dom->nmbaddr); - (void) fprintf(p, "%d\n", dom->nmbcast); - (void) fprintf(p, "%s\n", dom->authshare); - (void) fprintf(p, "%s\n", dom->authfile); - (void) fprintf(p, "%s\n", user); - /* the password can contain special characters */ - print_esc(p, pass); - (void) fputc('\n', p); - (void) fflush(p); - - if (pclose(p) == 0) - (void) printf("OK\n"); - else - (void) printf("ERR\n"); - - } /* while (1) */ -} --- squid/auth_modules/SMB/smb_auth.sh Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,71 +0,0 @@ -#!/bin/sh -# -# smb_auth - SMB proxy authentication module -# Copyright (C) 1998 Richard Huveneers -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - -read DOMAINNAME -read PASSTHROUGH -read NMBADDR -read NMBCAST -read AUTHSHARE -read AUTHFILE -read SMBUSER -read SMBPASS - -# Find domain controller -echo "Domain name: $DOMAINNAME" -if [ -n "$PASSTHROUGH" ] -then - echo "Pass-through authentication: yes: $PASSTHROUGH" -else - echo "Pass-through authentication: no" - PASSTHROUGH="$DOMAINNAME" -fi -if [ -n "$NMBADDR" ] -then - if [ "$NMBCAST" = "1" ] - then - addropt="-U $NMBADDR -R" - else - addropt="-B $NMBADDR" - fi -else - addropt="" -fi -echo "Query address options: $addropt" -dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'` -echo "Domain controller IP address: $dcip" -[ -n "$dcip" ] || exit 1 - -# All right, we have the IP address of a domain controller, -# but we need its name too -dcname=`$SAMBAPREFIX/bin/nmblookup -A $dcip | awk '$2 == "<00>" { print $1 ; exit }'` -echo "Domain controller NETBIOS name: $dcname" -[ -n "$dcname" ] || exit 1 - -# Pass password to smbclient through environment. Not really safe. -USER="$SMBUSER%$SMBPASS" -export USER - -# Read the contents of the file $AUTHFILE on the $AUTHSHARE share -authfilebs=`echo "$AUTHFILE" | tr / '\\\\'` -authinfo=`$SAMBAPREFIX/bin/smbclient "//$dcname/$AUTHSHARE" -I $dcip -d 0 -E -W "$DOMAINNAME" -c "get $authfilebs -" 2>/dev/null` -echo "Contents of //$dcname/$AUTHSHARE/$AUTHFILE: $authinfo" - -# Allow for both \n and \r\n end-of-line termination -[ "$authinfo" = "allow" -o "$authinfo" = "allow " ] || exit 1 -exit 0 --- squid/auth_modules/getpwnam/Makefile.in Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,80 +0,0 @@ -# -# Makefile for the Squid Object Cache server -# -# $Id: Makefile.in,v 1.2 2000/10/23 15:04:17 hno Exp $ -# -# Uncomment and customize the following to suit your needs: -# - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -exec_suffix = @exec_suffix@ -top_srcdir = @top_srcdir@ -bindir = @bindir@ -srcdir = @srcdir@ -VPATH = @srcdir@ - -# Gotta love the DOS legacy -# -GETPWNAM_AUTH_EXE = getpwnam_auth$(exec_suffix) - -CC = @CC@ -MAKEDEPEND = @MAKEDEPEND@ -INSTALL = @INSTALL@ -INSTALL_BIN = @INSTALL_PROGRAM@ -CRYPTLIB = @CRYPTLIB@ -AC_CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ -XTRA_LIBS = @XTRA_LIBS@ -XTRA_OBJS = @XTRA_OBJS@ -MV = @MV@ -RM = @RM@ -SHELL = /bin/sh - - -INCLUDE = -I. -I../../include -I$(top_srcdir)/include -CFLAGS = $(AC_CFLAGS) $(INCLUDE) $(DEFINES) -AUTH_LIBS = -L../../lib -lmiscutil $(CRYPTLIB) $(XTRA_LIBS) - -PROGS = $(GETPWNAM_AUTH_EXE) -OBJS = getpwnam_auth.o - -all: $(GETPWNAM_AUTH_EXE) - -$(OBJS): $(top_srcdir)/include/version.h - -$(GETPWNAM_AUTH_EXE): $(OBJS) - $(CC) $(LDFLAGS) $(OBJS) -o $@ $(AUTH_LIBS) - -install-mkdirs: - -@if test ! -d $(prefix); then \ - echo "mkdir $(prefix)"; \ - mkdir $(prefix); \ - fi - -@if test ! -d $(bindir); then \ - echo "mkdir $(bindir)"; \ - mkdir $(bindir); \ - fi - -install: all install-mkdirs - @for f in $(PROGS); do \ - if test -f $(bindir)/$$f; then \ - echo $(MV) $(bindir)/$$f $(bindir)/-$$f; \ - $(MV) $(bindir)/$$f $(bindir)/-$$f; \ - fi; \ - echo $(INSTALL_BIN) $$f $(bindir); \ - $(INSTALL_BIN) $$f $(bindir); \ - if test -f $(bindir)/-$$f; then \ - echo $(RM) -f $(bindir)/-$$f; \ - $(RM) -f $(bindir)/-$$f; \ - fi; \ - done - -clean: - -rm -rf *.o *pure_* core $(PROGS) - -distclean: clean - -rm -f Makefile - -depend: - $(MAKEDEPEND) -I../include -I. -fMakefile *.c --- squid/auth_modules/getpwnam/getpwnam_auth.c Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,80 +0,0 @@ -/* - * getpwnam_auth.c - * - * AUTHOR: Erik Hofman - * Robin Elfrink - * - * Example authentication program for Squid, based on the - * original proxy_auth code from client_side.c, written by - * Jon Thackray . - * - * Uses getpwnam() routines for authentication. - * This has the following advantages over the NCSA module: - * - * - Allow authentication of all know local users - * - Allows authentication through nsswitch.conf - * + can handle NIS(+) requests - * + can handle LDAP request - * + can handle PAM request - * - */ - -#include "config.h" - -#if HAVE_STDIO_H -#include -#endif -#if HAVE_STDLIB_H -#include -#endif -#if HAVE_UNISTD_H -#include -#endif -#if HAVE_STRING_H -#include -#endif -#if HAVE_CRYPT_H -#include -#endif -#if HAVE_PWD_H -#include -#endif - - -#define ERR "ERR\n" -#define OK "OK\n" - -int -main() -{ - char buf[256]; - struct passwd *pwd; - char *user, *passwd, *p; - - setbuf(stdout, NULL); - while (fgets(buf, 256, stdin) != NULL) { - - if ((p = strchr(buf, '\n')) != NULL) - *p = '\0'; /* strip \n */ - - if ((user = strtok(buf, " ")) == NULL) { - printf(ERR); - continue; - } - if ((passwd = strtok(NULL, "")) == NULL) { - printf(ERR); - continue; - } - pwd = getpwnam(user); - if (pwd == NULL) { - printf(ERR); - } else { - if (strcmp(pwd->pw_passwd, (char *) crypt(passwd, pwd->pw_passwd))) { - printf(ERR); - } else { - printf(OK); - } - } - } - exit(0); -} --- squid/auth_modules/multi-domain-NTLM/README.txt Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,17 +0,0 @@ - -From: "Chemolli Francesco (USI)" -Subject: Multiple NT domains authenticator -Date: Fri, 7 Jul 2000 15:37:32 +0200 - -This is the multi-domain NTLM authenticator, blissfully undocumented -(but there's a few strategic comments, so that at least the user -is not left alone). - -The user is expected to enter his/her credentials as domain\username -or domain/username (in analogy to what M$-Proxy does). - -Requires Authen::SMB from CPAN and Samba if you need to perform netbios -queries. - - Francesco 'Kinkie' Chemolli - --- squid/auth_modules/multi-domain-NTLM/smb_auth.pl Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,132 +0,0 @@ -#!/usr/bin/perl - -#if you define this, debugging output will be printed to STDERR. -$debug=1; - -#to force using some DC for some domains, fill in this hash. -#the key is a regexp matched against the domain name -# the value is an array ref with PDC and BDC. -# the order the names are matched in is UNDEFINED. -#i.e.: -# %controllers = ( "domain" => ["pdc","bdc"]); - -#%controllers = ( ".*" => ["tlc5",undef]); - -#define this if you wish to use a WINS server. If undefined, broadcast -# will be attempted. -$wins_server="c0wins"; - - -# Some servers (at least mine) really really want to be called by address. -# If this variable is defined, we'll ask nmblookup to do a reverse DNS on the -# DC addresses. It might fail though, for instance because you have a crappy -# DNS with no reverse zones or records. If it doesn't work, you'll have to -# fall back to the %controllers hack. -$try_reverse_dns=1; - -# Soem servers (at least mine) don't like to be called by their fully -# qualified name. define this if you wish to call them ONLY by their -# hostname. -$dont_use_fqdn=1; - -#no more user-serviceable parts -use Authen::Smb; - -#variables: -# %pdc used to cache the domain -> pdc_ip values. IT NEVER EXPIRES! - - -while (<>) { - if (! m;([^\\]+)(\\|/)(\S+)\s(.*); ) { #parse the line - print "ERR\n"; - next; - } - $domain=$1; - $user=$3; - $pass=$4; - print STDERR "domain: $domain, user: $user, pass=$pass\n" - if (defined ($debug)); - # check out that we know the PDC address - if (!$pdc{$domain}) { - ($pdc,$bdc)=&discover_dc($domain); - if ($pdc) { - $pdc{$domain}=$pdc; - $bdc{$domain}=$bdc; - } - } - $pdc=$pdc{$domain}; - $bdc=$bdc{$domain}; - if (!$pdc) { - #a pdc was not found - print "ERR\n"; - print STDERR "No PDC found\n" if (defined($debug)); - next; - } - - print STDERR "querying '$pdc' and '$bdc' for user '$domain\\$user', ". - "pass $pass\n" if (defined($debug)); - $result=Authen::Smb::authen($user,$pass,$pdc,$bdc,$domain); - print STDERR "result is: $nt_results{$result} ($result)\n" - if (defined($debug)); - if ($result == NTV_NO_ERROR) { - print STDERR ("OK for user '$domain\\$user'\n") if (defined($debug)); - print ("OK\n"); - } else { - print STDERR "Could not authenticate user '$domain\\$user'\n"; - print ("ERR\n"); - } -} - -#why do Microsoft servers have to be so damn picky and convoluted? -sub discover_dc { - my $domain = shift @_; - my ($pdc, $bdc, $lookupstring, $datum); - - foreach (keys %controllers) { - if ($domain =~ /$_/) { - print STDERR "DCs forced by user: $_ => ". - join(',',@{$controllers{$_}}). - "\n" if (defined($debug)); - return @{$controllers{$_}}; - } - } - $lookupstring="nmblookup"; - $lookupstring.=" -R -U $wins_server" if (defined($wins_server)); - $lookupstring.=" -T" if (defined($try_reverse_dns)); - $lookupstring.=" '$domain#1c'"; - print STDERR "Discovering PDC: $lookupstring\n" - if (defined($debug)); - #discover the PDC address - open(PDC,"$lookupstring|"); - while () { - print STDERR "response line: $_" if (defined($debug)); - if (m|(.*), (\d+\.\d+\.\d+\.\d+)|) { - $datum=$1; - print STDERR "matched $datum\n" if (defined($debug)); - if (defined($dont_use_fqdn) && $datum =~ /^([^.]+)\..*/) { - $datum=$1; - print STDERR "stripped domain name: $datum\n" if (defined($debug)); - } - } elsif (m|^(\d+\.\d+\.\d+\.\d+)|) { - $datum=$1; - } else { - #no data here, go to next line - next; - } - if ($datum) { - if ($pdc) { - $bdc=$datum; - print STDERR "BDC is $datum\n" if (defined($debug)); - last; - } else { - $pdc=$datum; - print STDERR "PDC is $datum\n" if (defined($debug)); - } - last; - } - } - close(PDC); - return ($pdc,$bdc) if ($pdc); - return 0; -} - Index: squid/contrib/rredir.c =================================================================== RCS file: /cvsroot/squid-sf//squid/contrib/rredir.c,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/contrib/rredir.c 23 Oct 2000 15:04:18 -0000 1.2 +++ squid/contrib/rredir.c 27 Feb 2001 14:18:23 -0000 1.2.6.1 @@ -1,4 +1,4 @@ -/* $Id: rredir.c,v 1.2 2000/10/23 15:04:18 hno Exp $ */ +/* $Id: rredir.c,v 1.2.6.1 2001/02/27 14:18:23 rvenning Exp $ */ /* * From: richard@hekkihek.hacom.nl (Richard Huveneers) @@ -80,7 +80,7 @@ s++; /* security: do not redirect to hidden files, the current - * ** directory or the parent directory */ + * directory or the parent directory */ if (*s == '.' || *s == '\0') goto dont_redirect; --- squid/doc/README.cygwin Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,44 +0,0 @@ -Robert Collins -Wed, 14 Jun 2000 - -KNOWN ISSUES: - - * Cygwin 1.1.2 fcntl doesn't support non-blocking sockets, so the - performance enhancements for squid that accept multiple outstanding - connections at once, actually decrease performance. - - * /etc/resolv.conf must have a valid nameserver. I haven't dug - into squids dns_internal as yet. - - * squid must be run -N, the fork call coredumps at the moment. - configure often doesn't get the SQUID_MAXFD values - the script - dies. Edit include/autoconf.h and set this to 256. I have seen - an earlier port to native win32 of squid (Romeo Anghelache - - http://www.phys-iasi.ro/users/romeo/) that has this set as high - as 2000. I am only running small sites at the moment so this - hasn't been tested w/high numbers. - - * dnsserver.c has some problems at the moment, but the internal - dns server runs fine. To get dnsserver to compile, run make and - after make has stap an error, run the same command, but don't - link against m - ie remove -lm from the gcc command. - - * rfc1123.c has an issue with _timezone deing defined twice. I - edited /usr/include/time.h and define this under the ANSI #ifdef - where timezone is exported from. This probably should be included - in the squid patch rather than the platform... - - * the #define for the sys_nerr import in util.c should probably - go via ./configure, and may not be the best way to do it. - - -Installation notes: - - * Install the bind 8.1.2 or newer rpm (I got it from Rebums' at - http://cygwin.cjb.net/. - - * Run configure and edit include/autoconf.h as listed above - - * Use srvany (NT resource kit) or a similar tool to run squid as - a service - --- squid/doc/Release-Notes-1.0.txt Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,404 +0,0 @@ - -$Id: Release-Notes-1.0.txt,v 1.2 2000/10/23 15:04:18 hno Exp $ - -Release Notes for version 1.0 of the Squid cache. - -TABLE OF CONTENTS: - - Private Objects - Proper parsing of HTTP reply codes - Support for If-Modified-Since GET - Improvements to the access log - Metadata reloads in the background - Unlinking swap files on restart and the -U option - Changes to debugging - New Access Control scheme - Using SIGHUP to reconfigure the cache - ftpget server - Changes to cache shutdown - Assigning weights to cache neighbors - Converting 'cache/log' from cached-1.4.pl3 - Notes on stoplists vs ttl_pattern - SIGUSR1 now rotates log files - ``no-query'' option for cache_host lines - - -Private Objects -============================================================================== - -The Squid cache uses the notions of ``private'' and ``public'' -objects. An object can start out as being private, but may later be -given public status. Private objects are associated with only a single -client whereas a public object may be sent to multiple clients at the -same time. When the cache finishes retrieving an object, if the object -is private it will be ejected from the cache. Only public objects -are saved on disk. - -There are a few ways to determine whether an object should be private -or public. One is the request method. Only URLs requested with -the ``GET'' method can be public. Another way is by examining the -URL string. URLs which match one of the stoplist entries will -always be private objects. Usually this includes ``cgi-bin'' scripts. -A third way is by checking the HTTP request and reply headers. For -example, if the request includes user authentication information, then -the object should never be made public. Additionally, some HTTP -replies such as ``401 Unauthorized'' should also never be made public. - -For these reasons, Squid starts all objects out as private and changes -them to public only after the HTTP reply headers have been read. - -Unfortunately, this causes some problems with the UDP-based Internet -Cache Protocol (ICP) used to query neighboring caches. Specifically, when -an ICP reply packet is received, it only contains the object URL which -is not sufficient enough to locate private objects in the cache metadata. -To get the additional information needed to locate private objects, we -decided to use the ``reqnum'' field of the ICP packet. This is an -acceptable solution, except that as implemented in cached-1.4.pl3 and -earlier, all ICP replies have the reqnum field reset to zero! - -Squid will make use of private objects until it notices that one of -its neighbors is sending ICP replies with the reqnum field set to zero. -It will then only use private keys for objects which are not going to -be queried for via ICP. These include objects in the stoplist and -If-Modified-Since requests. - -Proper parsing of HTTP reply codes -============================================================================== - -Squid parses HTTP replies to extract the reply code. The codes are used -to determine which objects should be cached, which should be ejected, -and which should be negative-cached. - -See HTTP-codes.txt for a list of HTTP response codes, and how they are -cached. - -The HTTP codes are now logged to "access.log" in the native format -(ie with 'emulate_httpd_log off'). - -Support for If-Modified-Since GET -============================================================================== -Squid supports IMS GET retrievals, but not through any neighbor caches. -Whenever an IMS GET request is received, Squid handles the requst in -one of three ways: - - * if the object is not in the cache, the request is treated as - a regular MISS. - * if the object is in the cache, and it has a more recent timestamp, - it is treated as a regular HIT. - * otherwise the cached object is assumed to be valid, and Squid - returns a NOT MODIFIED response. - -This means you should chose your TTL settings very carefully. - -Improvements to the access log -============================================================================== -The "access.log" file has been improved in a number of ways. There is now -only one log entry per client request and the size is always correct. -The format is now - - timestamp elapsed src-address type/code/hierarchy size method URL - - - timestamp: When the request is completed with millisecond - resolution. - - elapsed: elapsed time of the request, in milliseconds. - - src-address: IP address of the requesting client. - - type: An indication of how the request was handled - by the cache. These are described further below. - - code: The HTTP reply code when available. For ICP - requests this is always "000." If the reply code - was not given, it will be logged as "555." - - hierarchy: The code from the hierarchy.log file. - - size: For TCP requests, the amount of data written - to the client. For UDP requests, the size - of the request (in bytes). - - method: The request method (GET, POST, etc). - - URL: The URL of the request. - -Access Log Types: - -"TCP_" refers to requests on the HTTP port (3128) - - TCP_HIT A valid copy of the requested object was in the cache. - TCP_MISS The requested object was not in the cache. - TCP_EXPIRED The object was in the cache, but it had expired. - TCP_REFRESH The user forced a refresh ("reload"). - TCP_IFMODSINCE An If-Modified-Since GET request. - TCP_SWAPFAIL The object was believed to be in the cache, - but could not be accessed. - TCP_DENIED Access was denied for this request. - -"UDP_" refers to requests on the ICP port (3130) - - UDP_HIT A valid copy of the requested object was in the cache. - UDP_HIT_OBJ Same as UDP_HIT, but the object data was small enough - to be sent in the UDP reply packet. Saves the - following TCP request. - UDP_MISS The requested object was not in the cache. - UDP_DENIED Access was denied for this request. - UDP_INVALID An invalid request was received. -.............................................................................. -Hierarchy Log Types: - - DEAD_NEIGHBOR A sibling has been detected as dead after - failing to reply to 20 consecutive ICP - queries. - DEAD_PARENT A parent has been detected as dead. - DIRECT The object has been requested from the origin - server. - FIREWALL_IP_DIRECT The object has been requested from the origin - server because the origin host IP address is - inside your firewall. - FIRST_PARENT_MISS The object has been requested from the - parent cache with the fastest weighted round - trip time. - FIRST_UP_PARENT The object has been requested from the first - available parent in your list. - LOCAL_IP_DIRECT The object has been requested from the origin - server because the origin host IP address - matched your 'local_ip' list. - NEIGHBOR_HIT The object was requested from a sibling cache - which replied with a UDP_HIT. - NO_DIRECT_FAIL The object could not be requested because - of firewall restrictions and no parent caches - were available. - NO_PARENT_DIRECT The object was requested from the origin server - because no parent caches exist for the URL. - PARENT_HIT The object was requested from a parent cache - which replied with a UDP_HIT. - REVIVE_NEIGHBOR A sibling cache was detected as alive again. - REVIVE_PARENT A parent cache was detected as alive again. - SINGLE_PARENT The object was requested from the only - parent cache appropriate for this URL. - SOURCE_FASTEST The object was requested from the origin server - because the 'source_ping' reply arrived first. - UDP_HIT_OBJ The object was received in a UDP_HIT_OBJ reply - from a neighbor cache. - -Almost any of these may be preceeded by 'TIMEOUT_' if the two-second -(default) timeout occurs waiting for all ICP replies to arrive from -neighbors. - - -Metadata reloads in the background -============================================================================== -Upon restart, Squid automatically loads cache metadata in the -background. It will be able to service new requests immediately. As -new objects are added, there may be some "clashes" with old objects -using the same swap file on disk. In these cases you may see a message -in the cache logfile about "Active clash." This means the old object -has been discarded since it was replaced by a new object. - -The -F option causes the old behaviour -- reload all the metadata before -processing any requests, - - -Unlinking swap files on restart and the -U option -============================================================================== -When the cache reloads object metadata from disk some of the objects -will be expired or otherwise invalid. In the interest of speed, these -invalid objects will not be removed from the filesystem by default. They -will eventually be overwritten by new objects as enter the cache and -get saved to disk. - -The -U option can be used to actually remove the invalid objects from -disk. - -In addition, the -z option will not cause 'rm -rf [0-9][0-9]' to be -executed unless the -U option is also given. - -When swap files are not removed during restart there internal counters -for disk space taken will not match the actual disk space used. If you -have a large cache or plenty of extra disk space, this should not be a -problem. However, if space is an issue, you may want to use the -U -option at the cost of a slower restart. - - -Changes to debugging -============================================================================== -Squid has a flexible debugging scheme. You can enable more debugging -for certain functions and less for others. For example if you needed -to figure out why your access controls were behaving strangely, you -could enable debugging for section 28 at level 9. Currently, each -section corresponds to separate source code file: - - main.c: Section 1 - cache_cf.c: Section 3 - errorpage.c: Section 4 - comm.c: Section 5 - disk.c: Section 6 - fdstat.c: Section 7 - filemap.c: Section 8 - ftp.c: Section 9 - gopher.c: Section 10 - http.c: Section 11 - icp.c: Section 12 - icp_lib.c: Section 13 - ipcache.c: Section 14 - neighbors.c: Section 15 - objcache.c: Section 16 - proto.c: Section 17 - stat.c: Section 18 - stmem.c: Section 19 - store.c: Section 20 - tools.c: Section 21 - ttl.c: Section 22 - url.c: Section 23 - wais.c: Section 24 - mime.c: Section 25 - connect.c: Section 26 - send-announce.c: Section 27 - acl.c: Section 28 - -Debugging levels are set in the configuration file with the 'debug_options' -line. For example: - - debug_options ALL,1 28,9 22,5 - - -New Access Control scheme -============================================================================== -The old IP-based access controls have been replaced with a much more -flexible scheme. First you must define a set of access control lists. -There are N types of lists: - - 'src' client IP address - 'dst' server IP address** - 'method' method of the request (eg, GET, POST) - 'proto' protocol of the request (eg HTTP, WAIS) - 'domain' domain of the URL request (eg .foo.org) - 'port' port number of the URL request (eg 80, 21) - 'time' time-of-day and day-of-week - format: [SMTWHFA] [hh:mm-hh:mm] - 'pattern' regular expression matching on the URL-path - -After the access lists have been defined, you can then combine them -in way to allow or deny access. - -For example, your cache might be configured to accept requests -from both inside and outside of your organization. In that case you'd -probably want to allow internal clients to access anything, but limit -outside access to only sites within your organization. It could be -done like this: - - acl ourclients src 128.138.0.0/255.255.0.0 198.117.213.0/24 - acl ourservers domain .whatsamattu.edu - - http_access deny !ourclients !ourservers - http_access allow ourclients - -If you wanted to limit FTP requests to off-peak hours, you could use: - - acl daytime time MTWHF 08:00-17:00 - acl FTP proto FTP - http_access deny FTP daytime - -Any of the access list types can accept multiple values on the -same line, except for 'time'. Multiple values of an 'acl' -definition are treated with OR logic. Multiple ACLs of -an 'http_access' are treated with AND logic. -That is, all ACLs much match for the 'allow' or 'deny' take effect. -The order of the 'http_access' lines are important. When a line -matches any following lines are not considered at all. - -'icp_access' is the same as 'http_access' but it applies to the ICP -port. However, it is not yet fully implemented. It is only able to check -'src' and 'method' ACLs. - -**Note, the 'dst' ACL type has been added for version 1.0.beta12. In -that version it is implemented in a "lazy" manner. If the URL hostname -is not already in the IP cache, the ACL checks will not match it, but -they will start a DNS lookup so that it will likely be present for -future ACL checks. This means some users may occasionally get oddball -results. For example, a page may fail the first time, but succeed on -the second try, or vice-versa. - -Changes to cache shutdown -============================================================================== -Squid attempts to implement a "nice shutdown" upon receipt of a SIGTERM -signal. Rather than simply breaking all current connections, it waits -a configurable number of seconds for active requests to complete. The -default 'shutdown_lifetime' value is 30 seconds. - -As soon as the SIGTERM is received, the incoming HTTP socket is closed -so that no further requests will be accepted. - - -Using SIGHUP to reconfigure the cache -============================================================================== -Sending the squid process a HUP signal will prompt it to re-read its -configuration file. Before it can be reconfigured, it must make sure -that all active connections are closed. For this purpose squid -pretends to do a shutdown as described above; ie, it will wait up to -30 seconds for active requests to complete before re-reading the -configuration file. - - -ftpget server -============================================================================== -The ftpget program has been modified to act as a server for FTP -request. You may now notice that an "ftpget -S" process is always -present while the cache is running. The benefit of using an ftpget -server is that the cache process (which may be very large) no longer -needs to fork itself for FTP requests. - - -Assigning weights to cache neighbors -============================================================================== -Squid allows you to assign weights to parent caches. The weights are -used to calculate the ``first miss parent.'' The weight is specified in -the 'options' field of the 'cache_host' line. For example: - - cache_host big.foo.org parent 3128 3130 weight=5 - -The weight must be a non-zero integer. It is used as a divisor to -calculate a weighted round-trip-time (RTT). Higher weights will cause -a parent to have a ``better'' RTT. - -Weights are only involved when all parent caches return MISS. Squid still -fetches an object from the first parent or neighbor to reply with a HIT, -regardless of any weight values. - -Converting 'cache/log' from cached-1.4.pl3 -============================================================================== -Squid uses a slightly different format for the 'cache/log' file. In -particular, the words 'FILE:' and 'URL:' have been removed from each -line. To save your on-disk cache, you will need to convert this log -file before starting Squid. To do that use a simple awk command: - - mv log log.old - awk '{print $2,$4,$5,$6,$7}' < log.old > log - - -Notes on stoplists vs ttl_pattern -============================================================================== -You can use the stoplists ('http_stop', etc) in the configuration file -to prevent objects from being cached. Using a 'ttl_pattern' with the -TTL to zero will also prevent objects from being saved. - -The 'http_stop' (etc) have a dual purpose: to prevent objects from -being cached, and to prevent some requests from being queried at -neighbor caches. There is now a separate 'hierarchy_stoplist' which -can be used to prevent the hierarchy queries, but still allow objects -to be cached. For example, if your parent cache does now allow FTP -requests, then your hierarchy_stoplist should contain: - - hierarchy_stoplist ftp:// - - -SIGUSR1 now rotates log files -============================================================================== -In order to be more consistent with other daemon programs, SIGHUP is -used to reconfigure the running process. This means that we needed to -change the signal used to rotate the log files. We now use SIGUSR1 to -rotate the logs. - - -``no-query'' option for cache_host lines -============================================================================== -Some cache configurations behind firewalls may require ICP to be used -for caches behind the firewall, but not to caches on the other side -(because the firewall blocks UDP traffic). To achieve this, use the -no-query option: - - cache_host outside.my.org parent 3128 3130 no-query - cache_host inside.my.org neighbor 3128 3130 --- squid/doc/Release-Notes-1.1.txt Wed Feb 14 00:50:52 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,890 +0,0 @@ -$Id: Release-Notes-1.1.txt,v 1.2 2000/10/23 15:04:18 hno Exp $ - -Release Notes for version 1.1 of the Squid cache. - -TABLE OF CONTENTS: - - Ident (RFC 931) lookups - URL Redirector - Reverse IP Lookups, client hostname ACLs - Cache directory structure changes - Getting true DNS TTL info into Squid's IP cache - Using a neighbor as both a parent and a sibling - Forcing your neighbors to use you as a sibling - Refresh Rules and If-Modified-Since - Overriding neighbor refresh rules - Object Purge Policy - X-Forwarded-For request header - Network Probe Database - Planning for Squid's Memory Usage - Default Parent - Cachemgr Passwords - Round-Robin IP - Store Hash Configuration Options - GNU malloc - GNU regex - Access Log Fields - Access Log Tags - Hierarchy Data Tags - Using Multicast ICP - Store.log Fields - Notes for running Squid under NEXTSTEP - - -Ident (RFC 931) lookups -============================================================================== -Squid will make an RFC931/ident request for client connections if -'ident_lookup' is enabled in the config file. Currently, the ident -value is only logged with the request in the access.log. It is not -currently possible to use the ident return value for access control -purposes. - -URL Redirector -============================================================================== -Squid now has the ability to rewrite requested URLs. Implemented -as an external process (similar to a dnsserver), Squid can be -configured to pass every incoming URL through a 'redirector' process -that returns either a new URL, or a blank line to indicate no change. - -The redirector program is NOT a standard part of the Squid package. -However there are a couple of user-contributed redirectors in the -"contrib/" directory. Since everyone has different needs, it is up to -the individual administrators to write their own implementation. For -testing, and a place to start, this very simple Perl script can be -used: - - #!/usr/local/bin/perl - $|=1; - print while (<>); - -The redirector program must read URLs (one per line) on standard input, -and write rewritten URLs or blank lines on standard output. Note that -the redirector program can not use buffered I/O. Squid writes -additional information after the URL which a redirector can use to make -a decision. The input line consists of four fields: - - URL ip-address/fqdn ident method - -The ip-address is always given, the fqdn and ident fields will be given if -available, or will be "-" otherwise. Note that the ident value will only -be available if 'ident_lookup' in enabled in the config file. The -request method is GET, POST, etc. - -Note that when used in conjunction with the -V option (on a virtual hosted -machine) this provides a mechanism to use a single Squid cache as a front -end to numerous servers on different machines. URLs written to the -redirector will look like: - - http://192.0.0.1/foo - http://192.0.0.2/foo - -The redirector program might be this Perl script: - - #!/usr/local/bin/perl - $|=1; - while (<>) { - s@http://192\.0\.0\.1@http://www1.foo.org@; - s@http://192\.0\.0\.2@http://www2.foo.org@; - print; - } - -You may receive statistics on the redirector usage by requesting the -following 'cache_object' URL: - - % client cache_object://localhost/stats/redirector - - - -Reverse IP Lookups, client hostname ACLs. -============================================================================== -Squid now has a address-to-hostname cache ("fqdncache") much like the -name-to-address cache ("ipcache"). This means Squid can now write -client hostnames in the access log, and that client domain names can -be used in ACL expressions. - -If you would like to log hostnames instead of addresses, enable -'log_fqdn' in your config file. This causes a reverse-lookup to be -started just after the client connection has been accepted. If the -reverse lookup has completed by the time the entry gets logged, the -fully qualified domain name will be used, otherwise the IP address -is still logged. Squid does not wait for the reverse lookup before -logging the access. - -A new ACL type has been added for matching client hostnames: - - acl Myusers srcdomain foo.org - -The use of this ACL type may cause noticeable delay in serving objects -through the cache. However, so long as allowed clients are local, the -reverse lookup should not take very long and the delay may not be -noticed. - -Only the FQDN (i.e. the h_name field) is used for the comparison, -host aliases are *not* checked. - -If a reverse lookup fails, the word "none" will be used for the -comparison. If you wanted to deny access to clients which did not -map back to valid names, you could use - - acl BadClients srcdomain none - http_access deny BadClients - -NOTE: DNS has a number of known security problems. Squid does not make -any effort to guarantee the validity of data returned from gethostbyname() -or gethostbyaddr() calls. - - -Cache directory structure changes -============================================================================== -The following improvements to the cache directory structure are due -to Mark Treacy (mark@aone.com.au). - -Squid-1.0 used 100 first-level directories for each 'cache_dir'. For -very large caches, this meant between 5,000-10,000 files per directory, -which isn't good for performance on any unix system. As well as the -directory search times being slow, the amount of disk traffic due to -directory operations was quite large (due to directory fragmentation -(variable length filenames) each directory was about 100k in size). - -To reduce the number of files per directory it was necessary to -increase the number of directories used. If this was done using a -single level directory structure we would have a single 'cache_dir' -with an excessive number of directories in it. Hence we went to a 2 -level structure. We wanted to keep each directory smaller than a -filesystem block (usually 4-8k), and also wanted to be able to -accommodate 1M+ objects. Assuming approximately 256 objects per -directory, we settled on 16 first-level (L1) and 256 second-level (L2) -directories for a total of 16x256x256 = 1,048,576 objects. - -The number of L1 and L2 directories to use is configurable in the -squid.conf file (swap_level1_dirs, swap_level2_dirs). To estimate the -optimal numbers for your installation, we recommend the following -formula: - -given: - DS = amount of 'cache_swap' / number of 'cache_dir's - OS = avg object size = 20k - NO = objects per L2 directory = 256 - -calculate: - L1 = number of L1 directories - L2 = number of L2 directories - -such that: - L1 x L2 = DS / OS / NO - - -Getting true DNS TTL info into Squid's IP cache -============================================================================== -If you have source for BIND, you can modify it as indicated in the diff -below. It causes the global variable _dns_ttl_ to be set with the TTL -of the most recent lookup. Then, when you compile Squid, the configure -script will look for the _dns_ttl_ symbol in libresolv.a. If found, -dnsserver will return the TTL value for every lookup. - -This hack was contributed by Endre Balint Nagy - -diff -ru bind-4.9.4-orig/res/gethnamaddr.c bind-4.9.4/res/gethnamaddr.c ---- bind-4.9.4-orig/res/gethnamaddr.c Mon Aug 5 02:31:35 1996 -+++ bind-4.9.4/res/gethnamaddr.c Tue Aug 27 15:33:11 1996 -@@ -133,6 +133,7 @@ - } align; - - extern int h_errno; -+int _dns_ttl_; - - #ifdef DEBUG - static void -@@ -223,6 +224,7 @@ - host.h_addr_list = h_addr_ptrs; - haveanswer = 0; - had_error = 0; -+ _dns_ttl_ = -1; - while (ancount-- > 0 && cp < eom && !had_error) { - n = dn_expand(answer->buf, eom, cp, bp, buflen); - if ((n < 0) || !(*name_ok)(bp)) { -@@ -232,8 +234,11 @@ - cp += n; /* name */ - type = _getshort(cp); - cp += INT16SZ; /* type */ -- class = _getshort(cp); -- cp += INT16SZ + INT32SZ; /* class, TTL */ -+ class = _getshort(cp); -+ cp += INT16SZ; /* class */ -+ if (qtype == T_A && type == T_A) -+ _dns_ttl_ = _getlong(cp); -+ cp += INT32SZ; /* TTL */ - n = _getshort(cp); - cp += INT16SZ; /* len */ - if (class != C_IN) { - - -Using a neighbor as both a parent and a sibling -============================================================================== -The only difference between a sibling and a parent is that -cache misses are NOT fetched from siblings. In some cases it may be -desirable to use a neighbor as a parent for some domains and as a -sibling for others. This can now be accomplished with the -'neighbor_type_domain' configuration tag. For example: - - cache_host parent cache.foo.org 3128 3130 - neighbor_type_domain cache.foo.org sibling .com .net - neighbor_type_domain cache.foo.org sibling .au .de - -Note that neighbor_type_domain is totally separate from the -cache_host_domain option (which controls whether or not to query the -neighbor). In the absence of cache_host_domain restrictions, the -neighbor cache.foo.org will be queried for all requests. - -If the URL host domain is .com, .net, .au, or .de then cache.foo.org is -treated as a sibling (and MISSES will NOT be fetched through -cache.foo.org). Otherwise it will be treated as a parent (which is the -default from the cache_host line. - -Forcing your neighbors to use you as a sibling -============================================================================== -In a distributed cache hierarchy, you may need to force your peer -caches to use you as a sibling and not a parent; ie its okay for -them to fetch HITs from you, but not okay to resolve MISSes through -your cache (using your resources). - -This can be accomplished by using the 'miss_access' config line. The -miss_access ACL list is very similar to the 'http_access' list. This -functionality is implemented as a separate access list because when we -check the http_access list, we don't yet know if the request will be a -hit or miss. The sequence of events goes something like this: - - 1. accept new connection - 2. read request - 3. check http_access - 4. process request, check for hit or miss (IMS, etc) - 5. check miss_access - -Note that in order to get to the point where miss_access is checked, the -request must have also passed the http_access check. - -You probably only want to use 'src' type ACL's with miss_access, although -you can use any of the access control types. - -If you are restricting your neighbors, be sure to allow miss_access -to your local clients (e.g. users at browsers)! - - -Refresh Rules and If-Modified-Since -============================================================================== -Squid 1.1 switched from a Time-To-Live based expiration model to a -Refresh-Rate model. Objects are no longer purged from the cache when -they expire. Instead of assigning TTL's when the object enters the -cache, we now check freshness requirements when objects are requested. -If an object is "fresh" it is given directly to the client. If it is -"stale" then we make an If-Modified-Since request for it. - -When checking the object freshness, we calculate these values: - - AGE is how much the object has aged *since* it was retrieved: - - AGE = NOW - OBJECT_DATE - - LM_AGE is how old the object was *when* it was retrieved: - - LM_AGE = OBJECT_DATE - LAST_MODIFIED_TIME - - LM_FACTOR is the ratio of AGE to LM_AGE: - - LM_FACTOR = AGE / LM_AGE - - CLIENT_MAX_AGE is the (optional) maximum object age the client will - accept as taken from the HTTP/1.1 Cache-Control request header. - - EXPIRES is the (optional) expiry time from the server reply headers. - -These values are compared with the parameters of the 'refresh_pattern' -rules. The refresh parameters are: - - URL regular expression - MIN_AGE - PERCENT - MAX_AGE - -The URL regular expressions are checked in the order listed until a -match is found. Then this algorithm is applied for determining if an -object is fresh or stale: - - if (CLIENT_MAX_AGE) - if (AGE > CLIENT_MAX_AGE) - return STALE - if (AGE <= MIN_AGE) - return FRESH - if (EXPIRES) { - if (EXPIRES <= NOW) - return STALE - else - return FRESH - } - if (AGE > MAX_AGE) - return STALE - if (LM_FACTOR < PERCENT) - return FRESH - return STALE - -Note that the Max-Age in a client request takes the highest precedence. -The 'MIN' value should normally be set to zero since it has higher -precedence than the server's Expires: value. But if you wish to -override the Expires: headers, you may use the MIN value. - -Overriding neighbor refresh rules -============================================================================== -The refresh rules also have an effect on the requests your cache makes -to its neighbors. Squid uses the MAX_AGE value in the HTTP/1.1 -"Cache-Control: Max-age=nnn" request header for outgoing requests. -This solves the problem where neighbors with more relaxed refresh -policies would send you stale objects (by your configuration). - - -Object Purge Policy -============================================================================== -Squid attempts to keep the size of the disk cache relatively "smooth" -or "flat." That is, objects are removed at the same rate they are -added. Earlier versions had a "sawtooth" behavior where objects were -removed only when disk space reached an upper limit. - -Squid uses a Least-Recently-Used (LRU) replacement algorithm. Objects -with large LRU age values are removed before objects with small LRU age -values. We dynamically calculate the LRU age threshold, above which -objects are removed. The threshold is calculated as an exponential -function between the high and low water marks. When the store swap -size is near the low water mark, the LRU threshold is large. This -encourages more objects to be cached. When the store swap size is near -the high water mark, the LRU threshold is small, encouraging more -objects to be removed. The 'reference_age' configuration parameter -specifies the upper limit on the LRU age threshold. - -The Squid cache storage is implemented as a hash table with some number -of "hash buckets." Squid scans one bucket at a time and sorts all the -objects in the bucket by their LRU age. Objects with an LRU age -over the threshold are removed. The scan rate is adjusted so that -it takes approximately 24 hours to scan the entire cache. The -store buckets are randomized so that we don't always scan the same -buckets at the same time of the day. - -If the store swap size somehow exceeds the high water mark, Squid -performs an "emergency" object purge. We sort up to 256 objects in a -store bucket and remove the eight (8) least recently used ones. This -continues until the disk space is below the low water mark. - -X-Forwarded-For request header -============================================================================== -Squid used to add a request header called "Forwarded" which appeared -in some early HTTP/1.1 draft documents. This header had the format - - Forwarded: by cache-host for client-address - -Current HTTP/1.1 draft documents instead use the "Via" header, but it -does not provide any standard way of indicating the client address -in the request. Since a number of people missed having the originating -client address in the request, Squid now adds its own request header -called "X-Forwarded-For" which looks like this: - - X-Forwarded-For: 128.138.243.150, unknown, 192.52.106.30 - -Entries are always IP addresses, or the word "unknown" if the address -could not be determined or if it has been disabled with the -'forwarded_for' configuration option. - -We must note that access controls based on this header are extremely -weak and simple to fake. Anyone may hand-enter a request with any IP -address whatsoever. This is perhaps the reason why client IP addresses -have been omitted from the HTTP/1.1 specification. - - -Using ICMP to Measure the Network -============================================================================== -As of version 1.1.9, Squid is able to utilize ICMP Round-Trip-Time (RTT) -measurements to select the optimal location to forward a cache miss. -Previously, cache misses would be forwarded to the parent cache -which returned the first ICP reply message. These were logged -with FIRST_PARENT_MISS in the access.log file. Now we can -select the parent which is closest (RTT-wise) to the origin -server. - - 1. Supporting ICMP in your Squid cache - - It is more important that your parent caches enable the ICMP - features. If you are acting as a parent, then you may want - to enable ICMP on your cache. Also, if your cache makes - RTT measurements, it will fetch objects directly if your - cache is closer than any of the parents. - - If you want your Squid cache to measure RTT's to origin servers, - Squid must be compiled with the USE_ICMP option. This is easily - accomplished by uncommenting "-DUSE_ICMP=1" in src/Makefile and - src/Makefile.in. - - An external program called 'pinger' is responsible for sending and - receiving ICMP packets. It must run with root privileges. After - Squid has been compiled, the pinger program must be installed - separately. A special Makefile target will install 'pinger' with - appropriate permissions. - - % make install - % su - # make install-pinger - - There are three configuration file options for tuning the - measurement database on your cache. 'netdb_low' and 'netdb_high' - specify high and low water marks for keeping the database to a - certain size (e.g. just like with the IP cache). The 'netdb_ttl' - option specifies the minimum rate for pinging a site. If - 'netdb_ttl' is set to 300 seconds (5 minutes) then an ICMP packet - will not be sent to the same site more than once every five - minutes. Note that a site is only pinged when an HTTP request for - the site is received. - - Another option, 'minimum_direct_hops' can be used to try finding - servers which are close to your cache. If the measured hop count - to the origin server is less than or equal to minimum_direct_hops, - the request will be forwarded directly to the origin server. - - 2. Utilizing your parents database - - Your parent caches can be asked to include the RTT measurements - in their ICP replies. To do this, you must enable 'query_icmp' - in your config file: - - query_icmp on - - This causes a flag to be set in your outgoing ICP queries. - - If your parent caches return ICMP RTT measurements then - the eighth column of your access.log will have lines - similar to: - - CLOSEST_PARENT_MISS/it.cache.nlanr.net - - In this case, it means that 'it.cache.nlanr.net' returned - the lowest RTT to the origin server. If your cache measured - a lower RTT than any of the parents, the request will - be logged with - - CLOSEST_DIRECT/www.sample.com - - - 3. Inspecting the database - - The measurement database can be viewed from the cachemgr by - selecting "Network Probe Database." Hostnames are aggregated - into /24 networks. All measurements made are averaged over - time. Measurements are made to specific hosts, taken from - the URLs of HTTP requests. The recv and sent fields are the - number of ICMP packets sent and received. At this time they - are only informational. - - A typical database entry looks something like this: - - Network recv/sent RTT Hops Hostnames - 192.41.10.0 20/ 21 82.3 6.0 www.jisedu.org www.dozo.com - bo.cache.nlanr.net 42.0 7.0 - uc.cache.nlanr.net 48.0 10.0 - pb.cache.nlanr.net 55.0 10.0 - it.cache.nlanr.net 185.0 13.0 - - This means we have sent 21 pings to both www.jisedu.org and - www.dozo.com. The average RTT is 82.3 milliseconds. The - next four lines show the measured values from our parent - caches. Since 'bo.cache.nlanr.net' has the lowest RTT, - it would be selected as the location to forward a request - for a www.jisedu.org or www.dozo.com URL. - - -Planning for Squid's Memory Usage -============================================================================== -Squid-1.1 has better memory management, although still not ideal. -Squid uses memory in a variety of ways, but the bulk of memory -usage falls into two categories: per-object metadata and in-transit -objects. - -The per-object metadata consists of a StoreEntry data structure, plus -the URL for every object your cache knows about. This usually averages -out to about 100 bytes per object. If you assume that the objects -themselves average 20 KB each, then given your disk size ('cache_swap') -you need 1/200th as much for in-memory object metadata. - -The other big memory use is due to in-transit objects. The amount -of memory required for this will depend on your cache's usage patterns. -Obviously a more busy cache will require more memory for in-transit -objects. - -The 'cache_mem' parameter places a soft upper limit on the amount of -memory Squid allocates for holding whole objects in VM. The -'cache_mem' memory is allocated as a pool of 4k blocks. Objects held -in memory are stored in blocks from this pool. The 'cache_mem_low' and -'cache_mem_high' values affect the memory reclamation algorithm. - -There are two types of in-memory objects: in-transit objects and -completed objects. The in-transit objects are "locked" in memory until -they are completed. The completed objects may be either normal or -"negative-cached" objects. - -Whenever new memory is needed for in-transit objects and current usage -is above the high water mark, Squid purges some completed objects from -memory. The in-memory objects are sorted by time of last use and then -removed in order until memory usage is below the low water mark. - -Occasionally Squid may need to exceed the maximum number of blocks. -This will happen if all of the in-transit objects will not fit within -the 'cache_mem' pool size. You will see this warning in your cache.log -file: - - WARNING: Exceeded 'cache_mem' size (4122K > 4096K) - -If this warning occurs frequently then you need to consider either -increasing the 'cache_mem' value or decreasing the -'maximum_object_size' value. If the cache_mem usage is above the low -water mark, then Squid will check for objects larger than -'maximum_object_size.' Any such objects are put into "delete behind" -mode which means Squid releases the section of the object which has -been delivered to all clients reading from it. - -As a rule-of-thumb, you should probably set 'cache_mem' to 1/3 of your -machine's physical memory amount. You can plan on another 1/3 being -used by the per-object metadata. And the final 1/3 will be used by -other data structures, unaccounted memory, and malloc() overhead. -Note, this assumes that the machine will be dedicated to running -Squid. If there are other services on the machine, the memory -estimates should be lowered. - -Default Parent -============================================================================== -Squid has the ability to mark parent caches as the 'default' way to -fetch objects. This is probably only useful with the 'no-query' option. -For example, the configuration - - cache_host N1 sibling 3128 3130 - cache_host N2 sibling 3128 3130 - cache_host N3 sibling 3128 3130 - cache_host P1 parent 3128 3130 no-query default - -will result in ICP queries to sibling caches N1, N2, and N3. If none -of the siblings has the requested object then it will be retrieved -through parent P1 due to the 'default' designation. Note that -'default' does not conflict with any 'cache_host_domain' restrictions -which might be placed on a neighbor. - -We do not normally recommend use of the default option. If your -parent cache(s) uses ICP then you should also send them ICP queries. -If your default parent is unreachable then Squid will return error -messages, it will not attempt direct connections to the source. - -Cachemgr Passwords -============================================================================== -Squid-1.1 allows cachemgr passwords to be specified in the squid.conf -file (instead of an /etc/passwd entry). There may be a different -password for each cachemgr operation, but only one password per -operation. Some sensitive operations require a password, others may be -executed if no passwords are given in the squid.conf file. Operations -may be disabled by setting the password to "none." See squid.conf for a -full list of cachemgr operations. - -Round-Robin IP -============================================================================== -When a hostname resolves to multiple IP addresses, Squid now cycles to -the next address after each connection. If a connection to an address -fails, it is removed from the list. If a hostname runs out of -addresses, it is removed from the IP cache. - -Store Hash Configuration Options -============================================================================== -Squid's internal hash table for holding objects has a couple of -configuration options (thanks to Mark Treacy). Given the following -configuration parameters: - - cache_swap - store_avg_object_size # default 20K - store_objects_per_bucket # default 20 - -We first estimate the number of objects your cache can hold: - - NUM_OBJ = cache_swap / store_avg_object_size - -Then we estimate the number of hash buckets needed: - - NUM_BUCKETS = NUM_OBJ / store_objects_per_bucket - -We want Squid to scan the entire hash table, one bucket at a time, over -the course of about a day. We also need NUM_BUCKETS to be a prime -number for optimal distribution of the hash table. NUM_BUCKETS is -rounded off so that the number of buckets and maintenance rate are -taken from this table: - - store_buckets store_maintain_rate - 7951 10 sec - 12149 7 sec - 16231 5 sec - 33493 2 sec - 65357 1 sec - -If you want to increase the maintenance rate then decrease the -store_objects_per_bucket parameter. - -GNU malloc -============================================================================== -Many users have reported significant performance improvements when Squid -is linked with the GNU malloc library. A check for 'libgnumalloc.a' -has therefore been added to the configure script. If libgnumalloc.a -is found, it is automatically linked in. - -GNU regex -============================================================================== -Squid's configure script attempts to determine whether or not it should -compile the GNU regex functions supplied in the source distribution. -If your system appears to have its own POSIX compliant regex functions -then configure may decide to use those instead of GNU regex. - -Access Log Fields -============================================================================== -The native access.log has ten (10) fields. There is one entry here for -each HTTP (client) request and each ICP Query. HTTP requests are -logged when the client socket is closed. A single dash ('-') indicates -unavailable data. - - 1) Timestamp - The time when the client socket is closed. The format is "Unix - time" (seconds since Jan 1, 1970) with millisecond resolution. - 2) Elapsed Time - The elapsed time of the request, in milliseconds. This is time - time between the accept() and close() of the client socket. - 3) Client Address - The IP address of the connecting client, or the FQDN if the - 'log_fqdn' option is enabled in the config file. - 4) Log Tag / HTTP Code - The Log Tag describes how the request was treated locally (hit, - miss, etc). All the tags are described below. The HTTP code - is the reply code taken from the first line of the HTTP reply - header. Non-HTTP requests may have zero reply codes. - 5) Size - The number of bytes written to the client. - 6) Request Method - The HTTP request method, or ICP_QUERY for ICP requests. - 7) URL - The requested URL. - 8) Ident - If 'ident_lookup' is on, this field may contain the username - associated with the client connection as derived from the - ident service. - 9) Hierarchy Data / Hostname - A description of how and where the requested object was - fetched. -10) Content Type - The Content-type field from the HTTP reply. - -Access Log Tags -============================================================================== -"TCP_" refers to requests on the HTTP port (3128) - - TCP_HIT A valid copy of the requested object was - in the cache. - TCP_MISS The requested object was not in the cache. - TCP_REFRESH_HIT The object was in the cache, but STALE. - An If-Modified-Since request was made and - a "304 Not Modified" reply was received. - TCP_REF_FAIL_HIT The object was in the cache, but STALE. - The request to validate the object failed, - so the old (stale) object was returned. - TCP_REFRESH_MISS The object was in the cache, but STALE. - An If-Modified-Since request was made and - the reply contained new content. - TCP_CLIENT_REFRESH The client issued a request with the - "no-cache" pragma. - TCP_IMS_HIT The client issued an If-Modified-Since - request and the object was in the cache - and still fresh. - TCP_IMS_MISS The client issued an If-Modified-Since - request for a stale object. - TCP_SWAPFAIL The object was believed to be in the cache, - but could not be accessed. - TCP_DENIED Access was denied for this request - -"UDP_" refers to requests on the ICP port (3130) - - UDP_HIT A valid copy of the requested object was in the cache. - UDP_HIT_OBJ Same as UDP_HIT, but the object data was small enough - to be sent in the UDP reply packet. Saves the - following TCP request. - UDP_MISS The requested object was not in the cache. - UDP_DENIED Access was denied for this request. - UDP_INVALID An invalid request was received. - UDP_RELOADING The ICP request was "refused" because the cache is - busy reloading its metadata. - -"ERR_" refers to various types of errors for HTTP requests. - -Hierarchy Data Tags -============================================================================== - - DIRECT The object has been requested from the origin - server. - FIREWALL_IP_DIRECT The object has been requested from the origin - server because the origin host IP address is - inside your firewall. - FIRST_PARENT_MISS The object has been requested from the - parent cache with the fastest weighted round - trip time. - FIRST_UP_PARENT The object has been requested from the first - available parent in your list. - LOCAL_IP_DIRECT The object has been requested from the origin - server because the origin host IP address - matched your 'local_ip' list. - SIBLING_HIT The object was requested from a sibling cache - which replied with a UDP_HIT. - NO_DIRECT_FAIL The object could not be requested because - of firewall restrictions and no parent caches - were available. - NO_PARENT_DIRECT The object was requested from the origin server - because no parent caches exist for the URL. - PARENT_HIT The object was requested from a parent cache - which replied with a UDP_HIT. - SINGLE_PARENT The object was requested from the only - parent cache appropriate for this URL. - SOURCE_FASTEST The object was requested from the origin server - because the 'source_ping' reply arrived first. - PARENT_UDP_HIT_OBJ The object was received in a UDP_HIT_OBJ reply - from a parent cache. - SIBLING_UDP_HIT_OBJ The object was received in a UDP_HIT_OBJ reply - from a sibling cache. - PASSTHROUGH_PARENT The neighbor or proxy defined in the config - option 'passthrough_proxy' was used. - SSL_PARENT_MISS The neighbor or proxy defined in the config - option 'ssl_proxy' was used. - DEFAULT_PARENT No ICP queries were sent to any parent - caches. This parent was chosen because - it was marked as 'default' in the config - file. - ROUNDROBIN_PARENT No ICP queries were received from any parent - caches. This parent was chosen because - it was marked as 'default' in the config - file and it had the lowest round-robin use - count. - CLOSEST_PARENT_MISS This parent was selected because it - included the lowest RTT measurement to - the origin server. This only appears - with 'query_icmp on' set in the config - file. - CLOSEST_DIRECT The object was fetched directly from the - origin server because this cache measured - a lower RTT than any of the parent caches. - - -Almost any of these may be preceeded by 'TIMEOUT_' if the two-second -(default) timeout occurs waiting for all ICP replies to arrive from -neighbors. - -Using Multicast ICP -============================================================================== -As of Squid-1.1.6, ICP queries can be sent via multicast. Use of multicast -requires the following config file entries: - - 1) A cache which wants to *receive* multicast ICP queries must - be configured to join a multicast address. This is done with - the 'mcast_groups' directive. For example: - - mcast_groups 224.9.9.9 - - 2) A cache which wants to *send* multicast ICP queries must add - a "multicast group" neighbor. For example: - - cache_host 224.9.9.9 multicast 3128 3130 ttl=64 - - In this situation, the HTTP port (3128) is ignored, but the ICP - port (3130) must be correct. All multicast group members must - use the same ICP port number. The 'ttl=' option specifies the - IP Multicast TTL value to be used when sending a multicast - datagram. - - 3) Because Squid does not trust ICP replies received from unknown - peers, you must specify all acceptable neighbors which might - respond to your multicast query. These appear as normal parents - or siblings, but with the special 'multicast-responder' option. - For example: - - cache_host foo.sample.com sibling 3128 3130 multicast-responder - -Use of multicast creates an interesting dilemma; normally Squid sends N -queries and expects N replies. But with multicast Squid doesn't really -know how many replies to expect. Somehow Squid must know roughly how -many ICP replies to expect, but at the same time it must be careful to -not over-estimate and therefore incur many ICP query timeouts. - -The current approach is this: Squid periodically (every 15 minutes) -sends fake ICP queries to only multicast peers. The replies are -counted, up until the 'neighbor_timeout' time. The count is averaged -over time with a fast decay so that it adjusts relatively quickly. -The number of replies to expect is rounded down to the nearest whole -integer to minimize the chance of suffering the neighbor timeout -on real ICP queries. - -Store.log Fields -============================================================================== -The file store.log consists of the following fields: - - time action code date lastmod expires type expect-len/real-len method key - - time The time this entry was logged. The value is the - raw Unix time plus milliseconds. - - action One of RELEASE, SWAPIN, or SWAPOUT. - RELEASE means the object has been removed from the cache. - SWAPOUT means the object has been saved to disk. - SWAPIN means the object existed on disk and has been - swapped into memory. - - code The HTTP reply code. - - The following three fields are timestamps parsed from the HTTP - reply headers. All are expressed in Unix time. A missing header - is represented with -2 and an unparsable header is represented as -1. - - date The value of the HTTP Date reply header. If the Date - header is missing or invalid, the time of the request - is used instead. - - lastmod The value of the HTTP Last-Modified: reply header. - - expires The value of the HTTP Expires: reply header. - - type The HTTP Content-Type reply header. - - expect-len The value of the HTTP Content-Length reply header. - Zero if Content-Length was missing. - - real-len The number of bytes of content actually read. If the - expect-len is non-zero, and not equal to the real-len, - the object will be released from the cache. - - method HTTP request method - - key The cache key. Often this is simply the URL. Cache objects - which never become public will have cache keys that include - a unique integer sequence number, the request method, and - then the URL. - - -Notes for running Squid under NEXTSTEP -============================================================================== -When running Squid under NEXTSTEP 3.x, and when that NEXTSTEP system -runs a BIND named process (most NEXTSTEPS handle that through netinfo -and netinfo might contact a BIND named on another system) squid can -trigger an error in the older BIND named that comes with NEXTSTEP 3.x. -It is therefore necessary for systems running NEXTSTEP 3.x, which run -their own BIND named, to run a more recent version of BIND. Luckily you -don't have to compile BIND yourself, a fat (m68k i486 hppa sparc) -Installer package for BIND-4.9.5 is available through -ftp://ftp.nluug.nl/pub/comp/next/Internet. - -NB: It might be necessary to have BIND running to run Squid under -NEXTSTEP releases before NEXTSTEP 3.3+patch. Earlier releases of -NEXTSTEP did not have a multithreaded netinfo resolver, which means -that Squid's use of multiple dnsserver processes to prevent blocking is -thwarted by netinfo blocking on every request. - -Gerben Wierda - Index: squid/doc/debug-sections.txt =================================================================== RCS file: /cvsroot/squid-sf//squid/doc/debug-sections.txt,v retrieving revision 1.2 retrieving revision 1.2.8.1 diff -u -r1.2 -r1.2.8.1 --- squid/doc/debug-sections.txt 21 Oct 2000 15:16:08 -0000 1.2 +++ squid/doc/debug-sections.txt 27 Feb 2001 14:18:23 -0000 1.2.8.1 @@ -33,7 +33,7 @@ section 26 Secure Sockets Layer Proxy section 27 Cache Announcer section 28 Access Control -section 29 Redirector +section 29 Redirector & Authentication section 30 Ident (RFC 931) section 31 Hypertext Caching Protocol section 32 Asynchronous Disk I/O Index: squid/doc/Programming-Guide/prog-guide.sgml =================================================================== RCS file: /cvsroot/squid-sf//squid/doc/Programming-Guide/prog-guide.sgml,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/doc/Programming-Guide/prog-guide.sgml 23 Oct 2000 15:04:18 -0000 1.3 +++ squid/doc/Programming-Guide/prog-guide.sgml 27 Feb 2001 14:18:23 -0000 1.3.6.1 @@ -2,7 +2,7 @@

Squid Programmers Guide Duane Wessels, Squid Developers -$Id: prog-guide.sgml,v 1.3 2000/10/23 15:04:18 hno Exp $ +$Id: prog-guide.sgml,v 1.3.6.1 2001/02/27 14:18:23 rvenning Exp $ Squid is a WWW Cache application developed by the National Laboratory @@ -153,6 +153,14 @@ information and continues the access control checks when the information is available. +Authentication Framework + +

+ These functions are responsible for handling HTTP authentication. + They follow a modular framework allow different auth schemes + to be added at will. For information on working with the auth schemes + See the chapter Authentication Framework. + Network Communication

@@ -257,7 +265,7 @@ and Callback Data Database +Callback Data Allocator

Squid's extensive use of callback functions makes it very @@ -1840,10 +1848,6 @@ It should also populate the _data member with a pointer to policy specific data. -

- Prior to returning the created instance must be registered as - callback-data by calling cbdataAdd(). - Walker

@@ -1852,10 +1856,6 @@ policy implementation must make sure to NULL fill the structure prior to populating it in order to assure future API compability. -

- Prior to returning the created instance must be registered as - callback-data by calling cbdataAdd(). - Design notes/bugs

@@ -2019,6 +2019,348 @@

To be written... + +Authentication Framework + +

+ + Definition of an auth scheme. + Data types + How to add a new auth scheme + How to 'hook in' new functions to the API. + +

+ Definition of an auth scheme + +

An auth scheme in squid is the collection of functions required to + manage the authentication process for a given HTTP authentication + scheme. Existing auth schemes in squid are Basic and NTLM. Other HTTP + schemes (see for example rfc 2617) have been published and could be + implemented in squid. The term auth scheme and auth module are + interchangable. An auth module is not to be confused with an + authentication helper, which is a scheme specific external program used + by a specific scheme to perform data manipulation external to squid. + Typically this involves comparing the browser submitted credentials with + those in the organisation's user directory. + +

Auth modules SHOULD NOT perform access control functions. Squid has + advanced caching access control functionality already. Future work in + squid will allow a auth scheme helper to return group information for a + user, to allow Squid to more seamlessly implement access control. + +

Data types + +

The data types are presented in C for the simple reason that squid is + currently written exclusively in C. + +

Function typedefs. + +

Each function related to the general case of http authentication has + a matching typedef. There are some additional function types used to + register/initialise, deregister/shutdown and provide stats on auth + modules: + +

typedef int AUTHSACTIVE(); + +

The Active function is used by squid to determine whether the auth + module has successfully initialised itself with the current configuration. + +

typedef int AUTHSCONFIGURED(); + +

The configured function is used to see if the auth module has been given + valid parameters and is able to handle authentication requests if initialised. + If configured returns 0 no other module functions except + Shutdown/Dump/Parse/FreeConfig will be called by Squid. + +

typedef void AUTHSSETUP(authscheme_entry_t *); + +

functions of type AUTHSSETUP are used to register an auth module with + squid. The registration function MUST be named + "authSchemeSetup_SCHEME" where SCHEME is the auth_scheme as + defined by rfc 2617. Only one auth scheme registered in squid can + provide functionality for a given auth_scheme. (I.e. only one auth + module can handle Basic, only one can handle Digest and so forth). The + Setup function is responsible for registering the functions in the + auth module into the passed authscheme_entry_t. The authscheme_entry_t + will never be NULL. If it is NULL the auth module should log an error + and do nothing. The other functions can have any desired name that does + not collide with any statically linked function name within Squid. It is + recommended to use names of the form "authe_SCHEME_FUNCTIONNAME" (for example + authenticate_NTLM_Active is the Active() function for the NTLM auth + module. + +

typedef void AUTHSSHUTDOWN(void); + +

Functions of type AUTHSSHUTDOWN are responsible for freeing any + resources used by the auth modules. The shutdown function will be called + before squid reconfigures, and before squid shutsdown. + +

typedef void AUTHSINIT(authScheme *); + +

Functions of type AUTHSINIT are responsible for allocating any + needed resources for the authentication module. AUTHSINIT functions are + called after each configuration takes place before any new requests are + made. + +

typedef void AUTHSPARSE(authScheme *, int, char *); + +

Functions of type AUTHSPARSE are responsible for parsing + authentication parameters. The function currently needs a scheme scope + data structure to store the configuration in. The passed scheme's + scheme_data pointer should point to the local data structure. Future + development will allow all authentication schemes direct access to their + configuration data without a locally scope structure. The parse function + is called by squid's config file parser when a auth_param scheme_name + entry is encountered. + +

typedef void AUTHSFREECONFIG(authScheme *); + +

Functions of type AUTHSFREECONFIG are called by squid when freeing + configuration data. The auth scheme should free any memory allocated + that is related to parse data structures. The scheme MAY take advantage + of this call to remove scheme local configuration dependent data. (Ie + cached user details that are only relevant to a config setting). + +

typedef void AUTHSDUMP(StoreEntry *, const char *, authScheme *); + +

Functions of type AUTHSDUMP are responsible for writing to the + StoreEntry the configuration parameters that a user would put in a + config file to recreate the running configuration. + +

typedef void AUTHSSTATS(StoreEntry *); +

Functions of type AUTHSSTATS are called by the cachemgr to provide + statistics on the authmodule. Current modules simply provide the + statistics from the back end helpers (number of requests, state of the + helpers), but more detailed statistics are possible - for example unique + users seen or failed authentication requests. +

The next set of functions work on the data structures used by the + authentication schemes. + +

typedef void AUTHSREQFREE(auth_user_request_t *); + +

The AUTHSREQFREE function is called when a auth_user_request is being + freed by the authentication framework, and scheme specific data was + present. The function should free any scheme related data and MUST set + the scheme_data pointer to NULL. Failure to unlink the scheme data will + result in squid dieing. + +

typedef char *AUTHSUSERNAME(auth_user_t *); + +

Squid does not make assumptions about where the username is stored. + This function must return a pointer to a NULL terminated string to be + used in logging the request. Return NULL if no username/usercode is + known. The string should NOT be allocated each time this function is + called. + +

typedef int AUTHSAUTHED(auth_user_request_t *); + +

The AUTHED function is used by squid to determine whether the auth + scheme has successfully authenticated the user request. If timeouts on + cached credentials have occured or for any reason the credentials are + not valid, return false.

The next set of + functions perform the actual authentication. The functions are used by + squid for both WWW- and Proxy- authentication. Therefore they MUST NOT + assume the authentication will be based on the Proxy-* Headers. + +

typedef void AUTHSAUTHUSER(auth_user_request_t *, request_t *, ConnStateData *, http_hdr_type); +

Functions of type AUTHSAUTHUSER are called when Squid has a request + that needs authentication. If needed the auth scheme can alter the + auth_user pointer (usually to point to a previous instance of the user + whose name is discovered late in the auth process. For an example of + this see the ntlm scheme). These functions are responsible for + performing any in-squid routines for the authentication of the user. The + auth_user_request struct that is passed around is only persistent for + the current request. If the auth module requires access to the structure + in the future it MUST lock it, and implement some method for identifying + it in the future. For example the NTLM module implements a connection + based authentication scheme, so the auth_user_request struct gets + referenced from the ConnStateData. + +

typedef void AUTHSDECODE(auth_user_request_t *, const char *); + +

Functions of type AUTHSDECODE are responsible for decoding the passed + authentication header, creating or linking to a auth_user struct and for + storing any needed details to complete authentication in AUTHSAUTHUSER. + +

typedef int AUTHSDIRECTION(auth_user_request_t *); + +

Functions of type AUTHSDIRECTION are used by squid to determine what + the next step in performing authentication for a given scheme is. The + following are the return codes: + + -2 = error in the auth module. Cannot determine request direction. + -1 = the auth module needs to send data to an external helper. + Squid will prepare for a callback on the request and call the + AUTHSSTART function. + 0 = the auth module has all the information it needs to + perform the authentication and provide a succeed/fail result. + 1 = the auth module needs to send a new challenge to the + request originator. Squid will return the appropriate status code + (401 or 407) and call the registered FixError function to allow the + auth module to insert it's challenge. + +

typedef void AUTHSFIXERR(auth_user_request_t *, HttpReply *, http_hdr_type, request_t *); + +

Functions of type AUTHSFIXERR are used by squid to add scheme + specific challenges when returning a 401 or 407 error code. On requests + where no authentication information was provided, all registered auth + modules will have their AUTHSFIXERR function called. When the client + makes a request with an authentication header, on subsequent calls only the matching + AUTHSFIXERR function is called (and then only if the auth module + indicated it had a new challenge to send the client). If no auth schemes + match the request, the authentication credentials in the request are + ignored - and all auth modules are called. + +

typedef void AUTHSFREE(auth_user_t *); + +

These functions are responsible for freeing scheme specific data from + the passed auth_user_t structure. This should only be called by squid + when there are no outstanding requests linked to the auth user. This includes + removing the user from any scheme specific memory caches. + +

typedef void AUTHSADDHEADER(auth_user_request_t *, HttpReply *, int); + typedef void AUTHSADDTRAILER(auth_user_request_t *, HttpReply *, int); + +

These functions are responsible for adding any authentication + specific header(s) or trailer(s) OTHER THAN the WWW-Authenticate and + Proxy-Authenticate headers to the passed HttpReply. The int indicates + whether the request was an accelerated request or a proxied request. For + example operation see the digest auth scheme. (Digest uses a + Authentication-Info header.) This function is called whenever a + auth_user_request exists in a request when the reply is constructed + after the body is sent on chunked replies respectively. + +

typedef void AUTHSONCLOSEC(ConnStateData *); + +

This function type is called when a auth_user_request is + linked into a ConnStateData struct, and the connection is closed. If any + scheme specific activities related to the request or connection are in + progress, this function MUST clear them. + +

typedef void AUTHSSTART(auth_user_request_t * , RH * , void *); + +

This function type is called when squid is ready to put the request + on hold and wait for a callback from the auth module when the auth + module has performed it's external activities. + +

Structures + +

This is used to link auth_users into the username cache. Because some + schemes may link in aliases to a user, the link is not part of the + auth_user structure itself. + +

struct _auth_user_hash_pointer { + /* first two items must be same as hash_link */ + char *key; + auth_user_hash_pointer *next; + auth_user_t *auth_user; + dlink_node link; /* other hash entries that point to the same auth_user */ + }; + +

This is the main user related structure. It stores user-related data, + and is persistent across requests. It can even persistent across + multiple external authentications. One major benefit of preserving this + structure is the cached acl match results. This structure, is private to + the authentication framework. + +

struct _auth_user_t { + /* extra fields for proxy_auth */ + /* this determines what scheme owns the user data. */ + auth_type_t auth_type; + /* the index +1 in the authscheme_list to the authscheme entry */ + int auth_module; + /* we only have one username associated with a given auth_user struct */ + auth_user_hash_pointer *usernamehash; + /* we may have many proxy-authenticate strings that decode to the same user*/ + dlink_list proxy_auth_list; + dlink_list proxy_match_cache; + struct { + unsigned int credentials_ok:2; /*0=unchecked,1=ok,2=failed*/ + } flags; + long expiretime; + /* IP addr this user authenticated from */ + struct in_addr ipaddr; + time_t ip_expiretime; + /* how many references are outstanding to this instance*/ + size_t references; + /* the auth scheme has it's own private data area */ + void *scheme_data; + /* the auth_user_request structures that link to this. Yes it could be a splaytree + * but how many requests will a single username have in parallel? */ + dlink_list requests; + }; + +

This is a short lived structure is the visible aspect of the + authentication framework. + +

struct _auth_user_request_t { + /* this is the object passed around by client_side and acl functions */ + /* it has request specific data, and links to user specific data */ + /* the user */ + auth_user_t *auth_user; + /* return a message on the 401/407 error pages */ + char *message; + /* any scheme specific request related data */ + void *scheme_data; + /* how many 'processes' are working on this data */ + size_t references; + }; + + The authscheme_entry struct is used to store the runtime registered + functions that make up an auth scheme. An auth scheme module MUST implement + ALL functions except the + following functions: oncloseconnection, AddHeader, AddTrailer.. In + the future more optional functions may be added to this data type. + +

+ struct _authscheme_entry { + char *typestr; + AUTHSACTIVE *Active; + AUTHSADDHEADER *AddHeader; + AUTHSADDTRAILER *AddTrailer; + AUTHSAUTHED *authenticated; + AUTHSAUTHUSER *authAuthenticate; + AUTHSDUMP *dump; + AUTHSFIXERR *authFixHeader; + AUTHSFREE *FreeUser; + AUTHSFREECONFIG *freeconfig; + AUTHSUSERNAME *authUserUsername; + AUTHSONCLOSEC *oncloseconnection; /*optional*/ + AUTHSDECODE *decodeauth; + AUTHSDIRECTION *getdirection; + AUTHSPARSE *parse; + AUTHSINIT *init; + AUTHSREQFREE *requestFree; + AUTHSSHUTDOWN *donefunc; + AUTHSSTART *authStart; + AUTHSSTATS *authStats; + }; + +

For information on the requirements for each of the functions, see + the details under the typedefs above. For reference implementations, see + the squid source code, /src/auth/basic for a request based stateless auth module, and + /src/auth/ntlm for a connection based stateful auth module. + +

How to add a new auth scheme + +

Copy the nearest existing auth scheme and modify to recieve the + approprate scheme headers. Now step through the acl.c MatchAclProxyUser + function's code path and see how the functions call down through + authenticate.c to your scheme. Write a helper to provide you scheme with + any backend existence it needs. Remember any blocking code must go in + AUTHSSTART function(s) and _MUST_ use callbacks. + +

How to 'hook in' new functions to the API. + +

Start of by figuring the code path that will result in the function + being called, and what data it will need. Then create a typedef for the + function, add and entry to the authscheme_entry struct. Add a wrapper + function to authenticate.c (or if approprate cf_cache.c) that called the + scheme specific function if it exists. Test it. Test it again. Now + port to all the existing auth schemes, or at least add a setting + of NULL for the function for each scheme. + + ICP @@ -2037,8 +2379,8 @@

To be written... - -Callback Data Database + +Callback Data Allocator

Squid's extensive use of callback functions makes it very @@ -2060,14 +2402,16 @@ before the operation completes.

- The callback data database lets us do this in a uniform and - safe manner. Every callback_data pointer must be added to the - database. It is then locked while the blocking operation executes - elsewhere, and is freed when the operation completes. The normal - sequence of events is: + The callback data allocator lets us do this in a uniform and + safe manner. The callback data allocator is used to allocate, + track and free memory pool objects used during callback + operations. Allocated memory is locked while the blocking + operation executes elsewhere, and is freed when the operation + completes. The normal sequence of events is: - callback_data = malloc(...); - cbdataAdd(callback_data); + type_of_data callback_data; + ... + callback_data = CBDATA_ALLOC(type_of_data, free_handler); ... cbdataLock(callback_data); fooOperationStart(bar, callback_func, callback_data); @@ -2083,8 +2427,7 @@ With this scheme, nothing bad happens if - callback_data = malloc(...); - cbdataAdd(callback_data); + callback_data = CBDATA_ALLOC(...); ... cbdataLock(callback_data); fooOperationStart(bar, callback_func, callback_data); @@ -2103,6 +2446,40 @@ called, it notices that the callback_data is invalid and will then call + To add new module specific data types to the allocator one uses the + macros CBDATA_TYPE and CBDATA_INIT_TYPE. These creates a local cbdata + definition (file or block scope). Any CBDATA_ALLOC calls must be made + within this scope. However, cbdataFree might be called from anywhere. + + + /* First the cbdata type needs to be defined in the module. This + * is usually done at file scope, but it can also be local to a + * function or block.. + */ + CBDATA_TYPE(type_of_data); + + /* Then in the code somewhere before the first allocation + * (can be called multiple times with only a minimal overhead) + */ + CBDATA_INIT_TYPE(type_of_data); + + +

+ To add new global data types one have to add them to the + cbdata_type enum in enums.h, and a corresponding + CREATE_CBDATA call in cbdata.c:cbdataInit(). Or alternatively + add a CBDATA_GLOBAL_TYPE definition to globals.h and use + CBDATA_INIT_TYPE as described above. + + + extern CBDATA_GLOBAL_TYPE(type_of_data); /* CBDATA_UNDEF */ + + +

+ TODO: Restructure the free function so there is one free function + associated with the whole cbdata type rather than per allocation. + Cache Manager @@ -2535,4 +2912,80 @@ character buffer into a swap_hdr_sz/. +leakFinder + +

+src/leakfinder.c contains some routines useful for debugging +and finding memory leaks. It is not enabled by default. To enable +it, use + +configure --enable-leakfinder ... + + +

+The module has three public functions: leakAdd, +leakFree, and leakTouch Note, these are actually +macros that insert __FILE__ and __LINE__ arguments to the real +functions. +

+leakAdd should be called when a pointer is first created. +Usually this follows immediately after a call to malloc or some +other memory allocation function. For example: + + ... + void *p; + p = malloc(100); + leakAdd(p); + ... + + +

+leakFree is the opposite. Call it just before releasing +the pointer memory, such as a call to free. For example: + + ... + leakFree(foo); + free(foo); + return; + +NOTE: leakFree aborts with an assertion if you give it a +pointer that was never added with leakAdd. + + +

+The definition of a leak is memory that was allocated but never +freed. Thus, to find a leak we need to track the pointer between +the time it got allocated and the time when it should have been +freed. Use leakTouch to accomplish this. You can sprinkle +leakTouch calls throughout the code where the pointer is +used. For example: + +void +myfunc(void *ptr) +{ + ... + leakTouch(ptr); + ... +} + +NOTE: leakTouch aborts with an assertion if you give it +a pointer that was never added with leakAdd, or if the +pointer was already freed. + +

+For each pointer tracked, the module remembers the filename, line +number, and time of last access. You can view this data with the +cache manager by selecting the leaks option. You can also +do it from the command line: + +% client mgr:leaks | less + + +

+The way to identify possible leaks is to look at the time of last +access. Pointers that haven't been accessed for a long time are +candidates for leaks. The filename and line numbers tell you where +that pointer was last accessed. If there is a leak, then the bug +occurs somewhere after that point of the code. +

Index: squid/errors/Makefile.in =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Attic/Makefile.in,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/errors/Makefile.in 23 Oct 2000 15:04:18 -0000 1.3 +++ squid/errors/Makefile.in 27 Feb 2001 14:18:23 -0000 1.3.6.1 @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.3 2000/10/23 15:04:18 hno Exp $ +# $Id: Makefile.in,v 1.3.6.1 2001/02/27 14:18:23 rvenning Exp $ # prefix = @prefix@ exec_prefix = @exec_prefix@ @@ -34,15 +34,15 @@ install-mkdirs: -@if test ! -d $(prefix); then \ echo "mkdir $(prefix)"; \ - mkdir $(prefix); \ + mkdir -p $(prefix); \ fi -@if test ! -d $(sysconfdir); then \ echo "mkdir $(sysconfdir)"; \ - mkdir $(sysconfdir); \ + mkdir -p $(sysconfdir); \ fi -@if test ! -d $(DEFAULT_ERROR_DIR); then \ echo "mkdir $(DEFAULT_ERROR_DIR)"; \ - mkdir $(DEFAULT_ERROR_DIR); \ + mkdir -p $(DEFAULT_ERROR_DIR); \ fi # undocumented hack. You can use this target to create multi-lingual Index: squid/errors/Danish/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Danish/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Danish/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Danish/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:23 -0000 1.1.1.1.32.1 @@ -29,6 +29,6 @@ opfylder HTTP/1.1 standarden. Kontakt
cache administratoren hvis du har problemer med at autenticiere dig eller -skift dit +skift dit password.

Index: squid/errors/Dutch/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Dutch/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/Dutch/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/errors/Dutch/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:24 -0000 1.1.1.1.42.1 @@ -24,5 +24,5 @@

-U dient Netscape 2.0 of recenter, Microsoft Internet Explorer 3.0, of een HTTP/1.1 compatibele browser te gebruiken om dit te laten werken. Neem contact op met de cache beheerder als u problemen heeft om uzelf te identificeren of verander hier uw standaard wachtwoord. +U dient Netscape 2.0 of recenter, Microsoft Internet Explorer 3.0, of een HTTP/1.1 compatibele browser te gebruiken om dit te laten werken. Neem contact op met de cache beheerder als u problemen heeft om uzelf te identificeren of verander hier uw standaard wachtwoord.

Index: squid/errors/English/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/English/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/English/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/errors/English/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:24 -0000 1.1.1.1.42.1 @@ -28,5 +28,5 @@ Explorer 3.0, or an HTTP/1.1 compliant browser for this to work. Please contact the cache administrator if you have difficulties authenticating yourself or -change your default password. +change your default password.

Index: squid/errors/Estonian/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Estonian/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.2 retrieving revision 1.2.8.1 diff -u -r1.2 -r1.2.8.1 --- squid/errors/Estonian/ERR_CACHE_ACCESS_DENIED 21 Oct 2000 15:16:09 -0000 1.2 +++ squid/errors/Estonian/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:24 -0000 1.2.8.1 @@ -28,5 +28,5 @@ nagu Netscape versioon 2.0 või uuem, või MS Internet Explorer 3.0. Palun kontakteeruge vahemälu serveri administraatoriga, kui teil on probleeme autoriseerimisega või -vahetage/a> oma parool. +vahetage/a> oma parool.

Index: squid/errors/Finnish/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Finnish/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Finnish/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Finnish/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:24 -0000 1.1.1.1.32.1 @@ -28,5 +28,5 @@ Microsoft Internet Explorer 3.0:aa tai HTTP/1.1 -yhteensopivaa selainta. Jos sinulla on hankaluuksia hekilöllisyytesi todentamisessa, ota yhteyttä
välityspalvelimen ylläpitoon tai -vaihda oletussalasanasi. +vaihda oletussalasanasi.

Index: squid/errors/French/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/French/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/French/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/errors/French/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:24 -0000 1.1.1.1.42.1 @@ -29,5 +29,5 @@ Internet Explorer 3.0, ou un navigateur conforme à HTTP/1.1 pour que ceci fonctionne. Veuillez contacter l'administrateur du cache si vous avez des difficultés à vous authentifier, ou -changez votre mot de passe. +changez votre mot de passe.

Index: squid/errors/German/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/German/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/German/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/errors/German/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:24 -0000 1.1.1.1.42.1 @@ -27,5 +27,5 @@ Explorer 3.0 oder einen anderen HTTP/1.1 Browser. Bitte kontaktieren Sie den Cache-Administrator, wenn Sie Probleme haben, sich zu authentifizieren, oder -ändern Sie Ihr Passwort. +ändern Sie Ihr Passwort.

Index: squid/errors/Hungarian/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Hungarian/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/Hungarian/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/errors/Hungarian/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:24 -0000 1.1.1.1.42.1 @@ -27,6 +27,6 @@ Netscape 2.0 (vagy magasabb verziószámú) vagy Microsoft Internet Explorer 3.0 vagy egyéb HTTP/1.1 kompatibilis böngészõ segítségével jelentkezhet be rendszerünkbe. Kérjük, forduljon a cache adminisztrátorhoz amennyiben nem -sikerül bejelentkeznie vagy megváltoztatnia +sikerül bejelentkeznie vagy megváltoztatnia eredetileg beállított jelszavát.

Index: squid/errors/Italian/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Italian/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/Italian/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/errors/Italian/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:25 -0000 1.1.1.1.42.1 @@ -29,6 +29,6 @@ ciò sia possibile. Contattate l'amministratore della cache se avete difficoltà ad autenticarvi o -cambiate la vostra +cambiate la vostra password.

Index: squid/errors/Japanese/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Japanese/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/Japanese/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:23:10 -0000 1.1.1.1 +++ squid/errors/Japanese/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:25 -0000 1.1.1.1.42.1 @@ -30,5 +30,5 @@ ¤Ã¤Æ¡¤Ç§¾Ú¤ò¹Ô¤¦¤³¤È¤¬¤Ç¤­¤Þ¤¹¡¥¤â¤·¡¤¤¢¤Ê¤¿¤¬¤¢¤Ê¤¿¼«¿È¤Îǧ¾Ú¤ò¹Ô¤¦¤³¤È ¤¬Æñ¤·¤¤¾ì¹ç¤Ë¤Ï¡¤¥­¥ã¥Ã¥·¥å´ÉÍý¼Ô¤ËÏ¢Íí¤¹¤ë¤«¡¤ ¤¢¤Ê¤¿¤Î¥Ç¥Õ¥©¥ë¥È¤Î¥Ñ¥¹¥ï¡¼¥É¤ò -Êѹ¹¤·¤Æ¤¯¤À¤µ¤¤¡¥ +Êѹ¹¤·¤Æ¤¯¤À¤µ¤¤¡¥

Index: squid/errors/Korean/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Korean/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Korean/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Korean/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:25 -0000 1.1.1.1.32.1 @@ -28,5 +28,5 @@ Internet Explorer 3.0 ¶Ç´Â HTTP/1.1ÀÌ Áö¿øµÇ´Â ºê¶ó¿ìÁ®¸¦ »ç¿ëÇØ¾ß ÇÕ´Ï´Ù. ¹®Á¦°¡ ÀÖÀ» ¶§´Â ij½¬ °ü¸®ÀÚ ¿¡°Ô ¿äûÇϽðųª óÀ½¿¡ ºÎ¿©µÇ´Â ÆÐ½º¿öµå¸¦ -¹Ù²Ù½Ê½Ã¿À. +¹Ù²Ù½Ê½Ã¿À.

Index: squid/errors/Polish/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Polish/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/Polish/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/errors/Polish/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:25 -0000 1.1.1.1.42.1 @@ -26,7 +26,7 @@

Musisz u¿ywaæ Netscape 2.0 lub nowszej lub Microsoft Internet Explorer 3.0 lub innej przegl±darki zgodnej z HTTP/1.1. Skontaktuj siê z administratorem -serwera cache je¶li masz trudno¶ci z autoryzacj± lub zmieñ  +serwera cache je¶li masz trudno¶ci z autoryzacj± lub zmieñ  haslo. Index: squid/errors/Portuguese/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Portuguese/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/Portuguese/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/errors/Portuguese/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:25 -0000 1.1.1.1.42.1 @@ -27,6 +27,6 @@ Você deve usar o Netscape versão 2.0 ou maior, ou Microsoft Internet Explorer 3.0, ou um browser que obedeça ao HTTP/1.1. Por favor, contate o administrador do cache se você tiver -dificuldades para se autenticar ou, altere +dificuldades para se autenticar ou, altere sua senha.

Index: squid/errors/Romanian/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Romanian/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Romanian/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Romanian/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:25 -0000 1.1.1.1.32.1 @@ -28,5 +28,5 @@ Internet Explorer 3.0, sau un browser care cunoaºte HTTP/1.1 pentru a vã putea autentica. Vã rugãm contactaþi administratorul cache-ului daca aveþi dificultãþi în autentificare -sau schimbaþi-vã parola. +sau schimbaþi-vã parola.

Index: squid/errors/Russian-1251/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Russian-1251/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/Russian-1251/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/errors/Russian-1251/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:25 -0000 1.1.1.1.42.1 @@ -27,6 +27,6 @@ Äëÿ ýòîãî Âàì íåîáõîäèì Netscape âåðñèè 2.0 ëèáî âûøå, èëè Microsoft Internet Explorer 3.0, èëè HTTP/1.1 ñîâìåñòèìûé áðîóçåð. Ïîæàëóéñòà ñâÿæèòåñü ñ àäìèíèñòðàòîðîì êýøà, åñëè ó Âàñ âîçíèêëè ïðîáëåìû -ñ àóòåíòèôèêàöèåé, ëèáî ñìåíèòå +ñ àóòåíòèôèêàöèåé, ëèáî ñìåíèòå Âàø ïàðîëü ïî óìîë÷àíèþ.

Index: squid/errors/Russian-koi8-r/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Russian-koi8-r/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/Russian-koi8-r/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/errors/Russian-koi8-r/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:26 -0000 1.1.1.1.42.1 @@ -28,6 +28,6 @@ äÌÑ ÜÔÏÇÏ ÷ÁÍ ÎÅÏÂÈÏÄÉÍ Netscape ×ÅÒÓÉÉ 2.0 ÌÉÂÏ ×ÙÛÅ, ÉÌÉ Microsoft Internet Explorer 3.0, ÉÌÉ HTTP/1.1 ÓÏ×ÍÅÓÔÉÍÙÊ ÂÒÏÕÚÅÒ. ðÏÖÁÌÕÊÓÔÁ Ó×ÑÖÉÔÅÓØ Ó ÁÄÍÉÎÉÓÔÒÁÔÏÒÏÍ ËÜÛÁ, ÅÓÌÉ Õ ÷ÁÓ ×ÏÚÎÉËÌÉ ÐÒÏÂÌÅÍÙ -Ó ÁÕÔÅÎÔÉÆÉËÁÃÉÅÊ, ÌÉÂÏ ÓÍÅÎÉÔÅ +Ó ÁÕÔÅÎÔÉÆÉËÁÃÉÅÊ, ÌÉÂÏ ÓÍÅÎÉÔÅ ÷ÁÛ ÐÁÒÏÌØ ÐÏ ÕÍÏÌÞÁÎÉÀ.

Index: squid/errors/Simplify_Chinese/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Simplify_Chinese/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.2 retrieving revision 1.2.8.1 diff -u -r1.2 -r1.2.8.1 --- squid/errors/Simplify_Chinese/ERR_CACHE_ACCESS_DENIED 21 Oct 2000 16:44:45 -0000 1.2 +++ squid/errors/Simplify_Chinese/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:26 -0000 1.2.8.1 @@ -32,11 +32,11 @@ Explorer 3.0, or an HTTP/1.1 compliant browser for this to work. Please contact the cache administrator if you have difficulties authenticating yourself or -change your default password. +change your default password.
ÄúÐèҪʹÓà Netscape version 2.0 »ò¸üеİ汾£¬»òÊÇʹÓà Microsoft Internet Explorer 3.0£¬»òÊÇÒ»¸ö HTTP/1.1 ÏàÈݵÄä¯ÀÀÆ÷À´½øÐй¤×÷¡£Èç¹ûÄúÔÚÉí·ÝÑéÖ¤ÉÏ ·¢ÉúÀ§ÄÑ£¬ÇëÓë ¹ÜÀíÕß ÁªÏµ¡£ -»òÊǸü¸ÄÄúµÄÃÜÂë¡£ +»òÊǸü¸ÄÄúµÄÃÜÂë¡£

±¾»º´æ·þÎñÆ÷¹ÜÀíÔ±£º%w Index: squid/errors/Slovak/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Slovak/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/Slovak/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:23:10 -0000 1.1.1.1 +++ squid/errors/Slovak/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:26 -0000 1.1.1.1.42.1 @@ -30,5 +30,5 @@ prehliadaè podporujúci protokol HTTP/1.1. Ak máte problém pri autentifikácii, kontaktujte prosím cache administrátora alebo si -zmeòte Va¹e implicitné heslo. +zmeòte Va¹e implicitné heslo.

Index: squid/errors/Spanish/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Spanish/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Spanish/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Spanish/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -27,6 +27,6 @@ Ud. necesita utilizar Netscape version 2.0 o superior, o Microsoft Internet Explorer 3.0, o un navegador que cumpla con HTTP/1.1 para que funcione. Por favor contacte al administrador del cache si -tiene dificultad para autenticarse o +tiene dificultad para autenticarse o cambie su password.

Index: squid/errors/Swedish/ERR_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_ACCESS_DENIED 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_ACCESS_DENIED 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,23 +1,23 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • -Tillträde Nekas. +Tillträde Nekas.

    -Tillträdeskontrollen förhindrar Er begäran från -att tillåtas vid den här tidpunkten. Vänligen kontakta Er -tjänsteleverantör om Ni finner detta inkorrekt. +Tillträdeskontrollen förhindrar Er begäran från +att tillåtas vid den här tidpunkten. Vänligen kontakta Er +tjänsteleverantör om Ni finner detta inkorrekt.

Index: squid/errors/Swedish/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,31 +1,31 @@ -FEL: Tillträde till Cache Nekas +FEL: Tillträde till Cache Nekas

FEL

-

Tillträde till Cache Nekas

+

Tillträde till Cache Nekas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • -Tillträde till Cache Nekas. +Tillträde till Cache Nekas.

-

Ledsen, Ni är förnärvarande ej berättigad att begära: +

Ledsen, Ni är förnärvarande ej berättigad att begära:

    %U
-från denna cache tills det att Ni har autentifierat Er. +från denna cache tills det att Ni har autentifierat Er.

-

Ni måste använda Netscape version 2.0 eller högre, eller Microsoft Internet -Explorer 3.0, eller en HTTP/1.1 kompatibel läsare för att detta skall fungera. -Vänligen kontakta cacheadministratorn om Ni har svårigh +

Ni måste använda Netscape version 2.0 eller högre, eller Microsoft Internet +Explorer 3.0, eller en HTTP/1.1 kompatibel läsare för att detta skall fungera. +Vänligen kontakta cacheadministratorn om Ni har svårigh eter -med att autentifiera Er själv, eller byt Ert lösenord. +med att autentifiera Er själv, eller byt Ert lösenord.

Index: squid/errors/Swedish/ERR_CACHE_MGR_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_CACHE_MGR_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_CACHE_MGR_ACCESS_DENIED 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_CACHE_MGR_ACCESS_DENIED 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,31 +1,31 @@ -FEL: Tillträde till Cachehanteraren Nekas +FEL: Tillträde till Cachehanteraren Nekas

FEL

-

Tillträde till Cachehanteraren Nekas

+

Tillträde till Cachehanteraren Nekas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • -Tillträde till Cachehanteraren Nekas +Tillträde till Cachehanteraren Nekas

-

Ledsen, Ni är förnärvarande ej berättigad att begära: +

Ledsen, Ni är förnärvarande ej berättigad att begära:

    %U
-från denna cache tills det att Ni har autentifierat Er. +från denna cache tills det att Ni har autentifierat Er.

-

Ni måste använda Netscape version 2.0 eller högre, eller Microsoft Internet -Explorer 3.0, eller en HTTP/1.1 kompatibel läsare för att detta skall fungera. -Vänligen kontakta cacheadministratorn om Ni har svårigheter -med att autentifiera Er själv, om Ni är -administratorn, läs Squid dokumentationen om cache hanterar interfacet och kontrollera -cache loggen för mer detaljerade felmeddelanden.

+

Ni måste använda Netscape version 2.0 eller högre, eller Microsoft Internet +Explorer 3.0, eller en HTTP/1.1 kompatibel läsare för att detta skall fungera. +Vänligen kontakta cacheadministratorn om Ni har svårigheter +med att autentifiera Er själv, om Ni är +administratorn, läs Squid dokumentationen om cache hanterar interfacet och kontrollera +cache loggen för mer detaljerade felmeddelanden.

Index: squid/errors/Swedish/ERR_CANNOT_FORWARD =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_CANNOT_FORWARD,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_CANNOT_FORWARD 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_CANNOT_FORWARD 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,27 +1,27 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • -Kunde ej vidarebefodra förfrågan vid detta tillfälle. +Kunde ej vidarebefodra förfrågan vid detta tillfälle.

-Denna förfrågan kunde ej vidarebefodras till ursprunglig server eller till -överliggande cache-noder. Den mest sannolika anledningen till detta fel är: +Denna förfrågan kunde ej vidarebefodras till ursprunglig server eller till +överliggande cache-noder. Den mest sannolika anledningen till detta fel är:

    -
  • Cacheadministratorn tillåter inte denna cache att göra +
  • Cacheadministratorn tillåter inte denna cache att göra direkta anslutningar till ursprungliga servrar, och -
  • alla överliggande cache-noder kan ej nås för tillfället. +
  • alla överliggande cache-noder kan ej nås för tillfället.

Index: squid/errors/Swedish/ERR_CONNECT_FAIL =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_CONNECT_FAIL,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_CONNECT_FAIL 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_CONNECT_FAIL 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,14 +1,14 @@ -FEL: Begärd URL kunde ej hämtas +FEL: Begärd URL kunde ej hämtas

FEL

-

Begärd URL kunde ej hämtas

+

Begärd URL kunde ej hämtas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • @@ -21,5 +21,5 @@
        %E

    -Begärd värd eller nätverk kan vara nere. Vänligen försök igen. +Begärd värd eller nätverk kan vara nere. Vänligen försök igen.

    Index: squid/errors/Swedish/ERR_DNS_FAIL =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_DNS_FAIL,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_DNS_FAIL 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_DNS_FAIL 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,15 +1,15 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas -

    Begärd URL kunde inte hämtas

    +

    Begärd URL kunde inte hämtas


    -Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

    -Mottogs följande fel: +Mottogs följande fel:

    -Kunde inte få fram IP-adressen för värdnamnet. +Kunde inte få fram IP-adressen för värdnamnet. %H
@@ -23,8 +23,8 @@

Detta betyder att:

- Cachen kunde inte lösa upp värdnamnet angivet i sökvägen. 
- Kontrollera att adressen är korrekt. 
+ Cachen kunde inte lösa upp värdnamnet angivet i sökvägen. 
+ Kontrollera att adressen är korrekt. 
 

Index: squid/errors/Swedish/ERR_FORWARDING_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_FORWARDING_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_FORWARDING_DENIED 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_FORWARDING_DENIED 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,14 +1,14 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • @@ -17,6 +17,6 @@

-Denna cache kommer inte vidarebefodra en begäran eftersom den försöker att tvinga sig till en rättighet som den inte har. - Kanske klienten vid %i är en cache som är felkonfigurerad. +Denna cache kommer inte vidarebefodra en begäran eftersom den försöker att tvinga sig till en rättighet som den inte har. + Kanske klienten vid %i är en cache som är felkonfigurerad.

Index: squid/errors/Swedish/ERR_FTP_DISABLED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_FTP_DISABLED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_FTP_DISABLED 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_FTP_DISABLED 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,21 +1,21 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • -FTP är Avstängd +FTP är Avstängd

-Denna cache stödjer inte FTP. +Denna cache stödjer inte FTP.

Index: squid/errors/Swedish/ERR_FTP_FAILURE =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_FTP_FAILURE,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_FTP_FAILURE 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_FTP_FAILURE 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,15 +1,15 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Ett FTP protokollfel inträffade -vid försöket att hämta URL: +Ett FTP protokollfel inträffade +vid försöket att hämta URL: %U

-Squid sände följande FTP kommando: +Squid sände följande FTP kommando:

%f
och fick till svar
%F
Index: squid/errors/Swedish/ERR_FTP_FORBIDDEN =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_FTP_FORBIDDEN,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_FTP_FORBIDDEN 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_FTP_FORBIDDEN 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,15 +1,15 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Ett misslyckande vid FTP autentifiering inträffade -vid försöket att hämta URL: +Ett misslyckande vid FTP autentifiering inträffade +vid försöket att hämta URL: %U

-Squid sände följande FTP kommando: +Squid sände följande FTP kommando:

%f
och fick till svar
%F
Index: squid/errors/Swedish/ERR_FTP_NOT_FOUND =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_FTP_NOT_FOUND,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_FTP_NOT_FOUND 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_FTP_NOT_FOUND 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,21 +1,21 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Följande URL kunde inte hämtas: +Följande URL kunde inte hämtas: %U

-Squid sände följande FTP kommando: +Squid sände följande FTP kommando:

%f
och fick till svar
%F
%g

-Detta kan orsakas av en FTP URL med en absolut sökväg (vilket inte -överensstämmer med RFC 1738). Om detta är orsaken, kan filen -återfinnas vid %B. +Detta kan orsakas av en FTP URL med en absolut sökväg (vilket inte +överensstämmer med RFC 1738). Om detta är orsaken, kan filen +återfinnas vid %B.

Index: squid/errors/Swedish/ERR_FTP_PUT_ERROR =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_FTP_PUT_ERROR,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_FTP_PUT_ERROR 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_FTP_PUT_ERROR 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -2,13 +2,13 @@ FEL: FTP skicka misslyckades

FEL

-

FTP SKICKA/överföra misslyckades

+

FTP SKICKA/överföra misslyckades


-Vid försöket att SKICKA följande URL: +Vid försöket att SKICKA följande URL: %U

-Squid sände följande FTP kommando: +Squid sände följande FTP kommando:


         %f
 
@@ -19,7 +19,7 @@

Prova att:

-Kontrollera sökväg, rättigheter, diskutrymme och försök igen.
+Kontrollera sökväg, rättigheter, diskutrymme och försök igen.
 

Index: squid/errors/Swedish/ERR_FTP_UNAVAILABLE =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_FTP_UNAVAILABLE,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_FTP_UNAVAILABLE 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_FTP_UNAVAILABLE 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,14 +1,14 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-FTP servern var ej tillgänglig vid försöket att hämta URL: +FTP servern var ej tillgänglig vid försöket att hämta URL: %U

-Squid sände följande FTP kommando: +Squid sände följande FTP kommando:

%f
och fick till svar
%F
Index: squid/errors/Swedish/ERR_INVALID_REQ =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_INVALID_REQ,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_INVALID_REQ 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_INVALID_REQ 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,31 +1,31 @@ -FEL: Begärd URL kunde ej hämtas +FEL: Begärd URL kunde ej hämtas

FEL

-

Begärd URL kunde ej hämtas

+

Begärd URL kunde ej hämtas


-Vid försöket att behandla förfrågan: +Vid försöket att behandla förfrågan:

 %R
 

-Mottogs följande fel: +Mottogs följande fel:

  • -Felaktig Förfrågan +Felaktig Förfrågan

-Någon eller några aspekter av HTTP förfrågan är felaktiga. Möjliga problem: +Någon eller några aspekter av HTTP förfrågan är felaktiga. Möjliga problem:

    -
  • Avsaknad eller okänd method för förfrågan +
  • Avsaknad eller okänd method för förfrågan
  • Avsaknad URL
  • Avsaknad HTTP identifierare (HTTP/1.0) -
  • Förfrågan är för stor -
  • Innehållslängden saknas för POST(posta) eller PUT(sätt) förfrågan -
  • Ej tillåtet tecken i värdnamnet; '_' är ej tillåtna +
  • Förfrågan är för stor +
  • Innehållslängden saknas för POST(posta) eller PUT(sätt) förfrågan +
  • Ej tillåtet tecken i värdnamnet; '_' är ej tillåtna

Index: squid/errors/Swedish/ERR_INVALID_URL =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_INVALID_URL,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_INVALID_URL 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_INVALID_URL 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,14 +1,14 @@ -FEL: Begärd URL kunde ej hämtas +FEL: Begärd URL kunde ej hämtas

FEL

-

Begärd URL kunde ej hämtas

+

Begärd URL kunde ej hämtas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • @@ -17,11 +17,11 @@

-Någon eller några aspekter av begärd URL är inkorrekta. Möjliga problem: +Någon eller några aspekter av begärd URL är inkorrekta. Möjliga problem:

    -
  • Avsaknat eller felaktigt tillträdesprotokoll (ska vara `http://'' eller liknande) -
  • Avsaknat värdnamn -
  • Ej tillåten dubbel-escape i URL-Sökvägen -
  • Ej tillåtna tecken i värdnamnet; '_' är ej tillåtna +
  • Avsaknat eller felaktigt tillträdesprotokoll (ska vara `http://'' eller liknande) +
  • Avsaknat värdnamn +
  • Ej tillåten dubbel-escape i URL-Sökvägen +
  • Ej tillåtna tecken i värdnamnet; '_' är ej tillåtna

Index: squid/errors/Swedish/ERR_LIFETIME_EXP =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_LIFETIME_EXP,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_LIFETIME_EXP 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_LIFETIME_EXP 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,14 +1,14 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • @@ -17,5 +17,5 @@

-Squid har terminerat Er begäran på grund av att den har överskridikt den tillåtna livstiden för en anslutning. +Squid har terminerat Er begäran på grund av att den har överskridikt den tillåtna livstiden för en anslutning.

Index: squid/errors/Swedish/ERR_NO_RELAY =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_NO_RELAY,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_NO_RELAY 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_NO_RELAY 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,14 +1,14 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • @@ -17,5 +17,5 @@

-Det finns ingen WAIS Relay värd definerad för denna cache! Skrik på din administratör. +Det finns ingen WAIS Relay värd definerad för denna cache! Skrik på din administratör.

Index: squid/errors/Swedish/ERR_ONLY_IF_CACHED_MISS =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_ONLY_IF_CACHED_MISS,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_ONLY_IF_CACHED_MISS 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_ONLY_IF_CACHED_MISS 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,26 +1,26 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • -Senaste dokumentet återfanns inte i cachen och bara-om-i-cache -direktivet är satt. +Senaste dokumentet återfanns inte i cachen och bara-om-i-cache +direktivet är satt.

-Du har begärt ett dokument med bara-om-i-cache cache kontroll -direktivet. Dokumentet återfanns inte i cache databasen, eller det krävs en uppdatering av cache databasen, men förhindras av +Du har begärt ett dokument med bara-om-i-cache cache kontroll +direktivet. Dokumentet återfanns inte i cache databasen, eller det krävs en uppdatering av cache databasen, men förhindras av bara-om-i-cache direktivet.

Index: squid/errors/Swedish/ERR_READ_ERROR =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_READ_ERROR,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_READ_ERROR 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_READ_ERROR 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,18 +1,18 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • -Läsfel +Läsfel
@@ -21,6 +21,6 @@
    %E

-Ett fel inträffade vid försök att läsa data från nätverket. Vänligen -försök igen. +Ett fel inträffade vid försök att läsa data från nätverket. Vänligen +försök igen.

Index: squid/errors/Swedish/ERR_READ_TIMEOUT =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_READ_TIMEOUT,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_READ_TIMEOUT 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_READ_TIMEOUT 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,18 +1,18 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

  • -Läsningen fick en timeout +Läsningen fick en timeout
@@ -21,5 +21,5 @@
    %E

-En timeout inträffade i väntan på att få läsa data från nätverket. Antingen är servern nere eller också är nätverket tungt belastat. Vänligen försök igen. +En timeout inträffade i väntan på att få läsa data från nätverket. Antingen är servern nere eller också är nätverket tungt belastat. Vänligen försök igen.

Index: squid/errors/Swedish/ERR_SHUTTING_DOWN =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_SHUTTING_DOWN,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_SHUTTING_DOWN 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_SHUTTING_DOWN 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,15 +1,15 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

FEL

-

Begärd URL kunde inte hämtas

+

Begärd URL kunde inte hämtas


-Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

-Mottogs följande fel: +Mottogs följande fel:

    -Denna cache håller på att stänga av sig och kan därför inte behandla din förfrågan. Vänligen försök igen lite senare. +Denna cache håller på att stänga av sig och kan därför inte behandla din förfrågan. Vänligen försök igen lite senare.

    Index: squid/errors/Swedish/ERR_SOCKET_FAILURE =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_SOCKET_FAILURE,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_SOCKET_FAILURE 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_SOCKET_FAILURE 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,14 +1,14 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

    FEL

    -

    Begärd URL kunde inte hämtas

    +

    Begärd URL kunde inte hämtas


    -Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

    -Mottogs följande fel: +Mottogs följande fel:

    • @@ -21,6 +21,6 @@
          %E

      -Squid kan inte skapa en TCP socket, gissningsvis på grund av tung last. -Vänligen försök igen. +Squid kan inte skapa en TCP socket, gissningsvis på grund av tung last. +Vänligen försök igen.

      Index: squid/errors/Swedish/ERR_TOO_BIG =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_TOO_BIG,v retrieving revision 1.2 retrieving revision 1.2.8.1 diff -u -r1.2 -r1.2.8.1 --- squid/errors/Swedish/ERR_TOO_BIG 21 Oct 2000 15:16:10 -0000 1.2 +++ squid/errors/Swedish/ERR_TOO_BIG 27 Feb 2001 14:18:26 -0000 1.2.8.1 @@ -1,26 +1,26 @@ -FEL: Den beg\xe4rda URL:en kunde inte h\xe4mtas +FEL: Den begärda URL:en kunde inte hämtas

      FEL

      -

      Den beg\xe4rda URL:en kunde inte h\xe4mtas

      +

      Den begärda URL:en kunde inte hämtas


      -När följande URL försöktes hämtas: +När följande URL försöktes hämtas: %U

      -Inträffade följande fel: +Inträffade följande fel:

      • -Begäran är för stor. +Begäran är för stor.

        -Ifall du utför en POST eller PUT begäran, så är begäran -(det du försöker ladda upp) för stor. Ifall du utförde -en GET begäran, så är svaret (det du försöker ladda ned) -för stort. Dessa gränser är inställda av den internet -leverantör som handhar den här cacheservern. Var vänlig -kontakta dem direkt ifall du anser att detta är ett fel. +Ifall du utför en POST eller PUT begäran, så är begäran +(det du försöker ladda upp) för stor. Ifall du utförde +en GET begäran, så är svaret (det du försöker ladda ned) +för stort. Dessa gränser är inställda av den internet +leverantör som handhar den här cacheservern. Var vänlig +kontakta dem direkt ifall du anser att detta är ett fel.

      -Din cacheserver administratör är %w. +Din cacheserver administratör är %w. Index: squid/errors/Swedish/ERR_UNSUP_REQ =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_UNSUP_REQ,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_UNSUP_REQ 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_UNSUP_REQ 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,23 +1,23 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

      FEL

      -

      Begärd URL kunde inte hämtas

      +

      Begärd URL kunde inte hämtas


      -Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

      -Mottogs följande fel: +Mottogs följande fel:

      • -Ej stöd för begärd metod och protokoll +Ej stöd för begärd metod och protokoll

      -Squid stödjer inte alla frågemetoder för alla protokoll. -Till exempel, Ni kan inte POST'a en Gopher förfrågan. +Squid stödjer inte alla frågemetoder för alla protokoll. +Till exempel, Ni kan inte POST'a en Gopher förfrågan.

      Index: squid/errors/Swedish/ERR_URN_RESOLVE =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_URN_RESOLVE,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_URN_RESOLVE 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_URN_RESOLVE 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,21 +1,21 @@ -FEL: Begärd URN kunde inte hämtas +FEL: Begärd URN kunde inte hämtas

      FEL

      -

      En URL för begärd URN kunde inte hämtas

      +

      En URL för begärd URN kunde inte hämtas


      -Vid försöket att hämta URN: +Vid försöket att hämta URN: %U

      -Mottogs följande fel: +Mottogs följande fel:

      • -Kan inte lösa upp URN namnet +Kan inte lösa upp URN namnet

      -Men hallå, förvänta dig inte för mycket från en URNs på %T :) +Men hallå, förvänta dig inte för mycket från en URNs på %T :)

      Index: squid/errors/Swedish/ERR_WRITE_ERROR =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_WRITE_ERROR,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_WRITE_ERROR 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_WRITE_ERROR 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,14 +1,14 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

      FEL

      -

      Begärd URL kunde inte hämtas

      +

      Begärd URL kunde inte hämtas


      -Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

      -Mottogs följande fel: +Mottogs följande fel:

      • @@ -21,5 +21,5 @@
            %E

        -Ett fel inträffade vid försök att skriva till nätverket. Vänligen försök igen. +Ett fel inträffade vid försök att skriva till nätverket. Vänligen försök igen.

        Index: squid/errors/Swedish/ERR_ZERO_SIZE_OBJECT =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/ERR_ZERO_SIZE_OBJECT,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/ERR_ZERO_SIZE_OBJECT 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/ERR_ZERO_SIZE_OBJECT 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,21 +1,21 @@ -FEL: Begärd URL kunde inte hämtas +FEL: Begärd URL kunde inte hämtas

        FEL

        -

        Begärd URL kunde inte hämtas

        +

        Begärd URL kunde inte hämtas


        -Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

        -Mottogs följande fel: +Mottogs följande fel:

        • -Storleken på svaret var lika med noll +Storleken på svaret var lika med noll

        -Squid tog inte emot något data för denna förfrågan. +Squid tog inte emot något data för denna förfrågan.

        Index: squid/errors/Swedish/generic =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Swedish/generic,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.32.1 diff -u -r1.1.1.1 -r1.1.1.1.32.1 --- squid/errors/Swedish/generic 26 Jan 2000 03:25:00 -0000 1.1.1.1 +++ squid/errors/Swedish/generic 27 Feb 2001 14:18:26 -0000 1.1.1.1.32.1 @@ -1,14 +1,14 @@ -Fel: Begärd URL kunde inte hämtas +Fel: Begärd URL kunde inte hämtas

        FEL

        -

        Begärd URL kunde inte hämtas

        +

        Begärd URL kunde inte hämtas


        -Vid försöket att hämta URL: +Vid försöket att hämta URL: %U

        -Mottogs följande fel: +Mottogs följande fel:

        • @@ -21,7 +21,7 @@
              %E

          -Detta innebär att: +Detta innebär att:

               @LONG_DESCRIPTION@
           
          Index: squid/errors/Traditional_Chinese/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Traditional_Chinese/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/Traditional_Chinese/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:23:10 -0000 1.1.1.1 +++ squid/errors/Traditional_Chinese/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:26 -0000 1.1.1.1.42.1 @@ -31,11 +31,11 @@ Explorer 3.0, or an HTTP/1.1 compliant browser for this to work. Please contact the cache administrator if you have difficulties authenticating yourself or -change your default password. +change your default password.

          ±z»Ý­n¨Ï¥Î Netscape version 2.0 ©Î§ó·sªºª©¥»¡A©Î¬O¨Ï¥Î Microsoft Internet Explorer 3.0¡A©Î¬O¤@­Ó¬Û®e HTTP/1.1 ªºÂsÄý¾¹¨Ó¶i¦æ¤u§@¡C¦pªG±z¦b¨­¥÷ÅçÃÒ¤W µo¥Í§xÃø¡A½Ð»P ºÞ²zªÌ Ápô¡C -©Î¬O§ó§ï±zªº±K½X¡C +©Î¬O§ó§ï±zªº±K½X¡C

          Index: squid/errors/Turkish/ERR_CACHE_ACCESS_DENIED =================================================================== RCS file: /cvsroot/squid-sf//squid/errors/Turkish/ERR_CACHE_ACCESS_DENIED,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/errors/Turkish/ERR_CACHE_ACCESS_DENIED 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/errors/Turkish/ERR_CACHE_ACCESS_DENIED 27 Feb 2001 14:18:26 -0000 1.1.1.1.42.1 @@ -25,5 +25,5 @@ Netscape 2.0 veya üstü, Microsoft Internet Exporer 3.0 veya üstü, veya herhangi HTTP/1.1 uyumlu tarayýcý kullandýðýnýza emin olun. Lütfen Cache Yöneticisi ile baðlantýya geçin, veya þifrenizi deðiþtirmek için -buraya týklayýn. +buraya týklayýn.

          Index: squid/icons/Makefile.in =================================================================== RCS file: /cvsroot/squid-sf//squid/icons/Attic/Makefile.in,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/icons/Makefile.in 23 Oct 2000 15:04:18 -0000 1.3 +++ squid/icons/Makefile.in 27 Feb 2001 14:18:26 -0000 1.3.6.1 @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.3 2000/10/23 15:04:18 hno Exp $ +# $Id: Makefile.in,v 1.3.6.1 2001/02/27 14:18:26 rvenning Exp $ # prefix = @prefix@ exec_prefix = @exec_prefix@ @@ -17,8 +17,8 @@ INSTALL_FILE = @INSTALL_DATA@ DEFAULT_ICON_DIR = $(sysconfdir)/icons -ICONS = anthony-binhex.gif \ - anthony-bomb.gif \ +ICON1 = anthony-binhex.gif +ICON2 = anthony-bomb.gif \ anthony-box.gif \ anthony-box2.gif \ anthony-c.gif \ @@ -44,8 +44,15 @@ anthony-unknown.gif \ anthony-xbm.gif \ anthony-xpm.gif +ICONS = $(ICON1) $(ICON2) -all: +all: $(ICONS) + +# The magic with ICON1,2 is to have a single dependency +# for all of the icons. +$(ICON2): $(ICON1) +$(ICON1): + @$(SHELL) -c "cd $(srcdir); $(SHELL) icons.shar" icons.shar: shar --no-timestamp $(ICONS) > $@ @@ -63,15 +70,15 @@ install-mkdirs: -@if test ! -d $(prefix); then \ echo "mkdir $(prefix)"; \ - mkdir $(prefix); \ + mkdir -p $(prefix); \ fi -@if test ! -d $(sysconfdir); then \ echo "mkdir $(sysconfdir)"; \ - mkdir $(sysconfdir); \ + mkdir -p $(sysconfdir); \ fi -@if test ! -d $(DEFAULT_ICON_DIR); then \ echo "mkdir $(DEFAULT_ICON_DIR)"; \ - mkdir $(DEFAULT_ICON_DIR); \ + mkdir -p $(DEFAULT_ICON_DIR); \ fi clean: Index: squid/include/Array.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/Array.h,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/include/Array.h 23 Oct 2000 15:04:18 -0000 1.2 +++ squid/include/Array.h 27 Feb 2001 14:18:26 -0000 1.2.6.1 @@ -1,15 +1,19 @@ /* - * $Id: Array.h,v 1.2 2000/10/23 15:04:18 hno Exp $ + * $Id: Array.h,v 1.2.6.1 2001/02/27 14:18:26 rvenning Exp $ * * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ - * -------------------------------------------------------- + * SQUID Web Proxy Cache http://www.squid-cache.org/ + * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by - * the National Science Foundation. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -39,11 +43,11 @@ } Array; -extern Array *arrayCreate(); +extern Array *arrayCreate(void); extern void arrayInit(Array * s); extern void arrayClean(Array * s); -extern void arrayDestroy(Array *s); -extern void arrayAppend(Array *s, void *obj); +extern void arrayDestroy(Array * s); +extern void arrayAppend(Array * s, void *obj); extern void arrayPreAppend(Array * s, int app_count); Index: squid/include/Stack.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/Stack.h,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/include/Stack.h 23 Oct 2000 15:04:18 -0000 1.2 +++ squid/include/Stack.h 27 Feb 2001 14:18:26 -0000 1.2.6.1 @@ -1,15 +1,19 @@ /* - * $Id: Stack.h,v 1.2 2000/10/23 15:04:18 hno Exp $ + * $Id: Stack.h,v 1.2.6.1 2001/02/27 14:18:26 rvenning Exp $ * * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ - * -------------------------------------------------------- + * SQUID Web Proxy Cache http://www.squid-cache.org/ + * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by - * the National Science Foundation. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -38,9 +42,9 @@ #define stackInit arrayInit #define stackClean arrayClean #define stackDestroy arrayDestroy -extern void *stackPop(Stack *s); +extern void *stackPop(Stack * s); #define stackPush arrayAppend #define stackPrePush arrayPreAppend -extern void *stackTop(Stack *s); +extern void *stackTop(Stack * s); #endif /* ndef _STACK_H_ */ Index: squid/include/asn1.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/asn1.h,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/include/asn1.h 23 Oct 2000 15:04:18 -0000 1.2 +++ squid/include/asn1.h 27 Feb 2001 14:18:26 -0000 1.2.6.1 @@ -28,7 +28,7 @@ * ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS * SOFTWARE. * - * $Id: asn1.h,v 1.2 2000/10/23 15:04:18 hno Exp $ + * $Id: asn1.h,v 1.2.6.1 2001/02/27 14:18:26 rvenning Exp $ * **********************************************************************/ @@ -96,6 +96,6 @@ #ifdef __cplusplus } -#endif +#endif #endif /* _SNMP_ASN1_H_ */ Index: squid/include/config.h.in =================================================================== RCS file: /cvsroot/squid-sf//squid/include/Attic/config.h.in,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/include/config.h.in 24 Feb 2001 12:20:40 -0000 1.3.6.1 +++ squid/include/config.h.in 27 Feb 2001 14:18:26 -0000 1.3.6.2 @@ -1,15 +1,19 @@ /* - * $Id: config.h.in,v 1.3.6.1 2001/02/24 12:20:40 rvenning Exp $ + * $Id: config.h.in,v 1.3.6.2 2001/02/27 14:18:26 rvenning Exp $ * * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ - * -------------------------------------------------------- + * SQUID Web Proxy Cache http://www.squid-cache.org/ + * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by - * the National Science Foundation. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/include/heap.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/heap.h,v retrieving revision 1.3 retrieving revision 1.3.10.1 diff -u -r1.3 -r1.3.10.1 --- squid/include/heap.h 23 Oct 2000 15:04:18 -0000 1.3 +++ squid/include/heap.h 27 Feb 2001 14:18:26 -0000 1.3.10.1 @@ -1,15 +1,19 @@ /* - * $Id: heap.h,v 1.3 2000/10/23 15:04:18 hno Exp $ + * $Id: heap.h,v 1.3.10.1 2001/02/27 14:18:26 rvenning Exp $ * * AUTHOR: John Dilley, Hewlett Packard * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ - * -------------------------------------------------------- + * SQUID Web Proxy Cache http://www.squid-cache.org/ + * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by - * the National Science Foundation. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/include/md5.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/md5.h,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/include/md5.h 23 Oct 2000 15:04:18 -0000 1.2 +++ squid/include/md5.h 27 Feb 2001 14:18:26 -0000 1.2.6.1 @@ -1,5 +1,5 @@ /* - * $Id: md5.h,v 1.2 2000/10/23 15:04:18 hno Exp $ + * $Id: md5.h,v 1.2.6.1 2001/02/27 14:18:26 rvenning Exp $ */ #ifndef MD5_H @@ -37,7 +37,7 @@ } MD5_CTX; void MD5Init(MD5_CTX *); -void MD5Update(MD5_CTX *, unsigned char *, unsigned int); +void MD5Update(MD5_CTX *, const unsigned char *, unsigned int); void MD5Final(unsigned char[16], MD5_CTX *); #define MD5_DIGEST_CHARS 16 Index: squid/include/ntlmauth.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/ntlmauth.h,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- squid/include/ntlmauth.h 25 Feb 2001 22:02:55 -0000 1.4 +++ squid/include/ntlmauth.h 27 Feb 2001 14:18:26 -0000 1.4.2.1 @@ -53,8 +53,7 @@ #ifndef _NTLMAUTH_H_ #define _NTLMAUTH_H_ -/* int*_t */ -#include "squid_types.h" +#include /* for *int32_t */ /* All of this cruft is little endian */ #ifdef WORDS_BIGENDIAN @@ -65,17 +64,6 @@ #define WSWAP(x) (x) #endif -#ifdef HAVE_BYTESWAP_H -#include -#define bswap16(x) bswap_16(x) -#define bswap32(x) bswap_32(x) -#else /* HAVE_BISTWAP_H */ -#define bswap16(x) ((((x) >> 8) & 0xff) | (((x) & 0xff) << 8)) -#define bswap32(x) \ - ((((x) & 0xff000000) >> 24) | (((x) & 0x00ff0000) >> 8) | \ - (((x) & 0x0000ff00) << 8) | (((x) & 0x000000ff) << 24)) -#endif /* HAVE_BITSWAP_H */ - /* Used internally. Microsoft seems to think this is right, I believe them. * Right. */ #define MAX_FIELD_LENGTH 300 /* max length of an NTLMSSP field */ Index: squid/include/radix.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/radix.h,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/include/radix.h 23 Oct 2000 15:04:18 -0000 1.2 +++ squid/include/radix.h 27 Feb 2001 14:18:26 -0000 1.2.6.1 @@ -1,5 +1,5 @@ /* - * $Id: radix.h,v 1.2 2000/10/23 15:04:18 hno Exp $ + * $Id: radix.h,v 1.2.6.1 2001/02/27 14:18:26 rvenning Exp $ */ /* @@ -52,14 +52,14 @@ struct radix_node *rn_p; /* parent */ short rn_b; /* bit offset; -1-index(netmask) */ char rn_bmask; /* node: mask for bit test */ - unsigned char rn_flags; /* enumerated next */ + unsigned char rn_flags; /* enumerated next */ #define RNF_NORMAL 1 /* leaf contains normal route */ #define RNF_ROOT 2 /* leaf is root leaf for tree */ #define RNF_ACTIVE 4 /* This node is alive (for rtfree) */ union { struct { /* leaf only data: */ - char * rn_Key; /* object of search */ - char * rn_Mask; /* netmask, if present */ + char *rn_Key; /* object of search */ + char *rn_Mask; /* netmask, if present */ struct radix_node *rn_Dupedkey; } rn_leaf; struct { /* node only data: */ @@ -89,10 +89,10 @@ extern struct radix_mask { short rm_b; /* bit offset; -1-index(netmask) */ char rm_unused; /* cf. rn_bmask */ - unsigned char rm_flags; /* cf. rn_flags */ + unsigned char rm_flags; /* cf. rn_flags */ struct radix_mask *rm_mklist; /* more masks to try */ union { - char * rmu_mask; /* the mask */ + char *rmu_mask; /* the mask */ struct radix_node *rmu_leaf; /* for normal routes */ } rm_rmu; int rm_refs; /* # of references to this struct */ @@ -153,6 +153,6 @@ struct radix_node[2])), *rn_match __P((void *, struct radix_node_head *)), *rn_newpair __P((void *, int, struct radix_node[2])), *rn_search __P((void *, struct radix_node *)), *rn_search_m __P((void *, struct radix_node *, void *)); - +extern struct radix_node *rn_lookup(void *, void *, struct radix_node_head *); #define min(x,y) ((x)<(y)? (x) : (y)) #endif /* _RADIX_H_ */ Index: squid/include/rfc1035.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/rfc1035.h,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/include/rfc1035.h 24 Feb 2001 12:20:40 -0000 1.3.6.1 +++ squid/include/rfc1035.h 27 Feb 2001 14:18:26 -0000 1.3.6.2 @@ -1,15 +1,19 @@ /* - * $Id: rfc1035.h,v 1.3.6.1 2001/02/24 12:20:40 rvenning Exp $ + * $Id: rfc1035.h,v 1.3.6.2 2001/02/27 14:18:26 rvenning Exp $ * * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ - * -------------------------------------------------------- + * SQUID Web Proxy Cache http://www.squid-cache.org/ + * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by - * the National Science Foundation. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/include/snmp_client.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/snmp_client.h,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/include/snmp_client.h 23 Oct 2000 15:04:18 -0000 1.2 +++ squid/include/snmp_client.h 27 Feb 2001 14:18:26 -0000 1.2.6.1 @@ -1,5 +1,5 @@ /* - * $Id: snmp_client.h,v 1.2 2000/10/23 15:04:18 hno Exp $ + * $Id: snmp_client.h,v 1.2.6.1 2001/02/27 14:18:26 rvenning Exp $ */ #ifndef _SNMP_CLIENT_H_ @@ -30,7 +30,7 @@ SOFTWARE. ******************************************************************/ struct synch_state { - int waiting; + int waiting; int status; /* status codes */ #define STAT_SUCCESS 0 @@ -44,22 +44,21 @@ extern "C" { #endif -extern struct synch_state snmp_synch_state; + extern struct synch_state snmp_synch_state; /* Synchronize Input with Agent */ -int snmp_synch_input(int, struct snmp_session *, int, - struct snmp_pdu *, void *); + int snmp_synch_input(int, struct snmp_session *, int, + struct snmp_pdu *, void *); /* Synchronize Response with Agent */ -int snmp_synch_response(struct snmp_session *, struct snmp_pdu *, - struct snmp_pdu **); + int snmp_synch_response(struct snmp_session *, struct snmp_pdu *, + struct snmp_pdu **); /* Synchronize Setup */ -void snmp_synch_setup(struct snmp_session *); + void snmp_synch_setup(struct snmp_session *); #ifdef __cplusplus } -#endif - -#endif /* _SNMP_CLIENT_H_ */ +#endif +#endif /* _SNMP_CLIENT_H_ */ Index: squid/include/snmp_pdu.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/snmp_pdu.h,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/include/snmp_pdu.h 23 Oct 2000 15:04:18 -0000 1.2 +++ squid/include/snmp_pdu.h 27 Feb 2001 14:18:26 -0000 1.2.6.1 @@ -1,5 +1,3 @@ - -/* -*- c++ -*- */ #ifndef _SNMP_PDU_H_ #define _SNMP_PDU_H_ @@ -27,7 +25,7 @@ * * Author: Ryan Troll * - * $Id: snmp_pdu.h,v 1.2 2000/10/23 15:04:18 hno Exp $ + * $Id: snmp_pdu.h,v 1.2.6.1 2001/02/27 14:18:26 rvenning Exp $ * **********************************************************************/ @@ -57,34 +55,26 @@ u_int time; /* Uptime */ }; -#ifdef __cplusplus -extern "C" { -#endif - - struct snmp_pdu *snmp_pdu_create(int); - struct snmp_pdu *snmp_pdu_clone(struct snmp_pdu *); - struct snmp_pdu *snmp_pdu_fix(struct snmp_pdu *, int); - struct snmp_pdu *snmp_fix_pdu(struct snmp_pdu *, int); - void snmp_free_pdu(struct snmp_pdu *); - void snmp_pdu_free(struct snmp_pdu *); - - u_char *snmp_pdu_encode(u_char *, int *, struct snmp_pdu *); - u_char *snmp_pdu_decode(u_char *, int *, struct snmp_pdu *); - char *snmp_pdu_type(struct snmp_pdu *); +struct snmp_pdu *snmp_pdu_create(int); +struct snmp_pdu *snmp_pdu_clone(struct snmp_pdu *); +struct snmp_pdu *snmp_pdu_fix(struct snmp_pdu *, int); +struct snmp_pdu *snmp_fix_pdu(struct snmp_pdu *, int); +void snmp_free_pdu(struct snmp_pdu *); +void snmp_pdu_free(struct snmp_pdu *); + +u_char *snmp_pdu_encode(u_char *, int *, struct snmp_pdu *); +u_char *snmp_pdu_decode(u_char *, int *, struct snmp_pdu *); +char *snmp_pdu_type(struct snmp_pdu *); /* Add a NULL Variable to a PDU */ - void snmp_add_null_var(struct snmp_pdu *, oid *, int); - -#ifdef __cplusplus -} +void snmp_add_null_var(struct snmp_pdu *, oid *, int); -#endif /* - * * RFC 1905: Protocol Operations for SNMPv2 - * * - * * RFC 1157: A Simple Network Management Protocol (SNMP) - * * - * * PDU Types - */ +/* RFC 1905: Protocol Operations for SNMPv2 + * + * RFC 1157: A Simple Network Management Protocol (SNMP) + * + * PDU Types + */ #define SNMP_PDU_GET (ASN_CONTEXT | ASN_CONSTRUCTOR | 0x0) #define SNMP_PDU_GETNEXT (ASN_CONTEXT | ASN_CONSTRUCTOR | 0x1) #define SNMP_PDU_RESPONSE (ASN_CONTEXT | ASN_CONSTRUCTOR | 0x2) @@ -98,13 +88,14 @@ #define SNMP_DEFAULT_ERRSTAT -1 #define SNMP_DEFAULT_ERRINDEX -1 #define SNMP_DEFAULT_ADDRESS 0 -#define SNMP_DEFAULT_REQID 0 /* - * * RFC 1907: Management Information Base for SNMPv2 - * * - * * RFC 1157: A Simple Network Management Protocol (SNMP) - * * - * * Trap Types - */ +#define SNMP_DEFAULT_REQID 0 + +/* RFC 1907: Management Information Base for SNMPv2 + * + * RFC 1157: A Simple Network Management Protocol (SNMP) + * + * Trap Types + */ #define SNMP_TRAP_COLDSTART (0x0) #define SNMP_TRAP_WARMSTART (0x1) #define SNMP_TRAP_LINKDOWN (0x2) @@ -112,4 +103,4 @@ #define SNMP_TRAP_AUTHENTICATIONFAILURE (0x4) #define SNMP_TRAP_EGPNEIGHBORLOSS (0x5) #define SNMP_TRAP_ENTERPRISESPECIFIC (0x6) -#endif /* _SNMP_PDU_H_ */ +#endif /* _SNMP_PDU_H_ */ Index: squid/include/snmp_util.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/snmp_util.h,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/include/snmp_util.h 23 Oct 2000 15:04:18 -0000 1.2 +++ squid/include/snmp_util.h 27 Feb 2001 14:18:26 -0000 1.2.6.1 @@ -1,19 +1,15 @@ /* - * $Id: snmp_util.h,v 1.2 2000/10/23 15:04:18 hno Exp $ + * $Id: snmp_util.h,v 1.2.6.1 2001/02/27 14:18:26 rvenning Exp $ */ #ifndef SNMP_UTIL_H #define SNMP_UTIL_H -/* - * call a function at regular intervals (in seconds): - */ +/* call a function at regular intervals (in seconds): */ extern void snmp_alarm(int ival, void (*handler) (void)); -/* - * service for filedescriptors: - */ +/* service for filedescriptors: */ extern void fd_add(int fd, void (*func) (int fd)); extern void fd_service(void); @@ -22,55 +18,32 @@ /* ---------------------------------------------------------------------- */ /* - * ** SNMP Agent extension for Spacer-Controler Management - * ** - * ** Copyright (c) 1997 FT/CNET/DES/GRL Olivier Montanuy - * ** - */ -/* - * ** Function to safely copy a string, and ensure the last - * ** character is always '\0'. + * SNMP Agent extension for Spacer-Controler Management + * + * Copyright (c) 1997 FT/CNET/DES/GRL Olivier Montanuy */ -void - strcpy_safe(char *str, int str_len, char *val); -/* - * ** Function to get IP address of this agent - * ** WARNING: this scans all interfaces (slow) - */ -u_long -Util_local_ip_address(void); +/* Function to safely copy a string, and ensure the last + * character is always '\0'. */ +void strcpy_safe(char *str, int str_len, char *val); -/* - * ** Function to get the current time in seconds - */ -long - Util_time_now(void); +/* Function to get IP address of this agent + * WARNING: this scans all interfaces (slow) */ +u_long Util_local_ip_address(void); -/* - * ** Function to determine how long the agent has been running - * * (WARNING: this seems rather slow) - */ -long - Util_time_running(); +/* Function to get the current time in seconds */ +long Util_time_now(void); -/* - * ** Read data from file - */ -int - Util_file_read(char *file, int offset, char *data, int dataSz); +/* Function to determine how long the agent has been running + * (WARNING: this seems rather slow) */ +long Util_time_running(); -/* - * ** Write data into file - */ -int - Util_file_write(char *file, int offset, char *data, int dataSz); +/* Read data from file */ +int Util_file_read(char *file, int offset, char *data, int dataSz); +/* Write data into file */ +int Util_file_write(char *file, int offset, char *data, int dataSz); /* ---------------------------------------------------------------------- */ - - - - #endif Index: squid/include/snmp_vars.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/snmp_vars.h,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/include/snmp_vars.h 23 Oct 2000 15:04:18 -0000 1.2 +++ squid/include/snmp_vars.h 27 Feb 2001 14:18:26 -0000 1.2.6.1 @@ -1,4 +1,3 @@ -/* -*- c++ -*- */ #ifndef _SNMP_VARS_H_ #define _SNMP_VARS_H_ @@ -26,7 +25,7 @@ * * Author: Ryan Troll * - * $Id: snmp_vars.h,v 1.2 2000/10/23 15:04:18 hno Exp $ + * $Id: snmp_vars.h,v 1.2.6.1 2001/02/27 14:18:26 rvenning Exp $ * **********************************************************************/ @@ -43,26 +42,20 @@ int val_len; }; -#ifdef __cplusplus -extern "C" { -#endif - - struct variable_list *snmp_var_new(oid *, int); - struct variable_list *snmp_var_new_integer(oid *, int, int, unsigned char); - struct variable_list *snmp_var_clone(struct variable_list *); - void snmp_var_free(struct variable_list *); - - u_char *snmp_var_EncodeVarBind(u_char *, int *, struct variable_list *, int); - u_char *snmp_var_DecodeVarBind(u_char *, int *, struct variable_list **, int); - -#ifdef __cplusplus -} - -#endif -#define MAX_NAME_LEN 64 /* number of subid's in a objid *//* *RFC 1902:Structure of Management Information for SNMPv2 * - *Defined Types -* - */ +struct variable_list *snmp_var_new(oid *, int); +struct variable_list *snmp_var_new_integer(oid *, int, int, unsigned char); +struct variable_list *snmp_var_clone(struct variable_list *); +void snmp_var_free(struct variable_list *); + +u_char *snmp_var_EncodeVarBind(u_char *, int *, struct variable_list *, int); +u_char *snmp_var_DecodeVarBind(u_char *, int *, struct variable_list **, int); + +#define MAX_NAME_LEN 64 /* number of subid's in a objid */ + +/* RFC 1902: Structure of Management Information for SNMPv2 + * + * Defined Types + */ #define SMI_INTEGER ASN_INTEGER #define SMI_STRING ASN_OCTET_STR #define SMI_OBJID ASN_OBJECT_ID Index: squid/include/snprintf.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/snprintf.h,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/include/snprintf.h 23 Oct 2000 15:04:18 -0000 1.2 +++ squid/include/snprintf.h 27 Feb 2001 14:18:26 -0000 1.2.6.1 @@ -1,5 +1,5 @@ /* - * $Id: snprintf.h,v 1.2 2000/10/23 15:04:18 hno Exp $ + * $Id: snprintf.h,v 1.2.6.1 2001/02/27 14:18:26 rvenning Exp $ */ /* if you have configure you can use this */ @@ -26,7 +26,7 @@ #define VA_SHIFT(v,t) v = va_arg(ap,t) #define VA_END va_end(ap) #else -XX **NO VARARGS ** XX +#error **NO VARARGS ** #endif #endif Index: squid/include/splay.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/splay.h,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/include/splay.h 23 Oct 2000 15:04:18 -0000 1.3 +++ squid/include/splay.h 27 Feb 2001 14:18:26 -0000 1.3.6.1 @@ -1,7 +1,9 @@ /* - * $Id: splay.h,v 1.3 2000/10/23 15:04:18 hno Exp $ + * $Id: splay.h,v 1.3.6.1 2001/02/27 14:18:26 rvenning Exp $ */ +#ifndef _SPLAY_H +#define _SPLAY_H typedef struct _splay_node { void *data; @@ -19,3 +21,5 @@ extern splayNode *splay_splay(const void *, splayNode *, SPLAYCMP *); extern void splay_destroy(splayNode *, SPLAYFREE *); extern void splay_walk(splayNode *, SPLAYWALKEE *, void *); + +#endif /* _SPLAY_H */ Index: squid/include/util.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/util.h,v retrieving revision 1.4.4.2 retrieving revision 1.4.4.3 diff -u -r1.4.4.2 -r1.4.4.3 --- squid/include/util.h 24 Feb 2001 12:20:40 -0000 1.4.4.2 +++ squid/include/util.h 27 Feb 2001 14:18:26 -0000 1.4.4.3 @@ -1,15 +1,19 @@ /* - * $Id: util.h,v 1.4.4.2 2001/02/24 12:20:40 rvenning Exp $ + * $Id: util.h,v 1.4.4.3 2001/02/27 14:18:26 rvenning Exp $ * * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ - * -------------------------------------------------------- + * SQUID Web Proxy Cache http://www.squid-cache.org/ + * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by - * the National Science Foundation. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -114,13 +118,14 @@ #if INET6 extern const char * inet6_ntoa(const struct in6_addr in); -extern int safe_inet_addr6(const char *, struct in6_addr *) +extern int safe_inet_addr6(const char *buf, struct in6_addr *addr); #endif extern time_t parse_iso3307_time(const char *buf); extern char *base64_decode(const char *coded); extern const char *base64_encode(const char *decoded); +extern const char *base64_encode_bin(const char *data, int len); extern double xpercent(double part, double whole); extern int xpercentInt(double part, double whole); @@ -132,4 +137,9 @@ double drand48(void); #endif +/* + * Returns the amount of known allocated memory + */ +int statMemoryAccounted(void); + #endif /* ndef _UTIL_H_ */ Index: squid/lib/Array.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/Array.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/lib/Array.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/lib/Array.c 27 Feb 2001 14:18:26 -0000 1.3.6.1 @@ -1,19 +1,19 @@ /* - * $Id: Array.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: Array.c,v 1.3.6.1 2001/02/27 14:18:26 rvenning Exp $ * * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -41,6 +41,8 @@ #include "config.h" +#include "Array.h" + #if HAVE_ASSERT_H #include #endif @@ -53,7 +55,7 @@ static void arrayGrow(Array * a, int min_capacity); Array * -arrayCreate() +arrayCreate(void) { Array *a = xmalloc(sizeof(Array)); arrayInit(a); Index: squid/lib/GNUregex.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/GNUregex.c,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/lib/GNUregex.c 23 Oct 2000 15:04:19 -0000 1.2 +++ squid/lib/GNUregex.c 27 Feb 2001 14:18:26 -0000 1.2.6.1 @@ -1,5 +1,5 @@ /* - * $Id: GNUregex.c,v 1.2 2000/10/23 15:04:19 hno Exp $ + * $Id: GNUregex.c,v 1.2.6.1 2001/02/27 14:18:26 rvenning Exp $ */ /* Extended regular expression matching and search library, @@ -1576,7 +1576,6 @@ else return REG_ERPAREN; } - handle_close: if (fixup_alt_jump) { /* Push a dummy failure point at the end of the * alternative for a possible future @@ -1595,7 +1594,6 @@ else return REG_ERPAREN; } - /* Since we just checked for an empty stack above, this * ``can't happen''. */ assert(compile_stack.avail != 0); Index: squid/lib/Makefile.in =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/Attic/Makefile.in,v retrieving revision 1.4 retrieving revision 1.4.4.1 diff -u -r1.4 -r1.4.4.1 --- squid/lib/Makefile.in 4 Nov 2000 23:23:06 -0000 1.4 +++ squid/lib/Makefile.in 27 Feb 2001 14:18:49 -0000 1.4.4.1 @@ -1,5 +1,5 @@ # -# $Id: Makefile.in,v 1.4 2000/11/04 23:23:06 hno Exp $ +# $Id: Makefile.in,v 1.4.4.1 2001/02/27 14:18:49 rvenning Exp $ # prefix = @prefix@ top_srcdir = @top_srcdir@ @@ -24,6 +24,7 @@ UTILOBJS = rfc1123.o \ rfc1738.o \ rfc1035.o \ + rfc2617.o \ util.o \ getfullhostname.o \ base64.o \ @@ -39,11 +40,12 @@ Stack.o \ hash.o \ heap.o \ - html.o \ + html_quote.o \ $(LIBOBJS) REGEXOBJS = GNUregex.o DLMALLOCOBJS = dlmalloc.o -LIBS = libmiscutil.a @LIBREGEX@ @LIBDLMALLOC@ +NTLMAUTHOBJS = ntlmauth.o +LIBS = libmiscutil.a @LIBREGEX@ @LIBDLMALLOC@ libntlmauth.a CFLAGS = $(AC_CFLAGS) $(INCLUDE) @@ -66,6 +68,11 @@ $(AR_R) $@ $(DLMALLOCOBJS) $(RANLIB) $@ +libntlmauth.a: $(NTLMAUTHOBJS) + $(RM) -f $@ + $(AR_R) $@ $(NTLMAUTHOBJS) + $(RANLIB) $@ + clean: -rm -f *.o $(LIBS) core Index: squid/lib/Stack.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/Stack.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/lib/Stack.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/lib/Stack.c 27 Feb 2001 14:18:49 -0000 1.3.6.1 @@ -1,19 +1,19 @@ /* - * $Id: Stack.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: Stack.c,v 1.3.6.1 2001/02/27 14:18:49 rvenning Exp $ * * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/lib/base64.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/base64.c,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/lib/base64.c 23 Oct 2000 15:04:19 -0000 1.2 +++ squid/lib/base64.c 27 Feb 2001 14:18:49 -0000 1.2.6.1 @@ -1,8 +1,9 @@ /* - * $Id: base64.c,v 1.2 2000/10/23 15:04:19 hno Exp $ + * $Id: base64.c,v 1.2.6.1 2001/02/27 14:18:49 rvenning Exp $ */ #include "config.h" +#include "util.h" #if HAVE_STDIO_H #include @@ -11,6 +12,7 @@ #include #endif + static void base64_init(void); static int base64_initialized = 0; @@ -111,3 +113,50 @@ result[out_cnt] = '\0'; /* terminate */ return result; } + +/* adopted from http://ftp.sunet.se/pub2/gnu/vm/base64-encode.c with adjustments */ +const char * +base64_encode_bin(const char *data, int len) +{ + static char result[BASE64_RESULT_SZ]; + int bits = 0; + int char_count = 0; + int out_cnt = 0; + int c; + + if (!data) + return data; + + if (!base64_initialized) + base64_init(); + + while (len-- && out_cnt < sizeof(result) - 1) { + c = (unsigned char) *data++; + bits += c; + char_count++; + if (char_count == 3) { + result[out_cnt++] = base64_code[bits >> 18]; + result[out_cnt++] = base64_code[(bits >> 12) & 0x3f]; + result[out_cnt++] = base64_code[(bits >> 6) & 0x3f]; + result[out_cnt++] = base64_code[bits & 0x3f]; + bits = 0; + char_count = 0; + } else { + bits <<= 8; + } + } + if (char_count != 0) { + bits <<= 16 - (8 * char_count); + result[out_cnt++] = base64_code[bits >> 18]; + result[out_cnt++] = base64_code[(bits >> 12) & 0x3f]; + if (char_count == 1) { + result[out_cnt++] = '='; + result[out_cnt++] = '='; + } else { + result[out_cnt++] = base64_code[(bits >> 6) & 0x3f]; + result[out_cnt++] = '='; + } + } + result[out_cnt] = '\0'; /* terminate */ + return result; +} Index: squid/lib/getfullhostname.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/getfullhostname.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/lib/getfullhostname.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/lib/getfullhostname.c 27 Feb 2001 14:18:49 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: getfullhostname.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: getfullhostname.c,v 1.3.6.1 2001/02/27 14:18:49 rvenning Exp $ * * DEBUG: * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/lib/hash.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/hash.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/lib/hash.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/lib/hash.c 27 Feb 2001 14:18:49 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: hash.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: hash.c,v 1.4.6.1 2001/02/27 14:18:49 rvenning Exp $ * * DEBUG: section 0 Hash Tables * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/lib/heap.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/heap.c,v retrieving revision 1.3 retrieving revision 1.3.10.1 diff -u -r1.3 -r1.3.10.1 --- squid/lib/heap.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/lib/heap.c 27 Feb 2001 14:18:49 -0000 1.3.10.1 @@ -1,20 +1,20 @@ /* - * $Id: heap.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: heap.c,v 1.3.10.1 2001/02/27 14:18:49 rvenning Exp $ * * AUTHOR: John Dilley, Hewlett Packard * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -38,6 +38,7 @@ ****************************************************************************/ #include "config.h" +#include "heap.h" #if HAVE_STDLIB_H #include @@ -482,7 +483,7 @@ /* * Print the heap in element order, id..last. */ -void +static void heap_print_inorder(heap * hp, int id) { while (id < hp->last) { --- squid/lib/html.c Wed Feb 14 00:50:54 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,122 +0,0 @@ -/* - * $Id$ - * - * DEBUG: - * AUTHOR: Robert Collins - * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ - * ---------------------------------------------------------- - * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. - * - */ - -#include "config.h" - -#if HAVE_STDIO_H -#include -#endif -#if HAVE_STRING_H -#include -#endif - -#include "util.h" -#include "snprintf.h" - -/* - * HTML defines these characters as special entities that should be quoted. - */ -static struct { - unsigned char code; - char *quote; -} htmlstandardentities[] = -{ - /* NOTE: The quoted form MUST not be larger than 6 character. - * see close to the MemPool commend below - */ - { '<', "<" }, - { '>', ">" }, - { '"', """ }, - { '&', "&" }, - { '\'', "'" }, - { 0, NULL } -}; - -/* - * html_do_quote - Returns a static buffer containing the quoted - * string. - */ -char * -html_quote(const char *string) -{ - static char *buf; - static size_t bufsize = 0; - const char *src; - char *dst; - int i; - - /* XXX This really should be implemented using a MemPool, but - * MemPools are not yet available in lib... - */ - if (buf == NULL || strlen(string) * 6 > bufsize) { - xfree(buf); - bufsize = strlen(string) * 6 + 1; - buf = xcalloc(bufsize, 1); - } - for (src = string, dst = buf; *src; src++) { - char *escape = NULL; - const unsigned char ch = *src; - - /* Walk thru the list of HTML Entities that must be quoted to - * display safely - */ - for (i = 0; htmlstandardentities[i].code; i++) { - if (ch == htmlstandardentities[i].code) { - escape = htmlstandardentities[i].quote; - break; - } - } - /* Encode control chars just to be on the safe side, and make - * sure all 8-bit characters are encoded to protect from buggy - * clients - */ - if ( !escape && (ch <= 0x1F || ch >= 0x7f) && ch != '\n' && ch != '\r' && ch != '\t' ) { - static char dec_encoded[7]; - snprintf(dec_encoded, sizeof dec_encoded, "&#%3d;", (int) ch); - escape = dec_encoded; - } - - if (escape) { - /* Ok, An escaped form was found above. Use it */ - strncpy(dst, escape, 6); - dst += strlen(escape); - } else { - /* Apparently there is no need to escape this character */ - *dst++ = ch; - } - } - /* Nullterminate and return the result */ - *dst = '\0'; - return (buf); -} Index: squid/lib/iso3307.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/iso3307.c,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/lib/iso3307.c 23 Oct 2000 15:04:19 -0000 1.2 +++ squid/lib/iso3307.c 27 Feb 2001 14:18:49 -0000 1.2.6.1 @@ -1,8 +1,9 @@ /* - * $Id: iso3307.c,v 1.2 2000/10/23 15:04:19 hno Exp $ + * $Id: iso3307.c,v 1.2.6.1 2001/02/27 14:18:49 rvenning Exp $ */ #include "config.h" +#include "util.h" #if HAVE_STDIO_H #include Index: squid/lib/md5.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/md5.c,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/lib/md5.c 23 Oct 2000 15:04:19 -0000 1.2 +++ squid/lib/md5.c 27 Feb 2001 14:18:49 -0000 1.2.6.1 @@ -1,5 +1,5 @@ /* - * $Id: md5.c,v 1.2 2000/10/23 15:04:19 hno Exp $ + * $Id: md5.c,v 1.2.6.1 2001/02/27 14:18:49 rvenning Exp $ */ /* taken from RFC-1321/Appendix A.3 */ @@ -63,9 +63,9 @@ #define S43 15 #define S44 21 -static void MD5Transform(u_num32[4], unsigned char[64]); +static void MD5Transform(u_num32[4], const unsigned char[64]); static void Encode(unsigned char *, u_num32 *, unsigned int); -static void Decode(u_num32 *, unsigned char *, unsigned int); +static void Decode(u_num32 *, const unsigned char *, unsigned int); #if HAVE_MEMCPY #define MD5_memcpy(to,from,count) memcpy(to,from,count) @@ -145,7 +145,7 @@ * processing another message block, and updating the context. */ void -MD5Update(MD5_CTX * context, unsigned char *input, unsigned int inputLen) +MD5Update(MD5_CTX * context, const unsigned char *input, unsigned int inputLen) { unsigned int i, index, partLen; @@ -213,7 +213,7 @@ * MD5 basic transformation. Transforms state based on block. */ static void -MD5Transform(u_num32 state[4], unsigned char block[64]) +MD5Transform(u_num32 state[4], const unsigned char block[64]) { u_num32 a = state[0], b = state[1], c = state[2], d = state[3], x[16]; @@ -324,7 +324,7 @@ * multiple of 4. */ static void -Decode(u_num32 * output, unsigned char *input, unsigned int len) +Decode(u_num32 * output, const unsigned char *input, unsigned int len) { unsigned int i, j; Index: squid/lib/radix.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/radix.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/lib/radix.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/lib/radix.c 27 Feb 2001 14:18:49 -0000 1.3.6.1 @@ -1,20 +1,20 @@ /* - * $Id: radix.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: radix.c,v 1.3.6.1 2001/02/27 14:18:49 rvenning Exp $ * * DEBUG: section 53 Radix tree data structure implementation * AUTHOR: NetBSD Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -69,6 +69,7 @@ */ #include "config.h" +#include "radix.h" #if HAVE_UNISTD_H #include Index: squid/lib/rfc1035.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/rfc1035.c,v retrieving revision 1.4.6.1 retrieving revision 1.4.6.2 diff -u -r1.4.6.1 -r1.4.6.2 --- squid/lib/rfc1035.c 24 Feb 2001 12:20:40 -0000 1.4.6.1 +++ squid/lib/rfc1035.c 27 Feb 2001 14:18:49 -0000 1.4.6.2 @@ -1,32 +1,32 @@ /* - * $Id: rfc1035.c,v 1.4.6.1 2001/02/24 12:20:40 rvenning Exp $ + * $Id: rfc1035.c,v 1.4.6.2 2001/02/27 14:18:49 rvenning Exp $ * * Low level DNS protocol routines * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. @@ -174,7 +174,7 @@ * Note message compression is not supported here. * Returns number of octets packed. */ -off_t +static off_t rfc1035NamePack(char *buf, size_t sz, const char *name) { off_t off = 0; @@ -424,7 +424,7 @@ rfc1035_rr ** records, unsigned short *id) { - off_t off = 0; + size_t off = 0; int l; int i; int nr = 0; @@ -472,7 +472,7 @@ int rfc1035BuildAddrQuery(const char *hostname, char * buf, size_t * szp, unsigned short addrType) { static rfc1035_header h; - off_t offset = 0; + size_t offset = 0; size_t sz = *szp; memset(&h, '\0', sizeof(h)); /* the first char of hostname must be alphanmeric */ @@ -538,7 +538,7 @@ rfc1035BuildPTRQuery(const struct in_addr addr, char *buf, size_t * szp) { static rfc1035_header h; - off_t offset = 0; + size_t offset = 0; size_t sz = *szp; static char rev[32]; unsigned int i; @@ -561,7 +561,7 @@ RFC1035_TYPE_PTR, RFC1035_CLASS_IN); assert(offset <= sz); - *szp = (size_t) offset; + *szp = offset; return h.id; } Index: squid/lib/rfc1123.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/rfc1123.c,v retrieving revision 1.4 retrieving revision 1.4.4.1 diff -u -r1.4 -r1.4.4.1 --- squid/lib/rfc1123.c 9 Nov 2000 09:09:40 -0000 1.4 +++ squid/lib/rfc1123.c 27 Feb 2001 14:18:49 -0000 1.4.4.1 @@ -1,21 +1,21 @@ /* - * $Id: rfc1123.c,v 1.4 2000/11/09 09:09:40 hno Exp $ + * $Id: rfc1123.c,v 1.4.4.1 2001/02/27 14:18:49 rvenning Exp $ * * DEBUG: * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/lib/rfc1738.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/rfc1738.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/lib/rfc1738.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/lib/rfc1738.c 27 Feb 2001 14:18:49 -0000 1.3.6.1 @@ -1,20 +1,20 @@ /* - * $Id: rfc1738.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: rfc1738.c,v 1.3.6.1 2001/02/27 14:18:49 rvenning Exp $ * * DEBUG: * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -92,7 +92,7 @@ static size_t bufsize = 0; const char *p; char *q; - int i, do_escape; + unsigned int i, do_escape; if (buf == NULL || strlen(url) * 3 > bufsize) { xfree(buf); Index: squid/lib/safe_inet_addr.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/safe_inet_addr.c,v retrieving revision 1.2.6.2 retrieving revision 1.2.6.3 diff -u -r1.2.6.2 -r1.2.6.3 --- squid/lib/safe_inet_addr.c 24 Feb 2001 12:20:40 -0000 1.2.6.2 +++ squid/lib/safe_inet_addr.c 27 Feb 2001 14:18:49 -0000 1.2.6.3 @@ -1,9 +1,10 @@ /* - * $Id: safe_inet_addr.c,v 1.2.6.2 2001/02/24 12:20:40 rvenning Exp $ + * $Id: safe_inet_addr.c,v 1.2.6.3 2001/02/27 14:18:49 rvenning Exp $ */ #include "config.h" +#include "util.h" #if HAVE_STDIO_H #include @@ -86,11 +87,11 @@ #if INET6 int -safe_inet_addr6(const char *buf, struct in_addr *addr) +safe_inet_addr6(const char *buf, struct in6_addr *addr) { static char addrbuf[128]; /* try IPv4 dotted quad first */ - if (safe_inet_addr(buf, addr) == 1) { + if (safe_inet_addr(buf, (struct in_addr *)addr) == 1) { /* we need to convert to IPv6 mapped IPv4 address */ xmemcpy(addrbuf, "::FFFF:", 7); xmemcpy(&addrbuf[7], buf, strlen(buf) + 1); Index: squid/lib/snprintf.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/snprintf.c,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/lib/snprintf.c 23 Oct 2000 15:04:19 -0000 1.2 +++ squid/lib/snprintf.c 27 Feb 2001 14:18:49 -0000 1.2.6.1 @@ -1,5 +1,5 @@ /* - * $Id: snprintf.c,v 1.2 2000/10/23 15:04:19 hno Exp $ + * $Id: snprintf.c,v 1.2.6.1 2001/02/27 14:18:49 rvenning Exp $ */ /* ==================================================================== @@ -762,9 +762,7 @@ precision = FLOAT_DIGITS; else if (precision == 0) precision = 1; - /* - * * We use &num_buf[ 1 ], so that we have room for the sign - */ + /* We use &num_buf[ 1 ], so that we have room for the sign */ s = ap_gcvt(va_arg(ap, double), precision, &num_buf[1]); if (*s == '-') prefix_char = *s++; Index: squid/lib/strerror.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/strerror.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/lib/strerror.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/lib/strerror.c 27 Feb 2001 14:18:49 -0000 1.3.6.1 @@ -1,20 +1,20 @@ /* - * $Id: strerror.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: strerror.c,v 1.3.6.1 2001/02/27 14:18:49 rvenning Exp $ * * DEBUG: * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/lib/stub_memaccount.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/stub_memaccount.c,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/lib/stub_memaccount.c 23 Oct 2000 15:04:19 -0000 1.2 +++ squid/lib/stub_memaccount.c 27 Feb 2001 14:18:49 -0000 1.2.6.1 @@ -1,9 +1,10 @@ /* - * $Id: stub_memaccount.c,v 1.2 2000/10/23 15:04:19 hno Exp $ + * $Id: stub_memaccount.c,v 1.2.6.1 2001/02/27 14:18:49 rvenning Exp $ */ /* Stub function for programs not implementing statMemoryAccounted */ -#include +#include "config.h" +#include "util.h" int statMemoryAccounted(void) { Index: squid/lib/util.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/util.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/lib/util.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/lib/util.c 27 Feb 2001 14:18:49 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: util.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: util.c,v 1.3.6.1 2001/02/27 14:18:49 rvenning Exp $ * * DEBUG: * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -78,7 +78,7 @@ #if !defined(__CYGWIN__) extern int sys_nerr; #else - #define sys_nerr _sys_nerr +#define sys_nerr _sys_nerr #endif @@ -124,9 +124,9 @@ return DBG_MAXINDEX; if (sz <= DBG_SPLIT) - return (sz+DBG_GRAIN_SM-1)/DBG_GRAIN_SM; + return (sz + DBG_GRAIN_SM - 1) / DBG_GRAIN_SM; - return (sz+DBG_GRAIN-1)/DBG_GRAIN + DBG_OFFSET; + return (sz + DBG_GRAIN - 1) / DBG_GRAIN + DBG_OFFSET; } static void @@ -177,7 +177,7 @@ #endif #if XMALLOC_DEBUG -#define DBG_ARRY_SZ (1<<10) +#define DBG_ARRY_SZ (1<<11) #define DBG_ARRY_BKTS (1<<8) static void *(*malloc_ptrs)[DBG_ARRY_SZ]; static int malloc_size[DBG_ARRY_BKTS][DBG_ARRY_SZ]; @@ -474,7 +474,8 @@ #endif #if XMALLOC_DEBUG - check_free(s); + if (s != NULL) + check_free(s); #endif if (s != NULL) free(s); @@ -631,7 +632,7 @@ if (errno < 0 || errno >= sys_nerr) snprintf(xstrerror_buf, BUFSIZ, "(%d) Unknown", errno); else - snprintf(xstrerror_buf, BUFSIZ, "(%d) %s", errno, strerror(errno)); + snprintf(xstrerror_buf, BUFSIZ, "(%d) %s", errno, strerror(errno)); return xstrerror_buf; } @@ -748,10 +749,10 @@ } /* A default failure notifier when the main program hasn't installed any */ -void default_failure_notify(const char *msg) +void +default_failure_notify(const char *msg) { write(2, msg, strlen(msg)); write(2, "\n", 1); abort(); } - Index: squid/scripts/Makefile.in =================================================================== RCS file: /cvsroot/squid-sf//squid/scripts/Attic/Makefile.in,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/scripts/Makefile.in 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/scripts/Makefile.in 27 Feb 2001 14:18:49 -0000 1.1.1.1.42.1 @@ -23,11 +23,11 @@ install: @if test ! -d $(exec_prefix); then \ echo "mkdir $(exec_prefix)"; \ - mkdir $(exec_prefix); \ + mkdir -p $(exec_prefix); \ fi @if test ! -d $(bindir); then \ echo "mkdir $(bindir)"; \ - mkdir $(bindir); \ + mkdir -p $(bindir); \ fi $(INSTALL_BIN) RunCache $(bindir) $(INSTALL_BIN) RunAccel $(bindir) Index: squid/snmplib/coexistance.c =================================================================== RCS file: /cvsroot/squid-sf//squid/snmplib/coexistance.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/snmplib/coexistance.c 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/snmplib/coexistance.c 27 Feb 2001 14:18:49 -0000 1.1.1.1.42.1 @@ -100,7 +100,7 @@ * valid V1 responses. (I think. XXXXX) * */ -int +int snmp_coexist_V2toV1(struct snmp_pdu *PDU) { /* Per 3.1.1: Index: squid/snmplib/mib.c =================================================================== RCS file: /cvsroot/squid-sf//squid/snmplib/mib.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/snmplib/mib.c 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/snmplib/mib.c 27 Feb 2001 14:18:49 -0000 1.1.1.1.42.1 @@ -114,7 +114,7 @@ return buf; } -static void +static void sprint_hexstring(buf, cp, len) char *buf; u_char *cp; @@ -136,7 +136,7 @@ *buf = '\0'; } -static void +static void sprint_asciistring(buf, cp, len) char *buf; u_char *cp; @@ -531,7 +531,7 @@ } #endif -void +void init_mib(char *file) { if (Mib != NULL) @@ -674,7 +674,7 @@ return (++*out_len); } -int +int read_objid(input, output, out_len) char *input; oid *output; @@ -709,7 +709,7 @@ return (1); } -void +void print_objid(objid, objidlen) oid *objid; int objidlen; /* number of subidentifiers */ @@ -723,7 +723,7 @@ } -void +void sprint_objid(buf, objid, objidlen) char *buf; oid *objid; @@ -736,7 +736,7 @@ } #if 0 -void +void print_variable(objid, objidlen, pvariable) oid *objid; int objidlen; @@ -763,7 +763,7 @@ } -void +void sprint_variable(buf, objid, objidlen, pvariable) char *buf; oid *objid; @@ -790,7 +790,7 @@ strcat(buf, "\n"); } -void +void sprint_value(buf, objid, objidlen, pvariable) char *buf; oid *objid; @@ -808,7 +808,7 @@ } } -void +void print_value(objid, objidlen, pvariable) oid *objid; int objidlen; @@ -870,13 +870,13 @@ #if 0 -void +void print_variable_list(variable_list * V) { print_variable(V->name, V->name_length, V); } -void +void print_variable_list_value(variable_list * pvariable) { char buf[512]; @@ -895,7 +895,7 @@ } #endif -void +void print_type(variable_list * var) { switch (var->type) { @@ -932,7 +932,7 @@ } } -void +void print_oid_nums(oid * O, int len) { int x; Index: squid/snmplib/snmp_api.c =================================================================== RCS file: /cvsroot/squid-sf//squid/snmplib/snmp_api.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/snmplib/snmp_api.c 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/snmplib/snmp_api.c 27 Feb 2001 14:18:50 -0000 1.1.1.1.42.1 @@ -128,7 +128,7 @@ */ static int Reqid = 0; -static void +static void init_snmp(void) { struct timeval tv; @@ -142,7 +142,7 @@ /* * Free each element in the input request list. */ -static void +static void free_request_list(rp) struct request_list *rp; { @@ -344,7 +344,7 @@ * dequeues any pending requests, and closes any sockets allocated for * the session. Returns 0 on error, 1 otherwise. */ -int +int snmp_close(struct snmp_session *session) { struct session_list *slp = NULL, *oslp = NULL; @@ -451,7 +451,7 @@ * The pdu is freed by snmp_send() unless a failure occured. */ #if 0 -int +int snmp_send(struct snmp_session *session, struct snmp_pdu *pdu) { struct session_list *slp; @@ -763,7 +763,7 @@ * from the pdu and is resent. If there are no more retries available, the * callback for the session is used to alert the user of the timeout. */ -void +void snmp_timeout(void) { struct session_list *slp; @@ -846,7 +846,7 @@ /* Print some API stats */ -void +void snmp_api_stats(void *outP) { struct session_list *slp; Index: squid/snmplib/snmp_api_error.c =================================================================== RCS file: /cvsroot/squid-sf//squid/snmplib/snmp_api_error.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/snmplib/snmp_api_error.c 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/snmplib/snmp_api_error.c 27 Feb 2001 14:18:50 -0000 1.1.1.1.42.1 @@ -69,7 +69,7 @@ "Unknown Error" }; -void +void snmp_set_api_error(int x) { snmp_errno = x; @@ -86,7 +86,7 @@ return (api_errors[foo]); } -int +int snmp_api_errno(void) { return (snmp_errno); Index: squid/snmplib/snmp_msg.c =================================================================== RCS file: /cvsroot/squid-sf//squid/snmplib/snmp_msg.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/snmplib/snmp_msg.c 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/snmplib/snmp_msg.c 27 Feb 2001 14:18:50 -0000 1.1.1.1.42.1 @@ -128,7 +128,7 @@ snmp_msg_Encode(u_char * Buffer, int *BufLenP, u_char * Community, int CommLen, int Version, - struct snmp_pdu * PDU) + struct snmp_pdu *PDU) { u_char *bufp, *tmp; u_char *PDUHeaderPtr, *VARHeaderPtr; Index: squid/snmplib/snmp_pdu.c =================================================================== RCS file: /cvsroot/squid-sf//squid/snmplib/snmp_pdu.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/snmplib/snmp_pdu.c 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/snmplib/snmp_pdu.c 27 Feb 2001 14:18:50 -0000 1.1.1.1.42.1 @@ -270,7 +270,7 @@ /**********************************************************************/ -void +void snmp_pdu_free(struct snmp_pdu *pdu) { snmp_free_pdu(pdu); @@ -279,7 +279,7 @@ /* * Frees the pdu and any xmalloc'd data associated with it. */ -void +void snmp_free_pdu(struct snmp_pdu *pdu) { struct variable_list *vp, *ovp; @@ -670,7 +670,7 @@ * Add a null variable with the requested name to the end of the list of * variables for this pdu. */ -void +void snmp_add_null_var(struct snmp_pdu *pdu, oid * name, int name_length) { struct variable_list *vars; Index: squid/src/CacheDigest.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/CacheDigest.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/CacheDigest.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/src/CacheDigest.c 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: CacheDigest.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: CacheDigest.c,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 70 Cache Digest * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/ETag.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/Attic/ETag.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/ETag.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/src/ETag.c 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: ETag.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: ETag.c,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: none ETag parsing support * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/HttpBody.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/HttpBody.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/HttpBody.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/src/HttpBody.c 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: HttpBody.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: HttpBody.c,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 56 HTTP Message Body * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/HttpHdrCc.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/HttpHdrCc.c,v retrieving revision 1.4 retrieving revision 1.4.4.1 diff -u -r1.4 -r1.4.4.1 --- squid/src/HttpHdrCc.c 9 Nov 2000 09:09:40 -0000 1.4 +++ squid/src/HttpHdrCc.c 27 Feb 2001 14:18:50 -0000 1.4.4.1 @@ -1,21 +1,21 @@ /* - * $Id: HttpHdrCc.c,v 1.4 2000/11/09 09:09:40 hno Exp $ + * $Id: HttpHdrCc.c,v 1.4.4.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 65 HTTP Cache Control Header * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/HttpHdrContRange.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/HttpHdrContRange.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/HttpHdrContRange.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/src/HttpHdrContRange.c 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: HttpHdrContRange.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: HttpHdrContRange.c,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 68 HTTP Content-Range Header * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/HttpHdrExtField.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/HttpHdrExtField.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/HttpHdrExtField.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/src/HttpHdrExtField.c 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: HttpHdrExtField.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: HttpHdrExtField.c,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 69 HTTP Header: Extension Field * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/HttpHdrRange.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/HttpHdrRange.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/HttpHdrRange.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/HttpHdrRange.c 27 Feb 2001 14:18:50 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: HttpHdrRange.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: HttpHdrRange.c,v 1.4.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 64 HTTP Range Header * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -208,7 +208,7 @@ * Range */ -HttpHdrRange * +static HttpHdrRange * httpHdrRangeCreate(void) { HttpHdrRange *r = memAllocate(MEM_HTTP_HDR_RANGE); Index: squid/src/HttpHeader.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/HttpHeader.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/HttpHeader.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/src/HttpHeader.c 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: HttpHeader.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: HttpHeader.c,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 55 HTTP Header * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -933,6 +933,11 @@ /* do we have a valid field name within this field? */ if (!name_len || name_end > field_end) return NULL; + if (name_len > 65536) { + /* String has a 64K limit */ + debug(55, 1) ("WARNING: ignoring header name of %d bytes\n", name_len); + return NULL; + } /* now we know we can parse it */ e = memAllocate(MEM_HTTP_HDR_ENTRY); debug(55, 9) ("creating entry %p: near '%s'\n", e, getStringPrefix(field_start, field_end)); @@ -950,6 +955,15 @@ /* trim field value */ while (value_start < field_end && xisspace(*value_start)) value_start++; + if (field_end - value_start > 65536) { + /* String has a 64K limit */ + debug(55, 1) ("WARNING: ignoring '%s' header of %d bytes\n", + strBuf(e->name), field_end - value_start); + if (e->id == HDR_OTHER) + stringClean(&e->name); + memFree(e, MEM_HTTP_HDR_ENTRY); + return NULL; + } /* set field value */ stringLimitInit(&e->value, value_start, field_end - value_start); Headers[id].stat.seenCount++; Index: squid/src/HttpHeaderTools.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/HttpHeaderTools.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/HttpHeaderTools.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/src/HttpHeaderTools.c 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: HttpHeaderTools.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: HttpHeaderTools.c,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 66 HTTP Header Tools * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -35,7 +35,9 @@ #include "squid.h" +#if UNUSED_CODE static int httpHeaderStrCmp(const char *h1, const char *h2, int len); +#endif static void httpHeaderPutStrvf(HttpHeader * hdr, http_hdr_type id, const char *fmt, va_list vargs); @@ -312,6 +314,7 @@ * parses a given string then packs compiled headers and compares the result * with the original, reports discrepancies */ +#if UNUSED_CODE void httpHeaderTestParser(const char *hstr) { @@ -362,9 +365,11 @@ packerClean(&p); memBufClean(&mb); } +#endif /* like strncasecmp but ignores ws characters */ +#if UNUSED_CODE static int httpHeaderStrCmp(const char *h1, const char *h2, int len) { @@ -391,3 +396,45 @@ /* NOTREACHED */ return 0; } +#endif + +/* + * httpHdrMangle checks the anonymizer (header_access) configuration. + * Returns 1 if the header is allowed. + */ +static int +httpHdrMangle(HttpHeaderEntry * e, request_t * request) +{ + int retval; + + /* check with anonymizer tables */ + header_mangler *hm; + aclCheck_t *checklist; + assert(e); + hm = &Config.header_access[e->id]; + checklist = aclChecklistCreate(hm->access_list, request, NULL); + /* aclCheckFast returns 1 for allow. */ + if (1 == aclCheckFast(hm->access_list, checklist)) + retval = 1; + /* It was denied; Do we replace it with something else? */ + else if (NULL == hm->replacement) + retval = 0; + /* yes, we do */ + else + stringReset(&e->value, hm->replacement); + retval = 1; + + aclChecklistFree(checklist); + return retval; +} + +/* Mangles headers for a list of headers. */ +void +httpHdrMangleList(HttpHeader * l, request_t * request) +{ + HttpHeaderEntry *e; + HttpHeaderPos p = HttpHeaderInitPos; + while ((e = httpHeaderGetEntry(l, &p))) + if (0 == httpHdrMangle(e, request)) + httpHeaderDelAt(l, p); +} Index: squid/src/HttpMsg.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/HttpMsg.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- squid/src/HttpMsg.c 14 Nov 2000 13:03:47 -0000 1.4 +++ squid/src/HttpMsg.c 27 Feb 2001 14:18:50 -0000 1.4.2.1 @@ -1,21 +1,21 @@ /* - * $Id: HttpMsg.c,v 1.4 2000/11/14 13:03:47 adri Exp $ + * $Id: HttpMsg.c,v 1.4.2.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 74 HTTP Message * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -91,7 +91,7 @@ int httpMsgIsPersistent(http_version_t http_ver, const HttpHeader * hdr) { - if ((http_ver.major>=1) && (http_ver.minor >= 1)) { + if ((http_ver.major >= 1) && (http_ver.minor >= 1)) { /* * for modern versions of HTTP: persistent unless there is * a "Connection: close" header. Index: squid/src/HttpReply.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/HttpReply.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- squid/src/HttpReply.c 14 Nov 2000 13:03:47 -0000 1.4 +++ squid/src/HttpReply.c 27 Feb 2001 14:18:50 -0000 1.4.2.1 @@ -1,21 +1,21 @@ /* - * $Id: HttpReply.c,v 1.4 2000/11/14 13:03:47 adri Exp $ + * $Id: HttpReply.c,v 1.4.2.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 58 HTTP Reply (Response) * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -261,7 +261,7 @@ HttpHeader *hdr; http_version_t ver; assert(reply); - httpBuildVersion(&ver,1,0); + httpBuildVersion(&ver, 1, 0); httpStatusLineSet(&reply->sline, ver, status, httpStatusString(status)); hdr = &reply->header; httpHeaderPutStr(hdr, HDR_SERVER, full_appname_string); Index: squid/src/HttpRequest.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/HttpRequest.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/HttpRequest.c 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/src/HttpRequest.c 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: HttpRequest.c,v 1.3 2000/10/23 15:04:19 hno Exp $ + * $Id: HttpRequest.c,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 73 HTTP Request * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -55,7 +55,10 @@ requestDestroy(request_t * req) { assert(req); - safe_free(req->body); + if (req->body_connection) + clientAbortBody(req); + if (req->auth_user_request) + authenticateAuthUserRequestUnlock(req->auth_user_request); safe_free(req->canonical); stringClean(&req->urlpath); httpHeaderClean(&req->header); @@ -141,26 +144,16 @@ req->header.len + 2; } -/* returns true if header is allowed to be passed on */ +/* + * Returns true if HTTP allows us to pass this header on. Does not + * check anonymizer (aka header_access) configuration. + */ int httpRequestHdrAllowed(const HttpHeaderEntry * e, String * strConn) { assert(e); - /* check with anonymizer tables */ - if (CBIT_TEST(Config.anonymize_headers, e->id)) - return 0; /* check connection header */ if (strConn && strListIsMember(strConn, strBuf(e->name), ',')) return 0; return 1; } - -/* returns true if header is allowed to be passed on */ -int -httpRequestHdrAllowedByName(http_hdr_type id) -{ - /* check with anonymizer tables */ - if (CBIT_TEST(Config.anonymize_headers, id)) - return 0; - return 1; -} Index: squid/src/HttpStatusLine.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/HttpStatusLine.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- squid/src/HttpStatusLine.c 14 Nov 2000 13:03:47 -0000 1.4 +++ squid/src/HttpStatusLine.c 27 Feb 2001 14:18:50 -0000 1.4.2.1 @@ -1,21 +1,21 @@ /* - * $Id: HttpStatusLine.c,v 1.4 2000/11/14 13:03:47 adri Exp $ + * $Id: HttpStatusLine.c,v 1.4.2.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 57 HTTP Status-line * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -43,15 +43,15 @@ httpStatusLineInit(HttpStatusLine * sline) { http_version_t version; - httpBuildVersion(&version,0,0); - httpStatusLineSet(sline, version , HTTP_STATUS_NONE, NULL); + httpBuildVersion(&version, 0, 0); + httpStatusLineSet(sline, version, HTTP_STATUS_NONE, NULL); } void httpStatusLineClean(HttpStatusLine * sline) { http_version_t version; - httpBuildVersion(&version,0,0); + httpBuildVersion(&version, 0, 0); httpStatusLineSet(sline, version, HTTP_INTERNAL_SERVER_ERROR, NULL); } @@ -72,11 +72,11 @@ { assert(sline && p); debug(57, 9) ("packing sline %p using %p:\n", sline, p); - debug(57, 9) (HttpStatusLineFormat, sline->version.major, - sline->version.minor, sline->status, + debug(57, 9) (HttpStatusLineFormat, sline->version.major, + sline->version.minor, sline->status, sline->reason ? sline->reason : httpStatusString(sline->status)); - packerPrintf(p, HttpStatusLineFormat, sline->version.major, - sline->version.minor, sline->status, httpStatusLineReason(sline)); + packerPrintf(p, HttpStatusLineFormat, sline->version.major, + sline->version.minor, sline->status, httpStatusLineReason(sline)); } /* pack fields using Packer */ @@ -90,12 +90,12 @@ start += 5; if (!xisdigit(*start)) return 0; - if (sscanf(start, "%d.%d", &sline->version.major, &sline->version.minor)!=2){ - debug(57, 7) ("httpStatusLineParse: Invalid HTTP identifier.\n"); + if (sscanf(start, "%d.%d", &sline->version.major, &sline->version.minor) != 2) { + debug(57, 7) ("httpStatusLineParse: Invalid HTTP identifier.\n"); } if (!(start = strchr(start, ' '))) return 0; - sline->status = atoi(++start); + sline->status = (http_status)atoi(++start); /* we ignore 'reason-phrase' */ return 1; /* success */ } Index: squid/src/Makefile.in =================================================================== RCS file: /cvsroot/squid-sf//squid/src/Attic/Makefile.in,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/Makefile.in 23 Oct 2000 15:04:19 -0000 1.3 +++ squid/src/Makefile.in 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,7 +1,7 @@ # # Makefile for the Squid Object Cache server # -# $Id: Makefile.in,v 1.3 2000/10/23 15:04:19 hno Exp $ +# $Id: Makefile.in,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ # # Uncomment and customize the following to suit your needs: # @@ -18,7 +18,7 @@ srcdir = @srcdir@ VPATH = @srcdir@ -SUBDIRS = fs repl +SUBDIRS = fs repl auth # Gotta love the DOS legacy # @@ -47,6 +47,8 @@ DEFAULT_ERROR_DIR = $(sysconfdir)/errors DEFAULT_MIB_PATH = $(sysconfdir)/mib.txt +AUTH_OBJS = @AUTH_OBJS@ +AUTH_MODULES = @AUTH_MODULES@ CC = @CC@ MAKEDEPEND = @MAKEDEPEND@ INSTALL = @INSTALL@ @@ -90,6 +92,7 @@ access_log.o \ acl.o \ asn.o \ + auth_modules.o \ authenticate.o \ cache_cf.o \ CacheDigest.o \ @@ -148,7 +151,6 @@ pconn.o \ peer_digest.o \ peer_select.o \ - pump.o \ redirect.o \ referer.o \ refresh.o \ @@ -208,8 +210,8 @@ $(SNMP_OBJS): ../snmplib/libsnmp.a $(top_srcdir)/include/cache_snmp.h -$(SQUID_EXE): $(OBJS) $(STORE_OBJS) $(REPL_OBJS) - $(CC) -o $@ $(LDFLAGS) $(OBJS) $(STORE_OBJS) $(REPL_OBJS) $(SQUID_LIBS) +$(SQUID_EXE): $(OBJS) $(STORE_OBJS) $(REPL_OBJS) $(AUTH_OBJS) + $(CC) -o $@ $(LDFLAGS) $(OBJS) $(STORE_OBJS) $(REPL_OBJS) $(AUTH_OBJS) $(SQUID_LIBS) globals.o: globals.c Makefile $(CC) -c globals.c $(CFLAGS) -I$(srcdir) $(DEFAULTS) @@ -247,7 +249,7 @@ cache_cf.o: cf_parser.c squid.conf: cf_parser.c - @sh -c "test -f squid.conf || ./cg_gen cf.data" + @sh -c "test -f squid.conf || ./cf_gen cf.data" cf_parser.c: cf.data cf_gen ./cf_gen cf.data @@ -298,34 +300,43 @@ repl_modules repl/stamp: @sh -c "cd repl && $(MAKE) all" +auth_modules.c: auth_modules.sh Makefile + sh $(srcdir)/auth_modules.sh $(AUTH_MODULES) >auth_modules.c + +auth_modules.o: auth_modules.c + $(CC) -c auth_modules.c $(CFLAGS) -I$(srcdir) + +$(AUTH_OBJS): + @sh -c "cd `dirname $@` && $(MAKE) $(MFLAGS) `basename $@`" + install-mkdirs: -@if test ! -d $(prefix); then \ echo "mkdir $(prefix)"; \ - mkdir $(prefix); \ + mkdir -p $(prefix); \ fi -@if test ! -d $(exec_prefix); then \ echo "mkdir $(exec_prefix)"; \ - mkdir $(exec_prefix); \ + mkdir -p $(exec_prefix); \ fi -@if test ! -d $(bindir); then \ echo "mkdir $(bindir)"; \ - mkdir $(bindir); \ + mkdir -p $(bindir); \ fi -@if test ! -d $(libexecdir); then \ echo "mkdir $(libexecdir)"; \ - mkdir $(libexecdir); \ + mkdir -p $(libexecdir); \ fi -@if test ! -d $(sysconfdir); then \ echo "mkdir $(sysconfdir)"; \ - mkdir $(sysconfdir); \ + mkdir -p $(sysconfdir); \ fi -@if test ! -d $(localstatedir); then \ echo "mkdir $(localstatedir)"; \ - mkdir $(localstatedir); \ + mkdir -p $(localstatedir); \ fi -@if test ! -d $(localstatedir)/logs; then \ echo "mkdir $(localstatedir)/logs"; \ - mkdir $(localstatedir)/logs; \ + mkdir -p $(localstatedir)/logs; \ fi # Michael Lupp wants to know about additions @@ -406,7 +417,7 @@ clean: -rm -rf *.o *pure_* core $(PROGS) $(UTILS) $(CGIPROGS) $(SUID_UTILS) -rm -f cf_gen cf_gen_defines.h cf_parser.c cf.data globals.c string_arrays.c - -rm -f store_modules.c repl_modules.c squid.conf + -rm -f store_modules.c repl_modules.c auth_modules.c squid.conf @for dir in $(SUBDIRS); do \ echo "Making $@ in $$dir..."; \ (cd $$dir ; $(MAKE) $(MFLAGS) prefix="$(prefix)" $@) || exit 1; \ Index: squid/src/MemBuf.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/MemBuf.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/MemBuf.c 23 Oct 2000 15:04:20 -0000 1.3 +++ squid/src/MemBuf.c 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: MemBuf.c,v 1.3 2000/10/23 15:04:20 hno Exp $ + * $Id: MemBuf.c,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 59 auto-growing Memory Buffer with printf * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/MemPool.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/MemPool.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/MemPool.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/MemPool.c 27 Feb 2001 14:18:50 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: MemPool.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: MemPool.c,v 1.4.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 63 Low Level Memory Pool Management * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/Packer.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/Packer.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/Packer.c 23 Oct 2000 15:04:20 -0000 1.3 +++ squid/src/Packer.c 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: Packer.c,v 1.3 2000/10/23 15:04:20 hno Exp $ + * $Id: Packer.c,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 60 Packer: A uniform interface to store-like modules * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/StatHist.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/StatHist.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/StatHist.c 23 Oct 2000 15:04:20 -0000 1.3 +++ squid/src/StatHist.c 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: StatHist.c,v 1.3 2000/10/23 15:04:20 hno Exp $ + * $Id: StatHist.c,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 62 Generic Histogram * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/String.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/String.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/String.c 23 Oct 2000 15:04:20 -0000 1.3 +++ squid/src/String.c 27 Feb 2001 14:18:50 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: String.c,v 1.3 2000/10/23 15:04:20 hno Exp $ + * $Id: String.c,v 1.3.6.1 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 67 String * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/access_log.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/access_log.c,v retrieving revision 1.5.2.1 retrieving revision 1.5.2.2 diff -u -r1.5.2.1 -r1.5.2.2 --- squid/src/access_log.c 7 Dec 2000 13:58:10 -0000 1.5.2.1 +++ squid/src/access_log.c 27 Feb 2001 14:18:50 -0000 1.5.2.2 @@ -1,21 +1,21 @@ /* - * $Id: access_log.c,v 1.5.2.1 2000/12/07 13:58:10 rvenning Exp $ + * $Id: access_log.c,v 1.5.2.2 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 46 Access Log * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -182,10 +182,60 @@ return buf; } +static char * +username_quote(const char *header) +/* copy of log_quote. Bugs there will be found here */ +{ + int c; + int i; + char *buf; + char *buf_cursor; + if (header == NULL) { + buf = xcalloc(1, 1); + *buf = '\0'; + return buf; + } + buf = xcalloc((strlen(header) * 3) + 1, 1); + buf_cursor = buf; + /* + * We escape: space \x00-\x1F and space (0x40) and \x7F-\xFF + * to prevent garbage in the logs. CR and LF are also there just in case. + */ + while ((c = *(const unsigned char *) header++) != '\0') { + if (c == '\r') { + *buf_cursor++ = '\\'; + *buf_cursor++ = 'r'; + } else if (c == '\n') { + *buf_cursor++ = '\\'; + *buf_cursor++ = 'n'; + } else if (c <= 0x1F + || c >= 0x7F + || c == ' ') { + *buf_cursor++ = '%'; + i = c * 2; + *buf_cursor++ = c2x[i]; + *buf_cursor++ = c2x[i + 1]; + } else { + *buf_cursor++ = (char) c; + } + } + *buf_cursor = '\0'; + return buf; +} + +static char * +accessLogFormatName(const char *name) +{ + if (NULL == name) + return xcalloc(strlen(dash_str) + 1, 1); + return username_quote(name); +} + static void accessLogSquid(AccessLogEntry * al) { const char *client = NULL; + char *user = NULL; if (Config.onoff.log_fqdn) client = fqdncache_gethostbyaddr(al->cache.caddr, FQDN_LOOKUP_IF_MISS); if (client == NULL) @@ -200,24 +250,33 @@ al->cache.size, al->private.method_str, al->url, - al->cache.ident, + (user = accessLogFormatName(al->cache.authuser ? + al->cache.authuser : al->cache.rfc931)), al->hier.ping.timedout ? "TIMEOUT_" : "", hier_strings[al->hier.code], al->hier.host, al->http.content_type); + safe_free(user); } static void accessLogCommon(AccessLogEntry * al) { const char *client = NULL; + char *user = NULL; if (Config.onoff.log_fqdn) client = fqdncache_gethostbyaddr(al->cache.caddr, 0); if (client == NULL) +<<<<<<< access_log.c client = INET_NTOA(al->cache.caddr); logfilePrintf(logfile, "%s %s - [%s] \"%s %s HTTP/%d.%d\" %d %d %s:%s", +======= + client = inet_ntoa(al->cache.caddr); + logfilePrintf(logfile, "%s %s %s [%s] \"%s %s HTTP/%d.%d\" %d %d %s:%s", +>>>>>>> 1.10 client, - al->cache.ident, + accessLogFormatName(al->cache.rfc931), + (user = accessLogFormatName(al->cache.authuser)), mkhttpdlogtime(&squid_curtime), al->private.method_str, al->url, @@ -226,25 +285,18 @@ al->cache.size, log_tags[al->cache.code], hier_strings[al->hier.code]); + safe_free(user); } void accessLogLog(AccessLogEntry * al) { - LOCAL_ARRAY(char, ident_buf, USER_IDENT_SZ); - if (LogfileStatus != LOG_ENABLE) return; if (al->url == NULL) al->url = dash_str; if (!al->http.content_type || *al->http.content_type == '\0') al->http.content_type = dash_str; - if (!al->cache.ident || *al->cache.ident == '\0') { - al->cache.ident = dash_str; - } else { - xstrncpy(ident_buf, rfc1738_escape(al->cache.ident), USER_IDENT_SZ); - al->cache.ident = ident_buf; - } if (al->icp.opcode) al->private.method_str = icp_opcode_str[al->icp.opcode]; else @@ -328,6 +380,8 @@ accessLogInit(void) { assert(sizeof(log_tags) == (LOG_TYPE_MAX + 1) * sizeof(char *)); + if (strcasecmp(Config.Log.access, "none") == 0) + return; logfile = logfileOpen(Config.Log.access, MAX_URL << 1, 1); LogfileStatus = LOG_ENABLE; #if HEADERS_LOG Index: squid/src/acl.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/acl.c,v retrieving revision 1.4.6.1 retrieving revision 1.4.6.2 diff -u -r1.4.6.1 -r1.4.6.2 --- squid/src/acl.c 7 Dec 2000 13:58:11 -0000 1.4.6.1 +++ squid/src/acl.c 27 Feb 2001 14:18:50 -0000 1.4.6.2 @@ -1,21 +1,21 @@ /* - * $Id: acl.c,v 1.4.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: acl.c,v 1.4.6.2 2001/02/27 14:18:50 rvenning Exp $ * * DEBUG: section 28 Access Control * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 2000 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -38,12 +38,16 @@ static int aclFromFile = 0; static FILE *aclFile; -static hash_table *proxy_auth_cache = NULL; static void aclParseDomainList(void *curlist); +static void aclParseUserList(void **current); static void aclParseIpList(void *curlist); +#if UNUSED_CODE static void aclParseIntlist(void *curlist); +#endif +#if SQUID_SNMP static void aclParseWordList(void *curlist); +#endif static void aclParseProtoList(void *curlist); static void aclParseMethodList(void *curlist); static void aclParseTimeSpec(void *curlist); @@ -52,13 +56,19 @@ static void aclDestroyAclList(acl_list * list); static void aclDestroyTimeList(acl_time_data * data); static void aclDestroyIntRange(intrange *); -static FREE aclFreeProxyAuthUser; +static void aclLookupProxyAuthStart(aclCheck_t * checklist); +static void aclLookupProxyAuthDone(void *data, char *result); static struct _acl *aclFindByName(const char *name); static int aclMatchAcl(struct _acl *, aclCheck_t *); static int aclMatchIntegerRange(intrange * data, int i); static int aclMatchTime(acl_time_data * data, time_t when); +<<<<<<< acl.c static int aclMatchUser(wordlist * data, const char *ident); static int aclMatchIp(void *dataptr, struct IN_ADDR c); +======= +static int aclMatchUser(void *proxyauth_acl, char *user); +static int aclMatchIp(void *dataptr, struct in_addr c); +>>>>>>> 1.23 static int aclMatchDomainList(void *dataptr, const char *); static int aclMatchIntegerRange(intrange * data, int i); #if SQUID_SNMP @@ -75,8 +85,6 @@ static IPH aclLookupDstIPforASNDone; static FQDNH aclLookupSrcFQDNDone; static FQDNH aclLookupDstFQDNDone; -static void aclLookupProxyAuthStart(aclCheck_t * checklist); -static void aclLookupProxyAuthDone(void *data, char *result); static wordlist *aclDumpIpList(void *); static wordlist *aclDumpDomainList(void *data); static wordlist *aclDumpTimeSpecList(acl_time_data *); @@ -100,6 +108,7 @@ static SPLAYCMP aclArpCompare; static SPLAYWALKEE aclDumpArpListWalkee; #endif +static int aclCacheMatchAcl(dlink_list * cache, squid_acl acltype, void *data, char *MatchParam); static char * strtokFile(void) @@ -120,6 +129,9 @@ debug(28, 0) ("strtokFile: %s not found\n", fn); return (NULL); } +#if defined(_SQUID_CYGWIN_) + setmode(fileno(aclFile), O_TEXT); +#endif aclFromFile = 1; } else { return t; @@ -203,14 +215,18 @@ if (!strcmp(s, "snmp_community")) return ACL_SNMP_COMMUNITY; #endif +#if SRC_RTT_NOT_YET_FINISHED if (!strcmp(s, "src_rtt")) return ACL_NETDB_SRC_RTT; +#endif #if USE_ARP_ACL if (!strcmp(s, "arp")) return ACL_SRC_ARP; #endif if (!strcmp(s, "req_mime_type")) return ACL_REQ_MIME_TYPE; + if (!strcmp(s, "rep_mime_type")) + return ACL_REP_MIME_TYPE; return ACL_NONE; } @@ -267,14 +283,18 @@ if (type == ACL_SNMP_COMMUNITY) return "snmp_community"; #endif +#if SRC_RTT_NOT_YET_FINISHED if (type == ACL_NETDB_SRC_RTT) return "src_rtt"; +#endif #if USE_ARP_ACL if (type == ACL_SRC_ARP) return "arp"; #endif if (type == ACL_REQ_MIME_TYPE) return "req_mime_type"; + if (type == ACL_REP_MIME_TYPE) + return "rep_mime_type"; return "ERROR"; } @@ -288,6 +308,7 @@ return NULL; } +#if UNUSED_CODE static void aclParseIntlist(void *curlist) { @@ -302,6 +323,7 @@ Tail = &q->next; } } +#endif static void aclParseIntRange(void *curlist) @@ -485,6 +507,9 @@ safe_free(q); return NULL; } + if ((q->addr1.s_addr & q->mask.s_addr) != q->addr1.s_addr || + (q->addr2.s_addr & q->mask.s_addr) != q->addr2.s_addr) + debug(28, 0) ("aclParseIpData: WARNING: Netmask masks away part of the specified IP in '%s'\n", t); q->addr1.s_addr &= q->mask.s_addr; q->addr2.s_addr &= q->mask.s_addr; /* 1.2.3.4/255.255.255.0 --> 1.2.3.0 */ @@ -623,6 +648,7 @@ } } +#if SQUID_SNMP static void aclParseWordList(void *curlist) { @@ -630,6 +656,50 @@ while ((t = strtokFile())) wordlistAdd(curlist, t); } +#endif + +static void +aclParseUserList(void **current) +{ + char *t = NULL; + acl_user_data *data; + splayNode *Top = NULL; + + debug(28, 2) ("aclParseUserList: parsing user list\n"); + if (*current == NULL) { + debug(28, 3) ("aclParseUserList: current is null. Creating\n"); + *current = memAllocate(MEM_ACL_USER_DATA); + } + data = *current; + Top = data->names; + if ((t = strtokFile())) { + debug(28, 5) ("aclParseUserList: First token is %s\n", t); + if (strcmp("-i", t) == 0) { + debug(28, 5) ("aclParseUserList: Going case-insensitive\n"); + data->flags.case_insensitive = 1; + } else if (strcmp("REQUIRED", t) == 0) { + debug(28, 5) ("aclParseUserList: REQUIRED-type enabled\n"); + data->flags.required = 1; + } else { + if (data->flags.case_insensitive) + Tolower(t); + Top = splay_insert(xstrdup(t), Top, (SPLAYCMP *) strcmp); + } + } + debug(28, 3) ("aclParseUserList: Case-insensitive-switch is %d\n", + data->flags.case_insensitive); + /* we might inherit from a previous declaration */ + + debug(28, 4) ("aclParseUserList: parsing user list\n"); + while ((t = strtokFile())) { + debug(28, 6) ("aclParseUserList: Got token: %s\n", t); + if (data->flags.case_insensitive) + Tolower(t); + Top = splay_insert(xstrdup(t), Top, (SPLAYCMP *) strcmp); + } + data->names = Top; +} + /**********************/ /* aclParseDomainList */ @@ -715,21 +785,25 @@ case ACL_BROWSER: case ACL_SRC_DOM_REGEX: case ACL_DST_DOM_REGEX: + case ACL_REQ_MIME_TYPE: + case ACL_REP_MIME_TYPE: aclParseRegexList(&A->data); break; case ACL_SRC_ASN: case ACL_MAXCONN: case ACL_DST_ASN: +#if SRC_RTT_NOT_YET_FINISHED case ACL_NETDB_SRC_RTT: aclParseIntlist(&A->data); break; +#endif case ACL_URL_PORT: case ACL_MY_PORT: aclParseIntRange(&A->data); break; #if USE_IDENT case ACL_IDENT: - aclParseWordList(&A->data); + aclParseUserList(&A->data); break; case ACL_IDENT_REGEX: aclParseRegexList(&A->data); @@ -742,19 +816,25 @@ aclParseMethodList(&A->data); break; case ACL_PROXY_AUTH: - aclParseWordList(&A->data); - if (!proxy_auth_cache) { - /* First time around, 7921 should be big enough */ - proxy_auth_cache = hash_create((HASHCMP *) strcmp, 7921, hash_string); - assert(proxy_auth_cache); + if (authenticateSchemeCount() == 0) { + debug(28, 0) ("aclParseAclLine: IGNORING: Proxy Auth ACL '%s' \ +because no authentication schemes were compiled.\n", A->cfgline); + } else if (authenticateActiveSchemeCount() == 0) { + debug(28, 0) ("aclParseAclLine: IGNORING: Proxy Auth ACL '%s' \ +because no authentication schemes are fully configured.\n", A->cfgline); + } else { + aclParseUserList(&A->data); } break; case ACL_PROXY_AUTH_REGEX: - aclParseRegexList(&A->data); - if (!proxy_auth_cache) { - /* First time around, 7921 should be big enough */ - proxy_auth_cache = hash_create((HASHCMP *) strcmp, 7921, hash_string); - assert(proxy_auth_cache); + if (authenticateSchemeCount() == 0) { + debug(28, 0) ("aclParseAclLine: IGNORING: Proxy Auth ACL '%s' \ +because no authentication schemes were compiled.\n", A->cfgline); + } else if (authenticateActiveSchemeCount() == 0) { + debug(28, 0) ("aclParseAclLine: IGNORING: Proxy Auth ACL '%s' \ +because no authentication schemes are fully configured.\n", A->cfgline); + } else { + aclParseRegexList(&A->data); } break; #if SQUID_SNMP @@ -767,11 +847,8 @@ aclParseArpList(&A->data); break; #endif - case ACL_REQ_MIME_TYPE: - aclParseWordList(&A->data); - break; case ACL_NONE: - default: + case ACL_ENUM_MAX: fatal("Bad ACL type"); break; } @@ -794,7 +871,7 @@ } /* does name lookup, returns page_id */ -int +err_type aclGetDenyInfoPage(acl_deny_info_list ** head, const char *name) { acl_deny_info_list *A = NULL; @@ -802,7 +879,7 @@ A = *head; if (NULL == *head) /* empty list */ - return -1; + return ERR_NONE; while (A) { L = A->acl_list; if (NULL == L) /* empty list should never happen, but in case */ @@ -814,7 +891,7 @@ } A = A->next; } - return -1; + return ERR_NONE; } /* does name lookup, returns if it is a proxy_auth acl */ @@ -895,7 +972,7 @@ debug(28, 0) ("aclParseAccessLine: missing 'allow' or 'deny'.\n"); return; } - A = memAllocate(MEM_ACL_ACCESS); + A = CBDATA_ALLOC(acl_access, NULL); if (!strcmp(t, "allow")) A->allow = 1; @@ -905,7 +982,7 @@ debug(28, 0) ("%s line %d: %s\n", cfg_filename, config_lineno, config_input_line); debug(28, 0) ("aclParseAccessLine: expecting 'allow' or 'deny', got '%s'.\n", t); - memFree(A, MEM_ACL_ACCESS); + cbdataFree(A); return; } @@ -937,7 +1014,7 @@ debug(28, 0) ("%s line %d: %s\n", cfg_filename, config_lineno, config_input_line); debug(28, 0) ("aclParseAccessLine: Access line contains no ACL's, skipping\n"); - memFree(A, MEM_ACL_ACCESS); + cbdataFree(A); return; } A->cfgline = xstrdup(config_input_line); @@ -945,7 +1022,6 @@ for (B = *head, T = head; B; T = &B->next, B = B->next); *T = A; /* We lock _acl_access structures in aclCheck() */ - cbdataAdd(A, memFree, MEM_ACL_ACCESS); } /**************/ @@ -1007,94 +1083,136 @@ } static int -aclMatchUser(wordlist * data, const char *user) +aclMatchUser(void *proxyauth_acl, char *user) { + acl_user_data *data = (acl_user_data *) proxyauth_acl; + splayNode *Top = data->names; + + debug(28, 7) ("aclMatchUser: user is %s, case_insensitive is %d\n", + user, data->flags.case_insensitive); + debug(28, 8) ("Top is %p, Top->data is %s\n", Top, + (Top != NULL ? (Top)->data : "Unavailable")); + if (user == NULL) return 0; - debug(28, 3) ("aclMatchUser: checking '%s'\n", user); - while (data) { - debug(28, 3) ("aclMatchUser: looking for '%s'\n", data->key); - if (strcmp(data->key, "REQUIRED") == 0 && *user != '\0' && strcmp(user, "-") != 0) - return 1; - if (strcmp(data->key, user) == 0) - return 1; - data = data->next; - } - return 0; + + if (data->flags.case_insensitive) + Tolower(user); + + if (data->flags.required) { + debug(28, 7) ("aclMatchUser: user REQUIRED and auth-info present.\n"); + return 1; + } + Top = splay_splay(user, Top, (SPLAYCMP *) strcmp); + /* Top=splay_splay(user,Top,(SPLAYCMP *)dumping_strcmp); */ + debug(28, 7) ("aclMatchUser: returning %d,Top is %p, Top->data is %s\n", + !splayLastResult, + Top, (Top ? Top->data : "Unavailable")); + data->names = Top; + return !splayLastResult; } +/* ACL result caching routines */ + +/* + * we lookup an acl's cached results, and if we cannot find the acl being + * checked we check it and cache the result. This function is deliberatly + * generic to support caching of multiple acl types (but it needs to be more + * generic still.... + * The Match Param and the cache MUST be tied together by the calling routine. + * You have been warned :-] + * Also only Matchxxx that are of the form (void *, void *) can be used. + * probably some ugly overloading _could_ be done but I'll leave that as an + * exercise for the reader. Note that caching of time based acl's is not + * wise due to no expiry occuring to the cache entries until the user expires + * or a reconfigure takes place. + * RBC + */ static int -aclDecodeProxyAuth(const char *proxy_auth, char **user, char **password, char *buf, size_t bufsize) +aclCacheMatchAcl(dlink_list * cache, squid_acl acltype, void *data, + char *MatchParam) { - char *sent_auth; - char *cleartext; - if (proxy_auth == NULL) - return 0; - debug(28, 6) ("aclDecodeProxyAuth: header = '%s'\n", proxy_auth); - if (strncasecmp(proxy_auth, "Basic ", 6) != 0) { - debug(28, 1) ("aclDecodeProxyAuth: Unsupported proxy-auth sheme, '%s'\n", proxy_auth); - return 0; - } - proxy_auth += 6; /* "Basic " */ - /* Trim leading whitespace before decoding */ - while (xisspace(*proxy_auth)) - proxy_auth++; - sent_auth = xstrdup(proxy_auth); /* username and password */ - /* Trim trailing \n before decoding */ - strtok(sent_auth, "\n"); - cleartext = uudecode(sent_auth); - xfree(sent_auth); - /* - * Don't allow NL or CR in the credentials. - * Oezguer Kesim - */ - strtok(cleartext, "\r\n"); - debug(28, 6) ("aclDecodeProxyAuth: cleartext = '%s'\n", cleartext); - xstrncpy(buf, cleartext, bufsize); - xfree(cleartext); - *user = buf; - if ((*password = strchr(*user, ':')) != NULL) - *(*password)++ = '\0'; - if (*password == NULL) { - debug(28, 1) ("aclDecodeProxyAuth: no password in proxy authorization header '%s'\n", proxy_auth); - return 0; - } - if (**password == '\0') { - debug(28, 1) ("aclDecodeProxyAuth: Disallowing empty password," - "user is '%s'\n", *user); - return 0; + int matchrv; + acl_proxy_auth_match_cache *auth_match; + dlink_node *link; + link = cache->head; + while (link) { + auth_match = link->data; + if (auth_match->acl_data == data) { + debug(28, 4) ("aclCacheMatchAcl: cache hit on acl '%d'\n", + data); + return auth_match->matchrv; + } + link = link->next; + } + auth_match = NULL; + /* match the user in the acl. They are not cached. */ + switch (acltype) { + case ACL_PROXY_AUTH: + matchrv = aclMatchUser(data, MatchParam); + break; + case ACL_PROXY_AUTH_REGEX: + matchrv = aclMatchRegex(data, MatchParam); + default: + /* This is a fatal to ensure that aclCacheMatchAcl calls are _only_ + * made for supported acl types */ + fatal("aclCacheMatchAcl: unknown or unexpected ACL type"); + return 0; /* NOTREACHED */ + } + auth_match = memAllocate(MEM_ACL_PROXY_AUTH_MATCH); + auth_match->matchrv = matchrv; + auth_match->acl_data = data; + dlinkAddTail(auth_match, &auth_match->link, cache); + return matchrv; +} + +void +aclCacheMatchFlush(dlink_list * cache) +{ + acl_proxy_auth_match_cache *auth_match; + dlink_node *link, *tmplink; + link = cache->head; + while (link) { + auth_match = link->data; + tmplink = link; + link = link->next; + dlinkDelete(tmplink, cache); + memFree(auth_match, MEM_ACL_PROXY_AUTH_MATCH); } - return 1; } -/* aclMatchProxyAuth can return three exit codes: - * 0 : user denied access - * 1 : user validated OK - * -1 : check the password for this user via an external authenticator - * -2 : invalid Proxy-authorization: header; - * ask for Proxy-Authorization: header +/* aclMatchProxyAuth can return four exit codes: + * 0 : Authenticated OK, Authorisation for this ACL failed. + * 1 : Authenticated OK, Authorisation OK. + * -1 : send data to an external authenticator + * -2 : send data to the client */ - static int -aclMatchProxyAuth(void *data, const char *proxy_auth, acl_proxy_auth_user * auth_user, aclCheck_t * checklist, squid_acl acltype) +aclMatchProxyAuth(void *data, http_hdr_type headertype, + auth_user_request_t * auth_user_request, aclCheck_t * checklist, squid_acl acltype) { /* checklist is used to register user name when identified, nothing else */ - LOCAL_ARRAY(char, login_buf, USER_IDENT_SZ); - char *user, *password; + const char *proxy_auth; + /* consistent parameters ? */ + assert(auth_user_request == checklist->auth_user_request); - if (!aclDecodeProxyAuth(proxy_auth, &user, &password, login_buf, sizeof(login_buf))) - /* No or invalid Proxy-Auth header */ - return -2; + /* General program flow in proxy_auth acls + * 1. Consistency checks: are we getting sensible data + * 2. Call the authenticate* functions to establish a authenticated user + * 4. look up the username in acltype (and cache the result against the + * username + */ - debug(28, 5) ("aclMatchProxyAuth: checking user '%s'\n", user); + assert(headertype != 0); + proxy_auth = httpHeaderGetStr(&checklist->request->header, headertype); - if (auth_user) { + if (checklist->conn == NULL) { + debug(28, 1) ("aclMatchProxyAuth: no connection data, cannot process authentication\n"); /* - * This should be optimized to a boolean argument indicating that the - * password is invalid, instead of passing full acl_proxy_auth_user - * structures, and all messing with checklist->proxy_auth should - * be restricted the functions that deal with the authenticator. + * deny access: clientreadrequest requires conn data, and it is always + * compiled in so we should have it too. */ +<<<<<<< acl.c assert(auth_user == checklist->auth_user); checklist->auth_user = NULL; /* get rid of that special reference */ /* Check result from external validation */ @@ -1151,74 +1269,131 @@ default: fatal("aclMatchProxyAuth: unknown ACL type"); return 0; /* NOTREACHED */ +======= + return 0; + } + if (((proxy_auth == NULL) && (checklist->conn->auth_type == AUTH_UNKNOWN)) || (checklist->conn->auth_type == AUTH_BROKEN)) { + /* no header or authentication failed/got corrupted - restart */ + checklist->conn->auth_type = AUTH_UNKNOWN; + debug(28, 4) ("aclMatchProxyAuth: broken auth or no proxy_auth header. Requesting auth header.\n"); + /* something wrong with the AUTH credentials. Force a new attempt */ + checklist->auth_user_request = NULL; + checklist->conn->auth_user_request = NULL; + if (auth_user_request) { + /* unlock the ACL lock */ + authenticateAuthUserRequestUnlock(auth_user_request); + } + return -2; + } + /* we have a proxy auth header and as far as we know this connection has + * not had bungled connection oriented authentication happen on it. */ + debug(28, 9) ("aclMatchProxyAuth: header %s.\n", proxy_auth); + if (auth_user_request == NULL) { + debug(28, 9) ("aclMatchProxyAuth: This is a new request on FD:%d\n", checklist->conn->fd); + if ((!checklist->request->auth_user_request) && (checklist->conn->auth_type == AUTH_UNKNOWN)) { + /* beginning of a new request check */ + debug(28, 4) ("aclMatchProxyAuth: no connection authentication type\n"); + if (!authenticateValidateUser(auth_user_request = authenticateGetAuthUser(proxy_auth))) { + /* the decode might have left a username for logging, or a message to + * the user */ + if (authenticateUserRequestUsername(auth_user_request)) { + /* lock the user for the request structure link */ + authenticateAuthUserRequestLock(auth_user_request); + checklist->request->auth_user_request = auth_user_request; + /* unlock the ACL reference. */ + authenticateAuthUserRequestUnlock(auth_user_request); + } + return -2; +>>>>>>> 1.23 } + /* the user_request comes prelocked for the caller to GetAuthUser (us) */ + } else if (checklist->request->auth_user_request) { + auth_user_request = checklist->request->auth_user_request; + /* lock the user request for this ACL processing */ + authenticateAuthUserRequestLock(auth_user_request); } else { - if (Config.onoff.authenticateIpTTLStrict) { - /* Access from some other IP address than the one owning - * this user ID. Deny access - */ - debug(28, 1) ("aclMatchProxyAuth: user '%s' tries to use multple IP addresses!\n", user); - return 0; + if (checklist->conn->auth_user_request != NULL) { + auth_user_request = checklist->conn->auth_user_request; + /* lock the user request for this ACL processing */ + authenticateAuthUserRequestLock(auth_user_request); } else { - /* user has switched to another IP addr */ - debug(28, 1) ("aclMatchProxyAuth: user '%s' has changed IP address\n", user); - /* remove this user from the hash, making him unknown */ - hash_remove_link(proxy_auth_cache, (hash_link *) auth_user); - aclFreeProxyAuthUser(auth_user); - /* require the user to reauthenticate */ + /* failed connection based authentication */ + debug(28, 4) ("aclMatchProxyAuth: Aauth user request %d conn-auth user request %d conn type %d authentication failed.\n", auth_user_request, checklist->conn->auth_user_request, checklist->conn->auth_type); return -2; } } - } else { - /* password mismatch/timeout */ - debug(28, 4) ("aclMatchProxyAuth: user '%s' password mismatch/timeout\n", - user); - /* remove this user from the hash, making him unknown */ - hash_remove_link(proxy_auth_cache, (hash_link *) auth_user); - aclFreeProxyAuthUser(auth_user); - /* ask the external authenticator in case the password is changed */ - /* wrong password will be trapped above so this does not loop */ - return -1; } - /* NOTREACHED */ + /* Clear the reference in the checklist */ + checklist->auth_user_request = NULL; + if (!authenticateUserAuthenticated(auth_user_request)) { + /* User not logged in. Log them in */ + authenticateAuthUserRequestSetIp(auth_user_request, checklist->src_addr); + authenticateAuthenticateUser(auth_user_request, checklist->request, checklist->conn, headertype); + switch (authenticateDirection(auth_user_request)) { + case 1: + /* this ACL check is finished. Unlock. */ + authenticateAuthUserRequestUnlock(auth_user_request); + return -2; + case -1: + /* we are partway through authentication within squid + * store the auth_user for the callback to here */ + checklist->auth_user_request = auth_user_request; + /* we will be called back here. Do not Unlock */ + return -1; + case -2: + /* this ACL check is finished. Unlock. */ + authenticateAuthUserRequestUnlock(auth_user_request); + return -2; + } /* on 0 the authentication is finished - fallthrough */ + /* See of user authentication failed for some reason */ + if (!authenticateUserAuthenticated(auth_user_request)) { + if ((!checklist->rfc931[0]) && + (authenticateUserRequestUsername(auth_user_request))) { + if (!checklist->request->auth_user_request) { + /* lock the user for the request structure link */ + authenticateAuthUserRequestLock(auth_user_request); + checklist->request->auth_user_request = auth_user_request; + } + } + /* this ACL check is finished. Unlock. */ + authenticateAuthUserRequestUnlock(auth_user_request); + return -2; + + } + } + /* User authenticated ok */ + assert(authenticateUserAuthenticated(auth_user_request)); + /* copy username to request for logging on client-side */ + /* the credentials are correct at this point */ + if (!checklist->request->auth_user_request) { + /* lock the user for the request structure link */ + authenticateAuthUserRequestLock(auth_user_request); + checklist->request->auth_user_request = auth_user_request; + } + if (authenticateCheckAuthUserIP(checklist->src_addr, auth_user_request)) { + /* Once the match is completed we have finished with the + * auth_user structure */ + /* this ACL check completed */ + authenticateAuthUserRequestUnlock(auth_user_request); + /* check to see if we have matched the user-acl before */ + return aclCacheMatchAcl(&auth_user_request->auth_user->proxy_match_cache, + acltype, data, authenticateUserRequestUsername(auth_user_request)); + } + /* this acl check completed */ + authenticateAuthUserRequestUnlock(auth_user_request); + return 0; } static void aclLookupProxyAuthStart(aclCheck_t * checklist) { - LOCAL_ARRAY(char, login_buf, USER_IDENT_SZ); - const char *proxy_auth; - char *user, *password; - int ok; - acl_proxy_auth_user *auth_user; - assert(!checklist->auth_user); - if (!checklist->request->flags.accelerated) { - /* Proxy auth on proxy requests */ - proxy_auth = httpHeaderGetStr(&checklist->request->header, - HDR_PROXY_AUTHORIZATION); - } else { - /* WWW auth on accelerated requests */ - proxy_auth = httpHeaderGetStr(&checklist->request->header, - HDR_AUTHORIZATION); - } - ok = aclDecodeProxyAuth(proxy_auth, &user, &password, login_buf, - sizeof(login_buf)); - /* - * if aclDecodeProxyAuth() fails, the same call should have failed - * in aclMatchProxyAuth, and we should never get this far. - */ - assert(ok); - debug(28, 4) ("aclLookupProxyAuthStart: going to ask authenticator on %s\n", user); - /* we must still check this user's password */ - auth_user = memAllocate(MEM_ACL_PROXY_AUTH_USER); - auth_user->hash.key = xstrdup(user); - auth_user->passwd = xstrdup(password); - auth_user->passwd_ok = -1; - auth_user->expiretime = -1; - checklist->auth_user = auth_user; - authenticateStart(checklist->auth_user, aclLookupProxyAuthDone, - checklist); + auth_user_request_t *auth_user_request; + assert(checklist->auth_user_request != NULL); /* this is created for us */ + auth_user_request = checklist->auth_user_request; + + assert(authenticateValidateUser(auth_user_request)); + authenticateStart(auth_user_request, aclLookupProxyAuthDone, checklist); } static int @@ -1317,8 +1492,28 @@ const char *header; const char *browser; int k; + http_hdr_type headertype; if (!ae) return 0; + switch (ae->type) { + case ACL_DST_IP: + case ACL_DST_DOMAIN: + case ACL_DST_DOM_REGEX: + case ACL_URLPATH_REGEX: + case ACL_URL_PORT: + case ACL_PROTO: + case ACL_METHOD: + case ACL_DST_ASN: + /* These ACL types require checklist->request */ + if (NULL == r) { + debug(28, 1) ("WARNING: '%s' ACL is used but there is no" + " HTTP request -- access denied.\n", ae->name); + return 0; + } + break; + default: + break; + } debug(28, 3) ("aclMatchAcl: checking '%s'\n", ae->cfgline); switch (ae->type) { case ACL_SRC_IP: @@ -1425,16 +1620,16 @@ /* NOTREACHED */ #if USE_IDENT case ACL_IDENT: - if (checklist->ident[0]) { - return aclMatchUser(ae->data, checklist->ident); + if (checklist->rfc931[0]) { + return aclMatchUser(ae->data, checklist->rfc931); } else { checklist->state[ACL_IDENT] = ACL_LOOKUP_NEEDED; return 0; } /* NOTREACHED */ case ACL_IDENT_REGEX: - if (checklist->ident[0]) { - return aclMatchRegex(ae->data, checklist->ident); + if (checklist->rfc931[0]) { + return aclMatchRegex(ae->data, checklist->rfc931); } else { checklist->state[ACL_IDENT] = ACL_LOOKUP_NEEDED; return 0; @@ -1459,48 +1654,39 @@ return -1; } else if (!r->flags.accelerated) { /* Proxy authorization on proxy requests */ - header = httpHeaderGetStr(&checklist->request->header, - HDR_PROXY_AUTHORIZATION); + headertype = HDR_PROXY_AUTHORIZATION; } else if (r->flags.internal) { /* WWW authorization on accelerated internal requests */ - header = httpHeaderGetStr(&checklist->request->header, - HDR_AUTHORIZATION); + headertype = HDR_AUTHORIZATION; } else { #if AUTH_ON_ACCELERATION /* WWW authorization on accelerated requests */ - header = httpHeaderGetStr(&checklist->request->header, - HDR_AUTHORIZATION); + headertype = HDR_AUTHORIZATION; #else debug(28, 1) ("aclMatchAcl: proxy_auth %s not applicable on accelerated requests.\n", ae->name); return -1; #endif } - /* - * Register that we used the proxy authentication header so that - * it is not forwarded to the next proxy - */ - r->flags.used_proxy_auth = 1; - /* Check the password */ - switch (aclMatchProxyAuth(ae->data, - header, - checklist->auth_user, - checklist, - ae->type)) { + /* Check the credentials */ + switch (aclMatchProxyAuth(ae->data, headertype, + checklist->auth_user_request, checklist, ae->type)) { case 0: - /* Correct password, but was not allowed in this ACL */ + debug(28, 4) ("aclMatchAcl: returning 0 user authenticated but not authorised.\n"); + /* Authenticated but not Authorised for this ACL */ return 0; case 1: - /* user validated OK */ + debug(28, 4) ("aclMatchAcl: returning 1 user authenticated and authorised.\n"); + /* Authenticated and Authorised for this ACL */ return 1; case -2: - /* no such user OR we need a proxy authentication header */ + debug(28, 4) ("aclMatchAcl: returning 0 sending authentication challenge.\n"); + /* Authentication credentials invalid or missing. */ + /* Or partway through NTLM handshake. A proxy_Authenticate header + * gets sent to the client. */ checklist->state[ACL_PROXY_AUTH] = ACL_PROXY_AUTH_NEEDED; - /* - * XXX This is a bit oddly done.. should perhaps use different - * return codes here - */ return 0; case -1: + debug(28, 4) ("aclMatchAcl: returning 0 sending credentials to helper.\n"); /* * we need to validate the password */ @@ -1543,13 +1729,22 @@ header = ""; return aclMatchRegex(ae->data, header); /* NOTREACHED */ + case ACL_REP_MIME_TYPE: + if (!checklist->reply) + return 0; + header = httpHeaderGetStr(&checklist->reply->header, + HDR_CONTENT_TYPE); + if (NULL == header) + header = ""; + return aclMatchRegex(ae->data, header); + /* NOTREACHED */ case ACL_NONE: - default: - debug(28, 0) ("aclMatchAcl: '%s' has bad type %d\n", - ae->name, ae->type); - return 0; + case ACL_ENUM_MAX: + break; } - /* NOTREACHED */ + debug(28, 0) ("aclMatchAcl: '%s' has bad type %d\n", + ae->name, ae->type); + return 0; } int @@ -1572,16 +1767,16 @@ int aclCheckFast(const acl_access * A, aclCheck_t * checklist) { - int allow = 0; + allow_t allow = ACCESS_DENIED; debug(28, 5) ("aclCheckFast: list: %p\n", A); while (A) { allow = A->allow; if (aclMatchAclList(A->acl_list, checklist)) - return allow; + return allow == ACCESS_ALLOWED; A = A->next; } - debug(28, 5) ("aclCheckFast: no matches, returning: %d\n", !allow); - return !allow; + debug(28, 5) ("aclCheckFast: no matches, returning: %d\n", allow == ACCESS_DENIED); + return allow == ACCESS_DENIED; } static void @@ -1635,14 +1830,17 @@ checklist); return; } else if (checklist->state[ACL_PROXY_AUTH] == ACL_LOOKUP_NEEDED) { - debug(28, 3) ("aclCheck: checking password via authenticator\n"); + debug(28, 3) + ("aclCheck: checking password via authenticator\n"); aclLookupProxyAuthStart(checklist); checklist->state[ACL_PROXY_AUTH] = ACL_LOOKUP_PENDING; return; } else if (checklist->state[ACL_PROXY_AUTH] == ACL_PROXY_AUTH_NEEDED) { - /* Special case. Client is required to resend the request - * with authentication. The request is denied. + /* Client is required to resend the request with correct authentication + * credentials. (This may be part of a stateful auth protocol. + * The request is denied. */ + debug(28, 6) ("aclCheck: requiring Proxy Auth header.\n"); allow = ACCESS_REQ_PROXY_AUTH; match = -1; } @@ -1681,8 +1879,8 @@ if (A->next) cbdataLock(A->next); } - debug(28, 3) ("aclCheck: NO match found, returning %d\n", !allow); - aclCheckCallback(checklist, !allow); + debug(28, 3) ("aclCheck: NO match found, returning %d\n", allow != ACCESS_DENIED ? ACCESS_DENIED : ACCESS_ALLOWED); + aclCheckCallback(checklist, allow != ACCESS_DENIED ? ACCESS_DENIED : ACCESS_ALLOWED); } void @@ -1709,6 +1907,9 @@ cbdataUnlock(checklist->callback_data); checklist->callback = NULL; checklist->callback_data = NULL; + /* XXX: this assert is here to check for misbehaved acl authentication code. + * It can probably go sometime soon. */ + assert(checklist->auth_user_request == NULL); aclChecklistFree(checklist); } @@ -1718,17 +1919,19 @@ { aclCheck_t *checklist = data; if (ident) { - xstrncpy(checklist->ident, ident, sizeof(checklist->ident)); - xstrncpy(checklist->request->user_ident, ident, sizeof(checklist->request->user_ident)); + xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ); +#if DONT + xstrncpy(checklist->request->authuser, ident, USER_IDENT_SZ); +#endif } else { - xstrncpy(checklist->ident, "-", sizeof(checklist->ident)); + xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ); } /* * Cache the ident result in the connection, to avoid redoing ident lookup * over and over on persistent connections */ - if (cbdataValid(checklist->conn) && !checklist->conn->ident[0]) - xstrncpy(checklist->conn->ident, checklist->ident, sizeof(checklist->conn->ident)); + if (cbdataValid(checklist->conn) && !checklist->conn->rfc931[0]) + xstrncpy(checklist->conn->rfc931, checklist->rfc931, USER_IDENT_SZ); aclCheck(checklist); } #endif @@ -1769,13 +1972,23 @@ aclLookupProxyAuthDone(void *data, char *result) { aclCheck_t *checklist = data; + auth_user_request_t *auth_user_request; checklist->state[ACL_PROXY_AUTH] = ACL_LOOKUP_DONE; - debug(28, 4) ("aclLookupProxyAuthDone: result = %s\n", - result ? result : "NULL"); - if (result && (strncasecmp(result, "OK", 2) == 0)) - checklist->auth_user->passwd_ok = 1; - else - checklist->auth_user->passwd_ok = 0; + if (result != NULL) + fatal("AclLookupProxyAuthDone: Old code floating around somewhere.\nMake clean and if that doesn't work, report a bug to the squid developers.\n"); + /* state info check */ + assert(checklist->conn != NULL); + auth_user_request = checklist->auth_user_request; + if (!authenticateValidateUser(auth_user_request)) { + /* credentials could not be checked either way + * restart the whole process */ + checklist->conn->auth_user_request = NULL; + checklist->conn->auth_type = AUTH_BROKEN; + checklist->auth_user_request = NULL; + authenticateAuthUserRequestUnlock(auth_user_request); + aclCheck(checklist); + return; + } aclCheck(checklist); } @@ -1785,8 +1998,8 @@ const char *ident) { int i; - aclCheck_t *checklist = memAllocate(MEM_ACLCHECK_T); - cbdataAdd(checklist, memFree, MEM_ACLCHECK_T); + aclCheck_t *checklist; + checklist = CBDATA_ALLOC(aclCheck_t, NULL); checklist->access_list = A; /* * aclCheck() makes sure checklist->access_list is a valid @@ -1803,9 +2016,9 @@ checklist->state[i] = ACL_LOOKUP_NONE; #if USE_IDENT if (ident) - xstrncpy(checklist->ident, ident, USER_IDENT_SZ); + xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ); #endif - checklist->auth_user = NULL; /* init to NULL */ + checklist->auth_user_request = NULL; return checklist; } @@ -1851,20 +2064,21 @@ } static void -aclFreeProxyAuthUser(void *data) +aclFreeIpData(void *p) { - acl_proxy_auth_user *u = data; - xfree(u->hash.key); - xfree(u->passwd); - memFree(u, MEM_ACL_PROXY_AUTH_USER); + memFree(p, MEM_ACL_IP_DATA); } static void -aclFreeIpData(void *p) +aclFreeUserData(void *data) { - memFree(p, MEM_ACL_IP_DATA); + acl_user_data *d = data; + if (d->names) + splay_destroy(d->names, xfree); + memFree(d, MEM_ACL_USER_DATA); } + void aclDestroyAcls(acl ** head) { @@ -1879,19 +2093,25 @@ case ACL_MY_IP: splay_destroy(a->data, aclFreeIpData); break; +#if USE_ARP_ACL case ACL_SRC_ARP: +#endif case ACL_DST_DOMAIN: case ACL_SRC_DOMAIN: splay_destroy(a->data, xfree); break; #if SQUID_SNMP case ACL_SNMP_COMMUNITY: + wordlistDestroy((wordlist **) & a->data); + break; #endif #if USE_IDENT case ACL_IDENT: + aclFreeUserData(a->data); + break; #endif case ACL_PROXY_AUTH: - wordlistDestroy((wordlist **) & a->data); + aclFreeUserData(a->data); break; case ACL_TIME: aclDestroyTimeList(a->data); @@ -1905,13 +2125,17 @@ case ACL_BROWSER: case ACL_SRC_DOM_REGEX: case ACL_DST_DOM_REGEX: + case ACL_REP_MIME_TYPE: + case ACL_REQ_MIME_TYPE: aclDestroyRegexList(a->data); break; case ACL_PROTO: case ACL_METHOD: case ACL_SRC_ASN: case ACL_DST_ASN: +#if SRC_RTT_NOT_YET_FINISHED case ACL_NETDB_SRC_RTT: +#endif case ACL_MAXCONN: intlistDestroy((intlist **) & a->data); break; @@ -1920,7 +2144,7 @@ aclDestroyIntRange(a->data); break; case ACL_NONE: - default: + case ACL_ENUM_MAX: debug(28, 1) ("aclDestroyAcls: no case for ACL type %d\n", a->type); break; } @@ -2058,6 +2282,7 @@ *(p1++) &= *(p2++); } +<<<<<<< acl.c if (ADDR_IS_ANYADDR(C)) { return memcmp(&A, &B, sizeof(struct IN_ADDR)); } else { @@ -2067,6 +2292,33 @@ static void +======= +static void +aclDumpUserListWalkee(void *node_data, void *outlist) +{ + /* outlist is really a wordlist ** */ + wordlistAdd(outlist, node_data); +} + +static wordlist * +aclDumpUserList(acl_user_data * data) +{ + wordlist *wl = NULL; + if (data->flags.case_insensitive) + wordlistAdd(&wl, "-i"); + /* damn this is VERY inefficient for long ACL lists... filling + * a wordlist this way costs Sum(1,N) iterations. For instance + * a 1000-elements list will be filled in 499500 iterations. + */ + if (data->flags.required) + wordlistAdd(&wl, "REQUIRED"); + else if (data->names) + splay_walk(data->names, aclDumpUserListWalkee, &wl); + return wl; +} + +static void +>>>>>>> 1.23 aclDumpIpListWalkee(void *node, void *state) { acl_ip_data *ip = node; @@ -2200,61 +2452,52 @@ case ACL_DST_IP: case ACL_MY_IP: return aclDumpIpList(a->data); - break; case ACL_SRC_DOMAIN: case ACL_DST_DOMAIN: return aclDumpDomainList(a->data); - break; #if SQUID_SNMP case ACL_SNMP_COMMUNITY: + return wordlistDup(a->data); #endif #if USE_IDENT case ACL_IDENT: - return wordlistDup(a->data); - break; + return aclDumpUserList(a->data); case ACL_IDENT_REGEX: return aclDumpRegexList(a->data); - break; #endif case ACL_PROXY_AUTH: - return wordlistDup(a->data); - break; + return aclDumpUserList(a->data); case ACL_TIME: return aclDumpTimeSpecList(a->data); - break; case ACL_PROXY_AUTH_REGEX: case ACL_URL_REGEX: case ACL_URLPATH_REGEX: case ACL_BROWSER: case ACL_SRC_DOM_REGEX: case ACL_DST_DOM_REGEX: + case ACL_REQ_MIME_TYPE: + case ACL_REP_MIME_TYPE: return aclDumpRegexList(a->data); - break; case ACL_SRC_ASN: case ACL_MAXCONN: case ACL_DST_ASN: return aclDumpIntlistList(a->data); - break; case ACL_URL_PORT: case ACL_MY_PORT: return aclDumpIntRangeList(a->data); - break; case ACL_PROTO: return aclDumpProtoList(a->data); - break; case ACL_METHOD: return aclDumpMethodList(a->data); - break; #if USE_ARP_ACL case ACL_SRC_ARP: return aclDumpArpList(a->data); - break; #endif case ACL_NONE: - default: - debug(28, 1) ("aclDumpGeneric: no case for ACL type %d\n", a->type); + case ACL_ENUM_MAX: break; } + debug(28, 1) ("aclDumpGeneric: no case for ACL type %d\n", a->type); return NULL; } Index: squid/src/asn.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/asn.c,v retrieving revision 1.4.4.1 retrieving revision 1.4.4.2 diff -u -r1.4.4.1 -r1.4.4.2 --- squid/src/asn.c 7 Dec 2000 13:58:11 -0000 1.4.4.1 +++ squid/src/asn.c 27 Feb 2001 14:18:51 -0000 1.4.4.2 @@ -1,21 +1,21 @@ /* - * $Id: asn.c,v 1.4.4.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: asn.c,v 1.4.4.2 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 53 AS Number handling * AUTHOR: Duane Wessels, Kostas Anagnostakis * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -93,9 +93,6 @@ static void destroyRadixNodeInfo(as_info *); static OBJH asnStats; -extern struct radix_node *rn_lookup(void *, void *, void *); - - /* PUBLIC */ int @@ -151,12 +148,14 @@ /* initialize the radix tree structure */ +CBDATA_TYPE(ASState); void asnInit(void) { extern int max_keylen; static int inited = 0; max_keylen = 40; + CBDATA_INIT_TYPE(ASState); if (0 == inited++) rn_init(); rn_inithead((void **) &AS_tree_head, 8); @@ -187,8 +186,8 @@ LOCAL_ARRAY(char, asres, 4096); StoreEntry *e; request_t *req; - ASState *asState = xcalloc(1, sizeof(ASState)); - cbdataAdd(asState, cbdataXfree, 0); + ASState *asState; + asState = CBDATA_ALLOC(ASState, NULL); debug(53, 3) ("asnCacheStart: AS %d\n", as); snprintf(asres, 4096, "whois://%s/!gAS%d", Config.as_whois_server, as); asState->as_number = as; @@ -272,7 +271,7 @@ e, asState->seen, asState->offset, - SM_PAGE_SIZE, + 4096, buf, asHandleReply, asState); @@ -282,7 +281,7 @@ e, asState->seen, asState->offset, - SM_PAGE_SIZE, + 4096, buf, asHandleReply, asState); @@ -408,7 +407,7 @@ xfree(data); } -int +static int mask_len(int mask) { int len = 32; Index: squid/src/authenticate.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/authenticate.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/authenticate.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/authenticate.c 27 Feb 2001 14:18:51 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: authenticate.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: authenticate.c,v 1.4.6.1 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 29 Authenticator * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -33,106 +33,676 @@ * */ -#include "squid.h" +/* The functions in this file handle authentication. + * They DO NOT perform access control or auditing. + * See acl.c for access control and client_side.c for auditing */ + -typedef struct { - void *data; - acl_proxy_auth_user *auth_user; - RH *handler; -} authenticateStateData; - -static HLPCB authenticateHandleReply; -static void authenticateStateFree(authenticateStateData * r); -static helper *authenticators = NULL; +#include "squid.h" static void -authenticateHandleReply(void *data, char *reply) + authenticateDecodeAuth(const char *proxy_auth, auth_user_request_t * auth_user_request); + +/* + * + * Private Data + * + */ + +MemPool *auth_user_request_pool = NULL; + +/* Generic Functions */ + + +static int +authenticateAuthSchemeConfigured(const char *proxy_auth) { - authenticateStateData *r = data; - int valid; - char *t = NULL; - debug(29, 5) ("authenticateHandleReply: {%s}\n", reply ? reply : ""); - if (reply) { - if ((t = strchr(reply, ' '))) - *t = '\0'; - if (*reply == '\0') - reply = NULL; - } - valid = cbdataValid(r->data); - cbdataUnlock(r->data); - if (valid) - r->handler(r->data, reply); - authenticateStateFree(r); + authScheme *scheme; + int i; + for (i = 0; i < Config.authConfig.n_configured; i++) { + scheme = Config.authConfig.schemes + i; + if ((strncasecmp(proxy_auth, scheme->typestr, strlen(scheme->typestr)) == 0) && + (authscheme_list[scheme->Id].Active())) + return 1; + } + return 0; } -static void -authenticateStateFree(authenticateStateData * r) +int +authenticateAuthSchemeId(const char *typestr) { - cbdataFree(r); + int i = 0; + for (i = 0; authscheme_list && authscheme_list[i].typestr; i++) { + if (strncasecmp(typestr, authscheme_list[i].typestr, strlen(authscheme_list[i].typestr)) == 0) { + return i; + } + } + return -1; } -static void -authenticateStats(StoreEntry * sentry) +void +authenticateDecodeAuth(const char *proxy_auth, auth_user_request_t * auth_user_request) { - storeAppendPrintf(sentry, "Authenticator Statistics:\n"); - helperStats(sentry, authenticators); + int i = 0; + assert(proxy_auth != NULL); + assert(auth_user_request != NULL); /* we need this created for us. */ + debug(29, 9) ("authenticateDecodeAuth: header = '%s'\n", proxy_auth); + if (authenticateAuthSchemeConfigured(proxy_auth)) { + /* we're configured to use this scheme - but is it active ? */ + if ((i = authenticateAuthSchemeId(proxy_auth)) != -1) { + authscheme_list[i].decodeauth(auth_user_request, proxy_auth); + auth_user_request->auth_user->auth_module = i + 1; + return; + } + } + debug(29, 1) + ("authenticateDecodeAuth: Unsupported or unconfigured proxy-auth scheme, '%s'\n", + proxy_auth); + return; } -/**** PUBLIC FUNCTIONS ****/ +/* clear any connection related authentication details */ +void +authenticateOnCloseConnection(ConnStateData * conn) +{ + auth_user_request_t *auth_user_request; + assert(conn != NULL); + if (conn->auth_user_request != NULL) { + auth_user_request = conn->auth_user_request; + if (authscheme_list[auth_user_request->auth_user->auth_module - 1].oncloseconnection) { + authscheme_list[auth_user_request->auth_user->auth_module - 1].oncloseconnection(conn); + } + } +} +/**** PUBLIC FUNCTIONS (ALL GENERIC!) ****/ +/* send the initial data to an authenticator module */ void -authenticateStart(acl_proxy_auth_user * auth_user, RH * handler, void *data) +authenticateStart(auth_user_request_t * auth_user_request, RH * handler, void *data) { - authenticateStateData *r = NULL; - char buf[8192]; - assert(auth_user); + assert(auth_user_request); assert(handler); - debug(29, 5) ("authenticateStart: '%s:%s'\n", hashKeyStr(&auth_user->hash), - auth_user->passwd); - if (Config.Program.authenticate == NULL) { + debug(29, 9) ("authenticateStart: auth_user_request '%p'\n", auth_user_request); + if (auth_user_request->auth_user->auth_module > 0) + authscheme_list[auth_user_request->auth_user->auth_module - 1].authStart(auth_user_request, handler, data); + else handler(data, NULL); - return; +} + +/* + * Check a auth_user pointer for validity. Does not check passwords, just data + * sensability. Broken or Unknown auth_types are not valid for use... + */ + +int +authenticateValidateUser(auth_user_request_t * auth_user_request) +{ + debug(29, 9) ("authenticateValidateUser: Validating Auth_user request '%p'.\n", auth_user_request); + if (auth_user_request == NULL) { + debug(29, 4) ("authenticateValidateUser: Auth_user_request was NULL!\n"); + return 0; + } + if (auth_user_request->auth_user == NULL) { + debug(29, 4) ("authenticateValidateUser: No associated auth_user structure\n"); + return 0; } - r = xcalloc(1, sizeof(authenticateStateData)); - cbdataAdd(r, cbdataXfree, 0); - r->handler = handler; - cbdataLock(data); - r->data = data; - r->auth_user = auth_user; - snprintf(buf, 8192, "%s %s\n", hashKeyStr(&r->auth_user->hash), - r->auth_user->passwd); - helperSubmit(authenticators, buf, authenticateHandleReply, r); + if (auth_user_request->auth_user->auth_type == AUTH_UNKNOWN) { + debug(29, 4) ("authenticateValidateUser: Auth_user '%p' uses unknown scheme.\n", auth_user_request->auth_user); + return 0; + } + if (auth_user_request->auth_user->auth_type == AUTH_BROKEN) { + debug(29, 4) ("authenticateValidateUser: Auth_user '%p' is broken for it's scheme.\n", auth_user_request->auth_user); + return 0; + } + /* any other sanity checks that we need in the future */ + + /* Thus should a module call to something like authValidate */ + + /* finally return ok */ + debug(29, 4) ("authenticateValidateUser: Validated Auth_user request '%p'.\n", auth_user_request); + return 1; + } -void -authenticateInit(void) +auth_user_t * +authenticateAuthUserNew(const char *scheme) +{ + auth_user_t *temp_auth; + temp_auth = memAllocate(MEM_AUTH_USER_T); + assert(temp_auth != NULL); + temp_auth->auth_type = AUTH_UNKNOWN; + temp_auth->references = 0; + temp_auth->auth_module = authenticateAuthSchemeId(scheme) + 1; + return temp_auth; +} + +static auth_user_request_t * +authenticateAuthUserRequestNew(void) +{ + auth_user_request_t *temp_request; + if (!auth_user_request_pool) + auth_user_request_pool = memPoolCreate("Authenticate Request Data", sizeof(auth_user_request_t)); + temp_request = memPoolAlloc(auth_user_request_pool); + assert(temp_request != NULL); + temp_request->auth_user = NULL; + temp_request->message = NULL; + temp_request->scheme_data = NULL; + temp_request->references = 0; + return temp_request; +} + +static void +authenticateAuthUserRequestFree(auth_user_request_t * auth_user_request) { - static int init = 0; - if (!Config.Program.authenticate) + dlink_node *link; + debug(29, 5) ("authenticateAuthUserRequestFree: freeing request %p\n", auth_user_request); + if (!auth_user_request) return; - if (authenticators == NULL) - authenticators = helperCreate("authenticator"); - authenticators->cmdline = Config.Program.authenticate; - authenticators->n_to_start = Config.authenticateChildren; - authenticators->ipc_type = IPC_TCP_SOCKET; - helperOpenServers(authenticators); - if (!init) { - cachemgrRegister("authenticator", - "User Authenticator Stats", - authenticateStats, 0, 1); - init++; + assert(auth_user_request->references == 0); + if (auth_user_request->auth_user) { + if (auth_user_request->scheme_data != NULL) { + /* we MUST know the module */ + assert((auth_user_request->auth_user->auth_module > 0)); + /* and the module MUST support requestFree if it has created scheme data */ + assert(authscheme_list[auth_user_request->auth_user->auth_module - 1].requestFree != NULL); + authscheme_list[auth_user_request->auth_user->auth_module - 1].requestFree(auth_user_request); + } + /* unlink from the auth_user struct */ + link = auth_user_request->auth_user->requests.head; + while (link && (link->data != auth_user_request)) + link = link->next; + assert(link != NULL); + dlinkDelete(link, &auth_user_request->auth_user->requests); + dlinkNodeDelete(link); + + /* unlock the request structure's lock */ + authenticateAuthUserUnlock(auth_user_request->auth_user); + auth_user_request->auth_user = NULL; + } else + assert(auth_user_request->scheme_data == NULL); + if (auth_user_request->message) + xfree(auth_user_request->message); +} + +char * +authenticateAuthUserRequestMessage(auth_user_request_t * auth_user_request) +{ + if (auth_user_request) + return auth_user_request->message; + return NULL; +} + +void +authenticateAuthUserRequestSetIp(auth_user_request_t * auth_user_request, struct in_addr ipaddr) +{ + if (auth_user_request->auth_user) + if (!auth_user_request->auth_user->ipaddr.s_addr) + auth_user_request->auth_user->ipaddr = ipaddr; +} + +/* Get Auth User: Return a filled out auth_user structure for the given + * Proxy Auth (or Auth) header. It may be a cached Auth User or a new + * Unauthenticated structure. The structure is given an inital lock here. + */ +auth_user_request_t * +authenticateGetAuthUser(const char *proxy_auth) +{ + auth_user_request_t *auth_user_request = authenticateAuthUserRequestNew(); + /* and lock for the callers instance */ + authenticateAuthUserRequestLock(auth_user_request); + authenticateDecodeAuth(proxy_auth, auth_user_request); + return auth_user_request; +} + +/* + * authenticateUserAuthenticated: is this auth_user structure logged in ? + */ +int +authenticateUserAuthenticated(auth_user_request_t * auth_user_request) +{ + assert(authenticateValidateUser(auth_user_request)); + if (auth_user_request->auth_user->auth_module > 0) + return authscheme_list[auth_user_request->auth_user->auth_module - 1].authenticated(auth_user_request); + else + return 0; +} + +/* + * authenticateAuthenticateUser: log this user request in. + * Cache hits may change the auth_user pointer in the structure if needed. + * This is basically a handle approach. + */ +void +authenticateAuthenticateUser(auth_user_request_t * auth_user_request, request_t * request, ConnStateData * conn, http_hdr_type type) +{ + assert(auth_user_request != NULL); + if (auth_user_request->auth_user->auth_module > 0) + authscheme_list[auth_user_request->auth_user->auth_module - 1].authAuthenticate(auth_user_request, request, conn, type); +} + +/* authenticateUserUsername: return a pointer to the username in the */ +char * +authenticateUserUsername(auth_user_t * auth_user) +{ + if (!auth_user) + return NULL; + if (auth_user->auth_module > 0) + return authscheme_list[auth_user->auth_module - 1].authUserUsername(auth_user); + return NULL; +} + +/* authenticateUserRequestUsername: return a pointer to the username in the */ +char * +authenticateUserRequestUsername(auth_user_request_t * auth_user_request) +{ + assert(auth_user_request != NULL); + if (auth_user_request->auth_user) + return authenticateUserUsername(auth_user_request->auth_user); + else + return NULL; +} + +/* returns + * 0: no output needed + * 1: send to client + * -1: send to helper + * -2: authenticate broken in some fashion + */ +int +authenticateDirection(auth_user_request_t * auth_user_request) +{ + if (!auth_user_request) + return -2; + if (authenticateUserAuthenticated(auth_user_request)) + return 0; + if (auth_user_request->auth_user->auth_module > 0) + return authscheme_list[auth_user_request->auth_user->auth_module - 1].getdirection(auth_user_request); + return -2; +} + +int +authenticateActiveSchemeCount(void) +{ + int i = 0, rv = 0; + for (i = 0; authscheme_list && authscheme_list[i].typestr; i++) + if (authscheme_list[i].configured()) + rv++; + debug(29, 9) ("authenticateActiveSchemeCount: %d active.\n", rv); + return rv; +} + +int +authenticateSchemeCount(void) +{ + int i = 0, rv = 0; + for (i = 0; authscheme_list && authscheme_list[i].typestr; i++) + rv++; + debug(29, 9) ("authenticateSchemeCount: %d active.\n", rv); + return rv; +} + +void +authenticateSchemeInit(void) +{ + authSchemeSetup(); +} + +void +authenticateInit(authConfig * config) +{ + int i; + authScheme *scheme; + for (i = 0; i < config->n_configured; i++) { + scheme = config->schemes + i; + if (authscheme_list[scheme->Id].init && authscheme_list[scheme->Id].configured()) { + authscheme_list[scheme->Id].init(scheme); + } } + if (!proxy_auth_username_cache) + authenticateInitUserCache(); } void authenticateShutdown(void) { - if (!authenticators) - return; - helperShutdown(authenticators); - if (!shutting_down) - return; - helperFree(authenticators); - authenticators = NULL; + int i; + debug(29, 2) ("authenticateShutdown: shutting down auth schemes\n"); + /* find the currently known authscheme types */ + for (i = 0; authscheme_list && authscheme_list[i].typestr; i++) { + if (authscheme_list[i].donefunc != NULL) + authscheme_list[i].donefunc(); + else + debug(29, 2) ("authenticateShutdown: scheme %s has not registered a shutdown function.\n", authscheme_list[i].typestr); + if (shutting_down) + authscheme_list[i].typestr = NULL; + } +} + +void +authenticateFixHeader(HttpReply * rep, auth_user_request_t * auth_user_request, request_t * request, int accelerated) +/* send the auth types we are configured to support (and have compiled in!) */ +{ +/* auth_type_t auth_type=err->auth_type; + * auth_state_t auth_state=err->auth_state; + * char *authchallenge=err->authchallenge; + * auth_user_request_t *auth_user_request=err->auth_user_request; + */ + int type = 0; + switch (rep->sline.status) { + case HTTP_PROXY_AUTHENTICATION_REQUIRED: + /* Proxy authorisation needed */ + type = HDR_PROXY_AUTHENTICATE; + break; + case HTTP_UNAUTHORIZED: + /* WWW Authorisation needed */ + type = HDR_WWW_AUTHENTICATE; + break; + default: + /* Keep GCC happy */ + /* some other HTTP status */ + break; + } + debug(29, 9) ("authenticateFixHeader: headertype:%d authuser:%p\n", type, auth_user_request); + if ((rep->sline.status == HTTP_PROXY_AUTHENTICATION_REQUIRED) + || (rep->sline.status == HTTP_UNAUTHORIZED)) + /* this is a authenticate-needed response */ + { + if ((auth_user_request != NULL) && (auth_user_request->auth_user->auth_module > 0)) + authscheme_list[auth_user_request->auth_user->auth_module - 1].authFixHeader(auth_user_request, rep, type, request); + else { + int i; + authScheme *scheme; + /* call each configured & running authscheme */ + for (i = 0; i < Config.authConfig.n_configured; i++) { + scheme = Config.authConfig.schemes + i; + if (authscheme_list[scheme->Id].Active()) + authscheme_list[scheme->Id].authFixHeader(auth_user_request, rep, type, + request); + else + debug(29, 4) ("authenticateFixHeader: Configured scheme %s not Active\n", scheme->typestr); + } + } + } + if ((auth_user_request != NULL) && (auth_user_request->auth_user->auth_module > 0) + && (authscheme_list[auth_user_request->auth_user->auth_module - 1].AddHeader)) + authscheme_list[auth_user_request->auth_user->auth_module - 1].AddHeader(auth_user_request, rep, accelerated); +} + +/* call the active auth module and allow it to add a trailer to the request */ +void +authenticateAddTrailer(HttpReply * rep, auth_user_request_t * auth_user_request, request_t * request, int accelerated) +{ + if ((auth_user_request != NULL) && (auth_user_request->auth_user->auth_module > 0) + && (authscheme_list[auth_user_request->auth_user->auth_module - 1].AddTrailer)) + authscheme_list[auth_user_request->auth_user->auth_module - 1].AddTrailer(auth_user_request, rep, accelerated); +} + +void +authenticateAuthUserLock(auth_user_t * auth_user) +{ + debug(29, 9) ("authenticateAuthUserLock auth_user '%p'.\n", auth_user); + assert(auth_user != NULL); + auth_user->references++; + debug(29, 9) ("authenticateAuthUserLock auth_user '%p' now at '%d'.\n", auth_user, auth_user->references); +} + +void +authenticateAuthUserUnlock(auth_user_t * auth_user) +{ + debug(29, 9) ("authenticateAuthUserUnlock auth_user '%p'.\n", auth_user); + assert(auth_user != NULL); + if (auth_user->references > 0) { + auth_user->references--; + } else { + debug(29, 1) ("Attempt to lower Auth User %p refcount below 0!\n", auth_user); + } + debug(29, 9) ("authenticateAuthUserUnlock auth_user '%p' now at '%d'.\n", auth_user, auth_user->references); + if (auth_user->references == 0) + authenticateFreeProxyAuthUser(auth_user); +} + +void +authenticateAuthUserRequestLock(auth_user_request_t * auth_user_request) +{ + debug(29, 9) ("authenticateAuthUserRequestLock auth_user request '%p'.\n", auth_user_request); + assert(auth_user_request != NULL); + auth_user_request->references++; + debug(29, 9) ("authenticateAuthUserRequestLock auth_user request '%p' now at '%d'.\n", auth_user_request, auth_user_request->references); +} + +void +authenticateAuthUserRequestUnlock(auth_user_request_t * auth_user_request) +{ + debug(29, 9) ("authenticateAuthUserRequestUnlock auth_user request '%p'.\n", auth_user_request); + assert(auth_user_request != NULL); + if (auth_user_request->references > 0) { + auth_user_request->references--; + } else { + debug(29, 1) ("Attempt to lower Auth User request %p refcount below 0!\n", auth_user_request); + } + debug(29, 9) ("authenticateAuthUserRequestUnlock auth_user_request '%p' now at '%d'.\n", auth_user_request, auth_user_request->references); + if (auth_user_request->references == 0) { + /* not locked anymore */ + authenticateAuthUserRequestFree(auth_user_request); + } +} + +int +authenticateAuthUserInuse(auth_user_t * auth_user) +/* returns 0 for not in use */ +{ + assert(auth_user != NULL); + return auth_user->references; +} + +/* Combine two user structs. ONLY to be called from within a scheme module. + * The scheme module is responsible for ensuring that the two users _can_ be merged + * without invalidating all the request scheme data. + * the scheme is also responsible for merging any user related scheme data itself. */ +void +authenticateAuthUserMerge(auth_user_t * from, auth_user_t * to) +{ + dlink_node *link, *tmplink; + auth_user_request_t *auth_user_request; +/* XXX combine two authuser structs. Incomplete: it should merge in hash references + * too and ask the module to merge in scheme data */ + debug(29, 5) ("authenticateAuthUserMerge auth_user '%p' into auth_user '%p'.\n", from, to); + link = from->requests.head; + while (link) { + auth_user_request = link->data; + tmplink = link; + link = link->next; + dlinkDelete(tmplink, &from->requests); + dlinkAddTail(auth_user_request, tmplink, &to->requests); + auth_user_request->auth_user = to; + } + to->references += from->references; + from->references = 0; + authenticateFreeProxyAuthUser(from); +} + +void +authenticateFreeProxyAuthUser(void *data) +{ + auth_user_t *u = data; + auth_user_request_t *auth_user_request; + dlink_node *link, *tmplink; + assert(data != NULL); + debug(29, 5) ("authenticateFreeProxyAuthUser: Freeing auth_user '%p' with refcount '%d'.\n", u, u->references); + assert(u->references == 0); + /* were they linked in by username ? */ + if (u->usernamehash) { + assert(u->usernamehash->auth_user == u); + debug(29, 5) ("authenticateFreeProxyAuthUser: removing usernamehash entry '%p'\n", u->usernamehash); + hash_remove_link(proxy_auth_username_cache, + (hash_link *) u->usernamehash); + /* don't free the key as we use the same user string as the auth_user + * structure */ + memFree(u->usernamehash, MEM_AUTH_USER_HASH); + } + /* remove any outstanding requests */ + link = u->requests.head; + while (link) { + debug(29, 5) ("authenticateFreeProxyAuthUser: removing request entry '%p'\n", link->data); + auth_user_request = link->data; + tmplink = link; + link = link->next; + dlinkDelete(tmplink, &u->requests); + dlinkNodeDelete(tmplink); + authenticateAuthUserRequestFree(auth_user_request); + } + /* free cached acl results */ + aclCacheMatchFlush(&u->proxy_match_cache); + if (u->scheme_data && u->auth_module > 0) + authscheme_list[u->auth_module - 1].FreeUser(u); + /* prevent accidental reuse */ + u->auth_type = AUTH_UNKNOWN; + memFree(u, MEM_AUTH_USER_T); +} + +void +authenticateInitUserCache(void) +{ + if (!proxy_auth_username_cache) { + /* First time around, 7921 should be big enough */ + proxy_auth_username_cache = + hash_create((HASHCMP *) strcmp, 7921, hash_string); + assert(proxy_auth_username_cache); + eventAdd("User Cache Maintenance", authenticateProxyUserCacheCleanup, NULL, Config.authenticateGCInterval, 1); + } +} + +void +authenticateProxyUserCacheCleanup(void *datanotused) +{ + /* + * We walk the hash by username as that is the unique key we use. + * For big hashs we could consider stepping through the cache, 100/200 + * entries at a time. Lets see how it flys first. + */ + auth_user_hash_pointer *usernamehash; + auth_user_t *auth_user; + char *username = NULL; + debug(29, 3) ("authenticateProxyUserCacheCleanup: Cleaning the user cache now\n"); + debug(29, 3) ("authenticateProxyUserCacheCleanup: Current time: %d\n", current_time.tv_sec); + hash_first(proxy_auth_username_cache); + while ((usernamehash = ((auth_user_hash_pointer *) hash_next(proxy_auth_username_cache)))) { + auth_user = usernamehash->auth_user; + username = authenticateUserUsername(auth_user); + + /* if we need to have inpedendent expiry clauses, insert a module call + * here */ + debug(29, 4) ("authenticateProxyUserCacheCleanup: Cache entry:\n\tType: %d\n\tUsername: %s\n\texpires: %d\n\treferences: %d\n", auth_user->auth_type, username, auth_user->expiretime + Config.authenticateTTL, auth_user->references); + if (auth_user->expiretime + Config.authenticateTTL <= current_time.tv_sec) { + debug(29, 5) ("authenticateProxyUserCacheCleanup: Removing user %s from cache due to timeout.\n", username); + /* the minus 1 accounts for the cache lock */ + if ((authenticateAuthUserInuse(auth_user) - 1)) + debug(29, 4) ("authenticateProxyUserCacheCleanup: this cache entry has expired AND has a non-zero ref count.\n"); + else + authenticateAuthUserUnlock(auth_user); + } + } + debug(29, 3) ("authenticateProxyUserCacheCleanup: Finished cleaning the user cache.\n"); + eventAdd("User Cache Maintenance", authenticateProxyUserCacheCleanup, NULL, Config.authenticateGCInterval, 1); +} + +/* + * authenticateUserCacheRestart() cleans all config-dependent data from the + * auth_user cache. It DOES NOT Flush the user cache. + */ + +void +authenticateUserCacheRestart(void) +{ + auth_user_hash_pointer *usernamehash; + auth_user_t *auth_user; + char *username = NULL; + debug(29, 3) ("authenticateUserCacheRestart: Clearing config dependent cache data.\n"); + hash_first(proxy_auth_username_cache); + while ((usernamehash = ((auth_user_hash_pointer *) hash_next(proxy_auth_username_cache)))) { + auth_user = usernamehash->auth_user; + username = authenticateUserUsername(auth_user); + debug(29, 5) ("authenticateUserCacheRestat: Clearing cache ACL results for user: %s\n", username); + aclCacheMatchFlush(&auth_user->proxy_match_cache); + } + +} + +/* + * called to add another auth scheme module + */ +void +authSchemeAdd(char *type, AUTHSSETUP * setup) +{ + int i; + debug(29, 4) ("authSchemeAdd: adding %s", type); + /* find the number of currently known authscheme types */ + for (i = 0; authscheme_list && authscheme_list[i].typestr; i++) { + assert(strcmp(authscheme_list[i].typestr, type) != 0); + } + /* add the new type */ + authscheme_list = xrealloc(authscheme_list, (i + 2) * sizeof(authscheme_entry_t)); + memset(&authscheme_list[i + 1], 0, sizeof(authscheme_entry_t)); + authscheme_list[i].typestr = type; + /* Call the scheme module to set up capabilities and initialize any global data */ + setup(&authscheme_list[i]); +} + + + +/* UserNameCacheAdd: add a auth_user structure to the username cache */ +void +authenticateUserNameCacheAdd(auth_user_t * auth_user) +{ + auth_user_hash_pointer *usernamehash; + usernamehash = memAllocate(MEM_AUTH_USER_HASH); + usernamehash->key = authenticateUserUsername(auth_user); + usernamehash->auth_user = auth_user; + hash_join(proxy_auth_username_cache, (hash_link *) usernamehash); + auth_user->usernamehash = usernamehash; + /* lock for presence in the cache */ + authenticateAuthUserLock(auth_user); +} + + + +/* + * check the user for ip changes timeouts + * 0 = failed check + * 1 = ip requirements are ok. + */ +/* TODO: + * ip_expire data should be in a struct of it's own - for code reuse */ +int +authenticateCheckAuthUserIP(struct in_addr request_src_addr, auth_user_request_t * auth_user_request) +{ + char *username = authenticateUserRequestUsername(auth_user_request); + if (request_src_addr.s_addr == auth_user_request->auth_user->ipaddr.s_addr || auth_user_request->auth_user->ip_expiretime + Config.authenticateIpTTL <= squid_curtime) { + /* user has not moved ip or had the ip timeout expire */ + if ((auth_user_request->auth_user->auth_type == AUTH_UNKNOWN) || + (auth_user_request->auth_user->auth_type == AUTH_BROKEN)) { + debug(29, 1) ("authenticateCheckProxyAuthIP: broken or unknown auth type %d.\n", auth_user_request->auth_user->auth_type); + return 0; + } + username = authenticateUserRequestUsername(auth_user_request); + /* Update IP ttl */ + auth_user_request->auth_user->ip_expiretime = squid_curtime; + auth_user_request->auth_user->ipaddr = request_src_addr; + return 1; + } else { + char *ip1 = xstrdup(inet_ntoa(auth_user_request->auth_user->ipaddr)); + char *ip2 = xstrdup(inet_ntoa(request_src_addr)); + if (Config.onoff.authenticateIpTTLStrict) { + debug(29, 1) ("aclMatchProxyAuth: user '%s' tried to use multiple IP addresses! (%s, %s)\n ", username, ip1, ip2); + } else { + /* Non-strict mode. Reassign ownership to the new IP */ + auth_user_request->auth_user->ipaddr.s_addr = request_src_addr.s_addr; + debug(29, 1) ("aclMatchProxyAuth: user '%s' has changed IP address (%s, %s)\n ", username, ip1, ip2); + } + safe_free(ip1); + safe_free(ip2); + /* and deny access */ + return 0; + } } Index: squid/src/cache_cf.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/cache_cf.c,v retrieving revision 1.4.2.2 retrieving revision 1.4.2.3 diff -u -r1.4.2.2 -r1.4.2.3 --- squid/src/cache_cf.c 24 Feb 2001 12:20:40 -0000 1.4.2.2 +++ squid/src/cache_cf.c 27 Feb 2001 14:18:51 -0000 1.4.2.3 @@ -1,21 +1,21 @@ /* - * $Id: cache_cf.c,v 1.4.2.2 2001/02/24 12:20:40 rvenning Exp $ + * $Id: cache_cf.c,v 1.4.2.3 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 3 Configuration File Parsing * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -55,8 +55,6 @@ static const char *const B_GBYTES_STR = "GB"; static const char *const list_sep = ", \t\n\r"; -static int http_header_first; -static int http_header_allowed = 0; static void update_maxobjsize(void); static void configDoConfigure(void); @@ -65,18 +63,24 @@ static void parseTimeLine(time_t * tptr, const char *units); static void parse_ushort(u_short * var); static void parse_string(char **); -static void parse_wordlist(wordlist **); +void parse_wordlist(wordlist **); static void default_all(void); static void defaults_if_none(void); static int parse_line(char *); static void parseBytesLine(size_t * bptr, const char *units); static size_t parseBytesUnits(const char *unit); static void free_all(void); -static void requirePathnameExists(const char *name, const char *path); +void requirePathnameExists(const char *name, const char *path); static OBJH dump_config; -static void dump_http_header(StoreEntry * entry, const char *name, HttpHeaderMask header); -static void parse_http_header(HttpHeaderMask * header); -static void free_http_header(HttpHeaderMask * header); +static void dump_http_header_access(StoreEntry * entry, const char *name, header_mangler header[]); +static void parse_http_header_access(header_mangler header[]); +static void free_http_header_access(header_mangler header[]); +static void dump_http_header_replace(StoreEntry * entry, const char *name, header_mangler header[]); +static void parse_http_header_replace(header_mangler * header); +static void free_http_header_replace(header_mangler * header); +static void parse_denyinfo(acl_deny_info_list ** var); +static void dump_denyinfo(StoreEntry * entry, const char *name, acl_deny_info_list * var); +static void free_denyinfo(acl_deny_info_list ** var); static void parse_sockaddr_in_list(sockaddr_in_list **); static void dump_sockaddr_in_list(StoreEntry *, const char *, const sockaddr_in_list *); static void free_sockaddr_in_list(sockaddr_in_list **); @@ -218,12 +222,14 @@ if ((fp = fopen(file_name, "r")) == NULL) fatalf("Unable to open configuration file: %s: %s", file_name, xstrerror()); +#if defined(_SQUID_CYGWIN_) + setmode(fileno(fp), O_TEXT); +#endif cfg_filename = file_name; if ((token = strrchr(cfg_filename, '/'))) cfg_filename = token + 1; memset(config_input_line, '\0', BUFSIZ); config_lineno = 0; - http_header_first = 0; while (fgets(config_input_line, BUFSIZ, fp)) { config_lineno++; if ((token = strchr(config_input_line, '\n'))) @@ -264,7 +270,10 @@ fatal("No cache_dir's specified in config file"); /* calculate Config.Swap.maxSize */ storeDirConfigure(); - if (Config.Swap.maxSize < (Config.memMaxSize >> 10)) + if (0 == Config.Swap.maxSize) + /* people might want a zero-sized cache on purpose */ + (void) 0; + else if (Config.Swap.maxSize < (Config.memMaxSize >> 10)) fatal("cache_swap is lower than cache_mem"); if (Config.Announce.period > 0) { Config.onoff.announce = 1; @@ -294,17 +303,6 @@ Config.redirectChildren = DefaultRedirectChildrenMax; } } - if (Config.Program.authenticate) { - if (Config.authenticateChildren < 1) { - Config.authenticateChildren = 0; - wordlistDestroy(&Config.Program.authenticate); - } else if (Config.authenticateChildren > DefaultAuthenticateChildrenMax) { - debug(3, 0) ("WARNING: authenticate_children was set to a bad value: %d\n", - Config.authenticateChildren); - debug(3, 0) ("Setting it to the maximum (%d).\n", DefaultAuthenticateChildrenMax); - Config.authenticateChildren = DefaultAuthenticateChildrenMax; - } - } if (Config.Accel.host) { snprintf(buf, BUFSIZ, "http://%s:%d", Config.Accel.host, Config.Accel.port); Config2.Accel.prefix = xstrdup(buf); @@ -360,8 +358,6 @@ #endif if (Config.Program.redirect) requirePathnameExists("redirect_program", Config.Program.redirect->key); - if (Config.Program.authenticate) - requirePathnameExists("authenticate_program", Config.Program.authenticate->key); requirePathnameExists("Icon Directory", Config.icons.directory); requirePathnameExists("Error Directory", Config.errorDirectory); #if HTTP_VIOLATIONS @@ -384,29 +380,34 @@ if (Config.Wais.relayHost) { if (Config.Wais.peer) cbdataFree(Config.Wais.peer); - Config.Wais.peer = memAllocate(MEM_PEER); - cbdataAdd(Config.Wais.peer, peerDestroy, MEM_PEER); + Config.Wais.peer = CBDATA_ALLOC(peer, peerDestroy); Config.Wais.peer->host = xstrdup(Config.Wais.relayHost); Config.Wais.peer->http_port = Config.Wais.relayPort; } if (aclPurgeMethodInUse(Config.accessList.http)) Config2.onoff.enable_purge = 1; - if (NULL != Config.effectiveUser) { - struct passwd *pwd = getpwnam(Config.effectiveUser); - if (NULL == pwd) - /* - * Andres Kroonmaa : - * Some getpwnam() implementations (Solaris?) require - * an available FD < 256 for opening a FILE* to the - * passwd file. - * DW: - * This should be safe at startup, but might still fail - * during reconfigure. - */ - fatalf("getpwnam failed to find userid for effective user '%s'", - Config.effectiveUser, - xstrerror()); - Config2.effectiveUserID = pwd->pw_uid; + if (geteuid() == 0) { + if (NULL != Config.effectiveUser) { + struct passwd *pwd = getpwnam(Config.effectiveUser); + if (NULL == pwd) + /* + * Andres Kroonmaa : + * Some getpwnam() implementations (Solaris?) require + * an available FD < 256 for opening a FILE* to the + * passwd file. + * DW: + * This should be safe at startup, but might still fail + * during reconfigure. + */ + fatalf("getpwnam failed to find userid for effective user '%s'", + Config.effectiveUser, + xstrerror()); + Config2.effectiveUserID = pwd->pw_uid; + Config2.effectiveGroupID = pwd->pw_gid; + } + } else { + Config2.effectiveUserID = geteuid(); + Config2.effectiveGroupID = getegid(); } if (NULL != Config.effectiveGroup) { struct group *grp = getgrnam(Config.effectiveGroup); @@ -773,48 +774,55 @@ #endif static void -dump_http_header(StoreEntry * entry, const char *name, HttpHeaderMask header) +dump_http_header_access(StoreEntry * entry, const char *name, header_mangler header[]) { int i; - for (i = 0; i < HDR_OTHER; i++) { - if (http_header_allowed && !CBIT_TEST(header, i)) - storeAppendPrintf(entry, "%s allow %s\n", name, httpHeaderNameById(i)); - else if (!http_header_allowed && CBIT_TEST(header, i)) - storeAppendPrintf(entry, "%s deny %s\n", name, httpHeaderNameById(i)); + for (i = 0; i < HDR_ENUM_END; i++) { + if (header[i].access_list != NULL) { + storeAppendPrintf(entry, "%s ",name); + dump_acl_access(entry, httpHeaderNameById(i), + header[i].access_list); + } } } static void -parse_http_header(HttpHeaderMask * header) +parse_http_header_access(header_mangler header[]) { - int allowed, id; + int id, i; char *t = NULL; if ((t = strtok(NULL, w_space)) == NULL) { debug(3, 0) ("%s line %d: %s\n", cfg_filename, config_lineno, config_input_line); - debug(3, 0) ("parse_http_header: missing 'allow' or 'deny'.\n"); + debug(3, 0) ("parse_http_header_access: missing header name.\n"); return; } - if (!strcmp(t, "allow")) - allowed = 1; - else if (!strcmp(t, "deny")) - allowed = 0; - else { + /* Now lookup index of header. */ + id = httpHeaderIdByNameDef(t, strlen(t)); + if (strcmp(t, "All") == 0) + id = HDR_ENUM_END; + else if (strcmp(t, "Other") == 0) + id = HDR_OTHER; + else if (id == -1) { debug(3, 0) ("%s line %d: %s\n", cfg_filename, config_lineno, config_input_line); - debug(3, 0) ("parse_http_header: expecting 'allow' or 'deny', got '%s'.\n", t); + debug(3, 0) ("parse_http_header_access: unknown header name %s.\n", t); return; } - if (!http_header_first) { - http_header_first = 1; - if (allowed) { - http_header_allowed = 1; - httpHeaderMaskInit(header, 0xFF); - } else { - http_header_allowed = 0; - httpHeaderMaskInit(header, 0); + if (id != HDR_ENUM_END) { + parse_acl_access(&header[id].access_list); + } else { + char *next_string = t + strlen(t) -1; + *next_string = 'A'; + *(next_string+1) = ' '; + for (i = 0; i < HDR_ENUM_END; i++) { + char *new_string = xstrdup(next_string); + strtok(new_string, w_space); + parse_acl_access(&header[i].access_list); + safe_free(new_string); } } +<<<<<<< cache_cf.c while ((t = strtok(NULL, w_space))) { if ((id = httpHeaderIdByNameDef(t, strlen(t))) == -1) debug(3, 0) ("parse_http_header: Ignoring unknown header '%s'\n", t); @@ -829,9 +837,83 @@ free_http_header(HttpHeaderMask * header) { httpHeaderMaskInit(header, 0); +======= +} + +static void +free_http_header_access(header_mangler header[]) +{ + int i; + for (i = 0; i < HDR_ENUM_END; i++) { + free_acl_access(&header[i].access_list); + } +} + +static void +dump_http_header_replace(StoreEntry * entry, const char *name, header_mangler + header[]) +{ + int i; + for (i = 0; i < HDR_ENUM_END; i++) { + if (NULL == header[i].replacement) + continue; + storeAppendPrintf(entry, "%s %s %s\n", name, httpHeaderNameById(i), + header[i].replacement); + } +>>>>>>> 1.20 +} + +static void +<<<<<<< cache_cf.c +======= +parse_http_header_replace(header_mangler header[]) +{ + int id, i; + char *t = NULL; + if ((t = strtok(NULL, w_space)) == NULL) { + debug(3, 0) ("%s line %d: %s\n", + cfg_filename, config_lineno, config_input_line); + debug(3, 0) ("parse_http_header_replace: missing header name.\n"); + return; + } + /* Now lookup index of header. */ + id = httpHeaderIdByNameDef(t, strlen(t)); + if (strcmp(t, "All") == 0) + id = HDR_ENUM_END; + else if (strcmp(t, "Other") == 0) + id = HDR_OTHER; + else if (id == -1) { + debug(3, 0) ("%s line %d: %s\n", + cfg_filename, config_lineno, config_input_line); + debug(3, 0) ("parse_http_header_replace: unknown header name %s.\n", + t); + return; + } + if (id != HDR_ENUM_END) { + if (header[id].replacement != NULL) + safe_free(header[id].replacement); + header[id].replacement = xstrdup(t + strlen(t) + 1); + } else { + for (i = 0; i < HDR_ENUM_END; i++) { + if (header[i].replacement != NULL) + safe_free(header[i].replacement); + header[i].replacement = xstrdup(t + strlen(t) + 1); + } + } +} + +static void +free_http_header_replace(header_mangler header[]) +{ + int i; + for (i = 0; i < HDR_ENUM_END; i++) { + if (header[i].replacement != NULL) + safe_free(header[i].replacement); + } } static void +>>>>>>> 1.20 dump_cachedir(StoreEntry * entry, const char *name, cacheSwap swap) { SwapDir *s; @@ -854,6 +936,86 @@ return s == NULL; } +static void +allocate_new_authScheme(authConfig * cfg) +{ + if (cfg->schemes == NULL) { + cfg->n_allocated = 4; + cfg->schemes = xcalloc(cfg->n_allocated, sizeof(authScheme)); + } + if (cfg->n_allocated == cfg->n_configured) { + authScheme *tmp; + cfg->n_allocated <<= 1; + tmp = xcalloc(cfg->n_allocated, sizeof(authScheme)); + xmemcpy(tmp, cfg->schemes, cfg->n_configured * sizeof(authScheme)); + xfree(cfg->schemes); + cfg->schemes = tmp; + } +} + +static void +parse_authparam(authConfig * config) +{ + char *type_str; + char *param_str; + authScheme *scheme = NULL; + int type, i; + + if ((type_str = strtok(NULL, w_space)) == NULL) + self_destruct(); + + if ((param_str = strtok(NULL, w_space)) == NULL) + self_destruct(); + + if ((type = authenticateAuthSchemeId(type_str)) == -1) { + debug(3, 0) ("Parsing Config File: Unknown authentication scheme '%s'.\n", type_str); + return; + } + for (i = 0; i < config->n_configured; i++) { + if (config->schemes[i].Id == type) { + scheme = config->schemes + i; + } + } + + if (scheme == NULL) { + allocate_new_authScheme(config); + scheme = config->schemes + config->n_configured; + config->n_configured++; + scheme->Id = type; + scheme->typestr = authscheme_list[type].typestr; + } + authscheme_list[type].parse(scheme, config->n_configured, param_str); +} + +static void +free_authparam(authConfig * cfg) +{ + authScheme *scheme; + int i; + /* DON'T FREE THESE FOR RECONFIGURE */ + if (reconfiguring) + return; + for (i = 0; i < cfg->n_configured; i++) { + scheme = cfg->schemes + i; + authscheme_list[scheme->Id].freeconfig(scheme); + } + safe_free(cfg->schemes); + cfg->schemes = NULL; + cfg->n_allocated = 0; + cfg->n_configured = 0; +} + +static void +dump_authparam(StoreEntry * entry, const char *name, authConfig cfg) +{ + authScheme *scheme; + int i; + for (i = 0; i < cfg.n_configured; i++) { + scheme = cfg.schemes + i; + authscheme_list[scheme->Id].dump(entry, name, scheme); + } +} + void allocate_new_swapdir(cacheSwap * swap) { @@ -891,13 +1053,10 @@ SwapDir *sd; int i; int fs; - ssize_t maxobjsize; if ((type_str = strtok(NULL, w_space)) == NULL) self_destruct(); - maxobjsize = (ssize_t) GetInteger(); - if ((path_str = strtok(NULL, w_space)) == NULL) self_destruct(); @@ -928,12 +1087,13 @@ } sd = swap->swapDirs + i; storefs_list[fs].reconfigurefunc(sd, i, path_str); - sd->max_objsize = maxobjsize; update_maxobjsize(); return; } } + assert(swap->n_configured < 63); /* 7 bits, signed */ + fs = find_fstype(type_str); if (fs < 0) { /* If we get here, we didn't find a matching cache_dir type */ @@ -941,16 +1101,95 @@ } allocate_new_swapdir(swap); sd = swap->swapDirs + swap->n_configured; - storefs_list[fs].parsefunc(sd, swap->n_configured, path_str); - /* XXX should we dupe the string here, in case it gets trodden on? */ sd->type = storefs_list[fs].typestr; - sd->max_objsize = maxobjsize; + /* defaults in case fs implementation fails to set these */ + sd->max_objsize = -1; + sd->fs.blksize = 1024; + /* parse the FS parameters and options */ + storefs_list[fs].parsefunc(sd, swap->n_configured, path_str); swap->n_configured++; /* Update the max object size */ update_maxobjsize(); } static void +parse_cachedir_option_readonly(SwapDir * sd, const char *option, const char *value, int reconfiguring) +{ + int read_only = 0; + if (value) + read_only = atoi(value); + else + read_only = 1; + sd->flags.read_only = read_only; +} + +static void +parse_cachedir_option_maxsize(SwapDir * sd, const char *option, const char *value, int reconfiguring) +{ + ssize_t size; + + if (!value) + self_destruct(); + + size = atoi(value); + + if (reconfiguring && sd->max_objsize != size) + debug(3, 1) ("Cache dir '%s' max object size now %d\n", size); + + sd->max_objsize = size; +} + +static struct cache_dir_option common_cachedir_options[] = +{ + {"read-only", parse_cachedir_option_readonly}, + {"max-size", parse_cachedir_option_maxsize}, + {NULL, NULL} +}; + +void +parse_cachedir_options(SwapDir * sd, struct cache_dir_option *options, int reconfiguring) +{ + int old_read_only = sd->flags.read_only; + char *name, *value; + struct cache_dir_option *option, *op; + + while ((name = strtok(NULL, w_space)) != NULL) { + value = strchr(name, '='); + if (value) + *value++ = '\0'; /* cut on = */ + option = NULL; + if (options) { + for (op = options; !option && op->name; op++) { + if (strcmp(op->name, name) == 0) { + option = op; + break; + } + } + } + for (op = common_cachedir_options; !option && op->name; op++) { + if (strcmp(op->name, name) == 0) { + option = op; + break; + } + } + if (!option || !option->parse) + self_destruct(); + option->parse(sd, name, value, reconfiguring); + } + /* + * Handle notifications about reconfigured single-options with no value + * where the removal of the option cannot be easily detected in the + * parsing... + */ + if (reconfiguring) { + if (old_read_only != sd->flags.read_only) { + debug(3, 1) ("Cache dir '%s' now %s\n", + sd->path, sd->flags.read_only ? "Read-Only" : "Read-Write"); + } + } +} + +static void free_cachedir(cacheSwap * swap) { SwapDir *s; @@ -969,7 +1208,7 @@ swap->n_configured = 0; } -const char * +static const char * peer_type_str(const peer_t type) { switch (type) { @@ -992,7 +1231,6 @@ dump_peer(StoreEntry * entry, const char *name, peer * p) { domain_ping *d; - acl_access *a; domain_type *t; LOCAL_ARRAY(char, xname, 128); while (p != NULL) { @@ -1009,7 +1247,7 @@ d->do_ping ? null_string : "!", d->domain); } - if ((a = p->access)) { + if (p->access) { snprintf(xname, 128, "cache_peer_access %s", p->host); dump_acl_access(entry, xname, p->access); } @@ -1029,9 +1267,7 @@ char *token = NULL; peer *p; int i; - sockaddr_in_list *s; - const char *me = getMyHostname(); - p = memAllocate(MEM_PEER); + p = CBDATA_ALLOC(peer, peerDestroy); p->http_port = CACHE_HTTP_PORT; p->icp.port = CACHE_ICP_PORT; p->weight = 1; @@ -1046,6 +1282,7 @@ p->http_port = (u_short) i; i = GetInteger(); p->icp.port = (u_short) i; +<<<<<<< cache_cf.c if (strcmp(p->host, me) == 0) { for (s = Config.Sockaddr.http; s; s = s->next) { if (p->http_port != ntohs(PORT_FROM_SA(s->s))) @@ -1057,6 +1294,8 @@ return; } } +======= +>>>>>>> 1.20 while ((token = strtok(NULL, w_space))) { if (!strcasecmp(token, "proxy-only")) { p->options.proxy_only = 1; @@ -1099,6 +1338,7 @@ #endif } else if (!strncasecmp(token, "login=", 6)) { p->login = xstrdup(token + 6); + rfc1738_unescape(p->login); } else if (!strncasecmp(token, "connect-timeout=", 16)) { p->connect_timeout = atoi(token + 16); #if USE_CACHE_DIGESTS @@ -1107,6 +1347,8 @@ #endif } else if (!strcasecmp(token, "allow-miss")) { p->options.allow_miss = 1; + } else if (!strcasecmp(token, "max-conn=")) { + p->max_conn = atoi(token + 9); } else { debug(3, 0) ("parse_peer: token='%s'\n", token); self_destruct(); @@ -1118,18 +1360,16 @@ p->tcp_up = PEER_TCP_MAGIC_COUNT; p->test_fd = -1; #if USE_CARP -#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> ((sizeof(u_long)*8)-(n)))) +#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) if (p->carp.load_factor) { /* calculate this peers hash for use in CARP */ p->carp.hash = 0; for (token = p->host; *token != 0; token++) - p->carp.hash += ROTATE_LEFT(p->carp.hash, 19) + *token; + p->carp.hash += ROTATE_LEFT(p->carp.hash, 19) + (unsigned int) *token; p->carp.hash += p->carp.hash * 0x62531965; - p->carp.hash += ROTATE_LEFT(p->carp.hash, 21); + p->carp.hash = ROTATE_LEFT(p->carp.hash, 21); } #endif - /* This must preceed peerDigestCreate */ - cbdataAdd(p, peerDestroy, MEM_PEER); #if USE_CACHE_DIGESTS if (!p->options.no_digest) { p->digest = peerDigestCreate(p); @@ -1233,10 +1473,12 @@ for (a = *list; a; a = a_next) { for (l = a->acl_list; l; l = l_next) { l_next = l->next; - safe_free(l); + memFree(l, MEM_ACL_NAME_LIST); + l = NULL; } a_next = a->next; - safe_free(a); + memFree(a, MEM_ACL_DENY_INFO_LIST); + a = NULL; } *list = NULL; } @@ -1363,7 +1605,7 @@ storeAppendPrintf(entry, "%s %d\n", name, var); } -static void +void parse_int(int *var) { int i; @@ -1560,13 +1802,17 @@ safe_free(*var); } -static void +void parse_eol(char *volatile *var) { - char *token = strtok(NULL, null_string); + unsigned char *token = strtok(NULL, null_string); safe_free(*var); if (token == NULL) self_destruct(); + while (*token && isspace(*token)) + token++; + if (!*token) + self_destruct(); *var = xstrdup(token); } @@ -1576,7 +1822,7 @@ storeAppendPrintf(entry, "%s %d seconds\n", name, (int) var); } -static void +void parse_time_t(time_t * var) { parseTimeLine(var, T_SECOND_STR); @@ -1669,7 +1915,7 @@ } } -static void +void parse_wordlist(wordlist ** list) { char *token; @@ -1859,7 +2105,7 @@ free_all(); } -static void +void requirePathnameExists(const char *name, const char *path) { struct stat sb; Index: squid/src/cache_diff.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/cache_diff.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/cache_diff.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/cache_diff.c 27 Feb 2001 14:18:51 -0000 1.4.6.1 @@ -1,20 +1,20 @@ /* - * $Id: cache_diff.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: cache_diff.c,v 1.4.6.1 2001/02/27 14:18:51 rvenning Exp $ * * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -137,6 +137,9 @@ fprintf(stderr, "cannot open %s: %s\n", fname, strerror(errno)); return 0; } +#if defined(_SQUID_CYGWIN_) + setmode(fileno(file), O_BINARY); +#endif scanned_count = cacheIndexScan(idx, fname, file); fclose(file); Index: squid/src/cache_manager.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/cache_manager.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- squid/src/cache_manager.c 14 Nov 2000 13:03:47 -0000 1.4 +++ squid/src/cache_manager.c 27 Feb 2001 14:18:51 -0000 1.4.2.1 @@ -1,21 +1,21 @@ /* - * $Id: cache_manager.c,v 1.4 2000/11/14 13:03:47 adri Exp $ + * $Id: cache_manager.c,v 1.4.2.1 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 16 Cache Manager Objects * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -49,8 +49,8 @@ char *desc; OBJH *handler; struct { - int pw_req:1; - int atomic:1; + unsigned int pw_req:1; + unsigned int atomic:1; } flags; struct _action_table *next; } action_table; @@ -253,11 +253,11 @@ if (a->flags.atomic) storeBuffer(entry); { - http_version_t version; + http_version_t version; HttpReply *rep = entry->mem_obj->reply; /* prove there are no previous reply headers around */ assert(0 == rep->sline.status); - httpBuildVersion(&version,1,0); + httpBuildVersion(&version, 1, 0); httpReplySetHeaders(rep, version, HTTP_OK, Index: squid/src/cachemgr.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/Attic/cachemgr.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/cachemgr.c 7 Dec 2000 13:58:11 -0000 1.3.6.1 +++ squid/src/cachemgr.c 27 Feb 2001 14:18:51 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: cachemgr.c,v 1.3.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: cachemgr.c,v 1.3.6.2 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 0 CGI Cache Manager * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/carp.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/carp.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/carp.c 23 Oct 2000 15:04:20 -0000 1.3 +++ squid/src/carp.c 27 Feb 2001 14:18:51 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: carp.c,v 1.3 2000/10/23 15:04:20 hno Exp $ + * $Id: carp.c,v 1.3.6.1 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 39 Cache Array Routing Protocol * AUTHOR: Eric Stern * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -37,15 +37,18 @@ #if USE_CARP +static OBJH carpCachemgr; + void carpInit(void) { /* calculate load factors */ int K = 0; - float a = 0.0; - float Xn; - float P_last; - float X_last; + double a = 0.0; + double dJ; + double Xn; + double P_last; + double X_last; int k; peer *p; for (p = Config.peers; p; p = p->next) { @@ -54,7 +57,7 @@ } if (a == 0.0) { for (p = Config.peers; p; p = p->next) - p->carp.load_multiplier = 1; + p->carp.load_multiplier = 1.0; return; } /* @@ -66,21 +69,23 @@ k = 1; P_last = 0; p = Config.peers; - p->carp.load_multiplier = pow(K * p->carp.load_factor, 1 / K); + p->carp.load_multiplier = pow(p->carp.load_factor * K, 1.0 / K); Xn = p->carp.load_multiplier; P_last = p->carp.load_factor; X_last = p->carp.load_multiplier; if (!p->next) return; for (p = p->next; p; p = p->next) { - p->carp.load_multiplier = ((K - k + 1) * (p->carp.load_factor - P_last)) / Xn; - p->carp.load_multiplier += pow(X_last, K - k + 1); - p->carp.load_multiplier = pow(p->carp.load_multiplier, 1 / (K - k + 1)); + k++; + dJ = (double) (K - k + 1); + p->carp.load_multiplier = (dJ * (p->carp.load_factor - P_last)) / Xn; + p->carp.load_multiplier += pow(X_last, dJ); + p->carp.load_multiplier = pow(p->carp.load_multiplier, 1 / dJ); Xn *= p->carp.load_multiplier; X_last = p->carp.load_multiplier; - k++; P_last = p->carp.load_factor; } + cachemgrRegister("carp", "CARP information", carpCachemgr, 0, 1); } peer * @@ -120,4 +125,28 @@ debug(39, 3) ("carpSelectParent: selected CARP %s\n", p->host); return p; } + +static void +carpCachemgr(StoreEntry * sentry) +{ + peer *p; + int sumfetches = 0; + storeAppendPrintf(sentry, "%24s %10s %10s %10s %10s\n", + "Hostname", + "Hash", + "Multiplier", + "Factor", + "Actual"); + for (p = Config.peers; p; p = p->next) + sumfetches += p->stats.fetches; + for (p = Config.peers; p; p = p->next) { + storeAppendPrintf(sentry, "%24s %10x %10f %10f %10f\n", + p->host, p->carp.hash, + p->carp.load_multiplier, + p->carp.load_factor, + sumfetches ? (double) p->stats.fetches / sumfetches : -1.0); + } + +} + #endif Index: squid/src/cbdata.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/cbdata.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/cbdata.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/cbdata.c 27 Feb 2001 14:18:51 -0000 1.4.6.1 @@ -1,21 +1,22 @@ /* - * $Id: cbdata.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: cbdata.c,v 1.4.6.1 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 45 Callback Data Registry - * AUTHOR: Duane Wessels + * ORIGINAL AUTHOR: Duane Wessels + * Modified by Moez Mahfoudh (08/12/2000) * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -44,16 +45,15 @@ * * In terms of time, the sequence goes something like this: * - * foo = xcalloc(sizeof(foo)); - * cbdataAdd(foo); + * foo = cbdataAlloc(sizeof(foo),NULL); * ... - * cbdataLock(foo); * some_blocking_operation(..., callback_func, foo); - * ... - * some_blocking_operation_completes() - * if (cbdataValid(foo)) - * callback_func(..., foo) - * cbdataUnlock(foo); + * cbdataLock(foo); + * ... + * some_blocking_operation_completes() + * if (cbdataValid(foo)) + * callback_func(..., foo) + * cbdataUnlock(foo); * ... * cbdataFree(foo); * @@ -66,107 +66,132 @@ #include "squid.h" -static hash_table *htable = NULL; - static int cbdataCount = 0; typedef struct _cbdata { - hash_link hash; /* must be first */ int valid; int locks; - CBDUNL *unlock_func; - int id; + CBDUNL *free_func; + int type; /* move to CBDATA_DEBUG with type argument to cbdataFree */ #if CBDATA_DEBUG const char *file; int line; #endif + void *y; /* cookie used while debugging */ + union { + void *pointer; + double double_float; + int integer; + } data; } cbdata; -static HASHCMP cbdata_cmp; -static HASHHASH cbdata_hash; -static void cbdataReallyFree(cbdata * c); static OBJH cbdataDump; -static MemPool *cbdata_pool = NULL; -static int -cbdata_cmp(const void *p1, const void *p2) -{ - return (char *) p1 - (char *) p2; -} +static MemPool **cbdata_memory_pool = NULL; +int cbdata_types = 0; + +#define OFFSET_OF(type, member) ((int)(char *)&((type *)0L)->member) -static unsigned int -cbdata_hash(const void *p, unsigned int mod) +void +cbdataInitType(cbdata_type type, char *name, int size) { - return ((unsigned long) p >> 8) % mod; + char *label; + if (type >= cbdata_types) { + cbdata_memory_pool = xrealloc(cbdata_memory_pool, (type + 1) * sizeof(*cbdata_memory_pool)); + memset(&cbdata_memory_pool[cbdata_types], 0, + (type + 1 - cbdata_types) * sizeof(*cbdata_memory_pool)); + cbdata_types = type + 1; + } + if (cbdata_memory_pool[type]) + return; + label = xmalloc(strlen(name) + 20); + snprintf(label, strlen(name) + 20, "cbdata %s (%d)", name, (int) type); + assert(OFFSET_OF(cbdata, data) == (sizeof(cbdata) - sizeof(((cbdata *) NULL)->data))); + cbdata_memory_pool[type] = memPoolCreate(label, size + OFFSET_OF(cbdata, data)); } +cbdata_type +cbdataAddType(cbdata_type type, char *name, int size) +{ + if (type) + return type; + type = cbdata_types; + cbdataInitType(type, name, size); + return type; +} void cbdataInit(void) { debug(45, 3) ("cbdataInit\n"); - if (cbdata_pool == NULL) { - cbdata_pool = memPoolCreate("cbdata", sizeof(cbdata)); - } - htable = hash_create(cbdata_cmp, 1 << 8, cbdata_hash); cachemgrRegister("cbdata", "Callback Data Registry Contents", cbdataDump, 0, 1); +#define CREATE_CBDATA(type) cbdataInitType(CBDATA_##type, #type, sizeof(type)) + CREATE_CBDATA(acl_access); + CREATE_CBDATA(aclCheck_t); + CREATE_CBDATA(clientHttpRequest); + CREATE_CBDATA(ConnStateData); + CREATE_CBDATA(ErrorState); + CREATE_CBDATA(FwdState); + CREATE_CBDATA(generic_cbdata); + CREATE_CBDATA(helper); + CREATE_CBDATA(helper_server); + CREATE_CBDATA(statefulhelper); + CREATE_CBDATA(helper_stateful_server); + CREATE_CBDATA(HttpStateData); + CREATE_CBDATA(peer); + CREATE_CBDATA(ps_state); + CREATE_CBDATA(RemovalPolicy); + CREATE_CBDATA(RemovalPolicyWalker); + CREATE_CBDATA(RemovalPurgeWalker); + CREATE_CBDATA(store_client); + CREATE_CBDATA(storeIOState); } -void +void * #if CBDATA_DEBUG -cbdataAddDbg(const void *p, CBDUNL * unlock_func, int id, const char *file, int line) +cbdataInternalAllocDbg(cbdata_type type, CBDUNL * free_func, const char *file, int line) #else -cbdataAdd(const void *p, CBDUNL * unlock_func, int id) +cbdataInternalAlloc(cbdata_type type, CBDUNL * free_func) #endif { - cbdata *c; - assert(p); - debug(45, 3) ("cbdataAdd: %p\n", p); - assert(htable != NULL); - assert(hash_lookup(htable, p) == NULL); - c = memPoolAlloc(cbdata_pool); - c->hash.key = (void *) p; - c->valid = 1; - c->unlock_func = unlock_func; - c->id = id; + cbdata *p; + assert(type > 0 && type < cbdata_types); + p = memPoolAlloc(cbdata_memory_pool[type]); + p->type = type; + p->free_func = free_func; + p->valid = 1; + p->locks = 0; #if CBDATA_DEBUG - c->file = file; - c->line = line; + p->file = file; + p->line = line; #endif - hash_join(htable, &c->hash); + p->y = p; cbdataCount++; -} -static void -cbdataReallyFree(cbdata * c) -{ - CBDUNL *unlock_func = c->unlock_func; - void *p = c->hash.key; - int id = c->id; - hash_remove_link(htable, (hash_link *) c); - cbdataCount--; - memPoolFree(cbdata_pool, c); - debug(45, 3) ("cbdataReallyFree: Freeing %p\n", p); - if (unlock_func) - unlock_func(p, id); + return (void *) &p->data; } void cbdataFree(void *p) { - cbdata *c = (cbdata *) hash_lookup(htable, p); - assert(p); + cbdata *c; debug(45, 3) ("cbdataFree: %p\n", p); - assert(c != NULL); + assert(p); + c = (cbdata *) (((char *) p) - OFFSET_OF(cbdata, data)); + assert(c->y == c); c->valid = 0; if (c->locks) { debug(45, 3) ("cbdataFree: %p has %d locks, not freeing\n", p, c->locks); return; } - cbdataReallyFree(c); + cbdataCount--; + debug(45, 3) ("cbdataFree: Freeing %p\n", p); + if (c->free_func) + c->free_func((void *) p); + memPoolFree(cbdata_memory_pool[c->type], c); } void @@ -179,7 +204,8 @@ cbdata *c; if (p == NULL) return; - c = (cbdata *) hash_lookup(htable, p); + c = (cbdata *) (((char *) p) - OFFSET_OF(cbdata, data)); + assert(c->y == c); debug(45, 3) ("cbdataLock: %p\n", p); assert(c != NULL); c->locks++; @@ -199,7 +225,8 @@ cbdata *c; if (p == NULL) return; - c = (cbdata *) hash_lookup(htable, p); + c = (cbdata *) (((char *) p) - OFFSET_OF(cbdata, data)); + assert(c->y == c); debug(45, 3) ("cbdataUnlock: %p\n", p); assert(c != NULL); assert(c->locks > 0); @@ -210,50 +237,29 @@ #endif if (c->valid || c->locks) return; - cbdataReallyFree(c); + cbdataCount--; + debug(45, 3) ("cbdataUnlock: Freeing %p\n", p); + if (c->free_func) + c->free_func((void *) p); + memPoolFree(cbdata_memory_pool[c->type], c); } int cbdataValid(const void *p) { cbdata *c; - /* Maybe NULL should be considered valid? */ if (p == NULL) - return 0; - c = (cbdata *) hash_lookup(htable, p); + return 1; /* A NULL pointer cannot become invalid */ debug(45, 3) ("cbdataValid: %p\n", p); - assert(c != NULL); + c = (cbdata *) (((char *) p) - OFFSET_OF(cbdata, data)); + assert(c->y == c); assert(c->locks > 0); return c->valid; } -void -cbdataXfree(void *p, int unused) -{ - xfree(p); -} - - static void cbdataDump(StoreEntry * sentry) { - hash_link *hptr; - cbdata *c; storeAppendPrintf(sentry, "%d cbdata entries\n", cbdataCount); - hash_first(htable); - while ((hptr = hash_next(htable))) { - c = (cbdata *) hptr; -#if CBDATA_DEBUG - storeAppendPrintf(sentry, "%20p %10s %d locks %s:%d\n", - c->hash.key, - c->valid ? "VALID" : "NOT VALID", - c->locks, - c->file, c->line); -#else - storeAppendPrintf(sentry, "%20p %10s %d locks\n", - c->hash.key, - c->valid ? "VALID" : "NOT VALID", - c->locks); -#endif - } + storeAppendPrintf(sentry, "see also memory pools section\n"); } Index: squid/src/cf.data.pre =================================================================== RCS file: /cvsroot/squid-sf//squid/src/cf.data.pre,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/cf.data.pre 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/cf.data.pre 27 Feb 2001 14:18:51 -0000 1.4.6.1 @@ -1,19 +1,19 @@ # -# $Id: cf.data.pre,v 1.4 2000/11/03 08:39:20 hno Exp $ +# $Id: cf.data.pre,v 1.4.6.1 2001/02/27 14:18:51 rvenning Exp $ # # -# SQUID Internet Object Cache http://squid.nlanr.net/Squid/ +# SQUID Web Proxy Cache http://www.squid-cache.org/ # ---------------------------------------------------------- # -# Squid is the result of efforts by numerous individuals from the -# Internet community. Development is led by Duane Wessels of the -# National Laboratory for Applied Network Research and funded by the -# National Science Foundation. Squid is Copyrighted (C) 1998 by -# the Regents of the University of California. Please see the -# COPYRIGHT file for full details. Squid incorporates software -# developed and/or copyrighted by other sources. Please see the -# CREDITS file for full details. +# Squid is the result of efforts by numerous individuals from +# the Internet community; see the CONTRIBUTORS file for full +# details. Many organizations have provided support for Squid's +# development; see the SPONSORS file for full details. Squid is +# Copyrighted (C) 2000 by the Regents of the University of +# California; see the COPYRIGHT file for full details. Squid +# incorporates software developed and/or copyrighted by other +# sources; see the CREDITS file for full details. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -35,7 +35,7 @@ ------------------ This is the default Squid configuration file. You may wish - to look at the Squid home page (http://squid.nlanr.net/) + to look at the Squid home page (http://www.squid-cache.org/) for the FAQ and other documentation. The default Squid config file shows what the defaults for @@ -130,7 +130,7 @@ is already in use by another group of caches. If you are unsure about multicast, please read the Multicast - chapter in the Squid FAQ (http://squid.nlanr.net/Squid/FAQ/). + chapter in the Squid FAQ (http://www.squid-cache.org/FAQ/). Usage: mcast_groups 239.128.16.128 224.0.1.20 @@ -228,7 +228,7 @@ no-digest no-netdb-exchange no-delay - login=user:password + login=user:password | PASS | *:password connect-timeout=nn digest-url=url allow-miss @@ -279,6 +279,24 @@ use 'login=user:password' if this is a personal/workgroup proxy and your parent requires proxy authentication. + Note: The string can include URL escapes (i.e. %20 for + spaces). This also means that % must be written as %%. + + use 'login=PASS' if users must authenticate against + the upstream proxy. Note: To combine this with + proxy_auth both proxies must share the same user + database as HTTP only allows for one proxy login. + Also be warned that this will expose your users proxy + password to the parent. USE WITH CAUTION + + use 'login=*:password' to pass the username to the + upstream cache, but with a fixed password. This is meant + to be used when the peer is in another administrative + domain, but it is still needed to identify each user. + The star can optionally be followed by some extra + information which is added to the username. This can + be used to identify this proxy to the peer, similar to + the login=username:password option above. use 'connect-timeout=nn' to specify a peer specific connect timeout (also see the @@ -380,10 +398,8 @@ sometimes it can lead to very large values (say 5 seconds). Use this option to put an upper limit on the dynamic timeout value. Do NOT use this option to always use a fixed (instead - of a dynamic) timeout value. - - If 'icp_query_timeout' is set to zero, then this value is - ignored. + of a dynamic) timeout value. To set a fixed timeout see the + 'icp_query_timeout' directive. DOC_END NAME: mcast_icp_query_timeout @@ -662,16 +678,12 @@ NAME: cache_dir TYPE: cachedir DEFAULT: none -DEFAULT_IF_NONE: ufs -1 @DEFAULT_SWAP_DIR@ 100 16 256 +DEFAULT_IF_NONE: ufs @DEFAULT_SWAP_DIR@ 100 16 256 LOC: Config.cacheSwap DOC_START Usage: - cache_dir Type Maxobjsize Directory-Name Mbytes Level-1 Level2 [...] - - DISKD Usage: - - cache_dir diskd Maxobjsize Directory-Name MB L1 L2 Q1 Q2 + cache_dir Type Directory-Name Fs-specific-data [options] You can specify multiple cache_dir lines to spread the cache among different disk partitions. @@ -682,18 +694,18 @@ want to try "aufs" as the type. Async IO support may be buggy, however, so beware. - Maxobjsize refers to the max object size this storedir supports. - It is used to initially choose the storedir to dump the object. - -1 means 'any size'. - 'Directory' is a top-level directory where cache swap files will be stored. If you want to use an entire disk for caching, then this can be the mount-point directory. The directory must exist and be writable by the Squid process. Squid will NOT create this directory for you. - If no 'cache_dir' lines are specified, the following - default will be used: @DEFAULT_SWAP_DIR@. + The ufs store type: + + "ufs" is the old well-known Squid storage format that has always + been there. + + cache_dir ufs Directory-Name Mbytes L1 L2 [options] 'Mbytes' is the amount of disk space (MB) to use under this directory. The default is 100 MB. Change this to suit your @@ -706,12 +718,43 @@ will be created under each first-level directory. The default is 256. - For the diskd type, Q1 specifies the number of unacknowledged - I/O requests when Squid stops opening new files. If this - many messages are in the queues, Squid won't open new files. + The aufs store type: + + "aufs" uses the same storage format as "ufs", utilizing + POSIX-threads to avoid blocking the main Squid process on + disk-I/O. This was formerly known in Squid as async-io. + + cache_dir aufs Directory-Name Mbytes L1 L2 [options] + + see argument descriptions under ufs above + + The diskd store type: + + "diskd" uses the same storage format as "ufs", utilizing a + separate process to avoid blocking the main Squid process on + disk-I/O. + + cache_dir diskd Directory-Name Mbytes L1 L2 [options] [Q1=n] [Q2=n] + + see argument descriptions under ufs above + + Q1 specifies the number of unacknowledged I/O requests when Squid + stops opening new files. If this many messages are in the queues, + Squid won't open new files. Default is 64 + Q2 specifies the number of unacknowledged messages when Squid starts blocking. If this many messages are in the queues, - Squid blocks until it recevies some replies. + Squid blocks until it recevies some replies. Default is 72 + + Common options: + + read-only, this cache_dir is read only. + + max-size=n, refers to the max object size this storedir supports. + It is used to initially choose the storedir to dump the object. + Note: To make optimal use of the max-size limits you should order + the cache_dir lines with the smallest max-size value first and the + ones with no max-size specification last. DOC_END @@ -721,7 +764,7 @@ LOC: Config.Log.access DOC_START Logs the client request activity. Contains an entry for - every HTTP and ICP queries received. + every HTTP and ICP queries received. To disable, enter "none". DOC_END @@ -1017,6 +1060,28 @@ Example: dns_nameservers 10.0.0.1 192.172.0.4 DOC_END +NAME: hosts_file +TYPE: string +DEFAULT: /etc/hosts +LOC: Config.etcHostsPath +DOC_START + Location of the host-local IP name-address associations + database. Most Operating Systems have such a file: under + Un*X it's by default in /etc/hosts MS-Windows NT/2000 places + that in %SystemRoot%(by default + c:\winnt)\system32\drivers\etc\hosts, while Windows 9x/ME + places that in %windir%(usually c:\windows)\hosts + + The file contains newline-separated definitions, in the + form ip_address_in_dotted_form name [name ...] names are + whitespace-separated. lines beginnng with an hash (#) + character are comments. + + The file is checked at startup and upon configuration. If + set to 'none', it won't be checked. If append_domain is + used, that domain will be added to domain-local (i.e. not + containing any dot character) host definitions. +DOC_END NAME: unlinkd_program IFDEF: USE_UNLINKD @@ -1082,17 +1147,40 @@ are sent. DOC_END - -NAME: authenticate_program -TYPE: wordlist -LOC: Config.Program.authenticate +NAME: auth_param +TYPE: authparam +LOC: Config.authConfig DEFAULT: none DOC_START + This is used to pass parameters to the various authentication + schemes. + format: auth_param scheme parameter [setting] + + auth_param basic program @DEFAULT_PREFIX@/bin/ncsa_auth @DEFAULT_PREFIX@/etc/passwd + would tell the basic authentication scheme it's program parameter. + + The order that authentication prompts are presented to the client_agent + is dependant on the order the scheme first appears in config file. + IE has a bug (it's not rfc 2617 compliant) in that it will use the basic + scheme if basic is the first entry presented, even if more secure schemes + are presented. For now use the order in the file below. If other browsers + have difficulties (don't recognise the schemes offered even if you are using + basic) then either put basic first, or disable the other schemes (by commenting + out their program entry). + + Once an authentication scheme is fully configured, it can only be shutdown + by shutting squid down and restarting. Changes can be made on the fly and + activated with a reconfigure. I.E. You can change to a different helper, + but not unconfigure the helper completely. + + === Parameters for the basic scheme follow. === + + "program" cmdline Specify the command for the external authenticator. Such a program reads a line containing "username password" and replies "OK" or "ERR" in an endless loop. If you use an authenticator, make sure you have 1 acl of type proxy_auth. By default, the - authenticator_program is not used. + authenticate_program is not used. If you want to use the traditional proxy authentication, jump over to the ../auth_modules/NCSA directory and @@ -1102,19 +1190,138 @@ Then, set this line to something like - authenticate_program @DEFAULT_PREFIX@/bin/ncsa_auth @DEFAULT_PREFIX@/etc/passwd -DOC_END + auth_param basic program @DEFAULT_PREFIX@/bin/ncsa_auth @DEFAULT_PREFIX@/etc/passwd -NAME: authenticate_children -TYPE: int -DEFAULT: 5 -LOC: Config.authenticateChildren -DOC_START - The number of authenticator processes to spawn (default 5). If you + "children" numberofchildren + The number of authenticator processes to spawn (no default). If you start too few Squid will have to wait for them to process a backlog of usercode/password verifications, slowing it down. When password verifications are done via a (slow) network you are likely to need lots of authenticator processes. + auth_param basic children 5 + + "realm" realmstring + Specifies the realm name which is to be reported to the client for + the basic proxy authentication scheme (part of the text the user will + see when prompted their username and password). Their is no default. + auth_param basic realm Squid proxy-caching web server + + "credentialsttl" timetolive + Specifies how long squid assumes an externally validated username:password + pair is valid for - in other words how often the helper program is called + for that user. Set this low to force revalidation with short lived passwords. + Note that setting this high does not impact your susceptability to replay + attacks unless you are using a one-time password system (such as SecureID). + If you are using such a system, you will be vulnerable to replay attacks + unless you also enable the IP ttl is strict option. + + === Parameters for the digest scheme follow === + + "program" cmdline + Specify the command for the external authenticator. Such a + program reads a line containing "username":"realm" and replies + with the appropriate H(A1) value base64 encoded. See rfc 2616 for + the definition of H(A1). If you use an authenticator, + make sure you have 1 acl of type proxy_auth. By default, + authentication is not used. + + If you want to use build a authenticator, + jump over to the ../digest_auth_modules directory and choose the + authenticator to use. It it's directory type + % make + % make install + + Then, set this line to something like + + auth_param digest program @DEFAULT_PREFIX@/bin/digest_auth_pw @DEFAULT_PREFIX@/etc/digpass + + + "children" numberofchildren + The number of authenticator processes to spawn (no default). If you + start too few Squid will have to wait for them to process a backlog + of H(A1) calculations, slowing it down. When the H(A1) calculations + are done via a (slow) network you are likely to need lots of + authenticator processes. + auth_param digest children 5 + + "realm" realmstring + Specifies the realm name which is to be reported to the client for + the digest proxy authentication scheme (part of the text the user will + see when prompted their username and password). There is no default. + auth_param digest realm Squid proxy-caching web server + + "nonce_garbage_interval" timeinterval + Specifies the interval that nonces that have been issued to client_agent's + are checked for validity. + + "nonce_max_duration" timeinterval + Specifies the maximum length of time a given nonce will be valid for. + + "nonce_max_count" number + Specifies the maximum number of times a given nonce can be used. + + === NTLM scheme options follow === + + "program" cmdline + Specify the command for the external ntlm authenticator. Such a + program reads a line containing the uuencoded NEGOTIATE and replies + with the ntlm CHALLENGE, then waits for the response and answers with + "OK" or "ERR" in an endless loop. If you use an ntlm authenticator, + make sure you have 1 acl of type proxy_auth. By default, the + ntlm authenticator_program is not used. + + auth_param ntlm program @DEFAULT_PREFIX@/bin/ntlm_auth + + "children" numberofchildren + The number of authenticator processes to spawn (no default). If you + start too few Squid will have to wait for them to process a backlog + of credential verifications, slowing it down. When crendential + verifications are done via a (slow) network you are likely to need + lots of authenticator processes. + auth_param ntlm children 5 + + "max_challenge_reuses" number + The maximum number of times a challenge given by a ntlm authentication + helper can be reused. Increasing this number increases your exposure + to replay attacks on your network. 0 means use the challenge only once. + (disable challenge caching) + See max_ntlm_challenge_lifetime for more information. + auth_param ntlm max_challenge_reuses 0 + + "max_challenge_lifetime" timespan + The maximum time period that a ntlm challenge is reused over. + The actual period will be the minimum of this time AND the number of + reused challenges. + auth_param ntlm max_challenge_lifetime 2 minutes + +NOCOMMENT_START +#Recommended minimum configuration: +#auth_param digest program +#auth_param digest children 5 +#auth_param digest realm Squid proxy-caching web server +#auth_param digest nonce_garbage_interval 5 minutes +#auth_param digest nonce_max_duration 30 minutes +#auth_param digest nonce_max_count 50 +#auth_param ntlm program +#auth_param ntlm children 5 +#auth_param ntlm max_challenge_reuses 0 +#auth_param ntlm max_challenge_lifetime 2 minutes +#auth_param basic program +auth_param basic children 5 +auth_param basic realm Squid proxy-caching web server +auth_param basic credentialsttl 2 hours +NOCOMMENT_END +DOC_END + +NAME: authenticate_cache_garbage_interval +TYPE: time_t +DEFAULT: 1 hour +LOC: Config.authenticateGCInterval +DOC_START + The time period between garbage collection across the username cache. + This is a tradeoff between memory utilisation (long intervals - say + 2 days) and CPU (short intervals - say 1 minute). Only change if + you have good reason to. DOC_END NAME: authenticate_ttl @@ -1122,9 +1329,9 @@ DEFAULT: 1 hour LOC: Config.authenticateTTL DOC_START - The time a checked username/password combination remains cached. - If a wrong password is given for a cached user, the user gets - removed from the username/password cache forcing a revalidation. + The time a user & their credentials stay in the logged in user cache + since their last request. When the garbage interval passes, all + user credentials that have passed their TTL are removed from memory. DOC_END NAME: authenticate_ip_ttl @@ -1154,7 +1361,7 @@ LOC: Config.onoff.authenticateIpTTLStrict DEFAULT: on DOC_START - This option makes authenticate_ip_ttl a bit stricted. With this + This option makes authenticate_ip_ttl a bit stricter. With this enabled authenticate_ip_ttl will deny all access from other IP addresses until the TTL has expired, and the IP address "owning" the userid will not be forced to reauthenticate. @@ -1675,10 +1882,20 @@ # NOTE: This does NOT match the reply. You cannot use this # to match the returned file type. + acl rep_mime_type mime-type1 ... + # regex match against the mime type of the reply recieved by + # squid. Can be used to detect file download or some + # types HTTP tunelling requests. + # NOTE: This has no effect in http_access rules. It only has + # effect in rules that affect the reply data stream such as + # http_reply_access. + + Examples: acl myexample dst_as 1241 acl password proxy_auth REQUIRED acl fileupload req_mime_type -i ^multipart/form-data$ +acl javascript rep_mime_type -i ^application/x-javascript$ NOCOMMENT_START #Recommended minimum configuration: @@ -1741,6 +1958,34 @@ NOCOMMENT_END DOC_END +NAME: http_reply_access +TYPE: acl_access +LOC: Config.accessList.reply +DEFAULT: none +DEFAULT_IF_NONE: allow all +DOC_START + Allow replies to client requests. This is complementary to http_access. + + http_reply_access allow|deny [!] aclname ... + + NOTE: if there are no access lines present, the default is to allow + all replies + + If none of the access lines cause a match, then the opposite of the + last line will apply. Thus it is good practice to end the rules + with an "allow all" or "deny all" entry. + +NOCOMMENT_START +#Recommended minimum configuration: +# +# Insert your own rules here. +# +# +# and finally allow by default +http_reply_access allow all +NOCOMMENT_END +DOC_END + NAME: icp_access TYPE: acl_access @@ -1799,20 +2044,9 @@ The syntax is identical to 'http_access' and the other lists of ACL elements. See the comments for 'http_access' below, or - the Squid FAQ (http://squid.nlanr.net/Squid/FAQ/FAQ-10.html). + the Squid FAQ (http://www.squid-cache.org/FAQ/FAQ-10.html). DOC_END -NAME: proxy_auth_realm -TYPE: eol -DEFAULT: Squid proxy-caching web server -LOC: Config.proxyAuthRealm -DOC_START - Specifies the realm name which is to be reported to the client for - proxy authentication (part of the text the user will see when - prompted their username and password). -DOC_END - - NAME: ident_lookup_access TYPE: acl_access IFDEF: USE_IDENT @@ -1862,17 +2096,19 @@ NAME: cache_effective_group TYPE: string -DEFAULT: nogroup +DEFAULT: none LOC: Config.effectiveGroup DOC_START If the cache is run as root, it will change its effective/real UID/GID to the UID/GID specified below. The default is to - change to UID to nobody and GID to nogroup. + change to UID to nobody and GID to the default group of nobody. If Squid is not started as root, the default is to keep the - current UID/GID. Note that if Squid is not started as root then - you cannot set http_port to a value lower than 1024. + current UID/GID, and only the GID can be changed to any of + the groups the user starting Squid is member of. Note that if + Squid is not started as root then you cannot set http_port to + a value lower than 1024. DOC_END @@ -1929,7 +2165,7 @@ cache_mgr All current information is processed regularly and made - available on the Web at http://ircache.nlanr.net/Cache/Tracker/. + available on the Web at http://www.ircache.net/Cache/Tracker/. COMMENT_END NAME: announce_period @@ -2247,6 +2483,14 @@ which are no more than this many hops away. DOC_END +NAME: minimum_direct_rtt +TYPE: int +DEFAULT: 400 +LOC: Config.minDirectRtt +DOC_START + If using the ICMP pinging stuff, do direct fetches for sites + which are no more than this many rtt milliseconds away. +DOC_END NAME: cachemgr_passwd TYPE: cachemgrpasswd @@ -2501,59 +2745,79 @@ and firewall_ip. DOC_END -NAME: anonymize_headers -TYPE: http_header -LOC: Config.anonymize_headers -DEFAULT: none -DOC_START - Usage: anonymize_headers allow|deny header_name ... - - This option replaces the old 'http_anonymizer' option with - something that is much more configurable. You may now - specify exactly which headers are to be allowed, or which - are to be removed from outgoing requests. - - There are two methods of using this option. You may either - allow specific headers (thus denying all others), or you - may deny specific headers (thus allowing all others). - - For example, to achieve the same behavior as the old +NAME: header_access +TYPE: http_header_access[] +LOC: Config.header_access +DEFAULT: none +DOC_START + Usage: header_access header_name allow|deny [!]aclname ... + + This option replaces the old 'anonymize_headers' and the + older 'http_anonymizer' option with something that is much + more configurable. This new method creates a list of ACLs + for each header, allowing you very fine-tuned header + mangling. + + You can only specify known headers for the header name. + Other headers are reclassified as 'Other'. You can also + refer to all the headers with 'All'. + + For example, to achieve the same behaviour as the old 'http_anonymizer standard' option, you should use: + + header_access From deny all + header_access Referer deny all + header_access Server deny all + header_access User-Agent deny all + header_access WWW-Authenticate deny all + header_access Link deny all - anonymize_headers deny From Referer Server - anonymize_headers deny User-Agent WWW-Authenticate Link - Or, to reproduce the old 'http_anonymizer paranoid' feature you should use: - - anonymize_headers allow Allow Authorization Cache-Control - anonymize_headers allow Content-Encoding Content-Length - anonymize_headers allow Content-Type Date Expires Host - anonymize_headers allow If-Modified-Since Last-Modified - anonymize_headers allow Location Pragma Accept - anonymize_headers allow Accept-Encoding Accept-Language - anonymize_headers allow Content-Language Mime-Version - anonymize_headers allow Retry-After Title Connection - anonymize_headers allow Proxy-Connection - - NOTE: You can not mix "allow" and "deny". All 'anonymize_headers' - lines must have the same second argument. - + + header_access Allow allow all + header_access Authorization allow all + header_access Cache-Control allow all + header_access Content-Encoding allow all + header_access Content-Length allow all + header_access Content-Type allow all + header_access Date allow all + header_access Expires allow all + header_access Host allow all + header_access If-Modified-Since allow all + header_access Last-Modified allow all + header_access Location allow all + header_access Pragma allow all + header_access Accept allow all + header_access Charset allow all + header_access Accept-Encoding allow all + header_access Accept-Language allow all + header_access Content-Language allow all + header_access Mime-Version allow all + header_access Retry-After allow all + header_access Title allow all + header_access Connection allow all + header_access Proxy-Connection allow all + header_access All deny all + By default, all headers are allowed (no anonymizing is performed). DOC_END -NAME: fake_user_agent -TYPE: eol -LOC: Config.fake_ua +NAME: header_replace +TYPE: http_header_replace[] +LOC: Config.header_access DEFAULT: none DOC_START - If you filter the User-Agent header with 'anonymize_headers' it - may cause some Web servers to refuse your request. Use this to - fake one up. For example: - - fake_user_agent Nutscrape/1.0 (CP/M; 8-bit) - (credit to Paul Southworth pauls@etext.org for this one!) + Usage: header_replace header_name message + Example: header_replace User-Agent Nutscrape/1.0 (CP/M; 8-bit) + + This option allows you to change the contents of headers + denied with header_access above, by replacing them with + some fixed string. This replaces the old fake_user_agent + option. + + By default, headers are removed if denied. DOC_END NAME: icon_directory @@ -3092,11 +3356,17 @@ TYPE: string LOC: Config.coredump_dir DEFAULT: none +DEFAULT_IF_NONE: none DOC_START - By default Squid leaves core files in the first cache_dir - directory. If you set 'coredump_dir' to a directory + By default Squid leaves core files in the directory from where + it was started. If you set 'coredump_dir' to a directory that exists, Squid will chdir() to that directory at startup and coredump files will be left there. + +NOCOMMENT_START +# Leave coredumps in the first cache dir +coredump_dir @DEFAULT_SWAP_DIR@ +NOCOMMENT_END DOC_END NAME: redirector_bypass @@ -3222,6 +3492,16 @@ disable persistent connections with clients and/or servers. DOC_END +NAME: pipeline_prefetch +TYPE: onoff +LOC: Config.onoff.pipeline_prefetch +DEFAULT: on +DOC_START + To boost the performance of pipelined requests to closer + match that of a non-proxied environment Squid tries to fetch + up to two requests in parallell from a pipeline. +DOC_END + NAME: extension_methods TYPE: wordlist LOC: Config.ext_methods @@ -3282,5 +3562,29 @@ This is currently work in progress. DOC_END +NAME: ie_refresh +COMMENT: on|off +TYPE: onoff +LOC: Config.onoff.ie_refresh +DEFAULT: off +DOC_START + Microsoft Internet Explorer up until version 5.5 Service + Pack 1 has an issue with transparent proxies, wherein it + is impossible to force a refresh. Turning this on provides + a partial fix to the problem, by causing all IMS-REFRESH + requests from older IE versions to check the origin server + for fresh content. This reduces hit ratio by some amount + (~10% in my experience), but allows users to actually get + fresh content when they want it. Note that because Squid + cannot tell if the user is using 5.5 or 5.5SP1, the behavior + of 5.5 is unchanged from old versions of Squid (i.e. a + forced refresh is impossible). Newer versions of IE will, + hopefully, continue to have the new behavior and will be + handled based on that assumption. This option defaults to + the old Squid behavior, which is better for hit ratios but + worse for clients using IE, if they need to be able to + force fresh content. +DOC_END + EOF Index: squid/src/cf_gen.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/cf_gen.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/cf_gen.c 23 Oct 2000 15:04:20 -0000 1.3 +++ squid/src/cf_gen.c 27 Feb 2001 14:18:51 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: cf_gen.c,v 1.3 2000/10/23 15:04:20 hno Exp $ + * $Id: cf_gen.c,v 1.3.6.1 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: none Generate squid.conf and cf_parser.c * AUTHOR: Max Okumoto * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -66,6 +66,12 @@ #if HAVE_ASSERT_H #include #endif +#if defined(_SQUID_CYGWIN_) +#include +#endif +#if HAVE_FCNTL_H +#include +#endif #include "util.h" @@ -96,6 +102,7 @@ char *ifdef; Line *doc; Line *nocomment; + int array_flag; struct Entry *next; } Entry; @@ -145,6 +152,9 @@ perror(input_filename); exit(1); } +#if defined(_SQUID_CYGWIN_) + setmode(fileno(fp), O_TEXT); +#endif state = sSTART; while (feof(fp) == 0 && state != sEXIT) { char buff[MAX_LINE]; @@ -212,6 +222,11 @@ printf("Error on line %d\n", linenum); exit(1); } + /* hack to support arrays, rather than pointers */ + if (0 == strcmp(ptr + strlen(ptr) - 2, "[]")) { + curr->array_flag = 1; + *(ptr + strlen(ptr) - 2) = '\0'; + } curr->type = xstrdup(ptr); } else if (!strncmp(buff, "IFDEF:", 6)) { if ((ptr = strtok(buff + 6, WS)) == NULL) { @@ -318,6 +333,9 @@ perror(output_filename); exit(1); } +#if defined(_SQUID_CYGWIN_) + setmode(fileno(fp), O_TEXT); +#endif fprintf(fp, "/*\n" " * Generated automatically from %s by %s\n" @@ -340,6 +358,9 @@ perror(conf_filename); exit(1); } +#if defined(_SQUID_CYGWIN_) + setmode(fileno(fp), O_TEXT); +#endif gen_conf(entries, fp); fclose(fp); @@ -470,8 +491,9 @@ ); } else { fprintf(fp, - "\t\tparse_%s(&%s);\n", - entry->type, entry->loc + "\t\tparse_%s(&%s%s);\n", + entry->type, entry->loc, + entry->array_flag ? "[0]" : "" ); } if (entry->ifdef) @@ -530,7 +552,9 @@ continue; if (entry->ifdef) fprintf(fp, "#if %s\n", entry->ifdef); - fprintf(fp, "\tfree_%s(&%s);\n", entry->type, entry->loc); + fprintf(fp, "\tfree_%s(&%s%s);\n", + entry->type, entry->loc, + entry->array_flag ? "[0]" : ""); if (entry->ifdef) fprintf(fp, "#endif\n"); } @@ -608,8 +632,8 @@ line = def; def = line->next; fprintf(fp, "# %s\n", line->data); - free(line->data); - free(line); + xfree(line->data); + xfree(line); } blank = 1; } Index: squid/src/client.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/Attic/client.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/client.c 7 Dec 2000 13:58:11 -0000 1.3.6.1 +++ squid/src/client.c 27 Feb 2001 14:18:51 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: client.c,v 1.3.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: client.c,v 1.3.6.2 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 0 WWW Client * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -46,7 +46,7 @@ static int Now(struct timeval *); static SIGHDLR catch; static SIGHDLR pipe_handler; -static void set_our_signal(); +static void set_our_signal(void); static ssize_t myread(int fd, void *buf, size_t len); static ssize_t mywrite(int fd, void *buf, size_t len); static int put_fd; @@ -89,7 +89,6 @@ int ping, pcount; int keep_alive = 0; int opt_noaccept = 0; - int opt_put = 0; int opt_verbose = 0; char *hostname, *localhost; char url[BUFSIZ], msg[BUFSIZ], buf[BUFSIZ]; @@ -194,8 +193,6 @@ xfree(t); } if (put_file) { - opt_put = 1; - /*method = xstrdup("PUT"); */ put_fd = open(put_file, O_RDONLY); set_our_signal(); if (put_fd < 0) { @@ -203,6 +200,9 @@ xstrerror()); exit(-1); } +#if defined(_SQUID_CYGWIN_) + setmode(put_fd, O_BINARY); +#endif fstat(put_fd, &sb); } snprintf(msg, BUFSIZ, "%s %s HTTP/1.0\r\n", method, url); Index: squid/src/client_db.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/client_db.c,v retrieving revision 1.4.6.1 retrieving revision 1.4.6.2 diff -u -r1.4.6.1 -r1.4.6.2 --- squid/src/client_db.c 7 Dec 2000 13:58:11 -0000 1.4.6.1 +++ squid/src/client_db.c 27 Feb 2001 14:18:51 -0000 1.4.6.2 @@ -1,21 +1,21 @@ /* - * $Id: client_db.c,v 1.4.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: client_db.c,v 1.4.6.2 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 0 Client Database * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -290,7 +290,7 @@ break; case MESH_CTBL_HTHITS: aggr = 0; - for (l = 0; l < LOG_TYPE_MAX; l++) { + for (l = LOG_TAG_NONE; l < LOG_TYPE_MAX; l++) { if (isTcpHit(l)) aggr += c->Http.result_hist[l]; } Index: squid/src/client_side.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/client_side.c,v retrieving revision 1.7.2.1 retrieving revision 1.7.2.2 diff -u -r1.7.2.1 -r1.7.2.2 --- squid/src/client_side.c 7 Dec 2000 13:58:11 -0000 1.7.2.1 +++ squid/src/client_side.c 27 Feb 2001 14:18:51 -0000 1.7.2.2 @@ -1,21 +1,21 @@ /* - * $Id: client_side.c,v 1.7.2.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: client_side.c,v 1.7.2.2 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 33 Client-side Routines * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -62,6 +62,9 @@ #endif #endif +#if LINUX_NETFILTER +#include +#endif #if LINGERING_CLOSE @@ -113,6 +116,7 @@ static log_type clientProcessRequest2(clientHttpRequest * http); static int clientReplyBodyTooLarge(int clen); static int clientRequestBodyTooLarge(int clen); +static void clientProcessBody(ConnStateData * conn); static int checkAccelOnly(clientHttpRequest * http) @@ -135,11 +139,9 @@ clientIdentDone(const char *ident, void *data) { ConnStateData *conn = data; - if (ident) - xstrncpy(conn->ident, ident, sizeof(conn->ident)); - else - xstrncpy(conn->ident, "-", sizeof(conn->ident)); + xstrncpy(conn->rfc931, ident ? ident : dash_str, USER_IDENT_SZ); } + #endif static aclCheck_t * @@ -149,15 +151,16 @@ ConnStateData *conn = http->conn; ch = aclChecklistCreate(acl, http->request, - conn->ident); -#if USE_IDENT + conn->rfc931); + /* * hack for ident ACL. It needs to get full addresses, and a * place to store the ident result on persistent connections... */ + /* connection oriented auth also needs these two lines for it's operation. */ ch->conn = conn; cbdataLock(ch->conn); -#endif + return ch; } @@ -212,13 +215,15 @@ clientAccessCheckDone(int answer, void *data) { clientHttpRequest *http = data; - int page_id = -1; + err_type page_id; http_status status; ErrorState *err = NULL; + char *proxy_auth_msg = NULL; debug(33, 2) ("The request %s %s is %s, because it matched '%s'\n", RequestMethodStr[http->request->method], http->uri, answer == ACCESS_ALLOWED ? "ALLOWED" : "DENIED", AclMatchedName ? AclMatchedName : "NO ACL's"); + proxy_auth_msg = authenticateAuthUserRequestMessage(http->conn->auth_user_request ? http->conn->auth_user_request : http->request->auth_user_request); http->acl_checklist = NULL; if (answer == ACCESS_ALLOWED) { safe_free(http->uri); @@ -230,6 +235,8 @@ debug(33, 5) ("Access Denied: %s\n", http->uri); debug(33, 5) ("AclMatchedName = %s\n", AclMatchedName ? AclMatchedName : ""); + debug(33, 5) ("Proxy Auth Message = %s\n", + proxy_auth_msg ? proxy_auth_msg : ""); /* * NOTE: get page_id here, based on AclMatchedName because * if USE_DELAY_POOLS is enabled, then AclMatchedName gets @@ -248,16 +255,28 @@ /* WWW authorisation needed */ status = HTTP_UNAUTHORIZED; } - if (page_id <= 0) + if (page_id == ERR_NONE) page_id = ERR_CACHE_ACCESS_DENIED; } else { status = HTTP_FORBIDDEN; - if (page_id <= 0) + if (page_id == ERR_NONE) page_id = ERR_ACCESS_DENIED; } err = errorCon(page_id, status); err->request = requestLink(http->request); +<<<<<<< client_side.c err->src_addr = ADDR_FROM_SA(http->conn->peer); +======= + err->src_addr = http->conn->peer.sin_addr; + if (http->conn->auth_user_request) + err->auth_user_request = http->conn->auth_user_request; + else if (http->request->auth_user_request) + err->auth_user_request = http->request->auth_user_request; + /* lock for the error state */ + if (err->auth_user_request) + authenticateAuthUserRequestLock(err->auth_user_request); + err->callback_data = NULL; +>>>>>>> 1.21 errorAppendEntry(http->entry, err); } } @@ -273,8 +292,8 @@ assert(http->redirect_state == REDIRECT_PENDING); http->redirect_state = REDIRECT_DONE; if (result) { - http_status status = atoi(result); - if (status == 301 || status == 302) { + http_status status = (http_status)atoi(result); + if (status == HTTP_MOVED_PERMANENTLY || status == HTTP_MOVED_TEMPORARILY) { char *t = result; if ((t = strchr(result, ':')) != NULL) { http->redirect.status = status; @@ -295,13 +314,10 @@ new_request->my_addr = old_request->my_addr; new_request->my_port = old_request->my_port; new_request->flags.redirected = 1; - if (old_request->user_ident[0]) - xstrncpy(new_request->user_ident, old_request->user_ident, - USER_IDENT_SZ); - if (old_request->body) { - new_request->body = xmalloc(old_request->body_sz); - xmemcpy(new_request->body, old_request->body, old_request->body_sz); - new_request->body_sz = old_request->body_sz; + new_request->auth_user_request = old_request->auth_user_request; + if (old_request->body_connection) { + new_request->body_connection = old_request->body_connection; + old_request->body_connection = NULL; } new_request->content_length = old_request->content_length; new_request->flags.proxy_keepalive = old_request->flags.proxy_keepalive; @@ -603,7 +619,7 @@ */ http->entry = clientCreateStoreEntry(http, http->request->method, null_request_flags); httpReplyReset(r = http->entry->mem_obj->reply); - httpBuildVersion(&version,1,0); + httpBuildVersion(&version, 1, 0); httpReplySetHeaders(r, version, status, NULL, NULL, 0, 0, -1); httpReplySwapOut(r, http->entry); storeComplete(http->entry); @@ -621,7 +637,7 @@ return 1; } -void +static void clientUpdateCounters(clientHttpRequest * http) { int svc_time = tvSubMsec(http->start, current_time); @@ -696,6 +712,8 @@ MemObject *mem = NULL; debug(33, 3) ("httpRequestFree: %s\n", storeUrl(http->entry)); if (!clientCheckTransferDone(http)) { + if (request && request->body_connection) + clientAbortBody(request); /* abort body transter */ #if MYSTERIOUS_CODE /* * DW: this seems odd here, is it really needed? It causes @@ -736,10 +754,13 @@ http->al.http.version = request->http_ver; http->al.headers.request = xstrdup(mb.buf); http->al.hier = request->hier; - if (request->user_ident[0]) - http->al.cache.ident = request->user_ident; - else - http->al.cache.ident = conn->ident; + if (request->auth_user_request) { + http->al.cache.authuser = xstrdup(authenticateUserRequestUsername(request->auth_user_request)); + authenticateAuthUserRequestUnlock(request->auth_user_request); + request->auth_user_request = NULL; + } + if (conn->rfc931[0]) + http->al.cache.rfc931 = conn->rfc931; packerClean(&p); memBufClean(&mb); } @@ -774,6 +795,7 @@ requestUnlink(http->request); assert(http != http->next); assert(http->conn->chr != NULL); + /* Unlink us from the clients request list */ H = &http->conn->chr; while (*H) { if (*H == http) @@ -795,7 +817,12 @@ clientHttpRequest *http; debug(33, 3) ("connStateFree: FD %d\n", fd); assert(connState != NULL); +<<<<<<< client_side.c clientdbEstablished(ADDR_FROM_SA(connState->peer), -1); /* decrement */ +======= + authenticateOnCloseConnection(connState); + clientdbEstablished(connState->peer.sin_addr, -1); /* decrement */ +>>>>>>> 1.21 while ((http = connState->chr) != NULL) { assert(http->conn == connState); assert(connState->chr != connState->chr->next); @@ -823,9 +850,7 @@ request_t *request = http->request; const HttpHeader *req_hdr = &request->header; int no_cache = 0; -#if defined(USE_USERAGENT_LOG) || defined(USE_REFERER_LOG) const char *str; -#endif request->imslen = -1; request->ims = httpHeaderGetTime(req_hdr, HDR_IF_MODIFIED_SINCE); if (request->ims > 0) @@ -840,6 +865,27 @@ if (request->cache_control) if (EBIT_TEST(request->cache_control->mask, CC_NO_CACHE)) no_cache++; + /* Work around for supporting the Reload button in IE browsers + * when Squid is used as an accelerator or transparent proxy, + * by turning accelerated IMS request to no-cache requests. + * Now knows about IE 5.5 fix (is actually only fixed in SP1, + * but we can't tell whether we are talking to SP1 or not so + * all 5.5 versions are treated 'normally'). + */ + if (Config.onoff.ie_refresh) { + if (http->flags.accel && request->flags.ims) { + if ((str = httpHeaderGetStr(req_hdr, HDR_USER_AGENT))) { + if (strstr(str, "MSIE 5.01") != NULL) + no_cache++; + else if (strstr(str, "MSIE 5.0") != NULL) + no_cache++; + else if (strstr(str, "MSIE 4.") != NULL) + no_cache++; + else if (strstr(str, "MSIE 3.") != NULL) + no_cache++; + } + } + } if (no_cache) { #if HTTP_VIOLATIONS if (Config.onoff.reload_into_ims) @@ -957,14 +1003,18 @@ if (req->protocol == PROTO_HTTP) return httpCachable(method); /* FTP is always cachable */ - if (req->protocol == PROTO_GOPHER) - return gopherCachable(url); if (req->protocol == PROTO_WAIS) return 0; if (method == METHOD_CONNECT) return 0; if (method == METHOD_TRACE) return 0; + if (method == METHOD_PUT) + return 0; + if (method == METHOD_POST) + return 0; /* XXX POST may be cached sometimes.. ignored for now */ + if (req->protocol == PROTO_GOPHER) + return gopherCachable(url); if (req->protocol == PROTO_CACHEOBJ) return 0; return 1; @@ -1243,6 +1293,9 @@ httpHeaderPutInt(hdr, HDR_AGE, squid_curtime - http->entry->timestamp); } + /* Handle authentication headers */ + if (request->auth_user_request) + authenticateFixHeader(rep, request->auth_user_request, request, http->flags.accel); /* Append X-Cache */ httpHeaderPutStrf(hdr, HDR_X_CACHE, "%s from %s", is_hit ? "HIT" : "MISS", getMyHostname()); @@ -1270,6 +1323,7 @@ httpHeaderPutStr(hdr, HDR_X_REQUEST_URI, http->entry->mem_obj->url ? http->entry->mem_obj->url : http->uri); #endif + httpHdrMangleList(hdr, request); } static HttpReply * @@ -1279,7 +1333,7 @@ size_t k = headersEnd(buf, size); if (k && httpReplyParse(rep, buf, k)) { /* enforce 1.0 reply version */ - httpBuildVersion(&rep->sline.version,1,0); + httpBuildVersion(&rep->sline.version, 1, 0); /* do header conversions */ clientBuildReplyHeader(http, rep); /* if we do ranges, change status to "Partial Content" */ @@ -1649,6 +1703,34 @@ return 0; } + +/* Responses with no body will not have a content-type header, + * which breaks the rep_mime_type acl, which + * coincidentally, is the most common acl for reply access lists. + * A better long term fix for this is to allow acl matchs on the various + * status codes, and then supply a default ruleset that puts these + * codes before any user defines access entries. That way the user + * can choose to block these responses where appropriate, but won't get + * mysterious breakages. + */ +static int +clientAlwaysAllowResponse(http_status sline) +{ + switch (sline) { + case HTTP_CONTINUE: + case HTTP_SWITCHING_PROTOCOLS: + case HTTP_PROCESSING: + case HTTP_NO_CONTENT: + case HTTP_NOT_MODIFIED: + return 1; + /* unreached */ + break; + default: + return 0; + } +} + + /* * accepts chunk of a http message in buf, parses prefix, filters headers and * such, writes processed message to the client's socket @@ -1715,12 +1797,39 @@ httpReplyDestroy(rep); return; } else if (rep) { + aclCheck_t *ch; + int rv; body_size = size - rep->hdr_sz; assert(body_size >= 0); body_buf = buf + rep->hdr_sz; http->range_iter.prefix_size = rep->hdr_sz; debug(33, 3) ("clientSendMoreData: Appending %d bytes after %d bytes of headers\n", body_size, rep->hdr_sz); + ch = aclChecklistCreate(Config.accessList.reply, http->request, NULL); + ch->reply = rep; + rv = aclCheckFast(Config.accessList.reply, ch); + debug(33, 2) ("The reply for %s %s is %s, because it matched '%s'\n", + RequestMethodStr[http->request->method], http->uri, + rv ? "ALLOWED" : "DENIED", + AclMatchedName ? AclMatchedName : "NO ACL's"); + if (!rv && rep->sline.status != HTTP_FORBIDDEN + && !clientAlwaysAllowResponse(rep->sline.status)) { + /* the if above is slightly broken, but there is no way + * to tell if this is a squid generated error page, or one from + * upstream at this point. */ + ErrorState *err; + err = errorCon(ERR_ACCESS_DENIED, HTTP_FORBIDDEN); + err->request = requestLink(http->request); + storeUnregister(http->sc, http->entry, http); + http->sc = NULL; + storeUnlockObject(http->entry); + http->entry = clientCreateStoreEntry(http, http->request->method, + null_request_flags); + errorAppendEntry(http->entry, err); + httpReplyDestroy(rep); + return; + } + aclChecklistFree(ch); } else if (size < CLIENT_SOCK_SZ && entry->store_status == STORE_PENDING) { /* wait for more to arrive */ storeClientCopy(http->sc, entry, @@ -1823,7 +1932,7 @@ if ((http = conn->chr) == NULL) { debug(33, 5) ("clientKeepaliveNextRequest: FD %d reading next req\n", conn->fd); - fd_note(conn->fd, "Reading next request"); + fd_note(conn->fd, "Waiting for next request"); /* * Set the timeout BEFORE calling clientReadRequest(). */ @@ -2094,7 +2203,7 @@ storeReleaseRequest(http->entry); storeBuffer(http->entry); rep = httpReplyCreate(); - httpBuildVersion(&version,1,0); + httpBuildVersion(&version, 1, 0); httpReplySetHeaders(rep, version, HTTP_OK, NULL, "text/plain", httpRequestPrefixLen(r), 0, squid_curtime); httpReplySwapOut(rep, http->entry); @@ -2105,13 +2214,6 @@ } /* yes, continue */ http->log_type = LOG_TCP_MISS; - } else if (r->content_length >= 0) { - /* - * Need to initialize pump even if content-length: 0 - */ - http->log_type = LOG_TCP_MISS; - /* XXX oof, POST can be cached! */ - pumpInit(fd, r, http->uri); } else { http->log_type = clientProcessRequest2(http); } @@ -2204,8 +2306,8 @@ static clientHttpRequest * parseHttpRequestAbort(ConnStateData * conn, const char *uri) { - clientHttpRequest *http = memAllocate(MEM_CLIENTHTTPREQUEST); - cbdataAdd(http, memFree, MEM_CLIENTHTTPREQUEST); + clientHttpRequest *http; + http = CBDATA_ALLOC(clientHttpRequest, NULL); http->conn = conn; http->start = current_time; http->req_sz = conn->in.offset; @@ -2235,7 +2337,6 @@ char *token = NULL; char *t = NULL; char *end; - int free_request = 0; size_t header_sz; /* size of headers, not including first line */ size_t prefix_sz; /* size of whole request (req-line + headers) */ size_t url_sz; @@ -2248,6 +2349,9 @@ static int siocgnatl_cmd = SIOCGNATL & 0xff; int x; #endif +#if LINUX_NETFILTER + size_t sock_sz = sizeof(conn->me); +#endif if ((req_sz = headersEnd(conn->in.buf, conn->in.offset)) == 0) { debug(33, 5) ("Incomplete request, waiting for end of headers\n"); @@ -2308,16 +2412,16 @@ if (token == NULL) { debug(33, 3) ("parseHttpRequest: Missing HTTP identifier\n"); #if RELAXED_HTTP_PARSER - httpBuildVersion(&http_ver,0,9); /* wild guess */ + httpBuildVersion(&http_ver, 0, 9); /* wild guess */ #else return parseHttpRequestAbort(conn, "error:missing-http-ident"); #endif } else { - if (sscanf(token+5, "%d.%d", &http_ver.major, &http_ver.minor)!=2){ - debug(33, 3) ("parseHttpRequest: Invalid HTTP identifier.\n"); - return parseHttpRequestAbort(conn, "error: invalid HTTP-ident"); - } - debug(33, 6) ("parseHttpRequest: Client HTTP version %d.%d.\n",http_ver.major, http_ver.minor); + if (sscanf(token + 5, "%d.%d", &http_ver.major, &http_ver.minor) != 2) { + debug(33, 3) ("parseHttpRequest: Invalid HTTP identifier.\n"); + return parseHttpRequestAbort(conn, "error: invalid HTTP-ident"); + } + debug(33, 6) ("parseHttpRequest: Client HTTP version %d.%d.\n", http_ver.major, http_ver.minor); } /* @@ -2342,8 +2446,7 @@ assert(prefix_sz <= conn->in.offset); /* Ok, all headers are received */ - http = memAllocate(MEM_CLIENTHTTPREQUEST); - cbdataAdd(http, memFree, MEM_CLIENTHTTPREQUEST); + http = CBDATA_ALLOC(clientHttpRequest, NULL); http->http_ver = http_ver; http->conn = conn; http->start = current_time; @@ -2369,8 +2472,12 @@ else if (Config2.Accel.on && *url == '/') { /* prepend the accel prefix */ if (opt_accel_uses_host && (t = mime_get_header(req_hdr, "Host"))) { - int vport = (int) Config.Accel.port; + int vport; char *q; + if (vport_mode) + vport = (int) ntohs(http->conn->me.sin_port); + else + vport = (int) Config.Accel.port; /* If a Host: header was specified, use it to build the URL * instead of the one in the Config file. */ /* @@ -2383,7 +2490,8 @@ strtok(t, " /;@"); if ((q = strchr(t, ':'))) { *q++ = '\0'; - vport = atoi(q); + if (vport_mode) + vport = atoi(q); } url_sz = strlen(url) + 32 + Config.appendDomainLen + strlen(t); @@ -2435,11 +2543,19 @@ snprintf(http->uri, url_sz, "http://%s:%d%s", SA_NTOA(http->conn->me), vport, url); - } else - snprintf(http->uri, url_sz, "http://%s:%d%s", - inet_ntoa(natLookup.nl_realip), - vport, url); + } else if (vport_mode) + vport = natLookup.nl_realport; + snprintf(http->uri, url_sz, "http://%s:%d%s", + inet_ntoa(natLookup.nl_realip), + vport, url); #else +#if LINUX_NETFILTER + /* If the call fails the address structure will be unchanged */ + getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz); + debug(33, 5) ("parseHttpRequest: addr = %s", inet_ntoa(conn->me.sin_addr)); + if (vport_mode) + vport = (int) ntohs(http->conn->me.sin_port); +#endif snprintf(http->uri, url_sz, "http://%s:%d%s", SA_NTOA(http->conn->me), vport, url); @@ -2464,8 +2580,6 @@ else http->log_uri = xstrndup(rfc1738_escape_unescaped(http->uri), MAX_URL); debug(33, 5) ("parseHttpRequest: Complete request received\n"); - if (free_request) - safe_free(url); xfree(inbuf); *status = 1; return http; @@ -2475,7 +2589,10 @@ clientReadDefer(int fdnotused, void *data) { ConnStateData *conn = data; - return conn->defer.until > squid_curtime; + if (conn->body.size_left) + return conn->in.offset >= conn->in.size; + else + return conn->defer.until > squid_curtime; } static void @@ -2508,14 +2625,18 @@ * whole, not individual read() calls. Plus, it breaks our * lame half-close detection */ - commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, conn, 0); - if (size == 0) { - if (conn->chr == NULL) { + if (size > 0) { + conn->in.offset += size; + conn->in.buf[conn->in.offset] = '\0'; /* Terminate the string */ + } else if (size == 0 && len > 0) { + if (conn->chr == NULL && conn->in.offset == 0) { /* no current or pending requests */ + debug(33, 4) ("clientReadRequest: FD %d closed\n", fd); comm_close(fd); return; } else if (!Config.onoff.half_closed_clients) { /* admin doesn't want to support half-closed client sockets */ + debug(33, 3) ("clientReadRequest: FD %d aborted (half_closed_clients disabled)\n", fd); comm_close(fd); return; } @@ -2525,7 +2646,11 @@ conn->defer.until = squid_curtime + 1; conn->defer.n++; fd_note(fd, "half-closed"); - return; + /* There is one more close check at the end, to detect aborted + * (partial) requests. At this point we can't tell if the request + * is partial. + */ + /* Continue to process previously read data */ } else if (size < 0) { if (!ignoreErrno(errno)) { debug(50, 2) ("clientReadRequest: FD %d: %s\n", fd, xstrerror()); @@ -2536,13 +2661,16 @@ return; } /* Continue to process previously read data */ - size = 0; } - conn->in.offset += size; - /* Skip leading (and trailing) whitespace */ - while (conn->in.offset > 0) { + commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, conn, 0); + /* Process request body if any */ + if (conn->in.offset > 0 && conn->body.callback != NULL) + clientProcessBody(conn); + /* Process next request */ + while (conn->in.offset > 0 && conn->body.size_left == 0) { int nrequests; size_t req_line_sz; + /* Skip leading (and trailing) whitespace */ while (conn->in.offset > 0 && xisspace(conn->in.buf[0])) { xmemmove(conn->in.buf, conn->in.buf + 1, conn->in.offset - 1); conn->in.offset--; @@ -2552,12 +2680,15 @@ break; /* Limit the number of concurrent requests to 2 */ for (H = &conn->chr, nrequests = 0; *H; H = &(*H)->next, nrequests++); - if (nrequests >= 2) { + if (nrequests >= (Config.onoff.pipeline_prefetch ? 2 : 1)) { debug(33, 3) ("clientReadRequest: FD %d max concurrent requests reached\n", fd); debug(33, 5) ("clientReadRequest: FD %d defering new request until one is done\n", fd); conn->defer.until = squid_curtime + 100; /* Reset when a request is complete */ break; } + conn->in.buf[conn->in.offset] = '\0'; /* Terminate the string */ + if (nrequests == 0) + fd_note(conn->fd, "Reading next request"); /* Process request */ http = parseHttpRequest(conn, &method, @@ -2652,7 +2783,7 @@ errorAppendEntry(http->entry, err); break; } - if (0 == clientCheckContentLength(request)) { + if (!clientCheckContentLength(request)) { err = errorCon(ERR_INVALID_REQ, HTTP_LENGTH_REQUIRED); err->src_addr = ADDR_FROM_SA(conn->peer); err->request = requestLink(request); @@ -2662,38 +2793,13 @@ break; } http->request = requestLink(request); - /* - * We need to set the keepalive flag before doing some - * hacks for POST/PUT requests below. Maybe we could - * set keepalive flag even earlier. - */ clientSetKeepaliveFlag(http); - /* - * break here if the request has a content-length - * because there is a reqeust body following and we - * don't want to parse it as though it was new request. - */ - if (request->content_length >= 0) { - int copy_len = XMIN(conn->in.offset, request->content_length); - if (copy_len > 0) { - assert(conn->in.offset >= copy_len); - request->body_sz = copy_len; - request->body = xmalloc(request->body_sz); - xmemcpy(request->body, conn->in.buf, request->body_sz); - conn->in.offset -= copy_len; - if (conn->in.offset) - xmemmove(conn->in.buf, conn->in.buf + copy_len, conn->in.offset); - } - /* - * if we didn't get the full body now, then more will - * be arriving on the client socket. Lets cancel - * the read handler until this request gets forwarded. - */ - if (request->body_sz < request->content_length) - commSetSelect(fd, COMM_SELECT_READ, NULL, NULL, 0); - if (request->content_length < 0) - (void) 0; - else if (clientRequestBodyTooLarge(request->content_length)) { + /* Do we expect a request-body? */ + if (request->content_length > 0) { + conn->body.size_left = request->content_length; + request->body_connection = conn; + /* Is it too large? */ + if (clientRequestBodyTooLarge(request->content_length)) { err = errorCon(ERR_TOO_BIG, HTTP_REQUEST_ENTITY_TOO_LARGE); err->request = requestLink(request); http->entry = clientCreateStoreEntry(http, @@ -2703,7 +2809,7 @@ } } clientAccessCheck(http); - continue; /* while offset > 0 */ + continue; /* while offset > 0 && body.size_left == 0 */ } else if (parser_return_code == 0) { /* * Partial request received; reschedule until parseHttpRequest() @@ -2742,9 +2848,134 @@ } break; } + } /* while offset > 0 && conn->body.size_left == 0 */ + /* Check if a half-closed connection was aborted in the middle */ + if (F->flags.socket_eof) { + if (conn->in.offset != conn->body.size_left) { /* != 0 when no request body */ + /* Partial request received. Abort client connection! */ + debug(33, 3) ("clientReadRequest: FD %d aborted\n", fd); + comm_close(fd); + return; + } + } +} + +/* file_read like function, for reading body content */ +void +clientReadBody(request_t * request, char *buf, size_t size, CBCB * callback, void *cbdata) +{ + ConnStateData *conn = request->body_connection; + if (!conn) { + debug(33, 5) ("clientReadBody: no body to read, request=%p\n", request); + callback(buf, 0, cbdata); /* Signal end of body */ + return; + } + debug(33, 2) ("clientReadBody: start fd=%d body_size=%d in.offset=%d cb=%p req=%p\n", conn->fd, conn->body.size_left, conn->in.offset, callback, request); + conn->body.callback = callback; + conn->body.cbdata = cbdata; + conn->body.buf = buf; + conn->body.bufsize = size; + conn->body.request = requestLink(request); + if (conn->in.offset) { + /* Data available */ + clientProcessBody(conn); + } else { + debug(33, 2) ("clientReadBody: fd %d wait for clientReadRequest\n", conn->fd); } } +/* Called by clientReadRequest to process body content */ +static void +clientProcessBody(ConnStateData * conn) +{ + int size; + char *buf = conn->body.buf; + void *cbdata = conn->body.cbdata; + CBCB *callback = conn->body.callback; + request_t *request = conn->body.request; + /* Note: request is null while eating "aborted" transfers */ + debug(33, 2) ("clientProcessBody: start fd=%d body_size=%d in.offset=%d cb=%p req=%p\n", conn->fd, conn->body.size_left, conn->in.offset, callback, request); + /* Some sanity checks... */ + assert(conn->body.size_left > 0); + assert(conn->in.offset > 0); + assert(callback != NULL); + assert(buf != NULL); + /* How much do we have to process? */ + size = conn->in.offset; + if (size > conn->body.size_left) /* only process the body part */ + size = conn->body.size_left; + if (size > conn->body.bufsize) /* don't copy more than requested */ + size = conn->body.bufsize; + xmemcpy(buf, conn->in.buf, size); + conn->body.size_left -= size; + /* Move any remaining data */ + conn->in.offset -= size; + if (conn->in.offset > 0) + xmemmove(conn->in.buf, conn->in.buf + size, conn->in.offset); + /* Remove request link if this is the last part of the body, as + * clientReadRequest automatically continues to process next request */ + if (conn->body.size_left <= 0 && request != NULL) + request->body_connection = NULL; + /* Remove clientReadBody arguments (the call is completed) */ + conn->body.request = NULL; + conn->body.callback = NULL; + conn->body.buf = NULL; + conn->body.bufsize = 0; + /* Remember that we have touched the body, not restartable */ + if (request != NULL) + request->flags.body_sent = 1; + /* Invoke callback function */ + callback(buf, size, cbdata); + if (request != NULL) + requestUnlink(request); /* Linked in clientReadBody */ + debug(33, 2) ("clientProcessBody: end fd=%d size=%d body_size=%d in.offset=%d cb=%p req=%p\n", conn->fd, size, conn->body.size_left, conn->in.offset, callback, request); + return; +} + +/* A dummy handler that throws away a request-body */ +static char bodyAbortBuf[SQUID_TCP_SO_RCVBUF]; +static void +clientReadBodyAbortHandler(char *buf, size_t size, void *data) +{ + ConnStateData *conn = (ConnStateData *) data; + debug(33, 2) ("clientReadBodyAbortHandler: fd=%d body_size=%d in.offset=%d\n", conn->fd, conn->body.size_left, conn->in.offset); + if (size != 0 && conn->body.size_left != 0) { + debug(33, 3) ("clientReadBodyAbortHandler: fd=%d shedule next read\n", conn->fd); + conn->body.callback = clientReadBodyAbortHandler; + conn->body.buf = bodyAbortBuf; + conn->body.bufsize = sizeof(bodyAbortBuf); + conn->body.cbdata = data; + } +} + +/* Abort a body request */ +int +clientAbortBody(request_t * request) +{ + ConnStateData *conn = request->body_connection; + char *buf; + CBCB *callback; + void *cbdata; + request->body_connection = NULL; + if (!conn || conn->body.size_left <= 0) + return 0; /* No body to abort */ + if (conn->body.callback != NULL) { + buf = conn->body.buf; + callback = conn->body.callback; + cbdata = conn->body.cbdata; + assert(request == conn->body.request); + conn->body.buf = NULL; + conn->body.callback = NULL; + conn->body.cbdata = NULL; + conn->body.request = NULL; + callback(buf, -1, cbdata); /* Signal abort to clientReadBody caller */ + requestUnlink(request); + } + clientReadBodyAbortHandler(NULL, -1, conn); /* Install abort handler */ + /* clientProcessBody() */ + return 1; /* Aborted */ +} + /* general lifetime handler for HTTP requests */ static void requestTimeout(int fd, void *data) @@ -2848,8 +3079,7 @@ break; } debug(33, 4) ("httpAccept: FD %d: accepted\n", fd); - connState = memAllocate(MEM_CONNSTATEDATA); - cbdataAdd(connState, memFree, MEM_CONNSTATEDATA); + connState = CBDATA_ALLOC(ConnStateData, NULL); connState->peer = peer; connState->log_addr = ADDR_FROM_SA(peer); /* connState->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr; */ Index: squid/src/comm.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/comm.c,v retrieving revision 1.4.6.1 retrieving revision 1.4.6.2 diff -u -r1.4.6.1 -r1.4.6.2 --- squid/src/comm.c 7 Dec 2000 13:58:11 -0000 1.4.6.1 +++ squid/src/comm.c 27 Feb 2001 14:18:51 -0000 1.4.6.2 @@ -1,21 +1,21 @@ /* - * $Id: comm.c,v 1.4.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: comm.c,v 1.4.6.2 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 5 Socket Functions * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -69,10 +69,9 @@ static void commConnectCallback(ConnectStateData * cs, int status); static int commResetFD(ConnectStateData * cs); static int commRetryConnect(ConnectStateData * cs); -static CBDUNL commConnectDataFree; +CBDATA_TYPE(ConnectStateData); static MemPool *comm_write_pool = NULL; -static MemPool *conn_state_pool = NULL; static MemPool *conn_close_pool = NULL; static void @@ -228,9 +227,9 @@ void commConnectStart(int fd, const char *host, u_short port, CNCB * callback, void *data) { - ConnectStateData *cs = memPoolAlloc(conn_state_pool); + ConnectStateData *cs; debug(5, 3) ("commConnectStart: FD %d, %s:%d\n", fd, host, (int) port); - cbdataAdd(cs, commConnectDataFree, 0); + cs = CBDATA_ALLOC(ConnectStateData, NULL); cs->fd = fd; cs->host = xstrdup(host); cs->port = port; @@ -243,12 +242,6 @@ } static void -commConnectDataFree(void *data, int unused) -{ - memPoolFree(conn_state_pool, data); -} - -static void commConnectDnsHandle(const ipcache_addrs * ia, void *data) { ConnectStateData *cs = data; @@ -792,8 +785,8 @@ * after accepting a client but before it opens a socket or a file. * Since Squid_MaxFD can be as high as several thousand, don't waste them */ RESERVED_FD = XMIN(100, Squid_MaxFD / 4); + CBDATA_INIT_TYPE(ConnectStateData); comm_write_pool = memPoolCreate("CommWriteStateData", sizeof(CommWriteStateData)); - conn_state_pool = memPoolCreate("ConnectStateData", sizeof(ConnectStateData)); conn_close_pool = memPoolCreate("close_handler", sizeof(close_handler)); } @@ -858,7 +851,7 @@ /* Select for Writing on FD, until SIZE bytes are sent. Call - * * HANDLER when complete. */ + * *HANDLER when complete. */ void comm_write(int fd, char *buf, int size, CWCB * handler, void *handler_data, FREE * free_func) { @@ -870,7 +863,6 @@ memPoolFree(comm_write_pool, state); fd_table[fd].rwstate = NULL; } - assert(state == NULL); fd_table[fd].rwstate = state = memPoolAlloc(comm_write_pool); state->buf = buf; state->size = size; Index: squid/src/comm_select.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/comm_select.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/comm_select.c 23 Oct 2000 15:04:20 -0000 1.3 +++ squid/src/comm_select.c 27 Feb 2001 14:18:51 -0000 1.3.6.1 @@ -1,20 +1,20 @@ /* - * $Id: comm_select.c,v 1.3 2000/10/23 15:04:20 hno Exp $ + * $Id: comm_select.c,v 1.3.6.1 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 5 Socket Functions * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -63,7 +63,9 @@ static void comm_select_dns_incoming(void); #endif +#if !HAVE_POLL static struct timeval zero_tv; +#endif static fd_set global_readfds; static fd_set global_writefds; static int nreadfds; @@ -916,8 +918,10 @@ void comm_select_init(void) { +#if !HAVE_POLL zero_tv.tv_sec = 0; zero_tv.tv_usec = 0; +#endif cachemgrRegister("comm_incoming", "comm_incoming() stats", commIncomingStats, 0, 1); Index: squid/src/debug.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/debug.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/debug.c 23 Oct 2000 15:04:20 -0000 1.3 +++ squid/src/debug.c 27 Feb 2001 14:18:51 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: debug.c,v 1.3 2000/10/23 15:04:20 hno Exp $ + * $Id: debug.c,v 1.3.6.1 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 0 Debug Routines * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -38,7 +38,7 @@ static char *debug_log_file = NULL; static int Ctx_Lock = 0; static const char *debugLogTime(time_t); -static void ctx_print(); +static void ctx_print(void); #if STDC_HEADERS void @@ -157,6 +157,9 @@ fflush(stderr); debug_log = stderr; } +#if defined(_SQUID_CYGWIN_) + setmode(fileno(debug_log), O_TEXT); +#endif } void Index: squid/src/defines.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/defines.h,v retrieving revision 1.3.6.2 retrieving revision 1.3.6.3 diff -u -r1.3.6.2 -r1.3.6.3 --- squid/src/defines.h 24 Feb 2001 12:20:40 -0000 1.3.6.2 +++ squid/src/defines.h 27 Feb 2001 14:18:51 -0000 1.3.6.3 @@ -1,19 +1,19 @@ /* - * $Id: defines.h,v 1.3.6.2 2001/02/24 12:20:40 rvenning Exp $ + * $Id: defines.h,v 1.3.6.3 2001/02/27 14:18:51 rvenning Exp $ * * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -54,7 +54,6 @@ #define DefaultDnsChildrenMax 32 /* 32 processes */ #define DefaultRedirectChildrenMax 32 /* 32 processes */ -#define DefaultAuthenticateChildrenMax 32 /* 32 processes */ #define MAXHTTPPORTS 12 #define COMM_OK (0) @@ -134,10 +133,9 @@ #define REDIRECT_DONE 2 #define AUTHENTICATE_AV_FACTOR 1000 +/* AUTHENTICATION */ -#define AUTHENTICATE_NONE 0 -#define AUTHENTICATE_PENDING 1 -#define AUTHENTICATE_DONE 2 +#define NTLM_CHALLENGE_SZ 300 #define CONNECT_PORT 443 @@ -372,6 +370,15 @@ #endif +/* cbdata macros */ +#define CBDATA_ALLOC(type, unl) ((type *)cbdataInternalAlloc(CBDATA_##type, unl)) +#define CBDATA_TYPE(type) static cbdata_type CBDATA_##type = 0 +#define CBDATA_GLOBAL_TYPE(type) cbdata_type CBDATA_##type +#define CBDATA_INIT_TYPE(type) (CBDATA_##type ? 0 : (CBDATA_##type = cbdataAddType(CBDATA_##type, #type, sizeof(type)))) - - +#ifndef O_TEXT +#define O_TEXT 0 +#endif +#ifndef O_BINARY +#define O_BINARY 0 +#endif Index: squid/src/delay_pools.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/delay_pools.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/delay_pools.c 23 Oct 2000 15:04:20 -0000 1.3 +++ squid/src/delay_pools.c 27 Feb 2001 14:18:51 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: delay_pools.c,v 1.3 2000/10/23 15:04:20 hno Exp $ + * $Id: delay_pools.c,v 1.3.6.1 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 77 Delay Pools * AUTHOR: David Luyer * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/disk.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/disk.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/disk.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/disk.c 27 Feb 2001 14:18:51 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: disk.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: disk.c,v 1.4.6.1 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 6 Disk I/O Routines * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/dns.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/dns.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/dns.c 7 Dec 2000 13:58:11 -0000 1.3.6.1 +++ squid/src/dns.c 27 Feb 2001 14:18:51 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: dns.c,v 1.3.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: dns.c,v 1.3.6.2 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 34 Dnsserver interface * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -89,7 +89,17 @@ dnsSubmit(const char *lookup, HLPCB * callback, void *data) { char buf[256]; + static time_t first_warn = 0; snprintf(buf, 256, "%s\n", lookup); + if (dnsservers->stats.queue_size >= dnsservers->n_running * 2) { + if (first_warn == 0) + first_warn = squid_curtime; + if (squid_curtime - first_warn > 3 * 60) + fatal("DNS servers not responding for 3 minutes"); + debug(34, 1) ("dnsSubmit: queue overload, rejecting %s\n", lookup); + callback(data, "$fail temporary network problem, pleas retry later"); + } + first_warn = 0; helperSubmit(dnsservers, buf, callback, data); } Index: squid/src/dns_internal.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/dns_internal.c,v retrieving revision 1.5.6.1 retrieving revision 1.5.6.2 diff -u -r1.5.6.1 -r1.5.6.2 --- squid/src/dns_internal.c 7 Dec 2000 13:58:11 -0000 1.5.6.1 +++ squid/src/dns_internal.c 27 Feb 2001 14:18:51 -0000 1.5.6.2 @@ -1,21 +1,21 @@ /* - * $Id: dns_internal.c,v 1.5.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: dns_internal.c,v 1.5.6.2 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 78 DNS lookups; interacts with lib/rfc1035.c * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -98,6 +98,11 @@ debug(78, 0) ("WARNING: rejecting '%s' as a name server, because it is not a numeric IP address\n", buf); return; } + if (A.s_addr == 0) { + debug(78, 0) ("WARNING: Squid does not accept 0.0.0.0 in DNS server specifications.\n"); + debug(78, 0) ("Will be using 127.0.0.1 instead, assuming you meant that DNS is running on the same machine\n"); + safe_inet_addr("127.0.0.1", &A); + } if (nns == nns_alloc) { int oldalloc = nns_alloc; ns *oldptr = nameservers; @@ -146,6 +151,9 @@ debug(78, 1) ("%s: %s\n", _PATH_RESOLV_CONF, xstrerror()); return; } +#if defined(_SQUID_CYGWIN_) + setmode(fileno(fp), O_TEXT); +#endif while (fgets(buf, 512, fp)) { t = strtok(buf, w_space); if (NULL == t) Index: squid/src/dnsserver.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/dnsserver.c,v retrieving revision 1.3.6.2 retrieving revision 1.3.6.3 diff -u -r1.3.6.2 -r1.3.6.3 --- squid/src/dnsserver.c 24 Feb 2001 12:20:40 -0000 1.3.6.2 +++ squid/src/dnsserver.c 27 Feb 2001 14:18:51 -0000 1.3.6.3 @@ -1,21 +1,21 @@ /* - * $Id: dnsserver.c,v 1.3.6.2 2001/02/24 12:20:40 rvenning Exp $ + * $Id: dnsserver.c,v 1.3.6.3 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 0 DNS Resolver * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/enums.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/enums.h,v retrieving revision 1.5 retrieving revision 1.5.4.1 diff -u -r1.5 -r1.5.4.1 --- squid/src/enums.h 10 Nov 2000 16:36:44 -0000 1.5 +++ squid/src/enums.h 27 Feb 2001 14:18:51 -0000 1.5.4.1 @@ -1,19 +1,19 @@ /* - * $Id: enums.h,v 1.5 2000/11/10 16:36:44 hno Exp $ + * $Id: enums.h,v 1.5.4.1 2001/02/27 14:18:51 rvenning Exp $ * * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -117,11 +117,18 @@ ACL_PROXY_AUTH_REGEX, ACL_SRC_ASN, ACL_DST_ASN, +#if USE_ARP_ACL ACL_SRC_ARP, +#endif +#if SQUID_SNMP ACL_SNMP_COMMUNITY, +#endif +#if SRC_RTT_NOT_YET_FINISHED ACL_NETDB_SRC_RTT, +#endif ACL_MAXCONN, ACL_REQ_MIME_TYPE, + ACL_REP_MIME_TYPE, ACL_ENUM_MAX } squid_acl; @@ -130,7 +137,7 @@ ACL_LOOKUP_NEEDED, ACL_LOOKUP_PENDING, ACL_LOOKUP_DONE, - ACL_PROXY_AUTH_NEEDED + ACL_PROXY_AUTH_NEEDED, } acl_lookup_state; enum { @@ -482,8 +489,10 @@ ENTRY_NEGCACHED, ENTRY_VALIDATED, ENTRY_BAD_LENGTH, - ENTRY_ABORTED, - ENTRY_DONT_LOG /* hack for gross 'Pump' entries */ + ENTRY_ABORTED +#if UNUSED_CODE + ENTRY_DONT_LOG +#endif }; typedef enum { @@ -492,6 +501,38 @@ ACCESS_REQ_PROXY_AUTH } allow_t; +typedef enum { + AUTH_UNKNOWN, /* default */ + AUTH_BASIC, + AUTH_NTLM, + AUTH_DIGEST, + AUTH_BROKEN /* known type, but broken data */ +} auth_type_t; + +typedef enum { + AUTHENTICATE_STATE_NONE, + AUTHENTICATE_STATE_NEGOTIATE, + AUTHENTICATE_STATE_CHALLENGE, + AUTHENTICATE_STATE_RESPONSE, + AUTHENTICATE_STATE_DONE +} auth_state_t; /* connection level auth state */ + +/* stateful helper callback response codes */ +typedef enum { + S_HELPER_UNKNOWN, + S_HELPER_RESERVE, + S_HELPER_RELEASE, + S_HELPER_DEFER +} stateful_helper_callback_t; + +/* stateful helper reservation info */ +typedef enum { + S_HELPER_FREE, /* available for requests */ + S_HELPER_RESERVED, /* in a reserved state - no active request, but state data in the helper shouldn't be disturbed */ + S_HELPER_DEFERRED /* available for requests, and at least one more will come from a previous caller with the server pointer */ +} stateful_helper_reserve_t; + + #if SQUID_SNMP enum { SNMP_C_VIEW, @@ -517,7 +558,10 @@ MEM_ACL_IP_DATA, MEM_ACL_LIST, MEM_ACL_NAME_LIST, - MEM_ACL_PROXY_AUTH_USER, + MEM_AUTH_USER_T, + MEM_AUTH_USER_HASH, + MEM_ACL_PROXY_AUTH_MATCH, + MEM_ACL_USER_DATA, MEM_ACL_TIME_DATA, MEM_CACHEMGR_PASSWD, #if USE_CACHE_DIGESTS @@ -550,8 +594,11 @@ MEM_HASH_LINK, MEM_HASH_TABLE, MEM_HELPER, - MEM_HELPER_REQUEST, + MEM_HELPER_STATEFUL, MEM_HELPER_SERVER, + MEM_HELPER_STATEFUL_SERVER, + MEM_HELPER_REQUEST, + MEM_HELPER_STATEFUL_REQUEST, MEM_HIERARCHYLOGENTRY, #if USE_HTCP MEM_HTCP_SPECIFIER, @@ -605,9 +652,11 @@ MEM_TLV, MEM_SWAP_LOG_DATA, MEM_GEN_CBDATA, - MEM_PUMP_STATE_DATA, MEM_CLIENT_REQ_BUF, MEM_MAX +#ifdef NTLM_CACHING + ,MEM_NTLM_AUTH_CACHE +#endif } mem_type; /* @@ -677,10 +726,33 @@ }; /* - * These are used for the store double-check code + * cbdata types. similar to the MEM_* types above, but managed + * in cbdata.c. A big difference is that these types are dynamically + * allocated. This list is only a list of predefined types. Other types + * are added runtime */ typedef enum { - DBLCHECK_NONE, - DBLCHECK_REPORTONLY, - DBLCHECK_FORCE -} dblcheck_t; + CBDATA_UNKNOWN = 0, + CBDATA_UNDEF = 0, + CBDATA_acl_access, + CBDATA_aclCheck_t, + CBDATA_clientHttpRequest, + CBDATA_ConnStateData, + CBDATA_DigestFetchState, + CBDATA_ErrorState, + CBDATA_FwdState, + CBDATA_generic_cbdata, + CBDATA_helper, + CBDATA_helper_server, + CBDATA_statefulhelper, + CBDATA_helper_stateful_server, + CBDATA_HttpStateData, + CBDATA_peer, + CBDATA_ps_state, + CBDATA_RemovalPolicy, + CBDATA_RemovalPolicyWalker, + CBDATA_RemovalPurgeWalker, + CBDATA_store_client, + CBDATA_storeIOState, + CBDATA_FIRST_CUSTOM_TYPE = 1000 +} cbdata_type; Index: squid/src/errorpage.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/errorpage.c,v retrieving revision 1.5.2.1 retrieving revision 1.5.2.2 diff -u -r1.5.2.1 -r1.5.2.2 --- squid/src/errorpage.c 7 Dec 2000 13:58:11 -0000 1.5.2.1 +++ squid/src/errorpage.c 27 Feb 2001 14:18:51 -0000 1.5.2.2 @@ -1,21 +1,21 @@ /* - * $Id: errorpage.c,v 1.5.2.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: errorpage.c,v 1.5.2.2 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 4 Error Generation * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -52,8 +52,6 @@ /* local constant and vars */ -static const char *const proxy_auth_challenge_fmt = "Basic realm=\"%s\""; - /* * note: hard coded error messages are not appended with %S automagically * to give you more control on the format @@ -171,7 +169,7 @@ char *text; snprintf(path, sizeof(path), "%s/%s", dir, page_name); - fd = file_open(path, O_RDONLY); + fd = file_open(path, O_RDONLY | O_TEXT); if (fd < 0 || fstat(fd, &sb) < 0) { debug(4, 0) ("errorTryLoadText: '%s': %s\n", path, xstrerror()); if (fd >= 0) @@ -236,7 +234,8 @@ ErrorState * errorCon(err_type type, http_status status) { - ErrorState *err = memAllocate(MEM_ERRORSTATE); + ErrorState *err; + err = CBDATA_ALLOC(ErrorState, NULL); err->page_id = type; /* has to be reset manually if needed */ err->type = type; err->http_status = status; @@ -279,25 +278,13 @@ storeBuffer(entry); rep = errorBuildReply(err); /* Add authentication header */ - switch (err->http_status) { - case HTTP_PROXY_AUTHENTICATION_REQUIRED: - /* Proxy authorisation needed */ - httpHeaderPutStrf(&rep->header, HDR_PROXY_AUTHENTICATE, - proxy_auth_challenge_fmt, Config.proxyAuthRealm); - break; - case HTTP_UNAUTHORIZED: - /* WWW Authorisation needed */ - httpHeaderPutStrf(&rep->header, HDR_WWW_AUTHENTICATE, - proxy_auth_challenge_fmt, Config.proxyAuthRealm); - break; - default: - /* Keep GCC happy */ - break; - } + /* TODO: alter errorstate to be accel on|off aware. The 0 on the next line + * depends on authenticate behaviour: all schemes to date send no extra data + * on 407/401 responses, and do not check the accel state on 401/407 responses + */ + authenticateFixHeader(rep, err->auth_user_request, err->request, 0); httpReplySwapOut(rep, entry); - httpReplyDestroy(rep); - mem->reply->sline.status = err->http_status; - mem->reply->content_length = -1; + httpReplyAbsorb(mem->reply, rep); EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT); storeBufferFlush(entry); storeComplete(entry); @@ -340,7 +327,6 @@ err->request->err_type = err->type; /* moved in front of errorBuildBuf @?@ */ err->flags.flag_cbdata = 1; - cbdataAdd(err, memFree, MEM_ERRORSTATE); rep = errorBuildReply(err); comm_write_mbuf(fd, httpReplyPack(rep), errorSendComplete, err); httpReplyDestroy(rep); @@ -361,10 +347,13 @@ ErrorState *err = data; debug(4, 3) ("errorSendComplete: FD %d, size=%d\n", fd, size); if (errflag != COMM_ERR_CLOSING) { - if (err->callback) + if (err->callback) { + debug(4, 3) ("errorSendComplete: callback\n"); err->callback(fd, err->callback_data, size); - else + } else { comm_close(fd); + debug(4, 3) ("errorSendComplete: comm_close\n"); + } } errorStateFree(err); } @@ -381,10 +370,9 @@ wordlistDestroy(&err->ftp.server_msg); safe_free(err->ftp.request); safe_free(err->ftp.reply); - if (err->flags.flag_cbdata) - cbdataFree(err); - else - memFree(err, MEM_ERRORSTATE); + if (err->auth_user_request) + authenticateAuthUserRequestUnlock(err->auth_user_request); + cbdataFree(err); } #define CVT_BUF_SZ 512 @@ -404,6 +392,7 @@ * I - server IP address x * L - HREF link for more info/contact x * M - Request Method x + * m - Error message returned by external Auth. x * p - URL port # x * P - Protocol x * R - Full HTTP Request x @@ -483,6 +472,9 @@ } else p = "[not available]"; break; + case 'm': + p = authenticateAuthUserRequestMessage(err->auth_user_request) ? authenticateAuthUserRequestMessage(err->auth_user_request) : "[not available]"; + break; case 'M': p = r ? RequestMethodStr[r->method] : "[unkown method]"; break; @@ -576,7 +568,7 @@ MemBuf content = errorBuildContent(err); http_version_t version; /* no LMT for error pages; error pages expire immediately */ - httpBuildVersion(&version,1,0); + httpBuildVersion(&version, 1, 0); httpReplySetHeaders(rep, version, err->http_status, NULL, "text/html", content.size, 0, squid_curtime); /* * include some information for downstream caches. Implicit Index: squid/src/event.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/event.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/event.c 23 Oct 2000 15:04:21 -0000 1.3 +++ squid/src/event.c 27 Feb 2001 14:18:51 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: event.c,v 1.3 2000/10/23 15:04:21 hno Exp $ + * $Id: event.c,v 1.3.6.1 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 41 Event Processing * AUTHOR: Henrik Nordstrom * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/fd.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fd.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/fd.c 23 Oct 2000 15:04:21 -0000 1.3 +++ squid/src/fd.c 27 Feb 2001 14:18:51 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: fd.c,v 1.3 2000/10/23 15:04:21 hno Exp $ + * $Id: fd.c,v 1.3.6.1 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 51 Filedescriptor Functions * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -93,8 +93,9 @@ void fd_open(int fd, unsigned int type, const char *desc) { - fde *F = &fd_table[fd]; + fde *F; assert(fd >= 0); + F = &fd_table[fd]; if (F->flags.open) { debug(51, 1) ("WARNING: Closing open FD %4d\n", fd); fd_close(fd); Index: squid/src/filemap.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/filemap.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/filemap.c 23 Oct 2000 15:04:21 -0000 1.3 +++ squid/src/filemap.c 27 Feb 2001 14:18:51 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: filemap.c,v 1.3 2000/10/23 15:04:21 hno Exp $ + * $Id: filemap.c,v 1.3.6.1 2001/02/27 14:18:51 rvenning Exp $ * * DEBUG: section 8 Swap File Bitmap * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -75,7 +75,7 @@ int old_sz = fm->nwords * sizeof(*fm->file_map); void *old_map = fm->file_map; fm->max_n_files <<= 1; - assert(fm->max_n_files <= (1 << 30)); + assert(fm->max_n_files <= (1 << 24)); /* swap_filen is 25 bits, signed */ fm->nwords = fm->max_n_files >> LONG_BIT_SHIFT; debug(8, 3) ("file_map_grow: creating space for %d files\n", fm->max_n_files); fm->file_map = xcalloc(fm->nwords, sizeof(*fm->file_map)); Index: squid/src/forward.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/forward.c,v retrieving revision 1.4.6.1 retrieving revision 1.4.6.2 diff -u -r1.4.6.1 -r1.4.6.2 --- squid/src/forward.c 7 Dec 2000 13:58:11 -0000 1.4.6.1 +++ squid/src/forward.c 27 Feb 2001 14:18:52 -0000 1.4.6.2 @@ -1,21 +1,21 @@ /* - * $Id: forward.c,v 1.4.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: forward.c,v 1.4.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 17 Request Forwarding * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -49,6 +49,7 @@ static void fwdLogReplyStatus(int tries, http_status status); static OBJH fwdStats; static STABH fwdAbort; +static peer *fwdStateServerPeer(FwdState *); #define MAX_FWD_STATS_IDX 9 static int FwdReplyCodes[MAX_FWD_STATS_IDX + 1][HTTP_INVALID_HEADER + 1]; @@ -58,6 +59,16 @@ static Logfile *logfile = NULL; #endif +static peer * +fwdStateServerPeer(FwdState * fwdState) +{ + if (NULL == fwdState) + return NULL; + if (NULL == fwdState->servers) + return NULL; + return fwdState->servers->peer; +} + static void fwdServerFree(FwdServer * fs) { @@ -71,6 +82,7 @@ { StoreEntry *e = fwdState->entry; int sfd; + peer *p; debug(17, 3) ("fwdStateFree: %p\n", fwdState); assert(e->mem_obj); #if URL_CHECKSUM_DEBUG @@ -92,6 +104,7 @@ } if (storePendingNClients(e) > 0) assert(!EBIT_TEST(e->flags, ENTRY_FWD_HDR_WAIT)); + p = fwdStateServerPeer(fwdState); fwdServersFree(&fwdState->servers); requestUnlink(fwdState->request); fwdState->request = NULL; @@ -106,6 +119,8 @@ fwdState->server_fd = -1; debug(17, 3) ("fwdStateFree: closing FD %d\n", sfd); comm_close(sfd); + if (p) + p->stats.conn_open--; } cbdataFree(fwdState); } @@ -123,9 +138,8 @@ return 0; if (fwdState->flags.dont_retry) return 0; - if (fwdState->request->content_length >= 0) - if (0 == pumpRestart(fwdState->request)) - return 0; + if (fwdState->request->flags.body_sent) + return 0; return 1; } @@ -188,6 +202,8 @@ err->dnsserver_msg = xstrdup(dns_error_message); err->request = requestLink(request); fwdFail(fwdState, err); + if (fs->peer) + fs->peer->stats.conn_open--; comm_close(server_fd); } else if (status != COMM_OK) { assert(fs); @@ -202,8 +218,10 @@ } err->request = requestLink(request); fwdFail(fwdState, err); - if (fs->peer) + if (fs->peer) { peerConnectFailed(fs->peer); + fs->peer->stats.conn_open--; + } comm_close(server_fd); } else { debug(17, 3) ("fwdConnectDone: FD %d: '%s'\n", server_fd, storeUrl(fwdState->entry)); @@ -228,6 +246,7 @@ FwdState *fwdState = data; StoreEntry *entry = fwdState->entry; ErrorState *err; + peer *p = fwdStateServerPeer(fwdState); debug(17, 2) ("fwdConnectTimeout: FD %d: '%s'\n", fd, storeUrl(entry)); assert(fd == fwdState->server_fd); if (entry->mem_obj->inmem_hi == 0) { @@ -242,6 +261,8 @@ if (fwdState->servers->peer) peerConnectFailed(fwdState->servers->peer); } + if (p) + p->stats.conn_open--; comm_close(fd); } @@ -302,6 +323,14 @@ } fwdState->server_fd = fd; fwdState->n_tries++; + /* + * stats.conn_open is used to account for the number of + * connections that we have open to the peer, so we can limit + * based on the max-conn option. We need to increment here, + * even if the connection may fail. + */ + if (fs->peer) + fs->peer->stats.conn_open++; comm_add_close_handler(fd, fwdServerClosed, fwdState); commSetTimeout(fd, ctimeout, @@ -338,7 +367,7 @@ static void fwdDispatch(FwdState * fwdState) { - peer *p; + peer *p = NULL; request_t *request = fwdState->request; StoreEntry *entry = fwdState->entry; ErrorState *err; @@ -362,6 +391,7 @@ fwdState->request->peer_login = p->login; httpStart(fwdState); } else { + fwdState->request->peer_login = NULL; switch (request->protocol) { case PROTO_HTTP: httpStart(fwdState); @@ -400,6 +430,11 @@ * transient (network) error; its a bug. */ fwdState->flags.dont_retry = 1; + /* + * this assertion exists because if we are connected to + * a peer, then we need to decrement p->stats.conn_open. + */ + assert(NULL == p); comm_close(fwdState->server_fd); break; } @@ -424,9 +459,8 @@ } if (fwdState->n_tries > 9) return 0; - if (fwdState->request->content_length >= 0) - if (0 == pumpRestart(fwdState->request)) - return 0; + if (fwdState->request->flags.body_sent) + return 0; assert(fs); fwdState->servers = fs->next; fwdServerFree(fs); @@ -510,8 +544,7 @@ default: break; } - fwdState = memAllocate(MEM_FWD_STATE); - cbdataAdd(fwdState, memFree, MEM_FWD_STATE); + fwdState = CBDATA_ALLOC(FwdState, NULL); fwdState->entry = e; fwdState->client_fd = fd; fwdState->server_fd = -1; @@ -588,7 +621,7 @@ fwdUnregister(int fd, FwdState * fwdState) { debug(17, 3) ("fwdUnregister: %s\n", storeUrl(fwdState->entry)); - assert(fd = fwdState->server_fd); + assert(fd == fwdState->server_fd); assert(fd > -1); comm_remove_close_handler(fd, fwdServerClosed, fwdState); fwdState->server_fd = -1; Index: squid/src/fqdncache.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fqdncache.c,v retrieving revision 1.4.6.1 retrieving revision 1.4.6.2 diff -u -r1.4.6.1 -r1.4.6.2 --- squid/src/fqdncache.c 7 Dec 2000 13:58:11 -0000 1.4.6.1 +++ squid/src/fqdncache.c 27 Feb 2001 14:18:52 -0000 1.4.6.2 @@ -1,21 +1,21 @@ /* - * $Id: fqdncache.c,v 1.4.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: fqdncache.c,v 1.4.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 35 FQDN Cache * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -54,6 +54,7 @@ unsigned short locks; struct { unsigned int negcached:1; + unsigned int fromhosts:1; } flags; }; @@ -125,6 +126,7 @@ static int fqdncacheExpiredEntry(const fqdncache_entry * f) { + /* all static entries are locked, so this takes care of them too */ if (f->locks != 0) return 0; if (f->expires > squid_curtime) @@ -153,6 +155,26 @@ debug(35, 9) ("fqdncache_purgelru: removed %d entries\n", removed); } +static void +purge_entries_fromhosts(void) +{ + dlink_node *m = lru_list.head; + fqdncache_entry *i = NULL; + fqdncache_entry *t; + while (m) { + if (i != NULL) { /* need to delay deletion */ + fqdncacheRelease(i); /* we just override locks */ + i = NULL; + } + t = m->data; + if (t->flags.fromhosts) + i = t; + m = m->next; + } + if (i != NULL) + fqdncacheRelease(i); +} + /* create blank fqdncache_entry */ static fqdncache_entry * fqdncacheCreateEntry(const char *name) @@ -206,6 +228,7 @@ char *token; static fqdncache_entry f; int ttl; + memset(&f, '\0', sizeof(f)); f.expires = squid_curtime; f.flags.negcached = 1; if (inbuf == NULL) { @@ -253,7 +276,6 @@ { static fqdncache_entry f; int k; - int j; int na = 0; memset(&f, '\0', sizeof(f)); f.expires = squid_curtime; @@ -272,7 +294,7 @@ } debug(35, 3) ("fqdncacheParse: %d answers\n", nr); assert(answers); - for (j = 0, k = 0; k < nr; k++) { + for (k = 0; k < nr; k++) { if (answers[k].type != RFC1035_TYPE_PTR) continue; if (answers[k].class != RFC1035_CLASS_IN) @@ -365,9 +387,8 @@ f->handlerData = handlerData; cbdataLock(handlerData); f->request_time = current_time; - c = memAllocate(MEM_GEN_CBDATA); + c = CBDATA_ALLOC(generic_cbdata, NULL); c->data = f; - cbdataAdd(c, memFree, MEM_GEN_CBDATA); #if USE_DNSSERVERS dnsSubmit(hashKeyStr(&f->hash), fqdncacheHandleReply, c); #else @@ -454,13 +475,15 @@ storeAppendPrintf(sentry, "Blocking calls to gethostbyaddr(): %d\n", FqdncacheStats.ghba_calls); storeAppendPrintf(sentry, "FQDN Cache Contents:\n\n"); - + storeAppendPrintf(sentry, "%-15.15s %3s %3s %3s %s\n", + "Address", "Flg", "TTL", "Cnt", "Hostnames"); hash_first(fqdn_table); while ((f = (fqdncache_entry *) hash_next(fqdn_table))) { - ttl = (f->expires - squid_curtime); - storeAppendPrintf(sentry, " %-32.32s %c %6d %d", + ttl = (f->flags.fromhosts ? -1 : (f->expires - squid_curtime)); + storeAppendPrintf(sentry, "%-15.15s %c%c %3.3d % 3d", hashKeyStr(&f->hash), f->flags.negcached ? 'N' : ' ', + f->flags.fromhosts ? 'H' : ' ', ttl, (int) f->name_count); for (k = 0; k < (int) f->name_count; k++) @@ -532,8 +555,44 @@ (float) FQDN_HIGH_WATER) / (float) 100); fqdncache_low = (long) (((float) Config.fqdncache.size * (float) FQDN_LOW_WATER) / (float) 100); + purge_entries_fromhosts(); +} + +/* + * adds a "static" entry from /etc/hosts. the worldist is to be + * managed by the caller, including pointed-to strings + */ +void +fqdncacheAddEntryFromHosts(char *addr, wordlist * hostnames) +{ + fqdncache_entry *fce; + int j = 0; + if ((fce = fqdncache_get(addr))) { + if (1 == fce->flags.fromhosts) { + fqdncacheUnlockEntry(fce); + } else if (fce->locks > 0) { + debug(35, 1) ("fqdncacheAddEntryFromHosts: can't add static entry for locked address '%s'\n", addr); + return; + } else { + fqdncacheRelease(fce); + } + } + fce = fqdncacheCreateEntry(addr); + while (hostnames) { + fce->names[j] = xstrdup(hostnames->key); + j++; + hostnames = hostnames->next; + if (j >= FQDN_MAX_NAMES) + break; + } + fce->name_count = j; + fce->names[j] = NULL; /* it's safe */ + fce->flags.fromhosts = 1; + fqdncacheAddEntry(fce); + fqdncacheLockEntry(fce); } + #ifdef SQUID_SNMP /* * The function to return the fqdn statistics via SNMP Index: squid/src/ftp.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/ftp.c,v retrieving revision 1.5.2.1 retrieving revision 1.5.2.2 diff -u -r1.5.2.1 -r1.5.2.2 --- squid/src/ftp.c 7 Dec 2000 13:58:11 -0000 1.5.2.1 +++ squid/src/ftp.c 27 Feb 2001 14:18:52 -0000 1.5.2.2 @@ -1,21 +1,21 @@ /* - * $Id: ftp.c,v 1.5.2.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: ftp.c,v 1.5.2.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 9 File Transfer Protocol (FTP) * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -148,8 +148,9 @@ /* Local functions */ static CNCB ftpPasvCallback; static PF ftpDataRead; +static PF ftpDataWrite; +static CWCB ftpDataWriteCallback; static PF ftpStateFree; -static PF ftpPumpClosedData; static PF ftpTimeout; static PF ftpReadControlReply; static CWCB ftpWriteCommandCallback; @@ -159,8 +160,6 @@ static void ftpAppendSuccessHeader(FtpStateData * ftpState); static void ftpAuthRequired(HttpReply * reply, request_t * request, const char *realm); static void ftpHackShortcut(FtpStateData * ftpState, FTPSM * nextState); -static void ftpPutStart(FtpStateData *); -static CWCB ftpPutTransferDone; static void ftpUnhack(FtpStateData * ftpState); static void ftpScheduleReadControlReply(FtpStateData *, int); static void ftpHandleControlReply(FtpStateData *); @@ -194,6 +193,7 @@ static FTPSM ftpGetFile; static FTPSM ftpSendCwd; static FTPSM ftpReadCwd; +static FTPSM ftpRestOrList; static FTPSM ftpSendList; static FTPSM ftpSendNlst; static FTPSM ftpReadList; @@ -202,16 +202,15 @@ static FTPSM ftpSendRetr; static FTPSM ftpReadRetr; static FTPSM ftpReadTransferDone; -static FTPSM ftpSendQuit; -static FTPSM ftpReadQuit; -static FTPSM ftpFail; -static FTPSM ftpDataTransferDone; -static FTPSM ftpRestOrList; static FTPSM ftpSendStor; static FTPSM ftpReadStor; +static FTPSM ftpWriteTransferDone; static FTPSM ftpSendReply; -static FTPSM ftpTryMkdir; +static FTPSM ftpSendMkdir; static FTPSM ftpReadMkdir; +static FTPSM ftpFail; +static FTPSM ftpSendQuit; +static FTPSM ftpReadQuit; /************************************************ ** State Machine Description (excluding hacks) ** ************************************************* @@ -222,17 +221,21 @@ Pass Type Type TraverseDirectory / GetFile TraverseDirectory Cwd / GetFile / ListDir -Cwd TraverseDirectory +Cwd TraverseDirectory / Mkdir GetFile Mdtm Mdtm Size Size Pasv ListDir Pasv -Pasv RestOrList -RestOrList Rest / Retr / Nlst / List +Pasv FileOrList +FileOrList Rest / Retr / Nlst / List / Mkdir (PUT /xxx;type=d) Rest Retr -Retr / Nlst / List (ftpDataRead on datachannel) -(ftpDataRead) ReadTransferDone +Retr / Nlst / List DataRead* (on datachannel) +DataRead* ReadTransferDone ReadTransferDone DataTransferDone +Stor DataWrite* (on datachannel) +DataWrite* RequestPutBody** (from client) +RequestPutBody** DataWrite* / WriteTransferDone +WriteTransferDone DataTransferDone DataTransferDone Quit Quit - ************************************************/ @@ -255,7 +258,8 @@ ftpReadStor, /* SENT_STOR */ ftpReadQuit, /* SENT_QUIT */ ftpReadTransferDone, /* READING_DATA (RETR,LIST,NLST) */ - ftpSendReply, /* WRITING_DATA (STOR) */ + ftpWriteTransferDone, /* WRITING_DATA (STOR) */ + ftpSendReply, /* WRITTEN_DATA? (STOR) */ ftpReadMkdir /* SENT_MKDIR */ }; @@ -838,10 +842,10 @@ } static void -ftpReadComplete(FtpStateData * ftpState) +ftpDataComplete(FtpStateData * ftpState) { - debug(9, 3) ("ftpReadComplete\n"); - /* Connection closed; retrieval done. */ + debug(9, 3) ("ftpDataComplete\n"); + /* Connection closed; transfer done. */ if (ftpState->data.fd > -1) { /* * close data socket so it does not occupy resources while @@ -862,9 +866,9 @@ int j; int bin; StoreEntry *entry = ftpState->entry; - MemObject *mem = entry->mem_obj; size_t read_sz; #if DELAY_POOLS + MemObject *mem = entry->mem_obj; delay_id delay_id = delayMostBytesAllowed(mem); #endif assert(fd == ftpState->data.fd); @@ -913,7 +917,7 @@ return; } } else if (len == 0) { - ftpReadComplete(ftpState); + ftpDataComplete(ftpState); } else { if (ftpState->flags.isdir) { ftpParseListing(ftpState); @@ -921,14 +925,11 @@ storeAppend(entry, ftpState->data.buf, len); ftpState->data.offset = 0; } - if (ftpState->size > 0 && mem->inmem_hi >= ftpState->size + mem->reply->hdr_sz) - ftpReadComplete(ftpState); - else - commSetSelect(fd, - COMM_SELECT_READ, - ftpDataRead, - data, - Config.Timeout.read); + commSetSelect(fd, + COMM_SELECT_READ, + ftpDataRead, + data, + Config.Timeout.read); } } @@ -1033,6 +1034,7 @@ strcat(t, "/"); } +CBDATA_TYPE(FtpStateData); void ftpStart(FwdState * fwd) { @@ -1041,11 +1043,11 @@ int fd = fwd->server_fd; LOCAL_ARRAY(char, realm, 8192); const char *url = storeUrl(entry); - FtpStateData *ftpState = xcalloc(1, sizeof(FtpStateData)); + FtpStateData *ftpState; HttpReply *reply; - StoreEntry *pe = NULL; - const cache_key *key = NULL; - cbdataAdd(ftpState, cbdataXfree, 0); + + CBDATA_INIT_TYPE(FtpStateData); + ftpState = CBDATA_ALLOC(FtpStateData, NULL); debug(9, 3) ("ftpStart: '%s'\n", url); statCounter.server.all.requests++; statCounter.server.ftp.requests++; @@ -1075,10 +1077,6 @@ snprintf(realm, 8192, "ftp %s port %d", ftpState->user, request->port); } - /* eject any old cached object */ - key = storeKeyPublic(entry->mem_obj->url, entry->mem_obj->method); - if ((pe = storeGet(key)) != NULL) - storeRelease(pe); /* create reply */ reply = entry->mem_obj->reply; assert(reply != NULL); @@ -1137,7 +1135,7 @@ if (errflag == COMM_ERR_CLOSING) return; if (errflag) { - debug(50, 1) ("ftpWriteCommandCallback: FD %d: %s\n", fd, xstrerror()); + debug(9, 1) ("ftpWriteCommandCallback: FD %d: %s\n", fd, xstrerror()); ftpFailed(ftpState, ERR_WRITE_ERROR); /* ftpFailed closes ctrl.fd and frees ftpState */ return; @@ -1531,15 +1529,15 @@ if (!ftpState->flags.put) ftpFail(ftpState); else - ftpTryMkdir(ftpState); + ftpSendMkdir(ftpState); } } static void -ftpTryMkdir(FtpStateData * ftpState) +ftpSendMkdir(FtpStateData * ftpState) { char *path = ftpState->filepath; - debug(9, 3) ("ftpTryMkdir: with path=%s\n", path); + debug(9, 3) ("ftpSendMkdir: with path=%s\n", path); snprintf(cbuf, 1024, "MKD %s\r\n", path); ftpWriteCommand(cbuf, ftpState); ftpState->state = SENT_MKDIR; @@ -1653,7 +1651,13 @@ /* Terminate here for HEAD requests */ ftpAppendSuccessHeader(ftpState); storeTimestampsSet(ftpState->entry); - fwdComplete(ftpState->fwd); + /* + * On rare occasions I'm seeing the entry get aborted after + * ftpReadControlReply() and before here, probably when + * trying to write to the client. + */ + if (!EBIT_TEST(ftpState->entry->flags, ENTRY_ABORTED)) + fwdComplete(ftpState->fwd); ftpSendQuit(ftpState); return; } @@ -1786,8 +1790,8 @@ int on = 1; u_short port = 0; /* - * * Tear down any old data connection if any. We are about to - * * establish a new one. + * Tear down any old data connection if any. We are about to + * establish a new one. */ if (ftpState->data.fd > 0) { comm_close(ftpState->data.fd); @@ -1912,14 +1916,17 @@ ftpRestOrList(FtpStateData * ftpState) { debug(9, 3) ("This is ftpRestOrList\n"); - if (ftpState->flags.put) { - debug(9, 3) ("ftpRestOrList: Sending STOR request...\n"); - ftpSendStor(ftpState); - } else if (ftpState->typecode == 'D') { - /* XXX This should NOT be here */ - ftpSendNlst(ftpState); /* sec 3.2.2 of RFC 1738 */ + if (ftpState->typecode == 'D') { ftpState->flags.isdir = 1; ftpState->flags.use_base = 1; + if (ftpState->flags.put) { + ftpSendMkdir(ftpState); /* PUT name;type=d */ + } else { + ftpSendNlst(ftpState); /* GET name;type=d sec 3.2.2 of RFC 1738 */ + } + } else if (ftpState->flags.put) { + debug(9, 3) ("ftpRestOrList: Sending STOR request...\n"); + ftpSendStor(ftpState); } else if (ftpState->flags.isdir) ftpSendList(ftpState); else if (ftpRestartable(ftpState)) @@ -1955,14 +1962,20 @@ if (code == 125 || (code == 150 && ftpState->data.host)) { /* Begin data transfer */ debug(9, 3) ("ftpReadStor: starting data transfer\n"); + commSetSelect(ftpState->data.fd, + COMM_SELECT_WRITE, + ftpDataWrite, + ftpState, + Config.Timeout.read); /* - * Cancel the timeout on the Control socket, pumpStart will + * Cancel the timeout on the Control socket and * establish one on the data socket. */ commSetTimeout(ftpState->ctrl.fd, -1, NULL, NULL); - ftpPutStart(ftpState); - debug(9, 3) ("ftpReadStor: writing data channel\n"); + commSetTimeout(ftpState->data.fd, Config.Timeout.read, ftpTimeout, + ftpState); ftpState->state = WRITING_DATA; + debug(9, 3) ("ftpReadStor: writing data channel\n"); } else if (code == 150) { /* Accept data channel */ debug(9, 3) ("ftpReadStor: accepting data channel\n"); @@ -2159,11 +2172,7 @@ /* Connection closed; retrieval done. */ if (ftpState->flags.html_header_sent) ftpListingFinish(ftpState); - if (!ftpState->flags.put) { - storeTimestampsSet(ftpState->entry); - fwdComplete(ftpState->fwd); - } - ftpDataTransferDone(ftpState); + ftpSendQuit(ftpState); } else { /* != 226 */ debug(9, 1) ("ftpReadTransferDone: Got code %d after reading data\n", code); @@ -2173,15 +2182,62 @@ } } +/* This will be called when there is data available to put */ static void -ftpDataTransferDone(FtpStateData * ftpState) +ftpRequestBody(char *buf, size_t size, void *data) { - debug(9, 3) ("This is ftpDataTransferDone\n"); - if (ftpState->data.fd > -1) { - comm_close(ftpState->data.fd); - ftpState->data.fd = -1; + FtpStateData *ftpState = (FtpStateData *) data; + debug(9, 3) ("ftpRequestBody: buf=%p size=%d ftpState=%p\n", buf, size, data); + ftpState->data.offset = size; + if (size > 0) { + /* DataWrite */ + comm_write(ftpState->data.fd, buf, size, ftpDataWriteCallback, data, NULL); + } else if (size < 0) { + /* Error */ + debug(9, 1) ("ftpRequestBody: request aborted"); + ftpFailed(ftpState, ERR_READ_ERROR); + } else if (size == 0) { + /* End of transfer */ + ftpDataComplete(ftpState); + } +} + +/* This will be called when the put write is completed */ +static void +ftpDataWriteCallback(int fd, char *buf, size_t size, int err, void *data) +{ + FtpStateData *ftpState = (FtpStateData *) data; + if (!err) { + /* Shedule the rest of the request */ + clientReadBody(ftpState->request, ftpState->data.buf, ftpState->data.size, ftpRequestBody, ftpState); + } else { + debug(9, 1) ("ftpDataWriteCallback: write error: %s\n", xstrerror()); + ftpFailed(ftpState, ERR_WRITE_ERROR); } - ftpSendQuit(ftpState); +} + +static void +ftpDataWrite(int ftp, void *data) +{ + FtpStateData *ftpState = (FtpStateData *) data; + debug(9, 3) ("ftpDataWrite\n"); + /* This starts the body transfer */ + clientReadBody(ftpState->request, ftpState->data.buf, ftpState->data.size, ftpRequestBody, ftpState); +} + +static void +ftpWriteTransferDone(FtpStateData * ftpState) +{ + int code = ftpState->ctrl.replycode; + debug(9, 3) ("This is ftpWriteTransferDone\n"); + if (code != 226) { + debug(9, 1) ("ftpReadTransferDone: Got code %d after sending data\n", + code); + ftpFailed(ftpState, ERR_FTP_PUT_ERROR); + return; + } + storeTimestampsSet(ftpState->entry); /* XXX Is this needed? */ + ftpSendReply(ftpState); } static void @@ -2373,48 +2429,6 @@ } static void -ftpPumpClosedData(int data_fd, void *data) -{ - FtpStateData *ftpState = data; - assert(data_fd == ftpState->data.fd); - /* - * Ugly pump module closed our server-side. Deal with it. - * The data FD is already closed, so just set it to -1. - */ - ftpState->data.fd = -1; - /* - * Currently, thats all we have to do. Because the upload failed, - * storeAbort() will be called on the reply entry. That will - * call fwdAbort, which closes ftpState->ctrl.fd and then - * ftpStateFree gets called. - */ -} - -static void -ftpPutStart(FtpStateData * ftpState) -{ - debug(9, 3) ("ftpPutStart\n"); - /* - * sigh, we need this gross hack to detect when ugly pump module - * aborts and wants to close the server-side. - */ - comm_add_close_handler(ftpState->data.fd, ftpPumpClosedData, ftpState); - pumpStart(ftpState->data.fd, ftpState->fwd, ftpPutTransferDone, ftpState); -} - -static void -ftpPutTransferDone(int fd, char *bufnotused, size_t size, int errflag, void *data) -{ - FtpStateData *ftpState = data; - if (ftpState->data.fd >= 0) { - comm_remove_close_handler(fd, ftpPumpClosedData, ftpState); - comm_close(ftpState->data.fd); - ftpState->data.fd = -1; - } - ftpReadComplete(ftpState); -} - -static void ftpSendReply(FtpStateData * ftpState) { ErrorState *err; Index: squid/src/globals.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/globals.h,v retrieving revision 1.4.4.1 retrieving revision 1.4.4.2 diff -u -r1.4.4.1 -r1.4.4.2 --- squid/src/globals.h 7 Dec 2000 13:58:11 -0000 1.4.4.1 +++ squid/src/globals.h 27 Feb 2001 14:18:52 -0000 1.4.4.2 @@ -1,19 +1,19 @@ /* - * $Id: globals.h,v 1.4.4.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: globals.h,v 1.4.4.2 2001/02/27 14:18:52 rvenning Exp $ * * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -88,7 +88,7 @@ extern int opt_syslog_enable; /* 0 */ extern int opt_udp_hit_obj; /* 0 */ extern int opt_create_swap_dirs; /* 0 */ -extern dblcheck_t opt_store_doublecheck; /* DBLCHECK_NONE */ +extern int opt_store_doublecheck; /* 0 */ extern int syslog_enable; /* 0 */ extern int theInIcpConnection; /* -1 */ extern int theOutIcpConnection; /* -1 */ @@ -146,6 +146,7 @@ extern request_flags null_request_flags; extern int store_open_disk_fd; /* 0 */ extern const char *SwapDirType[]; +extern authscheme_entry_t *authscheme_list; /* NULL */ extern storefs_entry_t *storefs_list; /* NULL */ extern storerepl_entry_t *storerepl_list; /* NULL */ extern int store_swap_low; /* 0 */ @@ -153,3 +154,4 @@ extern int store_pages_max; /* 0 */ extern ssize_t store_maxobjsize; /* -1 */ extern RemovalPolicy *mem_policy; +extern hash_table *proxy_auth_username_cache; /* NULL */ Index: squid/src/gopher.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/gopher.c,v retrieving revision 1.4 retrieving revision 1.4.4.1 diff -u -r1.4 -r1.4.4.1 --- squid/src/gopher.c 4 Nov 2000 23:23:06 -0000 1.4 +++ squid/src/gopher.c 27 Feb 2001 14:18:52 -0000 1.4.4.1 @@ -1,21 +1,21 @@ /* - * $Id: gopher.c,v 1.4 2000/11/04 23:23:06 hno Exp $ + * $Id: gopher.c,v 1.4.4.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 10 Gopher * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -473,7 +473,7 @@ if ((gtype == GOPHER_TELNET) || (gtype == GOPHER_3270)) { if (strlen(escaped_selector) != 0) snprintf(tmpbuf, TEMP_BUF_SIZE, " %s\n", - icon_url, escaped_selector, rfc1738_escape_part(host), + icon_url, escaped_selector, rfc1738_escape_part(host), *port ? ":" : "", port, html_quote(name)); else snprintf(tmpbuf, TEMP_BUF_SIZE, " %s\n", @@ -812,11 +812,13 @@ commSetTimeout(fd, Config.Timeout.read, gopherTimeout, gopherState); } +CBDATA_TYPE(GopherStateData); static GopherStateData * CreateGopherStateData(void) { - GopherStateData *gd = xcalloc(1, sizeof(GopherStateData)); - cbdataAdd(gd, cbdataXfree, 0); + GopherStateData *gd; + CBDATA_INIT_TYPE(GopherStateData); + gd = CBDATA_ALLOC(GopherStateData, NULL); gd->buf = memAllocate(MEM_4K_BUF); return (gd); } Index: squid/src/helper.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/helper.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/helper.c 23 Oct 2000 15:04:21 -0000 1.3 +++ squid/src/helper.c 27 Feb 2001 14:18:52 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: helper.c,v 1.3 2000/10/23 15:04:21 hno Exp $ + * $Id: helper.c,v 1.3.6.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 29 Helper process maintenance * AUTHOR: Harvest Derived? * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -38,14 +38,24 @@ #define HELPER_MAX_ARGS 64 static PF helperHandleRead; +static PF helperStatefulHandleRead; static PF helperServerFree; +static PF helperStatefulServerFree; static void Enqueue(helper * hlp, helper_request *); static helper_request *Dequeue(helper * hlp); +static helper_stateful_request *StatefulDequeue(statefulhelper * hlp); static helper_server *GetFirstAvailable(helper * hlp); +static helper_stateful_server *StatefulGetFirstAvailable(statefulhelper * hlp); static void helperDispatch(helper_server * srv, helper_request * r); +static void helperStatefulDispatch(helper_stateful_server * srv, helper_stateful_request * r); static void helperKickQueue(helper * hlp); +static void helperStatefulKickQueue(statefulhelper * hlp); static void helperRequestFree(helper_request * r); - +static void helperStatefulRequestFree(helper_stateful_request * r); +static void StatefulEnqueue(statefulhelper * hlp, helper_stateful_request * r); +static helper_stateful_request *StatefulServerDequeue(helper_stateful_server * srv); +static void StatefulServerEnqueue(helper_stateful_server * srv, helper_stateful_request * r); +static void helperStatefulServerKickQueue(helper_stateful_server * srv); void helperOpenServers(helper * hlp) @@ -93,8 +103,7 @@ continue; } hlp->n_running++; - srv = memAllocate(MEM_HELPER_SERVER); - cbdataAdd(srv, memFree, MEM_HELPER_SERVER); + srv = CBDATA_ALLOC(helper_server, NULL); srv->flags.alive = 1; srv->index = k; srv->rfd = rfd; @@ -125,6 +134,87 @@ } void +helperStatefulOpenServers(statefulhelper * hlp) +{ + char *s; + char *progname; + char *shortname; + char *procname; + char *args[HELPER_MAX_ARGS]; + char fd_note_buf[FD_DESC_SZ]; + helper_stateful_server *srv; + int nargs = 0; + int k; + int x; + int rfd; + int wfd; + wordlist *w; + if (hlp->cmdline == NULL) + return; + progname = hlp->cmdline->key; + if ((s = strrchr(progname, '/'))) + shortname = xstrdup(s + 1); + else + shortname = xstrdup(progname); + debug(29, 1) ("helperStatefulOpenServers: Starting %d '%s' processes\n", + hlp->n_to_start, shortname); + procname = xmalloc(strlen(shortname) + 3); + snprintf(procname, strlen(shortname) + 3, "(%s)", shortname); + args[nargs++] = procname; + for (w = hlp->cmdline->next; w && nargs < HELPER_MAX_ARGS; w = w->next) + args[nargs++] = w->key; + args[nargs++] = NULL; + assert(nargs <= HELPER_MAX_ARGS); + for (k = 0; k < hlp->n_to_start; k++) { + getCurrentTime(); + rfd = wfd = -1; + x = ipcCreate(hlp->ipc_type, + progname, + args, + shortname, + &rfd, + &wfd); + if (x < 0) { + debug(29, 1) ("WARNING: Cannot run '%s' process.\n", progname); + continue; + } + hlp->n_running++; + srv = CBDATA_ALLOC(helper_stateful_server, NULL); + srv->flags.alive = 1; + srv->flags.reserved = S_HELPER_FREE; + srv->deferred_requests = 0; + srv->index = k; + srv->rfd = rfd; + srv->wfd = wfd; + srv->buf = memAllocate(MEM_8K_BUF); + srv->buf_sz = 8192; + srv->offset = 0; + srv->parent = hlp; + if (hlp->datapool != NULL) + srv->data = memPoolAlloc(hlp->datapool); + cbdataLock(hlp); /* lock because of the parent backlink */ + dlinkAddTail(srv, &srv->link, &hlp->servers); + if (rfd == wfd) { + snprintf(fd_note_buf, FD_DESC_SZ, "%s #%d", shortname, k + 1); + fd_note(rfd, fd_note_buf); + } else { + snprintf(fd_note_buf, FD_DESC_SZ, "reading %s #%d", shortname, k + 1); + fd_note(rfd, fd_note_buf); + snprintf(fd_note_buf, FD_DESC_SZ, "writing %s #%d", shortname, k + 1); + fd_note(wfd, fd_note_buf); + } + commSetNonBlocking(rfd); + if (wfd != rfd) + commSetNonBlocking(wfd); + comm_add_close_handler(rfd, helperStatefulServerFree, srv); + } + safe_free(shortname); + safe_free(procname); + helperStatefulKickQueue(hlp); +} + + +void helperSubmit(helper * hlp, const char *buf, HLPCB * callback, void *data) { helper_request *r = memAllocate(MEM_HELPER_REQUEST); @@ -142,6 +232,136 @@ helperDispatch(srv, r); else Enqueue(hlp, r); + debug(29, 9) ("helperSubmit: %s\n", buf); +} + +void +helperStatefulSubmit(statefulhelper * hlp, const char *buf, HLPSCB * callback, void *data, helper_stateful_server * lastserver) +{ + helper_stateful_request *r = memAllocate(MEM_HELPER_STATEFUL_REQUEST); + helper_stateful_server *srv; + if (hlp == NULL) { + debug(29, 3) ("helperStatefulSubmit: hlp == NULL\n"); + callback(data, 0, NULL); + return; + } + r->callback = callback; + r->data = data; + if (buf != NULL) + r->buf = xstrdup(buf); + else + r->placeholder = 1; + cbdataLock(r->data); + if ((buf != NULL) && lastserver) { + debug(29, 5) ("StatefulSubmit with lastserver %d\n", lastserver); + if (lastserver->flags.reserved != S_HELPER_RESERVED) + lastserver->deferred_requests--; + if (!(lastserver->request)) { + debug(29, 5) ("StatefulSubmit dispatching\n"); + helperStatefulDispatch(lastserver, r); + } else { + debug(29, 5) ("StatefulSubmit queuing\n"); + StatefulServerEnqueue(lastserver, r); + } + } else { + if ((srv = StatefulGetFirstAvailable(hlp))) { + helperStatefulDispatch(srv, r); + } else + StatefulEnqueue(hlp, r); + } + debug(29, 9) ("helperStatefulSubmit: placeholder: '%d', buf '%s'.\n", r->placeholder, buf); +} + +helper_stateful_server * +helperStatefulDefer(statefulhelper * hlp) +/* find and add a deferred request to a server */ +{ + dlink_node *n; + helper_stateful_server *srv = NULL, *rv = NULL; + if (hlp == NULL) { + debug(29, 3) ("helperStatefulReserve: hlp == NULL\n"); + return NULL; + } + debug(29, 5) ("helperStatefulDefer: Running servers %d.\n", hlp->n_running); + if (hlp->n_running == 0) { + debug(29, 1) ("helperStatefulDefer: No running servers!. \n"); + return NULL; + } + srv = StatefulGetFirstAvailable(hlp); + /* all currently busy:loop through servers and find server with the shortest queue */ + rv = srv; + if (rv == NULL) + for (n = hlp->servers.head; n != NULL; n = n->next) { + srv = n->data; + if (srv->flags.reserved == S_HELPER_RESERVED) + continue; + if (!srv->flags.alive) + continue; + if ((hlp->IsAvailable != NULL) && (srv->data != NULL) && + !(hlp->IsAvailable(srv->data))) + continue; + if ((rv != NULL) && (rv->deferred_requests < srv->deferred_requests)) + continue; + rv = srv; + } + if (rv == NULL) { + debug(29, 1) ("helperStatefulDefer: None available.\n"); + return NULL; + } + rv->flags.reserved = S_HELPER_DEFERRED; + rv->deferred_requests++; + return rv; +} + +void +helperStatefulReset(helper_stateful_server * srv) +/* puts this helper back in the queue. the calling app is required to + * manage the state in the helper. + */ +{ + statefulhelper *hlp = srv->parent; + helper_stateful_request *r; + r = srv->request; + if (r != NULL) { + /* reset attempt DURING an outstaning request */ + debug(29, 1) ("helperStatefulReset: RESET During request %s \n", + hlp->id_name); + srv->flags.busy = 0; + srv->offset = 0; + helperStatefulRequestFree(r); + srv->request = NULL; + } + debug(29, 1) ("helperStatefulReset reset helper %s #%d\n", hlp->id_name, srv->index + 1); + srv->flags.busy = 0; + if (srv->queue.head) { + srv->flags.reserved = S_HELPER_DEFERRED; + helperStatefulServerKickQueue(srv); + } else { + srv->flags.reserved = S_HELPER_FREE; + if ((srv->parent->OnEmptyQueue != NULL) && (srv->data)) + srv->parent->OnEmptyQueue(srv->data); + helperStatefulKickQueue(hlp); + } +} + +void +helperStatefulReleaseServer(helper_stateful_server * srv) +/*decrease the number of 'waiting' clients that set the helper to be DEFERRED */ +{ + if (srv->deferred_requests > 0) + srv->deferred_requests--; + if (!(srv->deferred_requests) && (srv->flags.reserved == S_HELPER_DEFERRED) && !(srv->queue.head)) { + srv->flags.reserved = S_HELPER_FREE; + if ((srv->parent->OnEmptyQueue != NULL) && (srv->data)) + srv->parent->OnEmptyQueue(srv->data); + } +} + +void * +helperStatefulServerGetData(helper_stateful_server * srv) +/* return a pointer to the stateful routines data area */ +{ + return srv->data; } void @@ -192,6 +412,57 @@ } void +helperStatefulStats(StoreEntry * sentry, statefulhelper * hlp) +{ + helper_stateful_server *srv; + dlink_node *link; + double tt; + storeAppendPrintf(sentry, "number running: %d of %d\n", + hlp->n_running, hlp->n_to_start); + storeAppendPrintf(sentry, "requests sent: %d\n", + hlp->stats.requests); + storeAppendPrintf(sentry, "replies received: %d\n", + hlp->stats.replies); + storeAppendPrintf(sentry, "queue length: %d\n", + hlp->stats.queue_size); + storeAppendPrintf(sentry, "avg service time: %d msec\n", + hlp->stats.avg_svc_time); + storeAppendPrintf(sentry, "\n"); + storeAppendPrintf(sentry, "%7s\t%7s\t%11s\t%s\t%7s\t%7s\t%7s\n", + "#", + "FD", + "# Requests", + "# Deferred Requests", + "Flags", + "Time", + "Offset", + "Request"); + for (link = hlp->servers.head; link; link = link->next) { + srv = link->data; + tt = 0.001 * tvSubMsec(srv->dispatch_time, current_time); + storeAppendPrintf(sentry, "%7d\t%7d\t%11d\t%11d\t%c%c%c%c%c\t%7.3f\t%7d\t%s\n", + srv->index + 1, + srv->rfd, + srv->stats.uses, + srv->deferred_requests, + srv->flags.alive ? 'A' : ' ', + srv->flags.busy ? 'B' : ' ', + srv->flags.closing ? 'C' : ' ', + srv->flags.reserved != S_HELPER_FREE ? 'R' : ' ', + srv->flags.shutdown ? 'S' : ' ', + tt < 0.0 ? 0.0 : tt, + (int) srv->offset, + srv->request ? log_quote(srv->request->buf) : "(none)"); + } + storeAppendPrintf(sentry, "\nFlags key:\n\n"); + storeAppendPrintf(sentry, " A = ALIVE\n"); + storeAppendPrintf(sentry, " B = BUSY\n"); + storeAppendPrintf(sentry, " C = CLOSING\n"); + storeAppendPrintf(sentry, " R = RESERVED or DEFERRED\n"); + storeAppendPrintf(sentry, " S = SHUTDOWN\n"); +} + +void helperShutdown(helper * hlp) { dlink_node *link = hlp->servers.head; @@ -221,18 +492,71 @@ } } +void +helperStatefulShutdown(statefulhelper * hlp) +{ + dlink_node *link = hlp->servers.head; + helper_stateful_server *srv; + while (link) { + srv = link->data; + link = link->next; + if (!srv->flags.alive) { + debug(34, 3) ("helperStatefulShutdown: %s #%d is NOT ALIVE.\n", + hlp->id_name, srv->index + 1); + continue; + } + srv->flags.shutdown = 1; /* request it to shut itself down */ + if (srv->flags.busy) { + debug(34, 3) ("helperStatefulShutdown: %s #%d is BUSY.\n", + hlp->id_name, srv->index + 1); + continue; + } + if (srv->flags.closing) { + debug(34, 3) ("helperStatefulShutdown: %s #%d is CLOSING.\n", + hlp->id_name, srv->index + 1); + continue; + } + if (srv->flags.reserved != S_HELPER_FREE) { + debug(34, 3) ("helperStatefulShutdown: %s #%d is RESERVED.\n", + hlp->id_name, srv->index + 1); + continue; + } + if (srv->deferred_requests) { + debug(34, 3) ("helperStatefulShutdown: %s #%d has DEFERRED requests.\n", + hlp->id_name, srv->index + 1); + continue; + } + srv->flags.closing = 1; + comm_close(srv->wfd); + srv->wfd = -1; + } +} + + helper * helperCreate(const char *name) { - helper *hlp = memAllocate(MEM_HELPER); - cbdataAdd(hlp, memFree, MEM_HELPER); + helper *hlp; + hlp = CBDATA_ALLOC(helper, NULL); hlp->id_name = name; return hlp; } +statefulhelper * +helperStatefulCreate(const char *name) +{ + statefulhelper *hlp; + hlp = CBDATA_ALLOC(statefulhelper, NULL); + hlp->id_name = name; + return hlp; +} + + void helperFree(helper * hlp) { + if (!hlp) + return; /* note, don't free hlp->name, it probably points to static memory */ if (hlp->queue.head) debug(29, 0) ("WARNING: freeing %s helper with %d requests queued\n", @@ -240,6 +564,19 @@ cbdataFree(hlp); } +void +helperStatefulFree(statefulhelper * hlp) +{ + if (!hlp) + return; + /* note, don't free hlp->name, it probably points to static memory */ + if (hlp->queue.head) + debug(29, 0) ("WARNING: freeing %s helper with %d requests queued\n", + hlp->id_name, hlp->stats.queue_size); + cbdataFree(hlp); +} + + /* ====================================================================== */ /* LOCAL FUNCTIONS */ /* ====================================================================== */ @@ -277,6 +614,41 @@ } static void +helperStatefulServerFree(int fd, void *data) +{ + helper_stateful_server *srv = data; + statefulhelper *hlp = srv->parent; + helper_stateful_request *r; + assert(srv->rfd == fd); + if (srv->buf) { + memFree(srv->buf, MEM_8K_BUF); + srv->buf = NULL; + } + if ((r = srv->request)) { + if (cbdataValid(r->data)) + r->callback(r->data, srv, srv->buf); + helperStatefulRequestFree(r); + srv->request = NULL; + } + if (srv->wfd != srv->rfd && srv->wfd != -1) + comm_close(srv->wfd); + dlinkDelete(&srv->link, &hlp->servers); + hlp->n_running--; + assert(hlp->n_running >= 0); + if (!srv->flags.shutdown) { + debug(34, 0) ("WARNING: %s #%d (FD %d) exited\n", + hlp->id_name, srv->index + 1, fd); + if (hlp->n_running < hlp->n_to_start / 2) + fatalf("Too few %s processes are running", hlp->id_name); + } + if (srv->data != NULL) + memPoolFree(hlp->datapool, srv->data); + cbdataUnlock(srv->parent); + cbdataFree(srv); +} + + +static void helperHandleRead(int fd, void *data) { int len; @@ -331,6 +703,101 @@ } static void +helperStatefulHandleRead(int fd, void *data) +{ + int len; + char *t = NULL; + helper_stateful_server *srv = data; + helper_stateful_request *r; + statefulhelper *hlp = srv->parent; + assert(fd == srv->rfd); + assert(cbdataValid(data)); + statCounter.syscalls.sock.reads++; + len = read(fd, srv->buf + srv->offset, srv->buf_sz - srv->offset); + fd_bytes(fd, len, FD_READ); + debug(29, 5) ("helperStatefulHandleRead: %d bytes from %s #%d.\n", + len, hlp->id_name, srv->index + 1); + if (len <= 0) { + if (len < 0) + debug(50, 1) ("helperStatefulHandleRead: FD %d read: %s\n", fd, xstrerror()); + comm_close(fd); + return; + } + srv->offset += len; + srv->buf[srv->offset] = '\0'; + r = srv->request; + if (r == NULL) { + /* someone spoke without being spoken to */ + debug(29, 1) ("helperStatefulHandleRead: unexpected read from %s #%d, %d bytes\n", + hlp->id_name, srv->index + 1, len); + srv->offset = 0; + } else if ((t = strchr(srv->buf, '\n'))) { + /* end of reply found */ + debug(29, 3) ("helperStatefulHandleRead: end of reply found\n"); + *t = '\0'; + if (cbdataValid(r->data)) { + switch ((r->callback(r->data, srv, srv->buf))) { /*if non-zero reserve helper */ + case S_HELPER_UNKNOWN: + fatal("helperStatefulHandleRead: either a non-state aware callback was give to the stateful helper routines, or an uninitialised callback response was recieved.\n"); + break; + case S_HELPER_RELEASE: /* helper finished with */ + if (!srv->queue.head) { + srv->flags.reserved = S_HELPER_FREE; + if ((srv->parent->OnEmptyQueue != NULL) && (srv->data)) + srv->parent->OnEmptyQueue(srv->data); + debug(29, 5) ("StatefulHandleRead: releasing %s #%d\n", hlp->id_name, srv->index + 1); + } else { + srv->flags.reserved = S_HELPER_DEFERRED; + debug(29, 5) ("StatefulHandleRead: outstanding deferred requests on %s #%d. reserving for deferred requests.\n", hlp->id_name, srv->index + 1); + } + break; + case S_HELPER_RESERVE: /* 'pin' this helper for the caller */ + if (!srv->queue.head) { + srv->flags.reserved = S_HELPER_RESERVED; + debug(29, 5) ("StatefulHandleRead: reserving %s #%d\n", hlp->id_name, srv->index + 1); + } else { + fatal("StatefulHandleRead: Callback routine attempted to reserve a stateful helper with deferred requests. This can lead to deadlock.\n"); + } + break; + case S_HELPER_DEFER: + /* the helper is still needed, but can + * be used for other requests in the meantime. + */ + srv->flags.reserved = S_HELPER_DEFERRED; + srv->deferred_requests++; + debug(29, 5) ("StatefulHandleRead: reserving %s #%d for deferred requests.\n", hlp->id_name, srv->index + 1); + break; + default: + fatal("helperStatefulHandleRead: unknown stateful helper callback result.\n"); + } + + } else { + debug(29, 1) ("StatefulHandleRead: no callback data registered\n"); + } + srv->flags.busy = 0; + srv->offset = 0; + helperStatefulRequestFree(r); + srv->request = NULL; + hlp->stats.replies++; + hlp->stats.avg_svc_time = + intAverage(hlp->stats.avg_svc_time, + tvSubMsec(srv->dispatch_time, current_time), + hlp->stats.replies, REDIRECT_AV_FACTOR); + if (srv->flags.shutdown) { + comm_close(srv->wfd); + srv->wfd = -1; + } else { + if (srv->queue.head) + helperStatefulServerKickQueue(srv); + else + helperStatefulKickQueue(hlp); + } + } else { + commSetSelect(srv->rfd, COMM_SELECT_READ, helperStatefulHandleRead, srv, 0); + } +} + +static void Enqueue(helper * hlp, helper_request * r) { dlink_node *link = memAllocate(MEM_DLINK_NODE); @@ -350,6 +817,51 @@ debug(14, 1) ("Consider increasing the number of %s processes in your config file.\n", hlp->id_name); } +static void +StatefulEnqueue(statefulhelper * hlp, helper_stateful_request * r) +{ + dlink_node *link = memAllocate(MEM_DLINK_NODE); + dlinkAddTail(r, link, &hlp->queue); + hlp->stats.queue_size++; + if (hlp->stats.queue_size < hlp->n_running) + return; + if (squid_curtime - hlp->last_queue_warn < 600) + return; + if (shutting_down || reconfiguring) + return; + hlp->last_queue_warn = squid_curtime; + debug(14, 0) ("WARNING: All %s processes are busy.\n", hlp->id_name); + debug(14, 0) ("WARNING: %d pending requests queued\n", hlp->stats.queue_size); + if (hlp->stats.queue_size > hlp->n_running * 2) + fatalf("Too many queued %s requests", hlp->id_name); + debug(14, 1) ("Consider increasing the number of %s processes in your config file.\n", hlp->id_name); +} + +static void +StatefulServerEnqueue(helper_stateful_server * srv, helper_stateful_request * r) +{ + dlink_node *link = memAllocate(MEM_DLINK_NODE); + dlinkAddTail(r, link, &srv->queue); +/* TODO: warning if the queue on this server is more than X + * We don't check the queue size at the moment, because + * requests hitting here are deferrable + */ +/* hlp->stats.queue_size++; + * if (hlp->stats.queue_size < hlp->n_running) + * return; + * if (squid_curtime - hlp->last_queue_warn < 600) + * return; + * if (shutting_down || reconfiguring) + * return; + * hlp->last_queue_warn = squid_curtime; + * debug(14, 0) ("WARNING: All %s processes are busy.\n", hlp->id_name); + * debug(14, 0) ("WARNING: %d pending requests queued\n", hlp->stats.queue_size); + * if (hlp->stats.queue_size > hlp->n_running * 2) + * fatalf("Too many queued %s requests", hlp->id_name); + * debug(14, 1) ("Consider increasing the number of %s processes in your config file.\n", hlp->id_name); */ +} + + static helper_request * Dequeue(helper * hlp) { @@ -364,6 +876,33 @@ return r; } +static helper_stateful_request * +StatefulServerDequeue(helper_stateful_server * srv) +{ + dlink_node *link; + helper_stateful_request *r = NULL; + if ((link = srv->queue.head)) { + r = link->data; + dlinkDelete(link, &srv->queue); + memFree(link, MEM_DLINK_NODE); + } + return r; +} + +static helper_stateful_request * +StatefulDequeue(statefulhelper * hlp) +{ + dlink_node *link; + helper_stateful_request *r = NULL; + if ((link = hlp->queue.head)) { + r = link->data; + dlinkDelete(link, &hlp->queue); + memFree(link, MEM_DLINK_NODE); + hlp->stats.queue_size--; + } + return r; +} + static helper_server * GetFirstAvailable(helper * hlp) { @@ -382,6 +921,31 @@ return NULL; } +static helper_stateful_server * +StatefulGetFirstAvailable(statefulhelper * hlp) +{ + dlink_node *n; + helper_stateful_server *srv = NULL; + debug(29, 5) ("StatefulGetFirstAvailable: Running servers %d.\n", hlp->n_running); + if (hlp->n_running == 0) + return NULL; + for (n = hlp->servers.head; n != NULL; n = n->next) { + srv = n->data; + if (srv->flags.busy) + continue; + if (srv->flags.reserved == S_HELPER_RESERVED) + continue; + if (!srv->flags.alive) + continue; + if ((hlp->IsAvailable != NULL) && (srv->data != NULL) && !(hlp->IsAvailable(srv->data))) + continue; + return srv; + } + debug(29, 5) ("StatefulGetFirstAvailable: None available.\n"); + return NULL; +} + + static void helperDispatch(helper_server * srv, helper_request * r) { @@ -412,6 +976,60 @@ } static void +helperStatefulDispatch(helper_stateful_server * srv, helper_stateful_request * r) +{ + statefulhelper *hlp = srv->parent; + if (!cbdataValid(r->data)) { + debug(29, 1) ("helperStatefulDispatch: invalid callback data\n"); + helperStatefulRequestFree(r); + return; + } + debug(29, 9) ("helperStatefulDispatch busying helper %s #%d\n", hlp->id_name, srv->index + 1); + if (r->placeholder == 1) { + /* a callback is needed before this request can _use_ a helper. */ + if (cbdataValid(r->data)) { + /* we don't care about releasing/deferring this helper. The request NEVER + * gets to the helper. So we throw away the return code */ + r->callback(r->data, srv, NULL); + /* throw away the placeholder */ + helperStatefulRequestFree(r); + /* and push the queue. Note that the callback may have call submit again - + * which is why we test for the request*/ + if (srv->request == NULL) { + if (srv->flags.shutdown) { + comm_close(srv->wfd); + srv->wfd = -1; + } else { + if (srv->queue.head) + helperStatefulServerKickQueue(srv); + else + helperStatefulKickQueue(hlp); + } + } + } + return; + } + srv->flags.busy = 1; + srv->request = r; + srv->dispatch_time = current_time; + comm_write(srv->wfd, + r->buf, + strlen(r->buf), + NULL, /* Handler */ + NULL, /* Handler-data */ + NULL); /* free */ + commSetSelect(srv->rfd, + COMM_SELECT_READ, + helperStatefulHandleRead, + srv, 0); + debug(29, 5) ("helperStatefulDispatch: Request sent to %s #%d, %d bytes\n", + hlp->id_name, srv->index + 1, strlen(r->buf)); + srv->stats.uses++; + hlp->stats.requests++; +} + + +static void helperKickQueue(helper * hlp) { helper_request *r; @@ -421,9 +1039,34 @@ } static void +helperStatefulKickQueue(statefulhelper * hlp) +{ + helper_stateful_request *r; + helper_stateful_server *srv; + while ((srv = StatefulGetFirstAvailable(hlp)) && (r = StatefulDequeue(hlp))) + helperStatefulDispatch(srv, r); +} + +static void +helperStatefulServerKickQueue(helper_stateful_server * srv) +{ + helper_stateful_request *r; + if ((r = StatefulServerDequeue(srv))) + helperStatefulDispatch(srv, r); +} + +static void helperRequestFree(helper_request * r) { cbdataUnlock(r->data); xfree(r->buf); memFree(r, MEM_HELPER_REQUEST); } + +static void +helperStatefulRequestFree(helper_stateful_request * r) +{ + cbdataUnlock(r->data); + xfree(r->buf); + memFree(r, MEM_HELPER_STATEFUL_REQUEST); +} Index: squid/src/htcp.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/htcp.c,v retrieving revision 1.4.6.1 retrieving revision 1.4.6.2 diff -u -r1.4.6.1 -r1.4.6.2 --- squid/src/htcp.c 7 Dec 2000 13:58:11 -0000 1.4.6.1 +++ squid/src/htcp.c 27 Feb 2001 14:18:52 -0000 1.4.6.2 @@ -1,21 +1,21 @@ /* - * $Id: htcp.c,v 1.4.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: htcp.c,v 1.4.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 31 Hypertext Caching Protocol * AUTHOR: Duane Wesssels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -886,7 +886,8 @@ MemBuf mb; http_state_flags flags; memset(&flags, '\0', sizeof(flags)); - snprintf(vbuf, sizeof(vbuf), "%3.1f", req->http_ver); + snprintf(vbuf, sizeof(vbuf), "%d/%d", + req->http_ver.major, req->http_ver.minor); stuff.op = HTCP_TST; stuff.rr = RR_REQUEST; stuff.f1 = 1; Index: squid/src/http.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/http.c,v retrieving revision 1.5 retrieving revision 1.5.2.1 diff -u -r1.5 -r1.5.2.1 --- squid/src/http.c 14 Nov 2000 13:03:47 -0000 1.5 +++ squid/src/http.c 27 Feb 2001 14:18:52 -0000 1.5.2.1 @@ -1,21 +1,21 @@ /* - * $Id: http.c,v 1.5 2000/11/14 13:03:47 adri Exp $ + * $Id: http.c,v 1.5.2.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 11 Hypertext Transfer Protocol (HTTP) * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -44,7 +44,6 @@ static CWCB httpSendComplete; static CWCB httpSendRequestEntry; -static CWCB httpSendRequestEntryDone; static PF httpReadReply; static void httpSendRequest(HttpStateData *); @@ -650,6 +649,8 @@ const HttpHeader *hdr_in = &orig_request->header; int we_do_ranges; const HttpHeaderEntry *e; + String strVia; + String strFwd; HttpHeaderPos pos = HttpHeaderInitPos; httpHeaderInit(hdr_out, hoRequest); /* append our IMS header */ @@ -681,20 +682,34 @@ while ((e = httpHeaderGetEntry(hdr_in, &pos))) { debug(11, 5) ("httpBuildRequestHeader: %s: %s\n", strBuf(e->name), strBuf(e->value)); - if (!httpRequestHdrAllowed(e, &strConnection)) + if (!httpRequestHdrAllowed(e, &strConnection)) { + debug(11, 2) ("'%s' header denied by anonymize_headers configuration\n", + strBuf(e->name)); continue; + } switch (e->id) { case HDR_PROXY_AUTHORIZATION: - /* If we're not doing proxy auth, then it must be passed on */ - if (!request->flags.used_proxy_auth) + /* Only pass on proxy authentication to peers for which + * authentication forwarding is explicitly enabled + */ + if (request->flags.proxying && orig_request->peer_login && + strcmp(orig_request->peer_login, "PASS") == 0) { httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); + } break; case HDR_AUTHORIZATION: - /* If we're not doing www auth, then it must be passed on */ - if (!request->flags.accelerated || !request->flags.used_proxy_auth) - httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); - else - request->flags.auth = 0; /* We have used the authentication */ + /* Pass on WWW authentication even if used locally. If this is + * not wanted in an accelerator then the header can be removed + * using the anonymization functions + */ + httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); + /* XXX Some accelerators might want to strip the header + * and regard the reply as cacheable, but authentication + * is not normally enabled for accelerators without reading + * the code, so there is not much use in adding logics here + * without first defining the concept of having authentication + * in the accelerator... + */ break; case HDR_HOST: /* @@ -741,28 +756,21 @@ } } - /* append fake user agent if configured and - * the real one is not supplied by the client */ - if (Config.fake_ua && !httpHeaderHas(hdr_out, HDR_USER_AGENT)) - httpHeaderPutStr(hdr_out, HDR_USER_AGENT, Config.fake_ua); - /* append Via */ - if (httpRequestHdrAllowedByName(HDR_VIA)) { - String strVia = httpHeaderGetList(hdr_in, HDR_VIA); - snprintf(bbuf, BBUF_SZ, "%d.%d %s", - orig_request->http_ver.major, - orig_request->http_ver.minor, ThisCache); - strListAdd(&strVia, bbuf, ','); - httpHeaderPutStr(hdr_out, HDR_VIA, strBuf(strVia)); - stringClean(&strVia); - } + strVia = httpHeaderGetList(hdr_in, HDR_VIA); + snprintf(bbuf, BBUF_SZ, "%d.%d %s", + orig_request->http_ver.major, + orig_request->http_ver.minor, ThisCache); + strListAdd(&strVia, bbuf, ','); + httpHeaderPutStr(hdr_out, HDR_VIA, strBuf(strVia)); + stringClean(&strVia); + /* append X-Forwarded-For */ - if (httpRequestHdrAllowedByName(HDR_X_FORWARDED_FOR)) { - String strFwd = httpHeaderGetList(hdr_in, HDR_X_FORWARDED_FOR); - strListAdd(&strFwd, (cfd < 0 ? "unknown" : fd_table[cfd].ipaddr), ','); - httpHeaderPutStr(hdr_out, HDR_X_FORWARDED_FOR, strBuf(strFwd)); - stringClean(&strFwd); - } + strFwd = httpHeaderGetList(hdr_in, HDR_X_FORWARDED_FOR); + strListAdd(&strFwd, (cfd < 0 ? "unknown" : fd_table[cfd].ipaddr), ','); + httpHeaderPutStr(hdr_out, HDR_X_FORWARDED_FOR, strBuf(strFwd)); + stringClean(&strFwd); + /* append Host if not there already */ if (!httpHeaderHas(hdr_out, HDR_HOST)) { /* use port# only if not default */ @@ -781,8 +789,19 @@ } } /* append Proxy-Authorization if configured for peer, and proxying */ - if (!httpHeaderHas(hdr_out, HDR_PROXY_AUTHORIZATION)) { - if (request->flags.proxying && orig_request->peer_login) { + if (request->flags.proxying && orig_request->peer_login && + !httpHeaderHas(hdr_out, HDR_PROXY_AUTHORIZATION) && + strcmp(orig_request->peer_login, "PASS") != 0) { + if (*orig_request->peer_login == '*') { + /* Special mode, to pass the username to the upstream cache */ + char loginbuf[256]; + char *username = "-"; + if (orig_request->auth_user_request) + username = authenticateUserRequestUsername(orig_request->auth_user_request); + snprintf(loginbuf, sizeof(loginbuf), "%s%s", username, orig_request->peer_login + 1); + httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s", + base64_encode(loginbuf)); + } else { httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s", base64_encode(orig_request->peer_login)); } @@ -811,6 +830,8 @@ httpHeaderPutStr(hdr_out, HDR_CONNECTION, "keep-alive"); } } + /* Now mangle the headers. */ + httpHdrMangleList(hdr_out, request); stringClean(&strConnection); } @@ -855,7 +876,7 @@ debug(11, 5) ("httpSendRequest: FD %d: httpState %p.\n", httpState->fd, httpState); - if (httpState->orig_request->content_length > 0) + if (httpState->orig_request->body_connection) sendHeaderDone = httpSendRequestEntry; else sendHeaderDone = httpSendComplete; @@ -869,6 +890,8 @@ assert(-1 == cfd || FD_SOCKET == fd_table[cfd].type); if (p != NULL) httpState->flags.proxying = 1; + else + httpState->flags.proxying = 0; /* * Is keep-alive okay for all request methods? */ @@ -899,13 +922,13 @@ httpStart(FwdState * fwd) { int fd = fwd->server_fd; - HttpStateData *httpState = memAllocate(MEM_HTTP_STATE_DATA); + HttpStateData *httpState; request_t *proxy_req; request_t *orig_req = fwd->request; debug(11, 3) ("httpStart: \"%s %s\"\n", RequestMethodStr[orig_req->method], storeUrl(fwd->entry)); - cbdataAdd(httpState, memFree, MEM_HTTP_STATE_DATA); + httpState = CBDATA_ALLOC(HttpStateData, NULL); storeLockObject(fwd->entry); httpState->fwd = fwd; httpState->entry = fwd->entry; @@ -953,43 +976,50 @@ } static void -httpSendRequestEntry(int fd, char *bufnotused, size_t size, int errflag, void *data) +httpSendRequestEntryDone(int fd, void *data) { HttpStateData *httpState = data; - StoreEntry *entry = httpState->entry; - ErrorState *err; - debug(11, 5) ("httpSendRequestEntry: FD %d: size %d: errflag %d.\n", - fd, size, errflag); - if (size > 0) { - fd_bytes(fd, size, FD_WRITE); - kb_incr(&statCounter.server.all.kbytes_out, size); - kb_incr(&statCounter.server.http.kbytes_out, size); - } - if (errflag == COMM_ERR_CLOSING) - return; - if (errflag) { - err = errorCon(ERR_WRITE_ERROR, HTTP_INTERNAL_SERVER_ERROR); - err->xerrno = errno; - err->request = requestLink(httpState->orig_request); - errorAppendEntry(entry, err); - comm_close(fd); - return; + aclCheck_t ch; + debug(11, 5) ("httpSendRequestEntryDone: FD %d\n", + fd); + memset(&ch, '\0', sizeof(ch)); + ch.request = httpState->request; + if (!Config.accessList.brokenPosts) { + debug(11, 5) ("httpSendRequestEntryDone: No brokenPosts list\n"); + httpSendComplete(fd, NULL, 0, 0, data); + } else if (!aclCheckFast(Config.accessList.brokenPosts, &ch)) { + debug(11, 5) ("httpSendRequestEntryDone: didn't match brokenPosts\n"); + httpSendComplete(fd, NULL, 0, 0, data); + } else { + debug(11, 2) ("httpSendRequestEntryDone: matched brokenPosts\n"); + comm_write(fd, "\r\n", 2, httpSendComplete, data, NULL); } - if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) { - comm_close(fd); - return; +} + +static void +httpRequestBodyHandler(char *buf, size_t size, void *data) +{ + HttpStateData *httpState = (HttpStateData *) data; + if (size > 0) { + comm_write(httpState->fd, buf, size, httpSendRequestEntry, data, memFree8K); + } else if (size == 0) { + /* End of body */ + memFree8K(buf); + httpSendRequestEntryDone(httpState->fd, data); + } else { + /* Failed to get whole body, probably aborted */ + memFree8K(buf); + httpSendComplete(httpState->fd, NULL, 0, COMM_ERR_CLOSING, data); } - pumpStart(fd, httpState->fwd, httpSendRequestEntryDone, httpState); } static void -httpSendRequestEntryDone(int fd, char *bufnotused, size_t size, int errflag, void *data) +httpSendRequestEntry(int fd, char *bufnotused, size_t size, int errflag, void *data) { HttpStateData *httpState = data; StoreEntry *entry = httpState->entry; ErrorState *err; - aclCheck_t ch; - debug(11, 5) ("httpSendRequestEntryDone: FD %d: size %d: errflag %d.\n", + debug(11, 5) ("httpSendRequestEntry: FD %d: size %d: errflag %d.\n", fd, size, errflag); if (size > 0) { fd_bytes(fd, size, FD_WRITE); @@ -1006,18 +1036,11 @@ comm_close(fd); return; } - memset(&ch, '\0', sizeof(ch)); - ch.request = httpState->request; - if (!Config.accessList.brokenPosts) { - debug(11, 5) ("httpSendRequestEntryDone: No brokenPosts list\n"); - httpSendComplete(fd, NULL, 0, 0, data); - } else if (!aclCheckFast(Config.accessList.brokenPosts, &ch)) { - debug(11, 5) ("httpSendRequestEntryDone: didn't match brokenPosts\n"); - httpSendComplete(fd, NULL, 0, 0, data); - } else { - debug(11, 2) ("httpSendRequestEntryDone: matched brokenPosts\n"); - comm_write(fd, "\r\n", 2, httpSendComplete, data, NULL); + if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) { + comm_close(fd); + return; } + clientReadBody(httpState->orig_request, memAllocate(MEM_8K_BUF), 8192, httpRequestBodyHandler, httpState); } void Index: squid/src/icmp.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/icmp.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/icmp.c 7 Dec 2000 13:58:11 -0000 1.3.6.1 +++ squid/src/icmp.c 27 Feb 2001 14:18:52 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: icmp.c,v 1.3.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: icmp.c,v 1.3.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 37 ICMP Routines * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/icp_v2.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/icp_v2.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/icp_v2.c 7 Dec 2000 13:58:11 -0000 1.3.6.1 +++ squid/src/icp_v2.c 27 Feb 2001 14:18:52 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: icp_v2.c,v 1.3.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: icp_v2.c,v 1.3.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 12 Internet Cache Protocol * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/icp_v3.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/icp_v3.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/icp_v3.c 7 Dec 2000 13:58:11 -0000 1.3.6.1 +++ squid/src/icp_v3.c 27 Feb 2001 14:18:52 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: icp_v3.c,v 1.3.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: icp_v3.c,v 1.3.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 12 Internet Cache Protocol * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/ident.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/ident.c,v retrieving revision 1.4.6.1 retrieving revision 1.4.6.2 diff -u -r1.4.6.1 -r1.4.6.2 --- squid/src/ident.c 7 Dec 2000 13:58:11 -0000 1.4.6.1 +++ squid/src/ident.c 27 Feb 2001 14:18:52 -0000 1.4.6.2 @@ -1,21 +1,21 @@ /* - * $Id: ident.c,v 1.4.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: ident.c,v 1.4.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 30 Ident (RFC 931) * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -178,6 +178,8 @@ *C = c; } +CBDATA_TYPE(IdentStateData); + /**** PUBLIC FUNCTIONS ****/ /* @@ -213,8 +215,8 @@ callback(NULL, data); return; } - state = xcalloc(1, sizeof(IdentStateData)); - cbdataAdd(state, cbdataXfree, 0); + CBDATA_INIT_TYPE(IdentStateData); + state = CBDATA_ALLOC(IdentStateData, NULL); state->hash.key = xstrdup(key); state->fd = fd; state->me = *me; Index: squid/src/internal.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/internal.c,v retrieving revision 1.5.2.1 retrieving revision 1.5.2.2 diff -u -r1.5.2.1 -r1.5.2.2 --- squid/src/internal.c 7 Dec 2000 13:58:11 -0000 1.5.2.1 +++ squid/src/internal.c 27 Feb 2001 14:18:52 -0000 1.5.2.2 @@ -1,21 +1,21 @@ /* - * $Id: internal.c,v 1.5.2.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: internal.c,v 1.5.2.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 76 Internal Squid Object handling * AUTHOR: Duane, Alex, Henrik * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -55,7 +55,7 @@ #else const char *msgbuf = "This cache does not suport Cache Digests.\n"; #endif - httpBuildVersion(&version,1,0); + httpBuildVersion(&version, 1, 0); httpReplySetHeaders(entry->mem_obj->reply, version, HTTP_NOT_FOUND, @@ -105,8 +105,8 @@ * domains */ if (Config.appendDomain && !strchr(lc_host, '.')) - strncat(lc_host, Config.appendDomain, SQUIDHOSTNAMELEN - - strlen(lc_host) - 1); + strncat(lc_host, Config.appendDomain, SQUIDHOSTNAMELEN - + strlen(lc_host) - 1); /* build uri in mb */ memBufReset(&mb); memBufPrintf(&mb, "http://%s", lc_host); Index: squid/src/ipc.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/ipc.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/ipc.c 7 Dec 2000 13:58:11 -0000 1.3.6.1 +++ squid/src/ipc.c 27 Feb 2001 14:18:52 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: ipc.c,v 1.3.6.1 2000/12/07 13:58:11 rvenning Exp $ + * $Id: ipc.c,v 1.3.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 54 Interprocess Communication * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/ipcache.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/ipcache.c,v retrieving revision 1.4.6.2 retrieving revision 1.4.6.3 diff -u -r1.4.6.2 -r1.4.6.3 --- squid/src/ipcache.c 24 Feb 2001 12:20:40 -0000 1.4.6.2 +++ squid/src/ipcache.c 27 Feb 2001 14:18:52 -0000 1.4.6.3 @@ -1,21 +1,21 @@ /* - * $Id: ipcache.c,v 1.4.6.2 2001/02/24 12:20:40 rvenning Exp $ + * $Id: ipcache.c,v 1.4.6.3 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 14 IP Cache * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -50,6 +50,7 @@ unsigned short locks; struct { unsigned int negcached:1; + unsigned int fromhosts:1; } flags; }; @@ -132,6 +133,7 @@ static int ipcacheExpiredEntry(ipcache_entry * i) { + /* all static entries are locked, so this takes care of them too */ if (i->locks != 0) return 0; if (i->addrs.count == 0) @@ -163,6 +165,26 @@ debug(14, 9) ("ipcache_purgelru: removed %d entries\n", removed); } +/* purges entries added from /etc/hosts (or whatever). */ +static void +purge_entries_fromhosts(void) +{ + dlink_node *m = lru_list.head; + ipcache_entry *i = NULL, *t; + while (m) { + if (i != NULL) { /* need to delay deletion */ + ipcacheRelease(i); /* we just override locks */ + i = NULL; + } + t = m->data; + if (t->flags.fromhosts) + i = t; + m = m->next; + } + if (i != NULL) + ipcacheRelease(i); +} + /* create blank ipcache_entry */ static ipcache_entry * ipcacheCreateEntry(const char *name) @@ -342,13 +364,12 @@ ipcacheHandleReply(void *data, rfc1035_rr * answers, int na) #endif { - int n; generic_cbdata *c = data; ipcache_entry *i = c->data; ipcache_entry *x = NULL; cbdataFree(c); c = NULL; - n = ++IpcacheStats.replies; + IpcacheStats.replies++; statHistCount(&statCounter.dns.svc_time, tvSubMsec(i->request_time, current_time)); #if USE_DNSSERVERS @@ -411,9 +432,8 @@ i->handlerData = handlerData; cbdataLock(handlerData); i->request_time = current_time; - c = memAllocate(MEM_GEN_CBDATA); + c = CBDATA_ALLOC(generic_cbdata, NULL); c->data = i; - cbdataAdd(c, memFree, MEM_GEN_CBDATA); #if USE_DNSSERVERS dnsSubmit(hashKeyStr(&i->hash), ipcacheHandleReply, c); #else @@ -487,11 +507,12 @@ ipcacheStatPrint(ipcache_entry * i, StoreEntry * sentry) { int k; - storeAppendPrintf(sentry, " %-32.32s %c %6d %6d %2d(%2d)", + storeAppendPrintf(sentry, " %-32.32s %c%c %6d %6d %2d(%2d)", hashKeyStr(&i->hash), + i->flags.fromhosts ? 'H' : ' ', i->flags.negcached ? 'N' : ' ', (int) (squid_curtime - i->lastref), - (int) (i->expires - squid_curtime), + (int) ((i->flags.fromhosts ? -1 : i->expires - squid_curtime)), (int) i->addrs.count, (int) i->addrs.badcount); for (k = 0; k < (int) i->addrs.count; k++) { @@ -694,6 +715,46 @@ (float) Config.ipcache.high) / (float) 100); ipcache_low = (long) (((float) Config.ipcache.size * (float) Config.ipcache.low) / (float) 100); + purge_entries_fromhosts(); +} + +/* + * adds a "static" entry from /etc/hosts. + * returns 0 upon success, 1 if the ip address is invalid + */ +int +ipcacheAddEntryFromHosts(const char *name, const char *ipaddr) +{ + ipcache_entry *i; + struct in_addr ip; + if (!safe_inet_addr(ipaddr, &ip)) { + debug(14, 1) ("ipcacheAddEntryFromHosts: bad IP address '%s'\n", + ipaddr); + return 1; + } + if ((i = ipcache_get(name))) { + if (1 == i->flags.fromhosts) { + ipcacheUnlockEntry(i); + } else if (i->locks > 0) { + debug(14, 1) ("ipcacheAddEntryFromHosts: can't add static entry" + " for locked name '%s'\n", name); + return 1; + } else { + ipcacheRelease(i); + } + } + i = ipcacheCreateEntry(name); + i->addrs.count = 1; + i->addrs.cur = 0; + i->addrs.badcount = 0; + i->addrs.in_addrs = xcalloc(1, sizeof(struct in_addr)); + i->addrs.bad_mask = xcalloc(1, sizeof(unsigned char)); + i->addrs.in_addrs[0].s_addr = ip.s_addr; + i->addrs.bad_mask[0] = FALSE; + i->flags.fromhosts = 1; + ipcacheAddEntry(i); + ipcacheLockEntry(i); + return 0; } #ifdef SQUID_SNMP Index: squid/src/leakfinder.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/leakfinder.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/leakfinder.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/leakfinder.c 27 Feb 2001 14:18:52 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: leakfinder.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: leakfinder.c,v 1.4.6.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 45 Callback Data Registry * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/logfile.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/logfile.c,v retrieving revision 1.2 retrieving revision 1.2.8.1 diff -u -r1.2 -r1.2.8.1 --- squid/src/logfile.c 21 Oct 2000 15:16:12 -0000 1.2 +++ squid/src/logfile.c 27 Feb 2001 14:18:52 -0000 1.2.8.1 @@ -4,17 +4,17 @@ * DEBUG: section 50 Log file handling * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -41,7 +41,7 @@ { int fd; Logfile *lf; - fd = file_open(path, O_WRONLY | O_CREAT); + fd = file_open(path, O_WRONLY | O_CREAT | O_TEXT); if (DISK_ERROR == fd) { if (ENOENT == errno && fatal_flag) { fatalf("Cannot open '%s' because\n" @@ -108,7 +108,7 @@ xrename(lf->path, to); } /* Reopen the log. It may have been renamed "manually" */ - lf->fd = file_open(lf->path, O_WRONLY | O_CREAT); + lf->fd = file_open(lf->path, O_WRONLY | O_CREAT | O_TEXT); if (DISK_ERROR == lf->fd && lf->flags.fatal) { debug(50, 1) ("logfileRotate: %s: %s\n", lf->path, xstrerror()); fatalf("Cannot open %s: %s", lf->path, xstrerror()); Index: squid/src/main.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/main.c,v retrieving revision 1.5.4.2 retrieving revision 1.5.4.3 diff -u -r1.5.4.2 -r1.5.4.3 --- squid/src/main.c 24 Feb 2001 12:20:40 -0000 1.5.4.2 +++ squid/src/main.c 27 Feb 2001 14:18:52 -0000 1.5.4.3 @@ -1,21 +1,21 @@ /* - * $Id: main.c,v 1.5.4.2 2001/02/24 12:20:40 rvenning Exp $ + * $Id: main.c,v 1.5.4.3 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 1 Startup and Main Loop * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -101,8 +101,7 @@ " -F Don't serve any requests until store is rebuilt.\n" " -N No daemon mode.\n" " -R Do not set REUSEADDR on port.\n" - " -S force Force double-check swap during rebuild.\n" - " -S reportonly Force double-check but do not attempt repair.\n" + " -S Double-check swap during rebuild.\n" " -V Virtual host httpd-accelerator.\n" " -X Force full debugging.\n" " -Y Only return UDP_HIT or UDP_MISS_NOFETCH during fast reload.\n", @@ -116,7 +115,7 @@ extern char *optarg; int c; - while ((c = getopt(argc, argv, "CDFNRS:VYXa:d:f:hk:m::su:vz?")) != -1) { + while ((c = getopt(argc, argv, "CDFNRSVYXa:d:f:hk:m::su:vz?")) != -1) { switch (c) { case 'C': opt_catch_signals = 0; @@ -134,14 +133,7 @@ opt_reuseaddr = 0; break; case 'S': - if ((int) strlen(optarg) < 1) - usage(); - else if (!strncmp(optarg, "force", strlen(optarg))) - opt_store_doublecheck = DBLCHECK_FORCE; /* trigger a doublecheck on startup */ - else if (!strncmp(optarg, "reportonly", strlen(optarg))) - opt_store_doublecheck = DBLCHECK_REPORTONLY; /* trigger a doublecheck that doesn't repair */ - else - usage(); + opt_store_doublecheck = 1; break; case 'V': vhost_mode = 1; @@ -354,11 +346,12 @@ authenticateShutdown(); storeDirCloseSwapLogs(); errorClean(); - mimeFreeMemory(); parseConfigFile(ConfigFile); _db_init(Config.Log.log, Config.debugOptions); ipcache_restart(); /* clear stuck entries */ + authenticateUserCacheRestart(); /* clear stuck ACL entries */ fqdncache_restart(); /* sigh, fqdncache too */ + parseEtcHosts(); errorInitialize(); /* reload error pages */ #if USE_DNSSERVERS dnsInit(); @@ -366,7 +359,7 @@ idnsInit(); #endif redirectInit(); - authenticateInit(); + authenticateInit(&Config.authConfig); #if USE_WCCP wccpInit(); #endif @@ -407,7 +400,7 @@ dnsInit(); #endif redirectInit(); - authenticateInit(); + authenticateInit(&Config.authConfig); } static void @@ -429,29 +422,19 @@ static void mainSetCwd(void) { + char *p; if (Config.coredump_dir) { - if (!chdir(Config.coredump_dir)) { + if (chdir(Config.coredump_dir) == 0) { debug(0, 1) ("Set Current Directory to %s\n", Config.coredump_dir); return; } else { debug(50, 0) ("chdir: %s: %s\n", Config.coredump_dir, xstrerror()); } } - if (!Config.effectiveUser) { - char *p = getcwd(NULL, 0); - debug(0, 1) ("Current Directory is %s\n", p); - xfree(p); - return; - } - /* we were probably started as root, so cd to a swap - * directory in case we dump core */ - if (!chdir(storeSwapDir(0))) { - debug(0, 1) ("Set Current Directory to %s\n", storeSwapDir(0)); - return; - } else { - debug(50, 0) ("%s: %s\n", storeSwapDir(0), xstrerror()); - fatal_dump("Cannot cd to swap directory?"); - } + /* If we don't have coredump_dir or couldn't cd there, report current dir */ + p = getcwd(NULL, 0); + debug(0, 1) ("Current Directory is %s\n", p); + xfree(p); } static void @@ -490,13 +473,14 @@ disk_init(); /* disk_init must go before ipcache_init() */ ipcache_init(); fqdncache_init(); + parseEtcHosts(); #if USE_DNSSERVERS dnsInit(); #else idnsInit(); #endif redirectInit(); - authenticateInit(); + authenticateInit(&Config.authConfig); useragentOpenLog(); refererOpenLog(); httpHeaderInitModule(); /* must go before any header processing (e.g. the one in errorInitialize) */ @@ -631,13 +615,14 @@ if (!ConfigFile) ConfigFile = xstrdup(DefaultConfigFile); assert(!configured_once); - memInit(); /* memInit is required for config parsing */ - cbdataInit(); #if USE_LEAKFINDER leakInit(); #endif + memInit(); + cbdataInit(); eventInit(); /* eventInit() is required for config parsing */ storeFsInit(); /* required for config parsing */ + authenticateSchemeInit(); /* required for config parsign */ parse_err = parseConfigFile(ConfigFile); if (opt_parse_cfg_only) @@ -717,7 +702,6 @@ idnsShutdown(); #endif redirectShutdown(); - authenticateShutdown(); eventAdd("SquidShutdown", SquidShutdown, NULL, (double) (wait + 1), 1); } eventRun(); @@ -851,7 +835,7 @@ syslog(LOG_ALERT, "setsid failed: %s", xstrerror()); closelog(); #ifdef TIOCNOTTY - if ((i = open("/dev/tty", O_RDWR)) >= 0) { + if ((i = open("/dev/tty", O_RDWR | O_TEXT)) >= 0) { ioctl(i, TIOCNOTTY, NULL); close(i); } @@ -864,7 +848,7 @@ * 1.1.3. execvp had a bit overflow error in a loop.. */ /* Connect stdio to /dev/null in daemon mode */ - nullfd = open("/dev/null", O_RDWR); + nullfd = open("/dev/null", O_RDWR | O_TEXT); dup2(nullfd, 0); if (opt_debug_stderr < 0) { dup2(nullfd, 1); @@ -943,6 +927,7 @@ #endif releaseServerSockets(); commCloseAllSockets(); + authenticateShutdown(); #if USE_UNLINKD unlinkdClose(); #endif Index: squid/src/mem.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/mem.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/mem.c 23 Oct 2000 15:04:21 -0000 1.3 +++ squid/src/mem.c 27 Feb 2001 14:18:52 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: mem.c,v 1.3 2000/10/23 15:04:21 hno Exp $ + * $Id: mem.c,v 1.3.6.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 13 High Level Memory Pool Management * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -204,8 +204,14 @@ memDataInit(MEM_ACL_LIST, "acl_list", sizeof(acl_list), 0); memDataInit(MEM_ACL_NAME_LIST, "acl_name_list", sizeof(acl_name_list), 0); memDataInit(MEM_ACL_TIME_DATA, "acl_time_data", sizeof(acl_time_data), 0); - memDataInit(MEM_ACL_PROXY_AUTH_USER, "acl_proxy_auth_user", - sizeof(acl_proxy_auth_user), 0); + memDataInit(MEM_AUTH_USER_T, "auth_user_t", + sizeof(auth_user_t), 0); + memDataInit(MEM_AUTH_USER_HASH, "auth_user_hash_pointer", + sizeof(auth_user_hash_pointer), 0); + memDataInit(MEM_ACL_PROXY_AUTH_MATCH, "acl_proxy_auth_match_cache", + sizeof(acl_proxy_auth_match_cache), 0); + memDataInit(MEM_ACL_USER_DATA, "acl_user_data", + sizeof(acl_user_data), 0); memDataInit(MEM_CACHEMGR_PASSWD, "cachemgr_passwd", sizeof(cachemgr_passwd), 0); #if USE_CACHE_DIGESTS @@ -284,14 +290,18 @@ memDataInit(MEM_CLIENT_INFO, "ClientInfo", sizeof(ClientInfo), 0); memDataInit(MEM_MD5_DIGEST, "MD5 digest", MD5_DIGEST_CHARS, 0); memDataInit(MEM_HELPER, "helper", sizeof(helper), 0); + memDataInit(MEM_HELPER_STATEFUL, "stateful_helper", sizeof(statefulhelper), 0); memDataInit(MEM_HELPER_REQUEST, "helper_request", sizeof(helper_request), 0); + memDataInit(MEM_HELPER_STATEFUL_REQUEST, "helper_stateful_request", + sizeof(helper_stateful_request), 0); memDataInit(MEM_HELPER_SERVER, "helper_server", sizeof(helper_server), 0); + memDataInit(MEM_HELPER_STATEFUL_SERVER, "helper_stateful_server", + sizeof(helper_stateful_server), 0); memDataInit(MEM_STORE_IO, "storeIOState", sizeof(storeIOState), 0); memDataInit(MEM_TLV, "storeSwapTLV", sizeof(tlv), 0); memDataInit(MEM_GEN_CBDATA, "generic_cbdata", sizeof(generic_cbdata), 0); - memDataInit(MEM_PUMP_STATE_DATA, "PumpStateData", sizeof(PumpStateData), 0); memDataInit(MEM_CLIENT_REQ_BUF, "clientRequestBuffer", CLIENT_REQ_BUF_SZ, 0); memDataInit(MEM_SWAP_LOG_DATA, "storeSwapLogData", sizeof(storeSwapLogData), 0); Index: squid/src/mime.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/mime.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- squid/src/mime.c 14 Nov 2000 13:03:47 -0000 1.4 +++ squid/src/mime.c 27 Feb 2001 14:18:52 -0000 1.4.2.1 @@ -1,21 +1,21 @@ /* - * $Id: mime.c,v 1.4 2000/11/14 13:03:47 adri Exp $ + * $Id: mime.c,v 1.4.2.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 25 MIME Parsing * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -49,7 +49,7 @@ } mimeEntry; static mimeEntry *MimeTable = NULL; -static mimeEntry **MimeTableTail = NULL; +static mimeEntry **MimeTableTail = &MimeTable; static void mimeLoadIconFile(const char *icon); @@ -268,6 +268,11 @@ return m ? m->view_option : 0; } +/* Initializes/reloads the mime table + * Note: Due to Solaris STDIO problems the caller should NOT + * call mimeFreeMemory on reconfigure. This way, if STDIO + * fails we at least have the old copy loaded. + */ void mimeInit(char *filename) { @@ -292,8 +297,10 @@ debug(50, 1) ("mimeInit: %s: %s\n", filename, xstrerror()); return; } - if (MimeTableTail == NULL) - MimeTableTail = &MimeTable; +#if defined (_SQUID_CYGWIN_) + setmode(fileno(fp), O_TEXT); +#endif + mimeFreeMemory(); while (fgets(buf, BUFSIZ, fp)) { if ((t = strchr(buf, '#'))) *t = '\0'; @@ -402,7 +409,7 @@ if (storeGetPublic(url, METHOD_GET)) return; snprintf(path, MAXPATHLEN, "%s/%s", Config.icons.directory, icon); - fd = file_open(path, O_RDONLY); + fd = file_open(path, O_RDONLY | O_BINARY); if (fd < 0) { debug(25, 0) ("mimeLoadIconFile: %s: %s\n", path, xstrerror()); return; @@ -422,7 +429,7 @@ storeBuffer(e); e->mem_obj->request = requestLink(urlParse(METHOD_GET, url)); httpReplyReset(reply = e->mem_obj->reply); - httpBuildVersion(&version,1,0); + httpBuildVersion(&version, 1, 0); httpReplySetHeaders(reply, version, HTTP_OK, NULL, type, (int) sb.st_size, sb.st_mtime, -1); reply->cache_control = httpHdrCcCreate(); Index: squid/src/multicast.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/multicast.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/multicast.c 7 Dec 2000 13:58:12 -0000 1.3.6.1 +++ squid/src/multicast.c 27 Feb 2001 14:18:52 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: multicast.c,v 1.3.6.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: multicast.c,v 1.3.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 7 Multicast * AUTHOR: Martin Hamilton * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/neighbors.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/neighbors.c,v retrieving revision 1.5.4.1 retrieving revision 1.5.4.2 diff -u -r1.5.4.1 -r1.5.4.2 --- squid/src/neighbors.c 7 Dec 2000 13:58:12 -0000 1.5.4.1 +++ squid/src/neighbors.c 27 Feb 2001 14:18:52 -0000 1.5.4.2 @@ -1,21 +1,21 @@ /* - * $Id: neighbors.c,v 1.5.4.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: neighbors.c,v 1.5.4.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 15 Neighbor Routines * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -189,6 +189,9 @@ return 0; if (!neighborUp(p)) return 0; + if (p->max_conn) + if (p->stats.conn_open >= p->max_conn) + return 0; return 1; } @@ -348,9 +351,32 @@ struct SOCKADDR_IN name; socklen_t len = sizeof(struct SOCKADDR_IN); struct servent *sep = NULL; +<<<<<<< neighbors.c memset(&name, '\0', sizeof(struct SOCKADDR_IN)); +======= + const char *me = getMyHostname(); + peer *this; + peer *next; + memset(&name, '\0', sizeof(struct sockaddr_in)); +>>>>>>> 1.8 if (getsockname(fd, (struct sockaddr *) &name, &len) < 0) debug(15, 1) ("getsockname(%d,%p,%p) failed.\n", fd, &name, &len); + for (this = Config.peers; this; this = next) { + sockaddr_in_list *s; + next = this->next; + if (0 != strcmp(this->host, me)) + continue; + for (s = Config.Sockaddr.http; s; s = s->next) { + if (this->http_port != ntohs(s->s.sin_port)) + continue; + debug(15, 1) ("WARNING: Peer looks like this host\n"); + debug(15, 1) (" Ignoring %s %s/%d/%d\n", + neighborTypeStr(this), this->host, this->http_port, + this->icp.port); + neighborRemove(this); + } + } + peerRefreshDNS((void *) 1); if (0 == echo_hdr.opcode) { echo_hdr.opcode = ICP_SECHO; @@ -908,7 +934,7 @@ } void -peerDestroy(void *data, int unused) +peerDestroy(void *data) { peer *p = data; struct _domain_ping *l = NULL; @@ -928,7 +954,6 @@ cbdataUnlock(pd); } #endif - xfree(p); } void @@ -1087,7 +1112,7 @@ peerCountMcastPeersStart(void *data) { peer *p = data; - ps_state *psstate = xcalloc(1, sizeof(ps_state)); + ps_state *psstate; StoreEntry *fake; MemObject *mem; icp_common_t *query; @@ -1097,12 +1122,12 @@ p->mcast.flags.count_event_pending = 0; snprintf(url, MAX_URL, "http://%s/", SA_NTOA(p->in_addr)); fake = storeCreateEntry(url, url, null_request_flags, METHOD_GET); + psstate = CBDATA_ALLOC(ps_state, NULL); psstate->request = requestLink(urlParse(METHOD_GET, url)); psstate->entry = fake; psstate->callback = NULL; psstate->callback_data = p; psstate->ping.start = current_time; - cbdataAdd(psstate, cbdataXfree, 0); mem = fake->mem_obj; mem->request = requestLink(psstate->request); mem->start_ping = current_time; @@ -1237,6 +1262,7 @@ storeAppendPrintf(sentry, "Status : %s\n", neighborUp(e) ? "Up" : "Down"); storeAppendPrintf(sentry, "AVG RTT : %d msec\n", e->stats.rtt); + storeAppendPrintf(sentry, "OPEN CONNS : %d\n", e->stats.conn_open); storeAppendPrintf(sentry, "LAST QUERY : %8d seconds ago\n", (int) (squid_curtime - e->stats.last_query)); storeAppendPrintf(sentry, "LAST REPLY : %8d seconds ago\n", Index: squid/src/net_db.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/net_db.c,v retrieving revision 1.6.2.1 retrieving revision 1.6.2.2 diff -u -r1.6.2.1 -r1.6.2.2 --- squid/src/net_db.c 7 Dec 2000 13:58:12 -0000 1.6.2.1 +++ squid/src/net_db.c 27 Feb 2001 14:18:52 -0000 1.6.2.2 @@ -1,21 +1,21 @@ /* - * $Id: net_db.c,v 1.6.2.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: net_db.c,v 1.6.2.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 38 Network Measurement Database * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -222,15 +222,20 @@ static void netdbSendPing(const ipcache_addrs * ia, void *data) { +<<<<<<< net_db.c struct IN_ADDR addr; char *hostname = data; +======= + struct in_addr addr; + char *hostname = ((generic_cbdata *) data)->data; +>>>>>>> 1.9 netdbEntry *n; netdbEntry *na; net_db_name *x; net_db_name **X; - cbdataUnlock(hostname); + cbdataFree(data); if (ia == NULL) { - cbdataFree(hostname); + xfree(hostname); return; } addr = ia->in_addrs[ia->cur]; @@ -248,7 +253,7 @@ x = (net_db_name *) hash_lookup(host_table, hostname); if (x == NULL) { debug(38, 1) ("netdbSendPing: net_db_name list bug: %s not found", hostname); - cbdataFree(hostname); + xfree(hostname); return; } /* remove net_db_name from 'network n' linked list */ @@ -274,7 +279,7 @@ n->next_ping_time = squid_curtime + Config.Netdb.period; n->last_use_time = squid_curtime; } - cbdataFree(hostname); + xfree(hostname); } static struct IN_ADDR @@ -448,7 +453,7 @@ * Solaris bugs, its a bad idea. fopen can fail if more than * 256 FDs are open. */ - fd = file_open(path, O_RDONLY); + fd = file_open(path, O_RDONLY | O_TEXT); if (fd < 0) return; if (fstat(fd, &sb) < 0) @@ -691,13 +696,12 @@ { #if USE_ICMP netdbEntry *n; - char *h; + generic_cbdata *h; if ((n = netdbLookupHost(hostname)) != NULL) if (n->next_ping_time > squid_curtime) return; - h = xstrdup(hostname); - cbdataAdd(h, cbdataXfree, 0); - cbdataLock(h); + h = CBDATA_ALLOC(generic_cbdata, NULL); + h->data = xstrdup(hostname); ipcache_nbgethostbyname(hostname, netdbSendPing, h); #endif } @@ -993,14 +997,19 @@ storeComplete(s); } +#if USE_ICMP +CBDATA_TYPE(netdbExchangeState); +#endif + void netdbExchangeStart(void *data) { #if USE_ICMP peer *p = data; char *uri; - netdbExchangeState *ex = xcalloc(1, sizeof(*ex)); - cbdataAdd(ex, cbdataXfree, 0); + netdbExchangeState *ex; + CBDATA_INIT_TYPE(netdbExchangeState); + ex = CBDATA_ALLOC(netdbExchangeState, NULL); cbdataLock(p); ex->p = p; uri = internalRemoteUri(p->host, p->http_port, "/squid-internal-dynamic/", "netdb"); Index: squid/src/pconn.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/pconn.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/pconn.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/pconn.c 27 Feb 2001 14:18:52 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: pconn.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: pconn.c,v 1.4.6.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 48 Persistent Connections * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/peer_digest.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/peer_digest.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/peer_digest.c 23 Oct 2000 15:04:21 -0000 1.3 +++ squid/src/peer_digest.c 27 Feb 2001 14:18:52 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: peer_digest.c,v 1.3 2000/10/23 15:04:21 hno Exp $ + * $Id: peer_digest.c,v 1.3.6.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 72 Peer Digest Routines * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -97,6 +97,8 @@ stringClean(&pd->host); } +CBDATA_TYPE(PeerDigest); + /* allocate new peer digest, call Init, and lock everything */ PeerDigest * peerDigestCreate(peer * p) @@ -104,8 +106,8 @@ PeerDigest *pd; assert(p); - pd = memAllocate(MEM_PEER_DIGEST); - cbdataAdd(pd, memFree, MEM_PEER_DIGEST); + CBDATA_INIT_TYPE(PeerDigest); + pd = CBDATA_ALLOC(PeerDigest, NULL); peerDigestInit(pd, p); cbdataLock(pd->peer); /* we will use the peer */ @@ -113,7 +115,7 @@ } /* call Clean and free/unlock everything */ -void +static void peerDigestDestroy(PeerDigest * pd) { peer *p; @@ -293,8 +295,7 @@ if (p->login) xstrncpy(req->login, p->login, MAX_LOGIN_SZ); /* create fetch state structure */ - fetch = memAllocate(MEM_DIGEST_FETCH_STATE); - cbdataAdd(fetch, memFree, MEM_DIGEST_FETCH_STATE); + fetch = CBDATA_ALLOC(DigestFetchState, NULL); fetch->request = requestLink(req); fetch->pd = pd; fetch->offset = 0; Index: squid/src/peer_select.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/peer_select.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/peer_select.c 7 Dec 2000 13:58:12 -0000 1.3.6.1 +++ squid/src/peer_select.c 27 Feb 2001 14:18:52 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: peer_select.c,v 1.3.6.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: peer_select.c,v 1.3.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 44 Peer Selection Algorithm * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -109,7 +109,7 @@ cbdataFree(psstate); } -int +static int peerSelectIcpPing(request_t * request, int direct, StoreEntry * entry) { int n; @@ -134,12 +134,12 @@ PSC * callback, void *callback_data) { - ps_state *psstate = memAllocate(MEM_PS_STATE); + ps_state *psstate; if (entry) debug(44, 3) ("peerSelect: %s\n", storeUrl(entry)); else debug(44, 3) ("peerSelect: %s\n", RequestMethodStr[request->method]); - cbdataAdd(psstate, memFree, MEM_PS_STATE); + psstate = CBDATA_ALLOC(ps_state, NULL); psstate->request = requestLink(request); psstate->entry = entry; psstate->callback = callback; @@ -205,18 +205,16 @@ static int peerCheckNetdbDirect(ps_state * psstate) { - peer *p = whichPeer(&psstate->closest_parent_miss); + peer *p; int myrtt; int myhops; - if (p == NULL) - return 0; if (psstate->direct == DIRECT_NO) return 0; myrtt = netdbHostRtt(psstate->request->host); debug(44, 3) ("peerCheckNetdbDirect: MY RTT = %d msec\n", myrtt); - debug(44, 3) ("peerCheckNetdbDirect: closest_parent_miss RTT = %d msec\n", - psstate->ping.p_rtt); - if (myrtt && myrtt < psstate->ping.p_rtt) + debug(44, 3) ("peerCheckNetdbDirect: minimum_direct_rtt = %d msec\n", + Config.minDirectRtt); + if (myrtt && myrtt <= Config.minDirectRtt) return 1; myhops = netdbHostHops(psstate->request->host); debug(44, 3) ("peerCheckNetdbDirect: MY hops = %d\n", myhops); @@ -224,6 +222,13 @@ Config.minDirectHops); if (myhops && myhops <= Config.minDirectHops) return 1; + p = whichPeer(&psstate->closest_parent_miss); + if (p == NULL) + return 0; + debug(44, 3) ("peerCheckNetdbDirect: closest_parent_miss RTT = %d msec\n", + psstate->ping.p_rtt); + if (myrtt && myrtt <= psstate->ping.p_rtt) + return 1; return 0; } @@ -260,6 +265,8 @@ ps->direct = DIRECT_NO; } else if (request->flags.loopdetect) { ps->direct = DIRECT_YES; + } else if (peerCheckNetdbDirect(ps)) { + ps->direct = DIRECT_YES; } else { ps->direct = DIRECT_MAYBE; } Index: squid/src/pinger.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/pinger.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/pinger.c 7 Dec 2000 13:58:12 -0000 1.3.6.1 +++ squid/src/pinger.c 27 Feb 2001 14:18:52 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: pinger.c,v 1.3.6.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: pinger.c,v 1.3.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 42 ICMP Pinger program * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/protos.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/protos.h,v retrieving revision 1.5.2.1 retrieving revision 1.5.2.2 diff -u -r1.5.2.1 -r1.5.2.2 --- squid/src/protos.h 7 Dec 2000 13:58:12 -0000 1.5.2.1 +++ squid/src/protos.h 27 Feb 2001 14:18:52 -0000 1.5.2.2 @@ -1,19 +1,19 @@ /* - * $Id: protos.h,v 1.5.2.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: protos.h,v 1.5.2.2 2001/02/27 14:18:52 rvenning Exp $ * * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -46,6 +46,7 @@ #endif char *log_quote(const char *header); +/* acl.c */ extern aclCheck_t *aclChecklistCreate(const struct _acl_access *, request_t *, const char *ident); @@ -58,7 +59,7 @@ extern void aclParseAccessLine(struct _acl_access **); extern void aclParseAclLine(acl **); extern int aclIsProxyAuth(const char *name); -extern int aclGetDenyInfoPage(acl_deny_info_list ** head, const char *name); +extern err_type aclGetDenyInfoPage(acl_deny_info_list ** head, const char *name); extern void aclParseDenyInfoLine(struct _acl_deny_info_list **); extern void aclDestroyDenyInfoList(struct _acl_deny_info_list **); extern void aclDestroyRegexList(struct _relist *data); @@ -67,6 +68,7 @@ extern const char *aclTypeToStr(squid_acl); extern wordlist *aclDumpGeneric(const acl *); extern int aclPurgeMethodInUse(acl_access *); +extern void aclCacheMatchFlush(dlink_list * cache); /* * cache_cf.c @@ -85,20 +87,34 @@ extern void self_destruct(void); extern int GetInteger(void); +/* extra functions from cache_cf.c useful for lib modules */ +extern void parse_int(int *var); +extern void parse_eol(char *volatile *var); +extern void parse_wordlist(wordlist ** list); +extern void requirePathnameExists(const char *name, const char *path); +extern void parse_time_t(time_t * var); +extern void parse_cachedir_options(SwapDir * sd, struct cache_dir_option *options, int reconfiguring); + +/* + * cbdata.c + */ extern void cbdataInit(void); #if CBDATA_DEBUG -extern void cbdataAddDbg(const void *p, CBDUNL *, int, const char *, int); +extern void *cbdataInternalAllocDbg(cbdata_type type, CBDUNL *, int, const char *); extern void cbdataLockDbg(const void *p, const char *, int); extern void cbdataUnlockDbg(const void *p, const char *, int); #else -extern void cbdataAdd(const void *p, CBDUNL *, int); +extern void *cbdataInternalAlloc(cbdata_type type, CBDUNL *); extern void cbdataLock(const void *p); extern void cbdataUnlock(const void *p); #endif +/* Note: Allocations is done using the CBDATA_ALLOC macro */ + extern void cbdataFree(void *p); extern int cbdataValid(const void *p); -extern CBDUNL cbdataXfree; +extern void cbdataInitType(cbdata_type type, char *label, int size); +extern cbdata_type cbdataAddType(cbdata_type type, char *label, int size); extern void clientdbInit(void); extern void clientdbUpdate(struct IN_ADDR, log_type, protocol_t, size_t); @@ -117,6 +133,8 @@ extern void clientHttpConnectionsClose(void); extern StoreEntry *clientCreateStoreEntry(clientHttpRequest *, method_t, request_flags); extern int isTcpHit(log_type); +extern void clientReadBody(request_t * req, char *buf, size_t size, CBCB * callback, void *data); +extern int clientAbortBody(request_t * req); extern int commSetNonBlocking(int fd); extern int commUnsetNonBlocking(int fd); @@ -162,7 +180,7 @@ #endif extern void commUpdateReadBits(int, PF *); extern void commUpdateWriteBits(int, PF *); -extern void comm_quick_poll_required(); +extern void comm_quick_poll_required(void); extern void packerToStoreInit(Packer * p, StoreEntry * e); extern void packerToMemInit(Packer * p, MemBuf * mb); @@ -259,6 +277,7 @@ extern void fqdncacheFreeMemory(void); extern void fqdncache_restart(void); extern EVH fqdncache_purgelru; +extern void fqdncacheAddEntryFromHosts(char *addr, wordlist * hostnames); extern void ftpStart(FwdState *); extern char *ftpUrlWith2f(const request_t *); @@ -284,7 +303,7 @@ extern int httpAnonHdrAllowed(http_hdr_type hdr_id); extern int httpAnonHdrDenied(http_hdr_type hdr_id); extern void httpBuildRequestHeader(request_t *, request_t *, StoreEntry *, HttpHeader *, int, http_state_flags); -extern void httpBuildVersion(http_version_t *version,unsigned int major,unsigned int minor); +extern void httpBuildVersion(http_version_t * version, unsigned int major, unsigned int minor); /* ETag */ extern int etagParseInit(ETag * etag, const char *str); @@ -432,6 +451,7 @@ extern void httpHeaderEntryPackInto(const HttpHeaderEntry * e, Packer * p); /* store report about current header usage and other stats */ extern void httpHeaderStoreReport(StoreEntry * e); +extern void httpHdrMangleList(HttpHeader *, request_t *); /* Http Msg (currently in HttpReply.c @?@ ) */ extern int httpMsgIsPersistent(http_version_t http_ver, const HttpHeader * hdr); @@ -558,6 +578,7 @@ extern void ipcacheFreeMemory(void); extern ipcache_addrs *ipcacheCheckNumeric(const char *name); extern void ipcache_restart(void); +extern int ipcacheAddEntryFromHosts(const char *name, const char *ipaddr); /* MemBuf */ /* init with specific sizes */ @@ -698,9 +719,44 @@ extern void redirectInit(void); extern void redirectShutdown(void); -extern void authenticateStart(acl_proxy_auth_user *, RH *, void *); -extern void authenticateInit(void); +/* auth_modules.c */ +extern void authSchemeSetup(void); + +/* authenticate.c */ +extern void authenticateAuthUserMerge(auth_user_t *, auth_user_t *); +extern auth_user_t *authenticateAuthUserNew(const char *); +extern int authenticateAuthSchemeId(const char *typestr); +extern void authenticateStart(auth_user_request_t *, RH *, void *); +extern void authenticateSchemeInit(void); +extern void authenticateInit(authConfig *); extern void authenticateShutdown(void); +extern void authenticateFixHeader(HttpReply *, auth_user_request_t *, request_t *, int); +extern void authenticateAddTrailer(HttpReply *, auth_user_request_t *, request_t *, int); +extern auth_user_request_t *authenticateGetAuthUser(const char *proxy_auth); +extern void authenticateAuthenticateUser(auth_user_request_t *, request_t *, ConnStateData *, http_hdr_type); +extern void authenticateAuthUserUnlock(auth_user_t * auth_user); +extern void authenticateAuthUserLock(auth_user_t * auth_user); +extern void authenticateAuthUserRequestUnlock(auth_user_request_t *); +extern void authenticateAuthUserRequestLock(auth_user_request_t *); +extern char *authenticateAuthUserRequestMessage(auth_user_request_t *); +extern int authenticateAuthUserInuse(auth_user_t * auth_user); +extern void authenticateAuthUserRequestSetIp(auth_user_request_t *, struct in_addr); +extern int authenticateDirection(auth_user_request_t *); +extern FREE authenticateFreeProxyAuthUser; +extern void authenticateFreeProxyAuthUserACLResults(void *data); +extern void authenticateProxyUserCacheCleanup(void *); +extern void authenticateInitUserCache(void); +extern int authenticateActiveSchemeCount(void); +extern int authenticateSchemeCount(void); +extern void authenticateUserNameCacheAdd(auth_user_t * auth_user); +extern int authenticateCheckAuthUserIP(struct in_addr request_src_addr, auth_user_request_t * auth_user); +extern int authenticateUserAuthenticated(auth_user_request_t *); +extern void authenticateUserCacheRestart(void); +extern char *authenticateUserUsername(auth_user_t *); +extern char *authenticateUserRequestUsername(auth_user_request_t *); +extern int authenticateValidateUser(auth_user_request_t *); +extern void authenticateOnCloseConnection(ConnStateData * conn); +extern void authSchemeAdd(char *type, AUTHSSETUP * setup); extern void refreshAddToList(const char *, int, time_t, int, time_t); extern int refreshIsCachable(const StoreEntry *); @@ -769,7 +825,7 @@ extern void memConfigure(void); extern void *memAllocate(mem_type); extern void *memAllocBuf(size_t net_size, size_t * gross_size); -extern CBDUNL memFree; +extern void memFree(void *, int type); extern void memFreeBuf(size_t size, void *); extern void memFree2K(void *); extern void memFree4K(void *); @@ -937,6 +993,8 @@ extern void storeDirCallback(void); extern void storeDirLRUDelete(StoreEntry *); extern void storeDirLRUAdd(StoreEntry *); +extern int storeDirGetBlkSize(const char *path, int *blksize); +extern int storeDirGetUFSStats(const char *, int *, int *, int *, int *); /* * store_swapmeta.c @@ -1018,11 +1076,6 @@ extern void PrintRusage(void); extern void dumpMallocStats(void); -extern void pumpInit(int fd, request_t * r, char *uri); -extern void pumpStart(int, FwdState *, CWCB * callback, void *); -extern int pumpMethod(method_t method); -extern int pumpRestart(request_t *); - #if USE_UNLINKD extern void unlinkdInit(void); extern void unlinkdClose(void); @@ -1043,7 +1096,7 @@ extern int urlDefaultPort(protocol_t p); extern char *urlCanonicalClean(const request_t *); extern char *urlHostname(const char *url); -extern void urlExtMethodConfigure(); +extern void urlExtMethodConfigure(void); extern void useragentOpenLog(void); extern void useragentRotateLog(void); @@ -1074,6 +1127,9 @@ extern void dlinkAdd(void *data, dlink_node *, dlink_list *); extern void dlinkAddTail(void *data, dlink_node *, dlink_list *); extern void dlinkDelete(dlink_node * m, dlink_list * list); +extern void dlinkNodeDelete(dlink_node * m); +extern dlink_node *dlinkNodeNew(void); + extern void kb_incr(kb_t *, size_t); extern double gb_to_double(const gb_t *); extern const char *gb_to_str(const gb_t *); @@ -1084,6 +1140,7 @@ extern void *linklistShift(link_list **); extern int xrename(const char *from, const char *to); extern int isPowTen(int); +extern void parseEtcHosts(void); #if USE_HTCP extern void htcpInit(void); @@ -1093,7 +1150,7 @@ #endif /* String */ -#define strLen(s) ((const int)(s).len) +#define strLen(s) ((/* const */ int)(s).len) #define strBuf(s) ((const char*)(s).buf) #define strChr(s,ch) ((const char*)strchr(strBuf(s), (ch))) #define strRChr(s,ch) ((const char*)strrchr(strBuf(s), (ch))) @@ -1176,11 +1233,23 @@ /* helper.c */ extern void helperOpenServers(helper * hlp); +extern void helperStatefulOpenServers(statefulhelper * hlp); extern void helperSubmit(helper * hlp, const char *buf, HLPCB * callback, void *data); +extern void helperStatefulSubmit(statefulhelper * hlp, const char *buf, HLPSCB * callback, void *data, helper_stateful_server * lastserver); extern void helperStats(StoreEntry * sentry, helper * hlp); +extern void helperStatefulStats(StoreEntry * sentry, statefulhelper * hlp); extern void helperShutdown(helper * hlp); +extern void helperStatefulShutdown(statefulhelper * hlp); extern helper *helperCreate(const char *); +extern statefulhelper *helperStatefulCreate(const char *); extern void helperFree(helper *); +extern void helperStatefulFree(statefulhelper *); +extern void helperStatefulReset(helper_stateful_server * srv); +extern void helperStatefulReleaseServer(helper_stateful_server * srv); +extern void *helperStatefulServerGetData(helper_stateful_server * srv); +extern helper_stateful_server *helperStatefulDefer(statefulhelper *); + + #if USE_LEAKFINDER extern void leakInit(void); @@ -1220,3 +1289,7 @@ extern unsigned int url_checksum(const char *url); #endif +/* + * hack to allow snmp access to the statistics counters + */ +extern StatCounters *snmpStatGet(int); --- squid/src/pump.c Wed Feb 14 00:50:55 2007 +++ /dev/null Wed Feb 14 00:50:05 2007 @@ -1,425 +0,0 @@ - -/* - * $Id: pump.c,v 1.4 2000/11/03 08:39:20 hno Exp $ - * - * DEBUG: section 61 PUMP handler - * AUTHOR: Kostas Anagnostakis - * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ - * ---------------------------------------------------------- - * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. - * - */ - -#include "squid.h" - -#define PUMP_MAXBUFFER 2*SQUID_UDP_SO_SNDBUF - -#define PUMP_FLAG_CLOSING 0x01 - -static PumpStateData *pump_head = NULL; - -static PF pumpReadFromClient; -static STCB pumpServerCopy; -static CWCB pumpServerCopyComplete; -static PF pumpFree; -static PF pumpTimeout; -static PF pumpServerClosed; -static DEFER pumpReadDefer; -static void pumpClose(void *data); - -void -pumpInit(int fd, request_t * r, char *uri) -{ - request_flags flags; - PumpStateData *p = memAllocate(MEM_PUMP_STATE_DATA); - LOCAL_ARRAY(char, new_key, MAX_URL + 8); - debug(61, 3) ("pumpInit: FD %d, uri=%s\n", fd, uri); - /* - * create a StoreEntry which will buffer the data - * to be pumped - */ - assert(fd > -1); - assert(uri != NULL); - assert(r != NULL); - /* we shouldn't have gotten this far if content-length is invalid */ - assert(r->content_length >= 0); - debug(61, 4) ("pumpInit: Content-Length=%d.\n", r->content_length); - flags = null_request_flags; - flags.nocache = 1; - snprintf(new_key, MAX_URL + 5, "%s|Pump", uri); - cbdataAdd(p, memFree, MEM_PUMP_STATE_DATA); - p->request_entry = storeCreateEntry(new_key, new_key, flags, r->method); - p->sc = storeClientListAdd(p->request_entry, p); - EBIT_SET(p->request_entry->flags, ENTRY_DONT_LOG); -#if DELAY_POOLS - delaySetStoreClient(p->sc, delayClient(r)); -#endif - /* - * initialize data structure - */ - p->c_fd = fd; - p->s_fd = -1; - p->req = requestLink(r); - p->callback = NULL; - p->cbdata = NULL; - p->next = pump_head; - pump_head = p; - comm_add_close_handler(p->c_fd, pumpFree, p); - commSetSelect(fd, COMM_SELECT_READ, NULL, NULL, 0); - debug(61, 4) ("pumpInit: FD %d, Created %p\n", fd, p); -} - -void -pumpStart(int s_fd, FwdState * fwd, CWCB * callback, void *cbdata) -{ - PumpStateData *p = NULL; - request_t *r = fwd->request; - size_t copy_sz; - debug(61, 3) ("pumpStart: FD %d, key %s\n", - s_fd, storeKeyText(fwd->entry->hash.key)); - /* - * find state data generated by pumpInit in linked list - */ - for (p = pump_head; p && p->req != r; p = p->next); - assert(p != NULL); - assert(p->request_entry); - assert(p->c_fd > -1); - assert(r == p->req); - /* - * fill in the rest of data needed by the pump - */ - p->fwd = fwd; - p->s_fd = s_fd; - p->reply_entry = fwd->entry; - p->callback = callback; - p->cbdata = cbdata; - cbdataLock(p->cbdata); - storeLockObject(p->reply_entry); - comm_add_close_handler(p->s_fd, pumpServerClosed, p); - /* - * see if part of the body is in the request - */ - if (p->rcvd < p->req->content_length && r->body_sz > 0) { - assert(p->request_entry->store_status == STORE_PENDING); - assert(r->body != NULL); - assert(r->body_sz <= p->req->content_length); - copy_sz = XMIN(r->body_sz, p->req->content_length); - debug(61, 3) ("pumpStart: Appending %d bytes from r->body\n", copy_sz); - storeAppend(p->request_entry, r->body, copy_sz); - p->rcvd = copy_sz; - } - /* - * Do we need to read more data from the client? - */ - if (p->rcvd < p->req->content_length) { - assert(p->request_entry->store_status == STORE_PENDING); - commSetSelect(p->c_fd, COMM_SELECT_READ, pumpReadFromClient, p, 0); - commSetTimeout(p->c_fd, Config.Timeout.read, pumpTimeout, p); - commSetDefer(p->c_fd, pumpReadDefer, p); - } - p->sent = 0; - if (p->sent == p->req->content_length) { - pumpServerCopyComplete(p->s_fd, NULL, 0, DISK_OK, p); - } else { - storeClientCopy(p->sc, p->request_entry, p->sent, p->sent, 4096, - memAllocate(MEM_4K_BUF), - pumpServerCopy, p); - } -} - -static void -pumpServerCopy(void *data, char *buf, ssize_t size) -{ - PumpStateData *p = data; - debug(61, 5) ("pumpServerCopy: called with size=%d\n", size); - if (size < 0) { - debug(61, 5) ("pumpServerCopy: freeing and returning\n"); - memFree(buf, MEM_4K_BUF); - return; - } - if (size == 0) { - debug(61, 5) ("pumpServerCopy: done, finishing\n", size); - pumpServerCopyComplete(p->s_fd, NULL, 0, DISK_OK, p); - memFree(buf, MEM_4K_BUF); - return; - } - debug(61, 5) ("pumpServerCopy: to FD %d, %d bytes\n", p->s_fd, size); - comm_write(p->s_fd, buf, size, pumpServerCopyComplete, p, memFree4K); -} - -static void -pumpServerCopyComplete(int fd, char *bufnotused, size_t size, int errflag, void *data) -{ - PumpStateData *p = data; - int sfd; - debug(61, 5) ("pumpServerCopyComplete: called with size=%d (%d,%d)\n", - size, p->sent + size, p->req->content_length); - if (errflag == COMM_ERR_CLOSING) - return; - if (errflag != 0) { - debug(61, 5) ("pumpServerCopyComplete: aborted, errflag %d\n", errflag); - pumpClose(p); - return; - } - if (EBIT_TEST(p->request_entry->flags, ENTRY_ABORTED)) { - debug(61, 5) ("pumpServerCopyComplete: ENTRY_ABORTED\n"); - pumpClose(p); - return; - } - p->sent += size; - assert(p->sent <= p->req->content_length); - if (p->sent < p->req->content_length) { - storeClientCopy(p->sc, p->request_entry, p->sent, p->sent, 4096, - memAllocate(MEM_4K_BUF), - pumpServerCopy, p); - return; - } - debug(61, 5) ("pumpServerCopyComplete: Done!\n", size); - /* - * we don't care what happens on the server side now - */ - sfd = p->s_fd; - comm_remove_close_handler(p->s_fd, pumpServerClosed, p); - p->s_fd = -1; - if (cbdataValid(p->cbdata)) - p->callback(sfd, NULL, p->sent, 0, p->cbdata); - cbdataUnlock(p->cbdata); - storeUnlockObject(p->reply_entry); - p->reply_entry = NULL; - /* - * and now we don't care about the client side either - * tear down the pump state. - */ - comm_remove_close_handler(p->c_fd, pumpFree, p); - pumpFree(p->c_fd, p); -} - - -static void -pumpReadFromClient(int fd, void *data) -{ - PumpStateData *p = data; - StoreEntry *req = p->request_entry; - LOCAL_ARRAY(char, buf, SQUID_TCP_SO_RCVBUF); - int bytes_to_read = XMIN(p->req->content_length - p->rcvd, SQUID_TCP_SO_RCVBUF); - int len = 0; - errno = 0; - statCounter.syscalls.sock.reads++; - len = read(fd, buf, bytes_to_read); - fd_bytes(fd, len, FD_READ); - debug(61, 5) ("pumpReadFromClient: FD %d: len %d.\n", fd, len); - if (len > 0) { - (void) 0; /* continue */ - } else if (len < 0) { - debug(61, 2) ("pumpReadFromClient: FD %d: read failure: %s.\n", - fd, xstrerror()); - if (ignoreErrno(errno)) { - debug(61, 5) ("pumpReadFromClient: FD %d: len %d and ignore!\n", - fd, len); - commSetSelect(fd, - COMM_SELECT_READ, - pumpReadFromClient, - p, - Config.Timeout.read); - } else { - debug(61, 2) ("pumpReadFromClient: aborted.\n"); - pumpClose(p); - } - return; - } else if (req->mem_obj->inmem_hi == 0) { - debug(61, 2) ("pumpReadFromClient: FD %d: failed.\n", fd); - pumpClose(p); - return; - } else if (p->rcvd < p->req->content_length) { - debug(61, 4) ("pumpReadFromClient: FD %d, incomplete request\n", fd); - pumpClose(p); - return; - } - if (len > 0) { - int delta = p->rcvd + len - p->req->content_length; - if (delta > 0 && p->req->flags.proxy_keepalive) { - debug(61, delta == 2 ? 3 : 1) ("pumpReadFromClient: Warning: read %d bytes past content-length, truncating\n", delta); - len = p->req->content_length - p->rcvd; - } - storeAppend(req, buf, len); - p->rcvd += len; - } - if (p->rcvd < p->req->content_length) { - /* We need more data */ - commSetSelect(fd, COMM_SELECT_READ, pumpReadFromClient, - p, Config.Timeout.read); - return; - } - /* all done! */ - if (p->req->flags.proxy_keepalive) - assert(p->rcvd == p->req->content_length); - debug(61, 2) ("pumpReadFromClient: finished!\n"); - storeComplete(req); - commSetDefer(p->c_fd, NULL, NULL); - commSetTimeout(p->c_fd, -1, NULL, NULL); -} - -static int -pumpReadDefer(int fd, void *data) -{ - PumpStateData *p = data; - assert(p->rcvd >= p->sent); - if ((p->rcvd - p->sent) < PUMP_MAXBUFFER) - return 0; - debug(61, 5) ("pumpReadDefer: deferring, rcvd=%d, sent=%d\n", - p->rcvd, p->sent); - return 1; -} - -static void -pumpClose(void *data) -{ - PumpStateData *p = data; - StoreEntry *req = p->request_entry; - StoreEntry *rep = p->reply_entry; - cbdataLock(p); - debug(61, 3) ("pumpClose: %p Server FD %d, Client FD %d\n", - p, p->s_fd, p->c_fd); - /* double-call detection */ - assert(!p->flags.closing); - p->flags.closing = 1; - if (req != NULL && req->store_status == STORE_PENDING) { - storeUnregister(p->sc, req, p); - } - if (rep != NULL && rep->store_status == STORE_PENDING) { - ErrorState *err = errorCon(ERR_READ_ERROR, HTTP_INTERNAL_SERVER_ERROR); - fwdFail(p->fwd, err); - } - if (p->s_fd > -1) { - comm_close(p->s_fd); - p->s_fd = -1; - } - if (p->c_fd > -1) { - comm_close(p->c_fd); - } - /* This tests that pumpFree() got called somewhere */ - assert(0 == cbdataValid(p)); - cbdataUnlock(p); -} - -static void -pumpFree(int fd, void *data) -{ - PumpStateData *p = NULL; - PumpStateData *q = NULL; - StoreEntry *req; - StoreEntry *rep; - debug(61, 3) ("pumpFree: FD %d, releasing %p!\n", fd, data); - for (p = pump_head; p && p != data; q = p, p = p->next); - if (p == NULL) { - debug(61, 1) ("pumpFree: p=%p not found?\n", p); - return; - } - if (q) - q->next = p->next; - else - pump_head = p->next; - assert(fd == p->c_fd); - p->c_fd = -1; - req = p->request_entry; - rep = p->reply_entry; - if (req != NULL) { - storeUnregister(p->sc, req, p); - storeUnlockObject(req); - p->request_entry = NULL; - } - if (rep != NULL) { - debug(61, 3) ("pumpFree: did the server-side FD (%d) get closed?\n", p->s_fd); - storeUnlockObject(rep); - p->reply_entry = NULL; - } - requestUnlink(p->req); - if (p->s_fd > -1) { - assert(!fd_table[p->s_fd].flags.open); - p->s_fd = -1; - } - cbdataFree(p); -} - -static void -pumpTimeout(int fd, void *data) -{ - PumpStateData *p = data; - debug(61, 3) ("pumpTimeout: FD %d\n", p->c_fd); - pumpClose(p); -} - -/* - *This is called only if the client connect closes unexpectedly - */ -static void -pumpServerClosed(int fd, void *data) -{ - PumpStateData *p = data; - debug(61, 3) ("pumpServerClosed: FD %d\n", fd); - /* - * we have been called from comm_close for the server side, so - * just need to clean up the client side - */ - assert(p->s_fd == fd); - p->s_fd = -1; - if (p->flags.closing) - return; - if (p->c_fd > -1) - comm_close(p->c_fd); -} - -/* - * This function returns True if we can submit this request again. - * The request may have been pipelined, but the connection got - * closed before we got a reply. If we still have the whole - * request in memory then we can send it again. If we want to - * be able to restart very large requests, then we'll have to - * swap them out to disk. - */ -int -pumpRestart(request_t * r) -{ - PumpStateData *p; - MemObject *mem; - for (p = pump_head; p && p->req != r; p = p->next); - if (p == NULL) { - debug(61, 3) ("pumpRestart: NO: Can't find pumpState!\n"); - return 0; - } - mem = p->request_entry->mem_obj; - if (mem == NULL) { - debug(61, 3) ("pumpRestart: NO: request_entry->mem_obj == NULL!\n"); - return 0; - } - if (mem->inmem_lo > 0) { - debug(61, 3) ("pumpRestart: NO: mem->inmem_lo == %d\n", - (int) mem->inmem_lo); - return 0; - } - debug(61, 3) ("pumpRestart: YES!\n"); - return 1; -} Index: squid/src/recv-announce.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/recv-announce.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/recv-announce.c 7 Dec 2000 13:58:12 -0000 1.3.6.1 +++ squid/src/recv-announce.c 27 Feb 2001 14:18:52 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: recv-announce.c,v 1.3.6.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: recv-announce.c,v 1.3.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 0 Announcement Server * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/redirect.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/redirect.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/redirect.c 7 Dec 2000 13:58:12 -0000 1.3.6.1 +++ squid/src/redirect.c 27 Feb 2001 14:18:52 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: redirect.c,v 1.3.6.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: redirect.c,v 1.3.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 29 Redirector * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -49,6 +49,7 @@ static helper *redirectors = NULL; static OBJH redirectStats; static int n_bypassed = 0; +CBDATA_TYPE(redirectStateData); static void redirectHandleReply(void *data, char *reply) @@ -122,16 +123,15 @@ handler(data, NULL); return; } - r = xcalloc(1, sizeof(redirectStateData)); - cbdataAdd(r, cbdataXfree, 0); + r = CBDATA_ALLOC(redirectStateData, NULL); r->orig_url = xstrdup(http->uri); r->client_addr = conn->log_addr; - if (http->request->user_ident[0]) - r->client_ident = http->request->user_ident; - else if (conn->ident == NULL || *conn->ident == '\0') { - r->client_ident = dash_str; + if (http->request->auth_user_request) + r->client_ident = authenticateUserRequestUsername(http->request->auth_user_request); + else if (conn->rfc931[0]) { + r->client_ident = conn->rfc931; } else { - r->client_ident = conn->ident; + r->client_ident = dash_str; } r->method_s = RequestMethodStr[http->request->method]; r->handler = handler; @@ -165,6 +165,7 @@ "URL Redirector Stats", redirectStats, 0, 1); init = 1; + CBDATA_INIT_TYPE(redirectStateData); } } Index: squid/src/referer.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/referer.c,v retrieving revision 1.2 retrieving revision 1.2.8.1 diff -u -r1.2 -r1.2.8.1 --- squid/src/referer.c 21 Oct 2000 15:16:13 -0000 1.2 +++ squid/src/referer.c 27 Feb 2001 14:18:52 -0000 1.2.8.1 @@ -6,17 +6,17 @@ * AUTHOR: Joe Ramey (useragent) * Jens-S. Vöckler (mod 4 referer) * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/refresh.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/refresh.c,v retrieving revision 1.5 retrieving revision 1.5.4.1 diff -u -r1.5 -r1.5.4.1 --- squid/src/refresh.c 11 Nov 2000 09:40:02 -0000 1.5 +++ squid/src/refresh.c 27 Feb 2001 14:18:52 -0000 1.5.4.1 @@ -1,21 +1,21 @@ /* - * $Id: refresh.c,v 1.5 2000/11/11 09:40:02 hno Exp $ + * $Id: refresh.c,v 1.5.4.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 22 Refresh Calculation * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/send-announce.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/send-announce.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/send-announce.c 7 Dec 2000 13:58:12 -0000 1.3.6.1 +++ squid/src/send-announce.c 27 Feb 2001 14:18:52 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: send-announce.c,v 1.3.6.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: send-announce.c,v 1.3.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 27 Cache Announcer * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -40,13 +40,11 @@ void start_announce(void *datanotused) { - void *junk; if (0 == Config.onoff.announce) return; if (theOutIcpConnection < 0) return; - cbdataAdd(junk = xmalloc(1), cbdataXfree, 0); - ipcache_nbgethostbyname(Config.Announce.host, send_announce, junk); + ipcache_nbgethostbyname(Config.Announce.host, send_announce, NULL); eventAdd("send_announce", start_announce, NULL, (double) Config.Announce.period, 1); } @@ -63,7 +61,6 @@ int n; int fd; int x; - cbdataFree(junk); if (ia == NULL) { debug(27, 1) ("send_announce: Unknown host '%s'\n", host); return; @@ -88,7 +85,7 @@ strcat(sndbuf, tbuf); l = strlen(sndbuf); if ((file = Config.Announce.file) != NULL) { - fd = file_open(file, O_RDONLY); + fd = file_open(file, O_RDONLY | O_TEXT); if (fd > -1 && (n = read(fd, sndbuf + l, BUFSIZ - l - 1)) > 0) { fd_bytes(fd, n, FD_READ); l += n; Index: squid/src/snmp_agent.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/snmp_agent.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/snmp_agent.c 23 Oct 2000 15:04:21 -0000 1.3 +++ squid/src/snmp_agent.c 27 Feb 2001 14:18:52 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: snmp_agent.c,v 1.3 2000/10/23 15:04:21 hno Exp $ + * $Id: snmp_agent.c,v 1.3.6.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 49 SNMP Interface * AUTHOR: Kostas Anagnostakis * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -37,8 +37,6 @@ #include "squid.h" #include "cache_snmp.h" -extern StatCounters *snmpStatGet(int); - /************************************************************************ SQUID MIB Implementation @@ -257,7 +255,7 @@ break; case PERF_SYS_MEMUSAGE: Answer = snmp_var_new_integer(Var->name, Var->name_length, - (snint) memTotalAllocated() >> 10, + (snint) statMemoryAccounted() >> 10, ASN_INTEGER); break; case PERF_SYS_CPUTIME: @@ -296,7 +294,7 @@ break; case PERF_SYS_CURRESERVED_FD: Answer = snmp_var_new_integer(Var->name, Var->name_length, - (snint) Number_FD, + (snint) RESERVED_FD, SMI_GAUGE32); break; case PERF_SYS_NUMOBJCNT: Index: squid/src/snmp_core.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/snmp_core.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/snmp_core.c 7 Dec 2000 13:58:12 -0000 1.3.6.1 +++ squid/src/snmp_core.c 27 Feb 2001 14:18:52 -0000 1.3.6.2 @@ -1,32 +1,32 @@ /* - * $Id: snmp_core.c,v 1.3.6.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: snmp_core.c,v 1.3.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 49 SNMP support * AUTHOR: Glenn Chisholm * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. @@ -534,7 +534,6 @@ { struct snmp_session Session; struct snmp_pdu *RespPDU; - int ret; debug(49, 5) ("snmpConstructReponse: Called.\n"); RespPDU = snmpAgentResponse(rq->PDU); @@ -543,7 +542,7 @@ Session.Version = SNMP_VERSION_1; Session.community = rq->community; Session.community_len = strlen((char *) rq->community); - ret = snmp_build(&Session, RespPDU, rq->outbuf, &rq->outlen); + snmp_build(&Session, RespPDU, rq->outbuf, &rq->outlen); sendto(rq->sock, rq->outbuf, rq->outlen, 0, (struct sockaddr *) &rq->from, sizeof(rq->from)); snmp_free_pdu(RespPDU); xfree(rq->outbuf); @@ -646,7 +645,7 @@ snmpTreeGet(oid * Current, snint CurrentLen) { oid_ParseFn *Fn = NULL; - mib_tree_entry *mibTreeEntry = NULL, *lastEntry = NULL; + mib_tree_entry *mibTreeEntry = NULL; int count = 0; debug(49, 5) ("snmpTreeGet: Called\n"); @@ -658,7 +657,6 @@ if (Current[count] == mibTreeEntry->name[count]) { count++; while ((mibTreeEntry) && (count < CurrentLen) && (!mibTreeEntry->parsefunction)) { - lastEntry = mibTreeEntry; mibTreeEntry = snmpTreeEntry(Current[count], count, mibTreeEntry); count++; } Index: squid/src/squid.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/squid.h,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/squid.h 23 Oct 2000 15:04:22 -0000 1.3 +++ squid/src/squid.h 27 Feb 2001 14:18:52 -0000 1.3.6.1 @@ -1,20 +1,20 @@ /* - * $Id: squid.h,v 1.3 2000/10/23 15:04:22 hno Exp $ + * $Id: squid.h,v 1.3.6.1 2001/02/27 14:18:52 rvenning Exp $ * * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -191,6 +191,9 @@ #if HAVE_LIMITS_H #include #endif +#if defined(_SQUID_CYGWIN_) +#include +#endif #if HAVE_DIRENT_H #include @@ -213,6 +216,10 @@ #include #endif +#if HAVE_SYS_MOUNT_H +#include +#endif + /* * We require poll.h before using poll(). If the symbols used * by poll() are defined elsewhere, we will need to make this @@ -228,10 +235,24 @@ #endif /* HAVE_POLL_H */ #endif /* HAVE_POLL */ -#if STDC_HEADERS +#if defined(HAVE_STDARG_H) #include +#define HAVE_STDARGS /* let's hope that works everywhere (mj) */ +#define VA_LOCAL_DECL va_list ap; +#define VA_START(f) va_start(ap, f) +#define VA_SHIFT(v,t) ; /* no-op for ANSI */ +#define VA_END va_end(ap) #else +#if defined(HAVE_VARARGS_H) #include +#undef HAVE_STDARGS +#define VA_LOCAL_DECL va_list ap; +#define VA_START(f) va_start(ap) /* f is ignored! */ +#define VA_SHIFT(v,t) v = va_arg(ap,t) +#define VA_END va_end(ap) +#else +#error XX **NO VARARGS ** XX +#endif #endif /* Make sure syslog goes after stdarg/varargs */ @@ -315,7 +336,7 @@ #endif #if CBDATA_DEBUG -#define cbdataAdd(a,b,c) cbdataAddDbg(a,b,c,__FILE__,__LINE__) +#define cbdataAlloc(a,b) cbdataAllocDbg(a,b,__FILE__,__LINE__) #define cbdataLock(a) cbdataLockDbg(a,__FILE__,__LINE__) #define cbdataUnlock(a) cbdataUnlockDbg(a,__FILE__,__LINE__) #endif @@ -410,18 +431,30 @@ #endif /* - * Hey dummy, don't be tempted to move this to lib/config.h.in again. O_NONBLOCK - * will not be defined there because you didn't #include yet. + * Hey dummy, don't be tempted to move this to lib/config.h.in + * again. O_NONBLOCK will not be defined there because you didn't + * #include yet. + */ +#if defined(_SQUID_SUNOS_) +/* + * We assume O_NONBLOCK is broken, or does not exist, on SunOS. + */ +#define SQUID_NONBLOCK O_NDELAY +#elif defined(O_NONBLOCK) +/* + * We used to assume O_NONBLOCK was broken on Solaris, but evidence + * now indicates that its fine on Solaris 8, and in fact required for + * properly detecting EOF on FIFOs. So now we assume that if + * its defined, it works correctly on all operating systems. */ -#if defined(O_NONBLOCK) && !defined(_SQUID_SUNOS_) && !defined(_SQUID_SOLARIS_) #define SQUID_NONBLOCK O_NONBLOCK +/* + * O_NDELAY is our fallback. + */ #else #define SQUID_NONBLOCK O_NDELAY #endif -#include -#include - /* * I'm sick of having to keep doing this .. */ Index: squid/src/ssl.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/ssl.c,v retrieving revision 1.3.6.1 retrieving revision 1.3.6.2 diff -u -r1.3.6.1 -r1.3.6.2 --- squid/src/ssl.c 7 Dec 2000 13:58:12 -0000 1.3.6.1 +++ squid/src/ssl.c 27 Feb 2001 14:18:52 -0000 1.3.6.2 @@ -1,21 +1,21 @@ /* - * $Id: ssl.c,v 1.3.6.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: ssl.c,v 1.3.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 26 Secure Sockets Layer Proxy * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -429,6 +429,7 @@ } } +CBDATA_TYPE(SslStateData); void sslStart(int fd, const char *url, request_t * request, size_t * size_ptr, int *status_ptr) { @@ -482,8 +483,8 @@ errorSend(fd, err); return; } - sslState = xcalloc(1, sizeof(SslStateData)); - cbdataAdd(sslState, cbdataXfree, 0); + CBDATA_INIT_TYPE(SslStateData); + sslState = CBDATA_ALLOC(SslStateData, NULL); #if DELAY_POOLS sslState->delay_id = delayClient(request); delayRegisterDelayIdPtr(&sslState->delay_id); @@ -586,6 +587,7 @@ sslState->request->peer_login = fs->peer->login; sslState->request->flags.proxying = 1; } else { + sslState->request->peer_login = NULL; sslState->request->flags.proxying = 0; } #if DELAY_POOLS Index: squid/src/stat.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/stat.c,v retrieving revision 1.4.6.1 retrieving revision 1.4.6.2 diff -u -r1.4.6.1 -r1.4.6.2 --- squid/src/stat.c 7 Dec 2000 13:58:12 -0000 1.4.6.1 +++ squid/src/stat.c 27 Feb 2001 14:18:52 -0000 1.4.6.2 @@ -1,21 +1,21 @@ /* - * $Id: stat.c,v 1.4.6.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: stat.c,v 1.4.6.2 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 18 Cache Manager Statistics * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -88,6 +88,7 @@ static int NCountHist = 0; static StatCounters CountHourHist[N_COUNT_HOUR_HIST]; static int NCountHourHist = 0; +CBDATA_TYPE(StatObjectsState); extern unsigned int mem_pool_alloc_calls; extern unsigned int mem_pool_free_calls; @@ -343,11 +344,11 @@ static void statObjectsStart(StoreEntry * sentry, STOBJFLT * filter) { - StatObjectsState *state = xcalloc(1, sizeof(*state)); + StatObjectsState *state; + state = CBDATA_ALLOC(StatObjectsState, NULL); state->sentry = sentry; state->filter = filter; storeLockObject(sentry); - cbdataAdd(state, cbdataXfree, 0); eventAdd("statObjects", statObjects, state, 0.0, 1); } @@ -591,7 +592,7 @@ #endif /* HAVE_MALLINFO */ storeAppendPrintf(sentry, "Memory accounted for:\n"); storeAppendPrintf(sentry, "\tTotal accounted: %6d KB\n", - memTotalAllocated() >> 10); + statMemoryAccounted() >> 10); storeAppendPrintf(sentry, "\tmemPoolAlloc calls: %d\n", mem_pool_alloc_calls); storeAppendPrintf(sentry, "\tmemPoolFree calls: %d\n", @@ -832,6 +833,7 @@ { int i; debug(18, 5) ("statInit: Initializing...\n"); + CBDATA_INIT_TYPE(StatObjectsState); for (i = 0; i < N_COUNT_HIST; i++) statCountersInit(&CountHist[i]); for (i = 0; i < N_COUNT_HOUR_HIST; i++) @@ -1297,12 +1299,15 @@ /* * SNMP wants ints, ick */ +#if UNUSED_CODE int get_median_svc(int interval, int which) { return (int) statMedianSvc(interval, which); } +#endif + StatCounters * snmpStatGet(int minutes) { @@ -1413,8 +1418,6 @@ ntohs(PORT_FROM_SA(conn->me))); storeAppendPrintf(s, "\tnrequests: %d\n", conn->nrequests); - storeAppendPrintf(s, "\tpersistent: %d\n", - conn->persistent); storeAppendPrintf(s, "\tdefer: n %d, until %d\n", conn->defer.n, conn->defer.until); } @@ -1516,4 +1519,10 @@ GENGRAPH(cputime, "cputime", "CPU utilisation"); } +int +statMemoryAccounted(void) +{ + memTotalAllocated(); +} + #endif /* STAT_GRAPHS */ Index: squid/src/stmem.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/stmem.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/stmem.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/stmem.c 27 Feb 2001 14:18:52 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: stmem.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: stmem.c,v 1.4.6.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 19 Store Memory Primitives * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/store.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/store.c,v retrieving revision 1.5 retrieving revision 1.5.2.1 diff -u -r1.5 -r1.5.2.1 --- squid/src/store.c 18 Nov 2000 11:01:27 -0000 1.5 +++ squid/src/store.c 27 Feb 2001 14:18:52 -0000 1.5.2.1 @@ -1,32 +1,32 @@ /* - * $Id: store.c,v 1.5 2000/11/18 11:01:27 adri Exp $ + * $Id: store.c,v 1.5.2.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 20 Storage Manager * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. @@ -1027,11 +1027,14 @@ if (served_date < 0 || served_date > squid_curtime) served_date = squid_curtime; /* - * Compensate with Age header if origin server clock is ahead of us - * and there is a cache in between us and the origin server + * Compensate with Age header if origin server clock is ahead + * of us and there is a cache in between us and the origin + * server. But DONT compensate if the age value is larger than + * squid_curtime because it results in a negative served_date. */ if (age > squid_curtime - served_date) - served_date = squid_curtime - age; + if (squid_curtime < age) + served_date = squid_curtime - age; entry->expires = reply->expires; entry->lastmod = reply->last_modified; entry->timestamp = served_date; @@ -1296,6 +1299,7 @@ debug(20, 1) ("ERROR: Be sure to have set cache_replacement_policy\n"); debug(20, 1) ("ERROR: and memory_replacement_policy in squid.conf!\n"); fatalf("ERROR: Unknown policy %s\n", settings->type); + return NULL; /* NOTREACHED */ } #if 0 Index: squid/src/store_client.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/store_client.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/store_client.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/store_client.c 27 Feb 2001 14:18:52 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: store_client.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: store_client.c,v 1.4.6.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 20 Storage Manager Client-Side Interface * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -133,8 +133,7 @@ #endif e->refcount++; mem->nclients++; - sc = memAllocate(MEM_STORE_CLIENT); - cbdataAdd(sc, memFree, MEM_STORE_CLIENT); /* sc is callback_data for file_read */ + sc = CBDATA_ALLOC(store_client, NULL); cbdataLock(data); /* locked while we point to it */ sc->callback_data = data; sc->seen_offset = 0; Index: squid/src/store_digest.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/store_digest.c,v retrieving revision 1.5 retrieving revision 1.5.2.1 diff -u -r1.5 -r1.5.2.1 --- squid/src/store_digest.c 14 Nov 2000 13:03:47 -0000 1.5 +++ squid/src/store_digest.c 27 Feb 2001 14:18:52 -0000 1.5.2.1 @@ -1,21 +1,21 @@ /* - * $Id: store_digest.c,v 1.5 2000/11/14 13:03:47 adri Exp $ + * $Id: store_digest.c,v 1.5.2.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 71 Store Digest Manager * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -51,7 +51,7 @@ typedef struct { StoreDigestCBlock cblock; int rebuild_lock; /* bucket number */ - StoreEntry *rewrite_lock; /* store entry with the digest */ + generic_cbdata *rewrite_lock; /* points to store entry with the digest */ int rebuild_offset; int rewrite_offset; int rebuild_count; @@ -350,9 +350,10 @@ url = internalLocalUri("/squid-internal-periodic/", StoreDigestFileName); flags = null_request_flags; flags.cachable = 1; - sd_state.rewrite_lock = e = storeCreateEntry(url, url, flags, METHOD_GET); - assert(sd_state.rewrite_lock); - cbdataAdd(sd_state.rewrite_lock, NULL, 0); + e = storeCreateEntry(url, url, flags, METHOD_GET); + assert(e); + sd_state.rewrite_lock = CBDATA_ALLOC(generic_cbdata, NULL); + sd_state.rewrite_lock->data = e; debug(71, 3) ("storeDigestRewrite: url: %s key: %s\n", url, storeKeyText(e->hash.key)); e->mem_obj->request = requestLink(urlParse(METHOD_GET, url)); /* wait for rebuild (if any) to finish */ @@ -366,11 +367,12 @@ static void storeDigestRewriteResume(void) { - StoreEntry *e = sd_state.rewrite_lock; + StoreEntry *e; http_version_t version; assert(sd_state.rewrite_lock); assert(!sd_state.rebuild_lock); + e = sd_state.rewrite_lock->data; sd_state.rewrite_offset = 0; EBIT_SET(e->flags, ENTRY_SPECIAL); /* setting public key will purge old digest entry if any */ @@ -394,7 +396,7 @@ static void storeDigestRewriteFinish(StoreEntry * e) { - assert(e == sd_state.rewrite_lock); + assert(sd_state.rewrite_lock && e == sd_state.rewrite_lock->data); storeComplete(e); storeTimestampsSet(e); debug(71, 2) ("storeDigestRewriteFinish: digest expires at %d (%+d)\n", @@ -403,12 +405,9 @@ requestUnlink(e->mem_obj->request); e->mem_obj->request = NULL; storeUnlockObject(e); - /* - * note, it won't really get free()'d here because we used - * MEM_DONTFREE in the call to cbdataAdd(). - */ cbdataFree(sd_state.rewrite_lock); - sd_state.rewrite_lock = e = NULL; + e = NULL; + sd_state.rewrite_lock = NULL; sd_state.rewrite_count++; eventAdd("storeDigestRewriteStart", storeDigestRewriteStart, NULL, (double) Config.digest.rewrite_period, 1); @@ -421,10 +420,11 @@ static void storeDigestSwapOutStep(void *data) { - StoreEntry *e = data; + StoreEntry *e; int chunk_size = Config.digest.swapout_chunk_size; + assert(data == sd_state.rewrite_lock); + e = (StoreEntry *) ((generic_cbdata *) data)->data; assert(e); - assert(e == sd_state.rewrite_lock); /* _add_ check that nothing bad happened while we were waiting @?@ @?@ */ if (sd_state.rewrite_offset + chunk_size > store_digest->mask_size) chunk_size = store_digest->mask_size - sd_state.rewrite_offset; @@ -436,7 +436,7 @@ if (sd_state.rewrite_offset >= store_digest->mask_size) storeDigestRewriteFinish(e); else - eventAdd("storeDigestSwapOutStep", storeDigestSwapOutStep, e, 0.0, 1); + eventAdd("storeDigestSwapOutStep", storeDigestSwapOutStep, data, 0.0, 1); } static void Index: squid/src/store_dir.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/store_dir.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/store_dir.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/store_dir.c 27 Feb 2001 14:18:52 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: store_dir.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: store_dir.c,v 1.4.6.1 2001/02/27 14:18:52 rvenning Exp $ * * DEBUG: section 47 Store Directory Routines * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -35,6 +35,16 @@ #include "squid.h" +#if HAVE_STATVFS +#if HAVE_SYS_STATVFS_H +#include +#endif +#endif +/* Windows uses sys/vfs.h */ +#if HAVE_SYS_VFS_H +#include +#endif + static int storeDirValidSwapDirSize(int, ssize_t); static STDIRSELECT storeDirSelectSwapDirRoundRobin; static STDIRSELECT storeDirSelectSwapDirLeastLoad; @@ -114,33 +124,35 @@ /* * This new selection scheme simply does round-robin on all SwapDirs. - * A SwapDir is skipped if it is over the max_size (100%) limit. If - * all SwapDir's are above the limit, then the first dirn that we - * checked is returned. Note that 'dirn' is guaranteed to advance even - * if all SwapDirs are full. - * - * XXX This function does NOT account for the read_only flag! + * A SwapDir is skipped if it is over the max_size (100%) limit, or + * overloaded. */ static int -storeDirSelectSwapDirRoundRobin(const StoreEntry * unused) +storeDirSelectSwapDirRoundRobin(const StoreEntry * e) { static int dirn = 0; int i; + int load; SwapDir *sd; - /* - * yes, the '<=' is intentional. If all dirs are full we want to - * make sure 'dirn' advances every time this gets called, otherwise - * we get stuck on one dir. - */ + ssize_t objsize = (ssize_t) objectLen(e); for (i = 0; i <= Config.cacheSwap.n_configured; i++) { if (++dirn >= Config.cacheSwap.n_configured) dirn = 0; sd = &Config.cacheSwap.swapDirs[dirn]; + if (sd->flags.read_only) + continue; if (sd->cur_size > sd->max_size) continue; + if (!storeDirValidSwapDirSize(i, objsize)) + continue; + /* check for error or overload condition */ + load = sd->checkobj(sd, e); + if (load < 0 || load > 1000) { + continue; + } return dirn; } - return dirn; + return -1; } /* @@ -160,9 +172,9 @@ storeDirSelectSwapDirLeastLoad(const StoreEntry * e) { ssize_t objsize; - ssize_t least_size; - ssize_t least_objsize; - int least_load = 1000; + ssize_t most_free = 0, cur_free; + ssize_t least_objsize = -1; + int least_load = INT_MAX; int load; int dirn = -1; int i; @@ -172,31 +184,33 @@ objsize = (ssize_t) objectLen(e); if (objsize != -1) objsize += e->mem_obj->swap_hdr_sz; - /* Initial defaults */ - least_size = Config.cacheSwap.swapDirs[0].cur_size; - least_objsize = Config.cacheSwap.swapDirs[0].max_objsize; for (i = 0; i < Config.cacheSwap.n_configured; i++) { SD = &Config.cacheSwap.swapDirs[i]; SD->flags.selected = 0; - if (SD->flags.read_only) - continue; - /* Valid for object size check */ - if (!storeDirValidSwapDirSize(i, objsize)) - continue; load = SD->checkobj(SD, e); - if (load < 0) + if (load < 0 || load > 1000) { + continue; + } + if (SD->flags.read_only) continue; if (SD->cur_size > SD->max_size) continue; if (load > least_load) continue; - if ((least_objsize > 0) && (objsize > least_objsize)) - continue; - /* Only use leastsize if the load is equal */ - if ((load == least_load) && (SD->cur_size > least_size)) - continue; + cur_free = SD->max_size - SD->cur_size; + /* If the load is equal, then look in more details */ + if (load == least_load) { + /* closest max_objsize fit */ + if (least_objsize != -1) + if (SD->max_size > least_objsize || SD->max_size == -1) + continue; + /* most free */ + if (cur_free < most_free) + continue; + } least_load = load; - least_size = SD->cur_size; + least_objsize = SD->max_objsize; + most_free = cur_free; dirn = i; } @@ -248,7 +262,8 @@ void storeDirUpdateSwapSize(SwapDir * SD, size_t size, int sign) { - int k = ((size + 1023) >> 10) * sign; + int blks = (size + SD->fs.blksize - 1) / SD->fs.blksize; + int k = (blks * SD->fs.blksize >> 10) * sign; SD->cur_size += k; store_swap_size += k; if (sign > 0) @@ -280,6 +295,8 @@ SD = &(Config.cacheSwap.swapDirs[i]); storeAppendPrintf(sentry, "Store Directory #%d (%s): %s\n", i, SD->type, storeSwapDir(i)); + storeAppendPrintf(sentry, "FS Block Size %d Bytes\n", + SD->fs.blksize); SD->statfs(SD, sentry); } } @@ -350,7 +367,6 @@ struct timeval start; double dt; SwapDir *sd; - RemovalPolicyWalker **walkers; int dirn; int notdone = 1; if (store_dirs_rebuilding) { @@ -361,7 +377,6 @@ debug(20, 1) ("storeDirWriteCleanLogs: Starting...\n"); getCurrentTime(); start = current_time; - walkers = xcalloc(Config.cacheSwap.n_configured, sizeof *walkers); for (dirn = 0; dirn < Config.cacheSwap.n_configured; dirn++) { sd = &Config.cacheSwap.swapDirs[dirn]; if (sd->log.clean.start(sd) < 0) { @@ -452,3 +467,54 @@ } while (j > 0); ndir++; } + +int +storeDirGetBlkSize(const char *path, int *blksize) +{ +#if HAVE_STATVFS + struct statvfs sfs; + if (statvfs(path, &sfs)) { + debug(50, 1) ("%s: %s\n", path, xstrerror()); + return 1; + } + *blksize = (int) sfs.f_frsize; +#else + struct statfs sfs; + if (statfs(path, &sfs)) { + debug(50, 1) ("%s: %s\n", path, xstrerror()); + return 1; + } + *blksize = (int) sfs.f_bsize; +#endif + return 0; +} + +#define fsbtoblk(num, fsbs, bs) \ + (((fsbs) != 0 && (fsbs) < (bs)) ? \ + (num) / ((bs) / (fsbs)) : (num) * ((fsbs) / (bs))) +int +storeDirGetUFSStats(const char *path, int *totl_kb, int *free_kb, int *totl_in, int *free_in) +{ +#if HAVE_STATVFS + struct statvfs sfs; + if (statvfs(path, &sfs)) { + debug(50, 1) ("%s: %s\n", path, xstrerror()); + return 1; + } + *totl_kb = (int) fsbtoblk(sfs.f_blocks, sfs.f_frsize, 1024); + *free_kb = (int) fsbtoblk(sfs.f_bfree, sfs.f_frsize, 1024); + *totl_in = (int) sfs.f_files; + *free_in = (int) sfs.f_ffree; +#else + struct statfs sfs; + if (statfs(path, &sfs)) { + debug(50, 1) ("%s: %s\n", path, xstrerror()); + return 1; + } + *totl_kb = (int) fsbtoblk(sfs.f_blocks, sfs.f_bsize, 1024); + *free_kb = (int) fsbtoblk(sfs.f_bfree, sfs.f_bsize, 1024); + *totl_in = (int) sfs.f_files; + *free_in = (int) sfs.f_ffree; +#endif + return 0; +} Index: squid/src/store_key_md5.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/store_key_md5.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/store_key_md5.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/store_key_md5.c 27 Feb 2001 14:18:53 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: store_key_md5.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: store_key_md5.c,v 1.4.6.1 2001/02/27 14:18:53 rvenning Exp $ * * DEBUG: section 20 Storage Manager MD5 Cache Keys * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/store_log.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/store_log.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/store_log.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/store_log.c 27 Feb 2001 14:18:53 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: store_log.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: store_log.c,v 1.4.6.1 2001/02/27 14:18:53 rvenning Exp $ * * DEBUG: section 20 Storage Manager Logging Functions * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -53,8 +53,10 @@ HttpReply *reply; if (NULL == storelog) return; +#if UNUSED_CODE if (EBIT_TEST(e->flags, ENTRY_DONT_LOG)) return; +#endif if (mem != NULL) { if (mem->log_url == NULL) { debug(20, 1) ("storeLog: NULL log_url for %s\n", mem->url); Index: squid/src/store_rebuild.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/store_rebuild.c,v retrieving revision 1.5 retrieving revision 1.5.4.1 diff -u -r1.5 -r1.5.4.1 --- squid/src/store_rebuild.c 10 Nov 2000 16:36:45 -0000 1.5 +++ squid/src/store_rebuild.c 27 Feb 2001 14:18:53 -0000 1.5.4.1 @@ -1,21 +1,21 @@ /* - * $Id: store_rebuild.c,v 1.5 2000/11/10 16:36:45 hno Exp $ + * $Id: store_rebuild.c,v 1.5.4.1 2001/02/27 14:18:53 rvenning Exp $ * * DEBUG: section 20 Store Rebuild Routines * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -73,8 +73,7 @@ debug(20, 1) (" store_swap_size = %dk\n", store_swap_size); store_dirs_rebuilding--; assert(0 == store_dirs_rebuilding); - if (opt_store_doublecheck != DBLCHECK_NONE) - /* we want to assert here because the storeFScode should auto-clean the entries */ + if (opt_store_doublecheck) assert(store_errors == 0); if (store_digest) storeDigestNoteStoreReady(); @@ -92,11 +91,9 @@ */ if (e->swap_filen < 0) continue; - if (opt_store_doublecheck != DBLCHECK_NONE) - if (storeCleanupDoubleCheck(e)){ - /* this should never happen as the storeFScode should auto-clean */ + if (opt_store_doublecheck) + if (storeCleanupDoubleCheck(e)) store_errors++; - } EBIT_SET(e->flags, ENTRY_VALIDATED); /* * Only set the file bit if we know its a valid entry @@ -124,8 +121,6 @@ counts.invalid += dc->invalid; counts.badflags += dc->badflags; counts.bad_log_op += dc->bad_log_op; - counts.missingcount += dc->missingcount; - counts.filesizemismatchcount += dc->filesizemismatchcount; counts.zero_object_sz += dc->zero_object_sz; /* * When store_dirs_rebuilding == 1, it means we are done reading @@ -144,10 +139,6 @@ debug(20, 1) (" %7d Objects cancelled.\n", counts.cancelcount); debug(20, 1) (" %7d Duplicate URLs purged.\n", counts.dupcount); debug(20, 1) (" %7d Swapfile clashes avoided.\n", counts.clashcount); - debug(20, 1) (" %7d Missing files ignored.\n", counts.missingcount); - debug(20, 1) (" %7d Incorrect length swapfiles %s.\n", - counts.filesizemismatchcount, - (opt_store_doublecheck == DBLCHECK_REPORTONLY) ? "ignored" : "unlinked"); debug(20, 1) (" Took %3.1f seconds (%6.1f objects/sec).\n", dt, (double) counts.objcount / (dt > 0.0 ? dt : 1.0)); debug(20, 1) ("Beginning Validation Procedure\n"); Index: squid/src/store_swapin.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/store_swapin.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/store_swapin.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/store_swapin.c 27 Feb 2001 14:18:53 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: store_swapin.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: store_swapin.c,v 1.4.6.1 2001/02/27 14:18:53 rvenning Exp $ * * DEBUG: section 20 Storage Manager Swapin Functions * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/store_swapmeta.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/store_swapmeta.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/store_swapmeta.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/store_swapmeta.c 27 Feb 2001 14:18:53 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: store_swapmeta.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: store_swapmeta.c,v 1.4.6.1 2001/02/27 14:18:53 rvenning Exp $ * * DEBUG: section 20 Storage Manager Swapfile Metadata * AUTHOR: Kostas Anagnostakis * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -135,7 +135,7 @@ break; } xmemcpy(&length, &buf[j], sizeof(int)); - if (length < 0 || length > (1 << 10)) { + if (length < 0 || length > (1 << 16)) { debug(20, 0) ("storeSwapMetaUnpack: insane length (%d)!\n", length); break; } Index: squid/src/store_swapout.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/store_swapout.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/store_swapout.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/store_swapout.c 27 Feb 2001 14:18:53 -0000 1.4.6.1 @@ -1,21 +1,21 @@ /* - * $Id: store_swapout.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: store_swapout.c,v 1.4.6.1 2001/02/27 14:18:53 rvenning Exp $ * * DEBUG: section 20 Storage Manager Swapout Functions * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -61,9 +61,8 @@ storeSwapTLVFree(tlv_list); mem->swap_hdr_sz = (size_t) swap_hdr_sz; /* Create the swap file */ - c = memAllocate(MEM_GEN_CBDATA); + c = CBDATA_ALLOC(generic_cbdata, NULL); c->data = e; - cbdataAdd(c, memFree, MEM_GEN_CBDATA); mem->swapout.sio = storeCreate(e, storeSwapOutFileNotify, storeSwapOutFileClosed, c); if (NULL == mem->swapout.sio) { e->swap_status = SWAPOUT_NONE; Index: squid/src/structs.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/structs.h,v retrieving revision 1.7.2.1 retrieving revision 1.7.2.2 diff -u -r1.7.2.1 -r1.7.2.2 --- squid/src/structs.h 7 Dec 2000 13:58:12 -0000 1.7.2.1 +++ squid/src/structs.h 27 Feb 2001 14:18:53 -0000 1.7.2.2 @@ -1,19 +1,19 @@ /* - * $Id: structs.h,v 1.7.2.1 2000/12/07 13:58:12 rvenning Exp $ + * $Id: structs.h,v 1.7.2.2 2001/02/27 14:18:53 rvenning Exp $ * * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -31,6 +31,9 @@ * */ +#include "config.h" +#include "splay.h" + struct _dlink_node { void *data; dlink_node *prev; @@ -42,6 +45,15 @@ dlink_node *tail; }; +struct _acl_user_data { + splayNode *names; + struct { + unsigned int case_insensitive:1; + unsigned int required:1; + } flags; +}; + + struct _acl_ip_data { struct in_addr addr1; /* if addr2 non-zero then its a range */ struct in_addr addr2; @@ -61,14 +73,100 @@ acl_name_list *next; }; -struct _acl_proxy_auth_user { - hash_link hash; /* must be first */ +struct _acl_proxy_auth_match_cache { + dlink_node link; + int matchrv; + void *acl_data; +}; + +struct _auth_user_hash_pointer { + /* first two items must be same as hash_link */ + char *key; + auth_user_hash_pointer *next; + auth_user_t *auth_user; + dlink_node link; /* other hash entries that point to the same auth_user */ +}; + +struct _auth_user_t { /* extra fields for proxy_auth */ - char *passwd; - int passwd_ok; /* 1 = passwd checked OK */ + /* this determines what scheme owns the user data. */ + auth_type_t auth_type; + /* the index +1 in the authscheme_list to the authscheme entry */ + int auth_module; + /* we only have one username associated with a given auth_user struct */ + auth_user_hash_pointer *usernamehash; + /* we may have many proxy-authenticate strings that decode to the same user */ + dlink_list proxy_auth_list; + dlink_list proxy_match_cache; + struct { + unsigned int credentials_ok:2; /*0=unchecked,1=ok,2=failed */ + } flags; long expiretime; struct IN_ADDR ipaddr; /* IP addr this user authenticated from */ time_t ip_expiretime; + /* how many references are outstanding to this instance */ + size_t references; + /* the auth scheme has it's own private data area */ + void *scheme_data; + /* the auth_user_request structures that link to this. Yes it could be a splaytree + * but how many requests will a single username have in parallel? */ + dlink_list requests; +}; + +struct _auth_user_request_t { + /* this is the object passed around by client_side and acl functions */ + /* it has request specific data, and links to user specific data */ + /* the user */ + auth_user_t *auth_user; + /* return a message on the 407 error pages */ + char *message; + /* any scheme specific request related data */ + void *scheme_data; + /* how many 'processes' are working on this data */ + size_t references; +}; + + +/* + * This defines an auth scheme module + */ + +struct _authscheme_entry { + char *typestr; + AUTHSACTIVE *Active; + AUTHSADDHEADER *AddHeader; + AUTHSADDTRAILER *AddTrailer; + AUTHSAUTHED *authenticated; + AUTHSAUTHUSER *authAuthenticate; + AUTHSCONFIGURED *configured; + AUTHSDUMP *dump; + AUTHSFIXERR *authFixHeader; + AUTHSFREE *FreeUser; + AUTHSFREECONFIG *freeconfig; + AUTHSUSERNAME *authUserUsername; + AUTHSONCLOSEC *oncloseconnection; /*optional */ + AUTHSDECODE *decodeauth; + AUTHSDIRECTION *getdirection; + AUTHSPARSE *parse; + AUTHSINIT *init; + AUTHSREQFREE *requestFree; + AUTHSSHUTDOWN *donefunc; + AUTHSSTART *authStart; + AUTHSSTATS *authStats; +}; + +/* + * This is a configured auth scheme + */ + +/* private data types */ +struct _authScheme { + /* pointer to the authscheme_list's string entry */ + char *typestr; + /* the scheme id in the authscheme_list */ + int Id; + /* the scheme's configuration details. */ + void *scheme_data; }; struct _acl_deny_info_list { @@ -93,6 +191,11 @@ char *buf; }; +struct _header_mangler { + acl_access *access_list; + char *replacement; +}; + struct _http_version_t { unsigned int major; unsigned int minor; @@ -143,11 +246,11 @@ struct IN_ADDR my_addr; unsigned short my_port; request_t *request; -#if USE_IDENT - ConnStateData *conn; /* hack for ident */ - char ident[USER_IDENT_SZ]; -#endif - acl_proxy_auth_user *auth_user; + /* for acls that look at reply data */ + HttpReply *reply; + ConnStateData *conn; /* hack for ident and NTLM */ + char rfc931[USER_IDENT_SZ]; + auth_user_request_t *auth_user_request; acl_lookup_state state[ACL_ENUM_MAX]; #if SQUID_SNMP char *snmp_community; @@ -188,6 +291,7 @@ sockaddr_in_list *next; }; + #if DELAY_POOLS struct _delaySpec { int restore_bps; @@ -316,7 +420,6 @@ char *dnsserver; #endif wordlist *redirect; - wordlist *authenticate; #if USE_ICMP char *pinger; #endif @@ -328,7 +431,7 @@ int dnsChildren; #endif int redirectChildren; - int authenticateChildren; + time_t authenticateGCInterval; time_t authenticateTTL; time_t authenticateIpTTL; struct { @@ -341,6 +444,7 @@ char *debugOptions; char *pidFilename; char *mimeTablePathname; + char *etcHostsPath; char *visibleHostname; char *uniqueHostname; wordlist *hostnameAliases; @@ -378,6 +482,7 @@ int size; } fqdncache; int minDirectHops; + int minDirectRtt; cachemgr_passwd *passwd_list; struct { int objectsPerBucket; @@ -429,6 +534,8 @@ #endif int log_ip_on_direct; int authenticateIpTTLStrict; + int ie_refresh; + int pipeline_prefetch; } onoff; acl *aclList; struct { @@ -447,9 +554,14 @@ acl_access *identLookup; #endif acl_access *redirector; + acl_access *reply; } accessList; acl_deny_info_list *denyInfoList; - char *proxyAuthRealm; + struct _authConfig { + authScheme *schemes; + int n_allocated; + int n_configured; + } authConfig; struct { size_t list_width; int list_wrap; @@ -462,7 +574,6 @@ int n_allocated; int n_configured; } cacheSwap; - char *fake_ua; struct { char *directory; } icons; @@ -496,7 +607,7 @@ char *encode_key; } mcast_miss; #endif - HttpHeaderMask anonymize_headers; + header_mangler header_access[HDR_ENUM_END]; char *coredump_dir; char *chroot_dir; #if USE_CACHE_DIGESTS @@ -656,9 +767,6 @@ struct _HttpStatusLine { /* public, read only */ http_version_t version; -#if 0 - float version; -#endif const char *reason; /* points to a _constant_ string (default or supplied), never free()d */ http_status status; }; @@ -846,7 +954,7 @@ method_t method; int code; const char *content_type; - http_version_t version; + http_version_t version; } http; struct { icp_opcode opcode; @@ -856,7 +964,8 @@ size_t size; log_type code; int msec; - const char *ident; + const char *rfc931; + const char *authuser; } cache; struct { char *request; @@ -912,13 +1021,26 @@ off_t offset; size_t size; } in; + struct { + size_t size_left; /* How much body left to process */ + request_t *request; /* Parameters passed to clientReadBody */ + char *buf; + size_t bufsize; + CBCB *callback; + void *cbdata; + } body; + auth_type_t auth_type; /* Is this connection based authentication ? if so + * what type it is. */ + /* note this is ONLY connection based because NTLM is against HTTP spec */ + /* the user details for connection based authentication */ + auth_user_request_t *auth_user_request; clientHttpRequest *chr; struct SOCKADDR_IN peer; struct SOCKADDR_IN me; struct IN_ADDR log_addr; char ident[USER_IDENT_SZ]; + char rfc931[USER_IDENT_SZ]; int nrequests; - int persistent; struct { int n; time_t until; @@ -1043,6 +1165,7 @@ time_t last_connect_failure; time_t last_connect_probe; int logged_state; /* so we can print dead/revived msgs */ + int conn_open; /* current opened connections */ } stats; struct { int version; @@ -1102,13 +1225,14 @@ int test_fd; #if USE_CARP struct { - unsigned long hash; - unsigned long load_multiplier; + unsigned int hash; + double load_multiplier; float load_factor; } carp; #endif char *login; /* Proxy authorization */ time_t connect_timeout; + int max_conn; }; struct _net_db_name { @@ -1315,16 +1439,16 @@ struct _StoreEntry { hash_link hash; /* must be first */ MemObject *mem_obj; + RemovalPolicyNode repl; time_t timestamp; time_t lastref; time_t expires; time_t lastmod; size_t swap_file_sz; + sfileno swap_filen:25; + sdirno swap_dirn:7; u_short refcount; u_short flags; - sdirno swap_dirn; - sfileno swap_filen; - RemovalPolicyNode repl; u_short lock_count; /* Assume < 65536! */ mem_status_t mem_status:3; ping_status_t ping_status:3; @@ -1382,6 +1506,9 @@ } clean; int writes_since_clean; } log; + struct { + int blksize; + } fs; void *fsdata; }; @@ -1396,7 +1523,6 @@ unsigned int proxy_keepalive:1; unsigned int proxying:1; unsigned int refresh:1; - unsigned int used_proxy_auth:1; unsigned int redirected:1; unsigned int need_validation:1; #if HTTP_VIOLATIONS @@ -1404,6 +1530,7 @@ #endif unsigned int accelerated:1; unsigned int internal:1; + unsigned int body_sent:1; }; struct _link_list { @@ -1436,7 +1563,7 @@ protocol_t protocol; char login[MAX_LOGIN_SZ]; char host[SQUIDHOSTNAMELEN + 1]; - char user_ident[USER_IDENT_SZ]; /* from proxy auth or ident server */ + auth_user_request_t *auth_user_request; u_short port; String urlpath; char *canonical; @@ -1453,8 +1580,7 @@ struct IN_ADDR my_addr; unsigned short my_port; HttpHeader header; - char *body; - size_t body_sz; + ConnStateData *body_connection; /* used by clientReadBody() */ int content_length; HierarchyLogEntry hier; err_type err_type; @@ -1499,6 +1625,7 @@ err_type type; int page_id; http_status http_status; + auth_user_request_t *auth_user_request; request_t *request; char *url; int xerrno; @@ -1790,6 +1917,15 @@ void *data; }; +struct _helper_stateful_request { + char *buf; + HLPSCB *callback; + int placeholder; /* if 1, this is a dummy request waiting for a stateful helper + * to become available for deferred requests.*/ + void *data; +}; + + struct _helper { wordlist *cmdline; dlink_list servers; @@ -1807,6 +1943,26 @@ } stats; }; +struct _helper_stateful { + wordlist *cmdline; + dlink_list servers; + dlink_list queue; + const char *id_name; + int n_to_start; + int n_running; + int ipc_type; + MemPool *datapool; + HLPSAVAIL *IsAvailable; + HLPSONEQ *OnEmptyQueue; + time_t last_queue_warn; + struct { + int requests; + int replies; + int queue_size; + int avg_svc_time; + } stats; +}; + struct _helper_server { int index; int rfd; @@ -1830,6 +1986,34 @@ } stats; }; + +struct _helper_stateful_server { + int index; + int rfd; + int wfd; + char *buf; + size_t buf_sz; + off_t offset; + struct timeval dispatch_time; + struct timeval answer_time; + dlink_node link; + dlink_list queue; + statefulhelper *parent; + helper_stateful_request *request; + struct _helper_stateful_flags { + unsigned int alive:1; + unsigned int busy:1; + unsigned int closing:1; + unsigned int shutdown:1; + stateful_helper_reserve_t reserved:2; + } flags; + struct { + int uses; + } stats; + size_t deferred_requests; /* current number of deferred requests */ + void *data; /* State data used by the calling routines */ +}; + /* * use this when you need to pass callback data to a blocking * operation, but you don't want to add that pointer to cbdata @@ -1847,30 +2031,10 @@ int cancelcount; /* # SWAP_LOG_DEL objects purged */ int invalid; /* # bad lines */ int badflags; /* # bad e->flags */ - int missingcount; /* # swapfiles not on disk */ - int filesizemismatchcount; /* # swapfiles with a wrong size */ int bad_log_op; int zero_object_sz; }; -struct _PumpStateData { - FwdState *fwd; - request_t *req; - store_client *sc; /* The store client we're using */ - int c_fd; /* client fd */ - int s_fd; /* server end */ - int rcvd; /* bytes received from client */ - int sent; /* bytes sent to server */ - StoreEntry *request_entry; /* the request entry */ - StoreEntry *reply_entry; /* the reply entry */ - CWCB *callback; /* what to do when we finish sending */ - void *cbdata; /* callback data passed to callback func */ - struct { - int closing:1; - } flags; - struct _PumpStateData *next; -}; - /* * This defines an fs type */ @@ -1920,10 +2084,7 @@ } flags; }; - - - - - - - +struct cache_dir_option { + char *name; + void (*parse) (SwapDir * sd, const char *option, const char *value, int reconfiguring); +}; Index: squid/src/test_cache_digest.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/test_cache_digest.c,v retrieving revision 1.4 retrieving revision 1.4.6.1 diff -u -r1.4 -r1.4.6.1 --- squid/src/test_cache_digest.c 3 Nov 2000 08:39:20 -0000 1.4 +++ squid/src/test_cache_digest.c 27 Feb 2001 14:18:53 -0000 1.4.6.1 @@ -1,20 +1,20 @@ /* - * $Id: test_cache_digest.c,v 1.4 2000/11/03 08:39:20 hno Exp $ + * $Id: test_cache_digest.c,v 1.4.6.1 2001/02/27 14:18:53 rvenning Exp $ * * AUTHOR: Alex Rousskov * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/tools.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/tools.c,v retrieving revision 1.4.2.2 retrieving revision 1.4.2.3 diff -u -r1.4.2.2 -r1.4.2.3 --- squid/src/tools.c 24 Feb 2001 12:20:40 -0000 1.4.2.2 +++ squid/src/tools.c 27 Feb 2001 14:18:53 -0000 1.4.2.3 @@ -1,21 +1,21 @@ /* - * $Id: tools.c,v 1.4.2.2 2001/02/24 12:20:40 rvenning Exp $ + * $Id: tools.c,v 1.4.2.3 2001/02/27 14:18:53 rvenning Exp $ * * DEBUG: section 21 Misc Functions * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -41,7 +41,7 @@ You've encountered a fatal error in the Squid Cache version %s.\n\ If a core file was created (possibly in the swap directory),\n\ please execute 'gdb squid core' or 'dbx squid core', then type 'where',\n\ -and report the trace back to squid-bugs@ircache.net.\n\ +and report the trace back to squid-bugs@squid-cache.org.\n\ \n\ Thanks!\n" @@ -62,6 +62,8 @@ extern void (*failure_notify) (const char *); +MemPool *dlink_node_pool = NULL; + void releaseServerSockets(void) { @@ -89,12 +91,21 @@ mail_warranty(void) { FILE *fp = NULL; - char *filename; static char command[256]; +#if HAVE_MKSTEMP + char filename[] = "/tmp/squid-XXXXXX"; + int tfd = mkstemp(filename); + if (tfd < 0) + return; + if ((fp = fdopen(tfd, "w")) == NULL) + return; +#else + char *filename; if ((filename = tempnam(NULL, appname)) == NULL) return; if ((fp = fopen(filename, "w")) == NULL) return; +#endif fprintf(fp, "From: %s\n", appname); fprintf(fp, "To: %s\n", Config.adminEmail); fprintf(fp, "Subject: %s\n", dead_msg()); @@ -449,12 +460,17 @@ SA_NTOA(Config.Sockaddr.http->s), host); present = 1; - if( strchr( host, '.' ) ) - return host; + if (strchr(host, '.')) + return host; } +<<<<<<< tools.c debug(50, 1) ("WARNING: failed to resolve %s to a fully qualified hostname\n", SA_NTOA(Config.Sockaddr.http->s)); +======= + debug(50, 1) ("WARNING: failed to resolve %s to a fully qualified hostname\n", + inet_ntoa(Config.Sockaddr.http->s.sin_addr)); +>>>>>>> 1.11 } /* * Get the host name and store it in host to return @@ -470,8 +486,8 @@ /* use the official name from DNS lookup */ xstrncpy(host, h->h_name, SQUIDHOSTNAMELEN); present = 1; - if( strchr( host, '.' ) ) - return host; + if (strchr(host, '.')) + return host; } fatal("Could not determine fully qualified hostname. Please set 'visible_hostname'\n"); return NULL; /* keep compiler happy */ @@ -569,7 +585,7 @@ return; enter_suid(); old_umask = umask(022); - fd = file_open(f, O_WRONLY | O_CREAT | O_TRUNC); + fd = file_open(f, O_WRONLY | O_CREAT | O_TRUNC | O_TEXT); umask(old_umask); leave_suid(); if (fd < 0) { @@ -755,6 +771,24 @@ return p ? p : "(NULL)"; } +dlink_node * +dlinkNodeNew() +{ + if (dlink_node_pool == NULL) + dlink_node_pool = memPoolCreate("Dlink list nodes", sizeof(dlink_node)); + /* where should we call memPoolDestroy(dlink_node_pool); */ + return memPoolAlloc(dlink_node_pool); +} + +/* the node needs to be unlinked FIRST */ +void +dlinkNodeDelete(dlink_node * m) +{ + if (m == NULL) + return; + memPoolFree(dlink_node_pool, m); +} + void dlinkAdd(void *data, dlink_node * m, dlink_list * list) { @@ -927,3 +961,65 @@ return 0; return 1; } + +void +parseEtcHosts(void) +{ + FILE *fp; + char buf[1024]; + char buf2[512]; + char *nt = buf; + char *lt = buf; + char *addr = buf; + char *host = NULL; + if (NULL == Config.etcHostsPath) + return; + if (0 == strcmp(Config.etcHostsPath, "none")) + return; + fp = fopen(Config.etcHostsPath, "r"); + if (fp == NULL) { + debug(1, 1) ("parseEtcHosts: %s: %s\n", + Config.etcHostsPath, xstrerror()); + return; + } +#if defined(_SQUID_CYGWIN_) + setmode(fileno(fp), O_TEXT); +#endif + while (fgets(buf, 1024, fp)) { /* for each line */ + wordlist *hosts = NULL; + if (buf[0] == '#') /* MS-windows likes to add comments */ + continue; + lt = buf; + addr = buf; + debug(1, 5) ("etc_hosts: line is '%s'\n", buf); + nt = strpbrk(lt, w_space); + if (nt == NULL) /* empty line */ + continue; + *nt = '\0'; /* null-terminate the address */ + debug(1, 5) ("etc_hosts: address is '%s'\n", addr); + lt = nt + 1; + while ((nt = strpbrk(lt, w_space))) { + if (nt - lt == 1) { /* multiple spaces */ + debug(1, 5) ("etc_hosts: multiple spaces, skipping\n"); + lt = nt + 1; + continue; + } + *nt = '\0'; + debug(1, 5) ("etc_hosts: got hostname '%s'\n", lt); + if (Config.appendDomain && !strchr(lt, '.')) { + /* I know it's ugly, but it's only at reconfig */ + strncpy(buf2, lt, 512); + strncat(buf2, Config.appendDomain, 512 - strlen(lt)); + host = buf2; + } else { + host = lt; + } + wordlistAdd(&hosts, host); + if (ipcacheAddEntryFromHosts(host, addr) != 0) + continue; /* invalid address, continuing is useless */ + lt = nt + 1; + } + fqdncacheAddEntryFromHosts(addr, hosts); + wordlistDestroy(&hosts); + } +} Index: squid/src/typedefs.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/typedefs.h,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- squid/src/typedefs.h 14 Nov 2000 13:03:47 -0000 1.4 +++ squid/src/typedefs.h 27 Feb 2001 14:18:53 -0000 1.4.2.1 @@ -1,19 +1,19 @@ /* - * $Id: typedefs.h,v 1.4 2000/11/14 13:03:47 adri Exp $ + * $Id: typedefs.h,v 1.4.2.1 2001/02/27 14:18:53 rvenning Exp $ * * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -61,8 +61,13 @@ typedef struct _acl_time_data acl_time_data; typedef struct _acl_name_list acl_name_list; typedef struct _acl_deny_info_list acl_deny_info_list; -typedef struct _acl_proxy_auth acl_proxy_auth; -typedef struct _acl_proxy_auth_user acl_proxy_auth_user; +typedef struct _auth_user_t auth_user_t; +typedef struct _auth_user_request_t auth_user_request_t; +typedef struct _auth_user_hash_pointer auth_user_hash_pointer; +typedef struct _acl_proxy_auth_match_cache acl_proxy_auth_match_cache; +typedef struct _authscheme_entry authscheme_entry_t; +typedef struct _authScheme authScheme; +typedef struct _acl_user_data acl_user_data; typedef struct _acl_arp_data acl_arp_data; typedef struct _acl acl; typedef struct _acl_snmp_comm acl_snmp_comm; @@ -105,6 +110,7 @@ typedef struct _icpUdpData icpUdpData; typedef struct _clientHttpRequest clientHttpRequest; typedef struct _ConnStateData ConnStateData; +typedef struct _ConnCloseHelperData ConnCloseHelperData; typedef struct _ipcache_addrs ipcache_addrs; typedef struct _domain_ping domain_ping; typedef struct _domain_type domain_type; @@ -134,7 +140,9 @@ typedef struct _SwapDir SwapDir; typedef struct _request_flags request_flags; typedef struct _helper_flags helper_flags; +typedef struct _helper_stateful_flags helper_stateful_flags; typedef struct _http_state_flags http_state_flags; +typedef struct _header_mangler header_mangler; typedef struct _request_t request_t; typedef struct _AccessLogEntry AccessLogEntry; typedef struct _cachemgr_passwd cachemgr_passwd; @@ -146,6 +154,7 @@ typedef struct _StatCounters StatCounters; typedef struct _tlv tlv; typedef struct _storeSwapLogData storeSwapLogData; +typedef struct _authConfig authConfig; typedef struct _cacheSwap cacheSwap; typedef struct _StatHist StatHist; typedef struct _String String; @@ -159,14 +168,16 @@ typedef struct _FwdState FwdState; typedef struct _FwdServer FwdServer; typedef struct _helper helper; +typedef struct _helper_stateful statefulhelper; typedef struct _helper_server helper_server; +typedef struct _helper_stateful_server helper_stateful_server; typedef struct _helper_request helper_request; +typedef struct _helper_stateful_request helper_stateful_request; typedef struct _generic_cbdata generic_cbdata; typedef struct _storeIOState storeIOState; typedef struct _queued_read queued_read; typedef struct _queued_write queued_write; typedef struct _link_list link_list; -typedef struct _PumpStateData PumpStateData; typedef struct _storefs_entry storefs_entry_t; typedef struct _storerepl_entry storerepl_entry_t; typedef struct _diskd_queue diskd_queue; @@ -194,7 +205,7 @@ typedef void CNCB(int fd, int status, void *); typedef void FREE(void *); -typedef void CBDUNL(void *, int); +typedef void CBDUNL(void *); typedef void FOCB(void *, int fd, int errcode); typedef void EVH(void *); typedef void PF(int, void *); @@ -216,6 +227,7 @@ typedef void RH(void *data, char *); typedef void UH(void *data, wordlist *); typedef int DEFER(int fd, void *data); +typedef void CBCB(char *buf, size_t size, void *data); typedef void STIOCB(void *their_data, int errflag, storeIOState *); typedef void STFNCB(void *their_data, int errflag, storeIOState *); @@ -230,6 +242,9 @@ typedef void SIGHDLR(int sig); typedef void STVLDCB(void *, int, int); typedef void HLPCB(void *, char *buf); +typedef stateful_helper_callback_t HLPSCB(void *, void *lastserver, char *buf); +typedef int HLPSAVAIL(void *); +typedef void HLPSONEQ(void *); typedef void HLPCMDOPTS(int *argc, char **argv); typedef void IDNSCB(void *, rfc1035_rr *, int); @@ -273,6 +288,29 @@ typedef double hbase_f(double); typedef void StatHistBinDumper(StoreEntry *, int idx, double val, double size, int count); +/* authenticate.c authenticate scheme routines typedefs */ +typedef int AUTHSACTIVE(void); +typedef int AUTHSAUTHED(auth_user_request_t *); +typedef void AUTHSAUTHUSER(auth_user_request_t *, request_t *, ConnStateData *, http_hdr_type); +typedef int AUTHSCONFIGURED(void); +typedef void AUTHSDECODE(auth_user_request_t *, const char *); +typedef int AUTHSDIRECTION(auth_user_request_t *); +typedef void AUTHSDUMP(StoreEntry *, const char *, authScheme *); +typedef void AUTHSFIXERR(auth_user_request_t *, HttpReply *, http_hdr_type, request_t *); +typedef void AUTHSADDHEADER(auth_user_request_t *, HttpReply *, int); +typedef void AUTHSADDTRAILER(auth_user_request_t *, HttpReply *, int); +typedef void AUTHSFREE(auth_user_t *); +typedef void AUTHSFREECONFIG(authScheme *); +typedef char *AUTHSUSERNAME(auth_user_t *); +typedef void AUTHSONCLOSEC(ConnStateData *); +typedef void AUTHSPARSE(authScheme *, int, char *); +typedef void AUTHSINIT(authScheme *); +typedef void AUTHSREQFREE(auth_user_request_t *); +typedef void AUTHSSETUP(authscheme_entry_t *); +typedef void AUTHSSHUTDOWN(void); +typedef void AUTHSSTART(auth_user_request_t *, RH *, void *); +typedef void AUTHSSTATS(StoreEntry *); + /* append/vprintf's for Packer */ typedef void (*append_f) (void *, const char *buf, int size); #if STDC_HEADERS Index: squid/src/unlinkd.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/unlinkd.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/unlinkd.c 23 Oct 2000 15:04:22 -0000 1.3 +++ squid/src/unlinkd.c 27 Feb 2001 14:18:53 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: unlinkd.c,v 1.3 2000/10/23 15:04:22 hno Exp $ + * $Id: unlinkd.c,v 1.3.6.1 2001/02/27 14:18:53 rvenning Exp $ * * DEBUG: section 12 Unlink Daemon * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -97,12 +97,11 @@ if (queuelen >= UNLINKD_QUEUE_LIMIT) { struct timeval to; fd_set R; - int x; FD_ZERO(&R); FD_SET(unlinkd_rfd, &R); to.tv_sec = 0; to.tv_usec = 100000; - x = select(unlinkd_rfd + 1, &R, NULL, NULL, &to); + select(unlinkd_rfd + 1, &R, NULL, NULL, &to); } /* * If there is at least one outstanding unlink request, then Index: squid/src/url.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/url.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/url.c 23 Oct 2000 15:04:22 -0000 1.3 +++ squid/src/url.c 27 Feb 2001 14:18:53 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: url.c,v 1.3 2000/10/23 15:04:22 hno Exp $ + * $Id: url.c,v 1.3.6.1 2001/02/27 14:18:53 rvenning Exp $ * * DEBUG: section 23 URL Parsing * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/urn.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/urn.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- squid/src/urn.c 14 Nov 2000 13:03:47 -0000 1.4 +++ squid/src/urn.c 27 Feb 2001 14:18:53 -0000 1.4.2.1 @@ -1,21 +1,21 @@ /* - * $Id: urn.c,v 1.4 2000/11/14 13:03:47 adri Exp $ + * $Id: urn.c,v 1.4.2.1 2001/02/27 14:18:53 rvenning Exp $ * * DEBUG: section 52 URN Parsing * AUTHOR: Kostas Anagnostakis * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -42,7 +42,7 @@ request_t *request; request_t *urlres_r; struct { - int force_menu:1; + unsigned int force_menu:1; } flags; } UrnState; @@ -60,7 +60,7 @@ static const char *const crlf = "\r\n"; static QS url_entry_sort; -url_entry * +static url_entry * urnFindMinRtt(url_entry * urls, method_t m, int *rtt_ret) { int min_rtt = 0; @@ -95,6 +95,7 @@ return min_u; } +CBDATA_TYPE(UrnState); void urnStart(request_t * r, StoreEntry * e) { @@ -106,10 +107,10 @@ StoreEntry *urlres_e; ErrorState *err; debug(52, 3) ("urnStart: '%s'\n", storeUrl(e)); - urnState = xcalloc(1, sizeof(UrnState)); + CBDATA_INIT_TYPE(UrnState); + urnState = CBDATA_ALLOC(UrnState, NULL); urnState->entry = e; urnState->request = requestLink(r); - cbdataAdd(urnState, cbdataXfree, 0); storeLockObject(urnState->entry); if (strncasecmp(strBuf(r->urlpath), "menu.", 5) == 0) { char *new_path = xstrdup(strBuf(r->urlpath) + 5); @@ -273,7 +274,7 @@ full_appname_string, getMyHostname()); rep = e->mem_obj->reply; httpReplyReset(rep); - httpBuildVersion(&version,1,0); + httpBuildVersion(&version, 1, 0); httpReplySetHeaders(rep, version, HTTP_MOVED_TEMPORARILY, NULL, "text/html", mb.size, 0, squid_curtime); if (urnState->flags.force_menu) { Index: squid/src/useragent.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/useragent.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/useragent.c 23 Oct 2000 15:04:22 -0000 1.3 +++ squid/src/useragent.c 27 Feb 2001 14:18:53 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: useragent.c,v 1.3 2000/10/23 15:04:22 hno Exp $ + * $Id: useragent.c,v 1.3.6.1 2001/02/27 14:18:53 rvenning Exp $ * * DEBUG: section 40 User-Agent logging * AUTHOR: Joe Ramey * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by Index: squid/src/wais.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/wais.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/wais.c 23 Oct 2000 15:04:22 -0000 1.3 +++ squid/src/wais.c 27 Feb 2001 14:18:53 -0000 1.3.6.1 @@ -1,21 +1,21 @@ /* - * $Id: wais.c,v 1.3 2000/10/23 15:04:22 hno Exp $ + * $Id: wais.c,v 1.3.6.1 2001/02/27 14:18:53 rvenning Exp $ * * DEBUG: section 24 WAIS Relay * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -216,6 +216,7 @@ EBIT_CLR(waisState->entry->flags, ENTRY_FWD_HDR_WAIT); } +CBDATA_TYPE(WaisStateData); void waisStart(FwdState * fwd) { @@ -228,8 +229,8 @@ debug(24, 3) ("waisStart: \"%s %s\"\n", RequestMethodStr[method], url); statCounter.server.all.requests++; statCounter.server.other.requests++; - waisState = xcalloc(1, sizeof(WaisStateData)); - cbdataAdd(waisState, cbdataXfree, 0); + CBDATA_INIT_TYPE(WaisStateData); + waisState = CBDATA_ALLOC(WaisStateData, NULL); waisState->method = method; waisState->request_hdr = &request->header; waisState->fd = fd; Index: squid/src/fs/aufs/aiops.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/aufs/aiops.c,v retrieving revision 1.3 retrieving revision 1.3.4.1 diff -u -r1.3 -r1.3.4.1 --- squid/src/fs/aufs/aiops.c 11 Nov 2000 09:40:02 -0000 1.3 +++ squid/src/fs/aufs/aiops.c 27 Feb 2001 14:18:54 -0000 1.3.4.1 @@ -4,17 +4,17 @@ * DEBUG: section 43 AIOPS * AUTHOR: Stewart Forster * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * Duane Wessels and the University of California San Diego. Please - * see the COPYRIGHT file for full details. Squid incorporates - * software developed and/or copyrighted by other sources. Please see - * the CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -92,10 +92,10 @@ typedef struct aio_request_queue_t { pthread_mutex_t mutex; pthread_cond_t cond; - aio_request_t * volatile head; - aio_request_t * volatile * volatile tailp; + aio_request_t *volatile head; + aio_request_t *volatile *volatile tailp; unsigned long requests; - unsigned long blocked; /* main failed to lock the queue */ + unsigned long blocked; /* main failed to lock the queue */ } aio_request_queue_t; typedef struct aio_thread_t aio_thread_t; @@ -145,19 +145,29 @@ #define AIO_TINY_BUFS AIO_LARGE_BUFS >> 3 #define AIO_MICRO_BUFS 128 -static MemPool *aio_large_bufs = NULL; /* 16K */ +static MemPool *aio_large_bufs = NULL; /* 16K */ static MemPool *aio_medium_bufs = NULL; /* 8K */ -static MemPool *aio_small_bufs = NULL; /* 4K */ -static MemPool *aio_tiny_bufs = NULL; /* 2K */ -static MemPool *aio_micro_bufs = NULL; /* 128K */ +static MemPool *aio_small_bufs = NULL; /* 4K */ +static MemPool *aio_tiny_bufs = NULL; /* 2K */ +static MemPool *aio_micro_bufs = NULL; /* 128K */ static int request_queue_len = 0; static MemPool *aio_request_pool = NULL; static MemPool *aio_thread_pool = NULL; static aio_request_queue_t request_queue; -static struct { aio_request_t *head, **tailp; } request_queue2 = { NULL, &request_queue2.head }; +static struct { + aio_request_t *head, **tailp; +} request_queue2 = { + + NULL, &request_queue2.head +}; static aio_request_queue_t done_queue; -static struct { aio_request_t *head, **tailp; } done_requests = { NULL, &done_requests.head }; +static struct { + aio_request_t *head, **tailp; +} done_requests = { + + NULL, &done_requests.head +}; static pthread_attr_t globattr; static struct sched_param globsched; static pthread_t main_thread; @@ -167,16 +177,16 @@ { MemPool *p; if (size <= AIO_LARGE_BUFS) { - if (size <= AIO_MICRO_BUFS) - p = aio_micro_bufs; + if (size <= AIO_MICRO_BUFS) + p = aio_micro_bufs; else if (size <= AIO_TINY_BUFS) - p = aio_tiny_bufs; - else if (size <= AIO_SMALL_BUFS) - p = aio_small_bufs; - else if (size <= AIO_MEDIUM_BUFS) - p = aio_medium_bufs; - else - p = aio_large_bufs; + p = aio_tiny_bufs; + else if (size <= AIO_SMALL_BUFS) + p = aio_small_bufs; + else if (size <= AIO_MEDIUM_BUFS) + p = aio_medium_bufs; + else + p = aio_large_bufs; } else p = NULL; return p; @@ -188,7 +198,7 @@ void *p; MemPool *pool; - if ( (pool = aio_get_pool(size)) != NULL) { + if ((pool = aio_get_pool(size)) != NULL) { p = memPoolAlloc(pool); } else p = xmalloc(size); @@ -200,7 +210,7 @@ aio_xstrdup(const char *str) { char *p; - int len = strlen(str)+1; + int len = strlen(str) + 1; p = aio_xmalloc(len); strncpy(p, str, len); @@ -213,22 +223,22 @@ { MemPool *pool; - if ( (pool = aio_get_pool(size)) != NULL) { - memPoolFree(pool, p); + if ((pool = aio_get_pool(size)) != NULL) { + memPoolFree(pool, p); } else - xfree(p); + xfree(p); } static void aio_xstrfree(char *str) { MemPool *pool; - int len = strlen(str)+1; + int len = strlen(str) + 1; - if ( (pool = aio_get_pool(len)) != NULL) { - memPoolFree(pool, str); + if ((pool = aio_get_pool(len)) != NULL) { + memPoolFree(pool, str); } else - xfree(str); + xfree(str); } static void @@ -335,16 +345,16 @@ threadp->current_req = request = NULL; request = NULL; /* Get a request to process */ - threadp->status = _THREAD_WAITING; + threadp->status = _THREAD_WAITING; pthread_mutex_lock(&request_queue.mutex); - while(!request_queue.head) { + while (!request_queue.head) { pthread_cond_wait(&request_queue.cond, &request_queue.mutex); } request = request_queue.head; if (request) request_queue.head = request->next; - if (!request_queue.head) - request_queue.tailp = &request_queue.head; + if (!request_queue.head) + request_queue.tailp = &request_queue.head; pthread_mutex_unlock(&request_queue.mutex); /* process the request */ threadp->status = _THREAD_BUSY; @@ -404,7 +414,7 @@ { static int high_start = 0; debug(41, 9) ("aio_queue_request: %p type=%d result=%p\n", - request, request->request_type, request->resultp); + request, request->request_type, request->resultp); /* Mark it as not executed (failing result, no error) */ request->ret = -1; request->err = 0; @@ -420,11 +430,11 @@ request_queue.tailp = &request->next; pthread_cond_signal(&request_queue.cond); pthread_mutex_unlock(&request_queue.mutex); - } else { + } else { /* Oops, the request queue is blocked, use request_queue2 */ *request_queue2.tailp = request; request_queue2.tailp = &request->next; - } + } } else { /* Secondary path. We have blocked requests to deal with */ /* add the request to the chain */ @@ -469,7 +479,7 @@ debug(43, 1) ("aio_queue_request: WARNING - Disk I/O overloading\n"); if (squid_curtime >= (high_start + 15)) debug(43, 1) ("aio_queue_request: Queue Length: current=%d, high=%d, low=%d, duration=%d\n", - request_queue_len, queue_high, queue_low, squid_curtime - high_start); + request_queue_len, queue_high, queue_low, squid_curtime - high_start); last_warn = squid_curtime; } } else { @@ -541,7 +551,7 @@ if (request && request->resultp == resultp) { debug(41, 9) ("aio_cancel: %p type=%d result=%p\n", - request, request->request_type, request->resultp); + request, request->request_type, request->resultp); request->cancelled = 1; request->resultp = NULL; resultp->_data = NULL; @@ -776,7 +786,7 @@ { /* kick "overflow" request queue */ if (request_queue2.head && - pthread_mutex_trylock(&request_queue.mutex) == 0) { + pthread_mutex_trylock(&request_queue.mutex) == 0) { *request_queue.tailp = request_queue2.head; request_queue.tailp = request_queue2.tailp; pthread_cond_signal(&request_queue.cond); @@ -792,15 +802,23 @@ pthread_mutex_unlock(&done_queue.mutex); *done_requests.tailp = requests; request_queue_len -= 1; - while(requests->next) { + while (requests->next) { requests = requests->next; request_queue_len -= 1; } done_requests.tailp = &requests->next; } /* Give up the CPU to allow the threads to do their work */ + /* + * For Andres thoughts about yield(), see + * http://www.squid-cache.org/mail-archive/squid-dev/200012/0001.html + */ if (done_queue.head || request_queue.head) +#ifndef _SQUID_SOLARIS_ sched_yield(); +#else + yield(); +#endif } aio_result_t * @@ -822,7 +840,7 @@ return NULL; } debug(41, 9) ("aio_poll_done: %p type=%d result=%p\n", - request, request->request_type, request->resultp); + request, request->request_type, request->resultp); done_requests.head = request->next; if (!done_requests.head) done_requests.tailp = &done_requests.head; Index: squid/src/fs/aufs/async_io.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/aufs/async_io.c,v retrieving revision 1.3 retrieving revision 1.3.4.1 diff -u -r1.3 -r1.3.4.1 --- squid/src/fs/aufs/async_io.c 11 Nov 2000 09:40:02 -0000 1.3 +++ squid/src/fs/aufs/async_io.c 27 Feb 2001 14:18:54 -0000 1.3.4.1 @@ -6,17 +6,17 @@ * AUTHOR: Pete Bentley * AUTHOR: Stewart Forster * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * Duane Wessels and the University of California San Diego. Please - * see the COPYRIGHT file for full details. Squid incorporates - * software developed and/or copyrighted by other sources. Please see - * the CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -298,22 +298,22 @@ AIOCB *done_handler; void *their_data; int retval = 0; - + assert(initialised); aio_counts.check_callback++; for (;;) { if ((resultp = aio_poll_done()) == NULL) break; - ctrlp = (aio_ctrl_t *)resultp->data; + ctrlp = (aio_ctrl_t *) resultp->data; if (ctrlp == NULL) - continue; /* XXX Should not happen */ + continue; /* XXX Should not happen */ dlinkDelete(&ctrlp->node, &used_list); if ((done_handler = ctrlp->done_handler)) { their_data = ctrlp->done_handler_data; ctrlp->done_handler = NULL; ctrlp->done_handler_data = NULL; if (cbdataValid(their_data)) { - retval = 1; /* Return that we've actually done some work */ + retval = 1; /* Return that we've actually done some work */ done_handler(ctrlp->fd, their_data, ctrlp->result.aio_return, ctrlp->result.aio_errno); } Index: squid/src/fs/aufs/store_asyncufs.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/aufs/store_asyncufs.h,v retrieving revision 1.3 retrieving revision 1.3.4.1 diff -u -r1.3 -r1.3.4.1 --- squid/src/fs/aufs/store_asyncufs.h 11 Nov 2000 09:40:02 -0000 1.3 +++ squid/src/fs/aufs/store_asyncufs.h 27 Feb 2001 14:18:54 -0000 1.3.4.1 @@ -28,8 +28,8 @@ struct _aio_result_t { int aio_return; int aio_errno; - void *_data; /* Internal housekeeping */ - void *data; /* Available to the caller */ + void *_data; /* Internal housekeeping */ + void *data; /* Available to the caller */ }; typedef struct _aio_result_t aio_result_t; Index: squid/src/fs/aufs/store_dir_aufs.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/aufs/store_dir_aufs.c,v retrieving revision 1.5 retrieving revision 1.5.4.1 diff -u -r1.5 -r1.5.4.1 --- squid/src/fs/aufs/store_dir_aufs.c 11 Nov 2000 09:40:02 -0000 1.5 +++ squid/src/fs/aufs/store_dir_aufs.c 27 Feb 2001 14:18:54 -0000 1.5.4.1 @@ -5,17 +5,17 @@ * DEBUG: section 47 Store Directory Routines * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * Duane Wessels and the University of California San Diego. Please - * see the COPYRIGHT file for full details. Squid incorporates - * software developed and/or copyrighted by other sources. Please see - * the CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -34,11 +34,6 @@ */ #include "squid.h" -#if HAVE_STATVFS -#if HAVE_SYS_STATVFS_H -#include -#endif -#endif #include "store_asyncufs.h" @@ -119,11 +114,13 @@ static int storeAufsDirIs(SwapDir * sd); static int storeAufsFilenoBelongsHere(int fn, int F0, int F1, int F2); static int storeAufsCleanupDoubleCheck(SwapDir *, StoreEntry *); -static int storeAufsCheckFile(SwapDir * sd, sfileno filn, size_t swap_file_sz ); static void storeAufsDirStats(SwapDir *, StoreEntry *); static void storeAufsDirInitBitmap(SwapDir *); static int storeAufsDirValidFileno(SwapDir *, sfileno, int); +/* The MAIN externally visible function */ +STSETUP storeFsSetup_aufs; + /* * These functions were ripped straight out of the heart of store_dir.c. * They assume that the given filenum is on a asyncufs partiton, which may or @@ -131,7 +128,7 @@ * XXX this evilness should be tidied up at a later date! */ -int +static int storeAufsDirMapBitTest(SwapDir * SD, int fn) { sfileno filn = fn; @@ -140,7 +137,7 @@ return file_map_bit_test(aioinfo->map, filn); } -void +static void storeAufsDirMapBitSet(SwapDir * SD, int fn) { sfileno filn = fn; @@ -371,6 +368,7 @@ eventAdd("storeDirClean", storeAufsDirCleanEvent, NULL, 15.0, 1); started_clean_event = 1; } + (void) storeDirGetBlkSize(sd->path, &sd->fs.blksize); } static void @@ -478,7 +476,6 @@ debug(20, 1) ("storeAufsDirRebuildFromDirectory: SIZE MISMATCH %d!=%d\n", tmpe.swap_file_sz, (int) sb.st_size); storeAufsDirUnlinkFile(SD, sfileno); - rb->counts.filesizemismatchcount++; continue; } if (EBIT_TEST(tmpe.flags, KEY_PRIVATE)) { @@ -526,7 +523,6 @@ int count; int used; /* is swapfile already in use? */ int disk_entry_newer; /* is the log entry newer than current entry? */ - int file_bad; double x; assert(rb != NULL); /* load a number of objects per invocation */ @@ -573,8 +569,8 @@ */ storeExpireNow(e); storeReleaseRequest(e); - storeAufsDirReplRemove(e); if (e->swap_filen > -1) { + storeAufsDirReplRemove(e); storeAufsDirMapBitReset(SD, e->swap_filen); e->swap_filen = -1; e->swap_dirn = -1; @@ -612,21 +608,7 @@ * appear to have a newer entry? Compare 'lastref' from the * swap log to e->lastref. */ disk_entry_newer = e ? (s.lastref > e->lastref ? 1 : 0) : 0; - if (!used && (rb->flags.need_to_validate || - (opt_store_doublecheck != DBLCHECK_NONE))){ - file_bad = storeAufsCheckFile(SD, s.swap_filen, s.swap_file_sz); - } else - file_bad = 0; - if (file_bad){ - if (file_bad==-2){ - if (opt_store_doublecheck == DBLCHECK_FORCE) - storeAufsDirUnlinkFile(SD, s.swap_filen); - rb->counts.filesizemismatchcount++; - continue; - } - rb->counts.missingcount++; - continue; - } else if (used && !disk_entry_newer) { + if (used && !disk_entry_newer) { /* log entry is old, ignore it */ rb->counts.clashcount++; continue; @@ -675,8 +657,8 @@ /* junk old, load new */ storeExpireNow(e); storeReleaseRequest(e); - storeAufsDirReplRemove(e); if (e->swap_filen > -1) { + storeAufsDirReplRemove(e); /* Make sure we don't actually unlink the file */ storeAufsDirMapBitReset(SD, e->swap_filen); e->swap_filen = -1; @@ -836,14 +818,18 @@ return e; } +CBDATA_TYPE(RebuildState); + static void storeAufsDirRebuild(SwapDir * sd) { - RebuildState *rb = xcalloc(1, sizeof(*rb)); + RebuildState *rb; int clean = 0; int zero = 0; FILE *fp; EVH *func = NULL; + CBDATA_INIT_TYPE(RebuildState); + rb = CBDATA_ALLOC(RebuildState, NULL); rb->sd = sd; rb->speed = opt_foreground_rebuild ? 1 << 30 : 50; /* @@ -867,7 +853,6 @@ debug(20, 1) ("Rebuilding storage in %s (%s)\n", sd->path, clean ? "CLEAN" : "DIRTY"); store_dirs_rebuilding++; - cbdataAdd(rb, cbdataXfree, 0); eventAdd("storeRebuild", func, rb, 0.0, 1); } @@ -971,17 +956,20 @@ struct stat sb; sd->log.clean.write = NULL; sd->log.clean.state = NULL; - state->cur = xstrdup(storeAufsDirSwapLogFile(sd, NULL)); state->new = xstrdup(storeAufsDirSwapLogFile(sd, ".clean")); + state->fd = file_open(state->new, O_WRONLY | O_CREAT | O_TRUNC); + if (state->fd < 0) { + xfree(state->new); + xfree(state); + return -1; + } + state->cur = xstrdup(storeAufsDirSwapLogFile(sd, NULL)); state->cln = xstrdup(storeAufsDirSwapLogFile(sd, ".last-clean")); state->outbuf = xcalloc(CLEAN_BUF_SZ, 1); state->outbuf_offset = 0; state->walker = sd->repl->WalkInit(sd->repl); unlink(state->new); unlink(state->cln); - state->fd = file_open(state->new, O_WRONLY | O_CREAT | O_TRUNC); - if (state->fd < 0) - return -1; debug(20, 3) ("storeDirWriteCleanLogs: opened %s, FD %d\n", state->new, state->fd); #if HAVE_FCHMOD @@ -1049,6 +1037,8 @@ storeAufsDirWriteCleanDone(SwapDir * sd) { struct _clean_state *state = sd->log.clean.state; + if (NULL == state) + return; if (state->fd < 0) return; state->walker->Done(state->walker); @@ -1346,6 +1336,7 @@ removed++; storeRelease(e); } + walker->Done(walker); debug(20, (removed ? 2 : 3)) ("storeUfsDirMaintain: %s removed %d/%d f=%.03f max_scan=%d\n", SD->path, removed, max_remove, f, max_scan); } @@ -1457,11 +1448,12 @@ void storeAufsDirStats(SwapDir * SD, StoreEntry * sentry) { - aioinfo_t *aioinfo; -#if HAVE_STATVFS - struct statvfs sfs; -#endif - aioinfo = (aioinfo_t *) SD->fsdata; + aioinfo_t *aioinfo = SD->fsdata; + int totl_kb = 0; + int free_kb = 0; + int totl_in = 0; + int free_in = 0; + int x; storeAppendPrintf(sentry, "First level subdirectories: %d\n", aioinfo->l1); storeAppendPrintf(sentry, "Second level subdirectories: %d\n", aioinfo->l2); storeAppendPrintf(sentry, "Maximum Size: %d KB\n", SD->max_size); @@ -1471,20 +1463,17 @@ storeAppendPrintf(sentry, "Filemap bits in use: %d of %d (%d%%)\n", aioinfo->map->n_files_in_map, aioinfo->map->max_n_files, percent(aioinfo->map->n_files_in_map, aioinfo->map->max_n_files)); -#if HAVE_STATVFS -#define fsbtoblk(num, fsbs, bs) \ - (((fsbs) != 0 && (fsbs) < (bs)) ? \ - (num) / ((bs) / (fsbs)) : (num) * ((fsbs) / (bs))) - if (!statvfs(SD->path, &sfs)) { + x = storeDirGetUFSStats(SD->path, &totl_kb, &free_kb, &totl_in, &free_in); + if (0 == x) { storeAppendPrintf(sentry, "Filesystem Space in use: %d/%d KB (%d%%)\n", - fsbtoblk((sfs.f_blocks - sfs.f_bfree), sfs.f_frsize, 1024), - fsbtoblk(sfs.f_blocks, sfs.f_frsize, 1024), - percent(sfs.f_blocks - sfs.f_bfree, sfs.f_blocks)); + totl_kb - free_kb, + totl_kb, + percent(totl_kb - free_kb, totl_kb)); storeAppendPrintf(sentry, "Filesystem Inodes in use: %d/%d (%d%%)\n", - sfs.f_files - sfs.f_ffree, sfs.f_files, - percent(sfs.f_files - sfs.f_ffree, sfs.f_files)); + totl_in - free_in, + totl_in, + percent(totl_in - free_in, totl_in)); } -#endif storeAppendPrintf(sentry, "Flags:"); if (SD->flags.selected) storeAppendPrintf(sentry, " SELECTED"); @@ -1502,20 +1491,27 @@ #endif /* OLD_UNUSED_CODE */ } +static struct cache_dir_option options[] = +{ +#if NOT_YET_DONE + {"L1", storeAufsDirParseL1}, + {"L2", storeAufsDirParseL2}, +#endif + {NULL, NULL} +}; + /* * storeAufsDirReconfigure * * This routine is called when the given swapdir needs reconfiguring */ -void +static void storeAufsDirReconfigure(SwapDir * sd, int index, char *path) { - char *token; int i; int size; int l1; int l2; - unsigned int read_only = 0; i = GetInteger(); size = i << 10; /* Mbytes to kbytes */ @@ -1529,9 +1525,6 @@ l2 = i; if (l2 <= 0) fatal("storeAufsDirReconfigure: invalid level 2 directories value"); - if ((token = strtok(NULL, w_space))) - if (!strcasecmp(token, "read-only")) - read_only = 1; /* just reconfigure it */ if (size == sd->max_size) @@ -1541,10 +1534,9 @@ debug(3, 1) ("Cache dir '%s' size changed to %d KB\n", path, size); sd->max_size = size; - if (sd->flags.read_only != read_only) - debug(3, 1) ("Cache dir '%s' now %s\n", - path, read_only ? "Read-Only" : "Read-Write"); - sd->flags.read_only = read_only; + + parse_cachedir_options(sd, options, 0); + return; } @@ -1603,52 +1595,39 @@ static int storeAufsCleanupDoubleCheck(SwapDir * sd, StoreEntry * e) { - int rv= storeAufsCheckFile(sd, e->swap_filen, e->swap_file_sz); - if (rv) storeEntryDump(e, 0); - return rv; -} - -/* - * storeAufsCheckFile - * - * This is called by storerebuildFromSwapLog if -S was given on the command - * line. or a Dirty state is found - */ -static int -storeAufsCheckFile(SwapDir * sd, sfileno filen, size_t swap_file_sz ) -{ struct stat sb; - - if (stat(storeAufsDirFullPath(sd, filen, NULL), &sb) < 0) { - debug(20, 1) ("storeAufsCheckFile: MISSING SWAP FILE\n"); - debug(20, 1) ("storeAufsCheckFile: FILENO %08X\n", filen); - debug(20, 1) ("storeAufsCheckFile: PATH %s\n", storeAufsDirFullPath(sd, filen, NULL)); - return -1; - } - if (swap_file_sz != sb.st_size) { - debug(20, 1) ("storeAufsCheckFile: SIZE MISMATCH\n"); - debug(20, 1) ("storeAufsCheckFile: FILENO %08X\n", filen); - debug(20, 1) ("storeAufsCheckFile: PATH %s\n", storeAufsDirFullPath(sd, filen, NULL)); - debug(20, 1) ("storeAufsCheckFile: ENTRY SIZE: %d, FILE SIZE: %d\n", swap_file_sz, (int) sb.st_size); - return -2; + if (stat(storeAufsDirFullPath(sd, e->swap_filen, NULL), &sb) < 0) { + debug(20, 0) ("storeAufsCleanupDoubleCheck: MISSING SWAP FILE\n"); + debug(20, 0) ("storeAufsCleanupDoubleCheck: FILENO %08X\n", e->swap_filen); + debug(20, 0) ("storeAufsCleanupDoubleCheck: PATH %s\n", + storeAufsDirFullPath(sd, e->swap_filen, NULL)); + storeEntryDump(e, 0); + return -1; + } + if (e->swap_file_sz != sb.st_size) { + debug(20, 0) ("storeAufsCleanupDoubleCheck: SIZE MISMATCH\n"); + debug(20, 0) ("storeAufsCleanupDoubleCheck: FILENO %08X\n", e->swap_filen); + debug(20, 0) ("storeAufsCleanupDoubleCheck: PATH %s\n", + storeAufsDirFullPath(sd, e->swap_filen, NULL)); + debug(20, 0) ("storeAufsCleanupDoubleCheck: ENTRY SIZE: %d, FILE SIZE: %d\n", + e->swap_file_sz, (int) sb.st_size); + storeEntryDump(e, 0); + return -1; } return 0; } /* - * storeAufsDirParse - * + * storeAufsDirParse * * Called when a *new* fs is being setup. */ -void +static void storeAufsDirParse(SwapDir * sd, int index, char *path) { - char *token; int i; int size; int l1; int l2; - unsigned int read_only = 0; aioinfo_t *aioinfo; i = GetInteger(); @@ -1663,9 +1642,6 @@ l2 = i; if (l2 <= 0) fatal("storeAufsDirParse: invalid level 2 directories value"); - if ((token = strtok(NULL, w_space))) - if (!strcasecmp(token, "read-only")) - read_only = 1; aioinfo = xmalloc(sizeof(aioinfo_t)); if (aioinfo == NULL) @@ -1680,7 +1656,6 @@ aioinfo->swaplog_fd = -1; aioinfo->map = NULL; /* Debugging purposes */ aioinfo->suggest = 0; - sd->flags.read_only = read_only; sd->init = storeAufsDirInit; sd->newfs = storeAufsDirNewfs; sd->dump = storeAufsDirDump; @@ -1706,6 +1681,8 @@ sd->log.clean.nextentry = storeAufsDirCleanLogNextEntry; sd->log.clean.done = storeAufsDirWriteCleanDone; + parse_cachedir_options(sd, options, 0); + /* Initialise replacement policy stuff */ sd->repl = createRemovalPolicy(Config.replPolicy); } @@ -1713,7 +1690,7 @@ /* * Initial setup / end destruction */ -void +static void storeAufsDirDone(void) { aioDone(); Index: squid/src/fs/aufs/store_io_aufs.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/aufs/store_io_aufs.c,v retrieving revision 1.3 retrieving revision 1.3.4.1 diff -u -r1.3 -r1.3.4.1 --- squid/src/fs/aufs/store_io_aufs.c 11 Nov 2000 09:40:03 -0000 1.3 +++ squid/src/fs/aufs/store_io_aufs.c 27 Feb 2001 14:18:55 -0000 1.3.4.1 @@ -20,7 +20,7 @@ static AIOCB storeAufsOpenDone; static int storeAufsSomethingPending(storeIOState *); static int storeAufsKickWriteQueue(storeIOState * sio); -static void storeAufsIOFreeEntry(void *, int); +static CBDUNL storeAufsIOFreeEntry; /* === PUBLIC =========================================================== */ @@ -51,8 +51,7 @@ return NULL; } #endif - sio = memAllocate(MEM_STORE_IO); - cbdataAdd(sio, storeAufsIOFreeEntry, MEM_STORE_IO); + sio = CBDATA_ALLOC(storeIOState, storeAufsIOFreeEntry); sio->fsstate = memPoolAlloc(aio_state_pool); ((aiostate_t *) (sio->fsstate))->fd = -1; ((aiostate_t *) (sio->fsstate))->flags.opening = 1; @@ -106,8 +105,7 @@ return NULL; } #endif - sio = memAllocate(MEM_STORE_IO); - cbdataAdd(sio, storeAufsIOFreeEntry, MEM_STORE_IO); + sio = CBDATA_ALLOC(storeIOState, storeAufsIOFreeEntry); sio->fsstate = memPoolAlloc(aio_state_pool); ((aiostate_t *) (sio->fsstate))->fd = -1; ((aiostate_t *) (sio->fsstate))->flags.opening = 1; @@ -219,13 +217,6 @@ return; } aiostate->flags.writing = 1; - /* - * XXX it might be nice if aioWrite() gave is immediate - * feedback here about EWOULDBLOCK instead of in the - * callback function - * XXX Should never give EWOULDBLOCK under normal operations - * if it does then the MAGIC1/2 tuning is wrong. - */ aioWrite(aiostate->fd, offset, buf, size, storeAufsWriteDone, sio, free_func); #else @@ -299,13 +290,6 @@ debug(78, 3) ("storeAufsOpenDone: exiting\n"); } -/* - * XXX TODO - * if errflag == EWOULDBLOCK, then we'll need to re-queue the - * chunk at the beginning of the write_pending list and try - * again later. - * XXX Should not normally happen. - */ #if ASYNC_READ static void storeAufsReadDone(int fd, void *my_data, int len, int errflag) @@ -339,7 +323,7 @@ errflag = DISK_OK; #else if (errflag == DISK_EOF) - errflag = DISK_OK; /* EOF is signalled by len == 0, not errors... */ + errflag = DISK_OK; /* EOF is signalled by len == 0, not errors... */ #endif assert(callback); assert(their_data); @@ -353,13 +337,6 @@ storeAufsIOCallback(sio, errflag); } -/* - * XXX TODO - * if errflag == EWOULDBLOCK, then we'll need to re-queue the - * chunk at the beginning of the write_pending list and try - * again later. - * XXX Should not normally happen. - */ #if ASYNC_WRITE static void storeAufsWriteDone(int fd, void *my_data, int len, int errflag) @@ -453,12 +430,12 @@ /* - * We can't pass memFree() as a free function here, because we need to free - * the fsstate variable .. + * Clean up references from the SIO before it gets released. + * The actuall SIO is managed by cbdata so we do not need + * to bother with that. */ static void -storeAufsIOFreeEntry(void *sio, int foo) +storeAufsIOFreeEntry(void *sio) { memPoolFree(aio_state_pool, ((storeIOState *) sio)->fsstate); - memFree(sio, MEM_STORE_IO); } Index: squid/src/fs/coss/store_coss.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/coss/store_coss.h,v retrieving revision 1.2 retrieving revision 1.2.8.1 diff -u -r1.2 -r1.2.8.1 --- squid/src/fs/coss/store_coss.h 21 Oct 2000 16:44:45 -0000 1.2 +++ squid/src/fs/coss/store_coss.h 27 Feb 2001 14:18:55 -0000 1.2.8.1 @@ -82,6 +82,6 @@ extern off_t storeCossAllocate(SwapDir * SD, const StoreEntry * e, int which); extern void storeCossAdd(SwapDir *, StoreEntry *); extern void storeCossRemove(SwapDir *, StoreEntry *); -extern void storeCossStartMembuf(SwapDir *SD); +extern void storeCossStartMembuf(SwapDir * SD); #endif Index: squid/src/fs/coss/store_dir_coss.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/coss/store_dir_coss.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/fs/coss/store_dir_coss.c 3 Nov 2000 08:39:21 -0000 1.3 +++ squid/src/fs/coss/store_dir_coss.c 27 Feb 2001 14:18:55 -0000 1.3.6.1 @@ -5,17 +5,17 @@ * DEBUG: section 81 Store COSS Directory Routines * AUTHOR: Eric Stern * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * Duane Wessels and the University of California San Diego. Please - * see the COPYRIGHT file for full details. Squid incorporates - * software developed and/or copyrighted by other sources. Please see - * the CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -42,7 +42,6 @@ int n_coss_dirs = 0; /* static int last_coss_pick_index = -1; */ int coss_initialised = 0; -MemPool *coss_membuf_pool = NULL; MemPool *coss_state_pool = NULL; MemPool *coss_index_pool = NULL; @@ -88,6 +87,9 @@ static STFSRECONFIGURE storeCossDirReconfigure; static STDUMP storeCossDirDump; +/* The "only" externally visible function */ +STSETUP storeFsSetup_coss; + static char * storeCossDirSwapLogFile(SwapDir * sd, const char *ext) { @@ -153,6 +155,7 @@ storeCossDirRebuild(sd); cs->fd = file_open(sd->path, O_RDWR | O_CREAT); n_coss_dirs++; + (void) storeDirGetBlkSize(sd->path, &sd->fs.blksize); } void @@ -326,15 +329,17 @@ return e; } +CBDATA_TYPE(RebuildState); static void storeCossDirRebuild(SwapDir * sd) { - RebuildState *rb = xcalloc(1, sizeof(*rb)); + RebuildState *rb; int clean = 0; int zero = 0; FILE *fp; EVH *func = NULL; - cbdataAdd(rb, cbdataXfree, 0); + CBDATA_INIT_TYPE(RebuildState); + rb = CBDATA_ALLOC(RebuildState, NULL); rb->sd = sd; rb->speed = opt_foreground_rebuild ? 1 << 30 : 50; func = storeCossRebuildFromSwapLog; @@ -467,18 +472,21 @@ CossInfo *cs = (CossInfo *) sd->fsdata; struct _clean_state *state = xcalloc(1, sizeof(*state)); struct stat sb; + state->new = xstrdup(storeCossDirSwapLogFile(sd, ".clean")); + state->fd = file_open(state->new, O_WRONLY | O_CREAT | O_TRUNC); + if (state->fd < 0) { + xfree(state->new); + xfree(state); + return -1; + } sd->log.clean.write = NULL; sd->log.clean.state = NULL; state->cur = xstrdup(storeCossDirSwapLogFile(sd, NULL)); - state->new = xstrdup(storeCossDirSwapLogFile(sd, ".clean")); state->cln = xstrdup(storeCossDirSwapLogFile(sd, ".last-clean")); state->outbuf = xcalloc(CLEAN_BUF_SZ, 1); state->outbuf_offset = 0; unlink(state->new); unlink(state->cln); - state->fd = file_open(state->new, O_WRONLY | O_CREAT | O_TRUNC); - if (state->fd < 0) - return -1; state->current = cs->index.tail; debug(20, 3) ("storeCOssDirWriteCleanLogs: opened %s, FD %d\n", state->new, state->fd); @@ -549,6 +557,8 @@ storeCossDirWriteCleanDone(SwapDir * sd) { struct _clean_state *state = sd->log.clean.state; + if (NULL == state) + return; if (state->fd < 0) return; if (write(state->fd, state->outbuf, state->outbuf_offset) < 0) { @@ -672,7 +682,7 @@ /* ========== LOCAL FUNCTIONS ABOVE, GLOBAL FUNCTIONS BELOW ========== */ -void +static void storeCossDirStats(SwapDir * SD, StoreEntry * sentry) { CossInfo *cs = (CossInfo *) SD->fsdata; @@ -700,19 +710,14 @@ static void storeCossDirParse(SwapDir * sd, int index, char *path) { - char *token; unsigned int i; unsigned int size; - unsigned int read_only = 0; CossInfo *cs; i = GetInteger(); size = i << 10; /* Mbytes to Kbytes */ if (size <= 0) fatal("storeCossDirParse: invalid size value"); - if ((token = strtok(NULL, w_space))) - if (!strcasecmp(token, "read-only")) - read_only = 1; cs = xmalloc(sizeof(CossInfo)); if (cs == NULL) @@ -725,7 +730,6 @@ cs->fd = -1; cs->swaplog_fd = -1; - sd->flags.read_only = read_only; sd->init = storeCossDirInit; sd->newfs = storeCossDirNewfs; @@ -763,24 +767,21 @@ cs->current_membuf = cs->membufs; cs->index.head = NULL; cs->index.tail = NULL; + + parse_cachedir_options(sd, NULL, 0); } static void storeCossDirReconfigure(SwapDir * sd, int index, char *path) { - char *token; unsigned int i; unsigned int size; - unsigned int read_only = 0; i = GetInteger(); size = i << 10; /* Mbytes to Kbytes */ if (size <= 0) fatal("storeCossDirParse: invalid size value"); - if ((token = strtok(NULL, w_space))) - if (!strcasecmp(token, "read-only")) - read_only = 1; if (size == sd->max_size) debug(3, 1) ("Cache COSS dir '%s' size remains unchanged at %d KB\n", path, size); @@ -788,11 +789,7 @@ debug(3, 1) ("Cache COSS dir '%s' size changed to %d KB\n", path, size); sd->max_size = size; } - - if (read_only != sd->flags.read_only) { - debug(3, 1) ("Cache COSS dir '%s' now %s\n", path, read_only ? "Read-Only" : "Read-Write"); - sd->flags.read_only = read_only; - } + parse_cachedir_options(sd, NULL, 1); } void @@ -852,7 +849,6 @@ static void storeCossDirDone(void) { - memPoolDestroy(coss_membuf_pool); memPoolDestroy(coss_state_pool); coss_initialised = 0; } @@ -865,7 +861,6 @@ storefs->parsefunc = storeCossDirParse; storefs->reconfigurefunc = storeCossDirReconfigure; storefs->donefunc = storeCossDirDone; - coss_membuf_pool = memPoolCreate("COSS Membuf data", sizeof(CossMemBuf)); coss_state_pool = memPoolCreate("COSS IO State data", sizeof(CossState)); coss_index_pool = memPoolCreate("COSS index data", sizeof(CossIndexNode)); coss_initialised = 1; Index: squid/src/fs/coss/store_io_coss.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/coss/store_io_coss.c,v retrieving revision 1.2 retrieving revision 1.2.8.1 diff -u -r1.2 -r1.2.8.1 --- squid/src/fs/coss/store_io_coss.c 21 Oct 2000 16:44:45 -0000 1.2 +++ squid/src/fs/coss/store_io_coss.c 27 Feb 2001 14:18:55 -0000 1.2.8.1 @@ -5,28 +5,28 @@ * DEBUG: section 81 Storage Manager COSS Interface * AUTHOR: Eric Stern * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * Duane Wessels and the University of California San Diego. Please - * see the COPYRIGHT file for full details. Squid incorporates - * software developed and/or copyrighted by other sources. Please see - * the CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. @@ -46,8 +46,8 @@ static void storeCossWriteMemBufDone(int fd, int errflag, size_t len, void *my_data); static CossMemBuf *storeCossCreateMemBuf(SwapDir * SD, size_t start, sfileno curfn, int *collision); -static void storeCossIOFreeEntry(void *, int); -static void storeCossMembufFree(void *, int); +static CBDUNL storeCossIOFreeEntry; +static CBDUNL storeCossMembufFree; /* === PUBLIC =========================================================== */ @@ -128,8 +128,7 @@ CossState *cstate; storeIOState *sio; - sio = memAllocate(MEM_STORE_IO); - cbdataAdd(sio, storeCossIOFreeEntry, MEM_STORE_IO); + sio = CBDATA_ALLOC(storeIOState, storeCossIOFreeEntry); cstate = memPoolAlloc(coss_state_pool); sio->fsstate = cstate; sio->offset = 0; @@ -173,8 +172,7 @@ debug(81, 3) ("storeCossOpen: offset %d\n", f); - sio = memAllocate(MEM_STORE_IO); - cbdataAdd(sio, storeCossIOFreeEntry, MEM_STORE_IO); + sio = CBDATA_ALLOC(storeIOState, storeCossIOFreeEntry); cstate = memPoolAlloc(coss_state_pool); sio->fsstate = cstate; @@ -417,7 +415,7 @@ int end; if (!cs->membufs) return; - for (t=cs->membufs; t; t = t->next) { + for (t = cs->membufs; t; t = t->next) { if (t->flags.writing) sleep(5); lseek(cs->fd, t->diskstart, SEEK_SET); @@ -432,7 +430,6 @@ CossInfo *cs = (CossInfo *) SD->fsdata; debug(81, 3) ("storeCossWriteMemBuf: offset %d, len %d\n", t->diskstart, t->diskend - t->diskstart); - cbdataAdd(t, storeCossMembufFree, 0); t->flags.writing = 1; file_write(cs->fd, t->diskstart, &t->buffer, t->diskend - t->diskstart, storeCossWriteMemBufDone, t, NULL); @@ -469,6 +466,7 @@ cbdataFree(t); } +CBDATA_TYPE(CossMemBuf); static CossMemBuf * storeCossCreateMemBuf(SwapDir * SD, size_t start, sfileno curfn, int *collision) @@ -479,7 +477,8 @@ int numreleased = 0; CossInfo *cs = (CossInfo *) SD->fsdata; - newmb = memPoolAlloc(coss_membuf_pool); + CBDATA_INIT_TYPE(CossMemBuf); + newmb = CBDATA_ALLOC(CossMemBuf, storeCossMembufFree); newmb->diskstart = start; debug(81, 3) ("storeCossCreateMemBuf: creating new membuf at %d\n", newmb->diskstart); newmb->diskend = newmb->diskstart + COSS_MEMBUF_SZ - 1; @@ -517,7 +516,7 @@ * Creates the initial membuf after rebuild */ void -storeCossStartMembuf(SwapDir *sd) +storeCossStartMembuf(SwapDir * sd) { CossInfo *cs = (CossInfo *) sd->fsdata; CossMemBuf *newmb = storeCossCreateMemBuf(sd, cs->current_offset, -1, NULL); @@ -530,7 +529,7 @@ * the fsstate variable .. */ static void -storeCossIOFreeEntry(void *sio, int foo) +storeCossIOFreeEntry(void *sio) { memPoolFree(coss_state_pool, ((storeIOState *) sio)->fsstate); memFree(sio, MEM_STORE_IO); @@ -542,7 +541,7 @@ * So we have this hack here .. */ static void -storeCossMembufFree(void *mb, int foo) +storeCossMembufFree(void *mb) { - memPoolFree(coss_membuf_pool, mb); + cbdataFree(mb); } Index: squid/src/fs/diskd/diskd.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/diskd/diskd.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- squid/src/fs/diskd/diskd.c 14 Nov 2000 13:03:48 -0000 1.4 +++ squid/src/fs/diskd/diskd.c 27 Feb 2001 14:18:55 -0000 1.4.2.1 @@ -4,28 +4,28 @@ * DEBUG: section -- External DISKD process implementation. * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. @@ -248,7 +248,7 @@ } } -int +static int fsCmp(const void *a, const void *b) { const int *A = a; @@ -256,7 +256,7 @@ return *A != *B; } -unsigned int +static unsigned int fsHash(const void *key, unsigned int n) { /* note, n must be a power of 2! */ Index: squid/src/fs/diskd/store_dir_diskd.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/diskd/store_dir_diskd.c,v retrieving revision 1.4 retrieving revision 1.4.4.1 diff -u -r1.4 -r1.4.4.1 --- squid/src/fs/diskd/store_dir_diskd.c 10 Nov 2000 16:36:46 -0000 1.4 +++ squid/src/fs/diskd/store_dir_diskd.c 27 Feb 2001 14:18:55 -0000 1.4.4.1 @@ -5,28 +5,28 @@ * DEBUG: section 47 Store Directory Routines * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. @@ -34,11 +34,6 @@ */ #include "squid.h" -#if HAVE_STATVFS -#if HAVE_SYS_STATVFS_H -#include -#endif -#endif #include #include @@ -127,13 +122,14 @@ static int storeDiskdDirIs(SwapDir * sd); static int storeDiskdFilenoBelongsHere(int fn, int F0, int F1, int F2); static int storeDiskdCleanupDoubleCheck(SwapDir *, StoreEntry *); -static int storeDiskdCheckFile(SwapDir * sd, sfileno filn, size_t swap_file_sz); static void storeDiskdDirStats(SwapDir *, StoreEntry *); static void storeDiskdDirInitBitmap(SwapDir *); static int storeDiskdDirValidFileno(SwapDir *, sfileno, int); static void storeDiskdStats(StoreEntry * sentry); static void storeDiskdDirSync(SwapDir *); +/* The only externally visible interface */ +STSETUP storeFsSetup_diskd; /* * These functions were ripped straight out of the heart of store_dir.c. @@ -142,7 +138,7 @@ * XXX this evilness should be tidied up at a later date! */ -int +static int storeDiskdDirMapBitTest(SwapDir * SD, int fn) { sfileno filn = fn; @@ -151,7 +147,7 @@ return file_map_bit_test(diskdinfo->map, filn); } -void +static void storeDiskdDirMapBitSet(SwapDir * SD, int fn) { sfileno filn = fn; @@ -372,7 +368,7 @@ int x; int i; int rfd; - int ikey = (getpid() << 16) + (sd->index << 4); + int ikey; char *args[5]; char skey1[32]; char skey2[32]; @@ -383,6 +379,8 @@ "\tfor details. Run 'squid -z' to create swap directories\n" "\tif needed, or if running Squid for the first time."; + ikey = (getpid() << 10) + (sd->index << 2); + ikey &= 0x7fffffff; diskdinfo->smsgid = msgget((key_t) ikey, 0700 | IPC_CREAT); if (diskdinfo->smsgid < 0) { debug(50, 0) ("storeDiskdInit: msgget: %s\n", xstrerror()); @@ -421,7 +419,7 @@ #else x = ipcCreate(IPC_FIFO, #endif - SQUID_PREFIX "/bin/diskd", + SQUID_PREFIX "/libexec/squid/diskd", args, "diskd", &rfd, @@ -442,6 +440,7 @@ eventAdd("storeDirClean", storeDiskdDirCleanEvent, NULL, 15.0, 1); started_clean_event = 1; } + (void) storeDirGetBlkSize(sd->path, &sd->fs.blksize); } @@ -644,7 +643,6 @@ debug(20, 1) ("storeDiskdDirRebuildFromDirectory: SIZE MISMATCH %d!=%d\n", tmpe.swap_file_sz, (int) sb.st_size); storeDiskdDirUnlinkFile(SD, sfileno); - rb->counts.filesizemismatchcount++; continue; } if (EBIT_TEST(tmpe.flags, KEY_PRIVATE)) { @@ -692,7 +690,6 @@ int count; int used; /* is swapfile already in use? */ int disk_entry_newer; /* is the log entry newer than current entry? */ - int file_bad; double x; assert(rb != NULL); /* load a number of objects per invocation */ @@ -764,8 +761,8 @@ */ storeExpireNow(e); storeReleaseRequest(e); - storeDiskdDirReplRemove(e); if (e->swap_filen > -1) { + storeDiskdDirReplRemove(e); storeDiskdDirMapBitReset(SD, e->swap_filen); e->swap_filen = -1; e->swap_dirn = -1; @@ -803,21 +800,7 @@ * appear to have a newer entry? Compare 'lastref' from the * swap log to e->lastref. */ disk_entry_newer = e ? (s.lastref > e->lastref ? 1 : 0) : 0; - if (!used && (rb->flags.need_to_validate || - (opt_store_doublecheck != DBLCHECK_NONE))){ - file_bad = storeDiskdCheckFile(SD, s.swap_filen, s.swap_file_sz); - } else - file_bad = 0; - if (file_bad){ - if (file_bad==-2){ - if (opt_store_doublecheck == DBLCHECK_FORCE) - storeDiskdDirUnlinkFile(SD, s.swap_filen); - rb->counts.filesizemismatchcount++; - continue; - } - rb->counts.missingcount++; - continue; - } else if (used && !disk_entry_newer) { + if (used && !disk_entry_newer) { /* log entry is old, ignore it */ rb->counts.clashcount++; continue; @@ -866,8 +849,8 @@ /* junk old, load new */ storeExpireNow(e); storeReleaseRequest(e); - storeDiskdDirReplRemove(e); if (e->swap_filen > -1) { + storeDiskdDirReplRemove(e); /* Make sure we don't actually unlink the file */ storeDiskdDirMapBitReset(SD, e->swap_filen); e->swap_filen = -1; @@ -1027,14 +1010,18 @@ return e; } +CBDATA_TYPE(RebuildState); + static void storeDiskdDirRebuild(SwapDir * sd) { - RebuildState *rb = xcalloc(1, sizeof(*rb)); + RebuildState *rb; int clean = 0; int zero = 0; FILE *fp; EVH *func = NULL; + CBDATA_INIT_TYPE(RebuildState); + rb = CBDATA_ALLOC(RebuildState, NULL); rb->sd = sd; rb->speed = opt_foreground_rebuild ? 1 << 30 : 50; /* @@ -1058,7 +1045,6 @@ debug(20, 1) ("Rebuilding storage in %s (%s)\n", sd->path, clean ? "CLEAN" : "DIRTY"); store_dirs_rebuilding++; - cbdataAdd(rb, cbdataXfree, 0); eventAdd("storeRebuild", func, rb, 0.0, 1); } @@ -1162,8 +1148,14 @@ struct stat sb; sd->log.clean.write = NULL; sd->log.clean.state = NULL; - state->cur = xstrdup(storeDiskdDirSwapLogFile(sd, NULL)); state->new = xstrdup(storeDiskdDirSwapLogFile(sd, ".clean")); + state->fd = file_open(state->new, O_WRONLY | O_CREAT | O_TRUNC); + if (state->fd < 0) { + xfree(state->new); + xfree(state); + return -1; + } + state->cur = xstrdup(storeDiskdDirSwapLogFile(sd, NULL)); state->cln = xstrdup(storeDiskdDirSwapLogFile(sd, ".last-clean")); state->outbuf = xcalloc(CLEAN_BUF_SZ, 1); state->outbuf_offset = 0; @@ -1240,6 +1232,8 @@ storeDiskdDirWriteCleanDone(SwapDir * sd) { struct _clean_state *state = sd->log.clean.state; + if (NULL == state) + return; if (state->fd < 0) return; state->walker->Done(state->walker); @@ -1551,28 +1545,13 @@ int storeDiskdDirCheckObj(SwapDir * SD, const StoreEntry * e) { - int loadav; - diskdinfo_t *diskdinfo = SD->fsdata; -#if OLD_UNUSED_CODE - if (storeDiskdDirExpiredReferenceAge(SD) < 300) { - debug(20, 3) ("storeDiskdDirCheckObj: NO: LRU Age = %d\n", - storeDiskdDirExpiredReferenceAge(SD)); - /* store_check_cachable_hist.no.lru_age_too_low++; */ - return -1; - } -#endif - /* Check the queue length */ if (diskdinfo->away >= diskdinfo->magic1) return -1; - /* Calculate the storedir load relative to magic2 on a scale of 0 .. 1000 */ - if (diskdinfo->away == 0) - loadav = 0; - else - loadav = diskdinfo->magic2 * 1000 / diskdinfo->away; - return loadav; + /* the parse function guarantees magic2 is positivie */ + return diskdinfo->away * 1000 / diskdinfo->magic2; } /* @@ -1684,11 +1663,12 @@ void storeDiskdDirStats(SwapDir * SD, StoreEntry * sentry) { - diskdinfo_t *diskdinfo; -#if HAVE_STATVFS - struct statvfs sfs; -#endif - diskdinfo = SD->fsdata; + diskdinfo_t *diskdinfo = SD->fsdata; + int totl_kb = 0; + int free_kb = 0; + int totl_in = 0; + int free_in = 0; + int x; storeAppendPrintf(sentry, "First level subdirectories: %d\n", diskdinfo->l1); storeAppendPrintf(sentry, "Second level subdirectories: %d\n", diskdinfo->l2); storeAppendPrintf(sentry, "Maximum Size: %d KB\n", SD->max_size); @@ -1698,20 +1678,17 @@ storeAppendPrintf(sentry, "Filemap bits in use: %d of %d (%d%%)\n", diskdinfo->map->n_files_in_map, diskdinfo->map->max_n_files, percent(diskdinfo->map->n_files_in_map, diskdinfo->map->max_n_files)); -#if HAVE_STATVFS -#define fsbtoblk(num, fsbs, bs) \ - (((fsbs) != 0 && (fsbs) < (bs)) ? \ - (num) / ((bs) / (fsbs)) : (num) * ((fsbs) / (bs))) - if (!statvfs(SD->path, &sfs)) { + x = storeDirGetUFSStats(SD->path, &totl_kb, &free_kb, &totl_in, &free_in); + if (0 == x) { storeAppendPrintf(sentry, "Filesystem Space in use: %d/%d KB (%d%%)\n", - fsbtoblk((sfs.f_blocks - sfs.f_bfree), sfs.f_frsize, 1024), - fsbtoblk(sfs.f_blocks, sfs.f_frsize, 1024), - percent(sfs.f_blocks - sfs.f_bfree, sfs.f_blocks)); + totl_kb - free_kb, + totl_kb, + percent(totl_kb - free_kb, totl_kb)); storeAppendPrintf(sentry, "Filesystem Inodes in use: %d/%d (%d%%)\n", - sfs.f_files - sfs.f_ffree, sfs.f_files, - percent(sfs.f_files - sfs.f_ffree, sfs.f_files)); + totl_in - free_in, + totl_in, + percent(totl_in - free_in, totl_in)); } -#endif storeAppendPrintf(sentry, "Flags:"); if (SD->flags.selected) storeAppendPrintf(sentry, " SELECTED"); @@ -1730,21 +1707,50 @@ storeAppendPrintf(sentry, "Pending operations: %d\n", diskdinfo->away); } +static void +storeDiskdDirParseQ1(SwapDir * sd, const char *name, const char *value, int reconfiguring) +{ + diskdinfo_t *diskdinfo = sd->fsdata; + int old_magic1 = diskdinfo->magic1; + diskdinfo->magic1 = atoi(value); + if (reconfiguring && old_magic1 != diskdinfo->magic1) + debug(3, 1) ("cache_dir '%s' new Q1 value '%d'\n", diskdinfo->magic1); +} + +static void +storeDiskdDirParseQ2(SwapDir * sd, const char *name, const char *value, int reconfiguring) +{ + diskdinfo_t *diskdinfo = sd->fsdata; + int old_magic2 = diskdinfo->magic2; + diskdinfo->magic2 = atoi(value); + if (reconfiguring && old_magic2 != diskdinfo->magic2) + debug(3, 1) ("cache_dir '%s' new Q2 value '%d'\n", diskdinfo->magic2); +} + +struct cache_dir_option options[] = +{ +#if NOT_YET + {"L1", storeDiskdDirParseL1}, + {"L2", storeDiskdDirParseL2}, +#endif + {"Q1", storeDiskdDirParseQ1}, + {"Q2", storeDiskdDirParseQ2}, + {NULL, NULL} +}; + /* * storeDiskdDirReconfigure * * This routine is called when the given swapdir needs reconfiguring */ -void +static void storeDiskdDirReconfigure(SwapDir * sd, int index, char *path) { - char *token; int i; int size; int l1; int l2; int magic1, magic2; - unsigned int read_only = 0; diskdinfo_t *diskdinfo; i = GetInteger(); @@ -1767,9 +1773,6 @@ magic2 = i; if (magic2 <= 0) fatal("storeDiskdDirParse: invalid magic2 value"); - if ((token = strtok(NULL, w_space))) - if (!strcasecmp(token, "read-only")) - read_only = 1; /* just reconfigure it */ if (size == sd->max_size) @@ -1779,14 +1782,10 @@ debug(3, 1) ("Cache dir '%s' size changed to %d KB\n", path, size); sd->max_size = size; - if (sd->flags.read_only != read_only) - debug(3, 1) ("Cache dir '%s' now %s\n", - path, read_only ? "Read-Only" : "Read-Write"); diskdinfo = sd->fsdata; diskdinfo->magic1 = magic1; diskdinfo->magic2 = magic2; - sd->flags.read_only = read_only; - return; + parse_cachedir_options(sd, options, 1); } void @@ -1845,35 +1844,25 @@ static int storeDiskdCleanupDoubleCheck(SwapDir * sd, StoreEntry * e) { - int rv= storeDiskdCheckFile(sd, e->swap_filen, e->swap_file_sz); - if (rv) storeEntryDump(e, 0); - return rv; -} - -/* - * storeDiskdCheckFile - * - * This is called by storerebuildFromSwapLog if -S was given on the command line * or a Dirty state is found - */ -static int -storeDiskdCheckFile(SwapDir * sd, sfileno filen, size_t swap_file_sz ) -{ - struct stat sb; - - if (stat(storeDiskdDirFullPath(sd, filen, NULL), &sb) < 0) { - debug(20, 1) ("storeDiskdCheckFile: MISSING SWAP FILE\n"); - debug(20, 1) ("storeDiskdCheckFile: FILENO %08X\n", filen); - debug(20, 1) ("storeDiskdCheckFile: PATH %s\n", storeDiskdDirFullPath(sd, filen, NULL)); - - return -1; - } - if (swap_file_sz != sb.st_size) { - debug(20, 1) ("storeDiskdCheckFile: SIZE MISMATCH\n"); - debug(20, 1) ("storeDiskdCheckFile: FILENO %08X\n", filen); - debug(20, 1) ("storeDiskdCheckFile: PATH %s\n", storeDiskdDirFullPath(sd, filen, NULL)); - debug(20, 1) ("storeDiskdCheckFile: ENTRY SIZE: %d, FILE SIZE: %d\n", swap_file_sz, (int) sb.st_size); - return -2; - } + struct stat sb; + if (stat(storeDiskdDirFullPath(sd, e->swap_filen, NULL), &sb) < 0) { + debug(20, 0) ("storeDiskdCleanupDoubleCheck: MISSING SWAP FILE\n"); + debug(20, 0) ("storeDiskdCleanupDoubleCheck: FILENO %08X\n", e->swap_filen); + debug(20, 0) ("storeDiskdCleanupDoubleCheck: PATH %s\n", + storeDiskdDirFullPath(sd, e->swap_filen, NULL)); + storeEntryDump(e, 0); + return -1; + } + if (e->swap_file_sz != sb.st_size) { + debug(20, 0) ("storeDiskdCleanupDoubleCheck: SIZE MISMATCH\n"); + debug(20, 0) ("storeDiskdCleanupDoubleCheck: FILENO %08X\n", e->swap_filen); + debug(20, 0) ("storeDiskdCleanupDoubleCheck: PATH %s\n", + storeDiskdDirFullPath(sd, e->swap_filen, NULL)); + debug(20, 0) ("storeDiskdCleanupDoubleCheck: ENTRY SIZE: %d, FILE SIZE: %d\n", + e->swap_file_sz, (int) sb.st_size); + storeEntryDump(e, 0); + return -1; + } return 0; } @@ -1882,16 +1871,13 @@ * * Called when a *new* fs is being setup. */ -void +static void storeDiskdDirParse(SwapDir * sd, int index, char *path) { - char *token; int i; int size; int l1; int l2; - int magic1, magic2; - unsigned int read_only = 0; diskdinfo_t *diskdinfo; i = GetInteger(); @@ -1907,18 +1893,6 @@ if (l2 <= 0) fatal("storeDiskdDirParse: invalid level 2 directories value"); i = GetInteger(); - magic1 = i; - if (magic1 <= 0) - fatal("storeDiskdDirParse: invalid magic1 value"); - i = GetInteger(); - magic2 = i; - if (magic2 <= 0) - fatal("storeDiskdDirParse: invalid magic2 value"); - - - if ((token = strtok(NULL, w_space))) - if (!strcasecmp(token, "read-only")) - read_only = 1; sd->fsdata = diskdinfo = xcalloc(1, sizeof(*diskdinfo)); sd->index = index; @@ -1929,9 +1903,8 @@ diskdinfo->swaplog_fd = -1; diskdinfo->map = NULL; /* Debugging purposes */ diskdinfo->suggest = 0; - diskdinfo->magic1 = magic1; - diskdinfo->magic2 = magic2; - sd->flags.read_only = read_only; + diskdinfo->magic1 = 64; + diskdinfo->magic2 = 72; sd->init = storeDiskdDirInit; sd->newfs = storeDiskdDirNewfs; sd->dump = storeDiskdDirDump; @@ -1957,6 +1930,8 @@ sd->log.clean.nextentry = storeDiskdDirCleanLogNextEntry; sd->log.clean.done = storeDiskdDirWriteCleanDone; + parse_cachedir_options(sd, options, 0); + /* Initialise replacement policy stuff */ sd->repl = createRemovalPolicy(Config.replPolicy); } @@ -1964,7 +1939,7 @@ /* * Initial setup / end destruction */ -void +static void storeDiskdDirDone(void) { memPoolDestroy(diskd_state_pool); Index: squid/src/fs/diskd/store_io_diskd.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/diskd/store_io_diskd.c,v retrieving revision 1.2 retrieving revision 1.2.8.1 diff -u -r1.2 -r1.2.8.1 --- squid/src/fs/diskd/store_io_diskd.c 21 Oct 2000 16:44:46 -0000 1.2 +++ squid/src/fs/diskd/store_io_diskd.c 27 Feb 2001 14:18:55 -0000 1.2.8.1 @@ -5,28 +5,28 @@ * DEBUG: section 81 Squid-side DISKD I/O functions. * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. @@ -44,7 +44,7 @@ static int storeDiskdSend(int, SwapDir *, int, storeIOState *, int, int, int); static void storeDiskdIOCallback(storeIOState * sio, int errflag); -static void storeDiskdIOFreeEntry(void *sio, int foo); +static CBDUNL storeDiskdIOFreeEntry; /* === PUBLIC =========================================================== */ @@ -68,8 +68,7 @@ diskd_stats.open_fail_queue_len++; return NULL; } - sio = memAllocate(MEM_STORE_IO); - cbdataAdd(sio, storeDiskdIOFreeEntry, MEM_STORE_IO); + sio = CBDATA_ALLOC(storeIOState, storeDiskdIOFreeEntry); sio->fsstate = diskdstate = memPoolAlloc(diskd_state_pool); sio->swap_filen = f; @@ -127,8 +126,7 @@ f = storeDiskdDirMapBitAllocate(SD); debug(81, 3) ("storeDiskdCreate: fileno %08X\n", f); - sio = memAllocate(MEM_STORE_IO); - cbdataAdd(sio, storeDiskdIOFreeEntry, MEM_STORE_IO); + sio = CBDATA_ALLOC(storeIOState, storeDiskdIOFreeEntry); sio->fsstate = diskdstate = memPoolAlloc(diskd_state_pool); sio->swap_filen = f; @@ -184,6 +182,7 @@ debug(50, 1) ("storeDiskdSend CLOSE: %s\n", xstrerror()); storeDiskdIOCallback(sio, DISK_ERROR); } + diskdstate->flags.close_request = 1; diskd_stats.close.ops++; } @@ -194,6 +193,8 @@ int shm_offset; char *rbuf; diskdstate_t *diskdstate = sio->fsstate; + debug(81, 3) ("storeDiskdRead: dirno %d, fileno %08X\n", sio->swap_dirn, sio->swap_filen); + assert(!diskdstate->flags.close_request); if (!cbdataValid(sio)) return; if (diskdstate->flags.reading) { @@ -206,7 +207,6 @@ sio->read.callback_data = callback_data; diskdstate->read_buf = buf; /* the one passed from above */ cbdataLock(sio->read.callback_data); - debug(81, 3) ("storeDiskdRead: dirno %d, fileno %08X\n", sio->swap_dirn, sio->swap_filen); sio->offset = offset; diskdstate->flags.reading = 1; rbuf = storeDiskdShmGet(SD, &shm_offset); @@ -234,6 +234,7 @@ int shm_offset; diskdstate_t *diskdstate = sio->fsstate; debug(81, 3) ("storeDiskdWrite: dirno %d, fileno %08X\n", SD->index, sio->swap_filen); + assert(!diskdstate->flags.close_request); if (!cbdataValid(sio)) { free_func(buf); return; @@ -355,14 +356,22 @@ diskd_stats.read.success++; sbuf = diskdinfo->shm.buf + M->shm_offset; len = M->status; - xmemcpy(their_buf, sbuf, len); /* yucky copy */ sio->offset += len; assert(callback); assert(their_data); sio->read.callback = NULL; sio->read.callback_data = NULL; - if (valid) + if (valid) { + assert(!diskdstate->flags.close_request); + /* + * Only copy the data if the callback is still valid, + * if it isn't valid then the request should have been + * aborted. + * -- adrian + */ + xmemcpy(their_buf, sbuf, len); /* yucky copy */ callback(their_data, their_buf, len); + } } static void @@ -508,8 +517,7 @@ * the fsstate variable .. */ static void -storeDiskdIOFreeEntry(void *sio, int foo) +storeDiskdIOFreeEntry(void *sio) { memPoolFree(diskd_state_pool, ((storeIOState *) sio)->fsstate); - memFree(sio, MEM_STORE_IO); } Index: squid/src/fs/ufs/store_dir_ufs.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/ufs/store_dir_ufs.c,v retrieving revision 1.4 retrieving revision 1.4.4.1 diff -u -r1.4 -r1.4.4.1 --- squid/src/fs/ufs/store_dir_ufs.c 10 Nov 2000 16:36:47 -0000 1.4 +++ squid/src/fs/ufs/store_dir_ufs.c 27 Feb 2001 14:18:55 -0000 1.4.4.1 @@ -5,17 +5,17 @@ * DEBUG: section 47 Store Directory Routines * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * Duane Wessels and the University of California San Diego. Please - * see the COPYRIGHT file for full details. Squid incorporates - * software developed and/or copyrighted by other sources. Please see - * the CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -34,11 +34,6 @@ */ #include "squid.h" -#if HAVE_STATVFS -#if HAVE_SYS_STATVFS_H -#include -#endif -#endif #include "store_ufs.h" @@ -117,11 +112,12 @@ static int storeUfsDirIs(SwapDir * sd); static int storeUfsFilenoBelongsHere(int fn, int F0, int F1, int F2); static int storeUfsCleanupDoubleCheck(SwapDir *, StoreEntry *); -static int storeUfsCheckFile(SwapDir * sd, sfileno filn, size_t swap_file_sz ); static void storeUfsDirStats(SwapDir *, StoreEntry *); static void storeUfsDirInitBitmap(SwapDir *); static int storeUfsDirValidFileno(SwapDir *, sfileno, int); +STSETUP storeFsSetup_ufs; + /* * These functions were ripped straight out of the heart of store_dir.c. * They assume that the given filenum is on a ufs partiton, which may or @@ -129,7 +125,7 @@ * XXX this evilness should be tidied up at a later date! */ -int +static int storeUfsDirMapBitTest(SwapDir * SD, int fn) { sfileno filn = fn; @@ -138,7 +134,7 @@ return file_map_bit_test(ufsinfo->map, filn); } -void +static void storeUfsDirMapBitSet(SwapDir * SD, int fn) { sfileno filn = fn; @@ -323,7 +319,7 @@ char *path; int fd; path = storeUfsDirSwapLogFile(sd, NULL); - fd = file_open(path, O_WRONLY | O_CREAT); + fd = file_open(path, O_WRONLY | O_CREAT | O_BINARY); if (fd < 0) { debug(50, 1) ("%s: %s\n", path, xstrerror()); fatal("storeUfsDirOpenSwapLog: Failed to open swap log."); @@ -369,6 +365,7 @@ eventAdd("storeDirClean", storeUfsDirCleanEvent, NULL, 15.0, 1); started_clean_event = 1; } + (void) storeDirGetBlkSize(sd->path, &sd->fs.blksize); } static void @@ -476,7 +473,6 @@ debug(20, 1) ("storeUfsDirRebuildFromDirectory: SIZE MISMATCH %d!=%d\n", tmpe.swap_file_sz, (int) sb.st_size); storeUfsDirUnlinkFile(SD, sfileno); - rb->counts.filesizemismatchcount++; continue; } if (EBIT_TEST(tmpe.flags, KEY_PRIVATE)) { @@ -524,7 +520,6 @@ int count; int used; /* is swapfile already in use? */ int disk_entry_newer; /* is the log entry newer than current entry? */ - int file_bad; double x; assert(rb != NULL); /* load a number of objects per invocation */ @@ -571,8 +566,8 @@ */ storeExpireNow(e); storeReleaseRequest(e); - storeUfsDirReplRemove(e); if (e->swap_filen > -1) { + storeUfsDirReplRemove(e); storeUfsDirMapBitReset(SD, e->swap_filen); e->swap_filen = -1; e->swap_dirn = -1; @@ -610,21 +605,7 @@ * appear to have a newer entry? Compare 'lastref' from the * swap log to e->lastref. */ disk_entry_newer = e ? (s.lastref > e->lastref ? 1 : 0) : 0; - if (!used && (rb->flags.need_to_validate || - (opt_store_doublecheck != DBLCHECK_NONE))){ - file_bad = storeUfsCheckFile(SD, s.swap_filen, s.swap_file_sz); - } else - file_bad = 0; - if (file_bad){ - if (file_bad==-2){ - if (opt_store_doublecheck == DBLCHECK_FORCE) - storeUfsDirUnlinkFile(SD, s.swap_filen); - rb->counts.filesizemismatchcount++; - continue; - } - rb->counts.missingcount++; - continue; - }else if (used && !disk_entry_newer) { + if (used && !disk_entry_newer) { /* log entry is old, ignore it */ rb->counts.clashcount++; continue; @@ -673,8 +654,8 @@ /* junk old, load new */ storeExpireNow(e); storeReleaseRequest(e); - storeUfsDirReplRemove(e); if (e->swap_filen > -1) { + storeUfsDirReplRemove(e); /* Make sure we don't actually unlink the file */ storeUfsDirMapBitReset(SD, e->swap_filen); e->swap_filen = -1; @@ -687,19 +668,19 @@ /* load new */ (void) 0; } - /* update store_swap_size */ - rb->counts.objcount++; - e = storeUfsDirAddDiskRestore(SD, s.key, - s.swap_filen, - s.swap_file_sz, - s.expires, - s.timestamp, - s.lastref, - s.lastmod, - s.refcount, - s.flags, - (int) rb->flags.clean); - storeDirSwapLog(e, SWAP_LOG_ADD); + /* update store_swap_size */ + rb->counts.objcount++; + e = storeUfsDirAddDiskRestore(SD, s.key, + s.swap_filen, + s.swap_file_sz, + s.expires, + s.timestamp, + s.lastref, + s.lastmod, + s.refcount, + s.flags, + (int) rb->flags.clean); + storeDirSwapLog(e, SWAP_LOG_ADD); } eventAdd("storeRebuild", storeUfsDirRebuildFromSwapLog, rb, 0.0, 1); } @@ -771,7 +752,7 @@ snprintf(rb->fullfilename, SQUID_MAXPATHLEN, "%s/%s", rb->fullpath, rb->entry->d_name); debug(20, 3) ("storeUfsDirGetNextFile: Opening %s\n", rb->fullfilename); - fd = file_open(rb->fullfilename, O_RDONLY); + fd = file_open(rb->fullfilename, O_RDONLY | O_BINARY); if (fd < 0) debug(50, 1) ("storeUfsDirGetNextFile: %s: %s\n", rb->fullfilename, xstrerror()); else @@ -834,14 +815,17 @@ return e; } +CBDATA_TYPE(RebuildState); static void storeUfsDirRebuild(SwapDir * sd) { - RebuildState *rb = xcalloc(1, sizeof(*rb)); + RebuildState *rb; int clean = 0; int zero = 0; FILE *fp; EVH *func = NULL; + CBDATA_INIT_TYPE(RebuildState); + rb = CBDATA_ALLOC(RebuildState, NULL); rb->sd = sd; rb->speed = opt_foreground_rebuild ? 1 << 30 : 50; /* @@ -865,7 +849,6 @@ debug(20, 1) ("Rebuilding storage in %s (%s)\n", sd->path, clean ? "CLEAN" : "DIRTY"); store_dirs_rebuilding++; - cbdataAdd(rb, cbdataXfree, 0); eventAdd("storeRebuild", func, rb, 0.0, 1); } @@ -877,7 +860,7 @@ char *new_path = xstrdup(storeUfsDirSwapLogFile(sd, ".new")); int fd; file_close(ufsinfo->swaplog_fd); -#ifdef _SQUID_OS2_ +#if defined (_SQUID_OS2_) || defined (_SQUID_CYGWIN_) if (unlink(swaplog_path) < 0) { debug(50, 0) ("%s: %s\n", swaplog_path, xstrerror()); fatal("storeUfsDirCloseTmpSwapLog: unlink failed"); @@ -886,7 +869,7 @@ if (xrename(new_path, swaplog_path) < 0) { fatal("storeUfsDirCloseTmpSwapLog: rename failed"); } - fd = file_open(swaplog_path, O_WRONLY | O_CREAT); + fd = file_open(swaplog_path, O_WRONLY | O_CREAT | O_BINARY); if (fd < 0) { debug(50, 1) ("%s: %s\n", swaplog_path, xstrerror()); fatal("storeUfsDirCloseTmpSwapLog: Failed to open swap log."); @@ -920,7 +903,7 @@ if (ufsinfo->swaplog_fd >= 0) file_close(ufsinfo->swaplog_fd); /* open a write-only FD for the new log */ - fd = file_open(new_path, O_WRONLY | O_CREAT | O_TRUNC); + fd = file_open(new_path, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY); if (fd < 0) { debug(50, 1) ("%s: %s\n", new_path, xstrerror()); fatal("storeDirOpenTmpSwapLog: Failed to open swap log."); @@ -932,6 +915,9 @@ debug(50, 0) ("%s: %s\n", swaplog_path, xstrerror()); fatal("Failed to open swap log for reading"); } +#if defined(_SQUID_CYGWIN_) + setmode(fileno(fp), O_BINARY); +#endif memset(&clean_sb, '\0', sizeof(struct stat)); if (stat(clean_path, &clean_sb) < 0) *clean_flag = 0; @@ -969,17 +955,22 @@ struct stat sb; sd->log.clean.write = NULL; sd->log.clean.state = NULL; - state->cur = xstrdup(storeUfsDirSwapLogFile(sd, NULL)); state->new = xstrdup(storeUfsDirSwapLogFile(sd, ".clean")); + state->fd = file_open(state->new, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY); + if (state->fd < 0) { + xfree(state->new); + xfree(state); + return -1; + } + state->cur = xstrdup(storeUfsDirSwapLogFile(sd, NULL)); state->cln = xstrdup(storeUfsDirSwapLogFile(sd, ".last-clean")); state->outbuf = xcalloc(CLEAN_BUF_SZ, 1); state->outbuf_offset = 0; state->walker = sd->repl->WalkInit(sd->repl); +#if !(defined(_SQUID_OS2_) || defined (_SQUID_CYGWIN_)) unlink(state->new); +#endif unlink(state->cln); - state->fd = file_open(state->new, O_WRONLY | O_CREAT | O_TRUNC); - if (state->fd < 0) - return -1; /* state not free'd - possible leak */ debug(20, 3) ("storeDirWriteCleanLogs: opened %s, FD %d\n", state->new, state->fd); #if HAVE_FCHMOD @@ -1046,7 +1037,10 @@ static void storeUfsDirWriteCleanDone(SwapDir * sd) { + int fd; struct _clean_state *state = sd->log.clean.state; + if (NULL == state) + return; if (state->fd < 0) return; state->walker->Done(state->walker); @@ -1065,24 +1059,26 @@ * so we have to close before renaming. */ storeUfsDirCloseSwapLog(sd); + /* save the fd value for a later test */ + fd = state->fd; /* rename */ if (state->fd >= 0) { -#ifdef _SQUID_OS2_ +#if defined(_SQUID_OS2_) || defined (_SQUID_CYGWIN_) file_close(state->fd); state->fd = -1; - if (unlink(cur) < 0) + if (unlink(state->cur) < 0) debug(50, 0) ("storeDirWriteCleanLogs: unlinkd failed: %s, %s\n", - xstrerror(), cur); + xstrerror(), state->cur); #endif xrename(state->new, state->cur); } /* touch a timestamp file if we're not still validating */ if (store_dirs_rebuilding) (void) 0; - else if (state->fd < 0) + else if (fd < 0) (void) 0; else - file_close(file_open(state->cln, O_WRONLY | O_CREAT | O_TRUNC)); + file_close(file_open(state->cln, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY)); /* close */ safe_free(state->cur); safe_free(state->new); @@ -1444,11 +1440,12 @@ void storeUfsDirStats(SwapDir * SD, StoreEntry * sentry) { - ufsinfo_t *ufsinfo; -#if HAVE_STATVFS - struct statvfs sfs; -#endif - ufsinfo = (ufsinfo_t *) SD->fsdata; + ufsinfo_t *ufsinfo = SD->fsdata; + int totl_kb = 0; + int free_kb = 0; + int totl_in = 0; + int free_in = 0; + int x; storeAppendPrintf(sentry, "First level subdirectories: %d\n", ufsinfo->l1); storeAppendPrintf(sentry, "Second level subdirectories: %d\n", ufsinfo->l2); storeAppendPrintf(sentry, "Maximum Size: %d KB\n", SD->max_size); @@ -1458,20 +1455,17 @@ storeAppendPrintf(sentry, "Filemap bits in use: %d of %d (%d%%)\n", ufsinfo->map->n_files_in_map, ufsinfo->map->max_n_files, percent(ufsinfo->map->n_files_in_map, ufsinfo->map->max_n_files)); -#if HAVE_STATVFS -#define fsbtoblk(num, fsbs, bs) \ - (((fsbs) != 0 && (fsbs) < (bs)) ? \ - (num) / ((bs) / (fsbs)) : (num) * ((fsbs) / (bs))) - if (!statvfs(SD->path, &sfs)) { + x = storeDirGetUFSStats(SD->path, &totl_kb, &free_kb, &totl_in, &free_in); + if (0 == x) { storeAppendPrintf(sentry, "Filesystem Space in use: %d/%d KB (%d%%)\n", - fsbtoblk((sfs.f_blocks - sfs.f_bfree), sfs.f_frsize, 1024), - fsbtoblk(sfs.f_blocks, sfs.f_frsize, 1024), - percent(sfs.f_blocks - sfs.f_bfree, sfs.f_blocks)); + totl_kb - free_kb, + totl_kb, + percent(totl_kb - free_kb, totl_kb)); storeAppendPrintf(sentry, "Filesystem Inodes in use: %d/%d (%d%%)\n", - sfs.f_files - sfs.f_ffree, sfs.f_files, - percent(sfs.f_files - sfs.f_ffree, sfs.f_files)); + totl_in - free_in, + totl_in, + percent(totl_in - free_in, totl_in)); } -#endif storeAppendPrintf(sentry, "Flags:"); if (SD->flags.selected) storeAppendPrintf(sentry, " SELECTED"); @@ -1489,20 +1483,27 @@ #endif /* OLD_UNUSED_CODE */ } +static struct cache_dir_option options[] = +{ +#if NOT_YET_DONE + {"L1", storeAufsDirParseL1}, + {"L2", storeAufsDirParseL2}, +#endif + {NULL, NULL} +}; + /* * storeUfsDirReconfigure * * This routine is called when the given swapdir needs reconfiguring */ -void +static void storeUfsDirReconfigure(SwapDir * sd, int index, char *path) { - char *token; int i; int size; int l1; int l2; - unsigned int read_only = 0; i = GetInteger(); size = i << 10; /* Mbytes to kbytes */ @@ -1516,9 +1517,6 @@ l2 = i; if (l2 <= 0) fatal("storeUfsDirReconfigure: invalid level 2 directories value"); - if ((token = strtok(NULL, w_space))) - if (!strcasecmp(token, "read-only")) - read_only = 1; /* just reconfigure it */ if (size == sd->max_size) @@ -1528,11 +1526,8 @@ debug(3, 1) ("Cache dir '%s' size changed to %d KB\n", path, size); sd->max_size = size; - if (sd->flags.read_only != read_only) - debug(3, 1) ("Cache dir '%s' now %s\n", - path, read_only ? "Read-Only" : "Read-Write"); - sd->flags.read_only = read_only; - return; + + parse_cachedir_options(sd, options, 1); } void @@ -1591,54 +1586,40 @@ static int storeUfsCleanupDoubleCheck(SwapDir * sd, StoreEntry * e) { - int rv= storeUfsCheckFile(sd, e->swap_filen, e->swap_file_sz); - if (rv) storeEntryDump(e, 0); - return rv; -} - -/* - * storeUfsCheckFile - * - * This is called by storerebuildFromSwapLog if -S was given on the command line. or a Dirty state is found - */ -static int -storeUfsCheckFile(SwapDir * sd, sfileno filen, size_t swap_file_sz ) -{ struct stat sb; - - if (stat(storeUfsDirFullPath(sd, filen, NULL), &sb) < 0) { - debug(20, 1) ("storeUfsCheckFile: MISSING SWAP FILE\n"); - debug(20, 1) ("storeUfsCheckFile: FILENO %08X\n", filen); - debug(20, 1) ("storeUfsCheckFile: PATH %s\n", storeUfsDirFullPath(sd, filen, NULL)); - - return -1; - } - if (swap_file_sz != sb.st_size) { - debug(20, 1) ("storeUfsCheckFile: SIZE MISMATCH\n"); - debug(20, 1) ("storeUfsCheckFile: FILENO %08X\n", filen); - debug(20, 1) ("storeUfsCheckFile: PATH %s\n", storeUfsDirFullPath(sd, filen, NULL)); - debug(20, 1) ("storeUfsCheckFile: ENTRY SIZE: %d, FILE SIZE: %d\n", swap_file_sz, (int) sb.st_size); - return -2; + if (stat(storeUfsDirFullPath(sd, e->swap_filen, NULL), &sb) < 0) { + debug(20, 0) ("storeUfsCleanupDoubleCheck: MISSING SWAP FILE\n"); + debug(20, 0) ("storeUfsCleanupDoubleCheck: FILENO %08X\n", e->swap_filen); + debug(20, 0) ("storeUfsCleanupDoubleCheck: PATH %s\n", + storeUfsDirFullPath(sd, e->swap_filen, NULL)); + storeEntryDump(e, 0); + return -1; + } + if (e->swap_file_sz != sb.st_size) { + debug(20, 0) ("storeUfsCleanupDoubleCheck: SIZE MISMATCH\n"); + debug(20, 0) ("storeUfsCleanupDoubleCheck: FILENO %08X\n", e->swap_filen); + debug(20, 0) ("storeUfsCleanupDoubleCheck: PATH %s\n", + storeUfsDirFullPath(sd, e->swap_filen, NULL)); + debug(20, 0) ("storeUfsCleanupDoubleCheck: ENTRY SIZE: %d, FILE SIZE: %d\n", + e->swap_file_sz, (int) sb.st_size); + storeEntryDump(e, 0); + return -1; } return 0; } - - /* * storeUfsDirParse * * Called when a *new* fs is being setup. */ -void +static void storeUfsDirParse(SwapDir * sd, int index, char *path) { - char *token; int i; int size; int l1; int l2; - unsigned int read_only = 0; ufsinfo_t *ufsinfo; i = GetInteger(); @@ -1653,9 +1634,6 @@ l2 = i; if (l2 <= 0) fatal("storeUfsDirParse: invalid level 2 directories value"); - if ((token = strtok(NULL, w_space))) - if (!strcasecmp(token, "read-only")) - read_only = 1; ufsinfo = xmalloc(sizeof(ufsinfo_t)); if (ufsinfo == NULL) @@ -1670,7 +1648,6 @@ ufsinfo->swaplog_fd = -1; ufsinfo->map = NULL; /* Debugging purposes */ ufsinfo->suggest = 0; - sd->flags.read_only = read_only; sd->init = storeUfsDirInit; sd->newfs = storeUfsDirNewfs; sd->dump = storeUfsDirDump; @@ -1696,6 +1673,8 @@ sd->log.clean.nextentry = storeUfsDirCleanLogNextEntry; sd->log.clean.done = storeUfsDirWriteCleanDone; + parse_cachedir_options(sd, options, 1); + /* Initialise replacement policy stuff */ sd->repl = createRemovalPolicy(Config.replPolicy); } @@ -1703,7 +1682,7 @@ /* * Initial setup / end destruction */ -void +static void storeUfsDirDone(void) { memPoolDestroy(ufs_state_pool); Index: squid/src/fs/ufs/store_io_ufs.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/ufs/store_io_ufs.c,v retrieving revision 1.2 retrieving revision 1.2.8.1 diff -u -r1.2 -r1.2.8.1 --- squid/src/fs/ufs/store_io_ufs.c 21 Oct 2000 16:44:46 -0000 1.2 +++ squid/src/fs/ufs/store_io_ufs.c 27 Feb 2001 14:18:55 -0000 1.2.8.1 @@ -5,28 +5,28 @@ * DEBUG: section 79 Storage Manager UFS Interface * AUTHOR: Duane Wessels * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * Duane Wessels and the University of California San Diego. Please - * see the COPYRIGHT file for full details. Squid incorporates - * software developed and/or copyrighted by other sources. Please see - * the CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. @@ -40,7 +40,7 @@ static DRCB storeUfsReadDone; static DWCB storeUfsWriteDone; static void storeUfsIOCallback(storeIOState * sio, int errflag); -static void storeUfsIOFreeEntry(void *, int); +static CBDUNL storeUfsIOFreeEntry; /* === PUBLIC =========================================================== */ @@ -54,14 +54,13 @@ struct stat sb; int fd; debug(79, 3) ("storeUfsOpen: fileno %08X\n", f); - fd = file_open(path, O_RDONLY); + fd = file_open(path, O_RDONLY | O_BINARY); if (fd < 0) { debug(79, 3) ("storeUfsOpen: got failure (%d)\n", errno); return NULL; } debug(79, 3) ("storeUfsOpen: opened FD %d\n", fd); - sio = memAllocate(MEM_STORE_IO); - cbdataAdd(sio, storeUfsIOFreeEntry, MEM_STORE_IO); + sio = CBDATA_ALLOC(storeIOState, storeUfsIOFreeEntry); sio->fsstate = memPoolAlloc(ufs_state_pool); sio->swap_filen = f; @@ -88,7 +87,7 @@ { storeIOState *sio; int fd; - int mode = (O_WRONLY | O_CREAT | O_TRUNC); + int mode = (O_WRONLY | O_CREAT | O_TRUNC | O_BINARY); char *path; ufsinfo_t *ufsinfo = (ufsinfo_t *) SD->fsdata; sfileno filn; @@ -108,8 +107,7 @@ return NULL; } debug(79, 3) ("storeUfsCreate: opened FD %d\n", fd); - sio = memAllocate(MEM_STORE_IO); - cbdataAdd(sio, storeUfsIOFreeEntry, MEM_STORE_IO); + sio = CBDATA_ALLOC(storeIOState, storeUfsIOFreeEntry); sio->fsstate = memPoolAlloc(ufs_state_pool); sio->swap_filen = filn; @@ -257,12 +255,10 @@ /* - * We can't pass memFree() as a free function here, because we need to free - * the fsstate variable .. + * Clean up any references from the SIO before it get's released. */ static void -storeUfsIOFreeEntry(void *sio, int foo) +storeUfsIOFreeEntry(void *sio) { memPoolFree(ufs_state_pool, ((storeIOState *) sio)->fsstate); - memFree(sio, MEM_STORE_IO); } Index: squid/src/repl/heap/store_heap_replacement.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/repl/heap/store_heap_replacement.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/repl/heap/store_heap_replacement.c 3 Nov 2000 21:04:27 -0000 1.3 +++ squid/src/repl/heap/store_heap_replacement.c 27 Feb 2001 14:18:55 -0000 1.3.6.1 @@ -5,28 +5,28 @@ * DEBUG: section 20 Storage Manager Heap-based replacement * AUTHOR: John Dilley * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * the Regents of the University of California. Please see the - * COPYRIGHT file for full details. Squid incorporates software - * developed and/or copyrighted by other sources. Please see the - * CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. @@ -43,6 +43,7 @@ #include "squid.h" #include "heap.h" +#include "store_heap_replacement.h" /* * Key generation function to implement the LFU-DA policy (Least @@ -64,7 +65,7 @@ * for this to become a problem. (estimation is 10^8 cache * turnarounds) */ -heap_key +heap_key HeapKeyGen_StoreEntry_LFUDA(void *entry, double age) { StoreEntry *e = entry; @@ -105,7 +106,7 @@ * for this to become a problem. (estimation is 10^8 cache * turnarounds) */ -heap_key +heap_key HeapKeyGen_StoreEntry_GDSF(void *entry, double age) { StoreEntry *e = entry; @@ -128,7 +129,7 @@ * Don't use it unless you are trying to compare performance among * heap-based replacement policies... */ -heap_key +heap_key HeapKeyGen_StoreEntry_LRU(void *entry, double age) { StoreEntry *e = entry; Index: squid/src/repl/heap/store_repl_heap.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/repl/heap/store_repl_heap.c,v retrieving revision 1.3 retrieving revision 1.3.6.1 diff -u -r1.3 -r1.3.6.1 --- squid/src/repl/heap/store_repl_heap.c 3 Nov 2000 21:04:27 -0000 1.3 +++ squid/src/repl/heap/store_repl_heap.c 27 Feb 2001 14:18:55 -0000 1.3.6.1 @@ -5,17 +5,17 @@ * DEBUG: section ? HEAP based removal policies * AUTHOR: Henrik Nordstrom * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * Duane Wessels and the University of California San Diego. Please - * see the COPYRIGHT file for full details. Squid incorporates - * software developed and/or copyrighted by other sources. Please see - * the CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -119,7 +119,7 @@ int current; }; -const StoreEntry * +static const StoreEntry * heap_walkNext(RemovalPolicyWalker * walker) { HeapWalkData *heap_walk = walker->_data; @@ -151,14 +151,13 @@ RemovalPolicyWalker *walker; HeapWalkData *heap_walk; heap->nwalkers += 1; - walker = xcalloc(1, sizeof(*walker)); + walker = CBDATA_ALLOC(RemovalPolicyWalker, NULL); heap_walk = xcalloc(1, sizeof(*heap_walk)); heap_walk->current = 0; walker->_policy = policy; walker->_data = heap_walk; walker->Next = heap_walkNext; walker->Done = heap_walkDone; - cbdataAdd(walker, cbdataXfree, 0); return walker; } @@ -225,7 +224,7 @@ RemovalPurgeWalker *walker; HeapPurgeData *heap_walk; heap->nwalkers += 1; - walker = xcalloc(1, sizeof(*walker)); + walker = CBDATA_ALLOC(RemovalPurgeWalker, NULL); heap_walk = xcalloc(1, sizeof(*heap_walk)); heap_walk->min_age = 0.0; heap_walk->locked_entries = NULL; @@ -234,7 +233,6 @@ walker->max_scan = max_scan; walker->Next = heap_purgeNext; walker->Done = heap_purgeDone; - cbdataAdd(walker, cbdataXfree, 0); #if HEAP_REPLACEMENT_DEBUG if (!verify_heap_property(heap->heap)) { debug(81, 1) ("Heap property violated!\n"); @@ -264,10 +262,8 @@ HeapPolicyData *heap_data; char *keytype; /* Allocate the needed structures */ - policy = xcalloc(1, sizeof(*policy)); + policy = CBDATA_ALLOC(RemovalPolicy, NULL); heap_data = xcalloc(1, sizeof(*heap_data)); - /* cbdata register the policy */ - cbdataAdd(policy, cbdataXfree, 0); /* Initialize the policy data */ heap_data->policy = policy; if (args) { Index: squid/src/repl/lru/store_repl_lru.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/repl/lru/store_repl_lru.c,v retrieving revision 1.2 retrieving revision 1.2.8.1 diff -u -r1.2 -r1.2.8.1 --- squid/src/repl/lru/store_repl_lru.c 21 Oct 2000 16:44:46 -0000 1.2 +++ squid/src/repl/lru/store_repl_lru.c 27 Feb 2001 14:18:55 -0000 1.2.8.1 @@ -5,17 +5,17 @@ * DEBUG: section ? LRU Removal policy * AUTHOR: Henrik Nordstrom * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ + * SQUID Web Proxy Cache http://www.squid-cache.org/ * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by the - * National Science Foundation. Squid is Copyrighted (C) 1998 by - * Duane Wessels and the University of California San Diego. Please - * see the COPYRIGHT file for full details. Squid incorporates - * software developed and/or copyrighted by other sources. Please see - * the CREDITS file for full details. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -132,7 +132,7 @@ LruNode *current; }; -const StoreEntry * +static const StoreEntry * lru_walkNext(RemovalPolicyWalker * walker) { LruWalkData *lru_walk = walker->_data; @@ -162,14 +162,13 @@ RemovalPolicyWalker *walker; LruWalkData *lru_walk; lru->nwalkers += 1; - walker = xcalloc(1, sizeof(*walker)); + walker = CBDATA_ALLOC(RemovalPolicyWalker, NULL); lru_walk = xcalloc(1, sizeof(*lru_walk)); walker->_policy = policy; walker->_data = lru_walk; walker->Next = lru_walkNext; walker->Done = lru_walkDone; lru_walk->current = (LruNode *) lru->list.head; - cbdataAdd(walker, cbdataXfree, 0); return walker; } @@ -232,7 +231,7 @@ RemovalPurgeWalker *walker; LruPurgeData *lru_walk; lru->nwalkers += 1; - walker = xcalloc(1, sizeof(*walker)); + walker = CBDATA_ALLOC(RemovalPurgeWalker, NULL); lru_walk = xcalloc(1, sizeof(*lru_walk)); walker->_policy = policy; walker->_data = lru_walk; @@ -240,7 +239,6 @@ walker->Next = lru_purgeNext; walker->Done = lru_purgeDone; lru_walk->start = lru_walk->current = (LruNode *) lru->list.head; - cbdataAdd(walker, cbdataXfree, 0); return walker; } @@ -269,10 +267,8 @@ if (!lru_node_pool) lru_node_pool = memPoolCreate("LRU policy node", sizeof(LruNode)); /* Allocate the needed structures */ - policy = xcalloc(1, sizeof(*policy)); lru_data = xcalloc(1, sizeof(*lru_data)); - /* cbdata register the policy */ - cbdataAdd(policy, cbdataXfree, 0); + policy = CBDATA_ALLOC(RemovalPolicy, NULL); /* Initialize the URL data */ lru_data->policy = policy; /* Populate the policy structure */ Index: squid/test-suite/hash.c =================================================================== RCS file: /cvsroot/squid-sf//squid/test-suite/hash.c,v retrieving revision 1.2 retrieving revision 1.2.6.1 diff -u -r1.2 -r1.2.6.1 --- squid/test-suite/hash.c 23 Oct 2000 15:04:22 -0000 1.2 +++ squid/test-suite/hash.c 27 Feb 2001 14:18:55 -0000 1.2.6.1 @@ -1,17 +1,21 @@ /* - * $Id: hash.c,v 1.2 2000/10/23 15:04:22 hno Exp $ + * $Id: hash.c,v 1.2.6.1 2001/02/27 14:18:55 rvenning Exp $ * * DEBUG: section 0 Hash Tables * AUTHOR: Harvest Derived * - * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ - * -------------------------------------------------------- + * SQUID Web Proxy Cache http://www.squid-cache.org/ + * ---------------------------------------------------------- * - * Squid is the result of efforts by numerous individuals from the - * Internet community. Development is led by Duane Wessels of the - * National Laboratory for Applied Network Research and funded by - * the National Science Foundation. + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -39,7 +43,7 @@ #include #include "hash.h" #undef free -extern void my_free(char *, int , void *); +extern void my_free(char *, int, void *); #define free(a) my_free(__FILE__, __LINE__, a) @@ -176,7 +180,7 @@ /* Add to the given hash table 'hid' */ new = calloc(1, sizeof(hash_link)); if (!new) { - fprintf(stderr,"calloc failed!\n"); + fprintf(stderr, "calloc failed!\n"); print_stats(); exit(1); } @@ -298,7 +302,7 @@ hid->current_ptr = walker->next; if (FreeLink) { if (walker) { - free(walker); + free(walker); } } return 0; @@ -337,10 +341,10 @@ void hashFreeMemory(hash_table * hid) { - if (hid->buckets); + if (hid->buckets); free(hid->buckets); - if (hid) - free(hid); + if (hid) + free(hid); } @@ -402,4 +406,3 @@ exit(0); } #endif - Index: squid/test-suite/hash.h =================================================================== RCS file: /cvsroot/squid-sf//squid/test-suite/hash.h,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/test-suite/hash.h 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/test-suite/hash.h 27 Feb 2001 14:18:56 -0000 1.1.1.1.42.1 @@ -1,6 +1,6 @@ -#define DEFAULT_HASH_SIZE 7951 +#define DEFAULT_HASH_SIZE 7951 typedef unsigned int HASHHASH(const void *, unsigned int); -struct _hash_link { +struct _hash_link { char *key; struct _hash_link *next; void *item; @@ -17,17 +17,17 @@ unsigned int size; unsigned int current_slot; hash_link *current_ptr; -}; +}; typedef struct _hash_table hash_table; extern int hash_links_allocated; -extern int store_hash_buckets; /* 0 */ -extern hash_table *store_table; /* NULL */ +extern int store_hash_buckets; /* 0 */ +extern hash_table *store_table; /* NULL */ extern hash_table *hash_create(HASHCMP *, int, HASHHASH *); extern void hash_insert(hash_table *, const char *, void *); extern int hash_delete(hash_table *, const char *); int hash_delete_link(hash_table *, hash_link *); -int hash_unlink(hash_table *,hash_link *, int); +int hash_unlink(hash_table *, hash_link *, int); void hash_join(hash_table *, hash_link *); int hash_remove_link(hash_table *, hash_link *); hash_link *hash_lookup(hash_table *, const void *); Index: squid/test-suite/membanger.c =================================================================== RCS file: /cvsroot/squid-sf//squid/test-suite/membanger.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/test-suite/membanger.c 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/test-suite/membanger.c 27 Feb 2001 14:18:56 -0000 1.1.1.1.42.1 @@ -39,7 +39,7 @@ int i; int a; -int run_stats=0; +int run_stats = 0; void *my_xmalloc(size_t); void *my_xcalloc(int, size_t); int my_xfree(void *); @@ -49,163 +49,172 @@ #define xfree my_xfree int *size2id_array[2]; -int size2id_len=0; -int size2id_alloc=0; +int size2id_len = 0; +int size2id_alloc = 0; typedef struct { - char orig_ptr[32]; - void *my_ptr; + char orig_ptr[32]; + void *my_ptr; #ifdef WITH_LIB - MemPool *pool; + MemPool *pool; #endif - int size; + int size; } memitem; struct { - int mallocs,frees,callocs,reallocs; + int mallocs, frees, callocs, reallocs; } mstat; memitem *mi; void size2id(size_t, memitem *); void badformat(); void init_stats(), print_stats(); -void my_hash_insert(hash_table *h, const char *k, memitem *item); -static void *xmemAlloc(memitem *item); -static void xmemFree(memitem *item); +void my_hash_insert(hash_table * h, const char *k, memitem * item); +static void *xmemAlloc(memitem * item); +static void xmemFree(memitem * item); -int -ptrcmp(const void *a,const void *b) +int +ptrcmp(const void *a, const void *b) { - return (strcmp(a,b)); + return (strcmp(a, b)); } -main(int argc,char **argv) +main(int argc, char **argv) { char c; - extern char *optarg; + extern char *optarg; malloc_options = "A"; - a=0; + a = 0; while ((c = getopt(argc, argv, "f:i:M:l:m:r:N")) != -1) { - switch (c) { + switch (c) { case 'N': - mem_pools_on=0; - break; + mem_pools_on = 0; + break; case 'r': - run_stats=atoi(optarg); - break; + run_stats = atoi(optarg); + break; case 'f': - fn=strdup(optarg); - fp=fopen(fn,"r"); - break; + fn = strdup(optarg); + fp = fopen(fn, "r"); + break; case 'i': - initsiz=atoi(optarg); - break; + initsiz = atoi(optarg); + break; case 'l': - mem_max_size = atoi(optarg)*1024*1024; - break; + mem_max_size = atoi(optarg) * 1024 * 1024; + break; case 'M': - maxsiz=atoi(optarg); - break; + maxsiz = atoi(optarg); + break; case 'm': - minchunk=atoi(optarg); - break; + minchunk = atoi(optarg); + break; default: - fprintf(stderr, - "Usage: %s -f file -M maxsiz -i initsiz -m minchunk",argv[0]); - exit(1); - } - + fprintf(stderr, + "Usage: %s -f file -M maxsiz -i initsiz -m minchunk", argv[0]); + exit(1); + } + } if (!fp) { fprintf(stderr, - "%s pummels %s\n%s . o O ( You't supply a valid tracefile.)\n", - argv[0], getenv("USER"), argv[0]); + "%s pummels %s\n%s . o O ( You't supply a valid tracefile.)\n", + argv[0], getenv("USER"), argv[0]); exit(1); } #ifdef WITH_LIB sizeToPoolInit(); #endif - mem_table = hash_create(ptrcmp, 229, hash4); /* small hash table */ + mem_table = hash_create(ptrcmp, 229, hash4); /* small hash table */ init_stats(); - while (fgets(mbuf, 256, fp)!=NULL) { - if (run_stats>0 && (++a)%run_stats==0) print_stats(); - p=NULL; - switch(mbuf[0]) { - case 'm': /* malloc */ - p=strtok(&mbuf[2],":"); - if (!p) badformat(); - size=atoi(p); - p=strtok(NULL,"\n"); - if (!p) badformat(); - mi=malloc(sizeof(memitem)); - strcpy(mi->orig_ptr,p); - mi->size=size; - size2id(size,mi); - mi->my_ptr = xmemAlloc(mi); /* (void *)xmalloc(size); */ - assert(mi->my_ptr); - my_hash_insert(mem_table, mi->orig_ptr, mi); - mstat.mallocs++; - break; - case 'c': /* calloc */ - p=strtok(&mbuf[2],":"); - if (!p) badformat(); - amt=atoi(p); - p=strtok(NULL,":"); - if (!p) badformat(); - size=atoi(p); - p=strtok(NULL,"\n"); - if (!p) badformat(); - mi=malloc(sizeof(memitem)); - strcpy(mi->orig_ptr,p); - size2id(size,mi); - mi->size=amt*size; - mi->my_ptr= xmemAlloc(mi); /*(void *)xmalloc(amt*size);*/ - assert(mi->my_ptr); - my_hash_insert(mem_table, mi->orig_ptr, mi); - mstat.callocs++; - break; + while (fgets(mbuf, 256, fp) != NULL) { + if (run_stats > 0 && (++a) % run_stats == 0) + print_stats(); + p = NULL; + switch (mbuf[0]) { + case 'm': /* malloc */ + p = strtok(&mbuf[2], ":"); + if (!p) + badformat(); + size = atoi(p); + p = strtok(NULL, "\n"); + if (!p) + badformat(); + mi = malloc(sizeof(memitem)); + strcpy(mi->orig_ptr, p); + mi->size = size; + size2id(size, mi); + mi->my_ptr = xmemAlloc(mi); /* (void *)xmalloc(size); */ + assert(mi->my_ptr); + my_hash_insert(mem_table, mi->orig_ptr, mi); + mstat.mallocs++; + break; + case 'c': /* calloc */ + p = strtok(&mbuf[2], ":"); + if (!p) + badformat(); + amt = atoi(p); + p = strtok(NULL, ":"); + if (!p) + badformat(); + size = atoi(p); + p = strtok(NULL, "\n"); + if (!p) + badformat(); + mi = malloc(sizeof(memitem)); + strcpy(mi->orig_ptr, p); + size2id(size, mi); + mi->size = amt * size; + mi->my_ptr = xmemAlloc(mi); /*(void *)xmalloc(amt*size); */ + assert(mi->my_ptr); + my_hash_insert(mem_table, mi->orig_ptr, mi); + mstat.callocs++; + break; case 'r': - p=strtok(&mbuf[2],":"); - if (!p) badformat(); - strcpy(abuf,p); - p=strtok(NULL,":"); - if (!p) badformat(); - mem_entry=hash_lookup(mem_table, p); - if (mem_entry==NULL) { - fprintf(stderr,"invalid realloc (%s)!\n",p); + p = strtok(&mbuf[2], ":"); + if (!p) + badformat(); + strcpy(abuf, p); + p = strtok(NULL, ":"); + if (!p) + badformat(); + mem_entry = hash_lookup(mem_table, p); + if (mem_entry == NULL) { + fprintf(stderr, "invalid realloc (%s)!\n", p); break; - } - mi=(memitem *)(mem_entry->item); - assert(mi->pool); - assert(mi->my_ptr); - xmemFree(mi); /* xfree(mi->my_ptr); */ - size2id(atoi(p),mi); /* we don't need it here I guess? */ - strcpy(mi->orig_ptr,abuf); - p=strtok(NULL,"\n"); - if (!p) badformat(); - mi->my_ptr= xmemAlloc(mi); /* (char *)xmalloc(atoi(p)); */ - assert(mi->my_ptr); - mstat.reallocs++; - break; + } + mi = (memitem *) (mem_entry->item); + assert(mi->pool); + assert(mi->my_ptr); + xmemFree(mi); /* xfree(mi->my_ptr); */ + size2id(atoi(p), mi); /* we don't need it here I guess? */ + strcpy(mi->orig_ptr, abuf); + p = strtok(NULL, "\n"); + if (!p) + badformat(); + mi->my_ptr = xmemAlloc(mi); /* (char *)xmalloc(atoi(p)); */ + assert(mi->my_ptr); + mstat.reallocs++; + break; case 'f': - p=strtok(&mbuf[2],"\n"); - mem_entry=hash_lookup(mem_table, p); - if (mem_entry==NULL) { - if (p[0]!='0') - fprintf(stderr,"invalid free (%s) at line %d!\n",p,a); + p = strtok(&mbuf[2], "\n"); + mem_entry = hash_lookup(mem_table, p); + if (mem_entry == NULL) { + if (p[0] != '0') + fprintf(stderr, "invalid free (%s) at line %d!\n", p, a); break; - } - mi=(memitem *)(mem_entry->item); - assert(mi->pool); - assert(mi->my_ptr); - xmemFree(mi); /* xfree(mi->my_ptr); */ - hash_unlink(mem_table, mem_entry, 1); - free(mi); - mstat.frees++; - break; + } + mi = (memitem *) (mem_entry->item); + assert(mi->pool); + assert(mi->my_ptr); + xmemFree(mi); /* xfree(mi->my_ptr); */ + hash_unlink(mem_table, mem_entry, 1); + free(mi); + mstat.frees++; + break; default: - fprintf(stderr,"%s pummels %s.bad.format\n", argv[0],fn); - exit(1); + fprintf(stderr, "%s pummels %s.bad.format\n", argv[0], fn); + exit(1); } } @@ -216,19 +225,19 @@ void * my_xmalloc(size_t a) { - return NULL; + return NULL; } void * my_xcalloc(int a, size_t b) { - return NULL; + return NULL; } int my_xfree(void *p) { - return 0; + return 0; } void init_stats() @@ -240,36 +249,36 @@ print_stats() { #ifdef WITH_LIB - memReport(stdout); + memReport(stdout); #endif - getrusage(RUSAGE_SELF, &myusage); - printf("m/c/f/r=%d/%d/%d/%d\n",mstat.mallocs,mstat.callocs, - mstat.frees, mstat.reallocs); + getrusage(RUSAGE_SELF, &myusage); + printf("m/c/f/r=%d/%d/%d/%d\n", mstat.mallocs, mstat.callocs, + mstat.frees, mstat.reallocs); #if 0 - printf("types : %d\n",size2id_len); + printf("types : %d\n", size2id_len); #endif - printf("user time used : %d.%d\n", (int)myusage.ru_utime.tv_sec, - (int)myusage.ru_utime.tv_usec); - printf("system time used : %d.%d\n", (int)myusage.ru_stime.tv_sec, - (int)myusage.ru_stime.tv_usec); - printf("max resident set size : %d\n",(int)myusage.ru_maxrss); - printf("page faults : %d\n", (int)myusage.ru_majflt); + printf("user time used : %d.%d\n", (int) myusage.ru_utime.tv_sec, + (int) myusage.ru_utime.tv_usec); + printf("system time used : %d.%d\n", (int) myusage.ru_stime.tv_sec, + (int) myusage.ru_stime.tv_usec); + printf("max resident set size : %d\n", (int) myusage.ru_maxrss); + printf("page faults : %d\n", (int) myusage.ru_majflt); } void -size2id(size_t sz,memitem *mi) +size2id(size_t sz, memitem * mi) { #ifdef WITH_LIB - mi->pool = sizeToPool(sz); - assert(mi->pool); + mi->pool = sizeToPool(sz); + assert(mi->pool); #endif - return; + return; } void badformat() { - fprintf(stderr,"pummel.bad.format\n"); + fprintf(stderr, "pummel.bad.format\n"); exit(1); } @@ -277,22 +286,22 @@ const char * make_nam(int id, int size) { - const char *buf = malloc(30); /* argh */ - sprintf((char *)buf, "pl:%d/%d", id, size); + const char *buf = malloc(30); /* argh */ + sprintf((char *) buf, "pl:%d/%d", id, size); return buf; } void -my_hash_insert(hash_table *h, const char *k, memitem *item) -{ - memitem *l; - assert( item->pool); - assert( item->my_ptr); - hash_insert(h,k,item); +my_hash_insert(hash_table * h, const char *k, memitem * item) +{ + memitem *l; + assert(item->pool); + assert(item->my_ptr); + hash_insert(h, k, item); } static void * -xmemAlloc(memitem *item) +xmemAlloc(memitem * item) { extern MemPool *StringPool; assert(item && item->pool); @@ -303,23 +312,24 @@ } static void -xmemFree(memitem *item) +xmemFree(memitem * item) { extern MemPool *StringPool; assert(item && item->pool); if (StringPool == item->pool) - return memStringFree(item->pool, item->my_ptr, item->size); + return memStringFree(item->pool, item->my_ptr, item->size); else - return memFree(item->pool, item->my_ptr); + return memFree(item->pool, item->my_ptr); } -void my_free(char *file, int line, void *ptr) +void +my_free(char *file, int line, void *ptr) { #if 0 -fprintf(stderr,"{%s:%d:%p",file,line,ptr); + fprintf(stderr, "{%s:%d:%p", file, line, ptr); #endif -free(ptr); -#if 0 -fprintf(stderr,"}\n"); + free(ptr); +#if 0 + fprintf(stderr, "}\n"); #endif } Index: squid/test-suite/pconn-banger.c =================================================================== RCS file: /cvsroot/squid-sf//squid/test-suite/pconn-banger.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/test-suite/pconn-banger.c 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/test-suite/pconn-banger.c 27 Feb 2001 14:18:56 -0000 1.1.1.1.42.1 @@ -167,7 +167,6 @@ } int - open_http_socket(void) { int s; @@ -191,7 +190,7 @@ int send_request(int fd, const char *data) { - char msg[4096],buf[4096]; + char msg[4096], buf[4096]; int len; time_t w; struct _r *r; @@ -200,24 +199,24 @@ char *tmp = strdup(data); struct stat st; int file_fd = -1; - method=strtok(tmp, " "); - url=strtok(NULL, " "); - file=strtok(NULL, " "); - size=strtok(NULL, " "); - checksum=strtok(NULL, " "); + method = strtok(tmp, " "); + url = strtok(NULL, " "); + file = strtok(NULL, " "); + size = strtok(NULL, " "); + checksum = strtok(NULL, " "); if (!url) { - url=method; - method="GET"; + url = method; + method = "GET"; } - if (file && strcmp(file,"-")==0) - file=NULL; - if (size && strcmp(size,"-")==0) - size=NULL; - if (checksum && strcmp(checksum,"-")==0) - checksum=NULL; + if (file && strcmp(file, "-") == 0) + file = NULL; + if (size && strcmp(size, "-") == 0) + size = NULL; + if (checksum && strcmp(checksum, "-") == 0) + checksum = NULL; msg[0] = '\0'; sprintf(buf, "%s %s HTTP/1.0\r\n", method, url); - strcat(msg,buf); + strcat(msg, buf); strcat(msg, "Accept: */*\r\n"); strcat(msg, "Proxy-Connection: Keep-Alive\r\n"); if (opt_ims && (lrand48() & 0x03) == 0) { @@ -226,11 +225,11 @@ strcat(msg, buf); } if (file) { - if ( (file_fd = open(file,O_RDONLY)) < 0) { + if ((file_fd = open(file, O_RDONLY)) < 0) { perror("open"); return -1; } - if ( fstat(file_fd, &st) ) { + if (fstat(file_fd, &st)) { perror("fstat"); close(file_fd); return -1; @@ -247,7 +246,7 @@ return -1; } if (file) { - while((len=read(file_fd, buf, sizeof buf)) > 0) { + while ((len = read(file_fd, buf, sizeof buf)) > 0) { if (write(fd, buf, len) < 0) { close(fd); perror("body write"); @@ -302,8 +301,8 @@ t += strlen(hdr); while (isspace(*t)) t++; - strcpy(result,""); - strncat(result,t,strcspn(t, crlf)); + strcpy(result, ""); + strncat(result, t, strcspn(t, crlf)); return result; } } @@ -315,9 +314,9 @@ { #if 0 fprintf(stderr, "DONE: %s, (%d+%d)\n", - r->url, - r->hdr_length, - r->content_length); + r->url, + r->hdr_length, + r->content_length); #endif if (r->content_length != r->bytes_read) fprintf(stderr, "ERROR! Short reply, expected %d bytes got %d\n", @@ -325,10 +324,10 @@ else if (r->validsize >= 0) { if (r->validsize != r->bytes_read) fprintf(stderr, "WARNING: %s Object size mismatch, expected %d got %d\n", - r->url, r->validsize, r->bytes_read); + r->url, r->validsize, r->bytes_read); else if (opt_checksum && r->sum != r->validsum) fprintf(stderr, "WARNING: %s Checksum error. Expected %d got %d\n", - r->url, r->validsum, r->sum); + r->url, r->validsum, r->sum); } } int @@ -338,19 +337,19 @@ const char *end; const char *url; static char buf[READ_BUF_SZ]; - int hlen,blen; - if (len < 0 ) { + int hlen, blen; + if (len < 0) { perror("read"); Requests = r->next; request_done(r); free(r); noutstanding--; if (trace_fd >= 0) - write(trace_fd,"\n[CLOSED]\n",10); + write(trace_fd, "\n[CLOSED]\n", 10); return -1; } total_bytes_read += len; - xmemcpy(buf,inbuf,len); + xmemcpy(buf, inbuf, len); if (len == 0) { fprintf(stderr, "WARNING: %s, server closed socket after %d+%d bytes\n", r->url, r->hdr_offset, r->bytes_read); /* XXX, If no data was received and it isn't the first request on this @@ -379,11 +378,12 @@ /* Process headers */ if (r->hdr_length == 0 && (end = mime_headers_end(r->reply_hdrs)) != NULL) { #if 0 - fprintf(stderr, "FOUND EOH FOR %s\n", r->url); */ + fprintf(stderr, "FOUND EOH FOR %s\n", r->url); + */ #endif - r->hdr_length = end - r->reply_hdrs; + r->hdr_length = end - r->reply_hdrs; #if 0 - fprintf(stderr, "HDR_LENGTH = %d\n", r->hdr_length); + fprintf(stderr, "HDR_LENGTH = %d\n", r->hdr_length); #endif /* "unread" any body contents received */ blen = r->hdr_offset - r->hdr_length; @@ -393,20 +393,20 @@ xmemcpy(buf, r->reply_hdrs + r->hdr_length, blen); len += blen; } - r->reply_hdrs[r->hdr_length]='\0'; /* Null terminate headers */ + r->reply_hdrs[r->hdr_length] = '\0'; /* Null terminate headers */ /* Parse headers */ r->content_length = get_header_int_value("content-length:", r->reply_hdrs, end); -/* fprintf(stderr, "CONTENT_LENGTH = %d\n", r->content_length); */ +/* fprintf(stderr, "CONTENT_LENGTH = %d\n", r->content_length); */ url = get_header_string_value("X-Request-URI:", r->reply_hdrs, end); if (url != NULL && strcmp(r->url, url) != 0) fprintf(stderr, "WARNING: %s got reply %s\n", r->url, url); #if XREQUESTURI || 0 - fprintf(stderr, "LOCATION = %s\n", get_header_string_value("X-Request-URI:", r->reply_hdrs, end)); + fprintf(stderr, "LOCATION = %s\n", get_header_string_value("X-Request-URI:", r->reply_hdrs, end)); #endif } - if ( !(len==0 || r->hdr_length > 0) ) { + if (!(len == 0 || r->hdr_length > 0)) { fprintf(stderr, "ERROR!!!\n"); - assert((len==0 || r->hdr_length > 0)); + assert((len == 0 || r->hdr_length > 0)); } /* Process body */ if (r->hdr_length != 0) { @@ -415,14 +415,14 @@ if (r->content_length >= 0) { bytes_left = r->content_length - r->bytes_read; assert(bytes_left >= 0); - bytes_used = len < bytes_left ? len : bytes_left; + bytes_used = len < bytes_left ? len : bytes_left; } else { - bytes_left = len + 1; /* Unknown end... */ + bytes_left = len + 1; /* Unknown end... */ bytes_used = len; } if (opt_checksum) { - for(i=0; isum += (int)buf[i] & 0xFF; + for (i = 0; i < bytes_used; i++) + r->sum += (int) buf[i] & 0xFF; } r->bytes_read += bytes_used; len -= bytes_used; @@ -462,7 +462,7 @@ static int pconn_fd = -1; static char buf[8192]; struct timeval to; - struct timeval now,last,start; + struct timeval now, last, start; fd_set R; struct _r *r; struct _r *nextr; @@ -480,10 +480,10 @@ } while (!done_reading_urls || noutstanding) { if (!opt_reopen && pconn_fd < 0) { - fprintf(stderr,"TERMINATED: Connection closed\n"); + fprintf(stderr, "TERMINATED: Connection closed\n"); break; } - if (pconn_fd<0) { + if (pconn_fd < 0) { pconn_fd = open_http_socket(); if (pconn_fd < 0) { perror("socket"); @@ -491,14 +491,14 @@ } nextr = Requests; Requests = NULL; - noutstanding=0; + noutstanding = 0; while ((r = nextr) != NULL) { nextr = r->next; if (send_request(pconn_fd, r->url) != 0) { close(pconn_fd); - pconn_fd=-1; + pconn_fd = -1; nextr = r; - for (r = Requests; r!=NULL && r->next; r=r->next); + for (r = Requests; r != NULL && r->next; r = r->next); if (r != NULL) r->next = nextr; else @@ -508,7 +508,7 @@ free(r); } timeouts = 0; - if (pconn_fd <0) + if (pconn_fd < 0) continue; } if (timeouts == 200) { @@ -520,7 +520,7 @@ free(r); noutstanding--; } - if (pconn_fd>=0 && noutstanding < max_outstanding && !done_reading_urls) { + if (pconn_fd >= 0 && noutstanding < max_outstanding && !done_reading_urls) { char *t; if (fgets(buf, 8191, stdin) == NULL) { fprintf(stderr, "Done Reading URLS\n"); @@ -532,7 +532,7 @@ *t = '\0'; if (send_request(pconn_fd, buf) != 0) { close(pconn_fd); - pconn_fd=-1; + pconn_fd = -1; continue; } nrequests++; @@ -560,21 +560,22 @@ pconn_fd = -1; } gettimeofday(&now, NULL); - if (now.tv_sec > last.tv_sec) { + if (now.tv_sec > last.tv_sec) { int dt; int nreq; last = now; dt = (int) (now.tv_sec - start.tv_sec); - nreq=0; - for (r=Requests; r ; r=r->next) nreq++; + nreq = 0; + for (r = Requests; r; r = r->next) + nreq++; printf("T+ %6d: %9d req (%+4d), %4d pend, %3d/sec avg, %dmb, %dkb/sec avg\n", - dt, - nrequests, - reqpersec, - nreq, - (int) (nrequests / dt), - (int)total_bytes_read / 1024 / 1024, - (int)total_bytes_read / 1024 / dt); + dt, + nrequests, + reqpersec, + nreq, + (int) (nrequests / dt), + (int) total_bytes_read / 1024 / 1024, + (int) total_bytes_read / 1024 / dt); reqpersec = 0; } } @@ -616,7 +617,7 @@ lifetime = (time_t) atoi(optarg); break; case 't': - trace_fd = open(optarg,O_WRONLY|O_CREAT|O_TRUNC,0666); + trace_fd = open(optarg, O_WRONLY | O_CREAT | O_TRUNC, 0666); break; case 'r': opt_reopen = !opt_reopen; Index: squid/test-suite/tcp-banger3.c =================================================================== RCS file: /cvsroot/squid-sf//squid/test-suite/tcp-banger3.c,v retrieving revision 1.1.1.2 retrieving revision 1.1.1.2.42.1 diff -u -r1.1.1.2 -r1.1.1.2.42.1 --- squid/test-suite/tcp-banger3.c 26 Jan 2000 03:23:10 -0000 1.1.1.2 +++ squid/test-suite/tcp-banger3.c 27 Feb 2001 14:18:56 -0000 1.1.1.2.42.1 @@ -382,7 +382,7 @@ signal(SIGCHLD, sig_child); create_children(argv); parent_main_loop(); - for (i=3;i<=maxfd; i++) + for (i = 3; i <= maxfd; i++) close(i); sleep(1); } Index: squid/test-suite/waiter.c =================================================================== RCS file: /cvsroot/squid-sf//squid/test-suite/waiter.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.42.1 diff -u -r1.1.1.1 -r1.1.1.1.42.1 --- squid/test-suite/waiter.c 26 Jan 2000 03:21:47 -0000 1.1.1.1 +++ squid/test-suite/waiter.c 27 Feb 2001 14:18:56 -0000 1.1.1.1.42.1 @@ -4,21 +4,21 @@ int main(int argc, char *argv[]) { - int i; - struct timeval now; - struct timeval alarm; - struct timeval to; - assert(argc == 2); - i = atoi(argv[1]); - gettimeofday(&now, NULL); - alarm.tv_sec = now.tv_sec + i + (now.tv_sec % i); - alarm.tv_usec = 0; - to.tv_sec = alarm.tv_sec - now.tv_sec; - to.tv_usec = alarm.tv_usec - now.tv_usec; - if (to.tv_usec < 0) { - to.tv_usec += 1000000; - to.tv_sec -= 1; - } - select(1, NULL, NULL, NULL, &to); - return 0; + int i; + struct timeval now; + struct timeval alarm; + struct timeval to; + assert(argc == 2); + i = atoi(argv[1]); + gettimeofday(&now, NULL); + alarm.tv_sec = now.tv_sec + i + (now.tv_sec % i); + alarm.tv_usec = 0; + to.tv_sec = alarm.tv_sec - now.tv_sec; + to.tv_usec = alarm.tv_usec - now.tv_usec; + if (to.tv_usec < 0) { + to.tv_usec += 1000000; + to.tv_sec -= 1; + } + select(1, NULL, NULL, NULL, &to); + return 0; }