--------------------- PatchSet 5170 Date: 2002/09/29 16:31:17 Author: serassio Branch: cygwin Tag: (none) Log: synced with nt branch Members: Makefile.am:1.2.8.9->1.2.8.10 configure.in:1.8.2.45->1.8.2.46 helpers/basic_auth/win32_locallogon/NT_auth.c:1.1.6.3->1.1.6.4 helpers/basic_auth/win32_locallogon/README.txt:1.1.6.3->1.1.6.4 helpers/basic_auth/win32_locallogon/valid.c:1.1.6.2->1.1.6.3 helpers/external_acl/win32_group/readme.txt:1.1.2.2->1.1.2.3 helpers/external_acl/win32_group/win32_check_group.c:1.1.2.3->1.1.2.4 helpers/external_acl/win32_group/win32_check_group.h:1.1.8.1->1.1.8.2 helpers/ntlm_auth/NTLMSSP-WIN32/libntlmssp.c:1.1.8.1->1.1.8.2 helpers/ntlm_auth/NTLMSSP-WIN32/ntlm_auth.c:1.1.8.3->1.1.8.4 helpers/ntlm_auth/NTLMSSP-WIN32/readme.txt:1.1.8.1->1.1.8.2 lib/sspwin32.c:1.1.6.1->1.1.6.2 src/Makefile.am:1.2.6.19->1.2.6.20 src/pinger.c:1.3.28.1->1.3.28.2 src/fs/awin32/aiops.c:1.1.2.4->1.1.2.5 src/fs/awin32/store_dir_aufs.c:1.1.2.4->1.1.2.5 Index: squid/Makefile.am =================================================================== RCS file: /cvsroot/squid-sf//squid/Makefile.am,v retrieving revision 1.2.8.9 retrieving revision 1.2.8.10 diff -u -r1.2.8.9 -r1.2.8.10 --- squid/Makefile.am 1 Sep 2002 08:26:29 -0000 1.2.8.9 +++ squid/Makefile.am 29 Sep 2002 16:31:17 -0000 1.2.8.10 @@ -6,6 +6,7 @@ AUTOMAKE_OPTIONS = dist-bzip2 subdir-objects 1.5 DIST_SUBDIRS = lib snmplib scripts src icons errors contrib doc helpers SUBDIRS = lib @makesnmplib@ scripts src icons errors doc helpers +DEFAULT_PINGER = $(libexecdir)/pinger$(EXEEXT) DISTCLEANFILES = include/stamp-h include/stamp-h[0-9]* @@ -35,5 +36,5 @@ bootstrap.sh install-pinger: - chown root $(libexecdir)/pinger$(EXEEXT) - chmod 4711 $(libexecdir)/pinger$(EXEEXT) + chown root $(DEFAULT_PINGER) + chmod 4711 $(DEFAULT_PINGER) Index: squid/configure.in =================================================================== RCS file: /cvsroot/squid-sf//squid/configure.in,v retrieving revision 1.8.2.45 retrieving revision 1.8.2.46 diff -u -r1.8.2.45 -r1.8.2.46 --- squid/configure.in 26 Sep 2002 15:36:26 -0000 1.8.2.45 +++ squid/configure.in 29 Sep 2002 16:31:17 -0000 1.8.2.46 @@ -3,7 +3,7 @@ dnl dnl Duane Wessels, wessels@nlanr.net, February 1996 (autoconf v2.9) dnl -dnl $Id: configure.in,v 1.8.2.45 2002/09/26 15:36:26 serassio Exp $ +dnl $Id: configure.in,v 1.8.2.46 2002/09/29 16:31:17 serassio Exp $ dnl dnl dnl @@ -11,7 +11,7 @@ AC_CONFIG_AUX_DIR(cfgaux) AM_INIT_AUTOMAKE(squid, 2.6-DEVEL) AM_CONFIG_HEADER(include/autoconf.h) -AC_REVISION($Revision: 1.8.2.45 $)dnl +AC_REVISION($Revision: 1.8.2.46 $)dnl AC_PREFIX_DEFAULT(/usr/local/squid) AM_MAINTAINER_MODE @@ -375,7 +375,6 @@ case "$fs" in diskd) STORE_MODULE_SUBDIRS="$STORE_MODULE_SUBDIRS $fs" - OPT_DISKD_EXE='diskd$(EXEEXT)' ;; aufs) if test -z "$with_pthreads"; then @@ -393,7 +392,6 @@ done AC_SUBST(STORE_MODULES) AC_SUBST(STORE_MODULE_SUBDIRS) -AC_SUBST(OPT_DISKD_EXE) dnl --enable-heap-replacement compability option @@ -441,19 +439,15 @@ REPL_LIBS="`echo $REPL_OBJS|sed -e 's%repl/%%g'`" AC_SUBST(REPL_LIBS) -OPT_PINGER='' -OPT_PINGER_EXE='' +AM_CONDITIONAL(ENABLE_PINGER, false) AC_ARG_ENABLE(icmp, [ --enable-icmp Enable ICMP pinging], [ if test "$enableval" = "yes" ; then echo "ICMP enabled" AC_DEFINE(USE_ICMP) - OPT_PINGER='pinger' - OPT_PINGER_EXE='pinger$(EXEEXT)' + AM_CONDITIONAL(ENABLE_PINGER, true) fi ]) -AC_SUBST(OPT_PINGER) -AC_SUBST(OPT_PINGER_EXE) AM_CONDITIONAL(USE_DELAY_POOLS, false) AC_ARG_ENABLE(delay-pools, @@ -838,12 +832,8 @@ ]) if test "$use_dnsserver" = "yes"; then AC_DEFINE(USE_DNSSERVERS) - OPT_DNSSERVER_EXE='dnsserver$(EXEEXT)' AM_CONDITIONAL(USE_DNSSERVER, true) -else - OPT_DNSSERVER_EXE='' fi -AC_SUBST(OPT_DNSSERVER_EXE) AC_ARG_ENABLE(truncate, [ --enable-truncate This uses truncate() instead of unlink() when @@ -2174,7 +2164,7 @@ else AC_MSG_RESULT("no") echo "Will use our own inet_ntoa()." - AC_LIBOBJ="$AC_LIBOBJ inet_ntoa.o" + AC_LIBOBJ(inet_ntoa) # echo "WARNING: This looks bad, and probably prevents Squid from working." # echo " If you're on IRIX and using GCC 2.8, you probably need" # echo " to use the IRIX C compiler instead." Index: squid/helpers/basic_auth/win32_locallogon/NT_auth.c =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/basic_auth/win32_locallogon/Attic/NT_auth.c,v retrieving revision 1.1.6.3 retrieving revision 1.1.6.4 diff -u -r1.1.6.3 -r1.1.6.4 --- squid/helpers/basic_auth/win32_locallogon/NT_auth.c 11 Aug 2002 16:45:09 -0000 1.1.6.3 +++ squid/helpers/basic_auth/win32_locallogon/NT_auth.c 29 Sep 2002 16:31:17 -0000 1.1.6.4 @@ -152,6 +152,8 @@ fflush(stdout); continue; } + rfc1738_unescape(username); + rfc1738_unescape(password); if (Valid_User(username, password, NTGroup) == NTV_NO_ERROR) puts("OK"); else Index: squid/helpers/basic_auth/win32_locallogon/README.txt =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/basic_auth/win32_locallogon/Attic/README.txt,v retrieving revision 1.1.6.3 retrieving revision 1.1.6.4 diff -u -r1.1.6.3 -r1.1.6.4 --- squid/helpers/basic_auth/win32_locallogon/README.txt 16 Jul 2002 17:45:19 -0000 1.1.6.3 +++ squid/helpers/basic_auth/win32_locallogon/README.txt 29 Sep 2002 16:31:17 -0000 1.1.6.4 @@ -5,7 +5,7 @@ and will return OK if the username/password is valid for the domain/machine, or ERR if there was some problem. It's possible to authenticate against NT trusted domains specifyng the username -in the domain\username Microsoft notation. +in the domain\\username Microsoft notation. ============== Index: squid/helpers/basic_auth/win32_locallogon/valid.c =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/basic_auth/win32_locallogon/Attic/valid.c,v retrieving revision 1.1.6.2 retrieving revision 1.1.6.3 diff -u -r1.1.6.2 -r1.1.6.3 --- squid/helpers/basic_auth/win32_locallogon/valid.c 16 Jul 2002 13:34:36 -0000 1.1.6.2 +++ squid/helpers/basic_auth/win32_locallogon/valid.c 29 Sep 2002 16:31:17 -0000 1.1.6.3 @@ -31,7 +31,6 @@ /* Check if we try to compile on a Windows Platform */ #if defined(_SQUID_CYGWIN_) || defined(_SQUID_MSWIN_) -#include #if defined(_SQUID_CYGWIN_) #include #endif @@ -87,7 +86,6 @@ if (nStatus == NERR_Success) { if ((pTmpBuf = pBuf) != NULL) { for (i = 0; i < dwEntriesRead; i++) { - assert(pTmpBuf != NULL); if (pTmpBuf == NULL) { result = FALSE; break; Index: squid/helpers/external_acl/win32_group/readme.txt =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/external_acl/win32_group/Attic/readme.txt,v retrieving revision 1.1.2.2 retrieving revision 1.1.2.3 diff -u -r1.1.2.2 -r1.1.2.3 --- squid/helpers/external_acl/win32_group/readme.txt 16 Jul 2002 13:34:36 -0000 1.1.2.2 +++ squid/helpers/external_acl/win32_group/readme.txt 29 Sep 2002 16:31:17 -0000 1.1.2.3 @@ -5,19 +5,19 @@ This helper must be used in with an authentication scheme, tipcally basic or NTLM based on Windows NT/2000 domain users. -It reads two new line terminated argument from the standard input -(the domain username and group) and tries to match it against -the groups membership of the specified username. +It reads from the standard input the domain username and a list of groups +and tries to match it against the groups membership of the specified username. ============== Program Syntax ============== -win32_check_group [-Gd] +win32_check_group [-Gdh] -G start helper in Global Group mode -d enable debug mode +-h this message ================ Index: squid/helpers/external_acl/win32_group/win32_check_group.c =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/external_acl/win32_group/Attic/win32_check_group.c,v retrieving revision 1.1.2.3 retrieving revision 1.1.2.4 diff -u -r1.1.2.3 -r1.1.2.4 --- squid/helpers/external_acl/win32_group/win32_check_group.c 11 Aug 2002 16:45:09 -0000 1.1.2.3 +++ squid/helpers/external_acl/win32_group/win32_check_group.c 29 Sep 2002 16:31:17 -0000 1.1.2.4 @@ -1,15 +1,14 @@ /* - * $Id: win32_check_group.c,v 1.1.2.3 2002/08/11 16:45:09 serassio Exp $ + * $Id: win32_check_group.c,v 1.1.2.4 2002/09/29 16:31:17 serassio Exp $ * * This is a helper for the external ACL interface for Squid Cache * Copyright (C) 2002 Guido Serassio * Based on previous work of Rodrigo Albani de Campos * - * It reads STDIN looking for a username that matches a NT/2000 global - * Domain group. - * Returns `OK' if the user belongs to the group or `ERR' otherwise, as + * It reads from the standard input the domain username and a list of groups + * and tries to match it against the groups membership of the specified username. + * Returns `OK' if the user belongs to a group or `ERR' otherwise, as * described on http://devel.squid-cache.org/external_acl/config.html - * To compile this program, use: * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -46,7 +45,7 @@ #include "win32_check_group.h" -static char * +char * strwordtok(char *buf, char **t) { unsigned char *word = NULL; @@ -156,7 +155,7 @@ * Error checking. */ if (status) { - debug("OpenPolicy Error: %d\n", status); + debug("OpenPolicy Error: %ld\n", status); } else { /* @@ -167,7 +166,7 @@ PolicyPrimaryDomainInformation, (PVOID *)&ppdiDomainInfo); if (status) { - debug("LsaQueryInformationPolicy Error: %d\n", status); + debug("LsaQueryInformationPolicy Error: %ld\n", status); } else { /* Get name in useable format */ @@ -197,18 +196,32 @@ NetApiBufferFree(pwkiWorkstationInfo); LsaFreeMemory((LPVOID)ppdiDomainInfo); } else - debug("NetWkstaGetInfo Error: %d\n", netret); + debug("NetWkstaGetInfo Error: %ld\n", netret); return DomainName; } +/* returns 0 on match, -1 if no match */ +static int wcstrcmparray(const wchar_t *str, const char **array) +{ + WCHAR wszGroup[256]; // Unicode Group + + while (*array) { + MultiByteToWideChar(CP_ACP, 0, *array, + strlen(*array) + 1, wszGroup, sizeof(wszGroup) / sizeof(wszGroup[0])); + debug("Windows group: %S, Squid group: %S\n", str, wszGroup); + if (wcscmp(str, wszGroup) == 0) + return 0; + array++; + } + return -1; +} /* returns 1 on success, 0 on failure */ int -Valid_Local_Group(char *UserName, char *Group) +Valid_Local_Groups(char *UserName, const char **Groups) { int result = 0; WCHAR wszUserName[256]; // Unicode user name - WCHAR wszGroup[256]; // Unicode Group LPLOCALGROUP_USERS_INFO_0 pBuf = NULL; LPLOCALGROUP_USERS_INFO_0 pTmpBuf; @@ -225,8 +238,6 @@ MultiByteToWideChar(CP_ACP, 0, UserName, strlen(UserName) + 1, wszUserName, sizeof(wszUserName) / sizeof(wszUserName[0])); - MultiByteToWideChar(CP_ACP, 0, Group, - strlen(Group) + 1, wszGroup, sizeof(wszGroup) / sizeof(wszGroup[0])); /* * Call the NetUserGetLocalGroups function @@ -256,7 +267,7 @@ result = 0; break; } - if (wcscmp(pTmpBuf->lgrui0_name, wszGroup) == 0) { + if (wcstrcmparray(pTmpBuf->lgrui0_name, Groups) == 0) { result = 1; break; } @@ -277,11 +288,10 @@ /* returns 1 on success, 0 on failure */ int -Valid_Global_Group(char *UserName, char *Group) +Valid_Global_Groups(char *UserName, const char **Groups) { int result = 0; WCHAR wszUserName[256]; // Unicode user name - WCHAR wszGroup[256]; // Unicode Group WCHAR wszLocalDomain[256]; // Unicode Local Domain WCHAR wszUserDomain[256]; // Unicode User Domain @@ -315,8 +325,6 @@ MultiByteToWideChar(CP_ACP, 0, User, strlen(User) + 1, wszUserName, sizeof(wszUserName) / sizeof(wszUserName[0])); - MultiByteToWideChar(CP_ACP, 0, Group, - strlen(Group) + 1, wszGroup, sizeof(wszGroup) / sizeof(wszGroup[0])); MultiByteToWideChar(CP_ACP, 0, machinedomain, strlen(machinedomain) + 1, wszLocalDomain, sizeof(wszLocalDomain) / sizeof(wszLocalDomain[0])); @@ -370,7 +378,7 @@ result = 0; break; } - if (wcscmp(pTmpBuf->grui0_name, wszGroup) == 0) { + if (wcstrcmparray(pTmpBuf->grui0_name, Groups) == 0) { result = 1; break; } @@ -398,7 +406,7 @@ static void usage(char *program) { - fprintf(stderr,"Usage: %s [-d] [-h]\n" + fprintf(stderr,"Usage: %s [-d][-G][-h]\n" " -d enable debugging\n" " -G enable Domain Global group mode\n" " -h this message\n", @@ -444,6 +452,8 @@ char *username; char *group; int err = 0; + const char *groups[512]; + int n; if (argc > 0) { /* should always be true */ myname=strrchr(argv[0],'/'); @@ -496,9 +506,11 @@ } username = strwordtok(buf, &t); - group = strwordtok(NULL, &t); + for (n = 0; (group = strwordtok(NULL, &t)) != NULL; n++) + groups[n] = group; + groups[n] = NULL; - if ((use_global ? Valid_Global_Group(username, group) : Valid_Local_Group(username, group))) { + if ((use_global ? Valid_Global_Groups(username, groups) : Valid_Local_Groups(username, groups))) { printf ("OK\n"); } else { error: Index: squid/helpers/external_acl/win32_group/win32_check_group.h =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/external_acl/win32_group/Attic/win32_check_group.h,v retrieving revision 1.1.8.1 retrieving revision 1.1.8.2 diff -u -r1.1.8.1 -r1.1.8.2 --- squid/helpers/external_acl/win32_group/win32_check_group.h 16 Jul 2002 13:34:36 -0000 1.1.8.1 +++ squid/helpers/external_acl/win32_group/win32_check_group.h 29 Sep 2002 16:31:17 -0000 1.1.8.2 @@ -75,4 +75,3 @@ /* no gcc, no debugging. varargs macros are a gcc extension */ #define SEND2(X,Y) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y); #endif - Index: squid/helpers/ntlm_auth/NTLMSSP-WIN32/libntlmssp.c =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/ntlm_auth/NTLMSSP-WIN32/Attic/libntlmssp.c,v retrieving revision 1.1.8.1 retrieving revision 1.1.8.2 diff -u -r1.1.8.1 -r1.1.8.2 --- squid/helpers/ntlm_auth/NTLMSSP-WIN32/libntlmssp.c 16 Jul 2002 13:22:02 -0000 1.1.8.1 +++ squid/helpers/ntlm_auth/NTLMSSP-WIN32/libntlmssp.c 29 Sep 2002 16:31:18 -0000 1.1.8.2 @@ -18,7 +18,6 @@ #include "squid.h" #include "ntlm.h" -#include #include #include @@ -79,7 +78,6 @@ if (nStatus == NERR_Success) { if ((pTmpBuf = pBuf) != NULL) { for (i = 0; i < dwEntriesRead; i++) { - assert(pTmpBuf != NULL); if (pTmpBuf == NULL) { result = FALSE; break; @@ -184,7 +182,7 @@ * Error checking. */ if (status) { - debug("OpenPolicy Error: %d\n", status); + debug("OpenPolicy Error: %ld\n", status); } else { /* @@ -193,9 +191,9 @@ */ status = LsaQueryInformationPolicy(PolicyHandle, PolicyPrimaryDomainInformation, - &ppdiDomainInfo); + (void **)&ppdiDomainInfo); if (status) { - debug("LsaQueryInformationPolicy Error: %d\n", status); + debug("LsaQueryInformationPolicy Error: %ld\n", status); } else { /* Get name in useable format */ @@ -225,7 +223,7 @@ NetApiBufferFree(pwkiWorkstationInfo); LsaFreeMemory((LPVOID)ppdiDomainInfo); } else - debug("NetWkstaGetInfo Error: %d\n", netret); + debug("NetWkstaGetInfo Error: %ld\n", netret); return DomainName; } Index: squid/helpers/ntlm_auth/NTLMSSP-WIN32/ntlm_auth.c =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/ntlm_auth/NTLMSSP-WIN32/Attic/ntlm_auth.c,v retrieving revision 1.1.8.3 retrieving revision 1.1.8.4 diff -u -r1.1.8.3 -r1.1.8.4 --- squid/helpers/ntlm_auth/NTLMSSP-WIN32/ntlm_auth.c 11 Aug 2002 16:45:10 -0000 1.1.8.3 +++ squid/helpers/ntlm_auth/NTLMSSP-WIN32/ntlm_auth.c 29 Sep 2002 16:31:18 -0000 1.1.8.4 @@ -1,5 +1,5 @@ /* - * $Id: ntlm_auth.c,v 1.1.8.3 2002/08/11 16:45:10 serassio Exp $ + * $Id: ntlm_auth.c,v 1.1.8.4 2002/09/29 16:31:18 serassio Exp $ * * This is a helper for NTLM Authentication for Squid Cache * Copyright (C) 2002 Guido Serassio @@ -174,7 +174,6 @@ const char * obtain_challenge() { - int j = 0; const char *ch = NULL; debug("attempting challenge retrieval\n"); Index: squid/helpers/ntlm_auth/NTLMSSP-WIN32/readme.txt =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/ntlm_auth/NTLMSSP-WIN32/Attic/readme.txt,v retrieving revision 1.1.8.1 retrieving revision 1.1.8.2 diff -u -r1.1.8.1 -r1.1.8.2 --- squid/helpers/ntlm_auth/NTLMSSP-WIN32/readme.txt 16 Jul 2002 13:22:02 -0000 1.1.8.1 +++ squid/helpers/ntlm_auth/NTLMSSP-WIN32/readme.txt 29 Sep 2002 16:31:18 -0000 1.1.8.2 @@ -2,19 +2,22 @@ Native Windows NTLM authenticator for Squid 2.5 -Usage: +===== +Usage +===== ntlm_auth [-v] [-a UserGroup] [-d UserGroup] [-l] --v enables debugging statements if DEBUG was defined at build-time. +-v enables debugging statements. -l if specified, changes behavior on failures to last-ditch. --a can specify a Windows Local Group name allowed to authenticate. --d can specify a Windows Local Group name not allowed to authenticate. +-a specify a Windows Local Group name allowed to authenticate. +-d specify a Windows Local Group name not allowed to authenticate. This is released under the GNU General Public License - +============== Allowing Users +============== Users that are allowed to access the web proxy must have the Windows NT User Rights "logon from the network" and must be included in the NT LOCAL User Groups @@ -25,7 +28,9 @@ Refer to Squid documentation for the required changes to squid.conf. -Contact details - +=============== +Contact details +=============== To contact the maintainer of this package, e-mail on squidnt@serassio.it. The latest version may be found on http://www.serassio.it/SquidNT.htm. Index: squid/lib/sspwin32.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/sspwin32.c,v retrieving revision 1.1.6.1 retrieving revision 1.1.6.2 diff -u -r1.1.6.1 -r1.1.6.2 --- squid/lib/sspwin32.c 16 Jul 2002 13:26:14 -0000 1.1.6.1 +++ squid/lib/sspwin32.c 29 Sep 2002 16:31:18 -0000 1.1.6.2 @@ -18,8 +18,6 @@ #include "squid.h" #include "sspwin32.h" - - typedef struct _AUTH_SEQ { BOOL fInitialized; BOOL fHaveCredHandle; @@ -105,7 +103,7 @@ if (!_AcquireCredentialsHandle) { UnloadSecurityDll(); hModule = NULL; - return hModule; + return hModule; } /* CompleteAuthToken is not present on Windows 9x Secur32.dll * Do not check for the availablity of the function if it is NULL @@ -117,21 +115,21 @@ if (!_DeleteSecurityContext) { UnloadSecurityDll(); hModule = NULL; - return hModule; + return hModule; } _FreeContextBuffer = (FREE_CONTEXT_BUFFER_FN) GetProcAddress(hModule, "FreeContextBuffer"); - if (!_FreeContextBuffer) { - UnloadSecurityDll(); - hModule = NULL; - return hModule; + if (!_FreeContextBuffer) { + UnloadSecurityDll(); + hModule = NULL; + return hModule; } _FreeCredentialsHandle = (FREE_CREDENTIALS_HANDLE_FN) GetProcAddress(hModule, "FreeCredentialsHandle"); - if (!_FreeCredentialsHandle) { - UnloadSecurityDll(); - hModule = NULL; - return hModule; + if (!_FreeCredentialsHandle) { + UnloadSecurityDll(); + hModule = NULL; + return hModule; } #ifdef UNICODE _InitializeSecurityContext = (INITIALIZE_SECURITY_CONTEXT_FN) @@ -140,10 +138,10 @@ _InitializeSecurityContext = (INITIALIZE_SECURITY_CONTEXT_FN) GetProcAddress(hModule, "InitializeSecurityContextA"); #endif - if (!_InitializeSecurityContext) { - UnloadSecurityDll(); - hModule = NULL; - return hModule; + if (!_InitializeSecurityContext) { + UnloadSecurityDll(); + hModule = NULL; + return hModule; } #ifdef UNICODE _QuerySecurityPackageInfo = (QUERY_SECURITY_PACKAGE_INFO_FN) @@ -152,9 +150,9 @@ _QuerySecurityPackageInfo = (QUERY_SECURITY_PACKAGE_INFO_FN) GetProcAddress(hModule, "QuerySecurityPackageInfoA"); #endif - if (!_QuerySecurityPackageInfo) { - UnloadSecurityDll(); - hModule = NULL; + if (!_QuerySecurityPackageInfo) { + UnloadSecurityDll(); + hModule = NULL; } return hModule; } @@ -185,7 +183,7 @@ SECPKG_CRED_OUTBOUND, NULL, (NTLM_mode == SSP_NTLM) ? NULL : pAuthIdentity, NULL, NULL, &pAS->hcred, &tsExpiry); if (ss < 0) { - fprintf(stderr, "AcquireCredentialsHandle failed with %08X\n", ss); + fprintf(stderr, "AcquireCredentialsHandle failed with %08lX\n", ss); return FALSE; } pAS->fHaveCredHandle = TRUE; @@ -214,7 +212,7 @@ 0, &pAS->hctxt, &sbdOut, &fContextAttr, &tsExpiry); if (ss < 0) { // - fprintf(stderr, "InitializeSecurityContext failed with %08X\n", ss); + fprintf(stderr, "InitializeSecurityContext failed with %08lX\n", ss); return FALSE; } pAS->fHaveCtxtHandle = TRUE; @@ -224,7 +222,7 @@ if (_CompleteAuthToken) { ss = _CompleteAuthToken(&pAS->hctxt, &sbdOut); if (ss < 0) { - fprintf(stderr, "CompleteAuthToken failed with %08X\n", ss); + fprintf(stderr, "CompleteAuthToken failed with %08lX\n", ss); return FALSE; } } else { @@ -268,7 +266,7 @@ SECPKG_CRED_INBOUND, NULL, NULL, NULL, NULL, &pAS->hcred, &tsExpiry); if (ss < 0) { - fprintf(stderr, "AcquireCredentialsHandle failed with %08X\n", ss); + fprintf(stderr, "AcquireCredentialsHandle failed with %08lX\n", ss); return FALSE; } pAS->fHaveCredHandle = TRUE; @@ -294,7 +292,7 @@ SECURITY_NATIVE_DREP, &pAS->hctxt, &sbdOut, &fContextAttr, &tsExpiry); if (ss < 0) { - fprintf(stderr, "AcceptSecurityContext failed with %08X\n", ss); + fprintf(stderr, "AcceptSecurityContext failed with %08lX\n", ss); return FALSE; } pAS->fHaveCtxtHandle = TRUE; @@ -304,7 +302,7 @@ if (_CompleteAuthToken) { ss = _CompleteAuthToken(&pAS->hctxt, &sbdOut); if (ss < 0) { - fprintf(stderr, "CompleteAuthToken failed with %08X\n", ss); + fprintf(stderr, "CompleteAuthToken failed with %08lX\n", ss); return FALSE; } } else { @@ -393,7 +391,7 @@ &fDone)) break; fResult = TRUE; - } while(0); + } while(0); /* Clean up resources */ if (asClient.fHaveCtxtHandle) @@ -406,6 +404,6 @@ _FreeCredentialsHandle(&asServer.hcred); xfree(pClientBuf); xfree(pServerBuf); - + return fResult; } Index: squid/src/Makefile.am =================================================================== RCS file: /cvsroot/squid-sf//squid/src/Makefile.am,v retrieving revision 1.2.6.19 retrieving revision 1.2.6.20 diff -u -r1.2.6.19 -r1.2.6.20 --- squid/src/Makefile.am 28 Sep 2002 07:52:37 -0000 1.2.6.19 +++ squid/src/Makefile.am 29 Sep 2002 16:31:18 -0000 1.2.6.20 @@ -39,11 +39,15 @@ if ENABLE_UNLINKD UNLINKDSOURCE = unlinkd.c UNLINKD = unlinkd -UNLINKD_EXE = unlinkd$(EXEEXT) else UNLINKDSOURCE = UNLINKD = -UNLINKD_EXE = +endif + +if ENABLE_PINGER +PINGER = pinger +else +PINGER = endif if ENABLE_SSL @@ -58,7 +62,7 @@ WIN32SOURCE = endif -AM_CFLAGS = -Werror -Wall +AM_CFLAGS = -Wall SUBDIRS = fs repl auth @@ -79,7 +83,7 @@ squidclient libexec_PROGRAMS = \ - @OPT_PINGER@ \ + $(PINGER) \ $(DNSSERVER) \ $(UNLINKD) \ cachemgr$(CGIEXT) @@ -282,16 +286,16 @@ DEFAULT_PREFIX = $(prefix) DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf -DEFAULT_DNSSERVER = $(libexecdir)/@OPT_DNSSERVER_EXE@ +DEFAULT_DNSSERVER = $(libexecdir)/dnsserver$(EXEEXT) DEFAULT_LOG_PREFIX = $(localstatedir)/logs DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid DEFAULT_SWAP_DIR = $(localstatedir)/cache -DEFAULT_PINGER = $(libexecdir)/@OPT_PINGER_EXE@ -DEFAULT_UNLINKD = $(libexecdir)/$(UNLINKD_EXE) -DEFAULT_DISKD = $(libexecdir)/@OPT_DISKD_EXE@ +DEFAULT_PINGER = $(libexecdir)/pinger$(EXEEXT) +DEFAULT_UNLINKD = $(libexecdir)/unlinkd$(EXEEXT) +DEFAULT_DISKD = $(libexecdir)/diskd$(EXEEXT) DEFAULT_ICON_DIR = $(datadir)/icons DEFAULT_ERROR_DIR = $(datadir)/errors/@ERR_DEFAULT_LANGUAGE@ DEFAULT_MIB_PATH = $(datadir)/mib.txt Index: squid/src/pinger.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/pinger.c,v retrieving revision 1.3.28.1 retrieving revision 1.3.28.2 diff -u -r1.3.28.1 -r1.3.28.2 --- squid/src/pinger.c 14 Mar 2001 22:17:34 -0000 1.3.28.1 +++ squid/src/pinger.c 29 Sep 2002 16:31:18 -0000 1.3.28.2 @@ -1,6 +1,6 @@ /* - * $Id: pinger.c,v 1.3.28.1 2001/03/14 22:17:34 rbcollins Exp $ + * $Id: pinger.c,v 1.3.28.2 2002/09/29 16:31:18 serassio Exp $ * * DEBUG: section 42 ICMP Pinger program * AUTHOR: Duane Wessels @@ -37,19 +37,94 @@ #if USE_ICMP +/* Native Windows port doesn't have netinet support, so we emulate it. + At this time, Cygwin lacks icmp support in its include files, so we need + to use the native Windows port definitions. + */ + +#if !defined(_SQUID_MSWIN_) && !defined(_SQUID_CYGWIN_) + #include #include #include #include +#define PINGER_TIMEOUT 10 + +static int socket_from_squid = 0; +static int socket_to_squid = 1; + +#else /* _SQUID_MSWIN_ or _SQUID_CYGWIN_ */ + +#ifdef _SQUID_MSWIN_ + +#include +#include + +#define PINGER_TIMEOUT 5 + +static SOCKET socket_to_squid = -1; +#define socket_from_squid socket_to_squid + +typedef unsigned char u_int8_t; + +#else /* _SQUID_CYGWIN_ */ + +#include +#include +#include +#include + +#define PINGER_TIMEOUT 10 + +static int socket_from_squid = 0; +static int socket_to_squid = 1; + +#endif + +#define ICMP_ECHO 8 +#define ICMP_ECHOREPLY 0 + +typedef struct iphdr +{ + u_int8_t ip_vhl:4; /* Length of the header in dwords */ + u_int8_t version:4; /* Version of IP */ + u_int8_t tos; /* Type of service */ + u_int16_t total_len; /* Length of the packet in dwords */ + u_int16_t ident; /* unique identifier */ + u_int16_t flags; /* Flags */ + u_int8_t ip_ttl; /* Time to live */ + u_int8_t proto; /* Protocol number (TCP, UDP etc) */ + u_int16_t checksum; /* IP checksum */ + u_int32_t source_ip; + u_int32_t dest_ip; +} +iphdr; + +/* ICMP header */ +typedef struct icmphdr +{ + u_int8_t icmp_type; /* ICMP packet type */ + u_int8_t icmp_code; /* Type sub code */ + u_int16_t icmp_cksum; + u_int16_t icmp_id; + u_int16_t icmp_seq; + u_int32_t timestamp; /* not part of ICMP, but we need it */ +} +icmphdr; + +#endif /* _SQUID_MSWIN_ */ + #ifndef _SQUID_LINUX_ #ifndef _SQUID_CYGWIN_ +#ifndef _SQUID_MSWIN_ #define icmphdr icmp #define iphdr ip #endif #endif +#endif -#if defined (_SQUID_LINUX_) || defined (_SQUID_CYGWIN_) +#if defined (_SQUID_LINUX_) #ifdef icmp_id #undef icmp_id #endif @@ -123,6 +198,38 @@ pingerOpen(void) { struct protoent *proto = NULL; +#ifdef _SQUID_MSWIN_ + WSADATA wsaData; + WSAPROTOCOL_INFO wpi; + char buf[sizeof(wpi)]; + int x; + struct sockaddr_in PS; + + WSAStartup(2, &wsaData); + + getCurrentTime(); + _db_init(NULL, "ALL,1"); + setmode(0, O_BINARY); + setmode(1, O_BINARY); + x = read(0, buf, sizeof(wpi)); + if (x < sizeof(wpi)) { + getCurrentTime(); + debug(42, 0) ("pingerOpen: read: FD 0: %s\n", xstrerror()); + write(1, "ERR\n", 4); + exit(1); + } + xmemcpy(&wpi, buf, sizeof(wpi)); + + write(1, "OK\n", 3); + x = read(0, buf, sizeof(PS)); + if (x < sizeof(PS)) { + getCurrentTime(); + debug(42, 0) ("pingerOpen: read: FD 0: %s\n", xstrerror()); + write(1, "ERR\n", 4); + exit(1); + } + xmemcpy(&PS, buf, sizeof(PS)); +#endif if ((proto = getprotobyname("icmp")) == 0) { debug(42, 0) ("pingerOpen: unknown protocol: icmp\n"); exit(1); @@ -134,12 +241,50 @@ } icmp_ident = getpid() & 0xffff; debug(42, 0) ("pinger: ICMP socket opened\n"); +#ifdef _SQUID_MSWIN_ + socket_to_squid = + WSASocket(FROM_PROTOCOL_INFO, FROM_PROTOCOL_INFO, FROM_PROTOCOL_INFO, + &wpi, 0, 0); + if (socket_to_squid == INVALID_SOCKET) { + getCurrentTime(); + debug(42, 0) ("pingerOpen: WSASocket: %s\n", xstrerror()); + write(1, "ERR\n", 4); + exit(1); + } + x = connect(socket_to_squid, (struct sockaddr *) &PS, sizeof(PS)); + if (SOCKET_ERROR == x) { + getCurrentTime(); + debug(42, 0) ("pingerOpen: connect: %s\n", xstrerror()); + write(1, "ERR\n", 4); + exit(1); + } + write(1, "OK\n", 3); + memset(buf, 0, sizeof(buf)); + x = recv(socket_to_squid, buf, sizeof(buf), 0); + if (x < 3) { + debug(42, 0) ("icmpOpen: recv: %s\n", xstrerror()); + exit(1); + } + x = send(socket_to_squid, buf, strlen(buf), 0); + if (x < 3 || strncmp("OK\n", buf, 3)) { + debug(42, 0) ("icmpOpen: recv: %s\n", xstrerror()); + exit(1); + } + + getCurrentTime(); + debug(42, 0) ("pinger: Squid socket opened\n"); +#endif } void pingerClose(void) { close(icmp_sock); +#ifdef _SQUID_MSWIN_ + shutdown(socket_to_squid, SD_BOTH); + close(socket_to_squid); + socket_to_squid = -1; +#endif icmp_sock = -1; icmp_ident = 0; } @@ -267,7 +412,7 @@ } sum = (sum >> 16) + (sum & 0xffff); sum += (sum >> 16); - answer = ~sum; + answer = (unsigned short) ~sum; return (answer); } @@ -307,7 +452,7 @@ int n; int guess_size; memset(&pecho, '\0', sizeof(pecho)); - n = recv(0, (char *) &pecho, sizeof(pecho), 0); + n = recv(socket_from_squid, (char *) &pecho, sizeof(pecho), 0); if (n < 0) return n; if (0 == n) { @@ -334,7 +479,7 @@ pingerSendtoSquid(pingerReplyData * preply) { int len = sizeof(pingerReplyData) - MAX_PKT_SZ + preply->psize; - if (send(1, (char *) preply, len, 0) < 0) { + if (send(socket_to_squid, (char *) preply, len, 0) < 0) { debug(50, 0) ("pinger: send: %s\n", xstrerror()); exit(1); } @@ -366,9 +511,13 @@ * cevans - do this first. It grabs a raw socket. After this we can * drop privs */ + pingerOpen(); setgid(getgid()); setuid(getuid()); +#ifdef _SQUID_MSWIN_ + atexit(pingerClose); +#endif if ((t = getenv("SQUID_DEBUG"))) debug_args = xstrdup(t); @@ -376,25 +525,29 @@ _db_init(NULL, debug_args); for (;;) { - tv.tv_sec = 10; + tv.tv_sec = PINGER_TIMEOUT; tv.tv_usec = 0; FD_ZERO(&R); - FD_SET(0, &R); + FD_SET(socket_from_squid, &R); FD_SET(icmp_sock, &R); x = select(icmp_sock + 1, &R, NULL, NULL, &tv); getCurrentTime(); if (x < 0) exit(1); - if (FD_ISSET(0, &R)) + if (FD_ISSET(socket_from_squid, &R)) if (pingerReadRequest() < 0) { debug(42, 0) ("Pinger exiting.\n"); exit(1); } if (FD_ISSET(icmp_sock, &R)) pingerRecv(); - if (10 + last_check_time < squid_curtime) { - if (send(1, (char *) &tv, 0, 0) < 0) + if (PINGER_TIMEOUT + last_check_time < squid_curtime) { + if (send(socket_to_squid, (char *) &tv, 0, 0) < 0) { +#ifdef _SQUID_MSWIN_ + debug(42, 0) ("Pinger exiting.\n"); +#endif exit(1); + } last_check_time = squid_curtime; } } Index: squid/src/fs/awin32/aiops.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/awin32/Attic/aiops.c,v retrieving revision 1.1.2.4 retrieving revision 1.1.2.5 diff -u -r1.1.2.4 -r1.1.2.5 --- squid/src/fs/awin32/aiops.c 11 Aug 2002 16:45:10 -0000 1.1.2.4 +++ squid/src/fs/awin32/aiops.c 29 Sep 2002 16:31:18 -0000 1.1.2.5 @@ -1,5 +1,5 @@ /* - * $Id: aiops.c,v 1.1.2.4 2002/08/11 16:45:10 serassio Exp $ + * $Id: aiops.c,v 1.1.2.5 2002/09/29 16:31:18 serassio Exp $ * * DEBUG: section 43 AIOPS * AUTHOR: Stewart Forster @@ -338,11 +338,12 @@ { squidaio_thread_t *threadp; int i; - HANDLE hthreads[NUMTHREADS]; + HANDLE * hthreads; if (!squidaio_initialised) return; + hthreads = (HANDLE *) xcalloc (NUMTHREADS, sizeof (HANDLE)); threadp = threads; for (i = 0; i < NUMTHREADS; i++) { threadp->exit = 1; @@ -361,6 +362,7 @@ } CloseHandle(main_thread); squidaio_initialised = 0; + xfree(hthreads); } static DWORD WINAPI @@ -719,7 +721,7 @@ #ifdef _SQUID_MSWIN_ if (!ReadFile((HANDLE)_get_osfhandle(requestp->fd), requestp->tmpbufp, requestp->buflen, (LPDWORD)&requestp->ret, NULL)) { - _dosmaperr(GetLastError()); + WIN32_maperror(GetLastError()); requestp->ret = -1; } #else @@ -758,7 +760,7 @@ #ifdef _SQUID_MSWIN_ if (!WriteFile((HANDLE)_get_osfhandle(requestp->fd), requestp->tmpbufp, requestp->buflen, (LPDWORD)&requestp->ret, NULL)) { - _dosmaperr(GetLastError()); + WIN32_maperror(GetLastError()); requestp->ret = -1; } #else @@ -1033,7 +1035,7 @@ threadp = threads; for (i = 0; i < NUMTHREADS; i++) { - storeAppendPrintf(sentry, "%i\t0x%lx\t%d\n", i + 1, threadp->dwThreadId, threadp->requests); + storeAppendPrintf(sentry, "%i\t0x%lx\t%ld\n", i + 1, threadp->dwThreadId, threadp->requests); threadp = threadp->next; } } Index: squid/src/fs/awin32/store_dir_aufs.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/fs/awin32/Attic/store_dir_aufs.c,v retrieving revision 1.1.2.4 retrieving revision 1.1.2.5 diff -u -r1.1.2.4 -r1.1.2.5 --- squid/src/fs/awin32/store_dir_aufs.c 25 Aug 2002 14:45:17 -0000 1.1.2.4 +++ squid/src/fs/awin32/store_dir_aufs.c 29 Sep 2002 16:31:18 -0000 1.1.2.5 @@ -1,6 +1,6 @@ /* - * $Id: store_dir_aufs.c,v 1.1.2.4 2002/08/25 14:45:17 serassio Exp $ + * $Id: store_dir_aufs.c,v 1.1.2.5 2002/09/29 16:31:18 serassio Exp $ * * DEBUG: section 47 Store Directory Routines * AUTHOR: Duane Wessels @@ -215,7 +215,11 @@ } else { fatalf("Swap directory %s is not a directory.", path); } +#ifdef _SQUID_MSWIN_ + } else if (0 == mkdir(path)) { +#else } else if (0 == mkdir(path, 0755)) { +#endif debug(47, should_exist ? 1 : 3) ("%s created\n", path); created = 1; } else { @@ -1170,7 +1174,11 @@ if (dp == NULL) { if (errno == ENOENT) { debug(36, 0) ("storeDirClean: WARNING: Creating %s\n", p1); +#ifdef _SQUID_MSWIN_ + if (mkdir(p1) == 0) +#else if (mkdir(p1, 0777) == 0) +#endif return 0; } debug(50, 0) ("storeDirClean: %s: %s\n", p1, xstrerror());