/*
- * $Id: tools.cc,v 1.281 2008/02/11 22:44:50 rousskov Exp $
+ * $Id$
*
* DEBUG: section 21 Misc Functions
* AUTHOR: Harvest Derived
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
#include "MemBuf.h"
#include "wordlist.h"
#include "SquidTime.h"
-#include "IPInterception.h"
+#include "ip/IpIntercept.h"
#ifdef _SQUID_LINUX_
#if HAVE_SYS_CAPABILITY_H
snprintf(command, 256, "%s %s < %s", Config.EmailProgram, Config.adminEmail, filename);
- if(system(command)) {} /* XXX should avoid system(3) */
+ if (system(command)) {} /* XXX should avoid system(3) */
unlink(filename);
}
{
va_list args;
va_start(args, fmt);
-
fatalvf(fmt, args);
va_end(args);
}
LOCAL_ARRAY(char, host, SQUIDHOSTNAMELEN + 1);
static int present = 0;
struct addrinfo *AI = NULL;
- IPAddress sa;
+ IpAddress sa;
if (Config.visibleHostname != NULL)
return Config.visibleHostname;
* If the first http_port address has a specific address, try a
* reverse DNS lookup on it.
*/
- if( !sa.IsAnyAddr() ) {
+ if ( !sa.IsAnyAddr() ) {
sa.GetAddrInfo(AI);
/* we are looking for a name. */
- if(xgetnameinfo(AI->ai_addr, AI->ai_addrlen, host, SQUIDHOSTNAMELEN, NULL, 0, NI_NAMEREQD ) == 0) {
+ if (xgetnameinfo(AI->ai_addr, AI->ai_addrlen, host, SQUIDHOSTNAMELEN, NULL, 0, NI_NAMEREQD ) == 0) {
/* DNS lookup successful */
/* use the official name from DNS lookup */
debugs(50, 4, "getMyHostname: resolved " << sa << " to '" << host << "'");
sa.FreeAddrInfo(AI);
debugs(50, 1, "WARNING: failed to resolve " << sa << " to a fully qualified hostname");
- }
- else {
+ } else {
if (gethostname(host, SQUIDHOSTNAMELEN) < 0) {
debugs(50, 1, "WARNING: gethostname failed: " << xstrerror());
- }
- else {
+ } else {
/* Verify that the hostname given resolves properly */
struct addrinfo hints;
memset(&hints, 0, sizeof(addrinfo));
hints.ai_flags = AI_CANONNAME;
- if(xgetaddrinfo(host, NULL, NULL, &AI) == 0) {
+ if (xgetaddrinfo(host, NULL, NULL, &AI) == 0) {
/* DNS lookup successful */
/* use the official name from DNS lookup */
debugs(50, 6, "getMyHostname: '" << host << "' has rDNS.");
present = 1;
/* AYJ: do we want to flag AI_ALL and cache the result anywhere. ie as our local host IPs? */
- if(AI) {
+ if (AI) {
xfreeaddrinfo(AI);
AI = NULL;
}
return host;
}
- if(AI) xfreeaddrinfo(AI);
+ if (AI) xfreeaddrinfo(AI);
debugs(50, 1, "WARNING: '" << host << "' rDNS test failed: " << xstrerror());
}
}
host = lt;
}
- if (ipcacheAddEntryFromHosts(host, addr) != 0)
- goto skip; /* invalid address, continuing is useless */
-
+ if (ipcacheAddEntryFromHosts(host, addr) != 0) {
+ /* invalid address, continuing is useless */
+ wordlistDestroy(&hosts);
+ hosts = NULL;
+ break;
+ }
wordlistAdd(&hosts, host);
lt = nt + 1;
}
- fqdncacheAddEntryFromHosts(addr, hosts);
-
-skip:
- wordlistDestroy(&hosts);
+ if (hosts) {
+ fqdncacheAddEntryFromHosts(addr, hosts);
+ wordlistDestroy(&hosts);
+ }
}
fclose (fp);
mb->append(str, l);
str += l;
- switch(*str) {
+ switch (*str) {
case '\n':
mb->append("\\n", 2);
#if HAVE_PRCTL && defined(PR_SET_KEEPCAPS) && HAVE_SYS_CAPABILITY_H
if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) {
- IPInterceptor.StopTransparency("capability setting has failed.");
+ IpInterceptor.StopTransparency("capability setting has failed.");
}
#endif
}
static void
restoreCapabilities(int keep)
{
-#if defined(_SQUID_LINUX_) && HAVE_SYS_CAPABILITY_H
+ /* NP: keep these two if-endif separate. Non-Linux work perfectly well without Linux syscap support. */
+#if defined(_SQUID_LINUX_)
+
+#if HAVE_SYS_CAPABILITY_H
#ifndef _LINUX_CAPABILITY_VERSION_1
#define _LINUX_CAPABILITY_VERSION_1 _LINUX_CAPABILITY_VERSION
#endif
head->version = _LINUX_CAPABILITY_VERSION_1;
if (capget(head, cap) != 0) {
- debugs(50, 1, "Can't get current capabilities");
- goto nocap;
- }
-
- if (head->version != _LINUX_CAPABILITY_VERSION_1) {
- debugs(50, 1, "Invalid capability version " << head->version << " (expected " << _LINUX_CAPABILITY_VERSION_1 << ")");
- goto nocap;
- }
+ debugs(50, DBG_IMPORTANT, "Can't get current capabilities");
+ } else if (head->version != _LINUX_CAPABILITY_VERSION_1) {
+ debugs(50, DBG_IMPORTANT, "Invalid capability version " << head->version << " (expected " << _LINUX_CAPABILITY_VERSION_1 << ")");
+ } else {
- head->pid = 0;
+ head->pid = 0;
- cap->inheritable = 0;
- cap->effective = (1 << CAP_NET_BIND_SERVICE);
+ cap->inheritable = 0;
+ cap->effective = (1 << CAP_NET_BIND_SERVICE);
- if(IPInterceptor.TransparentActive()) {
- cap->effective |= (1 << CAP_NET_ADMIN);
+ if (IpInterceptor.TransparentActive()) {
+ cap->effective |= (1 << CAP_NET_ADMIN);
#if LINUX_TPROXY2
- cap->effective |= (1 << CAP_NET_BROADCAST);
+ cap->effective |= (1 << CAP_NET_BROADCAST);
#endif
- }
+ }
- if (!keep)
- cap->permitted &= cap->effective;
+ if (!keep)
+ cap->permitted &= cap->effective;
- if (capset(head, cap) != 0) {
- IPInterceptor.StopTransparency("Error enabling needed capabilities.");
+ if (capset(head, cap) != 0) {
+ IpInterceptor.StopTransparency("Error enabling needed capabilities.");
+ }
}
-nocap:
xfree(head);
xfree(cap);
-#else /* not defined(_SQUID_LINUX_) && HAVE_SYS_CAPABILITY_H */
- IPInterceptor.StopTransparency("Missing needed capability support.");
-#endif
+#else
+ IpInterceptor.StopTransparency("Missing needed capability support.");
+#endif /* HAVE_SYS_CAPABILITY_H */
+
+#endif /* !defined(_SQUID_LINUX_) */
}
void *