/*
- * $Id: cache_cf.cc,v 1.65 1996/07/26 17:18:21 wessels Exp $
+ * $Id: cache_cf.cc,v 1.66 1996/07/26 19:28:49 wessels Exp $
*
* DEBUG: section 3 Configuration File Parsing
* AUTHOR: Harvest Derived
#define DefaultUdpIncomingAddr INADDR_ANY
#define DefaultUdpOutgoingAddr INADDR_NONE
#define DefaultClientNetmask 0xFFFFFFFF;
+#define DefaultSslProxyPort 0
+#define DefaultSslProxyHost (char *)NULL
int httpd_accel_mode = 0; /* for fast access */
char *DefaultSwapDir = DEFAULT_SWAP_DIR;
int weight = 1;
int i;
- /* Parse a cache_host line */
if (!(hostname = strtok(NULL, w_space)))
self_destruct();
if (!(type = strtok(NULL, w_space)))
Config.Announce.file = xstrdup(token);
}
+static void parseSslProxyLine()
+{
+ char *token;
+ char *t;
+ token = strtok(NULL, w_space);
+ if (token == NULL)
+ self_destruct();
+ safe_free(Config.sslProxy.host);
+ Config.sslProxy.port = 0;
+ if ((t = strchr(token, ':'))) {
+ *t++ = '\0';
+ Config.sslProxy.port = atoi(t);
+ }
+ Config.sslProxy.host = xstrdup(token);
+}
+
static void parseIntegerValue(iptr)
int *iptr;
{
if ((token = strtok(tmp_line, w_space)) == NULL)
continue;
- /* Parse a cache_host line */
if (!strcmp(token, "cache_host"))
parseCacheHostLine();
- /* Parse a cache_host_domain line */
else if (!strcmp(token, "cache_host_domain"))
parseHostDomainLine();
else if (!strcmp(token, "cache_host_acl"))
parseHostAclLine();
- /* Parse a neighbor_timeout line */
else if (!strcmp(token, "neighbor_timeout"))
parseIntegerValue(&Config.neighborTimeout);
else if (!strcmp(token, "neighbour_timeout")) /* alternate spelling */
parseIntegerValue(&Config.neighborTimeout);
- /* Parse a cache_dir line */
else if (!strcmp(token, "cache_dir"))
parseDirLine();
- /* Parse a cache_log line */
else if (!strcmp(token, "cache_log"))
parseLogLine();
- /* Parse a cache_access_log line */
else if (!strcmp(token, "cache_access_log"))
parseAccessLogLine();
- /* Parse a cache_hierarchy_log line */
else if (!strcmp(token, "cache_hierarchy_log"))
parseHierachyLogLine();
- /* Parse a cache_store_log line */
else if (!strcmp(token, "cache_store_log"))
parseStoreLogLine();
- /* Parse a logfile_rotate line */
else if (!strcmp(token, "logfile_rotate"))
parseIntegerValue(&Config.Log.rotateNumber);
else if (!strcmp(token, "httpd_accel_with_proxy"))
parseOnOff(&Config.Accel.withProxy);
- /* Parse a httpd_accel line */
else if (!strcmp(token, "httpd_accel"))
parseHttpdAccelLine();
- /* Parse a cache_effective_user line */
else if (!strcmp(token, "cache_effective_user"))
parseEffectiveUserLine();
- /* Parse a cache_mem_high line */
else if (!strcmp(token, "cache_swap_high"))
parseIntegerValue(&Config.Swap.highWaterMark);
- /* Parse a cache_mem_low line */
else if (!strcmp(token, "cache_swap_low"))
parseIntegerValue(&Config.Swap.highWaterMark);
- /* Parse a cache_mem_high line */
else if (!strcmp(token, "cache_mem_high"))
parseIntegerValue(&Config.Mem.highWaterMark);
- /* Parse a cache_mem_low line */
else if (!strcmp(token, "cache_mem_low"))
parseIntegerValue(&Config.Mem.lowWaterMark);
- /* Parse a cache_hot_vm_factor line */
else if (!strcmp(token, "cache_hot_vm_factor"))
parseHotVmFactorLine();
- /* Parse a cache_mem line */
- /* XXX: this must be AFTER cache_mem_low, etc. */
else if (!strcmp(token, "cache_mem"))
parseMemLine();
- /* Parse a cache_swap line */
else if (!strcmp(token, "cache_swap"))
parseSwapLine();
- /* Parse a cache_mgr line */
else if (!strcmp(token, "cache_mgr"))
parseMgrLine();
else if (!strcmp(token, "icp_access"))
aclParseAccessLine(&ICPAccessList);
- /* Parse a hierarchy_stoplist line */
else if (!strcmp(token, "hierarchy_stoplist"))
parseHierarchyStoplistLine();
- /* Parse a gopher protocol line */
else if (!strcmp(token, "gopher"))
parseGopherLine();
- /* Parse a http protocol line */
else if (!strcmp(token, "http"))
parseHttpLine();
- /* Parse a ftp protocol line */
else if (!strcmp(token, "ftp"))
parseFtpLine();
else if (!strcmp(token, "ttl_pattern"))
parseTTLPattern();
- /* Parse a negative_ttl line */
else if (!strcmp(token, "negative_ttl"))
parseNegativeLine();
- /* Parse a negative_dns_ttl line */
else if (!strcmp(token, "negative_dns_ttl"))
parseNegativeDnsLine();
- /* Parse a positive_dns_ttl line */
else if (!strcmp(token, "positive_dns_ttl"))
parsePositiveDnsLine();
- /* Parse a read_timeout line */
else if (!strcmp(token, "read_timeout"))
parseReadTimeoutLine();
- /* Parse a clean_rate line */
else if (!strcmp(token, "clean_rate"))
parseCleanRateLine();
- /* Parse a client_lifetime line */
else if (!strcmp(token, "client_lifetime"))
parseLifetimeLine();
- /* Parse a client_lifetime line */
else if (!strcmp(token, "shutdown_lifetime"))
parseIntegerValue(&Config.lifetimeShutdown);
- /* Parse a request_size line */
else if (!strcmp(token, "request_size"))
parseRequestSizeLine();
- /* Parse a connect_timeout line */
else if (!strcmp(token, "connect_timeout"))
parseIntegerValue(&Config.connectTimeout);
- /* Parse a cache_ftp_program line */
else if (!strcmp(token, "cache_ftp_program"))
parseFtpProgramLine();
- /* Parse a cache_ftp_options line */
else if (!strcmp(token, "cache_ftp_options"))
parseFtpOptionsLine();
- /* Parse a cache_dns_program line */
else if (!strcmp(token, "cache_dns_program"))
parseDnsProgramLine();
- /* Parse a cache_dns_program line */
else if (!strcmp(token, "dns_children"))
parseIntegerValue(&Config.dnsChildren);
else if (!strcmp(token, "redirect_program"))
parseRedirectProgramLine();
+
else if (!strcmp(token, "redirect_children"))
parseIntegerValue(&Config.redirectChildren);
else if (!strcmp(token, "firewall_ip"))
parseIPLine(&Config.firewall_ip_list);
- /* Parse a local_domain line */
else if (!strcmp(token, "local_domain"))
parseLocalDomainLine();
else if (!strcmp(token, "outbound_address"))
parseAddressLine(&Config.Addrs.tcp_outgoing);
- /* Parse a http_port line */
else if (!strcmp(token, "http_port") || !strcmp(token, "ascii_port"))
parseHttpPortLine();
- /* Parse a icp_port line */
else if (!strcmp(token, "icp_port") || !strcmp(token, "udp_port"))
parseIcpPortLine();
else if (!strcmp(token, "announce_to"))
parseAnnounceToLine();
- /* If unknown, treat as a comment line */
+ else if (!strcmp(token, "ssl_proxy"))
+ parseSslProxyLine();
+
else {
debug(3, 0, "parseConfigFile: line %d unrecognized: '%s'\n",
config_lineno,
wordlistDestroy(&Config.local_domain_list);
wordlistDestroy(&Config.inside_firewall_list);
wordlistDestroy(&Config.dns_testname_list);
+ safe_free(Config.sslProxy.host);
}
Config.Addrs.udp_outgoing.s_addr = DefaultUdpOutgoingAddr;
Config.Addrs.udp_incoming.s_addr = DefaultUdpIncomingAddr;
Config.Addrs.client_netmask.s_addr = DefaultClientNetmask;
+ Config.sslProxy.port = DefaultSslProxyPort;
+ Config.sslProxy.host = safe_xstrdup(DefaultSslProxyHost);
}
static void configDoConfigure()
/*
- * $Id: neighbors.cc,v 1.37 1996/07/26 16:58:46 wessels Exp $
+ * $Id: neighbors.cc,v 1.38 1996/07/26 19:28:50 wessels Exp $
*
* DEBUG: section 15 Neighbor Routines
* AUTHOR: Harvest Derived
static int edgeWouldBePinged _PARAMS((edge *, request_t *));
static void neighborRemove _PARAMS((edge *));
+static edge *whichEdge _PARAMS((icp_common_t *, struct sockaddr_in *));
static neighbors *friends = NULL;
static struct neighbor_cf *Neighbor_cf = NULL;
};
-edge *whichEdge(header, from)
+static edge *whichEdge(header, from)
icp_common_t *header;
struct sockaddr_in *from;
{
}
neighborsOpenLog(fname);
}
+
+edge *neighborFindByName(name)
+ char *name;
+{
+ edge *e = NULL;
+ for (e = friends->edges_head; e; e = e->next) {
+ if (!strcasecmp(name, e->host))
+ break;
+ }
+ return e;
+}
/*
- * $Id: ssl.cc,v 1.9 1996/07/25 07:10:41 wessels Exp $
+ * $Id: ssl.cc,v 1.10 1996/07/26 19:28:51 wessels Exp $
*
* DEBUG: section 26 Secure Sockets Layer Proxy
* AUTHOR: Duane Wessels
typedef struct {
char *url;
+ char *host; /* either request->host or proxy host */
+ u_short port;
request_t *request;
char *mime_hdr;
struct {
static void sslWriteServer _PARAMS((int fd, SslStateData * sslState));
static void sslWriteClient _PARAMS((int fd, SslStateData * sslState));
static void sslConnected _PARAMS((int fd, SslStateData * sslState));
+static void sslProxyConnected _PARAMS((int fd, SslStateData * sslState));
static int sslConnect _PARAMS((int fd, struct hostent *, SslStateData *));
static void sslConnInProgress _PARAMS((int fd, SslStateData * sslState));
static void sslErrorComplete _PARAMS((int, char *, int, int, void *));
int fd;
SslStateData *sslState;
{
- request_t *req = sslState->request;
char *buf = NULL;
debug(26, 5, "sslConnInProgress: FD %d sslState=%p\n", fd, sslState);
- if (comm_connect(fd, req->host, req->port) != COMM_OK) {
+ if (comm_connect(fd, sslState->host, sslState->port) != COMM_OK) {
debug(26, 5, "sslConnInProgress: FD %d: %s\n", fd, xstrerror());
switch (errno) {
#if EINPROGRESS != EALREADY
}
}
/* We are now fully connected */
- sslConnected(fd, sslState);
+ if (Config.sslProxy.host)
+ sslProxyConnected(fd, sslState);
+ else
+ sslConnected(fd, sslState);
return;
}
request_t *request = sslState->request;
int status;
char *buf = NULL;
- if (!ipcache_gethostbyname(request->host, 0)) {
- debug(26, 4, "sslConnect: Unknown host: %s\n", request->host);
+ if (!ipcache_gethostbyname(sslState->host, 0)) {
+ debug(26, 4, "sslConnect: Unknown host: %s\n", sslState->host);
buf = squid_error_url(sslState->url,
request->method,
ERR_DNS_FAIL,
(PF) sslLifetimeExpire,
(void *) sslState);
/* Open connection. */
- if ((status = comm_connect(fd, request->host, request->port))) {
+ if ((status = comm_connect(fd, sslState->host, sslState->port))) {
if (status != EINPROGRESS) {
buf = squid_error_url(sslState->url,
request->method,
return COMM_OK;
}
}
- sslConnected(sslState->server.fd, sslState);
+ if (Config.sslProxy.host)
+ sslProxyConnected(sslState->server.fd, sslState);
+ else
+ sslConnected(sslState->server.fd, sslState);
return COMM_OK;
}
SslStateData *sslState = NULL;
int sock;
char *buf = NULL;
+ edge *e = NULL;
debug(26, 3, "sslStart: '%s %s'\n",
RequestMethodStr[request->method], url);
sslState->server.fd = sock;
sslState->server.buf = xmalloc(SQUID_TCP_SO_RCVBUF);
sslState->client.buf = xmalloc(SQUID_TCP_SO_RCVBUF);
+ if ((sslState->host = Config.sslProxy.host)) {
+ if ((sslState->port = Config.sslProxy.port) == 0) {
+ if ((e = neighborFindByName(Config.sslProxy.host)))
+ sslState->port = e->http_port;
+ else
+ sslState->port = CACHE_HTTP_PORT;
+ }
+ } else {
+ sslState->host = request->host;
+ sslState->port = request->port;
+ }
comm_add_close_handler(sslState->server.fd,
(PF) sslStateFree,
(void *) sslState);
comm_add_close_handler(sslState->client.fd,
(PF) sslClientClosed,
(void *) sslState);
- ipcache_nbgethostbyname(request->host,
+ ipcache_nbgethostbyname(sslState->host,
sslState->server.fd,
(IPH) sslConnect,
sslState);
return COMM_OK;
}
+
+static void sslProxyConnected(fd, sslState)
+ int fd;
+ SslStateData *sslState;
+{
+ debug(26, 3, "sslProxyConnected: FD %d sslState=%p\n", fd, sslState);
+ sprintf(sslState->client.buf, "CONNECT %s HTTP/1.0\r\n\r\n", sslState->url);
+ debug(26, 3, "sslProxyConnected: Sending 'CONNECT %s HTTP/1.0'\n", sslState->url);
+ sslState->client.len = strlen(sslState->client.buf);
+ sslState->client.offset = 0;
+ comm_set_select_handler(sslState->server.fd,
+ COMM_SELECT_WRITE,
+ (PF) sslWriteServer,
+ (void *) sslState);
+ comm_set_fd_lifetime(fd, 86400); /* extend lifetime */
+ comm_set_select_handler(sslState->server.fd,
+ COMM_SELECT_READ,
+ (PF) sslReadServer,
+ (void *) sslState);
+}
/*
- * $Id: tunnel.cc,v 1.9 1996/07/25 07:10:41 wessels Exp $
+ * $Id: tunnel.cc,v 1.10 1996/07/26 19:28:51 wessels Exp $
*
* DEBUG: section 26 Secure Sockets Layer Proxy
* AUTHOR: Duane Wessels
typedef struct {
char *url;
+ char *host; /* either request->host or proxy host */
+ u_short port;
request_t *request;
char *mime_hdr;
struct {
static void sslWriteServer _PARAMS((int fd, SslStateData * sslState));
static void sslWriteClient _PARAMS((int fd, SslStateData * sslState));
static void sslConnected _PARAMS((int fd, SslStateData * sslState));
+static void sslProxyConnected _PARAMS((int fd, SslStateData * sslState));
static int sslConnect _PARAMS((int fd, struct hostent *, SslStateData *));
static void sslConnInProgress _PARAMS((int fd, SslStateData * sslState));
static void sslErrorComplete _PARAMS((int, char *, int, int, void *));
int fd;
SslStateData *sslState;
{
- request_t *req = sslState->request;
char *buf = NULL;
debug(26, 5, "sslConnInProgress: FD %d sslState=%p\n", fd, sslState);
- if (comm_connect(fd, req->host, req->port) != COMM_OK) {
+ if (comm_connect(fd, sslState->host, sslState->port) != COMM_OK) {
debug(26, 5, "sslConnInProgress: FD %d: %s\n", fd, xstrerror());
switch (errno) {
#if EINPROGRESS != EALREADY
}
}
/* We are now fully connected */
- sslConnected(fd, sslState);
+ if (Config.sslProxy.host)
+ sslProxyConnected(fd, sslState);
+ else
+ sslConnected(fd, sslState);
return;
}
request_t *request = sslState->request;
int status;
char *buf = NULL;
- if (!ipcache_gethostbyname(request->host, 0)) {
- debug(26, 4, "sslConnect: Unknown host: %s\n", request->host);
+ if (!ipcache_gethostbyname(sslState->host, 0)) {
+ debug(26, 4, "sslConnect: Unknown host: %s\n", sslState->host);
buf = squid_error_url(sslState->url,
request->method,
ERR_DNS_FAIL,
(PF) sslLifetimeExpire,
(void *) sslState);
/* Open connection. */
- if ((status = comm_connect(fd, request->host, request->port))) {
+ if ((status = comm_connect(fd, sslState->host, sslState->port))) {
if (status != EINPROGRESS) {
buf = squid_error_url(sslState->url,
request->method,
return COMM_OK;
}
}
- sslConnected(sslState->server.fd, sslState);
+ if (Config.sslProxy.host)
+ sslProxyConnected(sslState->server.fd, sslState);
+ else
+ sslConnected(sslState->server.fd, sslState);
return COMM_OK;
}
SslStateData *sslState = NULL;
int sock;
char *buf = NULL;
+ edge *e = NULL;
debug(26, 3, "sslStart: '%s %s'\n",
RequestMethodStr[request->method], url);
sslState->server.fd = sock;
sslState->server.buf = xmalloc(SQUID_TCP_SO_RCVBUF);
sslState->client.buf = xmalloc(SQUID_TCP_SO_RCVBUF);
+ if ((sslState->host = Config.sslProxy.host)) {
+ if ((sslState->port = Config.sslProxy.port) == 0) {
+ if ((e = neighborFindByName(Config.sslProxy.host)))
+ sslState->port = e->http_port;
+ else
+ sslState->port = CACHE_HTTP_PORT;
+ }
+ } else {
+ sslState->host = request->host;
+ sslState->port = request->port;
+ }
comm_add_close_handler(sslState->server.fd,
(PF) sslStateFree,
(void *) sslState);
comm_add_close_handler(sslState->client.fd,
(PF) sslClientClosed,
(void *) sslState);
- ipcache_nbgethostbyname(request->host,
+ ipcache_nbgethostbyname(sslState->host,
sslState->server.fd,
(IPH) sslConnect,
sslState);
return COMM_OK;
}
+
+static void sslProxyConnected(fd, sslState)
+ int fd;
+ SslStateData *sslState;
+{
+ debug(26, 3, "sslProxyConnected: FD %d sslState=%p\n", fd, sslState);
+ sprintf(sslState->client.buf, "CONNECT %s HTTP/1.0\r\n\r\n", sslState->url);
+ debug(26, 3, "sslProxyConnected: Sending 'CONNECT %s HTTP/1.0'\n", sslState->url);
+ sslState->client.len = strlen(sslState->client.buf);
+ sslState->client.offset = 0;
+ comm_set_select_handler(sslState->server.fd,
+ COMM_SELECT_WRITE,
+ (PF) sslWriteServer,
+ (void *) sslState);
+ comm_set_fd_lifetime(fd, 86400); /* extend lifetime */
+ comm_set_select_handler(sslState->server.fd,
+ COMM_SELECT_READ,
+ (PF) sslReadServer,
+ (void *) sslState);
+}
projects / thirdparty / squid.git / commitdiff
