- Fixed pconnPush() bug that prevented holding on to
persistent connections (Manfred Bathelt).
- Pid file now rewritten on SIGHUP.
+ - Rewrote the anonymizer.
+ - Removed the http_anonymizer option.
+ - Added the http_header option to allow individual referencing of
+ headers for addition or removal. See 'http_header' in squid.conf
+ for additional configuration.
Changes to Squid-2.1 (November 16, 1998):
/*
- * $Id: HttpHeader.cc,v 1.59 1998/12/05 00:54:11 wessels Exp $
+ * $Id: HttpHeader.cc,v 1.60 1999/01/22 19:06:58 glenn Exp $
*
* DEBUG: section 55 HTTP Header
* AUTHOR: Alex Rousskov
assert(8 * sizeof(HttpHeaderMask) >= HDR_ENUM_END);
/* all headers must be described */
assert(countof(HeadersAttrs) == HDR_ENUM_END);
- Headers = httpHeaderBuildFieldsInfo(HeadersAttrs, HDR_ENUM_END);
+ if(!Headers)
+ Headers = httpHeaderBuildFieldsInfo(HeadersAttrs, HDR_ENUM_END);
/* create masks */
- httpHeaderMaskInit(&ListHeadersMask);
+ httpHeaderMaskInit(&ListHeadersMask, 0);
httpHeaderCalcMask(&ListHeadersMask, (const int *) ListHeadersArr, countof(ListHeadersArr));
- httpHeaderMaskInit(&ReplyHeadersMask);
+ httpHeaderMaskInit(&ReplyHeadersMask, 0);
httpHeaderCalcMask(&ReplyHeadersMask, (const int *) ReplyHeadersArr, countof(ReplyHeadersArr));
httpHeaderCalcMask(&ReplyHeadersMask, (const int *) GeneralHeadersArr, countof(GeneralHeadersArr));
httpHeaderCalcMask(&ReplyHeadersMask, (const int *) EntityHeadersArr, countof(EntityHeadersArr));
- httpHeaderMaskInit(&RequestHeadersMask);
+ httpHeaderMaskInit(&RequestHeadersMask, 0);
httpHeaderCalcMask(&RequestHeadersMask, (const int *) RequestHeadersArr, countof(RequestHeadersArr));
httpHeaderCalcMask(&RequestHeadersMask, (const int *) GeneralHeadersArr, countof(GeneralHeadersArr));
httpHeaderCalcMask(&RequestHeadersMask, (const int *) EntityHeadersArr, countof(EntityHeadersArr));
int count = 0;
HttpHeaderPos pos = HttpHeaderInitPos;
HttpHeaderEntry *e;
- httpHeaderMaskInit(&hdr->mask); /* temporal inconsistency */
+ httpHeaderMaskInit(&hdr->mask, 0); /* temporal inconsistency */
debug(55, 7) ("deleting '%s' fields in hdr %p\n", name, hdr);
while ((e = httpHeaderGetEntry(hdr, &pos))) {
if (!strCaseCmp(e->name, name)) {
HttpHeaderStats[0].parsedCount);
storeAppendPrintf(e, "Hdr Fields Parsed: %d\n", HeaderEntryParsedCount);
}
+
+int
+httpHeaderIdByName(const char *name, int name_len, const HttpHeaderFieldInfo * info, int end)
+{
+ int i;
+ for (i = 0; i < end; ++i) {
+ if (name_len >= 0 && name_len != strLen(info[i].name))
+ continue;
+ if (!strncasecmp(name, strBuf(info[i].name),
+ name_len < 0 ? strLen(info[i].name) + 1 : name_len))
+ return i;
+ }
+ return -1;
+}
+
+int
+httpHeaderIdByNameDef(const char *name, int name_len)
+{
+ if (!Headers)
+ Headers = httpHeaderBuildFieldsInfo(HeadersAttrs, HDR_ENUM_END);
+ return httpHeaderIdByName(name, name_len, Headers, HDR_ENUM_END);
+}
+
/*
- * $Id: HttpHeaderTools.cc,v 1.22 1999/01/11 21:55:36 wessels Exp $
+ * $Id: HttpHeaderTools.cc,v 1.23 1999/01/22 19:06:59 glenn Exp $
*
* DEBUG: section 66 HTTP Header Tools
* AUTHOR: Alex Rousskov
}
void
-httpHeaderMaskInit(HttpHeaderMask * mask)
+httpHeaderMaskInit(HttpHeaderMask * mask, int value)
{
- memset(mask, 0, sizeof(*mask));
+ memset(mask, value, sizeof(*mask));
}
/* calculates a bit mask of a given array; does not reset mask! */
}
}
-
-int
-httpHeaderIdByName(const char *name, int name_len, const HttpHeaderFieldInfo * info, int end)
-{
- int i;
- for (i = 0; i < end; ++i) {
- if (name_len >= 0 && name_len != strLen(info[i].name))
- continue;
- if (!strncasecmp(name, strBuf(info[i].name),
- name_len < 0 ? strLen(info[i].name) + 1 : name_len))
- return i;
- }
- return -1;
-}
-
/* same as httpHeaderPutStr, but formats the string using snprintf first */
#if STDC_HEADERS
void
/*
- * $Id: HttpReply.cc,v 1.34 1998/12/05 00:54:11 wessels Exp $
+ * $Id: HttpReply.cc,v 1.35 1999/01/22 19:07:00 glenn Exp $
*
* DEBUG: section 58 HTTP Reply (Response)
* AUTHOR: Alex Rousskov
void
httpReplyInitModule()
{
- httpHeaderMaskInit(&Denied304HeadersMask);
+ httpHeaderMaskInit(&Denied304HeadersMask, 0);
httpHeaderCalcMask(&Denied304HeadersMask, (const int *) Denied304HeadersArr, countof(Denied304HeadersArr));
}
/*
- * $Id: HttpRequest.cc,v 1.20 1999/01/11 22:23:07 wessels Exp $
+ * $Id: HttpRequest.cc,v 1.21 1999/01/22 19:07:00 glenn Exp $
*
* DEBUG: section 73 HTTP Request
* AUTHOR: Duane Wessels
httpRequestHdrAllowed(const HttpHeaderEntry * e, String * strConn)
{
assert(e);
- /* check connection header first */
+ /* check with anonymizer tables */
+ if (CBIT_TEST(Config.http_header, e->id))
+ return 0;
+ /* check connection header */
if (strConn && strListIsMember(strConn, strBuf(e->name), ','))
return 0;
- /* check with anonymizer tables */
- if (Config.onoff.anonymizer == ANONYMIZER_PARANOID) {
- return httpAnonHdrAllowed(e->id);
- } else if (Config.onoff.anonymizer == ANONYMIZER_STANDARD) {
- return !httpAnonHdrDenied(e->id);
- }
return 1;
}
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.167 1999/01/13 23:24:09 wessels Exp $
+# $Id: Makefile.in,v 1.168 1999/01/22 19:07:01 glenn Exp $
#
# Uncomment and customize the following to suit your needs:
#
helper.o \
@HTCP_OBJS@ \
http.o \
- http-anon.o \
HttpStatusLine.o \
HttpHdrCc.o \
HttpHdrRange.o \
/*
- * $Id: cache_cf.cc,v 1.319 1999/01/21 23:15:35 wessels Exp $
+ * $Id: cache_cf.cc,v 1.320 1999/01/22 19:07:02 glenn Exp $
*
* DEBUG: section 3 Configuration File Parsing
* AUTHOR: Harvest Derived
static const char *const list_sep = ", \t\n\r";
+static int http_header_first = 0;
+
static void self_destruct(void);
static void configDoConfigure(void);
static void free_all(void);
static void requirePathnameExists(const char *name, const char *path);
static OBJH dump_config;
+static void dump_http_header(StoreEntry * entry, const char *name, HttpHeaderMask header);
+static void parse_http_header(HttpHeaderMask * header);
+static void free_http_header(HttpHeaderMask *header);
static void
self_destruct(void)
memset(addr, '\0', sizeof(struct in_addr));
}
+static void
+dump_http_header(StoreEntry * entry, const char *name, HttpHeaderMask header)
+{
+ storeAppendPrintf(entry, "%s\n", name);
+}
+
+static void
+parse_http_header(HttpHeaderMask * header)
+{
+ int allowed, id;
+ char *t = NULL;
+
+ if ((t = strtok(NULL, w_space)) == NULL) {
+ debug(3, 0) ("%s line %d: %s\n",
+ cfg_filename, config_lineno, config_input_line);
+ debug(3, 0) ("parse_http_header: missing 'allow' or 'deny'.\n");
+ return;
+ }
+ if (!strcmp(t, "allow"))
+ allowed = 1;
+ else if (!strcmp(t, "deny"))
+ allowed = 0;
+ else {
+ debug(3, 0) ("%s line %d: %s\n",
+ cfg_filename, config_lineno, config_input_line);
+ debug(3, 0) ("parse_http_header: expecting 'allow' or 'deny', got '%s'.\n", t);
+ return;
+ }
+
+ if(!http_header_first){
+ http_header_first = 1;
+ if (allowed)
+ httpHeaderMaskInit(header, 0xFF);
+ }
+
+ while ((t = strtok(NULL, w_space))) {
+ if ((id = httpHeaderIdByNameDef(t, strlen(t))) == -1)
+ id = HDR_OTHER;
+ if (allowed)
+ CBIT_CLR(*header, id);
+ else
+ CBIT_SET(*header, id);
+ }
+}
+
+static void
+free_http_header(HttpHeaderMask *header)
+{
+ httpHeaderMaskInit(header, 0);
+}
+
static void
dump_cachedir(StoreEntry * entry, const char *name, cacheSwap swap)
{
}
}
-static void
-dump_httpanonymizer(StoreEntry * entry, const char *name, int var)
-{
- switch (var) {
- case ANONYMIZER_NONE:
- storeAppendPrintf(entry, "%s off\n", name);
- break;
- case ANONYMIZER_STANDARD:
- storeAppendPrintf(entry, "%s paranoid\n", name);
- break;
- case ANONYMIZER_PARANOID:
- storeAppendPrintf(entry, "%s standard\n", name);
- break;
- }
-}
-
-static void
-parse_httpanonymizer(int *var)
-{
- char *token;
- token = strtok(NULL, w_space);
- if (token == NULL)
- self_destruct();
- if (!strcasecmp(token, "off"))
- *var = ANONYMIZER_NONE;
- else if (!strcasecmp(token, "paranoid"))
- *var = ANONYMIZER_PARANOID;
- else
- *var = ANONYMIZER_STANDARD;
-}
-
-
static void
dump_ushortlist(StoreEntry * entry, const char *name, ushortlist * u)
{
#
-# $Id: cf.data.pre,v 1.133 1999/01/21 23:58:41 wessels Exp $
+# $Id: cf.data.pre,v 1.134 1999/01/22 19:07:03 glenn Exp $
#
#
# SQUID Internet Object Cache http://squid.nlanr.net/Squid/
store_objects_per_bucket 20
DOC_END
-
-NAME: http_anonymizer
-TYPE: httpanonymizer
-LOC: Config.onoff.anonymizer
-DEFAULT: off
-DOC_START
- If you want to filter out certain HTTP request headers for
- privacy reasons, enable this option. There are three
- appropriate settings:
- 'off' All HTTP request headers are passed.
- 'standard' Specific headers are removed
- 'paranoid' Only specific headers are allowed.
- To see which headers are allowed or denied, please see the
- http-anon.c source file.
-
-http_anonymizer off
-DOC_END
-
-
NAME: client_db
COMMENT: on|off
TYPE: onoff
and firewall_ip.
DOC_END
+NAME: http_header
+TYPE: http_header
+LOC: Config.http_header
+DEFAULT: none
+DOC_START
+ Lets you to configure which headers are passed by squid
+ to allow you to anonymize the requests delivered by your
+ proxy server. Please read the HTTP rfc's for header names
+ and functions.
+
+ There are two methods of using this command. You can choose
+ two methods either:
+
+ http_header allow header_name ...
+
+ Which denys all headers expect for those listed. Or :
+
+ http_header deny header_name ...
+
+ Which allows all headers except for those listed. By default
+ all headers are allowed. You CAN NOT have allow and deny
+ commands together in the same configuration.
+
+ usage:
+
+ http_header allow|deny header_name ...
+
+Example:
+This example acts like the old standard configuration:
+
+http_header deny From Referer Server User-Agent WWW-Authenticate Link
+DOC_END
+
NAME: fake_user_agent
TYPE: eol
LOC: Config.fake_ua
DEFAULT: none
DOC_START
- If you use the paranoid http_anonymizer setting, Squid will strip
- your User-agent string from the request. Some Web servers will
- refuse your request without a User-agent string. Use this to
+ If you filter the User-Agent header with 'http_header' it will
+ cause some Web servers to refuse your request. Use this to
fake one up. For example:
fake_user_agent Nutscrape/1.0 (CP/M; 8-bit)
/*
- * $Id: main.cc,v 1.287 1999/01/21 21:13:02 wessels Exp $
+ * $Id: main.cc,v 1.288 1999/01/22 19:07:04 glenn Exp $
*
* DEBUG: section 1 Startup and Main Loop
* AUTHOR: Harvest Derived
authenticateInit();
useragentOpenLog();
httpHeaderInitModule(); /* must go before any header processing (e.g. the one in errorInitialize) */
- httpAnonInitModule(); /* must go before accepting requests */
httpReplyInitModule(); /* must go before accepting replies */
errorInitialize();
accessLogInit();
/*
- * $Id: protos.h,v 1.309 1999/01/21 21:13:04 wessels Exp $
+ * $Id: protos.h,v 1.310 1999/01/22 19:07:05 glenn Exp $
*
*
* SQUID Internet Object Cache http://squid.nlanr.net/Squid/
extern HttpHeaderFieldInfo *httpHeaderBuildFieldsInfo(const HttpHeaderFieldAttrs * attrs, int count);
extern void httpHeaderDestroyFieldsInfo(HttpHeaderFieldInfo * info, int count);
extern int httpHeaderIdByName(const char *name, int name_len, const HttpHeaderFieldInfo * attrs, int end);
-extern void httpHeaderMaskInit(HttpHeaderMask * mask);
+extern int httpHeaderIdByNameDef(const char *name, int name_len);
+extern void httpHeaderMaskInit(HttpHeaderMask * mask, int value);
extern void httpHeaderCalcMask(HttpHeaderMask * mask, const int *enums, int count);
extern int httpHeaderHasConnDir(const HttpHeader * hdr, const char *directive);
extern void httpHeaderAddContRange(HttpHeader * hdr, HttpHdrRangeSpec spec, size_t ent_len);
/*
- * $Id: structs.h,v 1.267 1999/01/21 23:58:47 wessels Exp $
+ * $Id: structs.h,v 1.268 1999/01/22 19:07:06 glenn Exp $
*
*
* SQUID Internet Object Cache http://squid.nlanr.net/Squid/
char *encode_key;
} mcast_miss;
#endif
+ HttpHeaderMask http_header;
};
struct _SquidConfig2 {
projects / thirdparty / squid.git / commitdiff
