-const char jcc_rcs[] = "$Id: jcc.c,v 1.69 2002/03/04 23:50:00 jongfoster Exp $";
+const char jcc_rcs[] = "$Id: jcc.c,v 1.77 2002/03/07 03:52:06 oes Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/jcc.c,v $
*
* Revisions :
* $Log: jcc.c,v $
+ * Revision 1.77 2002/03/07 03:52:06 oes
+ * - Fixed compiler warnings etc
+ * - Improved handling of failed DNS lookups
+ *
+ * Revision 1.76 2002/03/06 22:54:35 jongfoster
+ * Automated function-comment nitpicking.
+ *
+ * Revision 1.75 2002/03/06 10:02:19 oes
+ * Fixed stupid bug when --user was not given
+ *
+ * Revision 1.74 2002/03/06 00:49:31 jongfoster
+ * Fixing warning on Windows
+ * Making #ifdefs that refer to the same variable consistently
+ * use #ifdef unix rather than mixing #ifdef unix & #ifndef OS2
+ *
+ * Revision 1.73 2002/03/05 23:57:30 hal9
+ * Stray character 's' on line 1618 was breaking build.
+ *
+ * Revision 1.72 2002/03/05 21:33:45 david__schmidt
+ * - Re-enable OS/2 building after new parms were added
+ * - Fix false out of memory report when resolving CGI templates when no IP
+ * address is available of failed attempt (a la no such domain)
+ *
+ * Revision 1.71 2002/03/05 18:13:56 oes
+ * Added --user option
+ *
+ * Revision 1.70 2002/03/05 04:52:42 oes
+ * Deleted non-errlog debugging code
+ *
* Revision 1.69 2002/03/04 23:50:00 jongfoster
* Splitting off bind_port() call into bind_port_helper(), with
* improved logging.
#include <sys/termios.h>
#endif /* sun */
+#ifdef unix
+#include <pwd.h>
+#include <grp.h>
+#endif
+
# include <signal.h>
# ifdef __BEOS__
* to be reopened by the main thread on HUP.
*
* Parameters :
- * 1 : the_signal - the signal cause this function to call
+ * 1 : the_signal = the signal cause this function to call
*
* Returns : -
*
int byte_count = 0;
const struct forward_spec * fwd;
struct http_request *http;
+ size_t len; /* for buffer sizes */
#ifdef FEATURE_KILL_POPUPS
int block_popups; /* bool, 1==will block popups */
int block_popups_now = 0; /* bool, 1==currently blocking popups */
while (FOREVER)
{
- n = read_socket(csp->cfd, buf, sizeof(buf));
+ len = read_socket(csp->cfd, buf, sizeof(buf));
- if (n <= 0) break; /* error! */
+ if (len <= 0) break; /* error! */
- add_to_iob(csp, buf, n);
+ add_to_iob(csp, buf, len);
req = get_header(csp);
{
if ( ( p = get_header(csp) ) && ( *p == '\0' ) )
{
- n = read_socket(csp->cfd, buf, sizeof(buf));
- if (n <= 0)
+ len = read_socket(csp->cfd, buf, sizeof(buf));
+ if (len <= 0)
{
log_error(LOG_LEVEL_ERROR, "read from client failed: %E");
return;
}
- add_to_iob(csp, buf, n);
+ add_to_iob(csp, buf, len);
continue;
}
* (along with anything else that may be in the buffer)
*/
- n = strlen(hdr);
+ len = strlen(hdr);
- if ((write_socket(csp->sfd, hdr, n) != n)
+ if ((write_socket(csp->sfd, hdr, len) != len)
|| (flush_socket(csp->sfd, csp ) < 0))
{
log_error(LOG_LEVEL_CONNECT, "write header to: %s failed: %E",
if (FD_ISSET(csp->cfd, &rfds))
{
- n = read_socket(csp->cfd, buf, sizeof(buf));
+ len = read_socket(csp->cfd, buf, sizeof(buf));
- if (n <= 0)
+ if (len <= 0)
{
break; /* "game over, man" */
}
- if (write_socket(csp->sfd, buf, n) != n)
+ if (write_socket(csp->sfd, buf, len) != len)
{
log_error(LOG_LEVEL_ERROR, "write to: %s failed: %E", http->host);
return;
if (FD_ISSET(csp->sfd, &rfds))
{
fflush( 0 );
- n = read_socket(csp->sfd, buf, sizeof(buf) - 1);
+ len = read_socket(csp->sfd, buf, sizeof(buf) - 1);
- if (n < 0)
+ if (len < 0)
{
log_error(LOG_LEVEL_ERROR, "read from: %s failed: %E", http->host);
/* Add a trailing zero. This lets filter_popups
* use string operations.
*/
- buf[n] = '\0';
+ buf[len] = '\0';
#ifdef FEATURE_KILL_POPUPS
/* Filter the popups on this read. */
* doesn't generate a valid header, then we won't
* transmit anything to the client.
*/
- if (n == 0)
+ if (len == 0)
{
if (server_body || http->ssl)
log_error(LOG_LEVEL_FATAL, "Out of memory parsing server header");
}
- n = strlen(hdr);
+ len = strlen(hdr);
- if ((write_socket(csp->cfd, hdr, n) != n)
+ if ((write_socket(csp->cfd, hdr, len) != len)
|| (write_socket(csp->cfd, p != NULL ? p : csp->iob->cur, csp->content_length) != (int)csp->content_length))
{
log_error(LOG_LEVEL_ERROR, "write modified content to client failed: %E");
* This is NOT the body, so
* Let's pretend the server just sent us a blank line.
*/
- n = sprintf(buf, "\r\n");
+ len = sprintf(buf, "\r\n");
/*
* Now, let the normal header parsing algorithm below do its
{
if (content_filter)
{
- add_to_iob(csp, buf, n);
+ add_to_iob(csp, buf, len);
/*
* If the buffer limit will be reached on the next read,
log_error(LOG_LEVEL_FATAL, "Out of memory parsing server header");
}
- n = strlen(hdr);
- byte_count += n;
+ len = strlen(hdr);
+ byte_count += len;
- if (((write_socket(csp->cfd, hdr, n) != n)
- || (n = flush_socket(csp->cfd, csp) < 0)))
+ if (((write_socket(csp->cfd, hdr, len) != len)
+ || (len = flush_socket(csp->cfd, csp) < 0)))
{
log_error(LOG_LEVEL_CONNECT, "write header to client failed: %E");
}
freez(hdr);
- byte_count += n;
+ byte_count += len;
content_filter = NULL;
server_body = 1;
}
else
{
- if (write_socket(csp->cfd, buf, n) != n)
+ if (write_socket(csp->cfd, buf, len) != len)
{
log_error(LOG_LEVEL_ERROR, "write to client failed: %E");
return;
}
}
- byte_count += n;
+ byte_count += len;
continue;
}
else
*/
/* buffer up the data we just read */
- add_to_iob(csp, buf, n);
+ add_to_iob(csp, buf, len);
/* get header lines from the iob */
log_error(LOG_LEVEL_FATAL, "Out of memory parsing server header");
}
- n = strlen(hdr);
+ len = strlen(hdr);
/* write the server's (modified) header to
* the client (along with anything else that
/*
* Only write if we're not buffering for content modification
*/
- if (!content_filter && ((write_socket(csp->cfd, hdr, n) != n)
- || (n = flush_socket(csp->cfd, csp) < 0)))
+ if (!content_filter && ((write_socket(csp->cfd, hdr, len) != len)
+ || (len = flush_socket(csp->cfd, csp) < 0)))
{
log_error(LOG_LEVEL_CONNECT, "write header to client failed: %E");
return;
}
- if(!content_filter) byte_count += n;
+ if(!content_filter) byte_count += len;
/* we're finished with the server's header */
void usage(const char *myname)
{
printf("JunkBuster proxy version " VERSION " (" HOME_PAGE_URL ")\n"
- "Usage: %s [--help] [--version] [--no-daemon] [--pidfile pidfile] [configfile]\n"
+ "Usage: %s [--help] [--version] [--no-daemon] [--pidfile pidfile] [--user user[.group]] [configfile]\n"
"Aborting.\n", myname);
exit(2);
#endif
{
int argc_pos = 0;
+#ifdef unix
+ struct passwd *pw = NULL;
+ struct group *grp = NULL;
+ char *p;
+#endif
Argc = argc;
Argv = argv;
{
no_daemon = 1;
}
-
+#if defined(unix)
else if (strcmp(argv[argc_pos], "--pidfile" ) == 0)
{
if (++argc_pos == argc) usage(argv[0]);
pidfile = strdup(argv[argc_pos]);
}
+
+ else if (strcmp(argv[argc_pos], "--user" ) == 0)
+ {
+ if (++argc_pos == argc) usage(argv[argc_pos]);
+
+ if ((NULL != (p = strchr(argv[argc_pos], '.'))) && *(p + 1) != '0')
+ {
+ *p++ = '\0';
+ if (NULL == (grp = getgrnam(p)))
+ {
+ log_error(LOG_LEVEL_FATAL, "Group %s not found.", p);
+ }
+ }
+
+ if (NULL == (pw = getpwnam(argv[argc_pos])))
+ {
+ log_error(LOG_LEVEL_FATAL, "User %s not found.", argv[argc_pos]);
+ }
+
+ if (p != NULL) *--p = '\0';
+ }
+#endif /* defined(unix) */
else
#endif /* defined(_WIN32) && !defined(_WIN_CONSOLE) */
{
close( 1 );
chdir("/");
- write_pid_file();
-
} /* -END- if (!no_daemon) */
+
+ /*
+ * As soon as we have written the PID file, we can switch
+ * to the user and group ID indicated by the --user option
+ */
+ write_pid_file();
+
+ if (NULL != pw)
+ {
+ if (((NULL != grp) && setgid(grp->gr_gid)) || (setgid(pw->pw_gid)))
+ {
+ log_error(LOG_LEVEL_FATAL, "Cannot setgid(): Insufficient permissions.");
+ }
+ if (setuid(pw->pw_uid))
+ {
+ log_error(LOG_LEVEL_FATAL, "Cannot setuid(): Insufficient permissions.");
+ }
+ }
}
#endif /* defined unix */
if (bfd < 0)
{
- log_error(LOG_LEVEL_FATAL, "can't bind %s:%d: %E "
- "- There may be another junkbuster or some other "
- "proxy running on port %d",
- (NULL != config->haddr) ? config->haddr : "INADDR_ANY",
- config->hport, config->hport
- );
+ switch(bfd)
+ {
+ case -3 :
+ log_error(LOG_LEVEL_FATAL, "can't bind to %s:%d: "
+ "There may be another junkbuster or some other "
+ "proxy running on port %d",
+ (NULL != config->haddr) ? config->haddr : "INADDR_ANY",
+ config->hport, config->hport);
+
+ case -2 :
+ log_error(LOG_LEVEL_FATAL, "can't bind to %s:%d: "
+ "The hostname is not resolvable",
+ (NULL != config->haddr) ? config->haddr : "INADDR_ANY", config->hport);
+
+ default :
+ log_error(LOG_LEVEL_FATAL, "can't bind to %s:%d: because %E",
+ (NULL != config->haddr) ? config->haddr : "INADDR_ANY", config->hport);
+ }
+
/* shouldn't get here */
return -1;
}