void
netdbExchangeStart(void *data)
{
#if USE_ICMP
peer *p = data;
char *uri;
netdbExchangeState *ex;
method_t *method_get;
CBDATA_INIT_TYPE(netdbExchangeState);
ex = cbdataAlloc(netdbExchangeState);
cbdataLock(p);
ex->p = p;
uri = internalRemoteUri(p->host, p->http_port, "/squid-internal-dynamic/", "netdb");
debug(38, 3) ("netdbExchangeStart: Requesting '%s'\n", uri);
assert(NULL != uri);
method_get = urlMethodGetKnownByCode(METHOD_GET);
ex->r = urlParse(method_get, uri);
if (NULL == ex->r) {
debug(38, 1) ("netdbExchangeStart: Bad URI %s\n", uri);
return;
}
requestLink(ex->r);
assert(NULL != ex->r);
httpBuildVersion(&ex->r->http_ver, 1, 0);
ex->e = storeCreateEntry(uri, null_request_flags, method_get);
assert(NULL != ex->e);
ex->sc = storeClientRegister(ex->e, ex);
storeClientRef(ex->sc, ex->e, ex->seen, ex->used, SM_PAGE_SIZE,
netdbExchangeHandleReply, ex);
ex->r->flags.loopdetect = 1; /* cheat! -- force direct */
if (p->login)
xstrncpy(ex->r->login, p->login, MAX_LOGIN_SZ);
fwdStart(-1, ex->e, ex->r);
#endif
}
void
errorMapInit(void)
{
CBDATA_INIT_TYPE(ErrorMapState);
httpHeaderCalcMask(&client_headers, client_header_identities, sizeof(client_header_identities) / sizeof(*client_header_identities));
httpHeaderCalcMask(&server_headers, server_header_identities, sizeof(server_header_identities) / sizeof(*server_header_identities));
}
Logfile *
logfileOpen(const char *path, size_t bufsz, int fatal_flag)
{
Logfile *lf;
const char *patharg;
int ret;
debug(50, 1) ("logfileOpen: opening log %s\n", path);
CBDATA_INIT_TYPE(Logfile);
lf = cbdataAlloc(Logfile);
xstrncpy(lf->path, path, MAXPATHLEN);
patharg = path;
/* need to call the per-logfile-type code */
if (strncmp(path, "stdio:", 6) == 0)
{
patharg = path + 6;
ret = logfile_mod_stdio_open(lf, patharg, bufsz, fatal_flag);
}
else if (strncmp(path, "daemon:", 7) == 0)
{
patharg = path + 7;
ret = logfile_mod_daemon_open(lf, patharg, bufsz, fatal_flag);
}
else if (strncmp(path, "udp:", 4) == 0)
{
patharg = path + 4;
ret = logfile_mod_udp_open(lf, patharg, bufsz, fatal_flag);
#if HAVE_SYSLOG
}
else if (strncmp(path, "syslog:", 7) == 0)
{
patharg = path + 7;
ret = logfile_mod_syslog_open(lf, patharg, bufsz, fatal_flag);
#endif
}
else
{
ret = logfile_mod_stdio_open(lf, patharg, bufsz, fatal_flag);
}
if (!ret)
{
if (fatal_flag)
fatalf("logfileOpen: path %s: couldn't open!\n", path);
else
debug(50, 1) ("logfileOpen: path %s: couldn't open!\n", path);
lf->f_close(lf);
cbdataFree(lf);
return NULL;
}
assert(lf->data != NULL);
if (fatal_flag)
lf->flags.fatal = 1;
lf->sequence_number = 0;
return lf;
}
void
urnStart(request_t * r, StoreEntry * e)
{
LOCAL_ARRAY(char, urlres, 4096);
request_t *urlres_r = NULL;
const char *t;
char *host;
UrnState *urnState;
StoreEntry *urlres_e;
ErrorState *err;
debug(52, 3) ("urnStart: '%s'\n", storeUrl(e));
CBDATA_INIT_TYPE(UrnState);
urnState = cbdataAlloc(UrnState);
urnState->entry = e;
urnState->request = requestLink(r);
storeLockObject(urnState->entry);
if (strncasecmp(strBuf(r->urlpath), "menu.", 5) == 0) {
char *new_path = xstrdup(strBuf(r->urlpath) + 5);
urnState->flags.force_menu = 1;
stringReset(&r->urlpath, new_path);
xfree(new_path);
}
if ((t = strChr(r->urlpath, ':')) != NULL) {
strSet(r->urlpath, t, '\0');
host = xstrdup(strBuf(r->urlpath));
strSet(r->urlpath, t, ':');
} else {
host = xstrdup(strBuf(r->urlpath));
}
snprintf(urlres, 4096, "http://%s/uri-res/N2L?urn:%s", host, strBuf(r->urlpath));
safe_free(host);
urlres_r = urlParse(METHOD_GET, urlres);
if (urlres_r == NULL) {
debug(52, 3) ("urnStart: Bad uri-res URL %s\n", urlres);
err = errorCon(ERR_URN_RESOLVE, HTTP_NOT_FOUND);
err->url = xstrdup(urlres);
errorAppendEntry(e, err);
return;
}
httpHeaderPutStr(&urlres_r->header, HDR_ACCEPT, "text/plain");
if ((urlres_e = storeGetPublic(urlres, METHOD_GET)) == NULL) {
urlres_e = storeCreateEntry(urlres, urlres, null_request_flags, METHOD_GET);
urnState->sc = storeClientListAdd(urlres_e, urnState);
fwdStart(-1, urlres_e, urlres_r);
} else {
storeLockObject(urlres_e);
urnState->sc = storeClientListAdd(urlres_e, urnState);
}
urnState->urlres_e = urlres_e;
urnState->urlres_r = requestLink(urlres_r);
storeClientCopy(urnState->sc, urlres_e,
0,
0,
4096,
memAllocate(MEM_4K_BUF),
urnHandleReply,
urnState);
}
void
idnsInit(void)
{
static int init = 0;
CBDATA_INIT_TYPE(idns_query);
if (DnsSocket < 0) {
int port;
struct in_addr addr;
if (Config.Addrs.udp_outgoing.s_addr != no_addr.s_addr)
addr = Config.Addrs.udp_outgoing;
else
addr = Config.Addrs.udp_incoming;
DnsSocket = comm_open(SOCK_DGRAM,
IPPROTO_UDP,
addr,
0,
COMM_NONBLOCKING,
"DNS Socket");
if (DnsSocket < 0)
fatal("Could not create a DNS socket");
/* Ouch... we can't call functions using debug from a debug
* statement. Doing so messes up the internal _db_level
*/
port = comm_local_port(DnsSocket);
debug(78, 1) ("DNS Socket created at %s, port %d, FD %d\n",
inet_ntoa(addr),
port, DnsSocket);
}
assert(0 == nns);
idnsParseNameservers();
#ifndef _SQUID_MSWIN_
if (0 == nns)
idnsParseResolvConf();
#endif
#ifdef _SQUID_WIN32_
if (0 == nns)
idnsParseWIN32Registry();
#endif
if (0 == nns) {
debug(78, 1) ("Warning: Could not find any nameservers. Trying to use localhost\n");
#ifdef _SQUID_WIN32_
debug(78, 1) ("Please check your TCP-IP settings or /etc/resolv.conf file\n");
#else
debug(78, 1) ("Please check your /etc/resolv.conf file\n");
#endif
debug(78, 1) ("or use the 'dns_nameservers' option in squid.conf.\n");
idnsAddNameserver("127.0.0.1");
}
if (!init) {
memDataInit(MEM_IDNS_QUERY, "idns_query", sizeof(idns_query), 0);
cachemgrRegister("idns",
"Internal DNS Statistics",
idnsStats, 0, 1);
memset(RcodeMatrix, '\0', sizeof(RcodeMatrix));
idns_lookup_hash = hash_create((HASHCMP *) strcmp, 103, hash_string);
init++;
}
}
void
asnInit(void)
{
static int inited = 0;
squid_max_keylen = 40;
CBDATA_INIT_TYPE(ASState);
if (0 == inited++)
squid_rn_init();
squid_rn_inithead(&AS_tree_head_u.ptr, 8);
asnAclInitialize(Config.aclList);
cachemgrRegister("asndb", "AS Number Database", asnStats, 0, 1);
}
/* allocate new peer digest, call Init, and lock everything */
PeerDigest *
peerDigestCreate(peer * p)
{
PeerDigest *pd;
assert(p);
CBDATA_INIT_TYPE(PeerDigest);
pd = cbdataAlloc(PeerDigest);
peerDigestInit(pd, p);
cbdataLock(pd->peer); /* we will use the peer */
return pd;
}
static void
authenticateAuthUserRequestSetIp(auth_user_request_t * auth_user_request, struct in_addr ipaddr, request_t * request)
{
auth_user_ip_t *ipdata, *next;
auth_user_t *auth_user;
char *ip1;
int found = 0;
CBDATA_INIT_TYPE(auth_user_ip_t);
if (!auth_user_request->auth_user)
return;
auth_user = auth_user_request->auth_user;
next = (auth_user_ip_t *) auth_user->ip_list.head;
/*
* we walk the entire list to prevent the first item in the list
* preventing old entries being flushed and locking a user out after
* a timeout+reconfigure
*/
while ((ipdata = next) != NULL)
{
next = (auth_user_ip_t *) ipdata->node.next;
/* walk the ip list */
if (ipdata->ipaddr.s_addr == ipaddr.s_addr)
{
/* This ip has already been seen. */
found = 1;
/* update IP ttl */
ipdata->ip_expiretime = squid_curtime;
}
else if (ipdata->ip_expiretime + Config.authenticateIpTTL < squid_curtime)
{
/* This IP has expired - remove from the seen list */
authenticateAuthUserRemoveIpEntry(auth_user, ipdata);
}
}
authenticateAuthUserRequestLinkIp(auth_user_request, ipaddr, request);
if (found)
return;
/* This ip is not in the seen list */
ipdata = cbdataAlloc(auth_user_ip_t);
ipdata->ip_expiretime = squid_curtime;
ipdata->ipaddr = ipaddr;
dlinkAddTail(ipdata, &ipdata->node, &auth_user->ip_list);
auth_user->ipcount++;
ip1 = xstrdup(inet_ntoa(ipaddr));
debug(29, 2) ("authenticateAuthUserRequestSetIp: user '%s' has been seen at a new IP address (%s)\n", authenticateUserUsername(auth_user), ip1);
safe_free(ip1);
}
/*
* start a TCP connection to the peer host on port 113
*/
void
identStart(struct sockaddr_in *me, struct sockaddr_in *my_peer, IDCB * callback, void *data)
{
IdentStateData *state;
int fd;
char key1[IDENT_KEY_SZ];
char key2[IDENT_KEY_SZ];
char key[IDENT_KEY_SZ];
snprintf(key1, IDENT_KEY_SZ, "%s:%d",
inet_ntoa(me->sin_addr),
ntohs(me->sin_port));
snprintf(key2, IDENT_KEY_SZ, "%s:%d",
inet_ntoa(my_peer->sin_addr),
ntohs(my_peer->sin_port));
snprintf(key, IDENT_KEY_SZ, "%s,%s", key1, key2);
if ((state = hash_lookup(ident_hash, key)) != NULL)
{
identClientAdd(state, callback, data);
return;
}
fd = comm_open(SOCK_STREAM,
IPPROTO_TCP,
me->sin_addr,
0,
COMM_NONBLOCKING,
"ident");
if (fd == COMM_ERROR)
{
/* Failed to get a local socket */
callback(NULL, data);
return;
}
CBDATA_INIT_TYPE(IdentStateData);
state = cbdataAlloc(IdentStateData);
state->hash.key = xstrdup(key);
state->fd = fd;
state->me = *me;
state->my_peer = *my_peer;
identClientAdd(state, callback, data);
hash_join(ident_hash, &state->hash);
comm_add_close_handler(fd,
identClose,
state);
commSetTimeout(fd, Config.Timeout.ident, identTimeout, state);
commConnectStart(fd,
inet_ntoa(state->my_peer.sin_addr),
IDENT_PORT,
identConnectDone,
state);
}
void
redirectInit(void)
{
static int init = 0;
if (!Config.Program.redirect)
return;
if (redirectors == NULL)
redirectors = helperCreate("redirector");
redirectors->cmdline = Config.Program.redirect;
redirectors->n_to_start = Config.redirectChildren;
redirectors->ipc_type = IPC_TCP_SOCKET;
helperOpenServers(redirectors);
if (!init) {
cachemgrRegister("redirector",
"URL Redirector Stats",
redirectStats, 0, 1);
init = 1;
CBDATA_INIT_TYPE(redirectStateData);
}
}
void
locationRewriteInit(void)
{
static int init = 0;
if (!Config.Program.location_rewrite.command)
return;
if (locrewriters == NULL)
locrewriters = helperCreate("location_rewriter");
locrewriters->cmdline = Config.Program.location_rewrite.command;
locrewriters->n_to_start = Config.Program.location_rewrite.children;
locrewriters->concurrency = Config.Program.location_rewrite.concurrency;
locrewriters->ipc_type = IPC_STREAM;
helperOpenServers(locrewriters);
if (!init) {
cachemgrRegister("location_rewriter",
"Location Rewriter Stats",
locationRewriteStats, 0, 1);
init = 1;
CBDATA_INIT_TYPE(rewriteStateData);
}
}
void
redirectInit(void)
{
static int init = 0;
if (!Config.Program.url_rewrite.command)
return;
if (redirectors == NULL)
redirectors = helperCreate("url_rewriter");
redirectors->cmdline = Config.Program.url_rewrite.command;
redirectors->n_to_start = Config.Program.url_rewrite.children;
redirectors->concurrency = Config.Program.url_rewrite.concurrency;
redirectors->ipc_type = IPC_STREAM;
helperOpenServers(redirectors);
if (!init) {
cachemgrRegister("url_rewriter",
"URL Rewriter Stats",
redirectStats, 0, 1);
init = 1;
CBDATA_INIT_TYPE(redirectStateData);
}
}
void
whoisStart(FwdState * fwd)
{
WhoisState *p;
int fd = fwd->server_fd;
char *buf;
size_t l;
CBDATA_INIT_TYPE(WhoisState);
p = cbdataAlloc(WhoisState);
p->request = fwd->request;
p->entry = fwd->entry;
p->fwd = fwd;
storeLockObject(p->entry);
comm_add_close_handler(fd, whoisClose, p);
l = strLen(p->request->urlpath) + 3;
buf = xmalloc(l);
snprintf(buf, l, "%s\r\n", strBuf(p->request->urlpath) + 1);
comm_write(fd, buf, strlen(buf), NULL, p, xfree);
commSetSelect(fd, COMM_SELECT_READ, whoisReadReply, p, 0);
commSetTimeout(fd, Config.Timeout.read, whoisTimeout, p);
}
/* Initialize helpers and the like for this auth scheme. Called AFTER parsing the
* config file */
static void
authNegotiateInit(authScheme * scheme)
{
static int negotiateinit = 0;
if (negotiateConfig->authenticate) {
/*
* disable client side request pipelining. There is a race with
* Negotiate when the client sends a second request on an Negotiate
* connection before the authenticate challenge is sent. With
* this patch, the client may fail to authenticate, but squid's
* state will be preserved.
*/
if (negotiateConfig->authenticate && Config.onoff.pipeline_prefetch != 0) {
debug(29, 1) ("pipeline prefetching incompatile with Negotiate authentication. Disabling pipeline_prefetch\n");
Config.onoff.pipeline_prefetch = 0;
}
if (!negotiate_user_pool)
negotiate_user_pool = memPoolCreate("Negotiate Scheme User Data", sizeof(negotiate_user_t));
if (!negotiate_request_pool)
negotiate_request_pool = memPoolCreate("Negotiate Scheme Request Data", sizeof(negotiate_request_t));
authnegotiate_initialised = 1;
if (negotiateauthenticators == NULL)
negotiateauthenticators = helperStatefulCreate("negotiateauthenticator");
negotiateauthenticators->cmdline = negotiateConfig->authenticate;
negotiateauthenticators->n_to_start = negotiateConfig->authenticateChildren;
negotiateauthenticators->ipc_type = IPC_STREAM;
helperStatefulOpenServers(negotiateauthenticators);
if (!negotiateinit) {
cachemgrRegister("negotiateauthenticator",
"Negotiate User Authenticator Stats",
authenticateNegotiateStats, 0, 1);
negotiateinit++;
}
CBDATA_INIT_TYPE(authenticateStateData);
}
}
/* Initialize helpers and the like for this auth scheme. Called AFTER parsing the
* config file */
static void
authBasicInit(authScheme * scheme)
{
static int init = 0;
if (basicConfig->authenticate) {
if (!basic_data_pool)
basic_data_pool = memPoolCreate("Basic Scheme User Data", sizeof(basic_data));
authbasic_initialised = 1;
if (basicauthenticators == NULL)
basicauthenticators = helperCreate("basicauthenticator");
basicauthenticators->cmdline = basicConfig->authenticate;
basicauthenticators->n_to_start = basicConfig->authenticateChildren;
basicauthenticators->concurrency = basicConfig->authenticateConcurrency;
basicauthenticators->ipc_type = IPC_STREAM;
helperOpenServers(basicauthenticators);
if (!init) {
cachemgrRegister("basicauthenticator",
"Basic User Authenticator Stats",
authenticateBasicStats, 0, 1);
init++;
}
CBDATA_INIT_TYPE(authenticateStateData);
}
}
/* Initialize helpers and the like for this auth scheme. Called AFTER parsing the
* config file */
static void
authDigestInit(authScheme * scheme)
{
static int init = 0;
if (digestConfig->authenticate) {
authDigestUserSetup();
authDigestRequestSetup();
authenticateDigestNonceSetup();
authdigest_initialised = 1;
if (digestauthenticators == NULL)
digestauthenticators = helperCreate("digestauthenticator");
digestauthenticators->cmdline = digestConfig->authenticate;
digestauthenticators->n_to_start = digestConfig->authenticateChildren;
digestauthenticators->ipc_type = IPC_TCP_SOCKET;
helperOpenServers(digestauthenticators);
if (!init) {
cachemgrRegister("digestauthenticator",
"Digest User Authenticator Stats",
authenticateDigestStats, 0, 1);
init++;
}
CBDATA_INIT_TYPE(authenticateStateData);
}
}
/* ask store for a digest */
static void
peerDigestRequest(PeerDigest * pd)
{
peer *p = pd->peer;
StoreEntry *e, *old_e;
char *url;
const cache_key *key;
request_t *req;
DigestFetchState *fetch = NULL;
pd->req_result = NULL;
pd->flags.requested = 1;
/* compute future request components */
if (p->digest_url)
url = xstrdup(p->digest_url);
else
url = internalRemoteUri(p->host, p->http_port,
"/squid-internal-periodic/", StoreDigestFileName);
req = urlParse(METHOD_GET, url);
assert(req);
key = storeKeyPublicByRequest(req);
debug(72, 2) ("peerDigestRequest: %s key: %s\n", url, storeKeyText(key));
/* add custom headers */
assert(!req->header.len);
httpHeaderPutStr(&req->header, HDR_ACCEPT, StoreDigestMimeStr);
httpHeaderPutStr(&req->header, HDR_ACCEPT, "text/html");
if (p->login)
xstrncpy(req->login, p->login, MAX_LOGIN_SZ);
/* create fetch state structure */
CBDATA_INIT_TYPE(DigestFetchState);
fetch = cbdataAlloc(DigestFetchState);
fetch->request = requestLink(req);
fetch->pd = pd;
fetch->offset = 0;
/* update timestamps */
fetch->start_time = squid_curtime;
pd->times.requested = squid_curtime;
pd_last_req_time = squid_curtime;
req->flags.cachable = 1;
/* the rest is based on clientProcessExpired() */
req->flags.refresh = 1;
old_e = fetch->old_entry = storeGet(key);
if (old_e) {
debug(72, 5) ("peerDigestRequest: found old entry\n");
storeLockObject(old_e);
storeCreateMemObject(old_e, url, url);
fetch->old_sc = storeClientRegister(old_e, fetch);
}
e = fetch->entry = storeCreateEntry(url, url, req->flags, req->method);
assert(EBIT_TEST(e->flags, KEY_PRIVATE));
fetch->sc = storeClientRegister(e, fetch);
/* set lastmod to trigger IMS request if possible */
if (old_e)
e->lastmod = old_e->lastmod;
/* push towards peer cache */
debug(72, 3) ("peerDigestRequest: forwarding to fwdStart...\n");
fwdStart(-1, e, req);
cbdataLock(fetch);
cbdataLock(fetch->pd);
storeClientCopy(fetch->sc, e, 0, 0, 4096, memAllocate(MEM_4K_BUF),
peerDigestFetchReply, fetch);
}
