void
refreshCheckConfigure(void)
{
refresh_check_helper *p = Config.Program.refresh_check;
if (p) {
requirePathnameExists("external_refresh_check", p->cmdline->key);
}
}
static void
authDigestParse(authScheme * scheme, int n_configured, char *param_str)
{
if (scheme->scheme_data == NULL) {
assert(digestConfig == NULL);
/* this is the first param to be found */
scheme->scheme_data = xmalloc(sizeof(auth_digest_config));
memset(scheme->scheme_data, 0, sizeof(auth_digest_config));
digestConfig = scheme->scheme_data;
digestConfig->authenticateChildren = 5;
digestConfig->digestAuthRealm = xstrdup("Squid proxy-caching web server");
/* 5 minutes */
digestConfig->nonceGCInterval = 5 * 60;
/* 30 minutes */
digestConfig->noncemaxduration = 30 * 60;
/* 50 requests */
digestConfig->noncemaxuses = 50;
/* Not strict nonce count behaviour */
digestConfig->NonceStrictness = 0;
/* Verify nonce count */
digestConfig->CheckNonceCount = 1;
digestConfig->PostWorkaround = 0;
}
digestConfig = scheme->scheme_data;
if (strcasecmp(param_str, "program") == 0) {
if (digestConfig->authenticate)
wordlistDestroy(&digestConfig->authenticate);
parse_wordlist(&digestConfig->authenticate);
requirePathnameExists("authparam digest program", digestConfig->authenticate->key);
} else if (strcasecmp(param_str, "children") == 0) {
parse_int(&digestConfig->authenticateChildren);
} else if (strcasecmp(param_str, "realm") == 0) {
parse_eol(&digestConfig->digestAuthRealm);
} else if (strcasecmp(param_str, "nonce_garbage_interval") == 0) {
parse_time_t(&digestConfig->nonceGCInterval);
} else if (strcasecmp(param_str, "nonce_max_duration") == 0) {
parse_time_t(&digestConfig->noncemaxduration);
} else if (strcasecmp(param_str, "nonce_max_count") == 0) {
parse_int(&digestConfig->noncemaxuses);
} else if (strcasecmp(param_str, "nonce_strictness") == 0) {
parse_onoff(&digestConfig->NonceStrictness);
} else if (strcasecmp(param_str, "check_nonce_count") == 0) {
parse_onoff(&digestConfig->CheckNonceCount);
} else if (strcasecmp(param_str, "post_workaround") == 0) {
parse_onoff(&digestConfig->PostWorkaround);
} else {
debug(28, 0) ("unrecognised digest auth scheme parameter '%s'\n", param_str);
}
}
pid_t
ipcCreate(int type, const char *prog, const char *const args[], const char *name, int *rfd, int *wfd, void **hIpc)
{
unsigned long thread;
struct ipc_params params;
int opt;
int optlen = sizeof(opt);
DWORD ecode = 0;
pid_t pid;
struct sockaddr_in CS;
struct sockaddr_in PS;
int crfd = -1;
int prfd = -1;
int cwfd = -1;
int pwfd = -1;
socklen_t len;
int x;
requirePathnameExists(name, prog);
if (rfd)
*rfd = -1;
if (wfd)
*wfd = -1;
if (hIpc)
*hIpc = NULL;
if (WIN32_OS_version != _WIN_OS_WINNT) {
getsockopt(INVALID_SOCKET, SOL_SOCKET, SO_OPENTYPE, (char *) &opt, &optlen);
opt = opt & ~(SO_SYNCHRONOUS_NONALERT | SO_SYNCHRONOUS_ALERT);
setsockopt(INVALID_SOCKET, SOL_SOCKET, SO_OPENTYPE, (char *) &opt, sizeof(opt));
}
if (type == IPC_TCP_SOCKET) {
crfd = cwfd = comm_open(SOCK_STREAM,
IPPROTO_TCP,
local_addr,
0,
COMM_NOCLOEXEC,
name);
prfd = pwfd = comm_open(SOCK_STREAM,
IPPROTO_TCP, /* protocol */
local_addr,
0, /* port */
0, /* blocking */
name);
} else if (type == IPC_UDP_SOCKET) {
crfd = cwfd = comm_open(SOCK_DGRAM,
IPPROTO_UDP,
local_addr,
0,
COMM_NOCLOEXEC,
name);
prfd = pwfd = comm_open(SOCK_DGRAM,
IPPROTO_UDP,
local_addr,
0,
0,
name);
} else if (type == IPC_FIFO) {
debug(54, 0)
("ipcCreate: %s: use IPC_TCP_SOCKET instead of IP_FIFO on Windows\n",
prog);
assert(0);
} else {
assert(IPC_NONE);
}
debug(54, 3) ("ipcCreate: prfd FD %d\n", prfd);
debug(54, 3) ("ipcCreate: pwfd FD %d\n", pwfd);
debug(54, 3) ("ipcCreate: crfd FD %d\n", crfd);
debug(54, 3) ("ipcCreate: cwfd FD %d\n", cwfd);
if (WIN32_OS_version != _WIN_OS_WINNT) {
getsockopt(INVALID_SOCKET, SOL_SOCKET, SO_OPENTYPE, (char *) &opt, &optlen);
opt = opt | SO_SYNCHRONOUS_NONALERT;
setsockopt(INVALID_SOCKET, SOL_SOCKET, SO_OPENTYPE, (char *) &opt, optlen);
}
if (crfd < 0) {
debug(54, 0) ("ipcCreate: Failed to create child FD.\n");
return ipcCloseAllFD(prfd, pwfd, crfd, cwfd);
}
if (pwfd < 0) {
debug(54, 0) ("ipcCreate: Failed to create server FD.\n");
return ipcCloseAllFD(prfd, pwfd, crfd, cwfd);
}
if (type == IPC_TCP_SOCKET || type == IPC_UDP_SOCKET) {
len = sizeof(PS);
memset(&PS, '\0', len);
if (getsockname(pwfd, (struct sockaddr *) &PS, &len) < 0) {
debug(54, 0) ("ipcCreate: getsockname: %s\n", xstrerror());
return ipcCloseAllFD(prfd, pwfd, crfd, cwfd);
}
debug(54, 3) ("ipcCreate: FD %d sockaddr %s:%d\n",
pwfd, inet_ntoa(PS.sin_addr), ntohs(PS.sin_port));
len = sizeof(CS);
memset(&CS, '\0', len);
if (getsockname(crfd, (struct sockaddr *) &CS, &len) < 0) {
debug(54, 0) ("ipcCreate: getsockname: %s\n", xstrerror());
return ipcCloseAllFD(prfd, pwfd, crfd, cwfd);
}
debug(54, 3) ("ipcCreate: FD %d sockaddr %s:%d\n",
crfd, inet_ntoa(CS.sin_addr), ntohs(CS.sin_port));
}
if (type == IPC_TCP_SOCKET) {
if (listen(crfd, 1) < 0) {
debug(54, 1) ("ipcCreate: listen FD %d: %s\n", crfd, xstrerror());
return ipcCloseAllFD(prfd, pwfd, crfd, cwfd);
}
debug(54, 3) ("ipcCreate: FD %d listening...\n", crfd);
}
/* flush or else we get dup data if unbuffered_logs is set */
logsFlush();
params.type = type;
params.crfd = crfd;
params.cwfd = cwfd;
params.PS = PS;
params.prog = prog;
params.args = (char **) args;
thread = _beginthreadex(NULL, 0, ipc_thread_1, ¶ms, 0, NULL);
if (thread == 0) {
debug(54, 1) ("ipcCreate: _beginthread: %s\n", xstrerror());
return ipcCloseAllFD(prfd, pwfd, crfd, cwfd);
}
if (comm_connect_addr(pwfd, &CS) == COMM_ERROR) {
CloseHandle((HANDLE) thread);
return ipcCloseAllFD(prfd, pwfd, -1, -1);
}
memset(hello_buf, '\0', HELLO_BUF_SZ);
x = recv(prfd, hello_buf, HELLO_BUF_SZ - 1, 0);
if (x < 0) {
debug(54, 0) ("ipcCreate: PARENT: hello read test failed\n");
debug(54, 0) ("--> read: %s\n", xstrerror());
CloseHandle((HANDLE) thread);
return ipcCloseAllFD(prfd, pwfd, -1, -1);
} else if (strcmp(hello_buf, hello_string)) {
debug(54, 0) ("ipcCreate: PARENT: hello read test failed\n");
debug(54, 0) ("--> read returned %d\n", x);
debug(54, 0) ("--> got '%s'\n", rfc1738_escape(hello_buf));
CloseHandle((HANDLE) thread);
return ipcCloseAllFD(prfd, pwfd, -1, -1);
}
x = send(pwfd, ok_string, strlen(ok_string), 0);
if (x < 0) {
debug(54, 0) ("ipcCreate: PARENT: OK write test failed\n");
debug(54, 0) ("--> read: %s\n", xstrerror());
CloseHandle((HANDLE) thread);
return ipcCloseAllFD(prfd, pwfd, -1, -1);
}
memset(hello_buf, '\0', HELLO_BUF_SZ);
x = recv(prfd, hello_buf, HELLO_BUF_SZ - 1, 0);
if (x < 0) {
debug(54, 0) ("ipcCreate: PARENT: OK read test failed\n");
debug(54, 0) ("--> read: %s\n", xstrerror());
CloseHandle((HANDLE) thread);
return ipcCloseAllFD(prfd, pwfd, -1, -1);
} else if (!strcmp(hello_buf, err_string)) {
debug(54, 0) ("ipcCreate: PARENT: OK read test failed\n");
debug(54, 0) ("--> read returned %d\n", x);
debug(54, 0) ("--> got '%s'\n", rfc1738_escape(hello_buf));
CloseHandle((HANDLE) thread);
return ipcCloseAllFD(prfd, pwfd, -1, -1);
}
hello_buf[x] = '\0';
pid = atol(hello_buf);
commSetTimeout(prfd, -1, NULL, NULL);
commSetNonBlocking(prfd);
commSetNonBlocking(pwfd);
commSetCloseOnExec(prfd);
commSetCloseOnExec(pwfd);
if (rfd)
*rfd = prfd;
if (wfd)
*wfd = pwfd;
fd_table[prfd].flags.ipc = 1;
fd_table[pwfd].flags.ipc = 1;
fd_table[crfd].flags.ipc = 1;
fd_table[cwfd].flags.ipc = 1;
if (Config.sleep_after_fork) {
/* XXX emulation of usleep() */
DWORD sl;
sl = Config.sleep_after_fork / 1000;
if (sl == 0)
sl = 1;
Sleep(sl);
}
if (GetExitCodeThread((HANDLE) thread, &ecode) && ecode == STILL_ACTIVE) {
if (hIpc)
*hIpc = (HANDLE) thread;
return pid;
} else {
CloseHandle((HANDLE) thread);
return ipcCloseAllFD(prfd, pwfd, -1, -1);
}
}
static void
authBasicCheckConfig(authScheme * scheme)
{
auth_basic_config *config = scheme->scheme_data;
requirePathnameExists("auth_param basic program", config->authenticate->key);
}
static void
authNegotiateCheckConfig(authScheme * scheme)
{
auth_negotiate_config *config = scheme->scheme_data;
requirePathnameExists("authparam negotiate program", config->authenticate->key);
}
