Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>lilik-openwrt-22.03
@ -0,0 +1,51 @@ | |||||
# | |||||
# Copyright (C) 2006-2014 OpenWrt.org | |||||
# | |||||
# This is free software, licensed under the GNU General Public License v2. | |||||
# See /LICENSE for more information. | |||||
# | |||||
include $(TOPDIR)/rules.mk | |||||
PKG_NAME:=tinyproxy | |||||
PKG_VERSION:=1.8.3 | |||||
PKG_RELEASE:=1 | |||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 | |||||
PKG_SOURCE_URL:=http://www.banu.com/pub/tinyproxy/1.8/ | |||||
PKG_MD5SUM:=292ac51da8ad6ae883d4ebf56908400d | |||||
PKG_MAINTAINER:=Jo-Philipp Wich <jow@openwrt.org> | |||||
PKG_INSTALL:=1 | |||||
include $(INCLUDE_DIR)/package.mk | |||||
define Package/tinyproxy | |||||
SUBMENU:=Web Servers/Proxies | |||||
SECTION:=net | |||||
CATEGORY:=Network | |||||
TITLE:=Tinyproxy is a lightweight HTTP and HTTPS proxy | |||||
URL:=http://tinyproxy.sourceforge.net/ | |||||
endef | |||||
define Package/tinyproxy/conffiles | |||||
/etc/config/tinyproxy | |||||
endef | |||||
CONFIGURE_ARGS+= \ | |||||
--enable-filter \ | |||||
--enable-transparent \ | |||||
--disable-regexcheck \ | |||||
define Package/tinyproxy/install | |||||
$(INSTALL_DIR) $(1)/usr/sbin | |||||
$(CP) $(PKG_INSTALL_DIR)/usr/sbin/tinyproxy $(1)/usr/sbin/ | |||||
$(INSTALL_DIR) $(1)/usr/share/tinyproxy | |||||
$(CP) $(PKG_INSTALL_DIR)/usr/share/tinyproxy/*.html $(1)/usr/share/tinyproxy/ | |||||
$(INSTALL_DIR) $(1)/etc/config | |||||
$(INSTALL_CONF) ./files/tinyproxy.config $(1)/etc/config/tinyproxy | |||||
$(INSTALL_DIR) $(1)/etc/init.d | |||||
$(INSTALL_BIN) ./files/tinyproxy.init $(1)/etc/init.d/tinyproxy | |||||
endef | |||||
$(eval $(call BuildPackage,tinyproxy)) |
@ -0,0 +1,251 @@ | |||||
config tinyproxy | |||||
# | |||||
# Enable the proxy | |||||
# | |||||
option enabled 0 | |||||
# | |||||
# Name of the user the tinyproxy daemon should switch to after the port | |||||
# has been bound. | |||||
# | |||||
option User nobody | |||||
option Group nogroup | |||||
# | |||||
# Port to listen on. | |||||
# | |||||
option Port 8888 | |||||
# | |||||
# If you have multiple interfaces this allows you to bind to only one. If | |||||
# this is commented out, tinyproxy will bind to all interfaces present. | |||||
# | |||||
#option Listen 192.168.0.1 | |||||
# | |||||
# The Bind directive allows you to bind the outgoing connections to a | |||||
# particular IP address. | |||||
# | |||||
#option Bind 192.168.0.1 | |||||
# | |||||
# Timeout: The number of seconds of inactivity a connection is allowed to | |||||
# have before it closed by tinyproxy. | |||||
# | |||||
option Timeout 600 | |||||
# | |||||
# ErrorFile: Defines the HTML file to send when a given HTTP error | |||||
# occurs. You will probably need to customize the location to your | |||||
# particular install. The usual locations to check are: | |||||
# /usr/local/share/tinyproxy | |||||
# /usr/share/tinyproxy | |||||
# /etc/tinyproxy | |||||
# | |||||
#option ErrorFile_404 "/usr/share/tinyproxy/404.html" | |||||
#option ErrorFile_400 "/usr/share/tinyproxy/400.html" | |||||
#option ErrorFile_503 "/usr/share/tinyproxy/503.html" | |||||
#option ErrorFile_403 "/usr/share/tinyproxy/403.html" | |||||
#option ErrorFile_408 "/usr/share/tinyproxy/408.html" | |||||
# | |||||
# DefaultErrorFile: The HTML file that gets sent if there is no | |||||
# HTML file defined with an ErrorFile keyword for the HTTP error | |||||
# that has occured. | |||||
# | |||||
option DefaultErrorFile "/usr/share/tinyproxy/default.html" | |||||
# | |||||
# StatFile: The HTML file that gets sent when a request is made | |||||
# for the stathost. If this file doesn't exist a basic page is | |||||
# hardcoded in tinyproxy. | |||||
# | |||||
option StatFile "/usr/share/tinyproxy/stats.html" | |||||
# | |||||
# Where to log the information. Either LogFile or Syslog should be set, | |||||
# but not both. | |||||
# | |||||
option LogFile "/var/log/tinyproxy.log" | |||||
#option Syslog 1 | |||||
# | |||||
# Set the logging level. Allowed settings are: | |||||
# Critical (least verbose) | |||||
# Error | |||||
# Warning | |||||
# Notice | |||||
# Connect (to log connections without Info's noise) | |||||
# Info (most verbose) | |||||
# The LogLevel logs from the set level and above. For example, if the LogLevel | |||||
# was set to Warning, than all log messages from Warning to Critical would be | |||||
# output, but Notice and below would be suppressed. | |||||
# | |||||
option LogLevel Info | |||||
# | |||||
# Include the X-Tinyproxy header, which has the client's IP address when | |||||
# connecting to the sites listed. | |||||
# | |||||
# list XTinyproxy mydomain.com | |||||
# | |||||
# This is the absolute highest number of threads which will be created. In | |||||
# other words, only MaxClients number of clients can be connected at the | |||||
# same time. | |||||
# | |||||
option MaxClients 100 | |||||
# | |||||
# These settings set the upper and lower limit for the number of | |||||
# spare servers which should be available. If the number of spare servers | |||||
# falls below MinSpareServers then new ones will be created. If the number | |||||
# of servers exceeds MaxSpareServers then the extras will be killed off. | |||||
# | |||||
option MinSpareServers 5 | |||||
option MaxSpareServers 20 | |||||
# | |||||
# Number of servers to start initially. | |||||
# | |||||
option StartServers 10 | |||||
# | |||||
# MaxRequestsPerChild is the number of connections a thread will handle | |||||
# before it is killed. In practise this should be set to 0, which disables | |||||
# thread reaping. If you do notice problems with memory leakage, then set | |||||
# this to something like 10000 | |||||
# | |||||
option MaxRequestsPerChild 0 | |||||
# | |||||
# The following is the authorization controls. If there are any access | |||||
# control keywords then the default action is to DENY. Otherwise, the | |||||
# default action is ALLOW. | |||||
# | |||||
# Also the order of the controls are important. The incoming connections | |||||
# are tested against the controls based on order. | |||||
# | |||||
list Allow 127.0.0.1 | |||||
#list Allow 192.168.0.0/16 | |||||
#list Allow 172.16.0.0/12 | |||||
#list Allow 10.0.0.0/8 | |||||
# | |||||
# The "Via" header is required by the HTTP RFC, but using the real host name | |||||
# is a security concern. If the following directive is enabled, the string | |||||
# supplied will be used as the host name in the Via header; otherwise, the | |||||
# server's host name will be used. | |||||
# | |||||
option ViaProxyName "tinyproxy" | |||||
# | |||||
# The location of the filter file. | |||||
# | |||||
#option Filter "/etc/tinyproxy/filter" | |||||
# | |||||
# Filter based on URLs rather than domains. | |||||
# | |||||
#option FilterURLs 1 | |||||
# | |||||
# Use POSIX Extended regular expressions rather than basic. | |||||
# | |||||
#option FilterExtended 1 | |||||
# | |||||
# Use case sensitive regular expressions. | |||||
# | |||||
#option FilterCaseSensitive 1 | |||||
# | |||||
# Change the default policy of the filtering system. If this directive is | |||||
# commented out, or is set to "0" then the default policy is to allow | |||||
# everything which is not specifically denied by the filter file. | |||||
# | |||||
# However, by setting this directive to "1" the default policy becomes to | |||||
# deny everything which is _not_ specifically allowed by the filter file. | |||||
# | |||||
#option FilterDefaultDeny 1 | |||||
# | |||||
# If an Anonymous keyword is present, then anonymous proxying is enabled. | |||||
# The headers listed are allowed through, while all others are denied. If | |||||
# no Anonymous keyword is present, then all header are allowed through. | |||||
# You must include quotes around the headers. | |||||
# | |||||
#list Anonymous "Host" | |||||
#list Anonymous "Authorization" | |||||
# | |||||
# This is a list of ports allowed by tinyproxy when the CONNECT method | |||||
# is used. To disable the CONNECT method altogether, set the value to 0. | |||||
# If no ConnectPort line is found, all ports are allowed (which is not | |||||
# very secure.) | |||||
# | |||||
# The following two ports are used by SSL. | |||||
# | |||||
list ConnectPort 443 | |||||
list ConnectPort 563 | |||||
# | |||||
# Turns on upstream proxy support. | |||||
# | |||||
# The upstream rules allow you to selectively route upstream connections | |||||
# based on the host/domain of the site being accessed. | |||||
# | |||||
# For example: | |||||
# # connection to test domain goes through testproxy | |||||
# | |||||
#config upstream | |||||
# option type proxy | |||||
# option via testproxy:8008 | |||||
# option target ".test.domain.invalid" | |||||
# | |||||
#config upstream | |||||
# option type proxy | |||||
# option via testproxy:8008 | |||||
# option target ".our_testbed.example.com" | |||||
# | |||||
#config upstream | |||||
# option type proxy | |||||
# option via testproxy:8008 | |||||
# option target "192.168.128.0/255.255.254.0" | |||||
# | |||||
# # no upstream proxy for internal websites and unqualified hosts | |||||
# | |||||
#config upstream | |||||
# option type reject | |||||
# option target ".internal.example.com" | |||||
# | |||||
#config upstream | |||||
# option type reject | |||||
# option target "www.example.com" | |||||
# | |||||
#config upstream | |||||
# option type reject | |||||
# option target "10.0.0.0/8" | |||||
# | |||||
#config upstream | |||||
# option type reject | |||||
# option target "192.168.0.0/255.255.254.0" | |||||
# | |||||
#config upstream | |||||
# option type reject | |||||
# option target "." | |||||
# | |||||
# # default upstream is internet firewall | |||||
# | |||||
#config upstream | |||||
# option type proxy | |||||
# option via firewall.internal.example.com:80 | |||||
# | |||||
# The LAST matching rule wins the route decision. As you can see, you | |||||
# can use a host, or a domain: | |||||
# name matches host exactly | |||||
# .name matches any host in domain "name" | |||||
# . matches any host with no domain (in 'empty' domain) | |||||
# IP/bits matches network/mask | |||||
# IP/mask matches network/mask |
@ -0,0 +1,138 @@ | |||||
#!/bin/sh /etc/rc.common | |||||
# Copyright (C) 2008-2011 OpenWrt.org | |||||
START=50 | |||||
CFGFILE=/var/etc/tinyproxy.conf | |||||
section_enabled() { | |||||
config_get_bool enabled "$1" 'enabled' 0 | |||||
[ $enabled -gt 0 ] | |||||
} | |||||
start() { | |||||
config_load 'tinyproxy' | |||||
config_foreach start_proxy 'tinyproxy' | |||||
} | |||||
stop() { | |||||
service_stop /usr/sbin/tinyproxy | |||||
} | |||||
start_proxy() { | |||||
section_enabled "$1" || return 1 | |||||
mkdir -m0755 -p /var/etc | |||||
echo '### AUTOGENERATED CONFIGURATION' > $CFGFILE | |||||
echo '### DO NOT EDIT' >> $CFGFILE | |||||
echo '### SEE /etc/config/tinyproxy INSTEAD' >> $CFGFILE | |||||
echo '' >> $CFGFILE | |||||
proxy_atom "$1" User >> $CFGFILE | |||||
proxy_atom "$1" Group >> $CFGFILE | |||||
proxy_atom "$1" Port 8888 >> $CFGFILE | |||||
proxy_atom "$1" Listen >> $CFGFILE | |||||
proxy_atom "$1" Bind >> $CFGFILE | |||||
proxy_atom "$1" Timeout >> $CFGFILE | |||||
proxy_string "$1" ErrorFile_400 "ErrorFile 400" >> $CFGFILE | |||||
proxy_string "$1" ErrorFile_403 "ErrorFile 403" >> $CFGFILE | |||||
proxy_string "$1" ErrorFile_404 "ErrorFile 404" >> $CFGFILE | |||||
proxy_string "$1" ErrorFile_408 "ErrorFile 408" >> $CFGFILE | |||||
proxy_string "$1" ErrorFile_503 "ErrorFile 503" >> $CFGFILE | |||||
proxy_string "$1" DefaultErrorFile >> $CFGFILE | |||||
proxy_string "$1" StatHost StatHost 127.0.0.1 >> $CFGFILE | |||||
proxy_string "$1" StatFile >> $CFGFILE | |||||
proxy_string "$1" LogFile >> $CFGFILE | |||||
proxy_flag "$1" SysLog >> $CFGFILE | |||||
proxy_atom "$1" LogLevel >> $CFGFILE | |||||
proxy_list "$1" XTinyproxy >> $CFGFILE | |||||
proxy_atom "$1" MaxClients >> $CFGFILE | |||||
proxy_atom "$1" MinSpareServers >> $CFGFILE | |||||
proxy_atom "$1" MaxSpareServers >> $CFGFILE | |||||
proxy_atom "$1" StartServers >> $CFGFILE | |||||
proxy_atom "$1" MaxRequestsPerChild >> $CFGFILE | |||||
proxy_list "$1" Allow >> $CFGFILE | |||||
proxy_string "$1" ViaProxyName >> $CFGFILE | |||||
proxy_string "$1" Filter >> $CFGFILE | |||||
proxy_flag "$1" FilterURLs >> $CFGFILE | |||||
proxy_flag "$1" FilterExtended >> $CFGFILE | |||||
proxy_flag "$1" FilterCaseSensitive >> $CFGFILE | |||||
proxy_flag "$1" FilterDefaultDeny Yes No >> $CFGFILE | |||||
proxy_list "$1" Anonymous '"' >> $CFGFILE | |||||
proxy_list "$1" ConnectPort >> $CFGFILE | |||||
config_foreach write_upstream upstream | |||||
service_start /usr/sbin/tinyproxy -c "$CFGFILE" | |||||
} | |||||
write_upstream() { | |||||
local type | |||||
local via | |||||
local target | |||||
config_get "type" "$1" "type" | |||||
config_get via "$1" via | |||||
config_get target "$1" target | |||||
[ -n "$target" ] && target=' "'"$target"'"' | |||||
[ "$type" == "proxy" -a -n "$via" ] && \ | |||||
echo "upstream $via$target" >> $CFGFILE | |||||
[ "$type" == "reject" -a -n "$target" ] && \ | |||||
echo "no upstream$target" >> $CFGFILE | |||||
} | |||||
proxy_atom() { | |||||
local SECTION=$1 | |||||
local OPTION=$2 | |||||
local DEFAULT=$3 | |||||
config_get _value "$SECTION" "$OPTION" | |||||
[ -z "$_value" ] && _value="$DEFAULT" | |||||
[ -n "$_value" ] && echo "$OPTION $_value" | |||||
} | |||||
proxy_string() { | |||||
local SECTION=$1 | |||||
local OPTION=$2 | |||||
local ALIAS=$3 | |||||
local DEFAULT=$4 | |||||
config_get _value "$SECTION" "$OPTION" | |||||
[ -z "$_value" ] && _value="$DEFAULT" | |||||
[ -n "$_value" ] && echo "${ALIAS:-${OPTION}} "'"'"$_value"'"' | |||||
} | |||||
proxy_flag() { | |||||
local SECTION=$1 | |||||
local OPTION=$2 | |||||
local TRUE="${3:-On}" | |||||
local FALSE="${4:-Off}" | |||||
config_get_bool _value "$SECTION" "$OPTION" 0 | |||||
[ "$_value" -eq "1" ] && _value="$TRUE" || _value="$FALSE" | |||||
echo "$OPTION $_value" | |||||
} | |||||
proxy_list() { | |||||
local SECTION=$1 | |||||
local OPTION=$2 | |||||
local ENCLOSE=$3 | |||||
config_get _value "$SECTION" "$OPTION" | |||||
[ -n "$_value" ] && { | |||||
for entry in $_value; do | |||||
echo "$OPTION ${ENCLOSE}${entry}${ENCLOSE}" | |||||
done | |||||
} | |||||
} |
@ -0,0 +1,86 @@ | |||||
--- a/configure | |||||
+++ b/configure | |||||
@@ -6815,59 +6815,8 @@ fi | |||||
-# Check for asciidoc | |||||
-# Extract the first word of "a2x", so it can be a program name with args. | |||||
-set dummy a2x; ac_word=$2 | |||||
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 | |||||
-$as_echo_n "checking for $ac_word... " >&6; } | |||||
-if test "${ac_cv_path_A2X+set}" = set; then : | |||||
- $as_echo_n "(cached) " >&6 | |||||
-else | |||||
- case $A2X in | |||||
- [\\/]* | ?:[\\/]*) | |||||
- ac_cv_path_A2X="$A2X" # Let the user override the test with a path. | |||||
- ;; | |||||
- *) | |||||
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR | |||||
-for as_dir in $PATH | |||||
-do | |||||
- IFS=$as_save_IFS | |||||
- test -z "$as_dir" && as_dir=. | |||||
- for ac_exec_ext in '' $ac_executable_extensions; do | |||||
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then | |||||
- ac_cv_path_A2X="$as_dir/$ac_word$ac_exec_ext" | |||||
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 | |||||
- break 2 | |||||
- fi | |||||
-done | |||||
- done | |||||
-IFS=$as_save_IFS | |||||
- | |||||
- test -z "$ac_cv_path_A2X" && ac_cv_path_A2X="no" | |||||
- ;; | |||||
-esac | |||||
-fi | |||||
-A2X=$ac_cv_path_A2X | |||||
-if test -n "$A2X"; then | |||||
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $A2X" >&5 | |||||
-$as_echo "$A2X" >&6; } | |||||
-else | |||||
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | |||||
-$as_echo "no" >&6; } | |||||
-fi | |||||
- | |||||
- | |||||
- if test "x$A2X" != "xno"; then | |||||
- HAVE_A2X_TRUE= | |||||
- HAVE_A2X_FALSE='#' | |||||
-else | |||||
HAVE_A2X_TRUE='#' | |||||
HAVE_A2X_FALSE= | |||||
-fi | |||||
- | |||||
-if test x"$A2X" = x"no"; then | |||||
- as_fn_error $? "Test for asciidoc failed. See the file 'INSTALL' for help." "$LINENO" 5 | |||||
-fi | |||||
ac_config_files="$ac_config_files Makefile src/Makefile data/Makefile data/templates/Makefile etc/Makefile docs/Makefile docs/man5/Makefile docs/man5/tinyproxy.conf.txt docs/man8/Makefile docs/man8/tinyproxy.txt m4macros/Makefile tests/Makefile tests/scripts/Makefile" | |||||
--- a/Makefile.am | |||||
+++ b/Makefile.am | |||||
@@ -2,9 +2,7 @@ SUBDIRS = \ | |||||
src \ | |||||
data \ | |||||
etc \ | |||||
- docs \ | |||||
m4macros \ | |||||
- tests | |||||
# tools want this on a single line | |||||
ACLOCAL_AMFLAGS = -I m4macros | |||||
--- a/Makefile.in | |||||
+++ b/Makefile.in | |||||
@@ -222,9 +222,7 @@ SUBDIRS = \ | |||||
src \ | |||||
data \ | |||||
etc \ | |||||
- docs \ | |||||
m4macros \ | |||||
- tests | |||||
# tools want this on a single line |
@ -0,0 +1,13 @@ | |||||
--- a/src/main.c | |||||
+++ b/src/main.c | |||||
@@ -326,8 +326,8 @@ static void initialize_config_defaults ( | |||||
conf->errorpages = NULL; | |||||
conf->stathost = safestrdup (TINYPROXY_STATHOST); | |||||
conf->idletimeout = MAX_IDLE_TIME; | |||||
- conf->logf_name = safestrdup (LOCALSTATEDIR "/log/tinyproxy/tinyproxy.log"); | |||||
- conf->pidpath = safestrdup (LOCALSTATEDIR "/run/tinyproxy/tinyproxy.pid"); | |||||
+ conf->logf_name = safestrdup (LOCALSTATEDIR "/log/tinyproxy.log"); | |||||
+ conf->pidpath = safestrdup (LOCALSTATEDIR "/tinyproxy.pid"); | |||||
} | |||||
/** |
@ -0,0 +1,22 @@ | |||||
--- a/src/conf.c | |||||
+++ b/src/conf.c | |||||
@@ -865,7 +865,6 @@ static HANDLE_FUNC (handle_deny) | |||||
static HANDLE_FUNC (handle_bind) | |||||
{ | |||||
-#ifndef TRANSPARENT_PROXY | |||||
int r = set_string_arg (&conf->bind_address, line, &match[2]); | |||||
if (r) | |||||
@@ -873,11 +872,6 @@ static HANDLE_FUNC (handle_bind) | |||||
log_message (LOG_INFO, | |||||
"Outgoing connections bound to IP %s", conf->bind_address); | |||||
return 0; | |||||
-#else | |||||
- fprintf (stderr, | |||||
- "\"Bind\" cannot be used with transparent support enabled.\n"); | |||||
- return 1; | |||||
-#endif | |||||
} | |||||
static HANDLE_FUNC (handle_listen) |
@ -0,0 +1,38 @@ | |||||
--- a/src/sock.c | |||||
+++ b/src/sock.c | |||||
@@ -39,8 +39,7 @@ | |||||
* returned if the bind succeeded. Otherwise, -1 is returned | |||||
* to indicate an error. | |||||
*/ | |||||
-static int | |||||
-bind_socket (int sockfd, const char *addr, int family) | |||||
+static int bind_socket (int sockfd, const char *addr) | |||||
{ | |||||
struct addrinfo hints, *res, *ressave; | |||||
@@ -48,7 +47,7 @@ bind_socket (int sockfd, const char *add | |||||
assert (addr != NULL && strlen (addr) != 0); | |||||
memset (&hints, 0, sizeof (struct addrinfo)); | |||||
- hints.ai_family = family; | |||||
+ hints.ai_family = AF_UNSPEC; | |||||
hints.ai_socktype = SOCK_STREAM; | |||||
/* The local port it not important */ | |||||
@@ -106,14 +105,12 @@ int opensock (const char *host, int port | |||||
/* Bind to the specified address */ | |||||
if (bind_to) { | |||||
- if (bind_socket (sockfd, bind_to, | |||||
- res->ai_family) < 0) { | |||||
+ if (bind_socket (sockfd, bind_to) < 0) { | |||||
close (sockfd); | |||||
continue; /* can't bind, so try again */ | |||||
} | |||||
} else if (config.bind_address) { | |||||
- if (bind_socket (sockfd, config.bind_address, | |||||
- res->ai_family) < 0) { | |||||
+ if (bind_socket (sockfd, config.bind_address) < 0) { | |||||
close (sockfd); | |||||
continue; /* can't bind, so try again */ | |||||
} |