Description: TODO: Put a short summary on the line above and replace this paragraph with a longer explanation of this change. Complete the meta-information with other relevant fields (see below for details). To make it easier, the information below has been extracted from the changelog. Adjust it or drop it. . httptunnel (3.3+dfsg-3) unstable; urgency=low . * Bump to debhelper v9. * Split patches. * Add new patch 06-fix-cppflags-usage.patch, and run autoreconf upon configure. * Add new patch 07-quote-autoconf-definitions. * Update to copyright format 1.0. * Update to Standards-Version 3.9.3, no changes needed. Author: Teemu Hukkanen --- The information above should follow the Patch Tagging Guidelines, please checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here are templates for supplementary fields that you might want to add: Origin: , Bug: Bug-Debian: https://bugs.debian.org/ Bug-Ubuntu: https://launchpad.net/bugs/ Forwarded: Reviewed-By: Last-Update: --- httptunnel-3.3+dfsg.orig/AUTHORS +++ httptunnel-3.3+dfsg/AUTHORS @@ -2,7 +2,7 @@ Programming: Lars Brinkhoff Magnus Lundström Disclaimer: Barak Pearlmutter -Documentation: Teemu Hukkanen +Documentation: Teemu Hukkanen getopt_long usage: Taken from the manual page. getopt_long code: Taken from GNU fileutils-4.0. Patches: Tomas Berndtsson (Solaris) @@ -21,7 +21,9 @@ Patches: Tomas Berndtsson Brian Somers Sampo Niskanen + Tim Phipps Testing: Philip Craig FAQ: Lars Brinkhoff Christian Brideau + Brian Schwarz ... and many novice users. --- httptunnel-3.3+dfsg.orig/ChangeLog +++ httptunnel-3.3+dfsg/ChangeLog @@ -1,3 +1,25 @@ +2003-01-10 Lars Brinkhoff + + From Marco Michelino : + * hts.c (usage, parse_arguments, main): add --chroot and --user + options. + +2001-06-12 lars brinkhoff + + * tunnel.h: Improved documentation for tunnel programming + inteface. + +2001-05-10 lars brinkhoff + + * common.c (log_level): Where possible, use fputs and fputc + instead of fprintf. + +2001-03-30 lars brinkhoff + + From Tim Phipps : + * hts.c (parse_arguments): --debug argument is required, not + optional. + 2001-02-25 lars brinkhoff From Sampo Niskanen : --- httptunnel-3.3+dfsg.orig/FAQ +++ httptunnel-3.3+dfsg/FAQ @@ -5,6 +5,23 @@ A: It's a generic tool for sending data which uses this data "tunnel". For example, you could use telnet to log in on a computer ouside the proxy. +Q: How do I get this going through a proxy? + +A: On the server you must run hts. If I wanted to have port + 80 (http) redirect all traffic to port 23 (telnet) then + it would go something like: + + hts -F server.test.com:23 80 + + On the client you would run htc. If you are going through + a proxy, the -P option is needed,otherwise omit it. + + htc -P proxy.corp.com:80 -F 22 server.test.com:80 + + Then telnet localhost and it will redirect the traffic out + to port 80 on the proxy server and on to port 80 of the + server, then to port 23. + Q: httptunnel craches my SuSE 5.3 box, why? A: I don't know, but upgrading to 6.0 seems to help. @@ -73,7 +90,7 @@ Q: On REMOTE (brugd.ctrl-c.liu.se) I do A: The first hts is still running in the background. Q: On LOCAL (dhcp-XXX.enea.se) I do: - htc -F 2323 -P http://internwebb/proxy2.pac:8000 brugd.ctrl-c.liu.se:8888 + htc -F 2323 -P internwebb/proxy2.pac:8000 brugd.ctrl-c.liu.se:8888 Now, I try: [root@localhost httptunnel-1.101]# telnet localhost 2323 @@ -92,3 +109,97 @@ Q: Why does 'configure' fail on HP-UX? A: Because you haven't installed gcc. If CFLAGS=-O ./configure doesn't work, you must get gcc, or at least an ANSI C compiler. + +Q: When I use SSH (or VNC, or ) over GNU + httptunnel, the program locks up after a few minutes (or hours). + When I close the program and attempt to reconnect, SSH times out. + What's wrong? + +A: Your httptunnel connection has failed on the client end (possibly + due to network congestion), but the server end has not recognized + that the connection has been lost and won't allow another + connection until the first connection times out. To establish a + more stable tunnel, try experimenting with the various options for + the htc and hts programs. The following settings seem to work + pretty well for me, but your mileage may vary: + + hts -S --max-connection-age 20000 -F localhost:22 8890 + + htc -F 8890 --strict-content-length -B 5k --max-connection-age 2000 \ + -P proxy.mycompany.com:8080 10.1.1.1:8890 + +Q: Okay, I've found some settings that seem to work for me, but I + still get "locked out" on occasion and have to wait for the server + end (hts) to time out. Is there any way to reestablish the tunnel + without waiting for hts to timeout? + +A: Set up at least two tunnels. After the first tunnel hangs, connect + to the ffserver machine using SSH (or Telnet if you don't care + about security) and manually kill the instance of the hts server + that is hung and recreate the tunnel by running hts again. Then + you should be able to reconnect to the original tunnel. BE SURE TO + KILL THE TUNNEL THAT IS HUNG UP, NOT THE ONE TO WHICH YOU ARE + CONNECTED! How do you do this? Here is an example of how to do + this on Linux. [On a Windows server, a similar technique should + work, but it may be more difficult to distinguish between separate + instances of hts on Windows because Task Manager only displays the + name of the program (hts) and not the full command that launched + it.] + + $ ps aux w|grep hts #Use the 'w' option to see the entire line + #so that you can determine which instance of + #hts to kill depending on the port number. + + my_user_name 7268 0.0 0.3 1692 768 ? S Sep24 0:00 hts -S -F localhost:22 8890 + my_user_name 7270 0.0 0.2 1692 744 ? S Sep24 0:00 hts -S -F localhost:22 8891 + my_user_name 10515 0.0 0.2 1692 720 ? S 15:37 0:00 hts -S -F localhost:22 8889 + my_user_name 10549 0.0 0.2 1624 616 pts/2 S 15:40 0:00 grep hts + + $ kill 10515 #assuming that the httptunnel on port 8889 is the one + #that has hung up + + $ hts -S -F localhost:22 8889 #restart hts with the same options to + #reestablish the tunnel. + + Once you have reestablished the tunnel, your existing instance of htc on + the client should be able to reestablish the tunnel without any additional + steps. If in doubt, you could also kill htc on the client and rerun htc, + but I have not generally found that to be necessary. + +Q: Why do I keep getting errors like the ones listed below in my + Application Event Log while using htc on Windows? What does "HTTP + error -503" mean? + + 9/24/2001 2:10:15 PM htc Error None 0 N/A MYPC_NAME The description for + Event ID ( 0 ) in Source ( htc ) cannot be found. The local computer may not + have the necessary registry information or message DLL files to display + messages from a remote computer. The following information is part of the + event: htc : Win32 Process Id = 0x6BC : Cygwin Process Id = 0x6BC : exit + with status = 1. + + 9/24/2001 2:10:15 PM htc Error None 0 N/A MYPC_NAME The description for + Event ID ( 0 ) in Source ( htc ) cannot be found. The local computer may not + have the necessary registry information or message DLL files to display + messages from a remote computer. The following information is part of the + event: htc : Win32 Process Id = 0x6BC : Cygwin Process Id = 0x6BC : couldn't + open tunnel: I/O error. + + 9/24/2001 2:10:15 PM htc Error None 0 N/A MYPC_NAME The description for + Event ID ( 0 ) in Source ( htc ) cannot be found. The local computer may not + have the necessary registry information or message DLL files to display + messages from a remote computer. The following information is part of the + event: htc : Win32 Process Id = 0x6BC : Cygwin Process Id = 0x6BC : + http_error_to_errno: HTTP error -503. + + 9/24/2001 2:10:15 PM htc Error None 0 N/A MYPC_NAME The description for + Event ID ( 0 ) in Source ( htc ) cannot be found. The local computer may not + have the necessary registry information or message DLL files to display + messages from a remote computer. The following information is part of the + event: htc : Win32 Process Id = 0x6BC : Cygwin Process Id = 0x6BC : + tunnel_in_connect: HTTP error 503. + +A: HTTP 503 is the standard HTTP error that means "Service + Unavailable." In this case, it means that the htc client cannot + connect to the server. In the example above, the hts program had + not yet been started on ther server side, but the same error might + indicate other types of network or server errors. --- httptunnel-3.3+dfsg.orig/Makefile.am +++ httptunnel-3.3+dfsg/Makefile.am @@ -22,3 +22,7 @@ EXTRA_DIST = TODO HACKING DISCLAIMER doc FAQ doc/rfc2045.txt hts.1 htc.1 debian/changelog debian/control \ debian/copyright debian/dirs debian/docs debian/rules \ debian/prerm debian/postinst + +squeaky-clean: maintainer-clean + find . -name Makefile.in | xargs rm + rm -f aclocal.m4 config.h.in configure *~ --- httptunnel-3.3+dfsg.orig/acinclude.m4 +++ httptunnel-3.3+dfsg/acinclude.m4 @@ -12,7 +12,8 @@ AC_DEFUN([HTTPTUNNEL_TYPE_SOCKLEN_T], ac_cv_httptunnel_type_socklen_t=no) ]) if test $ac_cv_httptunnel_type_socklen_t != yes; then - AC_DEFINE(socklen_t, int) + AC_DEFINE(socklen_t, int, + [Define to 'int' if doesn't define.]) fi ]) @@ -34,3 +35,7 @@ AC_DEFUN([HTTPTUNNEL_DEFINE_INADDR_NONE] AC_DEFINE(INADDR_NONE, 0xffffffff) fi ]) + +AH_BOTTOM([/* Define to 0xffffffff if doesn't define. */ +#undef INADDR_NONE]) + --- httptunnel-3.3+dfsg.orig/common.c +++ httptunnel-3.3+dfsg/common.c @@ -38,11 +38,14 @@ log_level (int level, char *fmt0, va_lis time (&t); t2 = localtime (&t); strftime (s, sizeof s, "%Y%m%d %H%M%S ", t2); - fprintf (debug_file, "%s", s); + fputs (s, debug_file); + for (i = 1; i < level; i++) - fprintf (debug_file, " "); + fputs (" ", debug_file); + vfprintf (debug_file, fmt0, ap); - fprintf (debug_file, "\n"); + fputc ('\n', debug_file); + fflush (debug_file); } } @@ -59,26 +62,28 @@ void log_notice (char *fmt0, ...) { va_list ap; - va_start(ap, fmt0); + + va_start (ap, fmt0); #ifdef DEBUG_MODE log_level (1, fmt0, ap); #else vsyslog (LOG_NOTICE, fmt0, ap); #endif - va_end(ap); + va_end (ap); } void log_error (char *fmt0, ...) { va_list ap; - va_start(ap, fmt0); + + va_start (ap, fmt0); #ifdef DEBUG_MODE log_level (2, fmt0, ap); #else vsyslog (LOG_ERROR, fmt0, ap); #endif - va_end(ap); + va_end (ap); } #ifdef DEBUG_MODE @@ -86,9 +91,10 @@ void log_debug (char *fmt0, ...) { va_list ap; - va_start(ap, fmt0); + + va_start (ap, fmt0); log_level (3, fmt0, ap); - va_end(ap); + va_end (ap); } #endif @@ -97,9 +103,10 @@ void log_verbose (char *fmt0, ...) { va_list ap; - va_start(ap, fmt0); + + va_start (ap, fmt0); log_level (4, fmt0, ap); - va_end(ap); + va_end (ap); } #endif @@ -108,9 +115,10 @@ void log_annoying (char *fmt0, ...) { va_list ap; + va_start (ap, fmt0); log_level (5, fmt0, ap); - va_end(ap); + va_end (ap); } #endif --- httptunnel-3.3+dfsg.orig/common.h +++ httptunnel-3.3+dfsg/common.h @@ -31,6 +31,9 @@ Copyright (C) 1999 Lars Brinkhoff. See #ifndef TRUE #define TRUE 1 +#endif + +#ifndef FALSE #define FALSE 0 #endif --- httptunnel-3.3+dfsg.orig/configure.in +++ httptunnel-3.3+dfsg/configure.in @@ -2,7 +2,7 @@ dnl Copyright (C) Lars Brinkhoff. dnl Process this file with autoconf to produce a configure script. AC_INIT(tunnel.c) -AM_INIT_AUTOMAKE(httptunnel, 3.3) +AM_INIT_AUTOMAKE(httptunnel, 3.3.cvs) AM_CONFIG_HEADER(config.h) AM_CONDITIONAL(SRCDIR, test "x$srcdir" != x.) --- httptunnel-3.3+dfsg.orig/htc.1 +++ httptunnel-3.3+dfsg/htc.1 @@ -12,10 +12,10 @@ command. .B htc sets up a httptunnel connection to PORT at HOST (default port is 8888). When a connection is made, I/O is redirected from the source specified -by the \-\-device or \-\-forward\-port switch to the tunnel. +by the --device or --forward-port switch to the tunnel. .SH OPTIONS The program follows the usual GNU command line syntax, with long -options starting with two dashes (`\-'). +options starting with two dashes (`-'). A summary of options are included below. .TP .B \-h, \-\-help @@ -42,7 +42,7 @@ always write Content-Length bytes in req .B \-A, \-\-proxy\-authorization USER:PASSWORD proxy authorization .TP -.B \-z, \-\-proxy\-authorization\-file FILE +.B \-\-proxy\-authorization\-file FILE proxy authorization file .TP .B \-B, \-\-proxy\-buffer\-size BYTES @@ -60,9 +60,6 @@ specify User-Agent value in HTTP request .TP .B \-V, \-\-version output version information and exit -.TP -.B \-w, \-\-no-daemon -don't fork into the background .SH AUTHOR This manual page was contributed by Teemu Hukkanen , --- httptunnel-3.3+dfsg.orig/htc.c +++ httptunnel-3.3+dfsg/htc.c @@ -475,9 +475,9 @@ main (int argc, char **argv) if (fd == 0) { log_notice("changing fd from %d to 3",fd); - if (dup2(fd,3) != 3) + if (dup2 (fd, 3) != 3) { - log_error ("couldn't dup2(%d,3): %s",fd,strerror(errno)); + log_error ("couldn't dup2 (%d, 3): %s",fd,strerror(errno)); log_exit (1); } } @@ -496,10 +496,10 @@ main (int argc, char **argv) /* Check that fd is not 0 (clash with --stdin-stdout) */ if (fd == 0) { - log_notice("changing fd from %d to 3",fd); - if (dup2(fd,3) != 3) + log_notice ("changing fd from %d to 3",fd); + if (dup2 (fd, 3) != 3) { - log_error ("couldn't dup2(%d,3): %s",fd,strerror(errno)); + log_error ("couldn't dup2 (%d, 3): %s",fd,strerror(errno)); log_exit (1); } } --- httptunnel-3.3+dfsg.orig/hts.1 +++ httptunnel-3.3+dfsg/hts.1 @@ -3,20 +3,19 @@ hts \- httptunnel server .SH SYNOPSIS .B hts -.I "[options] [host:][port]" +.I "[options] [port]" .SH "DESCRIPTION" This manual page briefly documents the .BR hts command. .PP .B hts -listens for incoming httptunnel connections at PORT (default port is -8888), and optionally binds to ip address HOST. +listens for incoming httptunnel connections at PORT (default port is 8888). When a connection is made, I/O is redirected to the destination specified -by the \-\-device or \-\-forward\-port switch. +by the --device or --forward-port switch. .SH OPTIONS The program follows the usual GNU command line syntax, with long -options starting with two dashes (`\-'). +options starting with two dashes (`-'). A summary of options are included below. .TP .B \-h, \-\-help @@ -37,18 +36,12 @@ send keepalive bytes every SECONDS secon .B \-M, \-\-max\-connection\-age SEC maximum time a connection will stay open is SEC seconds (default is 300) .TP -.B \-s, \-\-stdin\-stdout -use stdin/stdout for communication (implies \-\-no\-daemon) -.TP .B \-S, \-\-strict\-content\-length always write Content-Length bytes in requests .TP .B \-V, \-\-version output version information and exit .TP -.B \-w, \-\-no-daemon -don't fork into the background -.TP .B \-p, \-\-pid\-file LOCATION write a PID file to LOCATION .SH AUTHOR --- httptunnel-3.3+dfsg.orig/hts.c +++ httptunnel-3.3+dfsg/hts.c @@ -13,6 +13,10 @@ two-way data path tunneled in HTTP reque #include #include #include +#include +#include +#include +#include #include "common.h" @@ -31,6 +35,8 @@ typedef struct int strict_content_length; int keep_alive; int max_connection_age; + char *root; + char *user; } Arguments; int debug_level = 0; @@ -40,7 +46,7 @@ static void usage (FILE *f, const char *me) { fprintf (f, -"Usage: %s [OPTION]... [HOST:][PORT]\n" +"Usage: %s [OPTION]... [PORT]\n" "Listen for incoming httptunnel connections at PORT (default port is %d).\n" "When a connection is made, I/O is redirected to the destination specified\n" "by the --device, --forward-port or --stdin-stdout switch.\n" @@ -61,9 +67,11 @@ usage (FILE *f, const char *me) #endif " -M, --max-connection-age SEC maximum time a connection will stay\n" " open is SEC seconds (default is %d)\n" +" -r, --chroot ROOT change root to ROOT\n" " -s, --stdin-stdout use stdin/stdout for communication\n" " (implies --no-daemon)\n" " -S, --strict-content-length always write Content-Length bytes in requests\n" +" -u, --user USER change user to USER\n" " -V, --version output version information and exit\n" " -w, --no-daemon don't fork into the background\n" " -p, --pid-file LOCATION write a PID file to LOCATION\n" @@ -93,6 +101,8 @@ parse_arguments (int argc, char **argv, arg->strict_content_length = FALSE; arg->keep_alive = DEFAULT_KEEP_ALIVE; arg->max_connection_age = DEFAULT_CONNECTION_MAX_TIME; + arg->user = NULL; + arg->root = NULL; for (;;) { @@ -100,24 +110,26 @@ parse_arguments (int argc, char **argv, static struct option long_options[] = { { "help", no_argument, 0, 'h' }, - { "stdin-stdout", no_argument, 0, 's' }, - { "strict-content-length", no_argument, 0, 'S' }, { "version", no_argument, 0, 'V' }, { "no-daemon", no_argument, 0, 'w' }, + { "user", required_argument, 0, 'u' }, #ifdef DEBUG_MODE - { "debug", optional_argument, 0, 'D' }, + { "debug", required_argument, 0, 'D' }, { "logfile", required_argument, 0, 'l' }, #endif + { "chroot", required_argument, 0, 'r' }, + { "stdin-stdout", no_argument, 0, 's' }, { "device", required_argument, 0, 'd' }, { "pid-file", required_argument, 0, 'p' }, { "keep-alive", required_argument, 0, 'k' }, { "forward-port", required_argument, 0, 'F' }, { "content-length", required_argument, 0, 'c' }, + { "strict-content-length", no_argument, 0, 'S' }, { "max-connection-age", required_argument, 0, 'M' }, { 0, 0, 0, 0 } }; - static const char *short_options = "c:d:F:hk:M:p:sSVw" + static const char *short_options = "c:d:F:hk:M:p:sSVwu:r:" #ifdef DEBUG_MODE "D:l:" #endif @@ -187,6 +199,10 @@ parse_arguments (int argc, char **argv, arg->max_connection_age = atoi (optarg); break; + case 'r': + arg->root = optarg; + break; + case 's': arg->use_std=TRUE; arg->use_daemon=FALSE; @@ -196,6 +212,10 @@ parse_arguments (int argc, char **argv, arg->strict_content_length = TRUE; break; + case 'u': + arg->user = optarg; + break; + case 'V': printf ("hts (%s) %s\n", PACKAGE, VERSION); exit (0); @@ -278,6 +298,8 @@ main (int argc, char **argv) Arguments arg; Tunnel *tunnel; FILE *pid_file; + uid_t uid; + gid_t gid; parse_arguments (argc, argv, &arg); @@ -307,11 +329,13 @@ main (int argc, char **argv) log_notice (" debug_level = %d", debug_level); log_notice (" pid_filename = %s", arg.pid_filename ? arg.pid_filename : "(null)"); + log_notice (" chroot = %s", arg.root ? arg.root : "(null)"); + log_notice (" user = %s", arg.user ? arg.user : "(null)"); tunnel = tunnel_new_server (arg.host, arg.port, arg.content_length); if (tunnel == NULL) { - log_error ("couldn't create tunnel", argv[0]); + log_error ("couldn't create tunnel"); log_exit (1); } @@ -353,6 +377,65 @@ main (int argc, char **argv) } } + /* If requested to change user, get new uid and gid before chroot so we */ + /* don't need /etc/passwd & company in the chroot jail */ + if (arg.user) + { + struct passwd *pwd = getpwnam (arg.user); + if (pwd == NULL) + { + log_error ("couldn't find user"); + log_exit (1); + } + uid = pwd->pw_uid; + gid = pwd->pw_gid; + if (setgroups (0, (const gid_t *)0) < 0) + { + log_error ("couldn't drop supplementary groups privileges"); + log_exit (1); + } + if (setgid (gid) < 0) + { + log_error ("couldn't change primary group"); + log_exit (1); + } + if (initgroups (arg.user, gid) < 0) + { + /* non critical error */ + log_error ("couldn't add supplementary groups"); + } + } + + /* Change root if requested */ + if (arg.root) + { + if (chroot (arg.root) < 0) + { + log_error ("couldn't change root"); + log_exit (1); + } + if (chdir ("/") < 0) + { + log_error ("couldn't change dir to new root"); + log_exit (1); + } + if (fclose (stdin) || fclose (stdout) || fclose (stderr)) + { + log_error ("couldn't close stdin, stdout and/or stderr"); + log_exit (1); + } + } + + /* Change user if requested */ + if (arg.user) + { + if (setuid (uid) < 0) + { + log_error ("couldn't change user"); + log_exit (1); + } + } + for (;;) { time_t last_tunnel_write; @@ -372,20 +455,20 @@ main (int argc, char **argv) /* Check that fd is not 0 (clash with --stdin-stdout) */ if (fd == 0) { - log_notice("changing fd from %d to 3",fd); - if (dup2(fd,3) != 3) + log_notice ("changing fd from %d to 3", fd); + if (dup2 (fd, 3) != 3) { - log_error ("couldn't dup2(%d,3): %s",fd,strerror(errno)); + log_error ("couldn't dup2(%d, 3): %s", fd, strerror (errno)); log_exit (1); } } } else if (arg.use_std) { log_debug ("using stdin as fd"); fd = 0; - if (fcntl(fd,F_SETFL,O_NONBLOCK)==-1) + if (fcntl (fd, F_SETFL, O_NONBLOCK)==-1) { log_error ("couldn't set stdin to non-blocking mode: %s", - strerror(errno)); + strerror (errno)); log_exit (1); } /* Usage of stdout (fd = 1) is checked later. */ @@ -420,10 +503,10 @@ main (int argc, char **argv) /* Check that fd is not 0 (clash with --stdin-stdout) */ if (fd == 0) { - log_notice("changing fd from %d to 3",fd); - if (dup2(fd,3) != 3) + log_notice ("changing fd from %d to 3", fd); + if (dup2 (fd, 3) != 3) { - log_error ("couldn't dup2(%d,3): %s",fd,strerror(errno)); + log_error ("couldn't dup2(%d, 3): %s", fd, strerror (errno)); log_exit (1); } } --- httptunnel-3.3+dfsg.orig/http.c +++ httptunnel-3.3+dfsg/http.c @@ -49,18 +49,11 @@ http_method (int fd, Http_destination *d http_add_header (&request->header, "Connection", "close"); if (dest->proxy_authorization) - { - http_add_header (&request->header, - "Proxy-Authorization", - dest->proxy_authorization); - } + http_add_header (&request->header, "Proxy-Authorization", + dest->proxy_authorization); if (dest->user_agent) - { - http_add_header (&request->header, - "User-Agent", - dest->user_agent); - } + http_add_header (&request->header, "User-Agent", dest->user_agent); n = http_write_request (fd, request); http_destroy_request (request); --- httptunnel-3.3+dfsg.orig/tunnel.c +++ httptunnel-3.3+dfsg/tunnel.c @@ -140,30 +140,25 @@ static int tunnel_in_setsockopts (int fd) { #ifdef SO_RCVLOWAT - int tcp = get_proto_number ("tcp"); + int i, n; - if (tcp != -1) - { - int i, n; - - i = 1; - if (setsockopt (fd, - tcp, - SO_RCVLOWAT, - (void *)&i, - sizeof i) == -1) - { - log_debug ("tunnel_in_setsockopts: non-fatal SO_RCVLOWAT error: %s", - strerror (errno)); - } - n = sizeof i; - getsockopt (fd, - tcp, + i = 1; + if (setsockopt (fd, + SOL_SOCKET, SO_RCVLOWAT, (void *)&i, - &n); - log_debug ("tunnel_out_setsockopts: SO_RCVLOWAT: %d", i); + sizeof i) == -1) + { + log_debug ("tunnel_in_setsockopts: non-fatal SO_RCVLOWAT error: %s", + strerror (errno)); } + n = sizeof i; + getsockopt (fd, + SOL_SOCKET, + SO_RCVLOWAT, + (void *)&i, + &n); + log_debug ("tunnel_out_setsockopts: SO_RCVLOWAT: %d", i); #endif /* SO_RCVLOWAT */ return 0; @@ -174,30 +169,26 @@ tunnel_out_setsockopts (int fd) { #ifdef SO_SNDLOWAT { - int tcp = get_proto_number ("tcp"); int i, n; - if (tcp != -1) - { - i = 1; - if (setsockopt (fd, - tcp, - SO_SNDLOWAT, - (void *)&i, - sizeof i) == -1) - { - log_debug ("tunnel_out_setsockopts: " - "non-fatal SO_SNDLOWAT error: %s", - strerror (errno)); - } - n = sizeof i; - getsockopt (fd, - tcp, + i = 1; + if (setsockopt (fd, + SOL_SOCKET, SO_SNDLOWAT, (void *)&i, - &n); - log_debug ("tunnel_out_setsockopts: non-fatal SO_SNDLOWAT: %d", i); + sizeof i) == -1) + { + log_debug ("tunnel_out_setsockopts: " + "non-fatal SO_SNDLOWAT error: %s", + strerror (errno)); } + n = sizeof i; + getsockopt (fd, + SOL_SOCKET, + SO_SNDLOWAT, + (void *)&i, + &n); + log_debug ("tunnel_out_setsockopts: non-fatal SO_SNDLOWAT: %d", i); } #endif /* SO_SNDLOWAT */ --- httptunnel-3.3+dfsg.orig/tunnel.h +++ httptunnel-3.3+dfsg/tunnel.h @@ -14,14 +14,13 @@ Tunnel *tunnel_new_client (const char *h Create a new HTTP tunnel client. -Tunnel *tunnel_new_server (const char *host, - int port, +Tunnel *tunnel_new_server (const char *host, int port, size_t content_length); - Create a new HTTP tunnel server. If LENGTH is 0, the Content-Length - of the HTTP GET response will be determined automatically in some way. - If HOST is not NULL, use it to bind the server socket to a specific - network interface. + Create a new HTTP tunnel server. If CONTENT_LENGTH is 0, the + Content-Length of the HTTP GET response will be determined + automatically in some way. If HOST is not NULL, use it to bind the + server socket to a specific network interface. int tunnel_connect (Tunnel *tunnel); @@ -39,8 +38,8 @@ int tunnel_pollin_fd (Tunnel *tunnel); ssize_t tunnel_read (Tunnel *tunnel, void *data, size_t length); ssize_t tunnel_write (Tunnel *tunnel, void *data, size_t length); - Read or write to the tunnel. Same semantics as with read() and - write(). Watch out for return values less than LENGTH. + Read or write to the tunnel. Same semantics as read() and write(). + Watch out for return values less than LENGTH. int tunnel_padding (Tunnel *tunnel, size_t length); @@ -50,12 +49,55 @@ int tunnel_maybe_pad (Tunnel *tunnel, si Pad to nearest even multiple of LENGTH. +int tunnel_setopt (Tunnel *tunnel, const char *opt, void *data); +int tunnel_getopt (Tunnel *tunnel, const char *opt, void *data); + + Set or get a tunnel option. Valid options are: + + * strict_content_length + + DATA must be a pointer to an int. If the int is nonzero, the + tunnel will always honor Content-Length. Otherwise, less than + Content-Length bytes may be sent in a request. + + * keep_alive + + DATA must be a pointer to an int. If the int is nonzero, + keep-alive bytes will be sent when the connection is idle. + Otherwise, no keep-alive bytes will be sent. + + * max_connection_age + + DATA must be a pointer to an int. The int specifies the maximum + time a connection will be kept open, in seconds. + + * proxy_authorization + + DATA must be a pointer to a char pointer. The char pointer + specifies the proxy authorization string, or NULL if no proxy + authorization string is to be used. When this option is set, the + string will be copied into a newly malloced memory region. + Likewise, when the option is read, the returned string is copied + into a newly malloced memory region which the caller must accept + responsibility to manage. + + * user_agent + + DATA must be a pointer to a char pointer. The char pointer + specifies the User-Agent field to be used in HTTP request headers, + or is NULL is no User-Agent field is to be used. When this option + is set, the string will be copied into a newly malloced memory + region. Likewise, when the option is read, the returned string is + copied into a newly malloced memory region which the caller must + accept responsibility to manage. + int tunnel_close (Tunnel *tunnel); Close the tunnel. void tunnel_destroy (Tunnel *tunnel); -*/ + + Free all resources associated with the tunnel object. */ #ifndef TUNNEL_H #define TUNNEL_H