Package: tinyproxy
Version: 1.8.3-3
Severity: normal
Tags: patch upstream
Dear Maintainer,
The /etc/tinyproxy.filter was root:root and only 0600 - for some reason.
Tinyproxy does the first read as root and had no problem. After reload
(happened regularly because of logrotate) it can't read the filter and
further operation suffered from an "empty" filter list.
1) tinyproxy should send an approbiate log message
2) tinyproxy should read the filter as the run-time-user, not
as root, even on startup
I did some fixup and some testing, it seems to work for me.
-- System Information:
Debian Release: 7.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages tinyproxy depends on:
ii libc6 2.13-38+deb7u3
ii logrotate 3.8.1-4
tinyproxy recommends no packages.
tinyproxy suggests no packages.
-- Configuration Files:
/etc/tinyproxy.conf changed [not included]
-- no debconf information
diff -ruN orig/child.c src/child.c
--- orig/child.c 2014-07-25 16:29:35.000000000 +0200
+++ src/child.c 2014-07-25 18:15:24.649414207 +0200
@@ -35,6 +35,7 @@
#include "utils.h"
#include "conf.h"
+volatile int children; /* referenced from main.c */
static int listenfd;
static socklen_t addrlen;
@@ -201,6 +202,12 @@
ptr->connects = 0;
srand(time(NULL));
+#ifdef FILTER_ENABLE
+ if (config.filter)
+ filter_init ();
+#endif /* FILTER_ENABLE */
+
+
while (!config.quit) {
ptr->status = T_WAITING;
@@ -287,8 +294,10 @@
{
pid_t pid;
- if ((pid = fork ()) > 0)
+ if ((pid = fork ()) > 0) {
+ ++children;
return pid; /* parent */
+ }
/*
* Reset the SIGNALS so that the child can be reaped.
@@ -443,10 +452,6 @@
*/
reload_config ();
-#ifdef FILTER_ENABLE
- filter_reload ();
-#endif /* FILTER_ENABLE */
-
/* propagate filter reload to all children */
child_kill_children (SIGHUP);
diff -ruN orig/filter.c src/filter.c
--- orig/filter.c 2010-01-10 23:52:04.000000000 +0100
+++ src/filter.c 2014-07-25 18:10:42.307947332 +0200
@@ -61,7 +61,17 @@
fd = fopen (config.filter, "r");
if (!fd) {
- return;
+ /*
+ char *msg;
+ asprintf(&msg, "Can't read the filter from %s: %s\n",
+ config.filter, strerror(errno));
+ log_message(LOG_ERR, msg);
+ if (stderr) fputs(msg, stderr);
+ free(msg);
+ */
+ log_message(LOG_ERR, "Can't read the filter from %s: %s",
+ config.filter, strerror(errno));
+ exit(3);
}
p = NULL;
diff -ruN orig/main.c src/main.c
--- orig/main.c 2011-08-16 14:14:34.000000000 +0200
+++ src/main.c 2014-07-25 18:15:00.033280183 +0200
@@ -50,6 +50,7 @@
struct config_s config;
struct config_s config_defaults;
unsigned int received_sighup = FALSE; /* boolean */
+extern volatile int children; /* defined in child.c */
/*
* Handle a signal
@@ -70,7 +71,12 @@
break;
case SIGCHLD:
- while ((pid = waitpid (-1, &status, WNOHANG)) > 0) ;
+ while ((pid = waitpid (-1, &status, WNOHANG)) > 0) {
+ if (!--children) {
+ log_message(LOG_ERR, "No more children left. Shutting down.");
+ exit(2);
+ }
+ }
break;
}
@@ -395,11 +401,6 @@
exit (EX_OSERR);
}
-#ifdef FILTER_ENABLE
- if (config.filter)
- filter_init ();
-#endif /* FILTER_ENABLE */
-
/* Start listening on the selected port. */
if (child_listening_sock (config.port) < 0) {
fprintf (stderr, "%s: Could not create listening socket.\n",
@@ -428,12 +429,6 @@
}
}
- if (child_pool_create () < 0) {
- fprintf (stderr,
- "%s: Could not create the pool of children.\n",
- argv[0]);
- exit (EX_SOFTWARE);
- }
/* These signals are only for the parent process. */
log_message (LOG_INFO, "Setting the various signals.");
@@ -456,6 +451,13 @@
exit (EX_OSERR);
}
+ if (child_pool_create () < 0) {
+ fprintf (stderr,
+ "%s: Could not create the pool of children.\n",
+ argv[0]);
+ exit (EX_SOFTWARE);
+ }
+
/* Start the main loop */
log_message (LOG_INFO, "Starting main loop. Accepting connections.");
