Inicio Explorar Ayuda
Iniciar sesión
cturan
/
3proxy
1
0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Árbol: ede4aee619
Ramas Etiquetas
3proxy
/
src
/
conf.c

conf.c 48 KB
Histórico Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853 
  1. /*
    2. 

  2.    3APA3A simpliest proxy server
    3. 

  3.    (c) 2002-2016 by Vladimir Dubrovin <3proxy@3proxy.ru>
    4. 

  4. 

  5.    please read License Agreement
    6. 

  6. 

  7. */
    8. 

  8. 

  9. #include "proxy.h"
    10. 

  10. #ifndef _WIN32
    11. 

  11. #include <sys/resource.h>
    12. 

  12. #include <pwd.h>
    13. 

  13. #include <grp.h>
    14. 

  14. #ifndef NOPLUGINS
    15. 

  15. #include <dlfcn.h>
    16. 

  16. #endif
    17. 

  17. #endif
    18. 

  18. 

  19. #ifndef DEFAULTCONFIG
    20. 

  20. #define DEFAULTCONFIG conf.stringtable[25]
    21. 

  21. #endif
    22. 

  22. 

  23. pthread_mutex_t bandlim_mutex;
    24. 

  24. pthread_mutex_t connlim_mutex;
    25. 

  25. pthread_mutex_t tc_mutex;
    26. 

  26. pthread_mutex_t pwl_mutex;
    27. 

  27. pthread_mutex_t hash_mutex;
    28. 

  28. pthread_mutex_t config_mutex;
    29. 

  29. 

  30. int haveerror = 0;
    31. 

  31. int linenum = 0;
    32. 

  32. 

  33. FILE *writable;
    34. 

  34. struct counter_header cheader = {"3CF", (time_t)0};
    35. 

  35. struct counter_record crecord;
    36. 

  36. 

  37. int mainfunc (int argc, char** argv);
    38. 

  38. 

  39. struct proxydef childdef = {NULL, 0, 0, S_NOSERVICE, ""};
    40. 

  40. 

  41. #define STRINGBUF 65535
    42. 

  42. #define NPARAMS	  4096
    43. 

  43. 

  44. #ifndef _WIN32
    45. 

  45. char *chrootp = NULL;
    46. 

  46. static pthread_attr_t pa;
    47. 

  47. #endif
    48. 

  48. char * curconf = NULL;
    49. 

  49. 

  50. FILE * confopen(){
    51. 

  51. 	curconf = conf.conffile;
    52. 

  52. #ifndef _WIN32
    53. 

  53. 	if(chrootp){
    54. 

  54. 		if(strstr(curconf, chrootp) == curconf)
    55. 

  55. 			curconf += strlen(chrootp);
    56. 

  56. 	}
    57. 

  57. #endif
    58. 

  58. 	if(writable) {
    59. 

  59. 		rewind(writable);
    60. 

  60. 		return writable;
    61. 

  61. 	}
    62. 

  62. 	return fopen(curconf, "r");
    63. 

  63. }
    64. 

  64. 

  65. 

  66. #ifdef _WIN32
    67. 

  67. DWORD WINAPI startsrv(LPVOID data) {
    68. 

  68. #else
    69. 

  69. void * startsrv(void * data) {
    70. 

  70. #endif
    71. 

  71.   struct child *d = (struct child *)data;
    72. 

  72.   mainfunc(d->argc, (char **)d->argv);
    73. 

  73.   return 0;
    74. 

  74. }
    75. 

  75. 

  76. int included =0;
    77. 

  77. 

  78. int getrotate(char c){
    79. 

  79. 	switch(c){
    80. 

  80. 	case 'c':
    81. 

  81. 	case 'C':
    82. 

  82. 		return MINUTELY;
    83. 

  83. 	case 'h':
    84. 

  84. 	case 'H':
    85. 

  85. 		return HOURLY;
    86. 

  86. 	case 'd':
    87. 

  87. 	case 'D':
    88. 

  88. 		return DAILY;
    89. 

  89. 	case 'w':
    90. 

  90. 	case 'W':
    91. 

  91. 		return WEEKLY;
    92. 

  92. 	case 'y':
    93. 

  93. 	case 'Y':
    94. 

  94. 		return ANNUALLY;
    95. 

  95. 	case 'm':
    96. 

  96. 	case 'M':
    97. 

  97. 		return MONTHLY;
    98. 

  98. 	default:
    99. 

  99. 		return NEVER;
    100. 

  100. 	}
    101. 

  101. }
    102. 

  102. 

  103. 

  104. unsigned char * dologname (unsigned char *buf, unsigned char *name, const unsigned char *ext, ROTATION lt, time_t t) {
    105. 

  105. 	struct tm *ts;
    106. 

  106. 

  107. 	ts = localtime(&t);
    108. 

  108. 	if(strchr((char *)name, '%')){
    109. 

  109. 		struct clientparam fakecli;
    110. 

  110. 

  111. 		memset(&fakecli, 0, sizeof(fakecli));
    112. 

  112. 		dobuf2(&fakecli, buf, NULL, NULL, ts, (char *)name);
    113. 

  113. 	}
    114. 

  114. 	else switch(lt){
    115. 

  115. 		case NONE:
    116. 

  116. 			sprintf((char *)buf, "%s", name);
    117. 

  117. 			break;
    118. 

  118. 		case ANNUALLY:
    119. 

  119. 			sprintf((char *)buf, "%s.%04d", name, ts->tm_year+1900);
    120. 

  120. 			break;
    121. 

  121. 		case MONTHLY:
    122. 

  122. 			sprintf((char *)buf, "%s.%04d.%02d", name, ts->tm_year+1900, ts->tm_mon+1);
    123. 

  123. 			break;
    124. 

  124. 		case WEEKLY:
    125. 

  125. 			t = t - (ts->tm_wday * (60*60*24));
    126. 

  126. 			ts = localtime(&t);
    127. 

  127. 			sprintf((char *)buf, "%s.%04d.%02d.%02d", name, ts->tm_year+1900, ts->tm_mon+1, ts->tm_mday);
    128. 

  128. 			break;
    129. 

  129. 		case DAILY:
    130. 

  130. 			sprintf((char *)buf, "%s.%04d.%02d.%02d", name, ts->tm_year+1900, ts->tm_mon+1, ts->tm_mday);
    131. 

  131. 			break;
    132. 

  132. 		case HOURLY:
    133. 

  133. 			sprintf((char *)buf, "%s.%04d.%02d.%02d-%02d", name, ts->tm_year+1900, ts->tm_mon+1, ts->tm_mday, ts->tm_hour);
    134. 

  134. 			break;
    135. 

  135. 		case MINUTELY:
    136. 

  136. 			sprintf((char *)buf, "%s.%04d.%02d.%02d-%02d.%02d", name, ts->tm_year+1900, ts->tm_mon+1, ts->tm_mday, ts->tm_hour, ts->tm_min);
    137. 

  137. 			break;
    138. 

  138. 		default:
    139. 

  139. 			break;
    140. 

  140. 	}
    141. 

  141. 	if(ext){
    142. 

  142. 		strcat((char *)buf, ".");
    143. 

  143. 		strcat((char *)buf, (char *)ext);
    144. 

  144. 	}
    145. 

  145. 	return buf;
    146. 

  146. }
    147. 

  147. 

  148. int start_proxy_thread(struct child * chp){
    149. 

  149.   pthread_t thread;
    150. 

  150. #ifdef _WIN32
    151. 

  151.   HANDLE h;
    152. 

  152. #endif
    153. 

  153. 

  154. 	conf.threadinit = 1;
    155. 

  155. #ifdef _WIN32
    156. 

  156. #ifndef _WINCE
    157. 

  157. 	h = (HANDLE)_beginthreadex((LPSECURITY_ATTRIBUTES )NULL, 16384+conf.stacksize, (void *)startsrv, (void *) chp, (DWORD)0, &thread);
    158. 

  158. #else
    159. 

  159. 	h = (HANDLE)CreateThread((LPSECURITY_ATTRIBUTES )NULL, 16384+conf.stacksize, (void *)startsrv, (void *) chp, (DWORD)0, &thread);
    160. 

  160. #endif
    161. 

  161. 	if(h)CloseHandle(h);
    162. 

  162. #else
    163. 

  163. 	pthread_attr_init(&pa);
    164. 

  164. 	pthread_attr_setstacksize(&pa,PTHREAD_STACK_MIN + (32768+conf.stacksize));
    165. 

  165. 	pthread_attr_setdetachstate(&pa,PTHREAD_CREATE_DETACHED);
    166. 

  166. 	pthread_create(&thread, &pa, startsrv, (void *)chp);
    167. 

  167. 	pthread_attr_destroy(&pa);
    168. 

  168. #endif
    169. 

  169. 	while(conf.threadinit)usleep(SLEEPTIME);
    170. 

  170. 	if(haveerror)  {
    171. 

  171. 		fprintf(stderr, "Service not started on line: %d\n", linenum);
    172. 

  172. 		return(40);
    173. 

  173. 	}
    174. 

  174. 	return 0;
    175. 

  175. }
    176. 

  176. 

  177. static int h_proxy(int argc, unsigned char ** argv){
    178. 

  178.   struct child ch;
    179. 

  179. 

  180. 	ch.argc = argc;
    181. 

  181. 	ch.argv = argv;
    182. 

  182. 	if(!strcmp((char *)argv[0], "proxy")) {
    183. 

  183. 		childdef.pf = proxychild;
    184. 

  184. 		childdef.port = 3128;
    185. 

  185. 		childdef.isudp = 0;
    186. 

  186. 		childdef.service = S_PROXY;
    187. 

  187. 		childdef.helpmessage = " -n - no NTLM support\n";
    188. 

  188. #ifdef NOIPV6
    189. 

  189. 		if(!resolvfunc || (resolvfunc == myresolver && !dns_table.hashsize)){
    190. 

  190. 			fprintf(stderr, "[line %d] Warning: no nserver/nscache configured, proxy may run very slow\n", linenum);
    191. 

  191. 		}
    192. 

  192. #endif
    193. 

  193. 	}
    194. 

  194. 	else if(!strcmp((char *)argv[0], "pop3p")) {
    195. 

  195. 		childdef.pf = pop3pchild;
    196. 

  196. 		childdef.port = 110;
    197. 

  197. 		childdef.isudp = 0;
    198. 

  198. 		childdef.service = S_POP3P;
    199. 

  199. 		childdef.helpmessage = " -hdefault_host[:port] - use this host and port as default if no host specified\n";
    200. 

  200. 	}
    201. 

  201. 	else if(!strcmp((char *)argv[0], "smtpp")) {
    202. 

  202. 		childdef.pf = smtppchild;
    203. 

  203. 		childdef.port = 25;
    204. 

  204. 		childdef.isudp = 0;
    205. 

  205. 		childdef.service = S_SMTPP;
    206. 

  206. 		childdef.helpmessage = " -hdefault_host[:port] - use this host and port as default if no host specified\n";
    207. 

  207. 	}
    208. 

  208. 	else if(!strcmp((char *)argv[0], "ftppr")) {
    209. 

  209. 		childdef.pf = ftpprchild;
    210. 

  210. 		childdef.port = 21;
    211. 

  211. 		childdef.isudp = 0;
    212. 

  212. 		childdef.service = S_FTPPR;
    213. 

  213. 		childdef.helpmessage = " -hdefault_host[:port] - use this host and port as default if no host specified\n";
    214. 

  214. 	}
    215. 

  215. 	else if(!strcmp((char *)argv[0], "socks")) {
    216. 

  216. 		childdef.pf = sockschild;
    217. 

  217. 		childdef.port = 1080;
    218. 

  218. 		childdef.isudp = 0;
    219. 

  219. 		childdef.service = S_SOCKS;
    220. 

  220. 		childdef.helpmessage = " -n - no NTLM support\n";
    221. 

  221. #ifdef NOIPV6
    222. 

  222. 		if(!resolvfunc || (resolvfunc == myresolver && !dns_table.hashsize)){
    223. 

  223. 			fprintf(stderr, "[line %d] Warning: no nserver/nscache configured, socks may run very slow\n", linenum);
    224. 

  224. 		}
    225. 

  225. #endif
    226. 

  226. 	}
    227. 

  227. 	else if(!strcmp((char *)argv[0], "tcppm")) {
    228. 

  228. 		childdef.pf = tcppmchild;
    229. 

  229. 		childdef.port = 0;
    230. 

  230. 		childdef.isudp = 0;
    231. 

  231. 		childdef.service = S_TCPPM;
    232. 

  232. 		childdef.helpmessage = "";
    233. 

  233. 	}
    234. 

  234. 	else if(!strcmp((char *)argv[0], "udppm")) {
    235. 

  235. 		childdef.pf = udppmchild;
    236. 

  236. 		childdef.port = 0;
    237. 

  237. 		childdef.isudp = 1;
    238. 

  238. 		childdef.service = S_UDPPM;
    239. 

  239. 		childdef.helpmessage = " -s single packet UDP service for request/reply (DNS-like) services\n";
    240. 

  240. 	}
    241. 

  241. 	else if(!strcmp((char *)argv[0], "admin")) {
    242. 

  242. 		childdef.pf = adminchild;
    243. 

  243. 		childdef.port = 80;
    244. 

  244. 		childdef.isudp = 0;
    245. 

  245. 		childdef.service = S_ADMIN;
    246. 

  246. 	}
    247. 

  247. 	else if(!strcmp((char *)argv[0], "dnspr")) {
    248. 

  248. 		childdef.pf = dnsprchild;
    249. 

  249. 		childdef.port = 53;
    250. 

  250. 		childdef.isudp = 1;
    251. 

  251. 		childdef.service = S_DNSPR;
    252. 

  252. 		childdef.helpmessage = " -s - simple DNS forwarding - do not use 3proxy resolver / name cache\n";
    253. 

  253. #ifndef NOIPV6
    254. 

  254. 		if(!resolvfunc || (resolvfunc == myresolver && !dns_table.hashsize) || resolvfunc == fakeresolver){
    255. 

  255. 			fprintf(stderr, "[line %d] Warning: no nserver/nscache configured, dnspr will not work as expected\n", linenum);
    256. 

  256. 		}
    257. 

  257. #endif
    258. 

  258. 	}
    259. 

  259. 	return start_proxy_thread(&ch);
    260. 

  260. }
    261. 

  261. 

  262. static int h_internal(int argc, unsigned char ** argv){
    263. 

  263. 	getip46(46, argv[1], (struct sockaddr *)&conf.intsa);
    264. 

  264. 	return 0;
    265. 

  265. }
    266. 

  266. 

  267. static int h_external(int argc, unsigned char ** argv){
    268. 

  268. 	int res;
    269. 

  269. #ifndef NOIPV6
    270. 

  270. 	struct sockaddr_in6 sa6;
    271. 

  271. 	memset(&sa6, 0, sizeof(sa6));
    272. 

  272. 	res = getip46(46, argv[1], (struct sockaddr *)&sa6);
    273. 

  273. 	if(!res) return 1; 
    274. 

  274. 	if (*SAFAMILY(&sa6)==AF_INET) conf.extsa = sa6;
    275. 

  275. 	else conf.extsa6 = sa6;
    276. 

  276. #else
    277. 

  277. 	res = getip46(46, argv[1], (struct sockaddr *)&conf.extsa);
    278. 

  278. #endif
    279. 

  279. 	return 0;
    280. 

  280. }
    281. 

  281. 

  282. 

  283. static int h_log(int argc, unsigned char ** argv){ 
    284. 

  284. 	unsigned char tmpbuf[8192];
    285. 

  285. 

  286. 

  287. 	havelog = 1;
    288. 

  288. 	if(conf.logtarget){
    289. 

  289. 		myfree(conf.logtarget);
    290. 

  290. 		conf.logtarget = NULL;
    291. 

  291. 	}
    292. 

  292. 	if(argc > 1) {
    293. 

  293. 		if(!strcmp((char *) argv[1], "/dev/null")) {
    294. 

  294. 			conf.logfunc = lognone;
    295. 

  295. 			return 0;
    296. 

  296. 		}
    297. 

  297. 		conf.logtarget = (unsigned char *)mystrdup((char *)argv[1]);
    298. 

  298. 		if(*argv[1]=='@'){
    299. 

  299. #ifndef _WIN32
    300. 

  300. 			openlog((char *)conf.logtarget+1, LOG_PID, LOG_DAEMON);
    301. 

  301. 			conf.logfunc = logsyslog;
    302. 

  302. #endif
    303. 

  303. 		}
    304. 

  304. #ifndef NOODBC
    305. 

  305. 		else if(*argv[1]=='&'){
    306. 

  306. 			pthread_mutex_lock(&log_mutex);
    307. 

  307. 			close_sql();
    308. 

  308. 			init_sql((char *)argv[1]+1);
    309. 

  309. 			pthread_mutex_unlock(&log_mutex);
    310. 

  310. 			conf.logfunc = logsql;
    311. 

  311. 		}
    312. 

  312. #endif
    313. 

  313. #ifndef NORADIUS
    314. 

  314. 		else if(!strcmp(argv[1],"radius")){
    315. 

  315. 			conf.logfunc = logradius;
    316. 

  316. 		}
    317. 

  317. #endif
    318. 

  318. 		else {
    319. 

  319. 			if(argc > 2) {
    320. 

  320. 				conf.logtype = getrotate(*argv[2]);
    321. 

  321. 			}
    322. 

  322. 			if(!strcmp((char *)conf.logtarget, (char *)argv[1])) return 0;
    323. 

  323. 			conf.logtime = time(0);
    324. 

  324. 			if(conf.logname)myfree(conf.logname);
    325. 

  325. 			conf.logname = (unsigned char *)mystrdup((char *)argv[1]);
    326. 

  326. 			if(conf.stdlog) conf.stdlog = freopen((char *)dologname (tmpbuf, conf.logname, NULL, conf.logtype, conf.logtime), "a", conf.stdlog);
    327. 

  327. 			else conf.stdlog = fopen((char *)dologname (tmpbuf, conf.logname, NULL, conf.logtype, conf.logtime), "a");
    328. 

  328. 			if(!conf.stdlog){
    329. 

  329. 				perror((char *)tmpbuf);
    330. 

  330. 				return 1;
    331. 

  331. 			}
    332. 

  332. 			conf.logfunc = logstdout;
    333. 

  333. 

  334. 		}
    335. 

  335. 	}
    336. 

  336. 	else conf.logfunc = logstdout;
    337. 

  337. 	return 0;
    338. 

  338. }
    339. 

  339. 

  340. static int h_stacksize(int argc, unsigned char **argv){
    341. 

  341. 	conf.stacksize = atoi((char *)argv[1]);
    342. 

  342. 	return 0;
    343. 

  343. }
    344. 

  344. 

  345. 

  346. static int h_force(int argc, unsigned char **argv){
    347. 

  347. 	conf.noforce = 0;
    348. 

  348. 	return 0;
    349. 

  349. }
    350. 

  350. 

  351. static int h_noforce(int argc, unsigned char **argv){
    352. 

  352. 	conf.noforce = 1;
    353. 

  353. 	return 0;
    354. 

  354. }
    355. 

  355. 

  356. static int h_service(int argc, unsigned char **argv){
    357. 

  357. 	return 0;
    358. 

  358. }
    359. 

  359. 

  360. static int h_daemon(int argc, unsigned char **argv){
    361. 

  361. 	if(!conf.demon)daemonize();
    362. 

  362. 	conf.demon = 1;
    363. 

  363. 	return 0;
    364. 

  364. }
    365. 

  365. 

  366. static int h_config(int argc, unsigned char **argv){
    367. 

  367. 	if(conf.conffile)myfree(conf.conffile);
    368. 

  368. 	conf.conffile = mystrdup((char *)argv[1]);
    369. 

  369. 	return 0;
    370. 

  370. }
    371. 

  371. 

  372. static int h_include(int argc, unsigned char **argv){
    373. 

  373. 	int res;
    374. 

  374. 	FILE *fp1;
    375. 

  375. 

  376. 	fp1 = fopen((char *)argv[1], "r");
    377. 

  377. 	if(!fp1){
    378. 

  378. 		fprintf(stderr, "Unable to open included file: %s\n", argv[1]);
    379. 

  379. 		return 1;
    380. 

  380. 	}
    381. 

  381. 	res = readconfig(fp1);
    382. 

  382. 	fclose(fp1);
    383. 

  383. 	return res;
    384. 

  384. }
    385. 

  385. 

  386. static int h_archiver(int argc, unsigned char **argv){
    387. 

  387. 	int j;
    388. 

  388. 

  389. 	conf.archiver = myalloc(argc * sizeof(char *));
    390. 

  390. 	if(conf.archiver) {
    391. 

  391. 		conf.archiverc = argc;
    392. 

  392. 		for(j = 0; j < conf.archiverc; j++) conf.archiver[j] = (unsigned char *)mystrdup((char *)argv[j]);
    393. 

  393. 	}
    394. 

  394. 	return 0;
    395. 

  395. }
    396. 

  396. 

  397. static int h_counter(int argc, unsigned char **argv){
    398. 

  398. 	struct counter_header ch1;
    399. 

  399. 	if(conf.counterd >=0)close(conf.counterd);
    400. 

  400. 	if(!conf.trafcountfunc) conf.trafcountfunc = trafcountfunc;
    401. 

  401. 	conf.counterd = open((char *)argv[1], O_BINARY|O_RDWR|O_CREAT, 0660);
    402. 

  402. 	if(conf.counterd<0){
    403. 

  403. 		fprintf(stderr, "Unable to open counter file %s, line %d\n", argv[1], linenum);
    404. 

  404. 		return 1;
    405. 

  405. 	}
    406. 

  406. 	if(read(conf.counterd, &ch1, sizeof(ch1))==sizeof(ch1)){
    407. 

  407. 		if(memcmp(&ch1, &cheader, 4)){
    408. 

  408. 			fprintf(stderr, "Not a counter file %s, line %d\n", argv[1], linenum);
    409. 

  409. 			return 2;
    410. 

  410. 		}
    411. 

  411. #ifdef _TIME64_T_DEFINED
    412. 

  412. #ifdef _MAX__TIME64_T
    413. 

  413. #define MAX_COUNTER_TIME (_MAX__TIME64_T)
    414. 

  414. #elif defined (MAX__TIME64_T)
    415. 

  415. #define MAX_COUNTER_TIME (MAX__TIME64_T)
    416. 

  416. #else
    417. 

  417. #define MAX_COUNTER_TIME (0x793406fff)
    418. 

  418. #endif 
    419. 

  419. #else
    420. 

  420. #define MAX_COUNTER_TIME ((sizeof(time_t)>4)?(time_t)0x793406fff:(time_t)0x7fffffff)
    421. 

  421. #endif
    422. 

  422. 

  423. 		if(ch1.updated < 0 || ch1.updated >= MAX_COUNTER_TIME){
    424. 

  424. 			fprintf(stderr, "Invalid or corrupted counter file %s. Use countersutil utility to convert from older version\n", argv[1]);
    425. 

  425. 			return 3;
    426. 

  426. 		}
    427. 

  427. 		cheader.updated = ch1.updated;
    428. 

  428. 	}
    429. 

  429. 	if(argc >=4) {
    430. 

  430. 		conf.countertype = getrotate(*argv[2]);
    431. 

  431. 		if(conf.counterfile) myfree(conf.counterfile);
    432. 

  432. 		conf.counterfile = mystrdup((char *)argv[3]);
    433. 

  433. 	}
    434. 

  434. 	return 0;
    435. 

  435. }
    436. 

  436. 

  437. static int h_rotate(int argc, unsigned char **argv){
    438. 

  438. 	conf.rotate = atoi((char *)argv[1]);
    439. 

  439. 	return 0;
    440. 

  440. }
    441. 

  441. 

  442. static int h_logformat(int argc, unsigned char **argv){
    443. 

  443. 	unsigned char * old = conf.logformat;
    444. 

  444. 	conf.logformat = (unsigned char *)mystrdup((char *)argv[1]);
    445. 

  445. 	if(old) myfree(old);
    446. 

  446. 	return 0;
    447. 

  447. }
    448. 

  448. 

  449. static int h_timeouts(int argc, unsigned char **argv){
    450. 

  450. 	int j;
    451. 

  451. 

  452. 	for(j = 0; conf.timeouts[j] && j + 1 < argc; j++) {
    453. 

  453. 		if((conf.timeouts[j] = atoi((char *)argv[j + 1])) <= 0 || conf.timeouts[j] > 2000000){
    454. 

  454. 			fprintf(stderr, "Invalid timeout: %s, line %d\n", argv[j + 1], linenum);
    455. 

  455. 			return(1);
    456. 

  456. 		}
    457. 

  457. 	}
    458. 

  458. 	return 0;
    459. 

  459. }
    460. 

  460. 

  461. static int h_noop(int argc, unsigned char **argv){
    462. 

  462. 	return 0;
    463. 

  463. }
    464. 

  464. 

  465. static int h_auth(int argc, unsigned char **argv){
    466. 

  466. 	struct auth *au, * newau;
    467. 

  467. 	
    468. 

  468. 	freeauth(conf.authfuncs);
    469. 

  469. 	conf.authfuncs = NULL;
    470. 

  470. 	if(!conf.bandlimfunc)conf.bandlimfunc = bandlimitfunc;
    471. 

  471. 	for(argc--; argc; argc--){
    472. 

  472. 	  for(au = authfuncs; au; au=au->next){
    473. 

  473. 		if(!strcmp((char *)argv[argc], au->desc)){
    474. 

  474. 			newau = myalloc(sizeof(struct auth));
    475. 

  475. 			newau->next = conf.authfuncs;
    476. 

  476. 			conf.authfuncs = newau;
    477. 

  477. 			conf.authfuncs->desc = au->desc;
    478. 

  478. 			conf.authfuncs->authenticate = au->authenticate;
    479. 

  479. 			conf.authfuncs->authorize = au->authorize;
    480. 

  480. 			break;
    481. 

  481. 		}
    482. 

  482. 	  }
    483. 

  483. 	  if(!au) return 1;
    484. 

  484. 	}
    485. 

  485. 	conf.authfunc = doauth;
    486. 

  486. 	return 0;
    487. 

  487. }
    488. 

  488. 

  489. static int h_users(int argc, unsigned char **argv){
    490. 

  490.   int j;
    491. 

  491.   unsigned char *arg;
    492. 

  492.   struct passwords *pwl = NULL;
    493. 

  493. 

  494. 	for (j = 1; j<argc; j++) {
    495. 

  495. 		if(!(pwl = myalloc(sizeof(struct passwords)))) {
    496. 

  496. 			fprintf(stderr, "No memory for PWL entry, line %d\n", linenum);
    497. 

  497. 			return(1);
    498. 

  498. 		}
    499. 

  499. 		memset(pwl, 0, sizeof(struct passwords));
    500. 

  500. 

  501. 		arg = (unsigned char *)strchr((char *)argv[j], ':');
    502. 

  502. 		if(!arg||!arg[1]||!arg[2]||arg[3]!=':')	{
    503. 

  503. 			pwl->user = (unsigned char *)mystrdup((char *)argv[j]);
    504. 

  504. 			pwl->pwtype = SYS;
    505. 

  505. 		}
    506. 

  506. 		else {
    507. 

  507. 			*arg = 0;
    508. 

  508. 			pwl->user = (unsigned char *)mystrdup((char *)argv[j]);
    509. 

  509. 			if((arg[1] == 'C' && arg[2] == 'L' && (pwl->pwtype = CL)) ||
    510. 

  510. 				(arg[1] == 'C' && arg[2] == 'R' && (pwl->pwtype = CR)) ||
    511. 

  511. 				(arg[1] == 'N' && arg[2] == 'T' && (pwl->pwtype = NT)) ||
    512. 

  512. 				(arg[1] == 'L' && arg[2] == 'M' && (pwl->pwtype = LM))){
    513. 

  513. 				pwl->password = (unsigned char *)mystrdup((char *)arg+4);
    514. 

  514. 			}
    515. 

  515. 			else {
    516. 

  516. 				pwl->password = (unsigned char *) mystrdup((char *)arg + 1);
    517. 

  517. 				pwl->pwtype = UN;
    518. 

  518. 			}
    519. 

  519. 		}
    520. 

  520. 		pthread_mutex_lock(&pwl_mutex);
    521. 

  521. 		pwl->next = conf.pwl;
    522. 

  522. 		conf.pwl = pwl;
    523. 

  523. 		pthread_mutex_unlock(&pwl_mutex);
    524. 

  524. 

  525. 

  526. 	}
    527. 

  527. 	return 0;
    528. 

  528. }
    529. 

  529. 

  530. static int h_maxconn(int argc, unsigned char **argv){
    531. 

  531. 	conf.maxchild = atoi((char *)argv[1]);
    532. 

  532. 	if(!conf.maxchild) {
    533. 

  533. 		return(1);
    534. 

  534. 	}
    535. 

  535. #ifndef _WIN32
    536. 

  536. 	{
    537. 

  537. 		struct rlimit rl;
    538. 

  538. 		if(!getrlimit(RLIMIT_NOFILE, &rl)){
    539. 

  539. 			if((conf.maxchild<<1) > rl.rlim_cur)
    540. 

  540. 				fprintf(stderr, "[line %d] Warning: current open file ulimits are too low (cur: %d/max: %d),"
    541. 

  541. 						" maxconn requires at least %d for every running service."
    542. 

  542. 						" Configure ulimits according to system documentation\n",
    543. 

  543. 						  linenum, (int)rl.rlim_cur, (int)rl.rlim_max, (conf.maxchild<<1));
    544. 

  544. 		}
    545. 

  545. 	}
    546. 

  546. #endif
    547. 

  547. 	return 0;
    548. 

  548. }
    549. 

  549. 

  550. static int h_flush(int argc, unsigned char **argv){
    551. 

  551. 	freeacl(conf.acl);
    552. 

  552. 	conf.acl = NULL;
    553. 

  553. 	return 0;
    554. 

  554. }
    555. 

  555. 

  556. /*
    557. 

  557. static int h_flushusers(int argc, unsigned char **argv){
    558. 

  558. 	freepwl(conf.pwl);
    559. 

  559. 	conf.pwl = NULL;
    560. 

  560. 	return 0;
    561. 

  561. }
    562. 

  562. */
    563. 

  563. 

  564. static int h_nserver(int argc, unsigned char **argv){
    565. 

  565.   char *str;
    566. 

  566. 

  567. 	if(numservers < MAXNSERVERS) {
    568. 

  568. 		if((str = strchr((char *)argv[1], '/')))
    569. 

  569. 			*str = 0;
    570. 

  570. 		*SAPORT(&nservers[numservers].addr) = htons(53);
    571. 

  571. 		if(parsehost(46, argv[1], (struct sockaddr *)&nservers[numservers].addr)) return 1;
    572. 

  572. 		if(str) {
    573. 

  573. 			nservers[numservers].usetcp = strstr(str + 1, "tcp")? 1:0;
    574. 

  574. 			*str = '/';
    575. 

  575. 		}
    576. 

  576. 		numservers++;
    577. 

  577. 

  578. 	}
    579. 

  579. 	resolvfunc = myresolver;
    580. 

  580. 	return 0;
    581. 

  581. }
    582. 

  582. 

  583. static int h_authnserver(int argc, unsigned char **argv){
    584. 

  584.   char *str;
    585. 

  585. 

  586. 	if((str = strchr((char *)argv[1], '/')))
    587. 

  587. 		*str = 0;
    588. 

  588. 	if(parsehost(46, argv[1], (struct sockaddr *)&authnserver.addr)) return 1;
    589. 

  589. 	*SAPORT(&authnserver.addr) = htons(53);
    590. 

  590. 	if(str) {
    591. 

  591. 		authnserver.usetcp = strstr(str + 1, "tcp")? 1:0;
    592. 

  592. 		*str = '/';
    593. 

  593. 	}
    594. 

  594. 	return 0;
    595. 

  595. }
    596. 

  596. 

  597. static int h_fakeresolve(int argc, unsigned char **argv){
    598. 

  598. 	resolvfunc = fakeresolver;
    599. 

  599. 	return 0;
    600. 

  600. }
    601. 

  601. 

  602. static int h_nscache(int argc, unsigned char **argv){
    603. 

  603.   int res;
    604. 

  604. 

  605. 	res = atoi((char *)argv[1]);
    606. 

  606. 	if(res < 256) {
    607. 

  607. 		fprintf(stderr, "Invalid NS cache size: %d\n", res);
    608. 

  608. 		return 1;
    609. 

  609. 	}
    610. 

  610. 	if(inithashtable(&dns_table, (unsigned)res)){
    611. 

  611. 		fprintf(stderr, "Failed to initialize NS cache\n");
    612. 

  612. 		return 2;
    613. 

  613. 	}
    614. 

  614. 	return 0;
    615. 

  615. }
    616. 

  616. static int h_nscache6(int argc, unsigned char **argv){
    617. 

  617.   int res;
    618. 

  618. 

  619. 	res = atoi((char *)argv[1]);
    620. 

  620. 	if(res < 256) {
    621. 

  621. 		fprintf(stderr, "Invalid NS cache size: %d\n", res);
    622. 

  622. 		return 1;
    623. 

  623. 	}
    624. 

  624. 	if(inithashtable(&dns6_table, (unsigned)res)){
    625. 

  625. 		fprintf(stderr, "Failed to initialize NS cache\n");
    626. 

  626. 		return 2;
    627. 

  627. 	}
    628. 

  628. 	return 0;
    629. 

  629. }
    630. 

  630. 

  631. static int h_nsrecord(int argc, unsigned char **argv){
    632. 

  632. #ifndef NOIPV6
    633. 

  633. 	struct sockaddr_in6 sa;
    634. 

  634. #else
    635. 

  635. 	struct sockaddr_in sa;
    636. 

  636. #endif
    637. 

  637. 	memset(&sa, 0, sizeof(sa));
    638. 

  638. 	if(!getip46(46, argv[2], (struct sockaddr *)&sa)) return 1;
    639. 

  639. 

  640. 	hashadd(*SAFAMILY(&sa)==AF_INET6?&dns6_table:&dns_table, argv[1], SAADDR(&sa), (time_t)0xffffffff);
    641. 

  641. 	return 0;
    642. 

  642. }
    643. 

  643. 

  644. static int h_dialer(int argc, unsigned char **argv){
    645. 

  645. 	if(conf.demanddialprog) myfree(conf.demanddialprog);
    646. 

  646. 	conf.demanddialprog = mystrdup((char *)argv[1]);
    647. 

  647. 	return 0;
    648. 

  648. }
    649. 

  649. 

  650. static int h_system(int argc, unsigned char **argv){
    651. 

  651.   int res;
    652. 

  652. 

  653. 	if((res = system((char *)argv[1])) == -1){
    654. 

  654. 		fprintf(stderr, "Failed to start %s\n", argv[1]);
    655. 

  655. 		return(1);
    656. 

  656. 	}
    657. 

  657. 	return 0;
    658. 

  658. }
    659. 

  659. 

  660. static int h_pidfile(int argc, unsigned char **argv){
    661. 

  661.   FILE *pidf;
    662. 

  662. 

  663. 	if(!(pidf = fopen((char *)argv[1], "w"))){
    664. 

  664. 		fprintf(stderr, "Failed to open pid file %s\n", argv[1]);
    665. 

  665. 		return(1);
    666. 

  666. 	}
    667. 

  667. 	fprintf(pidf,"%u", (unsigned)getpid());
    668. 

  668. 	fclose(pidf);
    669. 

  669. 	return 0;
    670. 

  670. }
    671. 

  671. 

  672. static int h_monitor(int argc, unsigned char **argv){
    673. 

  673.   struct filemon * fm;
    674. 

  674. 

  675. 	fm = myalloc(sizeof (struct filemon));
    676. 

  676. 	if(stat((char *)argv[1], &fm->sb)){
    677. 

  677. 		myfree(fm);
    678. 

  678. 		fprintf(stderr, "Warning: file %s doesn't exist on line %d\n", argv[1], linenum);
    679. 

  679. 	}
    680. 

  680. 	else {
    681. 

  681. 		fm->path = mystrdup((char *)argv[1]);
    682. 

  682. 		fm->next = conf.fmon;
    683. 

  683. 		conf.fmon = fm;
    684. 

  684. 	}
    685. 

  685. 	return 0;
    686. 

  686. }
    687. 

  687. 

  688. static int h_parent(int argc, unsigned char **argv){
    689. 

  689.   struct ace *acl = NULL;
    690. 

  690.   struct chain *chains;
    691. 

  691. 

  692. 	acl = conf.acl;
    693. 

  693. 	while(acl && acl->next) acl = acl->next;
    694. 

  694. 	if(!acl || (acl->action && acl->action != 2)) {
    695. 

  695. 		fprintf(stderr, "Chaining error: last ACL entry was not \"allow\" or \"redirect\" on line %d\n", linenum);
    696. 

  696. 		return(1);
    697. 

  697. 	}
    698. 

  698. 	acl->action = 2;
    699. 

  699. 

  700. 	chains = myalloc(sizeof(struct chain));
    701. 

  701. 	if(!chains){
    702. 

  702. 		fprintf(stderr, "Chainig error: unable to allocate memory for chain\n");
    703. 

  703. 		return(2);
    704. 

  704. 	}
    705. 

  705. 	memset(chains, 0, sizeof(struct chain));
    706. 

  706. 	chains->weight = (unsigned)atoi((char *)argv[1]);
    707. 

  707. 	if(chains->weight == 0 || chains->weight >1000) {
    708. 

  708. 		fprintf(stderr, "Chaining error: bad chain weight %u line %d\n", chains->weight, linenum);
    709. 

  709. 		return(3);
    710. 

  710. 	}
    711. 

  711. 	if(!strcmp((char *)argv[2], "tcp"))chains->type = R_TCP;
    712. 

  712. 	else if(!strcmp((char *)argv[2], "http"))chains->type = R_HTTP;
    713. 

  713. 	else if(!strcmp((char *)argv[2], "connect"))chains->type = R_CONNECT;
    714. 

  714. 	else if(!strcmp((char *)argv[2], "socks4"))chains->type = R_SOCKS4;
    715. 

  715. 	else if(!strcmp((char *)argv[2], "socks5"))chains->type = R_SOCKS5;
    716. 

  716. 	else if(!strcmp((char *)argv[2], "connect+"))chains->type = R_CONNECTP;
    717. 

  717. 	else if(!strcmp((char *)argv[2], "socks4+"))chains->type = R_SOCKS4P;
    718. 

  718. 	else if(!strcmp((char *)argv[2], "socks5+"))chains->type = R_SOCKS5P;
    719. 

  719. 	else if(!strcmp((char *)argv[2], "socks4b"))chains->type = R_SOCKS4B;
    720. 

  720. 	else if(!strcmp((char *)argv[2], "socks5b"))chains->type = R_SOCKS5B;
    721. 

  721. 	else if(!strcmp((char *)argv[2], "pop3"))chains->type = R_POP3;
    722. 

  722. 	else if(!strcmp((char *)argv[2], "ftp"))chains->type = R_FTP;
    723. 

  723. 	else if(!strcmp((char *)argv[2], "admin"))chains->type = R_ADMIN;
    724. 

  724. 	else if(!strcmp((char *)argv[2], "extip"))chains->type = R_EXTIP;
    725. 

  725. 	else if(!strcmp((char *)argv[2], "smtp"))chains->type = R_SMTP;
    726. 

  726. 	else {
    727. 

  727. 		fprintf(stderr, "Chaining error: bad chain type (%s)\n", argv[2]);
    728. 

  728. 		return(4);
    729. 

  729. 	}
    730. 

  730. #ifndef NOIPV6
    731. 

  731. 	if(!getip46(46, argv[3], (struct sockaddr *)&chains->addr)) return 5;
    732. 

  732. #else
    733. 

  733. 	getip46(46, argv[3], (struct sockaddr *)&chains->addr);
    734. 

  734. #endif
    735. 

  735. 	chains->exthost = (unsigned char *)mystrdup((char *)argv[3]);
    736. 

  736. 	*SAPORT(&chains->addr) = htons((unsigned short)atoi((char *)argv[4]));
    737. 

  737. 	if(argc > 5) chains->extuser = (unsigned char *)mystrdup((char *)argv[5]);
    738. 

  738. 	if(argc > 6) chains->extpass = (unsigned char *)mystrdup((char *)argv[6]);
    739. 

  739. 	if(!acl->chains) {
    740. 

  740. 		acl->chains = chains;
    741. 

  741. 	}
    742. 

  742. 	else {
    743. 

  743. 		struct chain *tmpchain;
    744. 

  744. 

  745. 		for(tmpchain = acl->chains; tmpchain->next; tmpchain = tmpchain->next);
    746. 

  746. 		tmpchain->next = chains;
    747. 

  747. 	}
    748. 

  748. 	return 0;
    749. 

  749. 	
    750. 

  750. }
    751. 

  751. 

  752. static int h_nolog(int argc, unsigned char **argv){
    753. 

  753.   struct ace *acl = NULL;
    754. 

  754. 

  755. 	acl = conf.acl;
    756. 

  756. 	if(!acl) {
    757. 

  757. 		fprintf(stderr, "Chaining error: last ACL entry was not \"allow/deny\" on line %d\n", linenum);
    758. 

  758. 		return(1);
    759. 

  759. 	}
    760. 

  760. 	while(acl->next) acl = acl->next;
    761. 

  761. 	if(argc == 1) acl->nolog = 1;
    762. 

  762. 	else acl->weight = atoi((char*)argv[1]);
    763. 

  763. 	return 0;
    764. 

  764. }
    765. 

  765. 

  766. int scanipl(unsigned char *arg, struct iplist *dst){
    767. 

  767. #ifndef NOIPV6
    768. 

  768. 	struct sockaddr_in6 sa;
    769. 

  769. #else
    770. 

  770. 	struct sockaddr_in sa;
    771. 

  771. #endif
    772. 

  772.         char * slash, *dash;
    773. 

  773. 	int masklen, addrlen;
    774. 

  774. 	if((slash = strchr((char *)arg, '/'))) *slash = 0;
    775. 

  775. 	if((dash = strchr((char *)arg,'-'))) *dash = 0;
    776. 

  776. 	
    777. 

  777. 	if(!getip46(46, arg, (struct sockaddr *)&sa)) return 1;
    778. 

  778. 	memcpy(&dst->ip_from, SAADDR(&sa), SAADDRLEN(&sa));
    779. 

  779. 	dst->family = *SAFAMILY(&sa);
    780. 

  780. 	if(dash){
    781. 

  781. 		if(!getip46(46, (unsigned char *)dash+1, (struct sockaddr *)&sa)) return 2;
    782. 

  782. 		memcpy(&dst->ip_to, SAADDR(&sa), SAADDRLEN(&sa));
    783. 

  783. 		if(*SAFAMILY(&sa) != dst->family || memcmp(&dst->ip_to, &dst->ip_from, SAADDRLEN(&sa)) < 0) return 3;
    784. 

  784. 		return 0;
    785. 

  785. 	}
    786. 

  786. 	memcpy(&dst->ip_to, &dst->ip_from, SAADDRLEN(&sa));
    787. 

  787. 	if(slash){
    788. 

  788. 		addrlen = SAADDRLEN(&sa);
    789. 

  789. 		masklen = atoi(slash+1);
    790. 

  790. 		if(masklen < 0 || masklen > (addrlen*8)) return 4;
    791. 

  791. 		else {
    792. 

  792. 			int i, nbytes = masklen / 8, nbits = (8 - (masklen % 8)) % 8;
    793. 

  793. 

  794. 			for(i = addrlen; i>(nbytes + (nbits > 0)); i--){
    795. 

  795. 				((unsigned char *)&dst->ip_from)[i-1] = 0x00;
    796. 

  796. 				((unsigned char *)&dst->ip_to)[i-1] = 0xff;
    797. 

  797. 			}
    798. 

  798. 			for(;nbits;nbits--){
    799. 

  799. 				((unsigned char *)&dst->ip_from)[nbytes] &= ~(0x01<<(nbits-1));
    800. 

  800. 				((unsigned char *)&dst->ip_to)[nbytes] |= (0x01<<(nbits-1));
    801. 

  801. 			}
    802. 

  802. 			return 0;
    803. 

  803. 		}
    804. 

  804. 	}		
    805. 

  805. 	return 0;
    806. 

  806. }
    807. 

  807. 

  808. struct ace * make_ace (int argc, unsigned char ** argv){
    809. 

  809. 	struct ace * acl;
    810. 

  810. 	unsigned char *arg;
    811. 

  811. 	struct iplist *ipl=NULL;
    812. 

  812. 	struct portlist *portl=NULL;
    813. 

  813. 	struct userlist *userl=NULL;
    814. 

  814. 	struct hostname *hostnamel=NULL;
    815. 

  815. 	int res;
    816. 

  816. 

  817. 	acl = myalloc(sizeof(struct ace));
    818. 

  818. 	if(!acl) return acl;
    819. 

  819. 	memset(acl, 0, sizeof(struct ace));
    820. 

  820. 		if(argc > 0 && strcmp("*", (char *)argv[0])) {
    821. 

  821. 			arg = argv[0];
    822. 

  822. 			arg = (unsigned char *)strtok((char *)arg, ",");
    823. 

  823. 			do {
    824. 

  824. 				if(!acl->users) {
    825. 

  825. 					acl->users = userl = myalloc(sizeof(struct userlist));
    826. 

  826. 				}
    827. 

  827. 				else {
    828. 

  828. 					userl->next = myalloc(sizeof(struct userlist));
    829. 

  829. 					userl = userl -> next;
    830. 

  830. 				}
    831. 

  831. 				if(!userl) {
    832. 

  832. 					fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
    833. 

  833. 					return(NULL);
    834. 

  834. 				}
    835. 

  835. 				memset(userl, 0, sizeof(struct userlist));
    836. 

  836. 				userl->user=(unsigned char*)mystrdup((char *)arg);
    837. 

  837. 			} while((arg = (unsigned char *)strtok((char *)NULL, ",")));
    838. 

  838. 		}
    839. 

  839. 		if(argc > 1  && strcmp("*", (char *)argv[1])) {
    840. 

  840. 			arg = (unsigned char *)strtok((char *)argv[1], ",");
    841. 

  841. 			do {
    842. 

  842. 				if(!acl->src) {
    843. 

  843. 					acl->src = ipl = myalloc(sizeof(struct iplist));
    844. 

  844. 				}
    845. 

  845. 				else {
    846. 

  846. 					ipl->next = myalloc(sizeof(struct iplist));
    847. 

  847. 					ipl = ipl -> next;
    848. 

  848. 				}
    849. 

  849. 				if(!ipl) {
    850. 

  850. 					fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
    851. 

  851. 					return(NULL);
    852. 

  852. 				}
    853. 

  853. 				memset(ipl, 0, sizeof(struct iplist));
    854. 

  854. 				if (scanipl(arg, ipl)) {
    855. 

  855. 					fprintf(stderr, "Invalid IP, IP range or CIDR, line %d\n", linenum);
    856. 

  856. 					return(NULL);
    857. 

  857. 				}
    858. 

  858. 			} while((arg = (unsigned char *)strtok((char *)NULL, ",")));
    859. 

  859. 		}
    860. 

  860. 		if(argc > 2 && strcmp("*", (char *)argv[2])) {
    861. 

  861. 			arg = (unsigned char *)strtok((char *)argv[2], ",");
    862. 

  862. 			do {
    863. 

  863. 			 int arglen;
    864. 

  864. 			 unsigned char *pattern;
    865. 

  865. 			 
    866. 

  866. 			 arglen = (int)strlen((char *)arg);
    867. 

  867. 			 if(arglen > 0 && (arg[arglen-1] < '0' || arg[arglen-1] > '9')){
    868. 

  868. 				if(!acl->dstnames) {
    869. 

  869. 					acl->dstnames = hostnamel = myalloc(sizeof(struct hostname));
    870. 

  870. 				}
    871. 

  871. 				else {
    872. 

  872. 					hostnamel->next = myalloc(sizeof(struct hostname));
    873. 

  873. 					hostnamel = hostnamel -> next;
    874. 

  874. 				}
    875. 

  875. 				if(!hostnamel){
    876. 

  876. 					fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
    877. 

  877. 					return(NULL);
    878. 

  878. 				}
    879. 

  879. 				memset(hostnamel, 0, sizeof(struct hostname));
    880. 

  880. 				hostnamel->matchtype = 3;
    881. 

  881. 				pattern = arg;
    882. 

  882. 				if(pattern[arglen-1] == '*'){
    883. 

  883. 					arglen --;
    884. 

  884. 					pattern[arglen] = 0;
    885. 

  885. 					hostnamel->matchtype ^= MATCHEND;
    886. 

  886. 				}
    887. 

  887. 				if(pattern[0] == '*'){
    888. 

  888. 					pattern++;
    889. 

  889. 					arglen--;
    890. 

  890. 					hostnamel->matchtype ^= MATCHBEGIN;
    891. 

  891. 				}
    892. 

  892. 				hostnamel->name = (unsigned char *) mystrdup( (char *)pattern);
    893. 

  893. 				if(!hostnamel->name) {
    894. 

  894. 					fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
    895. 

  895. 					return(NULL);
    896. 

  896. 				}
    897. 

  897. 			 }
    898. 

  898. 			 else {
    899. 

  899. 				
    900. 

  900. 				if(!acl->dst) {
    901. 

  901. 					acl->dst = ipl = myalloc(sizeof(struct iplist));
    902. 

  902. 				}
    903. 

  903. 				else {
    904. 

  904. 					ipl->next = myalloc(sizeof(struct iplist));
    905. 

  905. 					ipl = ipl -> next;
    906. 

  906. 				}
    907. 

  907. 				if(!ipl) {
    908. 

  908. 					fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
    909. 

  909. 					return(NULL);
    910. 

  910. 				}
    911. 

  911. 				memset(ipl, 0, sizeof(struct iplist));
    912. 

  912. 				if (scanipl(arg, ipl)) {
    913. 

  913. 						fprintf(stderr, "Invalid IP, IP range or CIDR, line %d\n", linenum);
    914. 

  914. 						return(NULL);
    915. 

  915. 				}
    916. 

  916. 			 }
    917. 

  917. 			}while((arg = (unsigned char *)strtok((char *)NULL, ",")));
    918. 

  918. 		}
    919. 

  919. 		if(argc > 3 && strcmp("*", (char *)argv[3])) {
    920. 

  920. 			arg = (unsigned char *)strtok((char *)argv[3], ",");
    921. 

  921. 			do {
    922. 

  922. 				if(!acl->ports) {
    923. 

  923. 					acl->ports = portl = myalloc(sizeof(struct portlist));
    924. 

  924. 				}
    925. 

  925. 				else {
    926. 

  926. 					portl->next = myalloc(sizeof(struct portlist));
    927. 

  927. 					portl = portl -> next;
    928. 

  928. 				}
    929. 

  929. 				if(!portl) {
    930. 

  930. 					fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
    931. 

  931. 					return(NULL);
    932. 

  932. 				}
    933. 

  933. 				memset(portl, 0, sizeof(struct portlist));
    934. 

  934. 				res = sscanf((char *)arg, "%hu-%hu", &portl->startport, &portl->endport);
    935. 

  935. 				if(res < 1) {
    936. 

  936. 					fprintf(stderr, "Invalid port or port range, line %d\n", linenum);
    937. 

  937. 					return(NULL);
    938. 

  938. 				}
    939. 

  939. 				if (res == 1) portl->endport = portl->startport;
    940. 

  940. 			} while((arg = (unsigned char *)strtok((char *)NULL, ",")));
    941. 

  941. 		}
    942. 

  942. 		if(argc > 4 && strcmp("*", (char *)argv[4])) {
    943. 

  943. 			arg = (unsigned char *)strtok((char *)argv[4], ",");	
    944. 

  944. 			do {
    945. 

  945. 				if(!strcmp((char *)arg, "CONNECT")){
    946. 

  946. 					acl->operation |= CONNECT;
    947. 

  947. 				}
    948. 

  948. 				else if(!strcmp((char *)arg, "BIND")){
    949. 

  949. 					acl->operation |= BIND;
    950. 

  950. 				}
    951. 

  951. 				else if(!strcmp((char *)arg, "UDPASSOC")){
    952. 

  952. 					acl->operation |= UDPASSOC;
    953. 

  953. 				}
    954. 

  954. 				else if(!strcmp((char *)arg, "ICMPASSOC")){
    955. 

  955. 					acl->operation |= ICMPASSOC;
    956. 

  956. 				}
    957. 

  957. 				else if(!strcmp((char *)arg, "HTTP_GET")){
    958. 

  958. 					acl->operation |= HTTP_GET;
    959. 

  959. 				}
    960. 

  960. 				else if(!strcmp((char *)arg, "HTTP_PUT")){
    961. 

  961. 					acl->operation |= HTTP_PUT;
    962. 

  962. 				}
    963. 

  963. 				else if(!strcmp((char *)arg, "HTTP_POST")){
    964. 

  964. 					acl->operation |= HTTP_POST;
    965. 

  965. 				}
    966. 

  966. 				else if(!strcmp((char *)arg, "HTTP_HEAD")){
    967. 

  967. 					acl->operation |= HTTP_HEAD;
    968. 

  968. 				}
    969. 

  969. 				else if(!strcmp((char *)arg, "HTTP_OTHER")){
    970. 

  970. 					acl->operation |= HTTP_OTHER;
    971. 

  971. 				}
    972. 

  972. 				else if(!strcmp((char *)arg, "HTTP_CONNECT")){
    973. 

  973. 					acl->operation |= HTTP_CONNECT;
    974. 

  974. 				}
    975. 

  975. 				else if(!strcmp((char *)arg, "HTTP")){
    976. 

  976. 					acl->operation |= HTTP;
    977. 

  977. 				}
    978. 

  978. 				else if(!strcmp((char *)arg, "HTTPS")){
    979. 

  979. 					acl->operation |= HTTPS;
    980. 

  980. 				}
    981. 

  981. 				else if(!strcmp((char *)arg, "FTP_GET")){
    982. 

  982. 					acl->operation |= FTP_GET;
    983. 

  983. 				}
    984. 

  984. 				else if(!strcmp((char *)arg, "FTP_PUT")){
    985. 

  985. 					acl->operation |= FTP_PUT;
    986. 

  986. 				}
    987. 

  987. 				else if(!strcmp((char *)arg, "FTP_LIST")){
    988. 

  988. 					acl->operation |= FTP_LIST;
    989. 

  989. 				}
    990. 

  990. 				else if(!strcmp((char *)arg, "FTP_DATA")){
    991. 

  991. 					acl->operation |= FTP_DATA;
    992. 

  992. 				}
    993. 

  993. 				else if(!strcmp((char *)arg, "FTP")){
    994. 

  994. 					acl->operation |= FTP;
    995. 

  995. 				}
    996. 

  996. 				else if(!strcmp((char *)arg, "ADMIN")){
    997. 

  997. 					acl->operation |= ADMIN;
    998. 

  998. 				}
    999. 

  999. 				else if(!strcmp((char *)arg, "DNSRESOLVE")){
    1000. 

  1000. 					acl->operation |= DNSRESOLVE;
    1001. 

  1001. 				}
    1002. 

  1002. 				else {
    1003. 

  1003. 					fprintf(stderr, "Unknown operation type: %s line %d\n", arg, linenum);
    1004. 

  1004. 					return(NULL);
    1005. 

  1005. 				}
    1006. 

  1006. 			} while((arg = (unsigned char *)strtok((char *)NULL, ",")));
    1007. 

  1007. 		}
    1008. 

  1008. 		if(argc > 5){
    1009. 

  1009. 			for(arg = argv[5]; *arg;){
    1010. 

  1010. 				int val, val1;
    1011. 

  1011. 

  1012. 				if(!isnumber(*arg)){
    1013. 

  1013. 					arg++;
    1014. 

  1014. 					continue;
    1015. 

  1015. 				}
    1016. 

  1016. 				val1 = val = (*arg - '0');
    1017. 

  1017. 				arg++;
    1018. 

  1018. 				if(*arg == '-' && isnumber(*(arg+1)) && (*(arg+1) - '0') > val) {
    1019. 

  1019. 					val1 = (*(arg+1) - '0');
    1020. 

  1020. 					arg+=2;
    1021. 

  1021. 				}
    1022. 

  1022. 				for(; val<=val1; val++) acl->wdays |= (1 << (val % 7));
    1023. 

  1023. 			}
    1024. 

  1024. 			
    1025. 

  1025. 		}
    1026. 

  1026. 		if(argc > 6){
    1027. 

  1027. 			for(arg = argv[6]; strlen((char *)arg) >= 17 &&
    1028. 

  1028. 							isdigit(arg[0]) &&
    1029. 

  1029. 							isdigit(arg[1]) &&
    1030. 

  1030. 							isdigit(arg[3]) &&
    1031. 

  1031. 							isdigit(arg[4]) &&
    1032. 

  1032. 							isdigit(arg[6]) &&
    1033. 

  1033. 							isdigit(arg[7]) &&
    1034. 

  1034. 							isdigit(arg[9]) &&
    1035. 

  1035. 							isdigit(arg[10]) &&
    1036. 

  1036. 							isdigit(arg[12]) &&
    1037. 

  1037. 							isdigit(arg[13]) &&
    1038. 

  1038. 							isdigit(arg[15]) &&
    1039. 

  1039. 							isdigit(arg[16])
    1040. 

  1040. 							; arg+=18){
    1041. 

  1041. 

  1042. 				int t1, t2;
    1043. 

  1043. 				struct period *sp;
    1044. 

  1044. 

  1045. 				t1 = (arg[0] - '0') * 10 + (arg[1] - '0');
    1046. 

  1046. 				t1 = (t1 * 60) + (arg[3] - '0') * 10 + (arg[4] - '0');
    1047. 

  1047. 				t1 = (t1 * 60) + (arg[6] - '0') * 10 + (arg[7] - '0');
    1048. 

  1048. 				t2 = (arg[9] - '0') * 10 + (arg[10] - '0');
    1049. 

  1049. 				t2 = (t2 * 60) + (arg[12] - '0') * 10 + (arg[13] - '0');
    1050. 

  1050. 				t2 = (t2 * 60) + (arg[15] - '0') * 10 + (arg[16] - '0');
    1051. 

  1051. 				if(t2 < t1) break;
    1052. 

  1052. 				sp = myalloc(sizeof(struct period));
    1053. 

  1053. 				if(sp){
    1054. 

  1054. 					sp->fromtime = t1;
    1055. 

  1055. 					sp->totime = t2;
    1056. 

  1056. 					sp->next = acl->periods;
    1057. 

  1057. 					acl->periods = sp;
    1058. 

  1058. 				}
    1059. 

  1059. 				if(arg[17]!=',') break;
    1060. 

  1060. 			}
    1061. 

  1061. 		}
    1062. 

  1062. 	if (argc > 7){
    1063. 

  1063. 		acl->weight = atoi((char *)argv[7]);
    1064. 

  1064. 	}
    1065. 

  1065. 

  1066. 	return acl;
    1067. 

  1067. }
    1068. 

  1068. 

  1069. 

  1070. static int h_ace(int argc, unsigned char **argv){
    1071. 

  1071.   int res = 0;
    1072. 

  1072.   int offset = 0;
    1073. 

  1073.   struct ace *acl = NULL;
    1074. 

  1074.   struct bandlim * nbl;
    1075. 

  1075.   struct trafcount * tl;
    1076. 

  1076.   struct connlim * ncl;
    1077. 

  1077. 

  1078. 	if(!strcmp((char *)argv[0], "allow")){
    1079. 

  1079. 		res = ALLOW;
    1080. 

  1080. 	}
    1081. 

  1081. 	else if(!strcmp((char *)argv[0], "deny")){
    1082. 

  1082. 		res = DENY;
    1083. 

  1083. 	}
    1084. 

  1084. 	else if(!strcmp((char *)argv[0], "redirect")){
    1085. 

  1085. 		res = REDIRECT;
    1086. 

  1086. 		offset = 2;
    1087. 

  1087. 	}
    1088. 

  1088. 	else if(!strcmp((char *)argv[0], "bandlimin")||!strcmp((char *)argv[0], "bandlimout")){
    1089. 

  1089. 		res = BANDLIM;
    1090. 

  1090. 		offset = 1;
    1091. 

  1091. 	}
    1092. 

  1092. 	else if(!strcmp((char *)argv[0], "nobandlimin")||!strcmp((char *)argv[0], "nobandlimout")){
    1093. 

  1093. 		res = NOBANDLIM;
    1094. 

  1094. 	}
    1095. 

  1095. 	else if(!strcmp((char *)argv[0], "countin")){
    1096. 

  1096. 		res = COUNTIN;
    1097. 

  1097. 		offset = 3;
    1098. 

  1098. 	}
    1099. 

  1099. 	else if(!strcmp((char *)argv[0], "nocountin")){
    1100. 

  1100. 		res = NOCOUNTIN;
    1101. 

  1101. 	}
    1102. 

  1102. 	else if(!strcmp((char *)argv[0], "countout")){
    1103. 

  1103. 		res = COUNTOUT;
    1104. 

  1104. 		offset = 3;
    1105. 

  1105. 	}
    1106. 

  1106. 	else if(!strcmp((char *)argv[0], "nocountout")){
    1107. 

  1107. 		res = NOCOUNTOUT;
    1108. 

  1108. 	}
    1109. 

  1109. 	else if(!strcmp((char *)argv[0], "connlim")){
    1110. 

  1110. 		res = CONNLIM;
    1111. 

  1111. 		offset = 2;
    1112. 

  1112. 	}
    1113. 

  1113. 	else if(!strcmp((char *)argv[0], "noconnlim")){
    1114. 

  1114. 		res = NOCONNLIM;
    1115. 

  1115. 	}
    1116. 

  1116. 	acl = make_ace(argc - (offset+1), argv + (offset + 1));
    1117. 

  1117. 	if(!acl) {
    1118. 

  1118. 		fprintf(stderr, "Unable to parse ACL entry, line %d\n", linenum);
    1119. 

  1119. 		return(1);
    1120. 

  1120. 	}
    1121. 

  1121. 	acl->action = res;
    1122. 

  1122. 	switch(acl->action){
    1123. 

  1123. 	case REDIRECT:
    1124. 

  1124. 		acl->chains = myalloc(sizeof(struct chain));
    1125. 

  1125. 		memset(acl->chains, 0, sizeof(struct chain)); 
    1126. 

  1126. 		if(!acl->chains) {
    1127. 

  1127. 			fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
    1128. 

  1128. 			return(2);
    1129. 

  1129. 		}
    1130. 

  1130. 		acl->chains->type = R_HTTP;
    1131. 

  1131. 		if(!getip46(46, argv[1], (struct sockaddr *)&acl->chains->addr)) return 5;
    1132. 

  1132. 		*SAPORT(&acl->chains->addr) = htons((unsigned short)atoi((char *)argv[2]));
    1133. 

  1133. 		acl->chains->weight = 1000;
    1134. 

  1134. 	case ALLOW:
    1135. 

  1135. 	case DENY:
    1136. 

  1136. 		if(!conf.acl){
    1137. 

  1137. 			conf.acl = acl;
    1138. 

  1138. 		}
    1139. 

  1139. 		else {
    1140. 

  1140. 			struct ace * acei;
    1141. 

  1141. 

  1142. 			for(acei = conf.acl; acei->next; acei = acei->next);
    1143. 

  1143. 			acei->next = acl;
    1144. 

  1144. 		}
    1145. 

  1145. 		break;
    1146. 

  1146. 	case CONNLIM:
    1147. 

  1147. 	case NOCONNLIM:
    1148. 

  1148. 		ncl = myalloc(sizeof(struct connlim));
    1149. 

  1149. 		if(!ncl) {
    1150. 

  1150. 			fprintf(stderr, "No memory to create connection limit filter\n");
    1151. 

  1151. 			return(3);
    1152. 

  1152. 		}
    1153. 

  1153. 		memset(ncl, 0, sizeof(struct connlim));
    1154. 

  1154. 		ncl->ace = acl;
    1155. 

  1155. 		if(acl->action == CONNLIM) {
    1156. 

  1156. 			sscanf((char *)argv[1], "%u", &ncl->rate);
    1157. 

  1157. 			sscanf((char *)argv[2], "%u", &ncl->period);
    1158. 

  1158. 		}
    1159. 

  1159. 		pthread_mutex_lock(&connlim_mutex);
    1160. 

  1160. 		if(!conf.connlimiter){
    1161. 

  1161. 			conf.connlimiter = ncl;
    1162. 

  1162. 		}
    1163. 

  1163. 		else {
    1164. 

  1164. 			struct connlim * cli;
    1165. 

  1165. 

  1166. 			for(cli = conf.connlimiter; cli->next; cli = cli->next);
    1167. 

  1167. 			cli->next = ncl;
    1168. 

  1168. 		}
    1169. 

  1169. 		pthread_mutex_unlock(&connlim_mutex);			
    1170. 

  1170. 		break;
    1171. 

  1171. 

  1172. 	case BANDLIM:
    1173. 

  1173. 	case NOBANDLIM:
    1174. 

  1174. 

  1175. 		nbl = myalloc(sizeof(struct bandlim));
    1176. 

  1176. 		if(!nbl) {
    1177. 

  1177. 			fprintf(stderr, "No memory to create band limit filter\n");
    1178. 

  1178. 			return(3);
    1179. 

  1179. 		}
    1180. 

  1180. 		memset(nbl, 0, sizeof(struct bandlim));
    1181. 

  1181. 		nbl->ace = acl;
    1182. 

  1182. 		if(acl->action == BANDLIM) {
    1183. 

  1183. 			sscanf((char *)argv[1], "%u", &nbl->rate);
    1184. 

  1184. 			if(nbl->rate < 300) {
    1185. 

  1185. 				fprintf(stderr, "Wrong bandwidth specified, line %d\n", linenum);
    1186. 

  1186. 				return(4);
    1187. 

  1187. 			}
    1188. 

  1188. 		}
    1189. 

  1189. 		pthread_mutex_lock(&bandlim_mutex);
    1190. 

  1190. 		if(!strcmp((char *)argv[0], "bandlimin") || !strcmp((char *)argv[0], "nobandlimin")){
    1191. 

  1191. 			if(!conf.bandlimiter){
    1192. 

  1192. 				conf.bandlimiter = nbl;
    1193. 

  1193. 			}
    1194. 

  1194. 			else {
    1195. 

  1195. 				struct bandlim * bli;
    1196. 

  1196. 

  1197. 				for(bli = conf.bandlimiter; bli->next; bli = bli->next);
    1198. 

  1198. 				bli->next = nbl;
    1199. 

  1199. 			}
    1200. 

  1200. 		}
    1201. 

  1201. 		else {
    1202. 

  1202. 			if(!conf.bandlimiterout){
    1203. 

  1203. 				conf.bandlimiterout = nbl;
    1204. 

  1204. 			}
    1205. 

  1205. 			else {
    1206. 

  1206. 				struct bandlim * bli;
    1207. 

  1207. 

  1208. 				for(bli = conf.bandlimiterout; bli->next; bli = bli->next);
    1209. 

  1209. 				bli->next = nbl;
    1210. 

  1210. 			}
    1211. 

  1211. 		}
    1212. 

  1212. 

  1213. 		pthread_mutex_unlock(&bandlim_mutex);			
    1214. 

  1214. 		break;
    1215. 

  1215. 

  1216. 	case COUNTIN:
    1217. 

  1217. 	case NOCOUNTIN:
    1218. 

  1218. 	case COUNTOUT:
    1219. 

  1219. 	case NOCOUNTOUT:
    1220. 

  1220. 		tl = myalloc(sizeof(struct trafcount));
    1221. 

  1221. 		if(!tl) {
    1222. 

  1222. 			fprintf(stderr, "No memory to create traffic limit filter\n");
    1223. 

  1223. 			return(5);
    1224. 

  1224. 		}
    1225. 

  1225. 		memset(tl, 0, sizeof(struct trafcount));
    1226. 

  1226. 		tl->ace = acl;
    1227. 

  1227. 	
    1228. 

  1228. 		if((acl->action == COUNTIN)||(acl->action == COUNTOUT)) {
    1229. 

  1229. 			unsigned long lim;
    1230. 

  1230. 

  1231. 			tl->comment = ( char *)argv[1];
    1232. 

  1232. 			while(isdigit(*tl->comment))tl->comment++;
    1233. 

  1233. 			if(*tl->comment== '/')tl->comment++;
    1234. 

  1234. 			tl->comment = mystrdup(tl->comment);
    1235. 

  1235. 

  1236. 			sscanf((char *)argv[1], "%u", &tl->number);
    1237. 

  1237. 			sscanf((char *)argv[3], "%lu", &lim);
    1238. 

  1238. 			tl->type = getrotate(*argv[2]);
    1239. 

  1239. 			tl->traflim64 =  ((uint64_t)lim)*(1024*1024);
    1240. 

  1240. 			if(!tl->traflim64) {
    1241. 

  1241. 				fprintf(stderr, "Wrong traffic limit specified, line %d\n", linenum);
    1242. 

  1242. 				return(6);
    1243. 

  1243. 			}
    1244. 

  1244. 			if(tl->number != 0 && conf.counterd >= 0) {
    1245. 

  1245. 				lseek(conf.counterd, 
    1246. 

  1246. 					sizeof(struct counter_header) + (tl->number - 1) * sizeof(struct counter_record),
    1247. 

  1247. 					SEEK_SET);
    1248. 

  1248. 				memset(&crecord, 0, sizeof(struct counter_record));
    1249. 

  1249. 				read(conf.counterd, &crecord, sizeof(struct counter_record));
    1250. 

  1250. 				tl->traf64 = crecord.traf64;
    1251. 

  1251. 				tl->cleared = crecord.cleared;
    1252. 

  1252. 				tl->updated = crecord.updated;
    1253. 

  1253. 				if(tl->cleared < 0 || tl->cleared >=  MAX_COUNTER_TIME || tl->updated < 0 || tl->updated >=  MAX_COUNTER_TIME){
    1254. 

  1254. 					fprintf(stderr, "Invalid, incompatible or corrupted counter file.\n");
    1255. 

  1255. 					return(6);
    1256. 

  1256. 				}
    1257. 

  1257. 			}
    1258. 

  1258. 		}
    1259. 

  1259. 		pthread_mutex_lock(&tc_mutex);
    1260. 

  1260. 		if(!conf.trafcounter){
    1261. 

  1261. 			conf.trafcounter = tl;
    1262. 

  1262. 		}
    1263. 

  1263. 		else {
    1264. 

  1264. 			struct trafcount * ntl;
    1265. 

  1265. 

  1266. 			for(ntl = conf.trafcounter; ntl->next; ntl = ntl->next);
    1267. 

  1267. 			ntl->next = tl;
    1268. 

  1268. 		}
    1269. 

  1269. 		pthread_mutex_unlock(&tc_mutex);
    1270. 

  1270. 			
    1271. 

  1271. 	}
    1272. 

  1272. 	return 0;
    1273. 

  1273. }
    1274. 

  1274. 

  1275. static int h_logdump(int argc, unsigned char **argv){
    1276. 

  1276. 	conf.logdumpsrv = (unsigned) atoi((char *) *(argv + 1));
    1277. 

  1277. 	if(argc > 2) conf.logdumpcli = (unsigned) atoi((char *) *(argv + 2));
    1278. 

  1278. 	return 0;
    1279. 

  1279. }
    1280. 

  1280. 

  1281. 

  1282. static int h_filtermaxsize(int argc, unsigned char **argv){
    1283. 

  1283. 	conf.filtermaxsize = atoi((char *) *(argv + 1));
    1284. 

  1284. 	return 0;
    1285. 

  1285. }
    1286. 

  1286. 

  1287. static int h_delimchar(int argc, unsigned char **argv){
    1288. 

  1288. 	conf.delimchar = *argv[1];
    1289. 

  1289. 	return 0;
    1290. 

  1290. }
    1291. 

  1291. 

  1292. 

  1293. #ifndef NORADIUS
    1294. 

  1294. static int h_radius(int argc, unsigned char **argv){
    1295. 

  1295. 	unsigned short port;
    1296. 

  1296. 

  1297. /*
    1298. 

  1298. 	int oldrad;
    1299. 

  1299. #ifdef NOIPV6
    1300. 

  1300. 	struct  sockaddr_in bindaddr;
    1301. 

  1301. #else
    1302. 

  1302. 	struct  sockaddr_in6 bindaddr;
    1303. 

  1303. #endif
    1304. 

  1304. 

  1305. 	oldrad = nradservers;
    1306. 

  1306. 	nradservers = 0;
    1307. 

  1307. 	for(; oldrad; oldrad--){
    1308. 

  1308. 		if(radiuslist[oldrad].logsock >= 0) so._closesocket(radiuslist[oldrad].logsock);
    1309. 

  1309. 		radiuslist[oldrad].logsock = -1;
    1310. 

  1310. 	}
    1311. 

  1311. */
    1312. 

  1312. 	memset(radiuslist, 0, sizeof(radiuslist));
    1313. 

  1313. 	if(strlen(argv[1]) > 63) argv[1][63] = 0;
    1314. 

  1314. 	strcpy(radiussecret, argv[1]);
    1315. 

  1315. 	for( nradservers=0; nradservers < MAXRADIUS && nradservers < argc -2; nradservers++){
    1316. 

  1316. 		if( !getip46(46, argv[nradservers + 2], (struct sockaddr *)&radiuslist[nradservers].authaddr)) return 1;
    1317. 

  1317. 		if(!*SAPORT(&radiuslist[nradservers].authaddr))*SAPORT(&radiuslist[nradservers].authaddr) = htons(1812);
    1318. 

  1318. 		port = ntohs(*SAPORT(&radiuslist[nradservers].authaddr));
    1319. 

  1319. 		radiuslist[nradservers].logaddr = radiuslist[nradservers].authaddr;
    1320. 

  1320.  	        *SAPORT(&radiuslist[nradservers].logaddr) = htons(port+1);
    1321. 

  1321. /*
    1322. 

  1322. 		bindaddr = conf.intsa;
    1323. 

  1323. 		if ((radiuslist[nradservers].logsock = so._socket(SASOCK(&radiuslist[nradservers].logaddr), SOCK_DGRAM, 0)) < 0) return 2;
    1324. 

  1324. 		if (so._bind(radiuslist[nradservers].logsock, (struct sockaddr *)&bindaddr, SASIZE(&bindaddr))) return 3;
    1325. 

  1325. */
    1326. 

  1326. 	}
    1327. 

  1327. 	return 0;
    1328. 

  1328. }
    1329. 

  1329. #endif
    1330. 

  1330. static int h_authcache(int argc, unsigned char **argv){
    1331. 

  1331. 	conf.authcachetype = 0;
    1332. 

  1332. 	if(strstr((char *) *(argv + 1), "ip")) conf.authcachetype |= 1;
    1333. 

  1333. 	if(strstr((char *) *(argv + 1), "user")) conf.authcachetype |= 2;
    1334. 

  1334. 	if(strstr((char *) *(argv + 1), "pass")) conf.authcachetype |= 4;
    1335. 

  1335. 	if(argc > 2) conf.authcachetime = (unsigned) atoi((char *) *(argv + 2));
    1336. 

  1336. 	if(!conf.authcachetype) conf.authcachetype = 6;
    1337. 

  1337. 	if(!conf.authcachetime) conf.authcachetime = 600;
    1338. 

  1338. 	return 0;
    1339. 

  1339. }
    1340. 

  1340. 

  1341. static int h_plugin(int argc, unsigned char **argv){
    1342. 

  1342. #ifdef NOPLUGINS
    1343. 

  1343. 	return 999;
    1344. 

  1344. #else
    1345. 

  1345. #ifdef _WIN32
    1346. 

  1346. 	HINSTANCE hi;
    1347. 

  1347. 	FARPROC fp;
    1348. 

  1348. 

  1349. #ifdef _WINCE
    1350. 

  1350. 	hi = LoadLibraryW((LPCWSTR)CEToUnicode(argv[1]));
    1351. 

  1351. #else
    1352. 

  1352. 	hi = LoadLibrary((char *)argv[1]);
    1353. 

  1353. #endif
    1354. 

  1354. 	if(!hi) {
    1355. 

  1355. 		fprintf(stderr, "Failed to load %s, code %d\n", argv[1], (int)GetLastError());
    1356. 

  1356. 		return 1;
    1357. 

  1357. 	}
    1358. 

  1358. #ifdef _WINCE
    1359. 

  1359. 	fp = GetProcAddressW(hi, (LPCWSTR)CEToUnicode(argv[2]));
    1360. 

  1360. #else
    1361. 

  1361. 	fp = GetProcAddress(hi, (char *)argv[2]);
    1362. 

  1362. #endif
    1363. 

  1363. 	if(!fp) {
    1364. 

  1364. 		printf("%s not found in %s, code: %d\n", argv[2], argv[1], (int)GetLastError());
    1365. 

  1365. 		return 2;
    1366. 

  1366. 	}
    1367. 

  1367. 	return (*(PLUGINFUNC)fp)(&pluginlink, argc - 2, (char **)argv + 2);
    1368. 

  1368. #else	
    1369. 

  1369. 	void *hi, *fp;
    1370. 

  1370. 	hi = dlopen((char *)argv[1], RTLD_LAZY);
    1371. 

  1371. 	if(!hi) return 1;
    1372. 

  1372. 	fp = dlsym(hi, (char *)argv[2]);
    1373. 

  1373. 	if(!fp) return 2;
    1374. 

  1374. 	return (*(PLUGINFUNC)fp)(&pluginlink, argc - 2, (char **)argv + 2);
    1375. 

  1375. #endif
    1376. 

  1376. #endif
    1377. 

  1377. }
    1378. 

  1378. 

  1379. #ifndef _WIN32
    1380. 

  1380. 

  1381. uid_t strtouid(unsigned char *str){
    1382. 

  1382.  uid_t res = 0;
    1383. 

  1383. 

  1384. 	if(!isnumber(*(char *)str)){
    1385. 

  1385. 		struct passwd *pw;
    1386. 

  1386. 		pw = getpwnam((char *)str);
    1387. 

  1387. 		if(pw) res = pw->pw_uid;
    1388. 

  1388. 	}
    1389. 

  1389. 	else res = atoi((char *)str);
    1390. 

  1390. 	return res;
    1391. 

  1391. }
    1392. 

  1392. 

  1393. 

  1394. static int h_setuid(int argc, unsigned char **argv){
    1395. 

  1395.   uid_t res = 0;
    1396. 

  1396. 	res = strtouid(argv[1]);
    1397. 

  1397. 	if(!res || setreuid(res,res)) {
    1398. 

  1398. 		fprintf(stderr, "Unable to set uid %d", res);
    1399. 

  1399. 		return(1);
    1400. 

  1400. 	}
    1401. 

  1401. 	return 0;
    1402. 

  1402. }
    1403. 

  1403. 

  1404. gid_t strtogid(unsigned char *str){
    1405. 

  1405.   gid_t res = 0;
    1406. 

  1406. 

  1407. 	if(!isnumber(*(char *)str)){
    1408. 

  1408. 		struct group *gr;
    1409. 

  1409. 		gr = getgrnam((char *)str);
    1410. 

  1410. 		if(gr) res = gr->gr_gid;
    1411. 

  1411. 	}
    1412. 

  1412. 	else res = atoi((char *)str);
    1413. 

  1413. 	return res;
    1414. 

  1414. }
    1415. 

  1415. 

  1416. static int h_setgid(int argc, unsigned char **argv){
    1417. 

  1417.   gid_t res = 0;
    1418. 

  1418. 

  1419. 	res = strtogid(argv[1]);
    1420. 

  1420. 	if(!res || setregid(res,res)) {
    1421. 

  1421. 		fprintf(stderr, "Unable to set gid %d", res);
    1422. 

  1422. 		return(1);
    1423. 

  1423. 	}
    1424. 

  1424. 	return 0;
    1425. 

  1425. }
    1426. 

  1426. 

  1427. 

  1428. static int h_chroot(int argc, unsigned char **argv){
    1429. 

  1429. 	uid_t uid = 0;
    1430. 

  1430. 	gid_t gid = 0;
    1431. 

  1431. 	if(argc > 2) {
    1432. 

  1432. 		uid = strtouid(argv[2]);
    1433. 

  1433. 		if(!uid){
    1434. 

  1434. 			fprintf(stderr, "Unable to resolve uid %s", argv[2]);
    1435. 

  1435. 			return(2);
    1436. 

  1436. 		}
    1437. 

  1437.         }
    1438. 

  1438. 	if(argc > 3) {
    1439. 

  1439. 		gid = strtogid(argv[3]);
    1440. 

  1440. 		if(!gid){
    1441. 

  1441. 			fprintf(stderr, "Unable to resolve gid %s", argv[3]);
    1442. 

  1442. 			return(3);
    1443. 

  1443. 		}
    1444. 

  1444.         }
    1445. 

  1445. 	if(!chrootp){
    1446. 

  1446. 		char *p;
    1447. 

  1447. 		if(chroot((char *)argv[1])) {
    1448. 

  1448. 			fprintf(stderr, "Unable to chroot %s", argv[1]);
    1449. 

  1449. 			return(1);
    1450. 

  1450. 		}
    1451. 

  1451. 		p = (char *)argv[1] + strlen((char *)argv[1]) ;
    1452. 

  1452. 		while (p > (char *)argv[1] && p[-1] == '/'){
    1453. 

  1453. 			p--;
    1454. 

  1454. 			*p = 0;
    1455. 

  1455. 		}
    1456. 

  1456. 		chrootp = mystrdup((char *)argv[1]);
    1457. 

  1457. 	}
    1458. 

  1458. 	if (gid && setregid(gid,gid)) {
    1459. 

  1459. 		fprintf(stderr, "Unable to set gid %d", (int)gid);
    1460. 

  1460. 		return(4);
    1461. 

  1461. 	}
    1462. 

  1462. 	if (uid && setreuid(uid,uid)) {
    1463. 

  1463. 		fprintf(stderr, "Unable to set uid %d", (int)uid);
    1464. 

  1464. 		return(5);
    1465. 

  1465. 	}
    1466. 

  1466. 

  1467. 	return 0;
    1468. 

  1468. }
    1469. 

  1469. #endif
    1470. 

  1470. 

  1471. 

  1472. struct commands specificcommands[]={
    1473. 

  1473. #ifndef _WIN32
    1474. 

  1474. 	{specificcommands+1, "setuid", h_setuid, 2, 2},
    1475. 

  1475. 	{specificcommands+2, "setgid", h_setgid, 2, 2},
    1476. 

  1476. 	{specificcommands+3, "chroot", h_chroot, 2, 4},
    1477. 

  1477. #endif
    1478. 

  1478. 	{NULL, 		"", h_noop, 1, 0}
    1479. 

  1479. };
    1480. 

  1480. 

  1481. struct commands commandhandlers[]={
    1482. 

  1482. 	{commandhandlers+1,  "", h_noop, 1, 0},
    1483. 

  1483. 	{commandhandlers+2,  "proxy", h_proxy, 1, 0},
    1484. 

  1484. 	{commandhandlers+3,  "pop3p", h_proxy, 1, 0},
    1485. 

  1485. 	{commandhandlers+4,  "ftppr", h_proxy, 1, 0},
    1486. 

  1486. 	{commandhandlers+5,  "socks", h_proxy, 1, 0},
    1487. 

  1487. 	{commandhandlers+6,  "tcppm", h_proxy, 4, 0},
    1488. 

  1488. 	{commandhandlers+7,  "udppm", h_proxy, 4, 0},
    1489. 

  1489. 	{commandhandlers+8,  "admin", h_proxy, 1, 0},
    1490. 

  1490. 	{commandhandlers+9,  "dnspr", h_proxy, 1, 0},
    1491. 

  1491. 	{commandhandlers+10,  "internal", h_internal, 2, 2},
    1492. 

  1492. 	{commandhandlers+11, "external", h_external, 2, 2},
    1493. 

  1493. 	{commandhandlers+12, "log", h_log, 1, 0},
    1494. 

  1494. 	{commandhandlers+13, "service", h_service, 1, 1},
    1495. 

  1495. 	{commandhandlers+14, "daemon", h_daemon, 1, 1},
    1496. 

  1496. 	{commandhandlers+15, "config", h_config, 2, 2},
    1497. 

  1497. 	{commandhandlers+16, "include", h_include, 2, 2},
    1498. 

  1498. 	{commandhandlers+17, "archiver", h_archiver, 3, 0},
    1499. 

  1499. 	{commandhandlers+18, "counter", h_counter, 2, 4},
    1500. 

  1500. 	{commandhandlers+19, "rotate", h_rotate, 2, 2},
    1501. 

  1501. 	{commandhandlers+20, "logformat", h_logformat, 2, 2},
    1502. 

  1502. 	{commandhandlers+21, "timeouts", h_timeouts, 2, 0},
    1503. 

  1503. 	{commandhandlers+22, "auth", h_auth, 2, 0},
    1504. 

  1504. 	{commandhandlers+23, "users", h_users, 2, 0},
    1505. 

  1505. 	{commandhandlers+24, "maxconn", h_maxconn, 2, 2},
    1506. 

  1506. 	{commandhandlers+25, "flush", h_flush, 1, 1},
    1507. 

  1507. 	{commandhandlers+26, "nserver", h_nserver, 2, 2},
    1508. 

  1508. 	{commandhandlers+27, "fakeresolve", h_fakeresolve, 1, 1},
    1509. 

  1509. 	{commandhandlers+28, "nscache", h_nscache, 2, 2},
    1510. 

  1510. 	{commandhandlers+29, "nscache6", h_nscache6, 2, 2},
    1511. 

  1511. 	{commandhandlers+30, "nsrecord", h_nsrecord, 3, 3},
    1512. 

  1512. 	{commandhandlers+31, "dialer", h_dialer, 2, 2},
    1513. 

  1513. 	{commandhandlers+32, "system", h_system, 2, 2},
    1514. 

  1514. 	{commandhandlers+33, "pidfile", h_pidfile, 2, 2},
    1515. 

  1515. 	{commandhandlers+34, "monitor", h_monitor, 2, 2},
    1516. 

  1516. 	{commandhandlers+35, "parent", h_parent, 5, 0},
    1517. 

  1517. 	{commandhandlers+36, "allow", h_ace, 1, 0},
    1518. 

  1518. 	{commandhandlers+37, "deny", h_ace, 1, 0},
    1519. 

  1519. 	{commandhandlers+38, "redirect", h_ace, 3, 0},
    1520. 

  1520. 	{commandhandlers+39, "bandlimin", h_ace, 2, 0},
    1521. 

  1521. 	{commandhandlers+40, "bandlimout", h_ace, 2, 0},
    1522. 

  1522. 	{commandhandlers+41, "nobandlimin", h_ace, 1, 0},
    1523. 

  1523. 	{commandhandlers+42, "nobandlimout", h_ace, 1, 0},
    1524. 

  1524. 	{commandhandlers+43, "countin", h_ace, 4, 0},
    1525. 

  1525. 	{commandhandlers+44, "nocountin", h_ace, 1, 0},
    1526. 

  1526. 	{commandhandlers+45, "countout", h_ace, 4, 0},
    1527. 

  1527. 	{commandhandlers+46, "nocountout", h_ace, 1, 0},
    1528. 

  1528. 	{commandhandlers+47, "connlim", h_ace, 4, 0},
    1529. 

  1529. 	{commandhandlers+48, "noconnlim", h_ace, 1, 0},
    1530. 

  1530. 	{commandhandlers+49, "plugin", h_plugin, 3, 0},
    1531. 

  1531. 	{commandhandlers+50, "logdump", h_logdump, 2, 3},
    1532. 

  1532. 	{commandhandlers+51, "filtermaxsize", h_filtermaxsize, 2, 2},
    1533. 

  1533. 	{commandhandlers+52, "nolog", h_nolog, 1, 1},
    1534. 

  1534. 	{commandhandlers+53, "weight", h_nolog, 2, 2},
    1535. 

  1535. 	{commandhandlers+54, "authcache", h_authcache, 2, 3},
    1536. 

  1536. 	{commandhandlers+55, "smtpp", h_proxy, 1, 0},
    1537. 

  1537. 	{commandhandlers+56, "delimchar",h_delimchar, 2, 2},
    1538. 

  1538. 	{commandhandlers+57, "authnserver", h_authnserver, 2, 2},
    1539. 

  1539. 	{commandhandlers+58, "stacksize", h_stacksize, 2, 2},
    1540. 

  1540. 	{commandhandlers+59, "force", h_force, 1, 1},
    1541. 

  1541. 	{commandhandlers+60, "noforce", h_noforce, 1, 1},
    1542. 

  1542. #ifndef NORADIUS
    1543. 

  1543. 	{commandhandlers+61, "radius", h_radius, 3, 0},
    1544. 

  1544. #endif
    1545. 

  1545. 	{specificcommands, 	 "", h_noop, 1, 0}
    1546. 

  1546. };
    1547. 

  1547. 

  1548. int parsestr (unsigned char *str, unsigned char **argm, int nitems, unsigned char ** buff, int *inbuf, int *bufsize){
    1549. 

  1549. #define buf (*buff)
    1550. 

  1550. 	int argc = 0;
    1551. 

  1551. 	int space = 1;
    1552. 

  1552. 	int comment = 0;
    1553. 

  1553. 	unsigned char * incbegin = 0;
    1554. 

  1554. 	int fd;
    1555. 

  1555. 	int res, len;
    1556. 

  1556. 	unsigned char *str1;
    1557. 

  1557. 

  1558. 	for(;;str++){
    1559. 

  1559. 	 if(*str == '\"'){
    1560. 

  1560. 		str1 = str;
    1561. 

  1561. 		do {
    1562. 

  1562. 			*str1 = *(str1 + 1);
    1563. 

  1563. 		}while(*(str1++));
    1564. 

  1564. 		if(!comment || *str != '\"'){
    1565. 

  1565. 			comment = !comment;
    1566. 

  1566. 		}
    1567. 

  1567. 	 }
    1568. 

  1568.          switch(*str){
    1569. 

  1569. 		case '\0': 
    1570. 

  1570. 			if(comment) return -1;
    1571. 

  1571. 			argm[argc] = 0;
    1572. 

  1572. 			return argc;
    1573. 

  1573. 		case '$':
    1574. 

  1574. 			if(comment){
    1575. 

  1575. 				if(space){
    1576. 

  1576. 					argm[argc++] = str;
    1577. 

  1577. 					if(argc >= nitems) return argc;
    1578. 

  1578. 					space = 0;
    1579. 

  1579. 				}
    1580. 

  1580. 			}
    1581. 

  1581. 			else if(!included){
    1582. 

  1582. 				incbegin = str;
    1583. 

  1583. 				*str = 0;
    1584. 

  1584. 			}
    1585. 

  1585. 			break;
    1586. 

  1586. 		case '\r':
    1587. 

  1587. 		case '\n':
    1588. 

  1588. 		case '\t':
    1589. 

  1589. 		case ' ':
    1590. 

  1590. 			if(!comment){
    1591. 

  1591. 				*str = 0;
    1592. 

  1592. 				space = 1;
    1593. 

  1593. 				if(incbegin){
    1594. 

  1594. 					argc--;
    1595. 

  1595. 					if((fd = open((char *)incbegin+1, O_RDONLY)) <= 0){
    1596. 

  1596. 						fprintf(stderr, "Failed to open %s\n", incbegin+1);
    1597. 

  1597. 						break;
    1598. 

  1598. 					}
    1599. 

  1599. 					if((*bufsize - *inbuf) <STRINGBUF){
    1600. 

  1600. 						*bufsize += STRINGBUF;
    1601. 

  1601. 						if(!(buf = myrealloc(buf, *bufsize))){
    1602. 

  1602. 							fprintf(stderr, "Failed to allocate memory for %s\n", incbegin+1);
    1603. 

  1603. 							close(fd);
    1604. 

  1604. 							break;
    1605. 

  1605. 						}
    1606. 

  1606. 					}
    1607. 

  1607. 					len = 0;
    1608. 

  1608. 					if(argm[argc]!=(incbegin+1)) {
    1609. 

  1609. 						len = (int)strlen((char *)argm[argc]);
    1610. 

  1610. 						memmove(buf+*inbuf, argm[argc], len);
    1611. 

  1611. 					}
    1612. 

  1612. 					if((res = read(fd, buf+*inbuf+len, STRINGBUF-(1+len))) <= 0) {
    1613. 

  1613. 						perror((char *)incbegin+1);
    1614. 

  1614. 						close(fd);
    1615. 

  1615. 						break;
    1616. 

  1616. 					}
    1617. 

  1617. 					close(fd);
    1618. 

  1618. 					buf[*inbuf+res+len] = 0;
    1619. 

  1619. 					incbegin = buf + *inbuf;
    1620. 

  1620. 					(*inbuf) += (res + len + 1);
    1621. 

  1621. 					included++;
    1622. 

  1622. 					argc+=parsestr(incbegin, argm + argc, nitems - argc, buff, inbuf, bufsize);
    1623. 

  1623. 					included--;
    1624. 

  1624. 					incbegin = NULL;
    1625. 

  1625. 

  1626. 				}
    1627. 

  1627. 				break;
    1628. 

  1628. 			}
    1629. 

  1629. 		default:
    1630. 

  1630. 			if(space) {
    1631. 

  1631. 				if(comment && *str == '\"' && str[1] != '\"'){
    1632. 

  1632. 					str++;
    1633. 

  1633. 					comment = 0;
    1634. 

  1634. 				}
    1635. 

  1635. 				argm[argc++] = str;
    1636. 

  1636. 				if(argc >= nitems) return argc;
    1637. 

  1637. 				space = 0;
    1638. 

  1638. 			}
    1639. 

  1639. 	 }
    1640. 

  1640. 	}
    1641. 

  1641. #undef buf
    1642. 

  1642. }
    1643. 

  1643. 

  1644. 

  1645. int readconfig(FILE * fp){
    1646. 

  1646.  unsigned char ** argv = NULL;
    1647. 

  1647.  unsigned char * buf = NULL;
    1648. 

  1648.   int bufsize = STRINGBUF*2;
    1649. 

  1649.   int inbuf = 0;
    1650. 

  1650.   int argc;
    1651. 

  1651.   struct commands * cm;
    1652. 

  1652.   int res = 0;
    1653. 

  1653. 

  1654.   if( !(buf = myalloc(bufsize)) || ! (argv = myalloc((NPARAMS + 1) * sizeof(unsigned char *))) ) {
    1655. 

  1655. 		fprintf(stderr, "No memory for configuration");
    1656. 

  1656. 		return(10);
    1657. 

  1657.   }
    1658. 

  1658.   for (linenum = 1; fgets((char *)buf, STRINGBUF, fp); linenum++){
    1659. 

  1659. 	if(!*buf || isspace(*buf) || (*buf) == '#')continue;
    1660. 

  1660. 

  1661. 	inbuf = (int)(strlen((char *)buf) + 1);
    1662. 

  1662. 	argc = parsestr (buf, argv, NPARAMS-1, &buf, &inbuf, &bufsize);
    1663. 

  1663. 	if(argc < 1) {
    1664. 

  1664. 		fprintf(stderr, "Parse error line %d\n", linenum);
    1665. 

  1665. 		return(21);
    1666. 

  1666. 	}
    1667. 

  1667. 	argv[argc] = NULL;
    1668. 

  1668. 	if(!strcmp((char *)argv[0], "end") && argc == 1) {	
    1669. 

  1669. 		break;
    1670. 

  1670. 	}
    1671. 

  1671. 	else if(!strcmp((char *)argv[0], "writable") && argc == 1) {	
    1672. 

  1672. 		if(!writable){
    1673. 

  1673. 			writable = freopen(curconf, "r+", fp);
    1674. 

  1674. 			if(!writable){
    1675. 

  1675. 				fprintf(stderr, "Unable to reopen config for writing: %s\n", curconf);
    1676. 

  1676. 				return 1;
    1677. 

  1677. 			}
    1678. 

  1678. 		}
    1679. 

  1679. 		continue;
    1680. 

  1680. 	}
    1681. 

  1681. 

  1682. 	res = 1;
    1683. 

  1683. 	for(cm = commandhandlers; cm; cm = cm->next){
    1684. 

  1684. 		if(!strcmp((char *)argv[0], (char *)cm->command) && argc >= cm->minargs && (!cm->maxargs || argc <= cm->maxargs)){
    1685. 

  1685. 			res = (*cm->handler)(argc, argv);
    1686. 

  1686. 			if(res > 0){
    1687. 

  1687. 				fprintf(stderr, "Command: '%s' failed with code %d, line %d\n", argv[0], res, linenum);
    1688. 

  1688. 				return(linenum);
    1689. 

  1689. 			}
    1690. 

  1690. 			if(!res) break;
    1691. 

  1691. 		}
    1692. 

  1692. 	}
    1693. 

  1693. 	if(res != 1)continue;
    1694. 

  1694. 	fprintf(stderr, "Unknown command: '%s' line %d\n", argv[0], linenum);
    1695. 

  1695. 	return(linenum);
    1696. 

  1696.   }
    1697. 

  1697.   myfree(buf);
    1698. 

  1698.   myfree(argv);
    1699. 

  1699.   return 0;
    1700. 

  1700. 

  1701. }
    1702. 

  1702. 

  1703. 

  1704. 

  1705. void freepwl(struct passwords *pwl){
    1706. 

  1706. 	for(; pwl; pwl = (struct passwords *)itfree(pwl, pwl->next)){
    1707. 

  1707. 		if(pwl->user)myfree(pwl->user);
    1708. 

  1708. 		if(pwl->password)myfree(pwl->password);
    1709. 

  1709. 	}
    1710. 

  1710. }
    1711. 

  1711. 

  1712. 

  1713. void freeconf(struct extparam *confp){
    1714. 

  1714.  struct bandlim * bl;
    1715. 

  1715.  struct bandlim * blout;
    1716. 

  1716.  struct connlim * cl;
    1717. 

  1717.  struct trafcount * tc;
    1718. 

  1718.  struct passwords *pw;
    1719. 

  1719.  struct ace *acl;
    1720. 

  1720.  struct filemon *fm;
    1721. 

  1721.  int counterd, archiverc;
    1722. 

  1722.  unsigned char *logname, *logtarget;
    1723. 

  1723.  unsigned char **archiver;
    1724. 

  1724.  unsigned char * logformat;
    1725. 

  1725. 

  1726.  int i;
    1727. 

  1727. 

  1728. 

  1729. 

  1730. 

  1731.  pthread_mutex_lock(&tc_mutex);
    1732. 

  1732.  confp->trafcountfunc = NULL;
    1733. 

  1733.  tc = confp->trafcounter;
    1734. 

  1734.  confp->trafcounter = NULL;
    1735. 

  1735.  counterd = confp->counterd;
    1736. 

  1736.  confp->counterd = -1;
    1737. 

  1737.  confp->countertype = NONE;
    1738. 

  1738.  pthread_mutex_unlock(&tc_mutex);
    1739. 

  1739. 

  1740.  pthread_mutex_lock(&bandlim_mutex);
    1741. 

  1741.  bl = confp->bandlimiter;
    1742. 

  1742.  blout = confp->bandlimiterout;
    1743. 

  1743.  confp->bandlimiter = NULL;
    1744. 

  1744.  confp->bandlimiterout = NULL;
    1745. 

  1745.  confp->bandlimfunc = NULL;
    1746. 

  1746.  pthread_mutex_unlock(&bandlim_mutex);
    1747. 

  1747.  pthread_mutex_lock(&connlim_mutex);
    1748. 

  1748.  cl = confp->connlimiter;
    1749. 

  1749.  confp->connlimiter = NULL;
    1750. 

  1750.  pthread_mutex_unlock(&connlim_mutex);
    1751. 

  1751. 

  1752.  pthread_mutex_lock(&pwl_mutex);
    1753. 

  1753.  pw = confp->pwl;
    1754. 

  1754.  confp->pwl = NULL;
    1755. 

  1755.  pthread_mutex_unlock(&pwl_mutex);
    1756. 

  1756. 

  1757. 

  1758. /*
    1759. 

  1759.  logtarget = confp->logtarget;
    1760. 

  1760.  confp->logtarget = NULL;
    1761. 

  1761.  logname = confp->logname;
    1762. 

  1762.  confp->logname = NULL;
    1763. 

  1763. */
    1764. 

  1764.  confp->logfunc = lognone;
    1765. 

  1765.  logformat = confp->logformat;
    1766. 

  1766.  confp->logformat = NULL;
    1767. 

  1767.  confp->rotate = 0;
    1768. 

  1768.  confp->logtype = NONE;
    1769. 

  1769.  confp->logtime = confp->time = 0;
    1770. 

  1770. 

  1771.  archiverc = confp->archiverc;
    1772. 

  1772.  confp->archiverc = 0;
    1773. 

  1773.  archiver = confp->archiver;
    1774. 

  1774.  confp->archiver = NULL;
    1775. 

  1775.  fm = confp->fmon;
    1776. 

  1776.  confp->fmon = NULL;
    1777. 

  1777.  confp->bandlimfunc = NULL;
    1778. 

  1778.  memset(&confp->intsa, 0, sizeof(confp->intsa));
    1779. 

  1779.  memset(&confp->extsa, 0, sizeof(confp->extsa));
    1780. 

  1780. #ifndef NOIPV6
    1781. 

  1781.  memset(&confp->extsa6, 0, sizeof(confp->extsa6));
    1782. 

  1782.  *SAFAMILY(&confp->extsa6) = AF_INET6;
    1783. 

  1783. #endif
    1784. 

  1784.  *SAFAMILY(&confp->intsa) = AF_INET;
    1785. 

  1785.  *SAFAMILY(&confp->extsa) = AF_INET;
    1786. 

  1786.  confp->maxchild = 100;
    1787. 

  1787.  resolvfunc = NULL;
    1788. 

  1788.  numservers = 0;
    1789. 

  1789.  acl = confp->acl;
    1790. 

  1790.  confp->acl = NULL;
    1791. 

  1791. 

  1792.  usleep(SLEEPTIME);
    1793. 

  1793. 

  1794.  {
    1795. 

  1795. 	char * args[] = {"auth", "iponly", NULL};
    1796. 

  1796.   	h_auth(2, (unsigned char **)args);
    1797. 

  1797.  }
    1798. 

  1798.  if(tc)dumpcounters(tc,counterd);
    1799. 

  1799.  for(; tc; tc = (struct trafcount *) itfree(tc, tc->next)){
    1800. 

  1800. 	if(tc->comment)myfree(tc->comment);
    1801. 

  1801. 	freeacl(tc->ace);
    1802. 

  1802.  }
    1803. 

  1803. 

  1804.  
    1805. 

  1805.  freeacl(acl);
    1806. 

  1806.  freepwl(pw);
    1807. 

  1807.  for(; bl; bl = (struct bandlim *) itfree(bl, bl->next)) freeacl(bl->ace);
    1808. 

  1808.  for(; blout; blout = (struct bandlim *) itfree(blout, blout->next))freeacl(blout->ace);
    1809. 

  1809.  for(; cl; cl = (struct connlim *) itfree(cl, cl->next)) freeacl(cl->ace);
    1810. 

  1810. 

  1811.  if(counterd != -1) {
    1812. 

  1812. 	close(counterd);
    1813. 

  1813.  }
    1814. 

  1814.  for(; fm; fm = (struct filemon *)itfree(fm, fm->next)){
    1815. 

  1815. 	if(fm->path) myfree(fm->path);
    1816. 

  1816.  }
    1817. 

  1817. /*
    1818. 

  1818.  if(logtarget) {
    1819. 

  1819. 	myfree(logtarget);
    1820. 

  1820.  }
    1821. 

  1821.  if(logname) {
    1822. 

  1822. 	myfree(logname);
    1823. 

  1823.  }
    1824. 

  1824. */
    1825. 

  1825.  if(logformat) {
    1826. 

  1826. 	myfree(logformat);
    1827. 

  1827.  }
    1828. 

  1828.  if(archiver) {
    1829. 

  1829. 	for(i = 0; i < archiverc; i++) myfree(archiver[i]);
    1830. 

  1830. 	myfree(archiver);
    1831. 

  1831.  }
    1832. 

  1832.  havelog = 0;
    1833. 

  1833. }
    1834. 

  1834. 

  1835. int reload (void){
    1836. 

  1836. 	FILE *fp;
    1837. 

  1837. 	int error = -2;
    1838. 

  1838. 

  1839. 	conf.paused++;
    1840. 

  1840. 	freeconf(&conf);
    1841. 

  1841. 	conf.paused++;
    1842. 

  1842. 

  1843. 	fp = confopen();
    1844. 

  1844. 	if(fp){
    1845. 

  1845. 		error = readconfig(fp);
    1846. 

  1846. 		conf.version++;
    1847. 

  1847. 		if(error) {
    1848. 

  1848. 			 freeconf(&conf);
    1849. 

  1849. 		}
    1850. 

  1850. 		if(!writable)fclose(fp);
    1851. 

  1851. 	}
    1852. 

  1852. 	return error;
    1853. 

  1853. }
    1854.