|
[-]
[+]
|
Deleted |
Pound.spec
|
| @@ -1,190 +0,0 @@
-%define pound_user pound
-%define pound_group pound
-%define pound_home %{_localstatedir}/lib/pound
-
-Name: Pound
-Version: 2.5
-Release: 1%{?dist}
-Summary: Reverse proxy and load balancer
-
-Group: System Environment/Daemons
-License: GPLv3
-URL: http://www.apsis.ch/pound
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-
-
-BuildRequires: openssl-devel, pcre-devel
-
-# tcmalloc doesn't exist on ppc yet (#238390)
-# or sparc arches
-%ifnarch ppc ppc64 sparcv9 sparc64
-BuildRequires: google-perftools-devel
-%endif
-
-Requires(pre): %{_sbindir}/useradd
-Requires(pre): %{_sbindir}/groupadd
-Requires(post): /sbin/chkconfig
-Requires(preun): /sbin/chkconfig, /sbin/service
-Requires(postun): /sbin/service
-
-Source0: http://www.apsis.ch/pound/%{name}-%{version}.tgz
-Source1: pound.init
-Source2: pound.cfg
-Patch0: pound-remove-owner.patch
-
-%description
-The Pound program is a reverse proxy, load balancer and
-HTTPS front-end for Web server(s). Pound was developed
-to enable distributing the load among several Web-servers
-and to allow for a convenient SSL wrapper for those Web
-servers that do not offer it natively. Pound is distributed
-under the GPL - no warranty, it's free to use, copy and
-give away
-
-%prep
-%setup -q
-%patch0 -p1 -b .remove-owner
-
-%build
-%configure
-make %{?_smp_mflags}
-
-%install
-rm -rf %{buildroot}
-make install DESTDIR=%{buildroot}
-
-%{__install} -d %{buildroot}%{pound_home}
-%{__install} -p -D -m 755 %{SOURCE1} %{buildroot}%{_initrddir}/pound
-%{__install} -p -D -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/pound.cfg
-
-mkdir -p %{buildroot}%{_sysconfdir}/pki/tls/certs
-touch %{buildroot}%{_sysconfdir}/pki/tls/certs/pound.pem
-
-%clean
-rm -rf %{buildroot}
-
-%pre
-%{_sbindir}/groupadd -f -r %{pound_group}
-id %{pound_user} >/dev/null 2>&1 || \
- %{_sbindir}/useradd -r -g %{pound_group} -d %{pound_home} -s /sbin/nologin \
- -c "Pound user" %{pound_user}
-
-%post
-/sbin/chkconfig --add pound
-
-# generate dummy certificate
-exec > /dev/null 2> /dev/null
-if [ ! -f %{_sysconfdir}/pki/tls/certs/pound.pem ] ; then
-pushd %{_sysconfdir}/pki/tls/certs
-umask 077
-cat << EOF | make pound.pem
---
-SomeState
-SomeCity
-Pound Example Certificate
-SomeOrganizationalUnit
-localhost.localdomain
-root@localhost.localdomain
-EOF
-chown root:pound pound.pem
-chmod 640 pound.pem
-popd
-fi
-exit 0
-
-%preun
-if [ $1 = 0 ]; then
- /sbin/service pound stop >/dev/null 2>&1
- /sbin/chkconfig --del pound
-fi
-
-%postun
-if [ $1 -ge 1 ] ; then
- /sbin/service pound condrestart > /dev/null 2>&1 || :
-fi
-
-%files
-%defattr(-,root,root,-)
-%doc CHANGELOG FAQ GPL.txt README
-%{_mandir}/man8/pound.8*
-%{_mandir}/man8/poundctl.8*
-%{_sbindir}/pound
-%{_sbindir}/poundctl
-%{_initrddir}/pound
-%config(noreplace) %{_sysconfdir}/pound.cfg
-%ghost %config(noreplace) %{_sysconfdir}/pki/tls/certs/pound.pem
-%attr(-,%{pound_user},%{pound_group}) %dir %{pound_home}
-
-%changelog
-* Sat Nov 20 2010 Carsten Schoene <cs@linux-administrator.com> - 2.5-1
-- update to release 2.5
-
-* Thu Jan 15 2009 Ruben Kerkhof <ruben@rubenkerkhof.com> 2.4.4-1
-- upstream released new version
-
-* Mon Oct 13 2008 Ruben Kerkhof <ruben@rubenkerkhof.com> 2.4.3-1
-- Upstream released new version
-
-* Fri Jun 27 2008 Dennis Gilmore <dennis@ausil.us> 2.4-2
-- sparc arches dont have tcmalloc
-
-* Sat Feb 16 2008 Ruben Kerkhof <ruben@rubenkerkhof.com> 2.4-1
-- New stable version
-
-* Sat Feb 09 2008 Ruben Kerkhof <ruben@rubenkerkhof.com> - 2.4-0.2f
-- Upstream released new version
-
-* Wed Dec 05 2007 Release Engineering <rel-eng at fedoraproject dot org> - 2.4-0.2
-- Rebuild for deps
-
-* Sun Dec 01 2007 Ruben Kerkhof <ruben@rubenkerkhof.com> 2.4.0-1e
-- Update to experimental version 2.4e
-* Thu Aug 16 2007 Ruben Kerkhof <ruben@rubenkerkhof.com> 2.4.0-1d
-- Update to experimental version 2.4d
-- Upstream changed license to GPLv3
-* Wed Jun 04 2007 Ruben Kerkhof <ruben@rubenkerkhof.com> 2.4.0-1c
-- Upstream released new version
-* Sat May 26 2007 Ruben Kerkhof <ruben@rubenkerkhof.com> 2.4.0-2b
-- Disable linking with tcmalloc on ppc (#238390)
-* Fri May 25 2007 Ruben Kerkhof <ruben@rubenkerkhof.com> 2.4-0.1b
-- Update to experimental version 2.4b
-- Better handling of user creation
-- Build with tcmalloc for increased performance
-* Wed Apr 11 2007 Ruben Kerkhof <ruben@rubenkerkhof.com> 2.3-1
-- Update to 2.3
-* Thu Apr 05 2007 <ruben@rubenkerkhof.com> 2.2.8-1
-- Sync with upstream
-* Mon Mar 12 2007 <ruben@rubenkerkhof.com> 2.2.7-1
-- Sync with upstream
-* Sun Mar 04 2007 <ruben@rubenkerkhof.com> 2.2.6-1
-- Sync with upstream
-* Wed Feb 21 2007 <ruben@rubenkerkhof.com> 2.2.5-1
-- Sync with upstream
-* Sat Feb 10 2007 <ruben@rubenkerkhof.com> 2.2.4-1
-- Sync with upstream
-* Sat Jan 20 2007 <ruben@rubenkerkhof.com> 2.2.3-1
-- Fix problems in bad 2.2.2 release
-* Mon Jan 15 2007 <ruben@rubenkerkhof.com> 2.2.2-1
-- Sync with upstream
-* Wed Jan 03 2007 <ruben@rubenkerkhof.com> 2.2.1-1
-- Sync with new beta release from upstream
-* Sun Dec 17 2006 <ruben@rubenkerkhof.com> 2.2-2
-- Fixed empty debuginfo rpm (bz 219942)
-* Sat Dec 16 2006 <ruben@rubenkerkhof.com> 2.2-1
-- Sync with upstream
-* Sat Dec 09 2006 <ruben@rubenkerkhof.com> 2.1.8-1
-- Sync with upstream
-* Thu Dec 07 2006 <ruben@rubenkerkhof.com> 2.1.7-1
-- Sync with upstream
-* Wed Nov 08 2006 <ruben@rubenkerkhof.com> 2.1.6-2
-- Changed hardcoded paths into rpmmacros
-* Mon Nov 06 2006 <ruben@rubenkerkhof.com> 2.1.6-1
-- Synced with upstream version
-- Changed Summary
-- Added an init script
-- Added pound.cfg with an example configuration
-- Added pound user and group
-- A self-signed ssl certificate is created in %%post
-* Fri Nov 03 2006 <ruben@rubenkerkhof.com> 2.1.5-1
-- initial version
-
|
|
[-]
[+]
|
Added |
pound.spec
^
|
|
|
|
[-]
[+]
|
Deleted |
pound-remove-owner.patch
^
|
| @@ -1,18 +0,0 @@
---- Pound-2.2.3/Makefile.in.remove-owner 2007-01-21 01:45:44.000000000 +0100
-+++ Pound-2.2.3/Makefile.in 2007-01-21 01:46:59.000000000 +0100
-@@ -50,11 +50,11 @@
-
- install: all
- @INSTALL@ -d ${DESTDIR}@sbindir@
-- @INSTALL@ -o @I_OWNER@ -g @I_GRP@ -m 555 pound ${DESTDIR}@sbindir@/pound
-- @INSTALL@ -o @I_OWNER@ -g @I_GRP@ -m 555 poundctl ${DESTDIR}@sbindir@/poundctl
-+ @INSTALL@ -p -m 755 pound ${DESTDIR}@sbindir@/pound
-+ @INSTALL@ -p -m 755 poundctl ${DESTDIR}@sbindir@/poundctl
- @INSTALL@ -d ${DESTDIR}@mandir@/man8
-- @INSTALL@ -o @I_OWNER@ -g @I_GRP@ -m 644 pound.8 ${DESTDIR}@mandir@/man8/pound.8
-- @INSTALL@ -o @I_OWNER@ -g @I_GRP@ -m 644 poundctl.8 ${DESTDIR}@mandir@/man8/poundctl.8
-+ @INSTALL@ -p -m 644 pound.8 ${DESTDIR}@mandir@/man8/pound.8
-+ @INSTALL@ -p -m 644 poundctl.8 ${DESTDIR}@mandir@/man8/poundctl.8
-
- clean:
- rm -f pound $(OBJS) poundctl poundctl.o
|
|
[-]
[+]
|
Added |
pound.diff
^
|
| @@ -0,0 +1,18 @@
+--- Makefile.in
++++ Makefile.in
+@@ -50,11 +50,11 @@
+
+ install: all
+ @INSTALL@ -d ${DESTDIR}@sbindir@
+- @INSTALL@ -o @I_OWNER@ -g @I_GRP@ -m 555 pound ${DESTDIR}@sbindir@/pound
+- @INSTALL@ -o @I_OWNER@ -g @I_GRP@ -m 555 poundctl ${DESTDIR}@sbindir@/poundctl
++ @INSTALL@ -m 555 pound ${DESTDIR}@sbindir@/pound
++ @INSTALL@ -m 755 poundctl ${DESTDIR}@sbindir@/poundctl
+ @INSTALL@ -d ${DESTDIR}@mandir@/man8
+- @INSTALL@ -o @I_OWNER@ -g @I_GRP@ -m 644 pound.8 ${DESTDIR}@mandir@/man8/pound.8
+- @INSTALL@ -o @I_OWNER@ -g @I_GRP@ -m 644 poundctl.8 ${DESTDIR}@mandir@/man8/poundctl.8
++ @INSTALL@ -m 644 pound.8 ${DESTDIR}@mandir@/man8/pound.8
++ @INSTALL@ -m 644 poundctl.8 ${DESTDIR}@mandir@/man8/poundctl.8
+
+ clean:
+ rm -f pound $(OBJS) poundctl poundctl.o
|
|
[-]
[+]
|
Changed |
Pound-2.4.3.tar.bz2/CHANGELOG
^
|
| @@ -1,41 +1,4 @@
------------------------------------------------------------------------
-r61 | roseg | 2009-06-29 17:53:55 +0200 (Mon, 29 Jun 2009) | 13 lines
-
-Release 2.4.5
-
-Stable release 2.4.5
-
-Enhancements:
- - log back-end killed/disabled/enabled (thanks to Joe Gooch and Jon Garvin)
- - kill a BE on connection failure only if it has no HAport defined (thanks to Albert); the request may still fail!
-
-Bug fixes:
- - fixed parantheses problems in need_rewrite (thanks to SBR)
- - added call to free_headers in http.c (thanks to SBR)
- - fixed maximal path length in UNIX domain sockets (thanks to Ricardo Gameiro)
-
-------------------------------------------------------------------------
-r60 | roseg | 2009-01-14 17:39:52 +0100 (Wed, 14 Jan 2009) | 18 lines
-
-Release 2.4.4
-
-Stable release 2.4.4
-
-Enhancements:
- - added support for UNSUBSCRIBE and NOTIFY in xHTTP 3 and 4
- - added support for BPROPFIND in xHTTP 4
- - on SSL connections always pass the cipher used to the back-end (thanks to Magnus Sandin)
-
-Bug fixes:
- - save and restore errno value in cur_time() (thanks to Albert)
- - fixed problem in timer thread (thanks to Albert)
- - added shutdown for failed socket connection (thanks to Albert)
- - fixed problem with CC containing spaces in Makefile.in (thanks to Elan Ruusamäe)
- - increased MAXBUF to default 4096
- - increased T_RSA default to 30 minutes
- - fixed a problem with Unix sockets back-ends (thanks to Ricardo Gameiro)
-
-------------------------------------------------------------------------
r59 | roseg | 2008-05-31 12:25:41 +0200 (Sat, 31 May 2008) | 11 lines
Release 2.4.3
|
|
[-]
[+]
|
Changed |
Pound-2.4.3.tar.bz2/Makefile.in
^
|
| @@ -24,7 +24,7 @@
# Tel: +41-44-920 4904
# EMail: roseg@apsis.ch
-CC=@PTHREAD_CC@
+CC="@PTHREAD_CC@"
VERSION="@PACKAGE_VERSION@"
C_SSL="@C_SSL@"
C_T_RSA="@C_T_RSA@"
|
|
[-]
[+]
|
Changed |
Pound-2.4.3.tar.bz2/README
^
|
| @@ -128,7 +128,7 @@
--disable-super -- disable supervisor process (default: enabled)
--with-t_rsa=nnn -- timeout of the RSA ephemeral keys regeneration
- (default: 1800 seconds).
+ (default: 300 seconds).
--with-owner=owner -- name of installed binaries owner (default is
system-dependent).
|
|
[-]
[+]
|
Changed |
Pound-2.4.3.tar.bz2/config.c
^
|
| @@ -86,8 +86,8 @@
"^(GET|POST|HEAD) ([^ ]+) HTTP/1.[01]$",
"^(GET|POST|HEAD|PUT|DELETE) ([^ ]+) HTTP/1.[01]$",
"^(GET|POST|HEAD|PUT|DELETE|LOCK|UNLOCK|PROPFIND|PROPPATCH|SEARCH|MKCOL|MOVE|COPY|OPTIONS|TRACE|MKACTIVITY|CHECKOUT|MERGE|REPORT) ([^ ]+) HTTP/1.[01]$",
- "^(GET|POST|HEAD|PUT|DELETE|LOCK|UNLOCK|PROPFIND|PROPPATCH|SEARCH|MKCOL|MOVE|COPY|OPTIONS|TRACE|MKACTIVITY|CHECKOUT|MERGE|REPORT|SUBSCRIBE|UNSUBSCRIBE|BPROPPATCH|POLL|BMOVE|BCOPY|BDELETE|BPROPFIND|NOTIFY|CONNECT) ([^ ]+) HTTP/1.[01]$",
- "^(GET|POST|HEAD|PUT|DELETE|LOCK|UNLOCK|PROPFIND|PROPPATCH|SEARCH|MKCOL|MOVE|COPY|OPTIONS|TRACE|MKACTIVITY|CHECKOUT|MERGE|REPORT|SUBSCRIBE|UNSUBSCRIBE|BPROPPATCH|POLL|BMOVE|BCOPY|BDELETE|BPROPFIND|NOTIFY|CONNECT|RPC_IN_DATA|RPC_OUT_DATA) ([^ ]+) HTTP/1.[01]$",
+ "^(GET|POST|HEAD|PUT|DELETE|LOCK|UNLOCK|PROPFIND|PROPPATCH|SEARCH|MKCOL|MOVE|COPY|OPTIONS|TRACE|MKACTIVITY|CHECKOUT|MERGE|REPORT|SUBSCRIBE|BPROPPATCH|POLL|BMOVE|BCOPY|BDELETE|CONNECT) ([^ ]+) HTTP/1.[01]$",
+ "^(GET|POST|HEAD|PUT|DELETE|LOCK|UNLOCK|PROPFIND|PROPPATCH|SEARCH|MKCOL|MOVE|COPY|OPTIONS|TRACE|MKACTIVITY|CHECKOUT|MERGE|REPORT|SUBSCRIBE|BPROPPATCH|POLL|BMOVE|BCOPY|BDELETE|CONNECT|RPC_IN_DATA|RPC_OUT_DATA) ([^ ]+) HTTP/1.[01]$",
};
static int log_level = 1;
@@ -140,18 +140,11 @@
res->addr.ai_socktype = SOCK_STREAM;
res->addr.ai_family = AF_UNIX;
res->addr.ai_protocol = 0;
- if((res->addr.ai_addr = (struct sockaddr *)malloc(sizeof(struct sockaddr_un))) == NULL) {
+ if((res->addr.ai_addr = (struct sockaddr *)strdup(lin + matches[1].rm_so)) == NULL) {
logmsg(LOG_ERR, "line %d: out of memory", n_lin);
exit(1);
}
- if((strlen(lin + matches[1].rm_so) + 1) > UNIX_PATH_MAX) {
- logmsg(LOG_ERR, "line %d: UNIX path name too long (greater than %d)", n_lin, UNIX_PATH_MAX - 1);
- exit(1);
- }
res->addr.ai_addrlen = strlen(lin + matches[1].rm_so) + 1;
- res->addr.ai_addr->sa_family = AF_UNIX;
- strcpy(res->addr.ai_addr->sa_data, lin + matches[1].rm_so);
- res->addr.ai_addrlen = sizeof( struct sockaddr_un );
}
has_addr = 1;
} else if(!regexec(&Port, lin, 4, matches, 0)) {
|
|
[-]
[+]
|
Changed |
Pound-2.4.3.tar.bz2/configure
^
|
| @@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.61 for pound 2.4.5.
+# Generated by GNU Autoconf 2.61 for pound 2.4.3.
#
# Report bugs to <roseg@apsis.ch>.
#
@@ -574,8 +574,8 @@
# Identity of this package.
PACKAGE_NAME='pound'
PACKAGE_TARNAME='pound'
-PACKAGE_VERSION='2.4.5'
-PACKAGE_STRING='pound 2.4.5'
+PACKAGE_VERSION='2.4.3'
+PACKAGE_STRING='pound 2.4.3'
PACKAGE_BUGREPORT='roseg@apsis.ch'
ac_unique_file="pound.c"
@@ -1204,7 +1204,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures pound 2.4.5 to adapt to many kinds of systems.
+\`configure' configures pound 2.4.3 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1270,7 +1270,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of pound 2.4.5:";;
+ short | recursive ) echo "Configuration of pound 2.4.3:";;
esac
cat <<\_ACEOF
@@ -1287,7 +1287,7 @@
--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
--with-ssl=directory location of OpenSSL package
--with-t_rsa=nnn Time-out for RSA ephemeral keys generation
- --with-maxbuf=nnn Value of the MAXBUF parameter (default: 4096)
+ --with-maxbuf=nnn Value of the MAXBUF parameter (default: 1024)
--with-owner=name The account that will own the files installed by
Pound
--with-group=name The group that will own the files installed by Pound
@@ -1366,7 +1366,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-pound configure 2.4.5
+pound configure 2.4.3
generated by GNU Autoconf 2.61
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1380,7 +1380,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by pound $as_me 2.4.5, which was
+It was created by pound $as_me 2.4.3, which was
generated by GNU Autoconf 2.61. Invocation command line was
$ $0 $@
@@ -7539,7 +7539,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by pound $as_me 2.4.5, which was
+This file was extended by pound $as_me 2.4.3, which was
generated by GNU Autoconf 2.61. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -7588,7 +7588,7 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-pound config.status 2.4.5
+pound config.status 2.4.3
configured by $0, generated by GNU Autoconf 2.61,
with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
|
|
[-]
[+]
|
Changed |
Pound-2.4.3.tar.bz2/http.c
^
|
| @@ -443,11 +443,8 @@
#ifdef HAVE_GETTIMEOFDAY
struct timeval tv;
struct timezone tz;
- int sv_errno;
- sv_errno = errno;
gettimeofday(&tv, &tz);
- errno = sv_errno;
return tv.tv_sec * 1000000.0 + tv.tv_usec;
#else
return time(NULL) * 1000000.0;
@@ -487,8 +484,8 @@
int cl_11, be_11, res, chunked, n, sock, no_cont, skip, conn_closed, force_10, sock_proto;
LISTENER *lstn;
SERVICE *svc;
- BACKEND *backend, *cur_backend, *old_backend;
- struct addrinfo from_host, z_addr;
+ BACKEND *backend, *cur_backend;
+ struct addrinfo from_host;
struct sockaddr_storage from_host_addr;
BIO *cl, *be, *bb, *b64;
X509 *x509;
@@ -785,20 +782,9 @@
if(connect_nb(sock, &backend->addr, backend->to) < 0) {
str_be(buf, MAXBUF - 1, backend);
logmsg(LOG_WARNING, "(%lx) backend %s connect: %s", pthread_self(), buf, strerror(errno));
- shutdown(sock, 2);
close(sock);
- /*
- * kill the back-end only if no HAport is defined for it
- * otherwise allow the HAport mechanism to do its job
- */
- memset(&z_addr, 0, sizeof(z_addr));
- if(memcmp(&(backend->ha_addr), &(z_addr), sizeof(z_addr)) == 0)
- kill_be(svc, backend, BE_KILL);
- /*
- * ...but make sure we don't get into a loop with the same back-end
- */
- old_backend = backend;
- if((backend = get_backend(svc, &from_host, url, &headers[1])) == NULL || backend == old_backend) {
+ kill_be(svc, backend, BE_KILL);
+ if((backend = get_backend(svc, &from_host, url, &headers[1])) == NULL) {
addr2str(caddr, MAXBUF - 1, &from_host, 1);
logmsg(LOG_NOTICE, "(%lx) e503 no back-end \"%s\" from %s", pthread_self(), request, caddr);
err_reply(cl, h503, lstn->err503);
@@ -898,7 +884,6 @@
logmsg(LOG_WARNING, "(%lx) e500 error write HTTPSHeader to %s: %s (%.3f sec)",
pthread_self(), buf, strerror(errno), (end_req - start_req) / 1000000.0);
err_reply(cl, h500, lstn->err500);
- free_headers(headers);
clean_all();
pthread_exit(NULL);
}
@@ -909,20 +894,6 @@
if(cur_backend->be_type == 0 && ssl != NULL) {
SSL_CIPHER *cipher;
- if((cipher = SSL_get_current_cipher(ssl)) != NULL) {
- SSL_CIPHER_description(cipher, buf, MAXBUF - 1);
- strip_eol(buf);
- if(BIO_printf(be, "X-SSL-cipher: %s\r\n", buf) <= 0) {
- str_be(buf, MAXBUF - 1, cur_backend);
- end_req = cur_time();
- logmsg(LOG_WARNING, "(%lx) e500 error write X-SSL-cipher to %s: %s (%.3f sec)",
- pthread_self(), buf, strerror(errno), (end_req - start_req) / 1000000.0);
- err_reply(cl, h500, lstn->err500);
- clean_all();
- pthread_exit(NULL);
- }
- }
-
if(lstn->clnt_check > 0 && x509 != NULL && (bb = BIO_new(BIO_s_mem())) != NULL) {
X509_NAME_print_ex(bb, X509_get_subject_name(x509), 8, XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB);
get_line(bb, buf, MAXBUF);
@@ -1046,6 +1017,19 @@
}
}
#endif
+ if((cipher = SSL_get_current_cipher(ssl)) != NULL) {
+ SSL_CIPHER_description(cipher, buf, MAXBUF - 1);
+ strip_eol(buf);
+ if(BIO_printf(be, "X-SSL-cipher: %s\r\n", buf) <= 0) {
+ str_be(buf, MAXBUF - 1, cur_backend);
+ end_req = cur_time();
+ logmsg(LOG_WARNING, "(%lx) e500 error write X-SSL-cipher to %s: %s (%.3f sec)",
+ pthread_self(), buf, strerror(errno), (end_req - start_req) / 1000000.0);
+ err_reply(cl, h500, lstn->err500);
+ clean_all();
+ pthread_exit(NULL);
+ }
+ }
BIO_free_all(bb);
}
}
|
|
[-]
[+]
|
Changed |
Pound-2.4.3.tar.bz2/pound.8
^
|
| @@ -340,8 +340,8 @@
CHECKOUT, MERGE, REPORT).
.IP
.I 3
-additionally allow MS extensions WebDAV verbs (SUBSCRIBE, UNSUBSCRIBE,
-NOTIFY, BPROPFIND, BPROPPATCH, POLL, BMOVE, BCOPY, BDELETE, CONNECT).
+additionally allow MS extensions WebDAV verbs (SUBSCRIBE, BPROPPATCH,
+POLL, BMOVE, BCOPY, BDELETE, CONNECT).
.IP
.I 4
additionally allow MS RPC extensions verbs (RPC_IN_DATA, RPC_OUT_DATA).
|
|
[-]
[+]
|
Changed |
Pound-2.4.3.tar.bz2/pound.h
^
|
| @@ -97,11 +97,6 @@
#error "Pound needs sys/un.h"
#endif
-#ifndef UNIX_PATH_MAX
-/* on Linux this is defined in linux/un.h rather than sys/un.h - go figure */
-#define UNIX_PATH_MAX 108
-#endif
-
#if HAVE_NETINET_IN_H
#include <netinet/in.h>
#else
@@ -265,7 +260,7 @@
#endif /* NO_EXTERNALS */
#ifndef MAXBUF
-#define MAXBUF 4096
+#define MAXBUF 1024
#endif
#define MAXHEADERS 128
@@ -521,7 +516,7 @@
*/
#define N_RSA_KEYS 11
#ifndef T_RSA_KEYS
-#define T_RSA_KEYS 1800
+#define T_RSA_KEYS 300
#endif
/*
|
|
[-]
[+]
|
Changed |
Pound-2.4.3.tar.bz2/poundctl.c
^
|
| @@ -55,36 +55,36 @@
static char *
prt_addr(const struct addrinfo *addr)
{
- static char res[UNIX_PATH_MAX];
- char buf[UNIX_PATH_MAX];
+ static char res[64];
+ char buf[64];
int port;
void *src;
- memset(buf, 0, UNIX_PATH_MAX);
+ memset(buf, 0, 64);
#ifdef HAVE_INET_NTOP
switch(addr->ai_family) {
case AF_INET:
src = (void *)&((struct sockaddr_in *)addr->ai_addr)->sin_addr.s_addr;
port = ntohs(((struct sockaddr_in *)addr->ai_addr)->sin_port);
- if(inet_ntop(AF_INET, src, buf, UNIX_PATH_MAX - 1) == NULL)
- strncpy(buf, "(UNKNOWN)", UNIX_PATH_MAX - 1);
+ if(inet_ntop(AF_INET, src, buf, 63) == NULL)
+ strncpy(buf, "(UNKNOWN)", 63);
break;
case AF_INET6:
src = (void *)&((struct sockaddr_in6 *)addr->ai_addr)->sin6_addr.s6_addr;
port = ntohs(((struct sockaddr_in6 *)addr->ai_addr)->sin6_port);
- if(inet_ntop(AF_INET6, src, buf, UNIX_PATH_MAX - 1) == NULL)
- strncpy(buf, "(UNKNOWN)", UNIX_PATH_MAX - 1);
+ if(inet_ntop(AF_INET6, src, buf, 63) == NULL)
+ strncpy(buf, "(UNKNOWN)", 63);
break;
case AF_UNIX:
- strncpy(buf, (char *)addr->ai_addr, UNIX_PATH_MAX - 1);
+ strncpy(buf, (char *)addr->ai_addr, 63);
port = 0;
break;
default:
- strncpy(buf, "(UNKNOWN)", UNIX_PATH_MAX - 1);
+ strncpy(buf, "(UNKNOWN)", 63);
port = 0;
break;
}
- snprintf(res, UNIX_PATH_MAX - 1, "%s:%d", buf, port);
+ snprintf(res, 63, "%s:%d", buf, port);
#else
#error "Pound needs inet_ntop()"
#endif
|
|
[-]
[+]
|
Changed |
Pound-2.4.3.tar.bz2/svc.c
^
|
| @@ -558,7 +558,6 @@
{
BACKEND *b;
int ret_val;
- char buf[MAXBUF];
if(ret_val = pthread_mutex_lock(&svc->mut))
logmsg(LOG_WARNING, "kill_be() lock: %s", strerror(ret_val));
@@ -568,18 +567,12 @@
switch(disable_mode) {
case BE_DISABLE:
b->disabled = 1;
- str_be(buf, MAXBUF - 1, b);
- logmsg(LOG_NOTICE, "(%lx) BackEnd %s disabled", pthread_self(), buf);
break;
case BE_KILL:
b->alive = 0;
- str_be(buf, MAXBUF - 1, b);
- logmsg(LOG_NOTICE, "(%lx) BackEnd %s dead (killed)", pthread_self(), buf);
t_clean(svc->sessions, &be, sizeof(be));
break;
case BE_ENABLE:
- str_be(buf, MAXBUF - 1, b);
- logmsg(LOG_NOTICE, "(%lx) BackEnd %s enabled", pthread_self(), buf);
b->disabled = 0;
break;
default:
@@ -756,8 +749,8 @@
* check if the Location points to the Listener but with the wrong port or protocol
*/
if(memcmp(&be_addr.sin_addr.s_addr, &in_addr.sin_addr.s_addr, sizeof(in_addr.sin_addr.s_addr)) == 0
- && (memcmp(&be_addr.sin_port, &in_addr.sin_port, sizeof(in_addr.sin_port)) != 0
- || strcasecmp(proto, (lstn->ctx == NULL)? "http": "https"))) {
+ && (memcmp(&be_addr.sin_port, &in_addr.sin_port, sizeof(in_addr.sin_port) != 0
+ || strcasecmp(proto, (lstn->ctx == NULL)? "http": "https")))) {
free(addr.ai_addr);
return 1;
}
@@ -768,8 +761,8 @@
* check if the Location points to the Listener but with the wrong port or protocol
*/
if(memcmp(&be6_addr.sin6_addr.s6_addr, &in6_addr.sin6_addr.s6_addr, sizeof(in6_addr.sin6_addr.s6_addr)) == 0
- && (memcmp(&be6_addr.sin6_port, &in6_addr.sin6_port, sizeof(in6_addr.sin6_port)) != 0
- || strcasecmp(proto, (lstn->ctx == NULL)? "http": "https"))) {
+ && (memcmp(&be6_addr.sin6_port, &in6_addr.sin6_port, sizeof(in6_addr.sin6_port) != 0
+ || strcasecmp(proto, (lstn->ctx == NULL)? "http": "https")))) {
free(addr.ai_addr);
return 1;
}
@@ -1360,19 +1353,19 @@
if((n_remain = n_wait - (cur_time - last_time)) > 0)
sleep(n_remain);
last_time = time(NULL);
- if((last_time - last_RSA) >= T_RSA_KEYS) {
+ if((last_time - last_RSA) > T_RSA_KEYS) {
last_RSA = time(NULL);
do_RSAgen();
}
- if((last_time - last_rescale) >= RESCALE_TO) {
+ if((last_time - last_rescale) > RESCALE_TO) {
last_rescale = time(NULL);
do_rescale();
}
- if((last_time - last_alive) >= alive_to) {
+ if((last_time - last_alive) > alive_to) {
last_alive = time(NULL);
do_resurect();
}
- if((last_time - last_expire) >= EXPIRE_TO) {
+ if((last_time - last_expire) > EXPIRE_TO) {
last_expire = time(NULL);
do_expire();
}
@@ -1406,7 +1399,6 @@
write(a->control_sock, t->key, sz);
return;
}
-
IMPLEMENT_LHASH_DOALL_ARG_FN(t_dump, TABNODE *, void *)
/*
|
|
|
Deleted |
Pound-2.5.tgz
^
|
|
|
Added |
debian.tar.gz
^
|
|
[-]
[+]
|
Added |
init.pound
^
|
| @@ -0,0 +1,72 @@
+#! /bin/sh
+# Copyright (c) 1995-1998 SuSE GmbH Nuernberg, Germany.
+#
+# Author: adrian@suse.de, template by ro@suse.de
+#
+# /etc/init.d/pound
+# and its symbolic link
+# /usr/sbin/rcpound
+#
+### BEGIN INIT INFO
+# Provides: pound
+# Required-Start: $time $remote_fs $named $syslog
+# Required-Stop:
+# Default-Start: 3 5
+# Default-Stop: 0 1 2 4 6
+# Description: A lightweight HTTP proxy
+# Short-Description: A lightweight HTTP proxy
+### END INIT INFO
+
+. /etc/rc.status
+
+
+# Determine the base and follow a runlevel link name.
+base=${0##*/}
+link=${base#*[SK][0-9][0-9]}
+
+# Force execution if not called by a runlevel directory.
+test -x /usr/sbin/pound || exit 0
+
+rc_reset
+case "$1" in
+ start)
+ echo -n "Starting Pound HTTP Proxy"
+ startproc /usr/sbin/pound
+ rc_status -v
+ ;;
+ stop)
+ echo -n "Shutting down Pound HTTP Proxy"
+ killproc -TERM /usr/sbin/pound
+ rc_status -v
+ ;;
+ restart)
+ ## If first returns OK call the second, if first or
+ ## second command fails, set echo return value.
+ $0 stop && $0 start
+ rc_status
+ ;;
+ force-reload)
+ ## If first returns OK call the second, if first or
+ ## second command fails, set echo return value.
+ $0 stop; sleep 1 && $0 start
+ rc_status
+ ;;
+ reload)
+ $0 stop; sleep 1 && $0 start
+ rc_status
+ ;;
+ status)
+ echo -n "Checking for Pound HTTP Proxy Daemon: "
+ checkproc /usr/sbin/pound
+ rc_status -v
+ ;;
+ configtest)
+ echo "Checking Pound configuration ..."
+ eval /usr/sbin/pound -c
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|status|restart|reload|configtest}"
+ exit 1
+ ;;
+esac
+rc_exit
|
|
[-]
[+]
|
Changed |
pound.cfg
^
|
| @@ -1,35 +1,22 @@
-#
-# Default pound.cfg
-#
-# Pound listens on port 80 for HTTP and port 443 for HTTPS
-# and distributes requests to 2 backends running on localhost.
-# see pound(8) for configuration directives.
-# You can enable/disable backends with poundctl(8).
-#
+# This is a simple configuration example.
+# It sends all requests from port 80 to port 8080 on the same machine.
-User "pound"
+# Start pound as User with Group
+User "pound"
Group "pound"
-Control "/var/lib/pound/pound.cfg"
+# Replace "localhost" by your IP or host name
ListenHTTP
- Address 0.0.0.0
- Port 80
-End
+ Address localhost
+ Port 80
-ListenHTTPS
- Address 0.0.0.0
- Port 443
- Cert "/etc/pki/tls/certs/pound.pem"
-End
+ Service
+ HeadRequire "Host: .*localhost.*"
-Service
- BackEnd
- Address 127.0.0.1
- Port 8000
- End
-
- BackEnd
- Address 127.0.0.1
- Port 8001
+ BackEnd
+ Address localhost
+ Port 8080
+ End
End
End
+
|
|
[-]
[+]
|
Added |
pound.dsc
^
|
| @@ -0,0 +1,13 @@
+Format: 1.0
+Source: pound
+Binary: pound
+Architecture: any
+Version: 2.4.1-1
+Maintainer: Michael Mende <debian@menole.net>
+Uploaders: Michael Piefel <piefel@debian.org>
+Homepage: http://www.apsis.ch/pound/
+Standards-Version: 3.7.3
+Build-Depends: autotools-dev, debhelper (>= 5), libpcre3-dev, libssl-dev (>= 0.9.7)
+Files:
+ 16450962d535215719442955f6101829 169138 Pound-2.4.1.tar.gz
+ 28db12afac91ca5c28b09a7ead069e56 6188 pound_2.4-2.diff.gz
|
|
[-]
[+]
|
Deleted |
pound.init
^
|
| @@ -1,62 +0,0 @@
-#!/bin/bash
-#
-# pound This shell script starts the Pound load-balancer
-#
-# Author: Ruben Kerkhof <ruben@rubenkerkhof.com>
-#
-# chkconfig: - 85 15
-#
-# description: Pound is a reverse proxy and load-balancer
-# processname: pound
-# config: /etc/pound.cfg
-# pidfile: /var/run/pound.pid
-#
-
-# source function library
-. /etc/rc.d/init.d/functions
-
-RETVAL=0
-
-start() {
- echo -n $"Starting Pound: "
- daemon pound
- RETVAL=$?
- echo
- [ $RETVAL -eq 0 ] && touch /var/lock/subsys/pound
-}
-
-stop() {
- echo -n $"Stopping Pound: "
- killproc pound
- echo
- [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/pound
-}
-
-restart() {
- stop
- start
-}
-
-case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- restart|force-reload|reload)
- restart
- ;;
- condrestart)
- [ -f /var/lock/subsys/pound ] && restart
- ;;
- status)
- status pound
- RETVAL=$?
- ;;
- *)
- echo $"Usage: $0 {start|stop|status|restart|reload|force-reload|condrestart}"
- exit 1
-esac
-
-exit $RETVAL
|
