squid3 - some fixes and improvements to squid reverse code

3 files changed, 53 insertions, 33 deletions

diff --git a/config/squid-reverse/squid.inc b/config/squid-reverse/squid.inc
index c1a29ae6..cec4ff32 100644
--- a/config/squid-reverse/squid.inc
+++ b/config/squid-reverse/squid.inc
@@ -86,6 +86,11 @@ function squid_chown_recursive($dir, $user, $group) {
 /* setup cache */
 function squid_dash_z() {
 	global $config;
+
+	//Do nothing if there is no cache config
+	if (!is_array($config['installedpackages']['squidcache']['config']))
+		return;
+		
 	$settings = $config['installedpackages']['squidcache']['config'][0];
 
 	// If the cache system is null, there is no need to initialize the (irrelevant) cache dir.
@@ -752,7 +757,10 @@ function squid_resync_general() {
 	$email = ($settings['admin_email'] ? $settings['admin_email'] : 'admin@localhost');
 
 	$logdir = ($settings['log_dir'] ? $settings['log_dir'] : '/var/squid/logs');
-
+	if (! is_dir($logdir)){
+		make_dirs($logdir);
+		squid_chown_recursive($logdir, 'proxy', 'proxy');
+		}
 	$logdir_cache = $logdir . '/cache.log';
 	$logdir_access = ($settings['log_enabled'] == 'on' ? $logdir . '/access.log' : '/dev/null');
 
@@ -818,9 +826,11 @@ EOD;
 
 function squid_resync_cache() {
 	global $config, $g;
-
-	$settings = $config['installedpackages']['squidcache']['config'][0];
-
+	if (is_array($config['installedpackages']['squidcache']))
+		$settings = $config['installedpackages']['squidcache']['config'][0];
+	else
+		$settings = array();
+	//apply cache settings
 	$cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache');
 	$disk_cache_size = ($settings['harddisk_cache_size'] ? $settings['harddisk_cache_size'] : 100);
 	$level1 = ($settings['level1_subdirs'] ? $settings['level1_subdirs'] : 16);
@@ -832,16 +842,15 @@ function squid_resync_cache() {
 	$memory_policy = ($settings['memory_replacement_policy'] ? $settings['memory_replacement_policy'] : 'heap GDSF');
 	$offline_mode = ($settings['enable_offline'] == 'on' ? 'on' : 'off');
 	$conf = '';
-	
 	if (!isset($settings['harddisk_cache_system'])) {
-		if ($g['platform'] == "nanobsd") {
+		if ($g['platform'] == "nanobsd" || !is_array ($config['installedpackages']['squidcache']['config']))
 			$disk_cache_system = 'null';
-		} else {
+		else
 			$disk_cache_system = 'ufs';
 		}
-	} else {
+	else{
 		$disk_cache_system = $settings['harddisk_cache_system'];
-	}
+		}
 	#'null' storage type dropped. In-memory cache is always present. Remove all cache_dir options to prevent on-disk caching.
 	if ($disk_cache_system != "null") {
 		$disk_cache_opts =	"cache_dir {$disk_cache_system} {$cachedir} {$disk_cache_size} {$level1} 256";
@@ -1374,18 +1383,27 @@ function squid_resync() {
 	/* make sure pinger is executable */
 	if(file_exists("/usr/local/libexec/squid/pinger"))
 		exec("chmod a+x /usr/local/libexec/squid/pinger");
-
+	
+	$log_dir="";
+	#check if squid is enabled
 	if (is_array($config['installedpackages']['squid']['config'])){
+		if ($config['installedpackages']['squid']['config'][0]['active_interface']!= "")
 		$log_dir = $config['installedpackages']['squid']['config'][0]['log_dir'].'/';
-	
+		}
+	#check if squidreverse is enabled
+	else if (is_array($config['installedpackages']['squidreversegeneral']['config'])){
+		if ($config['installedpackages']['squidreversegeneral']['config'][0]['reverse_interface'] != "")
+			$log_dir="/var/squid/logs/";
+		}
+	#do not start squid if there is no log dir
+	if ($log_dir != ""){
 		if(!is_dir($log_dir)) {
 			log_error("Creating squid log dir $log_dir");
 			make_dirs($log_dir);
 			squid_chown_recursive($log_dir, 'proxy', 'proxy');
-		}
+			}
 	
 		squid_dash_z();
-	
 		
 		if (!is_service_running('squid')) {
 			log_error("Starting Squid");
diff --git a/config/squid-reverse/squid_reverse.inc b/config/squid-reverse/squid_reverse.inc
index b208b7b1..6c34b4cb 100644
--- a/config/squid-reverse/squid_reverse.inc
+++ b/config/squid-reverse/squid_reverse.inc
@@ -104,10 +104,10 @@ function squid_resync_reverse() {
  	 foreach ($reverse_peers as $rp){
  		if ($rp['enable'] =="on" && $rp['name'] !="" && $rp['ip'] !="" && $rp['port'] !=""){
  			$conf_peer = "#{$rp['description']}\n";
- 			$conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query originserver login=PASS ";
+ 			$conf_peer .= "cache_peer {$rp['ip']} parent {$rp['port']} 0 proxy-only no-query no-digest originserver login=PASS ";
  			if($rp['protocol'] == 'HTTPS')
 	            	$conf_peer .= "ssl sslflags=DONT_VERIFY_PEER front-end-https=auto ";
-			$conf_peer .= "name={$rp['name']}\n\n";
+			$conf_peer .= "name=rvp_{$rp['name']}\n\n";
 			
 			// add peer only if reverse proxy is enabled for http
 			if($rp['protocol'] == 'HTTP' && $settings['reverse_http'] =="on"){
@@ -116,8 +116,10 @@ function squid_resync_reverse() {
 				}
 			// add peer only if if reverse proxy is enabled for https
 			if($rp['protocol'] == 'HTTPS' && $settings['reverse_https'] =="on"){
-				$conf .= $conf_peer;
- 				array_push($active_peers,$rp['name']);
+				if (!in_array($rp['name'],$active_peers)){
+					$conf .= $conf_peer;
+ 					array_push($active_peers,$rp['name']);
+					}
 				}
  			}
  	}
@@ -150,14 +152,18 @@ function squid_resync_reverse() {
 		if ($rm['enable'] == "on" && $rm['name']!="" && $rm['peers']!=""){
 		    if (is_array($rm['row']))
 				foreach ($rm['row'] as $uri){
-					$url_regex=($uri['vhost'] == ''?$settings['reverse_external_fqdn']:$uri['vhost']);
-					$conf .= "acl {$rm['name']} url_regex -i {$url_regex}/{$uri['uri']}.*$\n";
-					$cache_peer_never_direct_conf .= "never_direct allow {$rm['name']}\n";
-					$http_access_conf .= "http_access allow {$rm['name']}\n";
-					foreach (explode(',',$rm['peers']) as $map_peer)
-						if (in_array($map_peer,$active_peers)){
-							$cache_peer_allow_conf .= "cache_peer_access {$map_peer} allow {$rm['name']}\n";
-							$cache_peer_deny_conf .= "cache_peer_access {$map_peer} deny allsrc\n";
+					$url_regex=($uri['uri'] == '' ? $settings['reverse_external_fqdn'] : $uri['uri'] );
+					//$conf .= "acl rvm_{$rm['name']} url_regex -i {$uri['uri']}{$url_regex}.*$\n";
+					$conf .= "acl rvm_{$rm['name']} url_regex -i {$url_regex}\n";
+					if($rm['name'] != $last_rm_name){
+						$cache_peer_never_direct_conf .= "never_direct allow rvm_{$rm['name']}\n";
+						$http_access_conf .= "http_access allow rvm_{$rm['name']}\n";
+						foreach (explode(',',$rm['peers']) as $map_peer)
+							if (in_array($map_peer,$active_peers)){
+								$cache_peer_allow_conf .= "cache_peer_access rvp_{$map_peer} allow rvm_{$rm['name']}\n";
+								$cache_peer_deny_conf .= "cache_peer_access rvp_{$map_peer} deny allsrc\n";
+							}
+						$last_rm_name=$rm['name'];
 						}
 				}
 	 	}
diff --git a/config/squid-reverse/squid_reverse_uri.xml b/config/squid-reverse/squid_reverse_uri.xml
index e2d64fe9..81c9af3b 100644
--- a/config/squid-reverse/squid_reverse_uri.xml
+++ b/config/squid-reverse/squid_reverse_uri.xml
@@ -135,16 +135,12 @@
 			<type>rowhelper</type>
 			<rowhelper>
 				<rowhelperfield>
-				<fielddescr>URI</fielddescr>
+				<fielddescr><![CDATA[<strong>Url regex to match</strong><br><br>
+									Samples: .mydomain.com .mydomain.com/test<br>
+									www.mydomain.com http://www.mydomain.com/ ^http://www.mydomain.com/.*$]]></fielddescr>
 				<fieldname>uri</fieldname>
 				<type>input</type>
-				<size>25</size>
-			</rowhelperfield>
-			<rowhelperfield>
-				<fielddescr>[http://|https://]vhost fqdn(optional)</fielddescr>
-				<fieldname>vhost</fieldname>
-				<type>input</type>
-				<size>40</size>
+				<size>70</size>
 			</rowhelperfield>
 			</rowhelper>
 		</field>