From: Fabian Keil Date: Mon, 20 Feb 2017 13:44:32 +0000 (+0000) Subject: Add a 'trusted-cgi-referrer' directive X-Git-Tag: v_3_0_27~220 X-Git-Url: http://www.privoxy.org/gitweb/%22https:/faq/developer-manual/man-page/static/trouble.html?a=commitdiff_plain;h=a9f0837233938408364f067bf89def53b677f68f;p=privoxy.git Add a 'trusted-cgi-referrer' directive It allows to configure another page or site that can be used to reach sensitive CGI ressources. Example: trusted-cgi-referer http://www.example.org/blafasel Currently the parameter is a vanilla string (not a regular expression) and has to match the beginning of the Referer the client used to reach a harmful ressource. Sponsored by: Robert Klemme --- diff --git a/cgi.c b/cgi.c index b96dd431..7c84b69f 100644 --- a/cgi.c +++ b/cgi.c @@ -1,4 +1,4 @@ -const char cgi_rcs[] = "$Id: cgi.c,v 1.169 2017/01/23 13:05:26 fabiankeil Exp $"; +const char cgi_rcs[] = "$Id: cgi.c,v 1.170 2017/01/23 16:12:18 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/cgi.c,v $ @@ -441,6 +441,7 @@ static int referrer_is_safe(const struct client_state *csp) { char *referrer; static const char alternative_prefix[] = "http://" CGI_SITE_1_HOST "/"; + const char *trusted_cgi_referrer = csp->config->trusted_cgi_referrer; referrer = grep_cgi_referrer(csp); @@ -459,6 +460,18 @@ static int referrer_is_safe(const struct client_state *csp) return TRUE; } + else if ((trusted_cgi_referrer != NULL) && (0 == strncmp(referrer, + trusted_cgi_referrer, strlen(trusted_cgi_referrer)))) + { + /* + * After some more testing this block should be merged with + * the previous one or the log level should bedowngraded. + */ + log_error(LOG_LEVEL_INFO, "Granting access to %s based on trusted referrer %s", + csp->http->url, referrer); + + return TRUE; + } else { /* Untrustworthy referrer */ diff --git a/loadcfg.c b/loadcfg.c index b4a43ac8..5870e9f3 100644 --- a/loadcfg.c +++ b/loadcfg.c @@ -1,4 +1,4 @@ -const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.153 2016/05/22 12:43:07 fabiankeil Exp $"; +const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.154 2016/09/27 22:48:28 ler762 Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/loadcfg.c,v $ @@ -168,6 +168,7 @@ static struct file_list *current_configfile = NULL; #define hash_toggle 447966U /* "toggle" */ #define hash_trust_info_url 430331967U /* "trust-info-url" */ #define hash_trust_x_forwarded_for 2971537414U /* "trust-x-forwarded-for" */ +#define hash_trusted_cgi_referrer 4270883427U /* "trusted-cgi-referrer" */ #define hash_trustfile 56494766U /* "trustfile" */ #define hash_usermanual 1416668518U /* "user-manual" */ #define hash_activity_animation 1817904738U /* "activity-animation" */ @@ -257,6 +258,7 @@ static void unload_configfile (void * data) freez(config->proxy_info_url); freez(config->proxy_args); freez(config->usermanual); + freez(config->trusted_cgi_referrer); #ifdef FEATURE_TRUST freez(config->trustfile); @@ -602,6 +604,7 @@ struct configuration_spec * load_config(void) config->client_tag_lifetime = 60; #endif config->trust_x_forwarded_for = 0; + config->trusted_cgi_referrer = NULL; /* * 128 client sockets ought to be enough for everybody who can't * be bothered to read the documentation to figure out how to @@ -1597,6 +1600,18 @@ struct configuration_spec * load_config(void) config->trust_x_forwarded_for = parse_toggle_state(cmd, arg); break; +/* ************************************************************************* + * trusted-cgi-referrer http://www.example.org/some/path.html + * *************************************************************************/ + case hash_trusted_cgi_referrer : + /* + * We don't validate the specified referrer as + * it's only used for string comparison. + */ + freez(config->trusted_cgi_referrer); + config->trusted_cgi_referrer = strdup_or_die(arg); + break; + /* ************************************************************************* * trustfile filename * (In confdir by default.) diff --git a/project.h b/project.h index 320bbd64..1fc0bd4c 100644 --- a/project.h +++ b/project.h @@ -1,7 +1,7 @@ #ifndef PROJECT_H_INCLUDED #define PROJECT_H_INCLUDED /** Version string. */ -#define PROJECT_H_VERSION "$Id: project.h,v 1.218 2016/12/24 16:00:49 fabiankeil Exp $" +#define PROJECT_H_VERSION "$Id: project.h,v 1.219 2017/01/23 16:10:28 fabiankeil Exp $" /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/project.h,v $ @@ -1337,6 +1337,11 @@ struct configuration_spec /** IP addresses to bind to. Defaults to HADDR_DEFAULT == 127.0.0.1. */ const char *haddr[MAX_LISTENING_SOCKETS]; + /** Trusted referring site that can be used to reach CGI + * pages that aren't marked as harmful. + */ + const char *trusted_cgi_referrer; + /** Ports to bind to. Defaults to HADDR_PORT == 8118. */ int hport[MAX_LISTENING_SOCKETS];