+ /* Success */
+ *pparam = param;
+
+ return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function : get_number_param
+ *
+ * Description : Get a non-negative integer from the parameters
+ * passed to a CGI function.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : parameters = map of cgi parameters
+ * 3 : name = Name of CGI parameter to read
+ * 4 : pvalue = destination for value.
+ * Set to -1 on error.
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory
+ * JB_ERR_CGI_PARAMS if the parameter was not specified
+ * or is not valid.
+ *
+ *********************************************************************/
+jb_err get_number_param(struct client_state *csp,
+ const struct map *parameters,
+ char *name,
+ unsigned *pvalue)
+{
+ const char *param;
+ char *endptr;
+
+ assert(csp);
+ assert(parameters);
+ assert(name);
+ assert(pvalue);
+
+ *pvalue = 0;
+
+ param = lookup(parameters, name);
+ if (!*param)
+ {
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ *pvalue = (unsigned int)strtol(param, &endptr, 0);
+ if (*endptr != '\0')
+ {
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function : error_response
+ *
+ * Description : returns an http_response that explains the reason
+ * why a request failed.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : templatename = Which template should be used for the answer
+ *
+ * Returns : A http_response. If we run out of memory, this
+ * will be cgi_error_memory().
+ *
+ *********************************************************************/
+struct http_response *error_response(struct client_state *csp,
+ const char *templatename)
+{
+ jb_err err;
+ struct http_response *rsp;
+ struct map *exports = default_exports(csp, NULL);
+ char *path = NULL;
+
+ if (exports == NULL)
+ {
+ return cgi_error_memory();
+ }
+
+ if (NULL == (rsp = alloc_http_response()))
+ {
+ free_map(exports);
+ return cgi_error_memory();
+ }
+
+#ifdef FEATURE_FORCE_LOAD
+ if (csp->flags & CSP_FLAG_FORCED)
+ {
+ path = strdup(FORCE_PREFIX);
+ }
+ else
+#endif /* def FEATURE_FORCE_LOAD */
+ {
+ path = strdup("");
+ }
+ err = string_append(&path, csp->http->path);
+
+ if (!err) err = map(exports, "host", 1, html_encode(csp->http->host), 0);
+ if (!err) err = map(exports, "hostport", 1, html_encode(csp->http->hostport), 0);
+ if (!err) err = map(exports, "path", 1, html_encode_and_free_original(path), 0);
+ if (!err) err = map(exports, "protocol", 1, csp->http->ssl ? "https://" : "http://", 1);
+ if (!err)
+ {
+ err = map(exports, "host-ip", 1, html_encode(csp->http->host_ip_addr_str), 0);
+ if (err)
+ {
+ /* Some failures, like "404 no such domain", don't have an IP address. */
+ err = map(exports, "host-ip", 1, html_encode(csp->http->host), 0);
+ }
+ }
+
+
+ if (err)
+ {
+ free_map(exports);
+ free_http_response(rsp);
+ return cgi_error_memory();
+ }
+
+ if (!strcmp(templatename, "no-such-domain"))
+ {
+ rsp->status = strdup("404 No such domain");
+ rsp->crunch_reason = NO_SUCH_DOMAIN;
+ }
+ else if (!strcmp(templatename, "forwarding-failed"))
+ {
+ const struct forward_spec *fwd = forward_url(csp, csp->http);
+ char *socks_type = NULL;
+ if (fwd == NULL)
+ {
+ log_error(LOG_LEVEL_FATAL, "gateway spec is NULL. This shouldn't happen!");
+ /* Never get here - LOG_LEVEL_FATAL causes program exit */
+ }
+
+ /*
+ * XXX: While the template is called forwarding-failed,
+ * it currently only handles socks forwarding failures.
+ */
+ assert(fwd != NULL);
+ assert(fwd->type != SOCKS_NONE);
+
+ /*
+ * Map failure reason, forwarding type and forwarder.
+ */
+ if (NULL == csp->error_message)
+ {
+ /*
+ * Either we forgot to record the failure reason,
+ * or the memory allocation failed.
+ */
+ log_error(LOG_LEVEL_ERROR, "Socks failure reason missing.");
+ csp->error_message = strdup("Failure reason missing. Check the log file for details.");
+ }
+ if (!err) err = map(exports, "gateway", 1, fwd->gateway_host, 1);
+
+ /*
+ * XXX: this is almost the same code as in cgi_show_url_info()
+ * and thus should be factored out and shared.
+ */
+ switch (fwd->type)
+ {
+ case SOCKS_4:
+ socks_type = "socks4-";
+ break;
+ case SOCKS_4A:
+ socks_type = "socks4a-";
+ break;
+ case SOCKS_5:
+ socks_type = "socks5-";
+ break;
+ case SOCKS_5T:
+ socks_type = "socks5t-";
+ break;
+ case FORWARD_WEBSERVER:
+ socks_type = "webserver-";
+ break;
+ default:
+ log_error(LOG_LEVEL_FATAL, "Unknown socks type: %d.", fwd->type);
+ }
+
+ if (!err) err = map(exports, "forwarding-type", 1, socks_type, 1);
+ if (!err) err = map(exports, "error-message", 1, html_encode(csp->error_message), 0);
+ if ((NULL == csp->error_message) || err)
+ {
+ free_map(exports);
+ free_http_response(rsp);
+ return cgi_error_memory();
+ }
+
+ rsp->status = strdup("503 Forwarding failure");
+ rsp->crunch_reason = FORWARDING_FAILED;
+ }
+ else if (!strcmp(templatename, "connect-failed"))
+ {
+ rsp->status = strdup("503 Connect failed");
+ rsp->crunch_reason = CONNECT_FAILED;
+ }
+ else if (!strcmp(templatename, "connection-timeout"))
+ {
+ rsp->status = strdup("504 Connection timeout");
+ rsp->crunch_reason = CONNECTION_TIMEOUT;
+ }
+ else if (!strcmp(templatename, "no-server-data"))
+ {
+ rsp->status = strdup("502 No data received from server or forwarder");
+ rsp->crunch_reason = NO_SERVER_DATA;
+ }
+
+ if (rsp->status == NULL)
+ {
+ free_map(exports);
+ free_http_response(rsp);
+ return cgi_error_memory();
+ }
+
+ err = template_fill_for_cgi(csp, templatename, exports, rsp);
+ if (err)
+ {
+ free_http_response(rsp);
+ return cgi_error_memory();
+ }
+
+ return finish_http_response(csp, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_error_disabled
+ *
+ * Description : CGI function that is called to generate an error
+ * response if the actions editor or toggle CGI are
+ * accessed despite having being disabled at compile-
+ * or run-time, or if the user followed an untrusted link
+ * to access a unsafe CGI feature that is only reachable
+ * through Privoxy directly.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ *
+ * CGI Parameters : none
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_disabled(const struct client_state *csp,
+ struct http_response *rsp)
+{
+ struct map *exports;
+
+ assert(csp);
+ assert(rsp);
+
+ rsp->status = strdup_or_die("403 Request not trusted or feature disabled");
+
+ if (NULL == (exports = default_exports(csp, "cgi-error-disabled")))
+ {
+ return JB_ERR_MEMORY;
+ }
+ if (map(exports, "url", 1, html_encode(csp->http->url), 0))
+ {
+ /* Not important enough to do anything */
+ log_error(LOG_LEVEL_ERROR, "Failed to fill in url.");
+ }
+
+ return template_fill_for_cgi(csp, "cgi-error-disabled", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_init_error_messages
+ *
+ * Description : Call at the start of the program to initialize
+ * the error message used by cgi_error_memory().
+ *
+ * Parameters : N/A
+ *
+ * Returns : N/A
+ *
+ *********************************************************************/
+void cgi_init_error_messages(void)
+{
+ memset(cgi_error_memory_response, '\0', sizeof(*cgi_error_memory_response));
+ cgi_error_memory_response->head =
+ "HTTP/1.0 500 Internal Privoxy Error\r\n"
+ "Content-Type: text/html\r\n"
+ "\r\n";
+ cgi_error_memory_response->body =
+ "<html>\n"
+ "<head>\n"
+ " <title>500 Internal Privoxy Error</title>\n"
+ " <link rel=\"shortcut icon\" href=\"" CGI_PREFIX "error-favicon.ico\" type=\"image/x-icon\">"
+ "</head>\n"
+ "<body>\n"
+ "<h1>500 Internal Privoxy Error</h1>\n"
+ "<p>Privoxy <b>ran out of memory</b> while processing your request.</p>\n"
+ "<p>Please contact your proxy administrator, or try again later</p>\n"
+ "</body>\n"
+ "</html>\n";
+
+ cgi_error_memory_response->head_length =
+ strlen(cgi_error_memory_response->head);
+ cgi_error_memory_response->content_length =
+ strlen(cgi_error_memory_response->body);
+ cgi_error_memory_response->crunch_reason = OUT_OF_MEMORY;
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_error_memory
+ *
+ * Description : Called if a CGI function runs out of memory.
+ * Returns a statically-allocated error response.
+ *
+ * Parameters : N/A
+ *
+ * Returns : http_response data structure for output. This is
+ * statically allocated, for obvious reasons.
+ *
+ *********************************************************************/
+struct http_response *cgi_error_memory(void)
+{
+ /* assert that it's been initialized. */
+ assert(cgi_error_memory_response->head);
+
+ return cgi_error_memory_response;
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_error_no_template
+ *
+ * Description : Almost-CGI function that is called if a template
+ * cannot be loaded. Note this is not a true CGI,
+ * it takes a template name rather than a map of
+ * parameters.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : template_name = Name of template that could not
+ * be loaded.
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_no_template(const struct client_state *csp,
+ struct http_response *rsp,
+ const char *template_name)
+{
+ static const char status[] =
+ "500 Internal Privoxy Error";
+ static const char body_prefix[] =
+ "<html>\n"
+ "<head>\n"
+ " <title>500 Internal Privoxy Error</title>\n"
+ " <link rel=\"shortcut icon\" href=\"" CGI_PREFIX "error-favicon.ico\" type=\"image/x-icon\">"
+ "</head>\n"
+ "<body>\n"
+ "<h1>500 Internal Privoxy Error</h1>\n"
+ "<p>Privoxy encountered an error while processing your request:</p>\n"
+ "<p><b>Could not load template file <code>";
+ static const char body_suffix[] =
+ "</code> or one of its included components.</b></p>\n"
+ "<p>Please contact your proxy administrator.</p>\n"
+ "<p>If you are the proxy administrator, please put the required file(s)"
+ "in the <code><i>(confdir)</i>/templates</code> directory. The "
+ "location of the <code><i>(confdir)</i></code> directory "
+ "is specified in the main Privoxy <code>config</code> "
+ "file. (It's typically the Privoxy install directory"
+#ifndef _WIN32
+ ", or <code>/etc/privoxy/</code>"
+#endif /* ndef _WIN32 */
+ ").</p>\n"
+ "</body>\n"
+ "</html>\n";
+ size_t body_size = strlen(body_prefix) + strlen(body_suffix) + 1;
+ const char *encoded_template_name;
+
+ assert(csp);
+ assert(rsp);
+ assert(template_name);
+
+ /* Reset rsp, if needed */
+ freez(rsp->status);
+ freez(rsp->head);
+ freez(rsp->body);
+ rsp->content_length = 0;
+ rsp->head_length = 0;
+ rsp->is_static = 0;
+
+ encoded_template_name = html_encode(template_name);
+ if (encoded_template_name == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ body_size += strlen(encoded_template_name);
+ rsp->body = malloc_or_die(body_size);
+ strlcpy(rsp->body, body_prefix, body_size);
+ strlcat(rsp->body, encoded_template_name, body_size);
+ freez(encoded_template_name);
+ strlcat(rsp->body, body_suffix, body_size);
+
+ rsp->status = strdup(status);
+ if (rsp->status == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_error_unknown
+ *
+ * Description : Almost-CGI function that is called if an unexpected
+ * error occurs in the top-level CGI dispatcher.
+ * In this context, "unexpected" means "anything other
+ * than JB_ERR_MEMORY or JB_ERR_CGI_PARAMS" - CGIs are
+ * expected to handle all other errors internally,
+ * since they can give more relevant error messages
+ * that way.
+ *
+ * Note this is not a true CGI, it takes an error
+ * code rather than a map of parameters.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : error_to_report = Error code to report.
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_unknown(const struct client_state *csp,
+ struct http_response *rsp,
+ jb_err error_to_report)
+{
+ static const char status[] =
+ "500 Internal Privoxy Error";
+ static const char body_prefix[] =
+ "<html>\n"
+ "<head>\n"
+ " <title>500 Internal Privoxy Error</title>\n"
+ " <link rel=\"shortcut icon\" href=\"" CGI_PREFIX "error-favicon.ico\" type=\"image/x-icon\">"
+ "</head>\n"
+ "<body>\n"
+ "<h1>500 Internal Privoxy Error</h1>\n"
+ "<p>Privoxy encountered an error while processing your request:</p>\n"
+ "<p><b>Unexpected internal error: ";
+ static const char body_suffix[] =
+ "</b></p>\n"
+ "<p>Please "
+ "<a href=\"https://sourceforge.net/p/ijbswa/bugs/\">"
+ "file a bug report</a>.</p>\n"
+ "</body>\n"
+ "</html>\n";
+ /* Includes room for larger error numbers in the future. */
+ const size_t body_size = sizeof(body_prefix) + sizeof(body_suffix) + 5;
+ assert(csp);
+ assert(rsp);
+
+ /* Reset rsp, if needed */
+ freez(rsp->status);
+ freez(rsp->head);
+ freez(rsp->body);
+ rsp->content_length = 0;
+ rsp->head_length = 0;
+ rsp->is_static = 0;
+ rsp->crunch_reason = INTERNAL_ERROR;
+
+ rsp->body = malloc_or_die(body_size);
+
+ snprintf(rsp->body, body_size, "%s%d%s", body_prefix, error_to_report, body_suffix);
+
+ rsp->status = strdup(status);
+ if (rsp->status == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_error_bad_param
+ *
+ * Description : CGI function that is called if the parameters
+ * (query string) for a CGI were wrong.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ *
+ * CGI Parameters : none
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_bad_param(const struct client_state *csp,
+ struct http_response *rsp)
+{
+ struct map *exports;
+
+ assert(csp);
+ assert(rsp);
+
+ if (NULL == (exports = default_exports(csp, NULL)))
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ return template_fill_for_cgi(csp, "cgi-error-bad-param", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_redirect
+ *
+ * Description : CGI support function to generate a HTTP redirect
+ * message
+ *
+ * Parameters :
+ * 1 : rsp = http_response data structure for output
+ * 2 : target = string with the target URL
+ *
+ * CGI Parameters : None
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_redirect (struct http_response * rsp, const char *target)
+{
+ jb_err err;
+
+ assert(rsp);
+ assert(target);
+
+ err = enlist_unique_header(rsp->headers, "Location", target);
+
+ rsp->status = strdup("302 Local Redirect from Privoxy");
+ if (rsp->status == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function : add_help_link
+ *
+ * Description : Produce a copy of the string given as item,
+ * embedded in an HTML link to its corresponding
+ * section (item name in uppercase) in the actions
+ * chapter of the user manual, (whose URL is given in
+ * the config and defaults to our web site).
+ *
+ * FIXME: I currently only work for actions, and would
+ * like to be generalized for other topics.
+ *
+ * Parameters :
+ * 1 : item = item (will NOT be free()d.)
+ * It is assumed to be HTML-safe.
+ * 2 : config = The current configuration.
+ *
+ * Returns : String with item embedded in link, or NULL on
+ * out-of-memory
+ *
+ *********************************************************************/
+char *add_help_link(const char *item,
+ struct configuration_spec *config)
+{
+ char *result;
+
+ if (!item) return NULL;
+
+ result = strdup("<a href=\"");
+ if (!strncmpic(config->usermanual, "file://", 7) ||
+ !strncmpic(config->usermanual, "http", 4))
+ {
+ string_append(&result, config->usermanual);
+ }
+ else
+ {
+ string_append(&result, "http://");
+ string_append(&result, CGI_SITE_2_HOST);
+ string_append(&result, "/user-manual/");
+ }
+ string_append(&result, ACTIONS_HELP_PREFIX);
+ string_join (&result, string_toupper(item));
+ string_append(&result, "\">");
+ string_append(&result, item);
+ string_append(&result, "</a>");
+
+ return result;
+}
+
+
+/*********************************************************************
+ *
+ * Function : get_http_time
+ *
+ * Description : Get the time in a format suitable for use in a
+ * HTTP header - e.g.:
+ * "Sun, 06 Nov 1994 08:49:37 GMT"
+ *
+ * Parameters :
+ * 1 : time_offset = Time returned will be current time
+ * plus this number of seconds.
+ * 2 : buf = Destination for result.
+ * 3 : buffer_size = Size of the buffer above. Must be big
+ * enough to hold 29 characters plus a
+ * trailing zero.
+ *
+ * Returns : N/A
+ *
+ *********************************************************************/
+void get_http_time(int time_offset, char *buf, size_t buffer_size)
+{
+ struct tm *t;
+ time_t current_time;
+#if defined(HAVE_GMTIME_R)
+ struct tm dummy;
+#endif
+
+ assert(buf);
+ assert(buffer_size > (size_t)29);
+
+ time(¤t_time);