+ * Revision 1.218 2009/01/31 12:25:54 fabiankeil
+ * Flatten indentation in receive_client_request().
+ *
+ * Revision 1.217 2009/01/07 19:50:09 fabiankeil
+ * - If the socket-timeout has been reached and the client
+ * hasn't received any data yet, send an explanation before
+ * closing the connection.
+ * - In get_request_line(), signal timeouts the right way.
+ *
+ * Revision 1.216 2008/12/24 22:13:11 ler762
+ * fix GCC 3.4.4 warning
+ *
+ * Revision 1.215 2008/12/24 17:06:19 fabiankeil
+ * Keep a thread around to timeout alive connections
+ * even if no new requests are coming in.
+ *
+ * Revision 1.214 2008/12/20 14:53:55 fabiankeil
+ * Add config option socket-timeout to control the time
+ * Privoxy waits for data to arrive on a socket. Useful
+ * in case of stale ssh tunnels or when fuzz-testing.
+ *
+ * Revision 1.213 2008/12/15 18:45:51 fabiankeil
+ * When logging crunches, log the whole URL, so one can easily
+ * differentiate between vanilla HTTP and CONNECT requests.
+ *
+ * Revision 1.212 2008/12/14 15:46:22 fabiankeil
+ * Give crunched requests their own log level.
+ *
+ * Revision 1.211 2008/12/06 10:05:03 fabiankeil
+ * Downgrade "Received x bytes while expecting y." message to
+ * LOG_LEVEL_CONNECT as it doesn't necessarily indicate an error.
+ *
+ * Revision 1.210 2008/12/02 22:03:18 fabiankeil
+ * Don't miscalculate byte_count if we don't get all the
+ * server headers with one read_socket() call. With keep-alive
+ * support enabled, this caused delays until the server closed
+ * the connection.
+ *
+ * Revision 1.209 2008/11/27 09:44:04 fabiankeil
+ * Cosmetics for the last commit: Don't watch out for
+ * the last chunk if the content isn't chunk-encoded or
+ * if we already determined the content length previously.
+ *
+ * Revision 1.208 2008/11/26 18:24:17 fabiankeil
+ * Recognize that the server response is complete if the
+ * last chunk is read together with the server headers.
+ * Reported by Lee.
+ *
+ * Revision 1.207 2008/11/25 17:25:16 fabiankeil
+ * Don't convert the client-header list to text until we need to.
+ *
+ * Revision 1.206 2008/11/23 17:00:11 fabiankeil
+ * Some more chat() cosmetics.
+ *
+ * Revision 1.205 2008/11/16 12:43:49 fabiankeil
+ * Turn keep-alive support into a runtime feature
+ * that is disabled by setting keep-alive-timeout
+ * to a negative value.
+ *
+ * Revision 1.204 2008/11/06 19:42:17 fabiankeil
+ * Fix last-chunk detection hack to also apply
+ * if buf[] contains nothing but the last-chunk.
+ *
+ * Revision 1.203 2008/11/06 18:34:35 fabiankeil
+ * Factor receive_client_request() and
+ * parse_client_request() out of chat().
+ *
+ * Revision 1.202 2008/11/02 18:40:34 fabiankeil
+ * If we received a different amount of data than we expected,
+ * log a warning and make sure the server socket isn't reused.
+ *
+ * Revision 1.201 2008/11/02 16:48:20 fabiankeil
+ * Revert revision 1.195 and try again.
+ *
+ * Revision 1.200 2008/10/26 16:53:18 fabiankeil
+ * Fix gcc44 warning.
+ *
+ * Revision 1.199 2008/10/26 15:36:10 fabiankeil
+ * Remove two debug messages with LOG_LEVEL_INFO.
+ *
+ * Revision 1.198 2008/10/22 15:19:55 fabiankeil
+ * Once More, With Feeling: if there is no logfile
+ * because the user didn't specify one, we shouldn't
+ * call init_error_log() after receiving SIGHUP either.
+ *
+ * Revision 1.197 2008/10/20 17:02:40 fabiankeil
+ * If SIGHUP is received while we aren't running in daemon
+ * mode, calling init_error_log() would be a mistake.
+ *
+ * Revision 1.196 2008/10/16 09:16:41 fabiankeil
+ * - Fix two gcc44 conversion warnings.
+ * - Don't bother logging the last five bytes
+ * of the 0-chunk.
+ *
+ * Revision 1.195 2008/10/13 16:04:37 fabiankeil
+ * Make sure we don't try to reuse tainted server sockets.
+ *
+ * Revision 1.194 2008/10/12 18:35:18 fabiankeil
+ * The last commit was a bit too ambitious, apparently the content
+ * length adjustment is only necessary if we aren't buffering.
+ *
+ * Revision 1.193 2008/10/12 15:57:35 fabiankeil
+ * Fix content length calculation if we read headers
+ * and the start of the body at once. Now that we have
+ * FEATURE_CONNECTION_KEEP_ALIVE, it actually matters.
+ *
+ * Revision 1.192 2008/10/11 18:19:14 fabiankeil
+ * Even more chat() cosmetics.
+ *
+ * Revision 1.191 2008/10/11 18:00:14 fabiankeil
+ * Reformat some comments in chat().
+ *
+ * Revision 1.190 2008/10/11 14:58:00 fabiankeil
+ * In case of chunk-encoded content, stop reading if
+ * the buffer looks like it ends with the last chunk.
+ *
+ * Revision 1.189 2008/10/11 09:53:00 fabiankeil
+ * Let server_response_is_complete() deal properly with
+ * content that is neither buffered nor read all at once.
+ *
+ * Revision 1.188 2008/10/09 18:21:41 fabiankeil
+ * Flush work-in-progress changes to keep outgoing connections
+ * alive where possible. Incomplete and mostly #ifdef'd out.
+ *
+ * Revision 1.187 2008/09/07 12:35:05 fabiankeil
+ * Add mutex lock support for _WIN32.
+ *
+ * Revision 1.186 2008/09/04 08:13:58 fabiankeil
+ * Prepare for critical sections on Windows by adding a
+ * layer of indirection before the pthread mutex functions.
+ *
+ * Revision 1.185 2008/08/30 12:03:07 fabiankeil
+ * Remove FEATURE_COOKIE_JAR.
+ *
+ * Revision 1.184 2008/08/22 15:34:45 fabiankeil
+ * - Silence LLVM/Clang complaint.
+ * - Make received_hup_signal static.
+ * - Hide definitions for basedir, pidfile and received_hup_signal
+ * from __EMX__ as they only seem to be used in case of #ifdef unix.
+ *
+ * Revision 1.183 2008/08/21 07:09:35 fabiankeil
+ * Accept Shoutcast responses again. Problem reported
+ * and fix suggested by Stefan in #2062860.
+ *
+ * Revision 1.182 2008/06/27 11:13:56 fabiankeil
+ * Fix possible NULL-pointer dereference reported
+ * by din_a4 in #2003937. Pointy hat to me.
+ *
+ * Revision 1.181 2008/05/21 15:47:15 fabiankeil
+ * Streamline sed()'s prototype and declare
+ * the header parse and add structures static.
+ *
+ * Revision 1.180 2008/05/21 15:26:32 fabiankeil
+ * - Mark csp as immutable for send_crunch_response().
+ * - Fix comment spelling.
+ *
+ * Revision 1.179 2008/05/20 20:13:32 fabiankeil
+ * Factor update_server_headers() out of sed(), ditch the
+ * first_run hack and make server_patterns_light static.
+ *
+ * Revision 1.178 2008/05/10 13:23:38 fabiankeil
+ * Don't provide get_header() with the whole client state
+ * structure when it only needs access to csp->iob.
+ *
+ * Revision 1.177 2008/05/10 11:51:12 fabiankeil
+ * Make the "read the rest of the headers" loop a bit more readable.
+ *
+ * Revision 1.176 2008/05/10 11:37:57 fabiankeil
+ * - Instead of logging when the IIS5 hack is enabled, log when it fails.
+ * - Remove useless comment.
+ *
+ * Revision 1.175 2008/05/09 18:53:59 fabiankeil
+ * Fix comment grammar.
+ *
+ * Revision 1.174 2008/05/07 18:05:53 fabiankeil
+ * Remove the pointless buffer in client_protocol_is_unsupported().
+ *
+ * Revision 1.173 2008/05/06 15:09:00 fabiankeil
+ * Least-effort fix for bug #1821930 (reported by Lee):
+ * If the response doesn't look like HTTP,
+ * tell the client and log the problem.
+ *
+ * Revision 1.172 2008/04/16 16:38:21 fabiankeil
+ * Don't pass the whole csp structure to flush_socket()
+ * when it only needs a file descriptor and a buffer.
+ *
+ * Revision 1.171 2008/03/27 18:27:25 fabiankeil
+ * Remove kill-popups action.
+ *
+ * Revision 1.170 2008/03/06 16:33:46 fabiankeil
+ * If limit-connect isn't used, don't limit CONNECT requests to port 443.
+ *
+ * Revision 1.169 2008/03/04 18:30:39 fabiankeil
+ * Remove the treat-forbidden-connects-like-blocks action. We now
+ * use the "blocked" page for forbidden CONNECT requests by default.
+ *
+ * Revision 1.168 2008/03/02 12:25:25 fabiankeil
+ * Also use shiny new connect_port_is_forbidden() in jcc.c.
+ *
+ * Revision 1.167 2008/02/23 16:57:12 fabiankeil
+ * Rename url_actions() to get_url_actions() and let it
+ * use the standard parameter ordering.
+ *
+ * Revision 1.166 2008/02/23 16:33:43 fabiankeil
+ * Let forward_url() use the standard parameter ordering
+ * and mark its second parameter immutable.
+ *
+ * Revision 1.165 2008/02/02 19:36:56 fabiankeil
+ * Remove the "Listening ... for local connections only" log message.
+ * Whether or not remote connections are able to reach Privoxy is up
+ * to the operating system.
+ *
+ * Revision 1.164 2007/12/16 18:32:46 fabiankeil
+ * Prevent the log messages for CONNECT requests to unacceptable
+ * ports from printing the limit-connect argument as [null] if
+ * limit-connect hasn't been explicitly enabled.
+ *
+ * Revision 1.163 2007/12/13 01:47:11 david__schmidt
+ * Make sure all console-mode apps get a usage() instance
+ *
+ * Revision 1.162 2007/12/06 17:54:57 fabiankeil
+ * Reword NO_SERVER_DATA_RESPONSE to make it harder
+ * to misunderstand what the message is all about.
+ *
+ * Revision 1.161 2007/12/04 19:44:22 fabiankeil
+ * Unbreak trustfile which previously didn't work without
+ * FEATURE_TOGGLE. Fixes BR#1843585, reported by Lee.
+ *
+ * Revision 1.160 2007/11/29 18:00:29 fabiankeil
+ * Plug memory leak. Spotted by Valgrind, triggered by
+ * Privoxy-Regression-Test feeding proxyfuzz.py.
+ *
+ * Revision 1.159 2007/11/24 14:34:09 fabiankeil
+ * In the HTTP snipplets, refer to the client as client.
+ *
+ * Revision 1.158 2007/11/11 16:44:17 fabiankeil
+ * Emit a log message when activating the MS IIS5 hack.
+ *
+ * Revision 1.157 2007/11/03 17:34:49 fabiankeil
+ * Log the "weak randomization factor" warning only
+ * once for mingw32 and provide some more details.
+ *
+ * Revision 1.156 2007/11/01 18:20:58 fabiankeil
+ * Initialize log module after initializing mutexes, future
+ * deadlocks in that code should now work cross-platform.
+ *
+ * Revision 1.155 2007/10/23 20:12:45 fabiankeil
+ * Fix first CSUCCEED line to end in \r\n as required by RFC1945.
+ * Reported by Bert van Leeuwen in BR#1818808.
+ *
+ * Revision 1.154 2007/10/19 17:00:08 fabiankeil
+ * Downgrade "Flushing header and buffers" message to LOG_LEVEL_INFO.
+ *
+ * Revision 1.153 2007/10/14 14:12:41 fabiankeil
+ * When in daemon mode, close stderr after the configuration file has been
+ * parsed the first time. If logfile isn't set, stop logging. Fixes BR#897436.
+ *
+ * Revision 1.152 2007/10/04 18:03:34 fabiankeil
+ * - Fix a crash when parsing invalid requests whose first header
+ * is rejected by get_header(). Regression (re?)introduced
+ * in r1.143 by yours truly.
+ * - Move ACTION_VANILLA_WAFER handling into parsers.c's
+ * client_cookie_adder() to make sure send-vanilla-wafer can be
+ * controlled through tags (and thus regression-tested).
+ *
+ * Revision 1.151 2007/09/29 10:21:16 fabiankeil
+ * - Move get_filter_function() from jcc.c to filters.c
+ * so the filter functions can be static.
+ * - Don't bother filtering body-less responses.
+ *
+ * Revision 1.150 2007/09/28 16:39:29 fabiankeil
+ * Execute content filters through execute_content_filter().
+ *
+ * Revision 1.149 2007/09/04 15:08:48 fabiankeil
+ * Initialize req to NULL to make sure it's defined if the
+ * first read_socket() call fails. Reported by icmp30.
+ *
+ * Revision 1.148 2007/08/26 16:47:13 fabiankeil
+ * Add Stephen Gildea's --pre-chroot-nslookup patch [#1276666],
+ * extensive comments moved to user manual.
+ *
+ * Revision 1.147 2007/08/25 14:42:40 fabiankeil
+ * Don't crash if a broken header filter wiped out the request line.
+ *
+ * Revision 1.146 2007/08/20 17:09:32 fabiankeil
+ * Fix byte_count calculation in case of flushes
+ * and don't parse the server headers a second time.
+ *
+ * Revision 1.145 2007/08/19 13:13:31 fabiankeil
+ * - If there's a connection problem after we already forwarded
+ * parts of the original content, just hang up. Fixes BR#1776724.
+ * - Fix warnings about unused code on mingw32.
+ * - In case of flushes, calculate the byte count
+ * less incorrectly (I think).
+ *
+ * Revision 1.144 2007/08/11 14:43:22 fabiankeil
+ * Add some more prototypes for static functions.
+ *
+ * Revision 1.143 2007/08/05 13:58:19 fabiankeil
+ * Comment out request_contains_null_bytes() until it's used again.
+ *
+ * Revision 1.142 2007/08/05 13:50:26 fabiankeil
+ * #1763173 from Stefan Huehner: s@const static@static const@
+ * and declare some more functions static.
+ *
+ * Revision 1.141 2007/08/04 09:56:23 fabiankeil
+ * - Log rejected CONNECT requests with LOG_LEVEL_INFO
+ * and explain why they were rejected in the first place.
+ * - Fix the LOG_LEVEL_CLF message for crunches of unallowed
+ * CONNECT requests. The request line was missing.
+ * - Add two more XXX reminders as we don't have enough already.
+ *
+ * Revision 1.140 2007/07/21 11:51:36 fabiankeil
+ * As Hal noticed, checking dispatch_cgi() as the last cruncher
+ * looks like a bug if CGI requests are blocked unintentionally,
+ * so don't do it unless the user enabled the new config option
+ * "allow-cgi-request-crunching".
+ *
+ * Revision 1.139 2007/07/14 07:46:41 fabiankeil
+ * - Allow to rewrite the request destination behind the client's back.
+ * - Turn the weird-looking unconditional for loop that
+ * reads the client request into a conditional while loop.
+ * Move the stuff that only runs once out of the loop.
+ * - Move parts of chat(), server_content_type() and the
+ * necessary stuff to fix BR#1750917 into get_filter_function().
+ *
+ * Revision 1.138 2007/06/03 18:45:18 fabiankeil
+ * Temporary workaround for BR#1730105.
+ *
+ * Revision 1.137 2007/06/01 18:16:36 fabiankeil
+ * Use the same mutex for gethostbyname() and gethostbyaddr() to prevent
+ * deadlocks and crashes on OpenBSD and possibly other OS with neither
+ * gethostbyname_r() nor gethostaddr_r(). Closes BR#1729174.
+ * Thanks to Ralf Horstmann for report and solution.
+ *
+ * Revision 1.136 2007/06/01 16:41:11 fabiankeil
+ * Add forward-override{} to change the forwarding settings through
+ * action sections. This is mainly interesting to forward different
+ * clients differently (for example based on User-Agent or request
+ * origin).
+ *
+ * Revision 1.135 2007/05/24 17:03:50 fabiankeil
+ * - Let usage() mention the --chroot parameter.
+ * - Use read_socket() consistently and always leave
+ * the last buffer byte alone, even in cases where
+ * null termination (currently) doesn't matter.
+ *
+ * Revision 1.134 2007/05/16 14:59:46 fabiankeil
+ * - Fix config file loading on Unix if no config file is specified.
+ * Since r1.97 Privoxy would always interpret the last argument as
+ * config file, even if it's a valid command line option.
+ * - Abort in case of unrecognized command line options. Closes #1719696.
+ * - Remove a bunch of unnecessary strcpy() calls (yay for c&p without thinking).
+ * - Replace the remaining strcpy() and strcat() calls with strlcpy() and strcat().
+ *
+ * Revision 1.133 2007/05/04 11:23:19 fabiankeil
+ * - Don't rerun crunchers that only depend on the request URL.
+ * - Don't count redirects and CGI requests as "blocked requests".
+ *
+ * Revision 1.132 2007/04/25 15:15:17 fabiankeil
+ * Support crunching based on tags created by server-header taggers.
+ *
+ * Revision 1.131 2007/04/22 13:24:50 fabiankeil
+ * Make HTTP snippets static (again). Add a Content-Type for those
+ * with content so the browser doesn't guess it based on the URL.
+ *
+ * Revision 1.130 2007/04/19 13:47:34 fabiankeil
+ * Move crunching and request line rebuilding out of chat().
+ *
+ * Revision 1.129 2007/04/15 16:39:20 fabiankeil
+ * Introduce tags as alternative way to specify which
+ * actions apply to a request. At the moment tags can be
+ * created based on client and server headers.
+ *
+ * Revision 1.128 2007/03/25 16:55:54 fabiankeil
+ * Don't CLF-log CONNECT requests twice.
+ *
+ * Revision 1.127 2007/03/20 13:53:17 fabiankeil
+ * Log the source address for ACL-related connection drops.
+ *
+ * Revision 1.126 2007/03/17 15:20:05 fabiankeil
+ * New config option: enforce-blocks.
+ *
+ * Revision 1.125 2007/03/09 14:12:00 fabiankeil
+ * - Move null byte check into separate function.
+ * - Don't confuse the client with error pages
+ * if a CONNECT request was already confirmed.
+ *
+ * Revision 1.124 2007/02/23 14:59:54 fabiankeil
+ * Speed up NULL byte escaping and only log the complete
+ * NULL byte requests with header debugging enabled.
+ *
+ * Revision 1.123 2007/02/21 18:42:10 fabiankeil
+ * Answer requests that contain NULL bytes with
+ * a custom response instead of waiting for more
+ * data until the client eventually hangs up.
+ *
+ * Revision 1.122 2007/02/07 11:12:02 fabiankeil
+ * - Move delivery and logging of crunched responses
+ * from chat() into send_crunch_response().
+ * - Display the reason for generating http_responses.
+ * - Log the content length for LOG_LEVEL_CLF correctly
+ * (still incorrect for some fixed responses).
+ * - Reword an incorrect comment about
+ * treat-forbidden-connects-like-blocks violating
+ * the specs.
+ * - Add some log messages.
+ *
+ * Revision 1.121 2007/01/27 10:52:56 fabiankeil
+ * Move mutex initialization into separate
+ * function and exit in case of errors.
+ *
+ * Revision 1.120 2007/01/26 14:18:42 fabiankeil
+ * - Start to reduce chat()'s line count and move
+ * parts of it into separate functions.
+ * - Add "HTTP/1.1 100 Continue" hack for BR 756734.
+ *
+ * Revision 1.119 2007/01/25 14:02:30 fabiankeil
+ * - Add Proxy-Agent header to HTTP snippets that are
+ * supposed to reach HTTP clients only.
+ * - Made a few CONNECT log messages more descriptive.
+ * - Catch completely empty server responses (as seen
+ * with Tor's fake ".noconnect" top level domain).
+ * - Use shiny new "forwarding-failed" template for socks errors.
+ *
+ * Revision 1.118 2007/01/07 07:43:43 joergs
+ * AmigaOS4 support added.
+ *
+ * Revision 1.117 2006/12/31 17:56:37 fabiankeil
+ * Added config option accept-intercepted-requests
+ * and disabled it by default.
+ *
+ * Revision 1.116 2006/12/29 19:08:22 fabiankeil
+ * Reverted parts of my last commit
+ * to keep error handling working.
+ *
+ * Revision 1.115 2006/12/29 17:38:57 fabiankeil
+ * Fixed gcc43 conversion warnings.
+ *
+ * Revision 1.114 2006/12/27 18:52:02 fabiankeil
+ * Fix -pedantic ISO C warning about converting
+ * from function pointer to object pointer.
+ *
+ * Revision 1.113 2006/12/26 17:38:50 fabiankeil
+ * Silence compiler warning I introduced with my last commit.
+ *
+ * Revision 1.112 2006/12/26 17:31:41 fabiankeil
+ * Mutex protect rand() if POSIX threading
+ * is used, warn the user if that's not possible
+ * and stop using it on _WIN32 where it could
+ * cause crashes.
+ *
+ * Revision 1.111 2006/12/23 16:15:06 fabiankeil
+ * Don't prevent core dumps by catching SIGABRT.
+ * It's rude and makes debugging unreasonable painful.
+ *
+ * Revision 1.110 2006/12/13 14:52:53 etresoft
+ * Fix build failure on MacOS X. Global symbols can be either static or extern, but not both.
+ *
+ * Revision 1.109 2006/12/06 19:41:40 fabiankeil
+ * Privoxy is now able to run as intercepting
+ * proxy in combination with any packet filter
+ * that does the port redirection. The destination
+ * is extracted from the "Host:" header which
+ * should be available for nearly all requests.
+ *
+ * Moved HTTP snipplets into jcc.c.
+ * Added error message for gopher proxy requests.
+ *
+ * Revision 1.108 2006/11/28 15:38:51 fabiankeil
+ * Only unlink the pidfile if it's actually used.
+ *
+ * Change order of interception checks to make
+ * it possible to block or redirect requests for
+ * the cgi pages.
+ *
+ * Revision 1.107 2006/11/13 19:05:51 fabiankeil
+ * Make pthread mutex locking more generic. Instead of
+ * checking for OSX and OpenBSD, check for FEATURE_PTHREAD
+ * and use mutex locking unless there is an _r function
+ * available. Better safe than sorry.
+ *
+ * Fixes "./configure --disable-pthread" and should result
+ * in less threading-related problems on pthread-using platforms,
+ * but it still doesn't fix BR#1122404.
+ *
+ * Revision 1.106 2006/11/06 19:58:23 fabiankeil
+ * Move pthread.h inclusion from jcc.c to jcc.h.
+ * Fixes build on x86-freebsd1 (FreeBSD 5.4-RELEASE).
+ *
+ * Revision 1.105 2006/11/06 14:26:02 fabiankeil
+ * Don't exit after receiving the second SIGHUP on Solaris.
+ *
+ * Fixes BR 1052235, but the same problem may exist on other
+ * systems. Once 3.0.6 is out we should use sigset()
+ * where available and see if it breaks anything.
+ *
+ * Revision 1.104 2006/09/23 13:26:38 roro
+ * Replace TABs by spaces in source code.
+ *
+ * Revision 1.103 2006/09/21 12:54:43 fabiankeil
+ * Fix +redirect{}. Didn't work with -fast-redirects.
+ *
+ * Revision 1.102 2006/09/06 13:03:04 fabiankeil
+ * Respond with 400 and a short text message
+ * if the client tries to use Privoxy as FTP proxy.
+ *
+ * Revision 1.101 2006/09/06 09:23:37 fabiankeil
+ * Make number of retries in case of forwarded-connect problems
+ * a config file option (forwarded-connect-retries) and use 0 as
+ * default.
+ *
+ * Revision 1.100 2006/09/03 19:42:59 fabiankeil
+ * Set random(3) seed.
+ *