+ break;
+
+/* *************************************************************************
+ * forward url-pattern (.|http-proxy-host[:port])
+ * *************************************************************************/
+ case hash_forward:
+ strlcpy(tmp, arg, sizeof(tmp));
+ vec_count = ssplit(tmp, " \t", vec, SZ(vec));
+
+ if (vec_count != 2)
+ {
+ log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for forward "
+ "directive in configuration file.");
+ string_append(&config->proxy_args,
+ "<br>\nWARNING: Wrong number of parameters for "
+ "forward directive in configuration file.");
+ break;
+ }
+
+ /* allocate a new node */
+ cur_fwd = zalloc_or_die(sizeof(*cur_fwd));
+ cur_fwd->type = SOCKS_NONE;
+
+ /* Save the URL pattern */
+ if (create_pattern_spec(cur_fwd->url, vec[0]))
+ {
+ log_error(LOG_LEVEL_ERROR, "Bad URL specifier for forward "
+ "directive in configuration file.");
+ string_append(&config->proxy_args,
+ "<br>\nWARNING: Bad URL specifier for "
+ "forward directive in configuration file.");
+ freez(cur_fwd);
+ break;
+ }
+
+ /* Parse the parent HTTP proxy host:port */
+ p = vec[1];
+
+ if (strcmp(p, ".") != 0)
+ {
+ cur_fwd->forward_port = 8000;
+ parse_forwarder_address(p, &cur_fwd->forward_host,
+ &cur_fwd->forward_port);
+ }
+
+ /* Add to list. */
+ cur_fwd->next = config->forward;
+ config->forward = cur_fwd;
+
+ break;
+
+/* *************************************************************************
+ * forward-socks4 url-pattern socks-proxy[:port] (.|http-proxy[:port])
+ * *************************************************************************/
+ case hash_forward_socks4:
+ strlcpy(tmp, arg, sizeof(tmp));
+ vec_count = ssplit(tmp, " \t", vec, SZ(vec));
+
+ if (vec_count != 3)
+ {
+ log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for "
+ "forward-socks4 directive in configuration file.");
+ string_append(&config->proxy_args,
+ "<br>\nWARNING: Wrong number of parameters for "
+ "forward-socks4 directive in configuration file.");
+ break;
+ }
+
+ /* allocate a new node */
+ cur_fwd = zalloc_or_die(sizeof(*cur_fwd));
+ cur_fwd->type = SOCKS_4;
+
+ /* Save the URL pattern */
+ if (create_pattern_spec(cur_fwd->url, vec[0]))
+ {
+ log_error(LOG_LEVEL_ERROR, "Bad URL specifier for forward-socks4 "
+ "directive in configuration file.");
+ string_append(&config->proxy_args,
+ "<br>\nWARNING: Bad URL specifier for "
+ "forward-socks4 directive in configuration file.");
+ freez(cur_fwd);
+ break;
+ }
+
+ /* Parse the SOCKS proxy host[:port] */
+ p = vec[1];
+
+ /* XXX: This check looks like a bug. */
+ if (strcmp(p, ".") != 0)
+ {
+ cur_fwd->gateway_port = 1080;
+ parse_forwarder_address(p, &cur_fwd->gateway_host,
+ &cur_fwd->gateway_port);
+ }
+
+ /* Parse the parent HTTP proxy host[:port] */
+ p = vec[2];
+
+ if (strcmp(p, ".") != 0)
+ {
+ cur_fwd->forward_port = 8000;
+ parse_forwarder_address(p, &cur_fwd->forward_host,
+ &cur_fwd->forward_port);
+ }
+
+ /* Add to list. */
+ cur_fwd->next = config->forward;
+ config->forward = cur_fwd;
+
+ break;
+
+/* *************************************************************************
+ * forward-socks4a url-pattern socks-proxy[:port] (.|http-proxy[:port])
+ * *************************************************************************/
+ case hash_forward_socks4a:
+ case hash_forward_socks5:
+ case hash_forward_socks5t:
+ strlcpy(tmp, arg, sizeof(tmp));
+ vec_count = ssplit(tmp, " \t", vec, SZ(vec));
+
+ if (vec_count != 3)
+ {
+ log_error(LOG_LEVEL_ERROR,
+ "Wrong number of parameters for %s in configuration file.",
+ cmd);
+ string_append(&config->proxy_args,
+ "<br>\nWARNING: Wrong number of parameters for ");
+ string_append(&config->proxy_args, cmd);
+ string_append(&config->proxy_args,
+ "directive in configuration file.");
+ break;
+ }
+
+ /* allocate a new node */
+ cur_fwd = zalloc_or_die(sizeof(*cur_fwd));
+
+ if (directive_hash == hash_forward_socks4a)
+ {
+ cur_fwd->type = SOCKS_4A;
+ }
+ else if (directive_hash == hash_forward_socks5)
+ {
+ cur_fwd->type = SOCKS_5;
+ }
+ else
+ {
+ assert(directive_hash == hash_forward_socks5t);
+ cur_fwd->type = SOCKS_5T;
+ }
+
+ /* Save the URL pattern */
+ if (create_pattern_spec(cur_fwd->url, vec[0]))
+ {
+ log_error(LOG_LEVEL_ERROR,
+ "Bad URL specifier for %s in configuration file.",
+ cmd);
+ string_append(&config->proxy_args,
+ "<br>\nWARNING: Bad URL specifier for ");
+ string_append(&config->proxy_args, cmd);
+ string_append(&config->proxy_args,
+ "directive in configuration file.");
+ freez(cur_fwd);
+ break;
+ }
+
+ /* Parse the SOCKS proxy host[:port] */
+ p = vec[1];
+
+ cur_fwd->gateway_port = 1080;
+ parse_forwarder_address(p, &cur_fwd->gateway_host,
+ &cur_fwd->gateway_port);
+
+ /* Parse the parent HTTP proxy host[:port] */
+ p = vec[2];
+
+ if (strcmp(p, ".") != 0)
+ {
+ cur_fwd->forward_port = 8000;
+ parse_forwarder_address(p, &cur_fwd->forward_host,
+ &cur_fwd->forward_port);
+ }
+
+ /* Add to list. */
+ cur_fwd->next = config->forward;
+ config->forward = cur_fwd;
+
+ break;
+
+/* *************************************************************************
+ * forwarded-connect-retries n
+ * *************************************************************************/
+ case hash_forwarded_connect_retries :
+ config->forwarded_connect_retries = parse_numeric_value(cmd, arg);
+ break;
+
+/* *************************************************************************
+ * handle-as-empty-doc-returns-ok 0|1
+ *
+ * Workaround for firefox hanging on blocked javascript pages.
+ * Block with the "+handle-as-empty-document" flag and set the
+ * "handle-as-empty-doc-returns-ok" run-time config flag so that
+ * Privoxy returns a 200/OK status instead of a 403/Forbidden status
+ * to the browser for blocked pages.
+ ***************************************************************************/
+ case hash_handle_as_empty_returns_ok:
+ if (parse_toggle_state(cmd, arg) == 1)
+ {
+ config->feature_flags |= RUNTIME_FEATURE_EMPTY_DOC_RETURNS_OK;
+ }
+ else
+ {
+ config->feature_flags &= ~RUNTIME_FEATURE_EMPTY_DOC_RETURNS_OK;
+ }
+ break;
+
+/* *************************************************************************
+ * hostname hostname-to-show-on-cgi-pages
+ * *************************************************************************/
+ case hash_hostname :
+ freez(config->hostname);
+ config->hostname = strdup(arg);
+ if (NULL == config->hostname)
+ {
+ log_error(LOG_LEVEL_FATAL, "Out of memory saving hostname.");
+ }
+ break;
+
+/* *************************************************************************
+ * keep-alive-timeout timeout
+ * *************************************************************************/
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+ case hash_keep_alive_timeout :
+ {
+ int timeout = parse_numeric_value(cmd, arg);
+ if (0 < timeout)
+ {
+ config->feature_flags |= RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE;
+ config->keep_alive_timeout = (unsigned int)timeout;
+ }
+ else
+ {
+ config->feature_flags &= ~RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE;
+ }
+ break;
+ }
+#endif
+
+/* *************************************************************************
+ * listen-address [ip][:port]
+ * *************************************************************************/
+ case hash_listen_address :
+ i = 0;
+ while ((i < MAX_LISTENING_SOCKETS) && (NULL != config->haddr[i]))
+ {
+ i++;
+ }
+
+ if (i >= MAX_LISTENING_SOCKETS)
+ {
+ log_error(LOG_LEVEL_FATAL, "Too many 'listen-address' directives in config file - limit is %d.\n"
+ "(You can increase this limit by changing MAX_LISTENING_SOCKETS in project.h and recompiling).",
+ MAX_LISTENING_SOCKETS);
+ }
+ config->haddr[i] = strdup(arg);
+ if (NULL == config->haddr[i])
+ {
+ log_error(LOG_LEVEL_FATAL, "Out of memory while copying listening address");
+ }
+ break;
+
+/* *************************************************************************
+ * logdir directory-name
+ * *************************************************************************/
+ case hash_logdir :
+ freez(config->logdir);
+ config->logdir = make_path(NULL, arg);
+ break;
+
+/* *************************************************************************
+ * logfile log-file-name
+ * In logdir by default
+ * *************************************************************************/
+ case hash_logfile :
+ if (daemon_mode)
+ {
+ logfile = make_path(config->logdir, arg);
+ if (NULL == logfile)
+ {
+ log_error(LOG_LEVEL_FATAL, "Out of memory while creating logfile path");
+ }
+ }
+ break;
+
+/* *************************************************************************
+ * max-client-connections number
+ * *************************************************************************/
+ case hash_max_client_connections :
+ {
+ int max_client_connections = parse_numeric_value(cmd, arg);
+
+#ifndef _WIN32
+ /*
+ * Reject values below 1 for obvious reasons and values above
+ * FD_SETSIZE/2 because Privoxy needs two sockets to serve
+ * client connections that need forwarding.
+ *
+ * We ignore the fact that the first three file descriptors
+ * are usually set to /dev/null, one is used for logging
+ * and yet another file descriptor is required to load
+ * config files.
+ */
+ if ((max_client_connections < 1) || (FD_SETSIZE/2 < max_client_connections))
+ {
+ log_error(LOG_LEVEL_FATAL, "max-client-connections value %d"
+ " is invalid. Value needs to be above 1 and below %d"
+ " (FD_SETSIZE/2).", max_client_connections, FD_SETSIZE/2);
+ }
+#else
+ /*
+ * The Windows libc uses FD_SETSIZE for an array used
+ * by select(), but has no problems with file descriptors
+ * above the limit as long as no more than FD_SETSIZE are
+ * passed to select().
+ * https://msdn.microsoft.com/en-us/library/windows/desktop/ms739169%28v=vs.85%29.aspx
+ *
+ * XXX: Do OS/2, Amiga etc. belong here as well?
+ */
+ if (max_client_connections < 1)
+ {
+ log_error(LOG_LEVEL_FATAL, "max-client-connections value"
+ " has to be a number above 1. %d is invalid.",
+ max_client_connections);
+ }
+#endif
+ config->max_client_connections = max_client_connections;
+ break;
+ }
+
+/* *************************************************************************
+ * permit-access source-ip[/significant-bits] [dest-ip[/significant-bits]]
+ * *************************************************************************/
+#ifdef FEATURE_ACL
+ case hash_permit_access:
+ strlcpy(tmp, arg, sizeof(tmp));
+ vec_count = ssplit(tmp, " \t", vec, SZ(vec));
+
+ if ((vec_count != 1) && (vec_count != 2))
+ {
+ log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for "
+ "permit-access directive in configuration file.");
+ string_append(&config->proxy_args,
+ "<br>\nWARNING: Wrong number of parameters for "
+ "permit-access directive in configuration file.<br><br>\n");
+
+ break;
+ }
+
+ /* allocate a new node */
+ cur_acl = zalloc_or_die(sizeof(*cur_acl));
+ cur_acl->action = ACL_PERMIT;
+
+ if (acl_addr(vec[0], cur_acl->src) < 0)
+ {
+ log_error(LOG_LEVEL_ERROR, "Invalid source address, port or netmask "
+ "for permit-access directive in configuration file: \"%s\"", vec[0]);
+ string_append(&config->proxy_args,
+ "<br>\nWARNING: Invalid source address, port or netmask for "
+ "permit-access directive in configuration file: \"");
+ string_append(&config->proxy_args,
+ vec[0]);
+ string_append(&config->proxy_args,
+ "\"<br><br>\n");
+ freez(cur_acl);
+ break;
+ }
+ if (vec_count == 2)
+ {
+ if (acl_addr(vec[1], cur_acl->dst) < 0)
+ {
+ log_error(LOG_LEVEL_ERROR, "Invalid destination address, port or netmask "
+ "for permit-access directive in configuration file: \"%s\"", vec[1]);
+ string_append(&config->proxy_args,
+ "<br>\nWARNING: Invalid destination address, port or netmask for "
+ "permit-access directive in configuration file: \"");
+ string_append(&config->proxy_args,
+ vec[1]);
+ string_append(&config->proxy_args,
+ "\"<br><br>\n");
+ freez(cur_acl);
+ break;
+ }
+ }
+#ifdef HAVE_RFC2553
+ else
+ {
+ cur_acl->wildcard_dst = 1;
+ }
+#endif /* def HAVE_RFC2553 */