-const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.57 2007/06/01 16:53:05 fabiankeil Exp $";
+const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.69 2008/04/17 14:40:48 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/cgisimple.c,v $
* Functions declared include:
*
*
- * Copyright : Written by and Copyright (C) 2001-2007 the SourceForge
+ * Copyright : Written by and Copyright (C) 2001-2008 the SourceForge
* Privoxy team. http://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
*
* Revisions :
* $Log: cgisimple.c,v $
+ * Revision 1.69 2008/04/17 14:40:48 fabiankeil
+ * Provide get_http_time() with the buffer size so it doesn't
+ * have to blindly assume that the buffer is big enough.
+ *
+ * Revision 1.68 2008/03/27 18:27:21 fabiankeil
+ * Remove kill-popups action.
+ *
+ * Revision 1.67 2008/03/27 17:00:05 fabiankeil
+ * Turn the favicon blobs into locals.
+ *
+ * Revision 1.66 2008/02/23 16:57:12 fabiankeil
+ * Rename url_actions() to get_url_actions() and let it
+ * use the standard parameter ordering.
+ *
+ * Revision 1.65 2008/02/23 16:33:43 fabiankeil
+ * Let forward_url() use the standard parameter ordering
+ * and mark its second parameter immutable.
+ *
+ * Revision 1.64 2008/02/03 13:56:07 fabiankeil
+ * Add SOCKS5 support for show-url-info CGI page.
+ *
+ * Revision 1.63 2008/02/01 06:04:31 fabiankeil
+ * If edit buttons on the show-url-info CGI page are hidden, explain why.
+ *
+ * Revision 1.62 2008/02/01 05:52:40 fabiankeil
+ * Hide edit buttons on the show-url-info CGI page if enable-edit-action
+ * is disabled. Patch by Lee with additional white space adjustments.
+ *
+ * Revision 1.61 2008/01/26 11:13:25 fabiankeil
+ * If enable-edit-actions is disabled, hide the edit buttons and explain why.
+ *
+ * Revision 1.60 2007/10/27 13:12:13 fabiankeil
+ * Finish 1.49 and check write access before
+ * showing edit buttons on show-url-info page.
+ *
+ * Revision 1.59 2007/10/19 16:42:36 fabiankeil
+ * Plug memory leak I introduced five months ago.
+ * Yay Valgrind and Privoxy-Regression-Test.
+ *
+ * Revision 1.58 2007/07/21 12:19:50 fabiankeil
+ * If show-url-info is called with an URL that Privoxy
+ * would reject as invalid, don't show unresolved forwarding
+ * variables, "final matches" or claim the site's secure.
+ *
* Revision 1.57 2007/06/01 16:53:05 fabiankeil
* Adjust cgi_show_url_info() to show what forward-override{}
* would do with the requested URL (instead of showing how the
static char *show_rcs(void);
static jb_err show_defines(struct map *exports);
-/*
- * 16x16 ico blobs for favicon delivery functions.
- */
-const char default_favicon_data[] =
- "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260"
- "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000"
- "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000"
- "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000"
- "\000\000\377\377\377\000\377\000\052\000\017\360\000\000\077"
- "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000"
- "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000"
- "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036"
- "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360"
- "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
- "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360"
- "\017\000\000";
-const char error_favicon_data[] =
- "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260"
- "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000"
- "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000"
- "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000"
- "\000\000\377\377\377\000\000\000\377\000\017\360\000\000\077"
- "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000"
- "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000"
- "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036"
- "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360"
- "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
- "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
- "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360"
- "\017\000\000";
-const size_t default_favicon_length = sizeof(default_favicon_data) - 1;
-const size_t error_favicon_length = sizeof(error_favicon_data) - 1;
-
/*********************************************************************
*
* Function : cgi_default
return JB_ERR_MEMORY;
}
- if (map(exports, "processed-request", 1, html_encode(list_to_text(csp->headers)), 0))
+ if (map(exports, "processed-request", 1,
+ html_encode_and_free_original(list_to_text(csp->headers)), 0))
{
free_map(exports);
return JB_ERR_MEMORY;
struct http_response *rsp,
const struct map *parameters)
{
- rsp->body = bindup(default_favicon_data, default_favicon_length);
- rsp->content_length = default_favicon_length;
+ static const char default_favicon_data[] =
+ "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260"
+ "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000"
+ "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000"
+ "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000"
+ "\000\000\377\377\377\000\377\000\052\000\017\360\000\000\077"
+ "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000"
+ "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000"
+ "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036"
+ "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360"
+ "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000"
+ "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
+ "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
+ "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360"
+ "\017\000\000";
+ static const size_t favicon_length = sizeof(default_favicon_data) - 1;
+
+ rsp->body = bindup(default_favicon_data, favicon_length);
+ rsp->content_length = favicon_length;
if (rsp->body == NULL)
{
struct http_response *rsp,
const struct map *parameters)
{
- rsp->body = bindup(error_favicon_data, error_favicon_length);
- rsp->content_length = error_favicon_length;
+ static const char error_favicon_data[] =
+ "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260"
+ "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000"
+ "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000"
+ "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000"
+ "\000\000\377\377\377\000\000\000\377\000\017\360\000\000\077"
+ "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000"
+ "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000"
+ "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036"
+ "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360"
+ "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000"
+ "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
+ "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
+ "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360"
+ "\017\000\000";
+ static const size_t favicon_length = sizeof(error_favicon_data) - 1;
+
+ rsp->body = bindup(error_favicon_data, favicon_length);
+ rsp->content_length = favicon_length;
if (rsp->body == NULL)
{
return JB_ERR_MEMORY;
}
- if ((fp = fopen(filename, "r")) == NULL)
+ if ((fp = fopen(filename, "rb")) == NULL)
{
if (map(exports, "content", 1, "<h1>ERROR OPENING FILE!</h1>", 1))
{
}
else
{
- s = strdup("");
- while ((s != NULL) && fgets(buf, sizeof(buf), fp))
+ /*
+ * XXX: this code is "quite similar" to the one
+ * in cgi_send_user_manual() and should be refactored.
+ * While at it, the return codes for ftell() and fseek
+ * should be verified.
+ */
+ size_t length;
+ /* Get file length */
+ fseek(fp, 0, SEEK_END);
+ length = (size_t)ftell(fp);
+ fseek(fp, 0, SEEK_SET);
+
+ s = (char *)zalloc(length+1);
+ if (NULL == s)
{
- string_join (&s, html_encode(buf));
+ fclose(fp);
+ return JB_ERR_MEMORY;
+ }
+ if (!fread(s, length, 1, fp))
+ {
+ /*
+ * May happen if the file size changes between fseek() and fread().
+ * If it does, we just log it and serve what we got.
+ */
+ log_error(LOG_LEVEL_ERROR, "Couldn't completely read file %s.", filename);
}
fclose(fp);
+ s = html_encode_and_free_original(s);
+ if (NULL == s)
+ {
+ return JB_ERR_MEMORY;
+ }
+
if (map(exports, "contents", 1, s, 0))
{
free_map(exports);
if (!err) err = string_append(&s, buf);
#ifdef FEATURE_CGI_EDIT_ACTIONS
- if (NULL == strstr(csp->actions_list[i]->filename, "standard.action") && NULL != csp->config->actions_file_short[i])
+ if ((csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS)
+ && (NULL == strstr(csp->actions_list[i]->filename, "standard.action"))
+ && (NULL != csp->config->actions_file_short[i]))
{
#ifdef HAVE_ACCESS
if (access(csp->config->actions_file[i], W_OK) == 0)
if (!err) err = map_block_killer(exports, "trust-support");
#endif /* ndef FEATURE_TRUST */
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+ if (!err && (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+ {
+ err = map_block_killer(exports, "cgi-editor-is-disabled");
+ }
+#endif /* ndef CGI_EDIT_ACTIONS */
+
if (err)
{
free_map(exports);
string_append(&matches, buf);
string_append(&matches, "View</a>");
#ifdef FEATURE_CGI_EDIT_ACTIONS
- snprintf(buf, sizeof(buf), " <a class=\"cmd\" href=\"/edit-actions-list?f=%d\">", i);
- string_append(&matches, buf);
- string_append(&matches, "Edit</a>");
-#endif
+ if (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS)
+ {
+#ifdef HAVE_ACCESS
+ if (access(csp->config->actions_file[i], W_OK) == 0)
+ {
+#endif /* def HAVE_ACCESS */
+ snprintf(buf, sizeof(buf),
+ " <a class=\"cmd\" href=\"/edit-actions-list?f=%d\">", i);
+ string_append(&matches, buf);
+ string_append(&matches, "Edit</a>");
+#ifdef HAVE_ACCESS
+ }
+ else
+ {
+ string_append(&matches, " <strong>No write access.</strong>");
+ }
+#endif /* def HAVE_ACCESS */
+ }
+#endif /* FEATURE_CGI_EDIT_ACTIONS */
+
string_append(&matches, "</th></tr>\n");
hits = 0;
* but luckily it's no longer required later on anyway.
*/
free_current_action(csp->action);
- url_actions(url_to_query, csp);
+ get_url_actions(csp, url_to_query);
/*
* Fill in forwarding settings.
* display the proxy port and an eventual second forwarder.
*/
{
- const struct forward_spec * fwd = forward_url(url_to_query, csp);
+ const struct forward_spec *fwd = forward_url(csp, url_to_query);
if ((fwd->gateway_host == NULL) && (fwd->forward_host == NULL))
{
if (fwd->gateway_host != NULL)
{
- if (!err) err = map(exports, "socks-type", 1, (fwd->type == SOCKS_4) ?
- "socks4" : "socks4a", 1);
+ char *socks_type = NULL;
+
+ switch (fwd->type)
+ {
+ case SOCKS_4:
+ socks_type = "socks4";
+ break;
+ case SOCKS_4A:
+ socks_type = "socks4a";
+ break;
+ case SOCKS_5:
+ socks_type = "socks5";
+ break;
+ default:
+ log_error(LOG_LEVEL_FATAL, "Unknown socks type: %d.", fwd->type);
+ }
+
+ if (!err) err = map(exports, "socks-type", 1, socks_type, 1);
if (!err) err = map(exports, "gateway-host", 1, fwd->gateway_host, 1);
snprintf(port, sizeof(port), "%d", fwd->gateway_port);
if (!err) err = map(exports, "gateway-port", 1, port, 1);
return JB_ERR_MEMORY;
}
- if (map(exports, "matches", 1, matches , 0))
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+ if ((csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+ {
+ err = map_block_killer(exports, "cgi-editor-is-disabled");
+ }
+#endif /* FEATURE_CGI_EDIT_ACTIONS */
+
+ if (err || map(exports, "matches", 1, matches , 0))
{
free_current_action(action);
free_map(exports);
rsp->is_static = 1;
- get_http_time(7 * 24 * 60 * 60, buf); /* 7 days into future */
+ get_http_time(7 * 24 * 60 * 60, buf, sizeof(buf)); /* 7 days into future */
if (!err) err = enlist_unique_header(rsp->headers, "Expires", buf);
return (err ? JB_ERR_MEMORY : JB_ERR_OK);
if (!err) err = map_conditional(exports, "FEATURE_IMAGE_DETECT_MSIE", 0);
#endif /* ndef FEATURE_IMAGE_DETECT_MSIE */
-#ifdef FEATURE_KILL_POPUPS
- if (!err) err = map_conditional(exports, "FEATURE_KILL_POPUPS", 1);
-#else /* ifndef FEATURE_KILL_POPUPS */
- if (!err) err = map_conditional(exports, "FEATURE_KILL_POPUPS", 0);
-#endif /* ndef FEATURE_KILL_POPUPS */
-
#ifdef FEATURE_NO_GIFS
if (!err) err = map_conditional(exports, "FEATURE_NO_GIFS", 1);
#else /* ifndef FEATURE_NO_GIFS */
SHOW_RCS(jbsockets_rcs)
SHOW_RCS(jcc_h_rcs)
SHOW_RCS(jcc_rcs)
-#ifdef FEATURE_KILL_POPUPS
- SHOW_RCS(killpopup_h_rcs)
- SHOW_RCS(killpopup_rcs)
-#endif /* def FEATURE_KILL_POPUPS */
SHOW_RCS(list_h_rcs)
SHOW_RCS(list_rcs)
SHOW_RCS(loadcfg_h_rcs)