-const char filters_rcs[] = "$Id: filters.c,v 1.204 2017/03/08 13:13:18 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/filters.c,v $
* Purpose : Declares functions to parse/crunch headers and pages.
*
* Copyright : Written by and Copyright (C) 2001-2016 the
- * Privoxy team. http://www.privoxy.org/
+ * Privoxy team. https://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
* by and Copyright (C) 1997 Anonymous Coders and
#include "win32.h"
#endif
-const char filters_h_rcs[] = FILTERS_H_VERSION;
-
typedef char *(*filter_function_ptr)();
static filter_function_ptr get_filter_function(const struct client_state *csp);
static jb_err prepare_for_filtering(struct client_state *csp);
* 3 : len = length of IP address in octets
* 4 : port = port number in network order;
*
- * Returns : 0 = no errror; -1 otherwise.
+ * Returns : void
*
*********************************************************************/
-static int sockaddr_storage_to_ip(const struct sockaddr_storage *addr,
- uint8_t **ip, unsigned int *len,
- in_port_t **port)
+static void sockaddr_storage_to_ip(const struct sockaddr_storage *addr,
+ uint8_t **ip, unsigned int *len,
+ in_port_t **port)
{
assert(NULL != addr);
+ assert(addr->ss_family == AF_INET || addr->ss_family == AF_INET6);
switch (addr->ss_family)
{
}
break;
- default:
- /* Unsupported address family */
- return(-1);
}
-
- return(0);
}
return 0;
}
- /* TODO: Optimize by checking by words insted of octets */
+ /* TODO: Optimize by checking by words instead of octets */
for (i = 0; (i < addr_len) && netmask_addr[i]; i++)
{
if ((network_addr[i] & netmask_addr[i]) !=
}
aca->mask.ss_family = aca->addr.ss_family;
- if (sockaddr_storage_to_ip(&aca->mask, &mask_data, &addr_len, &mask_port))
- {
- return(-1);
- }
+ sockaddr_storage_to_ip(&aca->mask, &mask_data, &addr_len, &mask_port);
if (p)
{
*
* Description : Check to see if CONNECT requests to the destination
* port of this request are forbidden. The check is
- * independend of the actual request method.
+ * independent of the actual request method.
*
* Parameters :
* 1 : csp = Current client state (buffers, headers, etc...)
}
if (0 == strcmpic(redirect_mode, "check-decoded-url") && strchr(subject, '%'))
- {
+ {
char *url_segment = NULL;
char **url_segments;
size_t max_segments;
struct url_actions *b;
int i;
- init_current_action(csp->action);
+#ifdef FEATURE_HTTPS_INSPECTION
+ if (!csp->http->client_ssl)
+#endif
+ {
+ /*
+ * When filtering TLS traffic this function gets called a
+ * second time after the encrypted headers have been received.
+ *
+ * Only initialize the first time. The second time we apply
+ * the newly set actions on top of the ones that were set
+ * the first time.
+ */
+ init_current_action(csp->action);
+ }
for (i = 0; i < MAX_AF_FILES; i++)
{
if (NULL != socks_proxy)
{
- /* Parse the SOCKS proxy host[:port] */
+ /* Parse the SOCKS proxy [user:pass@]host[:port] */
fwd->gateway_port = 1080;
parse_forwarder_address(socks_proxy,
- &fwd->gateway_host, &fwd->gateway_port);
+ &fwd->gateway_host, &fwd->gateway_port,
+ &fwd->auth_username, &fwd->auth_password);
http_parent = vec[2];
}
{
fwd->forward_port = 8000;
parse_forwarder_address(http_parent,
- &fwd->forward_host, &fwd->forward_port);
+ &fwd->forward_host, &fwd->forward_port,
+ NULL, NULL);
}
assert (NULL != fwd);