X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=cgiedit.c;h=4cc2c3dcfdc96c0fbf6a89c39937b97250470444;hb=d1d9361c3c809ea5a065de3c80fa0bf6113182f9;hp=4b727c8f366e1b314ddd2ea721cbb7f1c1858377;hpb=2465a9102eb7d4f7a53bd454596e61edd16acb85;p=privoxy.git diff --git a/cgiedit.c b/cgiedit.c index 4b727c8f..4cc2c3dc 100644 --- a/cgiedit.c +++ b/cgiedit.c @@ -1,21 +1,21 @@ -const char cgiedit_rcs[] = "$Id: cgi.c,v 1.25 2001/09/16 15:02:35 jongfoster Exp $"; +const char cgiedit_rcs[] = "$Id: cgiedit.c,v 1.5 2001/10/25 03:40:48 david__schmidt Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/cgiedit.c,v $ * * Purpose : CGI-based actionsfile editor. - * + * * Functions declared include: - * + * * * Copyright : Written by and Copyright (C) 2001 the SourceForge * IJBSWA team. http://ijbswa.sourceforge.net * * Based on the Internet Junkbuster originally written - * by and Copyright (C) 1997 Anonymous Coders and + * by and Copyright (C) 1997 Anonymous Coders and * Junkbusters Corporation. http://www.junkbusters.com * - * This program is free software; you can redistribute it + * This program is free software; you can redistribute it * and/or modify it under the terms of the GNU General * Public License as published by the Free Software * Foundation; either version 2 of the License, or (at @@ -34,7 +34,45 @@ const char cgiedit_rcs[] = "$Id: cgi.c,v 1.25 2001/09/16 15:02:35 jongfoster Exp * Temple Place - Suite 330, Boston, MA 02111-1307, USA. * * Revisions : - * $Log: cgi.c,v $ + * $Log: cgiedit.c,v $ + * Revision 1.5 2001/10/25 03:40:48 david__schmidt + * Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple + * threads to call select() simultaneously. So, it's time to do a real, live, + * native OS/2 port. See defines for __EMX__ (the porting layer) vs. __OS2__ + * (native). Both versions will work, but using __OS2__ offers multi-threading. + * + * Revision 1.4 2001/10/23 21:48:19 jongfoster + * Cleaning up error handling in CGI functions - they now send back + * a HTML error page and should never cause a FATAL error. (Fixes one + * potential source of "denial of service" attacks). + * + * CGI actions file editor that works and is actually useful. + * + * Ability to toggle JunkBuster remotely using a CGI call. + * + * You can turn off both the above features in the main configuration + * file, e.g. if you are running a multi-user proxy. + * + * Revision 1.3 2001/10/14 22:12:49 jongfoster + * New version of CGI-based actionsfile editor. + * Major changes, including: + * - Completely new file parser and file output routines + * - edit-actions CGI renamed edit-actions-for-url + * - All CGIs now need a filename parameter, except for... + * - New CGI edit-actions which doesn't need a filename, + * to allow you to start the editor up. + * - edit-actions-submit now works, and now automatically + * redirects you back to the main edit-actions-list handler. + * + * Revision 1.2 2001/09/16 17:05:14 jongfoster + * Removing unused #include showarg.h + * + * Revision 1.1 2001/09/16 15:47:37 jongfoster + * First version of CGI-based edit interface. This is very much a + * work-in-progress, and you can't actually use it to edit anything + * yet. You must #define FEATURE_CGI_EDIT_ACTIONS for these changes + * to have any effect. + * * **********************************************************************/ @@ -46,11 +84,14 @@ const char cgiedit_rcs[] = "$Id: cgi.c,v 1.25 2001/09/16 15:02:35 jongfoster Exp */ #include +#include #include #include #include #include #include +#include +#include #ifdef _WIN32 #define snprintf _snprintf @@ -59,440 +100,3526 @@ const char cgiedit_rcs[] = "$Id: cgi.c,v 1.25 2001/09/16 15:02:35 jongfoster Exp #include "project.h" #include "cgi.h" #include "cgiedit.h" +#include "cgisimple.h" #include "list.h" #include "encode.h" -#include "ssplit.h" -#include "jcc.h" -#include "filters.h" #include "actions.h" -#include "errlog.h" #include "miscutil.h" -#include "showargs.h" +#include "errlog.h" #include "loadcfg.h" +/* loadcfg.h is for g_bToggleIJB only */ const char cgiedit_h_rcs[] = CGIEDIT_H_VERSION; #ifdef FEATURE_CGI_EDIT_ACTIONS +struct file_line +{ + struct file_line * next; + char * raw; + char * prefix; + char * unprocessed; + int type; + + union + { + struct action_spec action[1]; + + struct + { + char * name; + char * svalue; + int ivalue; + } setting; + + /* Add more data types here... e.g. + + + struct url_spec url[1]; + + struct + { + struct action_spec action[1]; + const char * name; + } alias; + + */ + + } data; +}; + +#define FILE_LINE_UNPROCESSED 1 +#define FILE_LINE_BLANK 2 +#define FILE_LINE_ALIAS_HEADER 3 +#define FILE_LINE_ALIAS_ENTRY 4 +#define FILE_LINE_ACTION 5 +#define FILE_LINE_URL 6 +#define FILE_LINE_SETTINGS_HEADER 7 +#define FILE_LINE_SETTINGS_ENTRY 8 +#define FILE_LINE_DESCRIPTION_HEADER 9 +#define FILE_LINE_DESCRIPTION_ENTRY 10 + + +struct editable_file +{ + struct file_line * lines; + const char * filename; /* Full pathname - e.g. "/etc/junkbuster/wibble.action" */ + const char * identifier; /* Filename stub - e.g. "wibble". Use for CGI param. */ + const char * version_str; /* Last modification time, as a string. For CGI param */ + unsigned version; /* Last modification time - prevents chaos with + * the browser's "back" button. Note that this is a + * time_t cast to an unsigned. When comparing, always + * cast the time_t to an unsigned, and *NOT* vice-versa. + * This may lose the top few bits, but they're not + * significant anyway. + */ + struct file_line * parse_error; /* On parse error, this is the offending line. */ + const char * parse_error_text; /* On parse error, this is the problem. + * (Statically allocated) */ +}; + +/* FIXME: Following non-static functions should be prototyped in .h or made static */ + +/* Functions to read and write arbitrary config files */ +jb_err edit_read_file(struct client_state *csp, + const struct map *parameters, + int require_version, + const char *suffix, + struct editable_file **pfile); +jb_err edit_write_file(struct editable_file * file); +void edit_free_file(struct editable_file * file); + +/* Functions to read and write actions files */ +jb_err edit_parse_actions_file(struct editable_file * file); +jb_err edit_read_actions_file(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters, + int require_version, + struct editable_file **pfile); + +/* Error handlers */ +jb_err cgi_error_modified(struct client_state *csp, + struct http_response *rsp, + const char *filename); +jb_err cgi_error_parse(struct client_state *csp, + struct http_response *rsp, + struct editable_file *file); +jb_err cgi_error_file(struct client_state *csp, + struct http_response *rsp, + const char *filename); + +/* Internal arbitrary config file support functions */ +static jb_err edit_read_file_lines(FILE *fp, struct file_line ** pfile); +static void edit_free_file_lines(struct file_line * first_line); +static jb_err simple_read_line(char **dest, FILE *fp); +static jb_err edit_read_line(FILE *fp, char **raw_out, char **prefix_out, char **data_out); + +/* Internal actions file support functions */ +static int match_actions_file_header_line(const char * line, const char * name); +static jb_err split_line_on_equals(const char * line, char ** pname, char ** pvalue); + +/* Internal parameter parsing functions */ +static jb_err get_file_name_param(struct client_state *csp, + const struct map *parameters, + const char *param_name, + const char *suffix, + char **pfilename, + const char **pparam); +static jb_err get_number_param(struct client_state *csp, + const struct map *parameters, + char *name, + unsigned *pvalue); + +/* Internal actionsfile <==> HTML conversion functions */ +static jb_err map_radio(struct map * exports, + const char * optionname, + const char * values, + char value); +static jb_err actions_to_radio(struct map * exports, + const struct action_spec *action); +static jb_err actions_from_radio(const struct map * parameters, + struct action_spec *action); + /********************************************************************* * - * Function : cgi_edit_actions_list + * Function : simple_read_line * - * Description : CGI function that edits the actions list. + * Description : Read a single line from a file and return it. + * This is basically a version of fgets() that malloc()s + * it's own line buffer. Note that the buffer will + * always be a multiple of BUFFER_SIZE bytes long. + * Therefore if you are going to keep the string for + * an extended period of time, you should probably + * strdup() it and free() the original, to save memory. * - * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * 2 : rsp = http_response data structure for output - * 3 : parameters = map of cgi parameters * - * CGI Parameters : None + * Parameters : + * 1 : dest = destination for newly malloc'd pointer to + * line data. Will be set to NULL on error. + * 2 : fp = File to read from * - * Returns : 0 + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory + * JB_ERR_FILE on EOF. * *********************************************************************/ -int cgi_edit_actions_list(struct client_state *csp, struct http_response *rsp, - struct map *parameters) +static jb_err simple_read_line(char **dest, FILE *fp) { - struct file_list *fl; - struct url_actions *actions; - char * actions_html; - char * next_actions_html; - char * section_template; - char * url_template; - char * sections; - char * urls; - struct map * exports = default_exports(csp, NULL); - struct map * section_exports; - struct map * url_exports; - int urlid; - char buf[50]; - char * s; - int url_1_2; + int len; + char * buf; + char * newbuf; + + assert(fp); + assert(dest); - if (((fl = csp->actions_list) == NULL) || ((actions = fl->f) == NULL)) + *dest = NULL; + + if (NULL == (buf = malloc(BUFFER_SIZE))) { - /* FIXME: Oops, no file to edit */ - free_map(exports); - return cgi_default(csp, rsp, parameters); + return JB_ERR_MEMORY; } - /* Should do all global exports above this point */ + *buf = '\0'; + len = 0; - section_template = template_load(csp, "edit-actions-list-section"); - url_template = template_load(csp, "edit-actions-list-url"); + while (FOREVER) + { + newbuf = buf + len; + if ((!fgets(newbuf, BUFFER_SIZE, fp)) || (*newbuf == '\0')) + { + /* (*newbuf == '\0') should never happen unless fgets fails */ + if (*buf == '\0') + { + free(buf); + return JB_ERR_FILE; + } + else + { + *dest = buf; + return JB_ERR_OK; + } + } + len = strlen(buf); + if ((buf[len - 1] == '\n') || (buf[len - 1] == '\r')) + { + *dest = buf; + return JB_ERR_OK; + } - template_fill(§ion_template, exports); - template_fill(&url_template, exports); + if (NULL == (newbuf = realloc(buf, len + BUFFER_SIZE))) + { + free(buf); + return JB_ERR_MEMORY; + } + buf = newbuf; + } +} - urlid = 0; - sections = strdup(""); - ++urlid; - actions = actions->next; - if (actions != NULL) +/********************************************************************* + * + * Function : edit_read_line + * + * Description : Read a single non-empty line from a file and return + * it. Trims comments, leading and trailing whitespace + * and respects escaping of newline and comment char. + * Provides the line in 2 alternative forms: raw and + * preprocessed. + * - raw is the raw data read from the file. If the + * line is not modified, then this should be written + * to the new file. + * - prefix is any comments and blank lines that were + * read from the file. If the line is modified, then + * this should be written out to the file followed + * by the modified data. (If this string is non-empty + * then it will have a newline at the end). + * - data is the actual data that will be parsed + * further by appropriate routines. + * On EOF, the 3 strings will all be set to NULL and + * 0 will be returned. + * + * Parameters : + * 1 : fp = File to read from + * 2 : raw_out = destination for newly malloc'd pointer to + * raw line data. May be NULL if you don't want it. + * 3 : prefix_out = destination for newly malloc'd pointer to + * comments. May be NULL if you don't want it. + * 4 : data_out = destination for newly malloc'd pointer to + * line data with comments and leading/trailing spaces + * removed, and line continuation performed. May be + * NULL if you don't want it. + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory + * JB_ERR_FILE on EOF. + * + *********************************************************************/ +static jb_err edit_read_line(FILE *fp, char **raw_out, char **prefix_out, char **data_out) +{ + char *p; /* Temporary pointer */ + char *linebuf; /* Line read from file */ + char *linestart; /* Start of linebuf, usually first non-whitespace char */ + char newline[3]; /* Used to store the newline - "\n", "\r", or "\r\n" */ + int contflag = 0; /* Nonzero for line continuation - i.e. line ends '\' */ + char *raw; /* String to be stored in raw_out */ + char *prefix; /* String to be stored in prefix_out */ + char *data; /* String to be stored in data_out */ + jb_err rval = JB_ERR_OK; + + assert(fp); + + /* Set output parameters to NULL */ + if (raw_out) { - actions_html = actions_to_html(actions->action); + *raw_out = NULL; } - - while (actions != NULL) + if (prefix_out) + { + *prefix_out = NULL; + } + if (data_out) { - section_exports = new_map(); + *data_out = NULL; + } - snprintf(buf, 50, "%d", urlid); - map(section_exports, "sectionid", 1, buf, 1); + /* Set string variables to new, empty strings. */ - map(section_exports, "actions", 1, actions_html, 1); + raw = malloc(1); + prefix = malloc(1); + data = malloc(1); - /* Should do all section-specific exports above this point */ + if ((raw == NULL) || (prefix == NULL) || (data == NULL)) + { + freez(raw); + freez(prefix); + freez(data); + return JB_ERR_MEMORY; + } - urls = strdup(""); - url_1_2 = 2; + *raw = '\0'; + *prefix = '\0'; + *data = '\0'; - next_actions_html = NULL; - do - { - freez(next_actions_html); + /* Main loop. Loop while we need more data & it's not EOF. */ - url_exports = new_map(); + while ( (contflag || (*data == '\0')) + && (JB_ERR_OK == (rval = simple_read_line(&linebuf, fp)))) + { + if (string_append(&raw,linebuf)) + { + free(prefix); + free(data); + free(linebuf); + return JB_ERR_MEMORY; + } - snprintf(buf, 50, "%d", urlid); - map(url_exports, "urlid", 1, buf, 1); + /* Trim off newline */ + p = linebuf + strlen(linebuf); + if ((p != linebuf) && ((p[-1] == '\r') || (p[-1] == '\n'))) + { + p--; + if ((p != linebuf) && ((p[-1] == '\r') || (p[-1] == '\n'))) + { + p--; + } + } + strcpy(newline, p); + *p = '\0'; - snprintf(buf, 50, "%d", url_1_2); - map(url_exports, "url-1-2", 1, buf, 1); + /* Line continuation? Trim escape and set flag. */ + contflag = ((p != linebuf) && (*--p == '\\')); + if (contflag) + { + *p = '\0'; + } - s = html_encode(actions->url->spec); - map(url_exports, "url", 1, s, 1); + /* Trim leading spaces if we're at the start of the line */ + linestart = linebuf; + if (*data == '\0') + { + /* Trim leading spaces */ + while (*linestart && isspace((int)(unsigned char)*linestart)) + { + linestart++; + } + } - s = strdup(url_template); - template_fill(&s, section_exports); - template_fill(&s, url_exports); - urls = strsav(urls, s); - free_map(url_exports); + /* Handle comment characters. */ + p = linestart; + while ((p = strchr(p, '#')) != NULL) + { + /* Found a comment char.. */ + if ((p != linebuf) && (*(p-1) == '\\')) + { + /* ..and it's escaped, left-shift the line over the escape. */ + char *q = p - 1; + while ((*q = *(q + 1)) != '\0') + { + q++; + } + /* Now scan from just after the "#". */ + } + else + { + /* Real comment. Save it... */ + if (p == linestart) + { + /* Special case: Line only contains a comment, so all the + * previous whitespace is considered part of the comment. + * Undo the whitespace skipping, if any. + */ + linestart = linebuf; + p = linestart; + } + string_append(&prefix,p); + if (string_append(&prefix,newline)) + { + free(raw); + free(data); + free(linebuf); + return JB_ERR_MEMORY; + } + *newline = '\0'; + + /* ... and chop off the rest of the line */ + *p = '\0'; + } + } /* END while (there's a # character) */ - ++urlid; - url_1_2 = 3 - url_1_2; - actions = actions->next; - if (actions) + /* Write to the buffer */ + if (*linestart) + { + if (string_append(&data, linestart)) { - next_actions_html = actions_to_html(actions->action); + free(raw); + free(prefix); + free(linebuf); + return JB_ERR_MEMORY; } } - while (actions && (0 == strcmp(actions_html, next_actions_html))); - map(section_exports, "urls", 1, urls, 0); + free(linebuf); + } /* END while(we need more data) */ - /* Could also do section-specific exports here, but it wouldn't be as fast */ + /* Handle simple_read_line() errors - ignore EOF */ + if ((rval != JB_ERR_OK) && (rval != JB_ERR_FILE)) + { + free(raw); + free(prefix); + free(data); + return rval; + } - s = strdup(section_template); - template_fill(&s, section_exports); - sections = strsav(sections, s); - free_map(section_exports); - freez(actions_html); - actions_html = next_actions_html; - } + if (*raw) + { + /* Got at least some data */ - map(exports, "sections", 1, sections, 0); + /* Remove trailing whitespace */ + chomp(data); - /* Could also do global exports here, but it wouldn't be as fast */ + if (raw_out) + { + *raw_out = raw; + } + else + { + free(raw); + } + if (prefix_out) + { + *prefix_out = prefix; + } + else + { + free(prefix); + } + if (data_out) + { + *data_out = data; + } + else + { + free(data); + } + return JB_ERR_OK; + } + else + { + /* EOF and no data there. */ - rsp->body = template_load(csp, "edit-actions-list"); - template_fill(&rsp->body, exports); - free_map(exports); + free(raw); + free(prefix); + free(data); - return(0); + return JB_ERR_FILE; + } } /********************************************************************* * - * Function : map_radio + * Function : edit_write_file * - * Description : Map a set of radio button values. E.g. if you have - * 3 radio buttons, declare them as: - *