X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=filters.c;h=7a223dcc4877f77e58e54e1176b56dfd801bbbd2;hb=b041cc96c7126f0cc3aecbb3b6c36637625638f5;hp=c3a7fdfaee7f3beb3b1396b8887c97bd94a79536;hpb=8728cdead13a06cddc650bedd58e299d8cc78314;p=privoxy.git diff --git a/filters.c b/filters.c index c3a7fdfa..7a223dcc 100644 --- a/filters.c +++ b/filters.c @@ -1,4 +1,4 @@ -const char filters_rcs[] = "$Id: filters.c,v 1.92 2007/09/28 16:38:55 fabiankeil Exp $"; +const char filters_rcs[] = "$Id: filters.c,v 1.102 2008/03/01 14:00:44 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/filters.c,v $ @@ -13,7 +13,7 @@ const char filters_rcs[] = "$Id: filters.c,v 1.92 2007/09/28 16:38:55 fabiankeil * `jpeg_inspect_response', `execute_single_pcrs_command', * `rewrite_url', `get_last_url' * - * Copyright : Written by and Copyright (C) 2001, 2004-2007 the SourceForge + * Copyright : Written by and Copyright (C) 2001, 2004-2008 the SourceForge * Privoxy team. http://www.privoxy.org/ * * Based on the Internet Junkbuster originally written @@ -40,6 +40,43 @@ const char filters_rcs[] = "$Id: filters.c,v 1.92 2007/09/28 16:38:55 fabiankeil * * Revisions : * $Log: filters.c,v $ + * Revision 1.102 2008/03/01 14:00:44 fabiankeil + * Let the block action take the reason for the block + * as argument and show it on the "blocked" page. + * + * Revision 1.101 2008/02/23 16:57:12 fabiankeil + * Rename url_actions() to get_url_actions() and let it + * use the standard parameter ordering. + * + * Revision 1.100 2008/02/23 16:33:43 fabiankeil + * Let forward_url() use the standard parameter ordering + * and mark its second parameter immutable. + * + * Revision 1.99 2008/02/03 13:57:58 fabiankeil + * Add SOCKS5 support for forward-override{}. + * + * Revision 1.98 2008/01/04 17:43:45 fabiankeil + * Improve the warning messages that get logged if the action files + * "enable" filters but no filters of that type have been loaded. + * + * Revision 1.97 2007/11/30 15:37:03 fabiankeil + * Use freez instead of free. + * + * Revision 1.96 2007/10/19 16:53:28 fabiankeil + * Add helper function to check if any content filters are enabled. + * + * Revision 1.95 2007/10/17 19:31:20 fabiankeil + * Omitting the zero chunk that ends the chunk transfer encoding seems + * to be the new black. Log the problem and continue filtering anyway. + * + * Revision 1.94 2007/09/29 13:20:20 fabiankeil + * Remove two redundant and one useless log messages. + * + * Revision 1.93 2007/09/29 10:21:16 fabiankeil + * - Move get_filter_function() from jcc.c to filters.c + * so the filter functions can be static. + * - Don't bother filtering body-less responses. + * * Revision 1.92 2007/09/28 16:38:55 fabiankeil * - Execute content filters through execute_content_filter(). * - Add prepare_for_filtering() so filter functions don't have to @@ -734,7 +771,7 @@ int acl_addr(const char *aspec, struct access_control_addr *aca) *p++ = '\0'; if (ijb_isdigit(*p) == 0) { - free(acl_spec); + freez(acl_spec); return(-1); } masklength = atoi(p); @@ -742,7 +779,7 @@ int acl_addr(const char *aspec, struct access_control_addr *aca) if ((masklength < 0) || (masklength > 32)) { - free(acl_spec); + freez(acl_spec); return(-1); } @@ -755,7 +792,7 @@ int acl_addr(const char *aspec, struct access_control_addr *aca) if (port <= 0 || port > 65535 || *endptr != '\0') { - free(acl_spec); + freez(acl_spec); return(-1); } } @@ -763,7 +800,7 @@ int acl_addr(const char *aspec, struct access_control_addr *aca) aca->port = (unsigned long)port; aca->addr = ntohl(resolve_hostname_to_ip(acl_spec)); - free(acl_spec); + freez(acl_spec); if (aca->addr == INADDR_NONE) { @@ -789,6 +826,28 @@ int acl_addr(const char *aspec, struct access_control_addr *aca) #endif /* def FEATURE_ACL */ +/********************************************************************* + * + * Function : connect_port_is_forbidden + * + * Description : Check to see if CONNECT requests to the destination + * port of this request are forbidden. The check is + * independend of the actual request method. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * + * Returns : True if yes, false otherwise. + * + *********************************************************************/ +int connect_port_is_forbidden(const struct client_state *csp) +{ + return ((csp->action->flags & ACTION_LIMIT_CONNECT) && + !match_portlist(csp->action->string[ACTION_STRING_LIMIT_CONNECT], + csp->http->port)); +} + + /********************************************************************* * * Function : block_url @@ -1021,7 +1080,20 @@ struct http_response *block_url(struct client_state *csp) if (!err) err = map(exports, "hostport", 1, html_encode(csp->http->hostport), 0); if (!err) err = map(exports, "path", 1, html_encode(csp->http->path), 0); if (!err) err = map(exports, "path-ue", 1, url_encode(csp->http->path), 0); - + if (!err) + { + const char *block_reason; + if (csp->action->string[ACTION_STRING_BLOCK] != NULL) + { + block_reason = csp->action->string[ACTION_STRING_BLOCK]; + } + else + { + assert(connect_port_is_forbidden(csp)); + block_reason = "Forbidden CONNECT port."; + } + err = map(exports, "block-reason", 1, html_encode(block_reason), 0); + } if (err) { free_map(exports); @@ -1710,7 +1782,7 @@ int is_untrusted_url(const struct client_state *csp) log_error(LOG_LEVEL_ERROR, "Failed to append \'%s\' to trustfile \'%s\': %E", new_entry, csp->config->trustfile); } - free(new_entry); + freez(new_entry); } else { @@ -1790,7 +1862,8 @@ static char *pcrs_filter_response(struct client_state *csp) if (0 == found_filters) { - log_error(LOG_LEVEL_ERROR, "Unable to get current state of regexp filtering."); + log_error(LOG_LEVEL_ERROR, "Inconsistent configuration: " + "content filtering enabled, but no content filters available."); return(NULL); } @@ -1861,7 +1934,7 @@ static char *pcrs_filter_response(struct client_state *csp) current_hits += job_hits; if (old != csp->iob->cur) { - free(old); + freez(old); } old = new; } @@ -1907,7 +1980,7 @@ static char *pcrs_filter_response(struct client_state *csp) */ if (!hits) { - free(new); + freez(new); return(NULL); } @@ -1956,7 +2029,7 @@ static char *gif_deanimate_response(struct client_state *csp) if (gif_deanimate(in, out, strncmp("last", csp->action->string[ACTION_STRING_DEANIMATE], 4))) { log_error(LOG_LEVEL_DEANIMATE, "failed! (gif parsing)"); - free(in); + freez(in); buf_free(out); return(NULL); } @@ -1973,8 +2046,8 @@ static char *gif_deanimate_response(struct client_state *csp) csp->content_length = out->offset; csp->flags |= CSP_FLAG_MODIFIED; p = out->buffer; - free(in); - free(out); + freez(in); + freez(out); return(p); } @@ -2025,7 +2098,7 @@ static char *jpeg_inspect_response(struct client_state *csp) if (jpeg_inspect(in, out)) { log_error(LOG_LEVEL_DEANIMATE, "failed! (jpeg parsing)"); - free(in); + freez(in); buf_free(out); return(NULL); @@ -2035,8 +2108,8 @@ static char *jpeg_inspect_response(struct client_state *csp) csp->content_length = out->offset; csp->flags |= CSP_FLAG_MODIFIED; p = out->buffer; - free(in); - free(out); + freez(in); + freez(out); return(p); } @@ -2177,16 +2250,11 @@ static jb_err remove_chunked_transfer_coding(char *buffer, size_t *size) if (sscanf(from_p, "%x", &chunksize) != 1) { - log_error(LOG_LEVEL_ERROR, "Parse error while stripping \"chunked\" transfer coding"); - return JB_ERR_PARSE; + log_error(LOG_LEVEL_INFO, "Invalid \"chunked\" transfer encoding detected and ignored."); + break; } } - if (0 == newsize) - { - log_error(LOG_LEVEL_RE_FILTER, "Need to de-chunk first"); - } - /* XXX: Should get its own loglevel. */ log_error(LOG_LEVEL_RE_FILTER, "De-chunking successful. Shrunk from %d to %d", *size, newsize); @@ -2232,7 +2300,6 @@ static jb_err prepare_for_filtering(struct client_state *csp) } else { - log_error(LOG_LEVEL_ERROR, "Failed to de-chunk content."); return JB_ERR_PARSE; } } @@ -2265,7 +2332,6 @@ static jb_err prepare_for_filtering(struct client_state *csp) */ csp->content_type &= ~CT_GZIP; csp->content_type &= ~CT_DEFLATE; - log_error(LOG_LEVEL_ERROR, "Failed to decompress content."); } } #endif @@ -2303,7 +2369,6 @@ char *execute_content_filter(struct client_state *csp, filter_function_ptr conte { /* * failed to de-chunk or decompress. - * XXX: if possible, we should continue anyway. */ return NULL; } @@ -2322,19 +2387,18 @@ char *execute_content_filter(struct client_state *csp, filter_function_ptr conte /********************************************************************* * - * Function : url_actions + * Function : get_url_actions * * Description : Gets the actions for this URL. * * Parameters : - * 1 : http = http_request request for blocked URLs - * 2 : csp = Current client state (buffers, headers, etc...) + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : http = http_request request for blocked URLs * * Returns : N/A * *********************************************************************/ -void url_actions(struct http_request *http, - struct client_state *csp) +void get_url_actions(struct client_state *csp, struct http_request *http) { struct file_list *fl; struct url_actions *b; @@ -2416,7 +2480,7 @@ void apply_url_actions(struct current_action_spec *action, * Invalid syntax is fatal. * *********************************************************************/ -static const struct forward_spec *get_forward_override_settings(struct client_state *csp) +const static struct forward_spec *get_forward_override_settings(struct client_state *csp) { const char *forward_override_line = csp->action->string[ACTION_STRING_FORWARD_OVERRIDE]; char forward_settings[BUFFER_SIZE]; @@ -2478,6 +2542,11 @@ static const struct forward_spec *get_forward_override_settings(struct client_st fwd->type = SOCKS_4A; socks_proxy = vec[1]; } + else if (!strcasecmp(vec[0], "forward-socks5")) + { + fwd->type = SOCKS_5; + socks_proxy = vec[1]; + } if (NULL != socks_proxy) { @@ -2538,17 +2607,15 @@ static const struct forward_spec *get_forward_override_settings(struct client_st * * Description : Should we forward this to another proxy? * - * XXX: Should be changed to make use of csp->fwd. - * * Parameters : - * 1 : http = http_request request for current URL - * 2 : csp = Current client state (buffers, headers, etc...) + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : http = http_request request for current URL * * Returns : Pointer to forwarding information. * *********************************************************************/ -const struct forward_spec * forward_url(struct http_request *http, - struct client_state *csp) +const struct forward_spec *forward_url(struct client_state *csp, + const struct http_request *http) { static const struct forward_spec fwd_default[1] = { FORWARD_SPEC_INITIALIZER }; struct forward_spec *fwd = csp->config->forward; @@ -2646,6 +2713,26 @@ struct http_response *direct_response(struct client_state *csp) } +/********************************************************************* + * + * Function : content_filters_enabled + * + * Description : Checks whether there are any content filters + * enabled for the current request. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * + * Returns : TRUE for yes, FALSE otherwise + * + *********************************************************************/ +inline int content_filters_enabled(const struct client_state *csp) +{ + return (((csp->rlist != NULL) && + (!list_is_empty(csp->action->multi[ACTION_MULTI_FILTER]))) || + (csp->action->flags & (ACTION_DEANIMATE|ACTION_JPEG_INSPECT|ACTION_NO_POPUPS))); +} + /* Local Variables: tab-width: 3