+ /* Correct file->version_str */
+ freez(file->version_str);
+ snprintf(version_buf, 22, "%u", file->version);
+ version_buf[21] = '\0';
+ file->version_str = strdup(version_buf);
+ if (version_buf == NULL)
+ {
+ edit_free_file(file);
+ return JB_ERR_MEMORY;
+ }
+
+ *pfile = file;
+ return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function : edit_read_actions_file
+ *
+ * Description : Read a complete actions file into memory.
+ * Handles CGI parameter parsing. If requested, also
+ * checks the file's modification timestamp.
+ *
+ * If this function detects an error in the categories
+ * JB_ERR_FILE, JB_ERR_MODIFIED, or JB_ERR_PARSE,
+ * then it handles it by filling in the specified
+ * response structure and returning JB_ERR_FILE.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = HTTP response. Only filled in on error.
+ * 2 : parameters = map of cgi parameters.
+ * 3 : require_version = true to check "ver" parameter.
+ * 4 : pfile = Destination for the file. Will be set
+ * to NULL on error.
+ *
+ * CGI Parameters :
+ * filename : The name of the actions file to read, without the
+ * path or ".action" extension.
+ * ver : (Only if require_version is nonzero)
+ * Timestamp of the actions file. If wrong, this
+ * function fails with JB_ERR_MODIFIED.
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory
+ * JB_ERR_CGI_PARAMS if "filename" was not specified
+ * or is not valid.
+ * JB_ERR_FILE if the file does not contain valid data,
+ * or if file cannot be opened or
+ * contains no data, or if version
+ * checking was requested and failed.
+ *
+ *********************************************************************/
+jb_err edit_read_actions_file(struct client_state *csp,
+ struct http_response *rsp,
+ const struct map *parameters,
+ int require_version,
+ struct editable_file **pfile)
+{
+ jb_err err;
+ struct editable_file *file;
+
+ assert(csp);
+ assert(parameters);
+ assert(pfile);
+
+ *pfile = NULL;
+
+ err = edit_read_file(csp, parameters, require_version, ".action", &file);
+ if (err)
+ {
+ /* Try to handle if possible */
+ if (err == JB_ERR_FILE)
+ {
+ err = cgi_error_file(csp, rsp, lookup(parameters, "f"));
+ }
+ else if (err == JB_ERR_MODIFIED)
+ {
+ err = cgi_error_modified(csp, rsp, lookup(parameters, "f"));
+ }
+ if (err == JB_ERR_OK)
+ {
+ /*
+ * Signal to higher-level CGI code that there was a problem but we
+ * handled it, they should just return JB_ERR_OK.
+ */
+ err = JB_ERR_FILE;
+ }
+ return err;
+ }
+
+ err = edit_parse_actions_file(file);
+ if (err)
+ {
+ if (err == JB_ERR_PARSE)
+ {
+ err = cgi_error_parse(csp, rsp, file);
+ if (err == JB_ERR_OK)
+ {
+ /*
+ * Signal to higher-level CGI code that there was a problem but we
+ * handled it, they should just return JB_ERR_OK.
+ */
+ err = JB_ERR_FILE;
+ }
+ }
+ edit_free_file(file);
+ return err;
+ }
+
+ *pfile = file;
+ return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function : get_file_name_param
+ *
+ * Description : Get the name of the file to edit from the parameters
+ * passed to a CGI function. This function handles
+ * security checks such as blocking urls containing
+ * "/" or ".", prepending the config file directory,
+ * and adding the specified suffix.
+ *
+ * (This is an essential security check, otherwise
+ * users may be able to pass "../../../etc/passwd"
+ * and overwrite the password file [linux], "prn:"
+ * and print random data [Windows], etc...)
+ *
+ * This function only allows filenames contining the
+ * characters '-', '_', 'A'-'Z', 'a'-'z', and '0'-'9'.
+ * That's probably too restrictive but at least it's
+ * secure.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : parameters = map of cgi parameters
+ * 3 : param_name = The name of the parameter to read
+ * 4 : suffix = File extension, e.g. ".actions"
+ * 5 : pfilename = destination for full filename. Caller
+ * free()s. Set to NULL on error.
+ * 6 : pparam = destination for partial filename,
+ * suitable for use in another URL. Allocated as part
+ * of the map "parameters", so don't free it.
+ * Set to NULL if not specified.
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory
+ * JB_ERR_CGI_PARAMS if "filename" was not specified
+ * or is not valid.
+ *
+ *********************************************************************/
+static jb_err get_file_name_param(struct client_state *csp,
+ const struct map *parameters,
+ const char *param_name,
+ const char *suffix,
+ char **pfilename,
+ const char **pparam)
+{
+ const char *param;
+ const char *s;
+ char *name;
+ char *fullpath;
+ char ch;
+ int len;
+
+ assert(csp);
+ assert(parameters);
+ assert(suffix);
+ assert(pfilename);
+ assert(pparam);
+
+ *pfilename = NULL;
+ *pparam = NULL;
+
+ param = lookup(parameters, param_name);
+ if (!*param)
+ {
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ *pparam = param;
+
+ len = strlen(param);
+ if (len >= FILENAME_MAX)
+ {
+ /* Too long. */
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ /* Check every character to see if it's legal */
+ s = param;
+ while ((ch = *s++) != '\0')
+ {
+ if ( ((ch < 'A') || (ch > 'Z'))
+ && ((ch < 'a') || (ch > 'z'))
+ && ((ch < '0') || (ch > '9'))
+ && (ch != '-')
+ && (ch != '_') )
+ {
+ /* Probable hack attempt. */
+ return JB_ERR_CGI_PARAMS;
+ }
+ }
+
+ /* Append extension */
+ name = malloc(len + strlen(suffix) + 1);
+ if (name == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+ strcpy(name, param);
+ strcpy(name + len, suffix);
+
+ /* Prepend path */
+ fullpath = make_path(csp->config->confdir, name);
+ free(name);
+
+ if (fullpath == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ /* Success */
+ *pfilename = fullpath;
+
+ return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function : get_url_spec_param
+ *
+ * Description : Get a URL pattern from the parameters
+ * passed to a CGI function. Removes leading/trailing
+ * spaces and validates it.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : parameters = map of cgi parameters
+ * 3 : name = Name of CGI parameter to read
+ * 4 : pvalue = destination for value. Will be malloc()'d.
+ * Set to NULL on error.
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory
+ * JB_ERR_CGI_PARAMS if the parameter was not specified
+ * or is not valid.
+ *
+ *********************************************************************/
+static jb_err get_url_spec_param(struct client_state *csp,
+ const struct map *parameters,
+ const char *name,
+ char **pvalue)
+{
+ const char *orig_param;
+ char *param;
+ char *s;
+ struct url_spec compiled[1];
+ jb_err err;
+
+ assert(csp);
+ assert(parameters);
+ assert(name);
+ assert(pvalue);
+
+ *pvalue = NULL;
+
+ orig_param = lookup(parameters, name);
+ if (!*orig_param)
+ {
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ /* Copy and trim whitespace */
+ param = strdup(orig_param);
+ if (param == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+ chomp(param);
+
+ /* Must be non-empty, and can't allow 1st character to be '{' */
+ if (param[0] == '\0' || param[0] == '{')
+ {
+ free(param);
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ /* Check for embedded newlines */
+ for (s = param; *s != '\0'; s++)
+ {
+ if ((*s == '\r') || (*s == '\n'))
+ {
+ free(param);
+ return JB_ERR_CGI_PARAMS;
+ }
+ }
+
+ /* Check that regex is valid */
+ s = strdup(param);
+ if (s == NULL)
+ {
+ free(param);
+ return JB_ERR_MEMORY;
+ }
+ err = create_url_spec(compiled, s);
+ free(s);
+ if (err)
+ {
+ free(param);
+ return (err == JB_ERR_MEMORY) ? JB_ERR_MEMORY : JB_ERR_CGI_PARAMS;
+ }
+ free_url_spec(compiled);
+
+ if (param[strlen(param) - 1] == '\\')
+ {
+ /*
+ * Must protect trailing '\\' from becoming line continuation character.
+ * Two methods: 1) If it's a domain only, add a trailing '/'.
+ * 2) For path, add the do-nothing PCRE expression (?:) to the end
+ */
+ if (strchr(param, '/') == NULL)
+ {
+ err = string_append(¶m, "/");
+ }
+ else
+ {
+ err = string_append(¶m, "(?:)");
+ }
+ if (err)
+ {
+ return err;
+ }
+
+ /* Check that the modified regex is valid */
+ s = strdup(param);
+ if (s == NULL)
+ {
+ free(param);
+ return JB_ERR_MEMORY;
+ }
+ err = create_url_spec(compiled, s);
+ free(s);
+ if (err)
+ {
+ free(param);
+ return (err == JB_ERR_MEMORY) ? JB_ERR_MEMORY : JB_ERR_CGI_PARAMS;
+ }
+ free_url_spec(compiled);
+ }
+
+ *pvalue = param;
+ return JB_ERR_OK;
+}
+
+/*********************************************************************
+ *
+ * Function : map_radio
+ *
+ * Description : Map a set of radio button values. E.g. if you have
+ * 3 radio buttons, declare them as:
+ * <option type="radio" name="xyz" @xyz-a@>
+ * <option type="radio" name="xyz" @xyz-b@>
+ * <option type="radio" name="xyz" @xyz-c@>
+ * Then map one of the @xyz-?@ variables to "checked"
+ * and all the others to empty by calling:
+ * map_radio(exports, "xyz", "abc", sel)
+ * Where 'sel' is 'a', 'b', or 'c'.
+ *
+ * Parameters :
+ * 1 : exports = Exports map to modify.
+ * 2 : optionname = name for map
+ * 3 : values = null-terminated list of values;
+ * 4 : value = Selected value.
+ *
+ * CGI Parameters : None
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory
+ *
+ *********************************************************************/
+static jb_err map_radio(struct map * exports,
+ const char * optionname,
+ const char * values,
+ int value)
+{
+ size_t len;
+ char * buf;
+ char * p;
+ char c;
+
+ assert(exports);
+ assert(optionname);
+ assert(values);
+
+ len = strlen(optionname);
+ buf = malloc(len + 3);
+ if (buf == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ strcpy(buf, optionname);
+ p = buf + len;
+ *p++ = '-';
+ p[1] = '\0';
+
+ while ((c = *values++) != '\0')
+ {
+ if (c != value)
+ {
+ *p = c;
+ if (map(exports, buf, 1, "", 1))
+ {
+ return JB_ERR_MEMORY;
+ }
+ }
+ }
+
+ *p = value;
+ return map(exports, buf, 0, "checked", 1);
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_error_modified
+ *
+ * Description : CGI function that is called when a file is modified
+ * outside the CGI editor.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : filename = The file that was modified.
+ *
+ * CGI Parameters : none
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_modified(struct client_state *csp,
+ struct http_response *rsp,
+ const char *filename)
+{
+ struct map *exports;
+ jb_err err;
+
+ assert(csp);
+ assert(rsp);
+ assert(filename);
+
+ if (NULL == (exports = default_exports(csp, NULL)))
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ err = map(exports, "f", 1, html_encode(filename), 0);
+ if (err)
+ {
+ free_map(exports);
+ return err;
+ }
+
+ return template_fill_for_cgi(csp, "cgi-error-modified", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_error_parse
+ *
+ * Description : CGI function that is called when a file cannot
+ * be parsed by the CGI editor.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : file = The file that was modified.
+ *
+ * CGI Parameters : none
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_parse(struct client_state *csp,
+ struct http_response *rsp,
+ struct editable_file *file)
+{
+ struct map *exports;
+ jb_err err;
+ struct file_line *cur_line;
+
+ assert(csp);
+ assert(rsp);
+ assert(file);
+
+ if (NULL == (exports = default_exports(csp, NULL)))
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ err = map(exports, "f", 1, file->identifier, 1);
+ if (!err) err = map(exports, "parse-error", 1, html_encode(file->parse_error_text), 0);
+
+ cur_line = file->parse_error;
+ assert(cur_line);
+
+ if (!err) err = map(exports, "line-raw", 1, html_encode(cur_line->raw), 0);
+ if (!err) err = map(exports, "line-data", 1, html_encode(cur_line->unprocessed), 0);
+
+ if (err)
+ {
+ free_map(exports);
+ return err;
+ }
+
+ return template_fill_for_cgi(csp, "cgi-error-parse", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_error_file
+ *
+ * Description : CGI function that is called when a file cannot be
+ * opened by the CGI editor.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : filename = The file that was modified.
+ *
+ * CGI Parameters : none
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_file(struct client_state *csp,
+ struct http_response *rsp,
+ const char *filename)
+{
+ struct map *exports;
+ jb_err err;
+
+ assert(csp);
+ assert(rsp);
+ assert(filename);
+
+ if (NULL == (exports = default_exports(csp, NULL)))
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ err = map(exports, "f", 1, html_encode(filename), 0);
+ if (err)
+ {
+ free_map(exports);
+ return err;
+ }
+
+ return template_fill_for_cgi(csp, "cgi-error-file", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_error_disabled
+ *
+ * Description : CGI function that is called if the actions editor
+ * is called although it's disabled in config
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ *
+ * CGI Parameters : none
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_disabled(struct client_state *csp,
+ struct http_response *rsp)
+{
+ struct map *exports;
+
+ assert(csp);
+ assert(rsp);
+
+ if (NULL == (exports = default_exports(csp, NULL)))
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ return template_fill_for_cgi(csp, "cgi-error-disabled", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_edit_actions
+ *
+ * Description : CGI function that allows the user to choose which
+ * actions file to edit.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions(struct client_state *csp,
+ struct http_response *rsp,
+ const struct map *parameters)
+{
+
+ if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+ {
+ return cgi_error_disabled(csp, rsp);
+ }
+
+ /* FIXME: Incomplete */
+ rsp->status = strdup("302 Local Redirect from Privoxy");
+ if (rsp->status == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+ if (enlist_unique_header(rsp->headers, "Location",
+ CGI_PREFIX "edit-actions-list?f=default"))
+ {
+ free(rsp->status);
+ rsp->status = NULL;
+ return JB_ERR_MEMORY;
+ }
+
+ return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_edit_actions_list
+ *
+ * Description : CGI function that edits the actions list.
+ * FIXME: This function shouldn't FATAL ever.
+ * FIXME: This function doesn't check the retval of map()
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : parameters = map of cgi parameters
+ *
+ * CGI Parameters : filename
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory
+ * JB_ERR_FILE if the file cannot be opened or
+ * contains no data
+ * JB_ERR_CGI_PARAMS if "filename" was not specified
+ * or is not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_list(struct client_state *csp,
+ struct http_response *rsp,
+ const struct map *parameters)
+{
+ char * section_template;
+ char * url_template;
+ char * sections;
+ char * urls;
+ char buf[150];
+ char * s;
+ struct map * exports;
+ struct map * section_exports;
+ struct map * url_exports;
+ struct editable_file * file;
+ struct file_line * cur_line;
+ unsigned line_number = 0;
+ unsigned prev_section_line_number = ((unsigned) (-1));
+ int i, url_1_2;
+ struct file_list * fl;
+ struct url_actions * b;
+ char * buttons = NULL;
+ jb_err err;
+
+ if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+ {
+ return cgi_error_disabled(csp, rsp);
+ }
+
+ if (NULL == (exports = default_exports(csp, NULL)))
+ {
+ edit_free_file(file);
+ return JB_ERR_MEMORY;
+ }
+
+ /* Load actions file */
+ err = edit_read_actions_file(csp, rsp, parameters, 0, &file);
+ if (err)
+ {
+ /* No filename specified, can't read file, or out of memory. */
+ return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+ }
+
+ /* Find start of actions in file */
+ cur_line = file->lines;
+ line_number = 1;
+ while ((cur_line != NULL) && (cur_line->type != FILE_LINE_ACTION))
+ {
+ cur_line = cur_line->next;
+ line_number++;
+ }
+
+ /*
+ * Conventional actions files should have a match all block
+ * at the start:
+ * cur_line = {...global actions...}
+ * cur_line->next = /
+ * cur_line->next->next = {...actions...} or EOF
+ */
+ if ( (cur_line != NULL)
+ && (cur_line->type == FILE_LINE_ACTION)
+ && (cur_line->next != NULL)
+ && (cur_line->next->type == FILE_LINE_URL)
+ && (0 == strcmp(cur_line->next->unprocessed, "/"))
+ && ( (cur_line->next->next == NULL)
+ || (cur_line->next->next->type != FILE_LINE_URL)
+ ) )
+ {
+ /*
+ * Generate string with buttons to set actions for "/" to
+ * any predefined set of actions (named standard.*, propably
+ * residing in standard.action).
+ * FIXME: Shouldn't include hardwired HTML here, use line template instead!
+ */
+
+ buttons = strdup(" ");
+ for (i = 0; i < MAX_ACTION_FILES; i++)
+ {
+ if (((fl = csp->actions_list[i]) != NULL) && ((b = fl->f) != NULL))
+ {
+ for (b = b->next; NULL != b; b = b->next)
+ {
+ if (!strncmp(b->url->spec, "standard.", 9) && *(b->url->spec + 9) != '\0')
+ {
+ snprintf(buf, 150, "<p><a name=\"l@s@\" href=\"eas?f=@f@&v=@v@&s=@all-urls-s@&p=%s\">Set"
+ " to %s</a></p>", b->url->spec + 9, b->url->spec + 9);
+ if (!err) err = string_append(&buttons, buf);
+ }
+ }
+ }
+ }
+ if (!err) err = map(exports, "all-urls-buttons", 1, buttons, 0);
+
+ /*
+ * Conventional actions file, supply extra editing help.
+ * (e.g. don't allow them to make it an unconventional one).
+ */
+ err = map_conditional(exports, "all-urls-present", 1);
+
+ snprintf(buf, 150, "%d", line_number);
+ if (!err) err = map(exports, "all-urls-s", 1, buf, 1);
+ snprintf(buf, 150, "%d", line_number + 2);
+ if (!err) err = map(exports, "all-urls-s-next", 1, buf, 1);
+ if (!err) err = map(exports, "all-urls-actions", 1,
+ actions_to_html(cur_line->data.action, csp), 0);
+
+ /* Skip the 2 lines */
+ cur_line = cur_line->next->next;
+ line_number += 2;
+
+ /*
+ * Note that prev_section_line_number is NOT set here.
+ * This is deliberate and not a bug. It stops a "Move up"
+ * option appearing on the next section. Clicking "Move
+ * up" would make the actions file unconventional, which
+ * we don't want, so we hide this option.
+ */
+ }
+ else
+ {
+ /*
+ * Non-standard actions file - does not begin with
+ * the "All URLs" section.
+ */
+ err = map_conditional(exports, "all-urls-present", 0);
+ }
+
+ /* Set up global exports */
+
+ err = map(exports, "f", 1, file->identifier, 1);
+ if (!err) err = map(exports, "v", 1, file->version_str, 1);
+
+ /* Discourage private additions to default.action */
+
+ if (!err) err = map_conditional(exports, "default-action",
+ (strcmp("default", lookup(parameters, "f")) == 0));
+ if (err)
+ {
+ edit_free_file(file);
+ free_map(exports);
+ return err;
+ }
+
+ /* Should do all global exports above this point */
+
+ /* Load templates */
+
+ err = template_load(csp, §ion_template, "edit-actions-list-section", 0);
+ if (err)
+ {
+ edit_free_file(file);
+ free_map(exports);
+ if (err == JB_ERR_FILE)
+ {
+ return cgi_error_no_template(csp, rsp, "edit-actions-list-section");
+ }
+ return err;
+ }
+
+ err = template_load(csp, &url_template, "edit-actions-list-url", 0);
+ if (err)
+ {
+ free(section_template);
+ edit_free_file(file);
+ free_map(exports);
+ if (err == JB_ERR_FILE)
+ {
+ return cgi_error_no_template(csp, rsp, "edit-actions-list-url");
+ }
+ return err;
+ }
+
+ err = template_fill(§ion_template, exports);
+ if (err)
+ {
+ free(url_template);
+ edit_free_file(file);
+ free_map(exports);
+ free(url_template);
+ return err;
+ }
+
+ err = template_fill(&url_template, exports);
+ if (err)
+ {
+ free(section_template);
+ edit_free_file(file);
+ free_map(exports);
+ return err;
+ }
+
+ if (NULL == (sections = strdup("")))
+ {
+ free(section_template);
+ free(url_template);
+ edit_free_file(file);
+ free_map(exports);
+ return JB_ERR_MEMORY;
+ }
+
+ while ((cur_line != NULL) && (cur_line->type == FILE_LINE_ACTION))
+ {
+ if (NULL == (section_exports = new_map()))
+ {
+ free(sections);
+ free(section_template);
+ free(url_template);
+ edit_free_file(file);
+ free_map(exports);
+ return JB_ERR_MEMORY;
+ }
+
+ snprintf(buf, 150, "%d", line_number);
+ err = map(section_exports, "s", 1, buf, 1);
+ if (!err) err = map(section_exports, "actions", 1,
+ actions_to_html(cur_line->data.action, csp), 0);
+
+ if ( (!err)
+ && (cur_line->next != NULL)
+ && (cur_line->next->type == FILE_LINE_URL))
+ {
+ /* This section contains at least one URL, don't allow delete */
+ err = map_block_killer(section_exports, "empty-section");
+ }
+ else
+ {
+ if (!err) err = map_block_keep(section_exports, "empty-section");
+ }
+
+ if (prev_section_line_number != ((unsigned)(-1)))
+ {
+ /* Not last section */
+ snprintf(buf, 150, "%d", prev_section_line_number);
+ if (!err) err = map(section_exports, "s-prev", 1, buf, 1);
+ if (!err) err = map_block_keep(section_exports, "s-prev-exists");
+ }
+ else
+ {
+ /* Last section */
+ if (!err) err = map_block_killer(section_exports, "s-prev-exists");
+ }
+ prev_section_line_number = line_number;
+
+ if (err)
+ {
+ free(sections);
+ free(section_template);
+ free(url_template);
+ edit_free_file(file);
+ free_map(exports);
+ free_map(section_exports);
+ return err;
+ }
+
+ /* Should do all section-specific exports above this point */
+
+ if (NULL == (urls = strdup("")))
+ {
+ free(sections);
+ free(section_template);
+ free(url_template);
+ edit_free_file(file);
+ free_map(exports);
+ free_map(section_exports);
+ return JB_ERR_MEMORY;
+ }
+
+ url_1_2 = 2;
+
+ cur_line = cur_line->next;
+ line_number++;
+
+ while ((cur_line != NULL) && (cur_line->type == FILE_LINE_URL))
+ {
+ if (NULL == (url_exports = new_map()))
+ {
+ free(urls);
+ free(sections);
+ free(section_template);
+ free(url_template);
+ edit_free_file(file);
+ free_map(exports);
+ free_map(section_exports);
+ return JB_ERR_MEMORY;
+ }
+
+ snprintf(buf, 150, "%d", line_number);
+ err = map(url_exports, "p", 1, buf, 1);
+
+ snprintf(buf, 150, "%d", url_1_2);
+ if (!err) err = map(url_exports, "url-1-2", 1, buf, 1);
+
+ if (!err) err = map(url_exports, "url-html", 1,
+ html_encode(cur_line->unprocessed), 0);
+ if (!err) err = map(url_exports, "url", 1,
+ url_encode(cur_line->unprocessed), 0);
+
+ if (err)
+ {
+ free(urls);
+ free(sections);
+ free(section_template);
+ free(url_template);
+ edit_free_file(file);
+ free_map(exports);
+ free_map(section_exports);
+ free_map(url_exports);
+ return err;
+ }
+
+ if (NULL == (s = strdup(url_template)))
+ {
+ free(urls);
+ free(sections);
+ free(section_template);
+ free(url_template);
+ edit_free_file(file);
+ free_map(exports);
+ free_map(section_exports);
+ free_map(url_exports);
+ return JB_ERR_MEMORY;
+ }
+
+ err = template_fill(&s, section_exports);
+ if (!err) err = template_fill(&s, url_exports);
+ if (!err) err = string_append(&urls, s);
+
+ free_map(url_exports);
+ freez(s);
+
+ if (err)
+ {
+ freez(urls);
+ free(sections);
+ free(section_template);
+ free(url_template);
+ edit_free_file(file);
+ free_map(exports);
+ free_map(section_exports);
+ return err;
+ }
+
+ url_1_2 = 3 - url_1_2;
+
+ cur_line = cur_line->next;
+ line_number++;
+ }
+
+ err = map(section_exports, "urls", 1, urls, 0);
+
+ /* Could also do section-specific exports here, but it wouldn't be as fast */
+
+ if ( (cur_line != NULL)
+ && (cur_line->type == FILE_LINE_ACTION))
+ {
+ /* Not last section */
+ snprintf(buf, 150, "%d", line_number);
+ if (!err) err = map(section_exports, "s-next", 1, buf, 1);
+ if (!err) err = map_block_keep(section_exports, "s-next-exists");
+ }
+ else
+ {
+ /* Last section */
+ if (!err) err = map_block_killer(section_exports, "s-next-exists");
+ }
+
+ if (err)
+ {
+ free(sections);
+ free(section_template);
+ free(url_template);
+ edit_free_file(file);
+ free_map(exports);
+ free_map(section_exports);
+ return err;
+ }
+
+ if (NULL == (s = strdup(section_template)))
+ {
+ free(sections);
+ free(section_template);
+ free(url_template);
+ edit_free_file(file);
+ free_map(exports);
+ free_map(section_exports);
+ return JB_ERR_MEMORY;
+ }
+
+ err = template_fill(&s, section_exports);
+ if (!err) err = string_append(§ions, s);
+
+ freez(s);
+ free_map(section_exports);
+
+ if (err)
+ {
+ freez(sections);
+ free(section_template);
+ free(url_template);
+ edit_free_file(file);
+ free_map(exports);
+ return err;
+ }
+ }
+
+ edit_free_file(file);
+ free(section_template);
+ free(url_template);
+
+ err = map(exports, "sections", 1, sections, 0);
+ if (err)
+ {
+ free_map(exports);
+ return err;
+ }
+
+ /* Could also do global exports here, but it wouldn't be as fast */
+
+ return template_fill_for_cgi(csp, "edit-actions-list", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_edit_actions_for_url
+ *
+ * Description : CGI function that edits the Actions list.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory
+ * JB_ERR_CGI_PARAMS if the CGI parameters are not
+ * specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_for_url(struct client_state *csp,
+ struct http_response *rsp,
+ const struct map *parameters)
+{
+ struct map * exports;
+ unsigned sectionid;
+ struct editable_file * file;
+ struct file_line * cur_line;
+ unsigned line_number;
+ jb_err err;
+ struct file_list *filter_file;
+ struct re_filterfile_spec *filter_group;
+
+ if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+ {
+ return cgi_error_disabled(csp, rsp);
+ }
+
+ err = get_number_param(csp, parameters, "s", §ionid);
+ if (err)
+ {
+ return err;
+ }
+
+ err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+ if (err)
+ {
+ /* No filename specified, can't read file, modified, or out of memory. */
+ return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+ }
+
+ cur_line = file->lines;
+
+ for (line_number = 1; (cur_line != NULL) && (line_number < sectionid); line_number++)
+ {
+ cur_line = cur_line->next;
+ }
+
+ if ( (cur_line == NULL)
+ || (line_number != sectionid)
+ || (sectionid < 1)
+ || (cur_line->type != FILE_LINE_ACTION))
+ {
+ /* Invalid "sectionid" parameter */
+ edit_free_file(file);
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ if (NULL == (exports = default_exports(csp, NULL)))
+ {
+ edit_free_file(file);
+ return JB_ERR_MEMORY;
+ }
+
+ err = map(exports, "f", 1, file->identifier, 1);
+ if (!err) err = map(exports, "v", 1, file->version_str, 1);
+ if (!err) err = map(exports, "s", 1, url_encode(lookup(parameters, "s")), 0);
+
+ if (!err) err = actions_to_radio(exports, cur_line->data.action);
+
+ filter_file = csp->rlist;
+ filter_group = ((filter_file != NULL) ? filter_file->f : NULL);
+
+ if (!err) err = map_conditional(exports, "any-filters-defined", (filter_group != NULL));
+
+ if (err)
+ {
+ edit_free_file(file);
+ free_map(exports);
+ return err;
+ }
+
+ if (filter_group == NULL)
+ {
+ err = map(exports, "filter-params", 1, "", 1);
+ }
+ else
+ {
+ /* We have some entries in the filter list */
+ char * result;
+ int index = 0;
+ char * filter_template;
+
+ err = template_load(csp, &filter_template, "edit-actions-for-url-filter", 0);
+ if (err)
+ {
+ edit_free_file(file);
+ free_map(exports);
+ if (err == JB_ERR_FILE)
+ {
+ return cgi_error_no_template(csp, rsp, "edit-actions-for-url-filter");
+ }
+ return err;
+ }
+
+ result = strdup("");
+
+ for (;(!err) && (filter_group != NULL); filter_group = filter_group->next)
+ {
+ char current_mode = 'x';
+ struct list_entry *filter_name;
+ char * this_line;
+ struct map *line_exports;
+ char number[20];
+
+ filter_name = cur_line->data.action->multi_add[ACTION_MULTI_FILTER]->first;
+ while ((filter_name != NULL)
+ && (0 != strcmp(filter_group->name, filter_name->str)))
+ {
+ filter_name = filter_name->next;
+ }
+
+ if (filter_name != NULL)
+ {
+ current_mode = 'y';
+ }
+ else
+ {
+ filter_name = cur_line->data.action->multi_remove[ACTION_MULTI_FILTER]->first;
+ while ((filter_name != NULL)
+ && (0 != strcmp(filter_group->name, filter_name->str)))
+ {
+ filter_name = filter_name->next;
+ }
+ if (filter_name != NULL)
+ {
+ current_mode = 'n';
+ }
+ }
+
+ /* Generate a unique serial number */
+ snprintf(number, sizeof(number), "%x", index++);
+ number[sizeof(number) - 1] = '\0';
+
+ line_exports = new_map();
+ if (line_exports == NULL)
+ {
+ err = JB_ERR_MEMORY;
+ freez(result);
+ }
+ else
+ {
+ if (!err) err = map(line_exports, "index", 1, number, 1);
+ if (!err) err = map(line_exports, "name", 1, filter_group->name, 1);
+ if (!err) err = map(line_exports, "description", 1, filter_group->description, 1);
+ if (!err) err = map_radio(line_exports, "this-filter", "ynx", current_mode);
+
+ this_line = NULL;
+ if (!err)
+ {
+ this_line = strdup(filter_template);
+ if (this_line == NULL) err = JB_ERR_MEMORY;
+ }
+ if (!err) err = template_fill(&this_line, line_exports);
+ string_join(&result, this_line);
+
+ free_map(line_exports);
+ }
+ }
+ if (!err)
+ {
+ err = map(exports, "filter-params", 1, result, 0);
+ }
+ else
+ {
+ freez(result);
+ }
+ }
+
+ if (!err) err = map_radio(exports, "filter-all", "nx",
+ (cur_line->data.action->multi_remove_all[ACTION_MULTI_FILTER] ? 'n' : 'x'));
+
+ edit_free_file(file);
+
+ if (err)
+ {
+ free_map(exports);
+ return err;
+ }
+
+ return template_fill_for_cgi(csp, "edit-actions-for-url", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_edit_actions_submit
+ *
+ * Description : CGI function that actually edits the Actions list.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory
+ * JB_ERR_CGI_PARAMS if the CGI parameters are not
+ * specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_submit(struct client_state *csp,
+ struct http_response *rsp,
+ const struct map *parameters)
+{
+ unsigned sectionid;
+ char * actiontext;
+ char * newtext;
+ size_t len;
+ struct editable_file * file;
+ struct file_line * cur_line;
+ unsigned line_number;
+ char * target;
+ jb_err err;
+ int index;
+ const char * action_set_name;
+ char ch;
+ struct file_list * fl;
+ struct url_actions * b;
+
+ if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+ {
+ return cgi_error_disabled(csp, rsp);
+ }
+
+ err = get_number_param(csp, parameters, "s", §ionid);
+ if (err)
+ {
+ return err;
+ }
+
+ err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+ if (err)
+ {
+ /* No filename specified, can't read file, modified, or out of memory. */
+ return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+ }
+
+ cur_line = file->lines;
+
+ for (line_number = 1; (cur_line != NULL) && (line_number < sectionid); line_number++)
+ {
+ cur_line = cur_line->next;
+ }
+
+ if ( (cur_line == NULL)
+ || (line_number != sectionid)
+ || (sectionid < 1)
+ || (cur_line->type != FILE_LINE_ACTION))
+ {
+ /* Invalid "sectionid" parameter */
+ edit_free_file(file);
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ get_string_param(parameters, "p", &action_set_name);
+ if (action_set_name != NULL)
+ {
+ for (index = 0; index < MAX_ACTION_FILES; index++)
+ {
+ if (((fl = csp->actions_list[index]) != NULL) && ((b = fl->f) != NULL))
+ {
+ for (b = b->next; NULL != b; b = b->next)
+ {
+ if (!strncmp(b->url->spec, "standard.", 9) && !strcmp(b->url->spec + 9, action_set_name))
+ {
+ copy_action(cur_line->data.action, b->action);
+ goto found;
+ }
+ }
+ }
+ }
+ edit_free_file(file);
+ return JB_ERR_CGI_PARAMS;
+
+ found: ;
+ }
+ else
+ {
+ err = actions_from_radio(parameters, cur_line->data.action);
+ }
+
+ if(err)
+ {
+ /* Out of memory */
+ edit_free_file(file);
+ return err;
+ }
+
+ ch = get_char_param(parameters, "filter_all");
+ if (ch == 'N')
+ {
+ list_remove_all(cur_line->data.action->multi_add[ACTION_MULTI_FILTER]);
+ list_remove_all(cur_line->data.action->multi_remove[ACTION_MULTI_FILTER]);
+ cur_line->data.action->multi_remove_all[ACTION_MULTI_FILTER] = 1;
+ }
+ else if (ch == 'X')
+ {
+ cur_line->data.action->multi_remove_all[ACTION_MULTI_FILTER] = 0;
+ }
+
+ for (index = 0; !err; index++)
+ {
+ char key_value[30];
+ char key_name[30];
+ const char *name;
+ char value;
+
+ /* Generate the keys */
+ snprintf(key_value, sizeof(key_value), "filter_r%x", index);
+ key_value[sizeof(key_value) - 1] = '\0';
+ snprintf(key_name, sizeof(key_name), "filter_n%x", index);
+ key_name[sizeof(key_name) - 1] = '\0';
+
+ err = get_string_param(parameters, key_name, &name);
+ if (err) break;
+
+ if (name == NULL)
+ {
+ /* End of list */
+ break;
+ }
+
+ value = get_char_param(parameters, key_value);
+ if (value == 'Y')
+ {
+ list_remove_item(cur_line->data.action->multi_add[ACTION_MULTI_FILTER], name);
+ if (!err) err = enlist(cur_line->data.action->multi_add[ACTION_MULTI_FILTER], name);
+ list_remove_item(cur_line->data.action->multi_remove[ACTION_MULTI_FILTER], name);
+ }
+ else if (value == 'N')
+ {
+ list_remove_item(cur_line->data.action->multi_add[ACTION_MULTI_FILTER], name);
+ if (!cur_line->data.action->multi_remove_all[ACTION_MULTI_FILTER])
+ {
+ list_remove_item(cur_line->data.action->multi_remove[ACTION_MULTI_FILTER], name);
+ if (!err) err = enlist(cur_line->data.action->multi_remove[ACTION_MULTI_FILTER], name);
+ }
+ }
+ else if (value == 'X')
+ {
+ list_remove_item(cur_line->data.action->multi_add[ACTION_MULTI_FILTER], name);
+ list_remove_item(cur_line->data.action->multi_remove[ACTION_MULTI_FILTER], name);
+ }
+ }
+
+ if(err)
+ {
+ /* Out of memory */
+ edit_free_file(file);
+ return err;
+ }
+
+ if (NULL == (actiontext = actions_to_text(cur_line->data.action)))
+ {
+ /* Out of memory */
+ edit_free_file(file);
+ return JB_ERR_MEMORY;
+ }
+
+ len = strlen(actiontext);
+ if (len == 0)
+ {
+ /*
+ * Empty action - must special-case this.
+ * Simply setting len to 1 is sufficient...
+ */
+ len = 1;
+ }
+
+ if (NULL == (newtext = malloc(len + 2)))
+ {
+ /* Out of memory */
+ free(actiontext);
+ edit_free_file(file);
+ return JB_ERR_MEMORY;
+ }
+ strcpy(newtext, actiontext);
+ free(actiontext);
+ newtext[0] = '{';
+ newtext[len] = '}';
+ newtext[len + 1] = '\0';
+
+ freez(cur_line->raw);
+ freez(cur_line->unprocessed);
+ cur_line->unprocessed = newtext;
+
+ err = edit_write_file(file);
+ if (err)
+ {
+ /* Error writing file */
+ edit_free_file(file);
+ return err;
+ }
+
+ target = strdup(CGI_PREFIX "edit-actions-list?f=");
+ string_append(&target, file->identifier);
+
+ edit_free_file(file);
+
+ if (target == NULL)
+ {
+ /* Out of memory */
+ return JB_ERR_MEMORY;
+ }
+
+ rsp->status = strdup("302 Local Redirect from Privoxy");
+ if (rsp->status == NULL)
+ {
+ free(target);
+ return JB_ERR_MEMORY;
+ }
+ err = enlist_unique_header(rsp->headers, "Location", target);
+ free(target);
+
+ return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_edit_actions_url
+ *
+ * Description : CGI function that actually edits a URL pattern in
+ * an actions file.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ * filename : Identifies the file to edit
+ * ver : File's last-modified time
+ * section : Line number of section to edit
+ * pattern : Line number of pattern to edit
+ * newval : New value for pattern
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory
+ * JB_ERR_CGI_PARAMS if the CGI parameters are not
+ * specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_url(struct client_state *csp,
+ struct http_response *rsp,
+ const struct map *parameters)
+{
+ unsigned patternid;
+ char * new_pattern;
+ struct editable_file * file;
+ struct file_line * cur_line;
+ unsigned line_number;
+ char * target;
+ jb_err err;
+
+ if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+ {
+ return cgi_error_disabled(csp, rsp);
+ }
+
+ err = get_number_param(csp, parameters, "p", &patternid);
+ if (err)
+ {
+ return err;
+ }
+ if (patternid < 1U)
+ {
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ err = get_url_spec_param(csp, parameters, "u", &new_pattern);
+ if (err)
+ {
+ return err;
+ }
+
+ err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+ if (err)
+ {
+ /* No filename specified, can't read file, modified, or out of memory. */
+ free(new_pattern);
+ return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+ }
+
+ line_number = 1;
+ cur_line = file->lines;
+
+ while ((cur_line != NULL) && (line_number < patternid))
+ {
+ cur_line = cur_line->next;
+ line_number++;
+ }
+
+ if ( (cur_line == NULL)
+ || (cur_line->type != FILE_LINE_URL))
+ {
+ /* Invalid "patternid" parameter */
+ free(new_pattern);
+ edit_free_file(file);
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ /* At this point, the line to edit is in cur_line */
+
+ freez(cur_line->raw);
+ freez(cur_line->unprocessed);
+ cur_line->unprocessed = new_pattern;
+
+ err = edit_write_file(file);
+ if (err)
+ {
+ /* Error writing file */
+ edit_free_file(file);
+ return err;
+ }
+
+ target = strdup(CGI_PREFIX "edit-actions-list?f=");
+ string_append(&target, file->identifier);
+
+ edit_free_file(file);
+
+ if (target == NULL)
+ {
+ /* Out of memory */
+ return JB_ERR_MEMORY;
+ }
+
+ rsp->status = strdup("302 Local Redirect from Privoxy");
+ if (rsp->status == NULL)
+ {
+ free(target);
+ return JB_ERR_MEMORY;
+ }
+ err = enlist_unique_header(rsp->headers, "Location", target);
+ free(target);
+
+ return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_edit_actions_add_url
+ *
+ * Description : CGI function that actually adds a URL pattern to
+ * an actions file.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ * filename : Identifies the file to edit
+ * ver : File's last-modified time
+ * section : Line number of section to edit
+ * newval : New pattern
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory
+ * JB_ERR_CGI_PARAMS if the CGI parameters are not
+ * specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_add_url(struct client_state *csp,
+ struct http_response *rsp,
+ const struct map *parameters)
+{
+ unsigned sectionid;
+ char * new_pattern;
+ struct file_line * new_line;
+ struct editable_file * file;
+ struct file_line * cur_line;
+ unsigned line_number;
+ char * target;
+ jb_err err;
+
+ if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+ {
+ return cgi_error_disabled(csp, rsp);
+ }
+
+ err = get_number_param(csp, parameters, "s", §ionid);
+ if (err)
+ {
+ return err;
+ }
+ if (sectionid < 1U)
+ {
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ err = get_url_spec_param(csp, parameters, "u", &new_pattern);
+ if (err)
+ {
+ return err;
+ }
+
+ err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+ if (err)
+ {
+ /* No filename specified, can't read file, modified, or out of memory. */
+ free(new_pattern);
+ return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+ }
+
+ line_number = 1;
+ cur_line = file->lines;
+
+ while ((cur_line != NULL) && (line_number < sectionid))
+ {
+ cur_line = cur_line->next;
+ line_number++;
+ }
+
+ if ( (cur_line == NULL)
+ || (cur_line->type != FILE_LINE_ACTION))
+ {
+ /* Invalid "sectionid" parameter */
+ free(new_pattern);
+ edit_free_file(file);
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ /* At this point, the section header is in cur_line - add after this. */
+
+ /* Allocate the new line */
+ new_line = (struct file_line *)zalloc(sizeof(*new_line));
+ if (new_line == NULL)
+ {
+ free(new_pattern);
+ edit_free_file(file);
+ return JB_ERR_MEMORY;
+ }
+
+ /* Fill in the data members of the new line */
+ new_line->raw = NULL;
+ new_line->prefix = NULL;
+ new_line->unprocessed = new_pattern;
+ new_line->type = FILE_LINE_URL;
+
+ /* Link new_line into the list, after cur_line */
+ new_line->next = cur_line->next;
+ cur_line->next = new_line;
+
+ /* Done making changes, now commit */
+
+ err = edit_write_file(file);
+ if (err)
+ {
+ /* Error writing file */
+ edit_free_file(file);
+ return err;
+ }
+
+ target = strdup(CGI_PREFIX "edit-actions-list?f=");
+ string_append(&target, file->identifier);
+
+ edit_free_file(file);
+
+ if (target == NULL)
+ {
+ /* Out of memory */
+ return JB_ERR_MEMORY;
+ }
+
+ rsp->status = strdup("302 Local Redirect from Privoxy");
+ if (rsp->status == NULL)
+ {
+ free(target);
+ return JB_ERR_MEMORY;
+ }
+ err = enlist_unique_header(rsp->headers, "Location", target);
+ free(target);
+
+ return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_edit_actions_remove_url
+ *
+ * Description : CGI function that actually removes a URL pattern from
+ * the actions file.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ * f : (filename) Identifies the file to edit
+ * v : (version) File's last-modified time
+ * p : (pattern) Line number of pattern to remove
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory
+ * JB_ERR_CGI_PARAMS if the CGI parameters are not
+ * specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_remove_url(struct client_state *csp,
+ struct http_response *rsp,
+ const struct map *parameters)
+{
+ unsigned patternid;
+ struct editable_file * file;
+ struct file_line * cur_line;
+ struct file_line * prev_line;
+ unsigned line_number;
+ char * target;
+ jb_err err;
+
+ if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+ {
+ return cgi_error_disabled(csp, rsp);
+ }
+
+ err = get_number_param(csp, parameters, "p", &patternid);
+ if (err)
+ {
+ return err;
+ }
+
+ err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+ if (err)
+ {
+ /* No filename specified, can't read file, modified, or out of memory. */
+ return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+ }
+
+ line_number = 1;
+ prev_line = NULL;
+ cur_line = file->lines;
+
+ while ((cur_line != NULL) && (line_number < patternid))
+ {
+ prev_line = cur_line;
+ cur_line = cur_line->next;
+ line_number++;
+ }
+
+ if ( (cur_line == NULL)
+ || (prev_line == NULL)
+ || (cur_line->type != FILE_LINE_URL))
+ {
+ /* Invalid "patternid" parameter */
+ edit_free_file(file);
+ return JB_ERR_CGI_PARAMS;
+ }
+
+ /* At this point, the line to remove is in cur_line, and the previous
+ * one is in prev_line
+ */
+
+ /* Unlink cur_line */
+ prev_line->next = cur_line->next;
+ cur_line->next = NULL;
+
+ /* Free cur_line */
+ edit_free_file_lines(cur_line);
+
+ err = edit_write_file(file);
+ if (err)
+ {
+ /* Error writing file */
+ edit_free_file(file);
+ return err;
+ }
+
+ target = strdup(CGI_PREFIX "edit-actions-list?f=");
+ string_append(&target, file->identifier);
+
+ edit_free_file(file);
+
+ if (target == NULL)
+ {
+ /* Out of memory */
+ return JB_ERR_MEMORY;
+ }
+
+ rsp->status = strdup("302 Local Redirect from Privoxy");
+ if (rsp->status == NULL)
+ {
+ free(target);
+ return JB_ERR_MEMORY;
+ }
+ err = enlist_unique_header(rsp->headers, "Location", target);
+ free(target);
+
+ return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_edit_actions_section_remove