-const char loaders_rcs[] = "$Id: loaders.c,v 1.6 2001/05/23 12:27:33 oes Exp $";
+const char loaders_rcs[] = "$Id: loaders.c,v 1.10 2001/05/29 09:50:24 jongfoster Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/loaders.c,v $
*
* Revisions :
* $Log: loaders.c,v $
+ * Revision 1.10 2001/05/29 09:50:24 jongfoster
+ * Unified blocklist/imagelist/permissionslist.
+ * File format is still under discussion, but the internal changes
+ * are (mostly) done.
+ *
+ * Also modified interceptor behaviour:
+ * - We now intercept all URLs beginning with one of the following
+ * prefixes (and *only* these prefixes):
+ * * http://i.j.b/
+ * * http://ijbswa.sf.net/config/
+ * * http://ijbswa.sourceforge.net/config/
+ * - New interceptors "home page" - go to http://i.j.b/ to see it.
+ * - Internal changes so that intercepted and fast redirect pages
+ * are not replaced with an image.
+ * - Interceptors now have the option to send a binary page direct
+ * to the client. (i.e. ijb-send-banner uses this)
+ * - Implemented show-url-info interceptor. (Which is why I needed
+ * the above interceptors changes - a typical URL is
+ * "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ * The previous mechanism would not have intercepted that, and
+ * if it had been intercepted then it then it would have replaced
+ * it with an image.)
+ *
+ * Revision 1.9 2001/05/26 17:12:07 jongfoster
+ * Fatal errors loading configuration files now give better error messages.
+ *
+ * Revision 1.8 2001/05/26 00:55:20 jongfoster
+ * Removing duplicated code. load_forwardfile() now uses create_url_spec()
+ *
+ * Revision 1.7 2001/05/26 00:28:36 jongfoster
+ * Automatic reloading of config file.
+ * Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ * Most of the global variables have been moved to a new
+ * struct configuration_spec, accessed through csp->config->globalname
+ * Most of the globals remaining are used by the Win32 GUI.
+ *
* Revision 1.6 2001/05/23 12:27:33 oes
*
* Fixed ugly indentation of my last changes
* Currently active files.
* These are also entered in the main linked list of files.
*/
-static struct file_list *current_blockfile = NULL;
static struct file_list *current_permissions_file = NULL;
static struct file_list *current_forwardfile = NULL;
static struct file_list *current_aclfile = NULL;
#endif /* def ACL_FILES */
-#ifdef USE_IMAGE_LIST
-static struct file_list *current_imagefile = NULL;
-#endif /* def USE_IMAGE_LIST */
-
#ifdef TRUST_FILES
static struct file_list *current_trustfile = NULL;
#endif /* def TRUST_FILES */
*/
ncsp->config->config_file_list->active = 1;
- if (ncsp->blist) /* block files */
- {
- ncsp->blist->active = 1;
- }
-
if (ncsp->permissions_list) /* permissions files */
{
ncsp->permissions_list->active = 1;
}
#endif /* def ACL_FILES */
-#ifdef USE_IMAGE_LIST
- if (ncsp->ilist) /* image files */
- {
- ncsp->ilist->active = 1;
- }
-#endif /* def USE_IMAGE_LIST */
-
#ifdef PCRS
if (ncsp->rlist) /* perl re files */
{
csp->next = ncsp->next;
freez(ncsp->ip_addr_str);
+#ifdef TRUST_FILES
freez(ncsp->referrer);
+#endif /* def TRUST_FILES */
freez(ncsp->x_forwarded);
- freez(ncsp->ip_addr_str);
freez(ncsp->iob->buf);
free_http_request(ncsp->http);
}
#endif /* def ACL_FILES */
-/*********************************************************************
- *
- * Function : unload_blockfile
- *
- * Description : Unloads a blockfile.
- *
- * Parameters :
- * 1 : f = the data structure associated with the blockfile.
- *
- * Returns : N/A
- *
- *********************************************************************/
-static void unload_blockfile(void *f)
-{
- struct block_spec *b = (struct block_spec *)f;
- if (b == NULL) return;
-
- unload_blockfile(b->next);
-
- unload_url(b->url);
-
- freez(b);
-
-}
-
-
-#ifdef USE_IMAGE_LIST
-/*********************************************************************
- *
- * Function : unload_imagefile
- *
- * Description : Unloads an imagefile.
- *
- * Parameters :
- * 1 : f = the data structure associated with the imagefile.
- *
- * Returns : N/A
- *
- *********************************************************************/
-static void unload_imagefile(void *f)
-{
- struct block_spec *b = (struct block_spec *)f;
- if (b == NULL) return;
-
- unload_imagefile(b->next);
-
- unload_url(b->url);
-
- freez(b);
-
-}
-#endif /* def USE_IMAGE_LIST */
-
/*********************************************************************
*
}
}
- /* Trim leading whitespace */
- p = linebuf;
- while (*p && ijb_isspace(*p))
- {
- p++;
- }
+ /* Remove leading and trailing whitespace */
+ chomp(linebuf);
- if (*p)
+ if (*linebuf)
{
- /* There is something other than whitespace on the line. */
-
- /* Move the data to the start of buf */
- if (p != linebuf)
+ strncat(buf, linebuf, buflen - strlen(buf));
+ if (contflag)
{
- /* strcpy that can cope with overlap. */
- q = linebuf;
- while ((*q++ = *p++) != '\0')
- {
- /* Do nothing */
- }
+ contflag = 0;
+ continue;
}
-
- /* Trim trailing whitespace */
- p = linebuf + strlen(linebuf) - 1;
-
- /*
- * Note: the (p >= linebuf) below is paranoia, it's not really needed.
- * When p == linebuf then ijb_isspace(*p) will be false and we'll drop
- * out of the loop.
- */
- while ((p >= linebuf) && ijb_isspace(*p))
- {
- p--;
- }
- p[1] = '\0';
-
- /* More paranoia. This if statement is always true. */
- if (*linebuf)
+ else
{
- strncat(buf, linebuf, buflen - strlen(buf));
- if (contflag)
- {
- contflag = 0;
- continue;
- }
- else
- {
- return buf;
- }
+ return buf;
}
}
}
-
/* EOF */
return NULL;
+
}
return(0);
load_aclfile_error:
- log_error(LOG_LEVEL_ERROR, "can't load access control list %s: %E",
+ log_error(LOG_LEVEL_FATAL, "can't load access control list %s: %E",
csp->config->aclfile);
return(-1);
#endif /* def ACL_FILES */
-/*********************************************************************
- *
- * Function : load_blockfile
- *
- * Description : Read and parse a blockfile and add to files list.
- *
- * Parameters :
- * 1 : csp = Current client state (buffers, headers, etc...)
- *
- * Returns : 0 => Ok, everything else is an error.
- *
- *********************************************************************/
-int load_blockfile(struct client_state *csp)
+struct permission_alias
{
- FILE *fp;
-
- struct block_spec *b, *bl;
- char buf[BUFSIZ], *p, *q;
- int reject;
- struct file_list *fs;
-
- if (!check_file_changed(current_blockfile, csp->config->blockfile, &fs))
- {
- /* No need to load */
- if (csp)
- {
- csp->blist = current_blockfile;
- }
- return(0);
- }
- if (!fs)
- {
- goto load_blockfile_error;
- }
-
- fs->f = bl = (struct block_spec *) zalloc(sizeof(*bl));
- if (bl == NULL)
- {
- goto load_blockfile_error;
- }
-
- if ((fp = fopen(csp->config->blockfile, "r")) == NULL)
- {
- goto load_blockfile_error;
- }
-
- while (read_config_line(buf, sizeof(buf), fp, fs) != NULL)
- {
- reject = 1;
-
- if (*buf == '~')
- {
- reject = 0;
- p = buf;
- q = p+1;
- while ((*p++ = *q++))
- {
- /* nop */
- }
- }
-
- /* skip lines containing only ~ */
- if (*buf == '\0')
- {
- continue;
- }
-
- /* allocate a new node */
- if ((b = zalloc(sizeof(*b))) == NULL)
- {
- fclose(fp);
- goto load_blockfile_error;
- }
-
- /* add it to the list */
- b->next = bl->next;
- bl->next = b;
-
- b->reject = reject;
-
- /* Save the URL pattern */
- if (create_url_spec(b->url, buf))
- {
- fclose(fp);
- goto load_blockfile_error;
- }
- }
+ const char * name;
+ unsigned mask; /* a bit set to "0" = remove permission */
+ unsigned add; /* a bit set to "1" = add permission */
+ struct permission_alias * next;
+};
- fclose(fp);
-#ifndef SPLIT_PROXY_ARGS
- if (!suppress_blocklists)
- {
- fs->proxy_args = strsav(fs->proxy_args, "</pre>");
- }
-#endif /* ndef SPLIT_PROXY_ARGS */
-
- /* the old one is now obsolete */
- if (current_blockfile)
- {
- current_blockfile->unloader = unload_blockfile;
- }
-
- fs->next = files->next;
- files->next = fs;
- current_blockfile = fs;
-
- if (csp)
- {
- csp->blist = fs;
- }
-
- return(0);
-
-load_blockfile_error:
- log_error(LOG_LEVEL_ERROR, "can't load blockfile '%s': %E", csp->config->blockfile);
- return(-1);
-
-}
+/*
+ * Note: this is special-cased in the code so we don't need to
+ * fill in the ->next fields.
+ */
+static const struct permission_alias standard_aliases[] =
+{
+ { "+block", PERMIT_MASK_ALL, PERMIT_BLOCK },
+/* { "+cookies", PERMIT_MASK_ALL, PERMIT_COOKIE_SET | PERMIT_COOKIE_READ }, */
+ { "+cookies-read", PERMIT_MASK_ALL, PERMIT_COOKIE_READ },
+ { "+cookies-set", PERMIT_MASK_ALL, PERMIT_COOKIE_SET },
+ { "+fast-redirects", PERMIT_MASK_ALL, PERMIT_FAST_REDIRECTS },
+ { "+filter", PERMIT_MASK_ALL, PERMIT_RE_FILTER },
+ { "+image", PERMIT_MASK_ALL, PERMIT_IMAGE },
+ { "+popup", PERMIT_MASK_ALL, PERMIT_POPUPS },
+ { "+popups", PERMIT_MASK_ALL, PERMIT_POPUPS },
+ { "+referer", PERMIT_MASK_ALL, PERMIT_REFERER },
+ { "+referrer", PERMIT_MASK_ALL, PERMIT_REFERER },
+ { "-block", ~PERMIT_BLOCK, 0 },
+/* { "-cookies", ~(PERMIT_COOKIE_SET | PERMIT_COOKIE_READ), 0 }, */
+ { "-cookies-read", ~PERMIT_COOKIE_READ, 0 },
+ { "-cookies-set", ~PERMIT_COOKIE_SET, 0 },
+ { "-fast-redirects", ~PERMIT_FAST_REDIRECTS, 0 },
+ { "-filter", ~PERMIT_RE_FILTER, 0 },
+ { "-image", ~PERMIT_IMAGE, 0 },
+ { "-popup", ~PERMIT_POPUPS, 0 },
+ { "-popups", ~PERMIT_POPUPS, 0 },
+ { "-referer", ~PERMIT_REFERER, 0 },
+ { "-referrer", ~PERMIT_REFERER, 0 },
+ { NULL, 0, 0 } /* End marker */
+};
-#ifdef USE_IMAGE_LIST
/*********************************************************************
*
- * Function : load_imagefile
+ * Function : load_permissions_file
*
- * Description : Read and parse an imagefile and add to files list.
+ * Description : Read and parse a permissions file and add to files
+ * list.
*
* Parameters :
* 1 : csp = Current client state (buffers, headers, etc...)
* Returns : 0 => Ok, everything else is an error.
*
*********************************************************************/
-int load_imagefile(struct client_state *csp)
+int load_permissions_file(struct client_state *csp)
{
FILE *fp;
- struct block_spec *b, *bl;
- char buf[BUFSIZ], *p, *q;
- int reject;
+ struct permissions_spec *last_perm;
+ struct permissions_spec *perm;
+ char buf[BUFSIZ];
struct file_list *fs;
+#define MODE_START_OF_FILE 1
+#define MODE_PERMISSIONS 2
+#define MODE_ALIAS 3
+ int mode = MODE_START_OF_FILE;
+ unsigned curmask = PERMIT_MASK_ALL;
+ unsigned curadd = 0;
+ struct permission_alias * alias_list = NULL;
- if (!check_file_changed(current_imagefile, csp->config->imagefile, &fs))
+ if (!check_file_changed(current_permissions_file, csp->config->permissions_file, &fs))
{
/* No need to load */
if (csp)
{
- csp->ilist = current_imagefile;
+ csp->permissions_list = current_permissions_file;
}
- return(0);
+ return 0;
}
if (!fs)
{
- goto load_imagefile_error;
+ log_error(LOG_LEVEL_FATAL, "can't load permissions file '%s': error finding file: %E",
+ csp->config->permissions_file);
+ return 1; /* never get here */
}
- fs->f = bl = (struct block_spec *)zalloc(sizeof(*bl));
- if (bl == NULL)
+ fs->f = last_perm = (struct permissions_spec *)zalloc(sizeof(*last_perm));
+ if (last_perm == NULL)
{
- goto load_imagefile_error;
+ log_error(LOG_LEVEL_FATAL, "can't load permissions file '%s': out of memory!",
+ csp->config->permissions_file);
+ return 1; /* never get here */
}
- if ((fp = fopen(csp->config->imagefile, "r")) == NULL)
+ if ((fp = fopen(csp->config->permissions_file, "r")) == NULL)
{
- goto load_imagefile_error;
+ log_error(LOG_LEVEL_FATAL, "can't load permissions file '%s': error opening file: %E",
+ csp->config->permissions_file);
+ return 1; /* never get here */
}
while (read_config_line(buf, sizeof(buf), fp, fs) != NULL)
{
- reject = 1;
-
- if (*buf == '~')
+ if (*buf == '{')
{
- reject = 0;
- p = buf;
- q = p+1;
- while ((*p++ = *q++))
+ /* It's a header block */
+ if (buf[1] == '{')
{
- /* nop */
- }
- }
+ /* It's {{settings}} or {{alias}} */
+ int len = strlen(buf);
+ char * start = buf + 2;
+ char * end = buf + len - 1;
+ if ((len < 5) || (*end-- != '}') || (*end-- != '}'))
+ {
+ /* too short */
+ fclose(fp);
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': invalid line: %s",
+ csp->config->permissions_file, buf);
+ return 1; /* never get here */
+ }
- /* skip lines containing only ~ */
- if (*buf == '\0')
- {
- continue;
- }
+ /* Trim leading and trailing whitespace. */
+ end[1] = '\0';
+ chomp(start);
- /* allocate a new node */
- if ((b = zalloc(sizeof(*b))) == NULL)
- {
- fclose(fp);
- goto load_imagefile_error;
- }
+ if (*start == '\0')
+ {
+ /* too short */
+ fclose(fp);
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': invalid line: {{ }}",
+ csp->config->permissions_file);
+ return 1; /* never get here */
+ }
- /* add it to the list */
- b->next = bl->next;
- bl->next = b;
+ if (0 == strcmpic(start, "alias"))
+ {
+ /* it's an {{alias}} block */
- b->reject = reject;
+ mode = MODE_ALIAS;
+ }
+ else
+ {
+ /* invalid {{something}} block */
+ fclose(fp);
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': invalid line: {{%s}}",
+ csp->config->permissions_file, start);
+ return 1; /* never get here */
+ }
+ }
+ else
+ {
+ /* It's a permissions block */
- /* Save the URL pattern */
- if (create_url_spec(b->url, buf))
- {
- fclose(fp);
- goto load_imagefile_error;
- }
- }
+ int more = 1;
- fclose(fp);
+ int len = strlen(buf);
+ char * start = buf + 1;
+ char * end = buf + len - 1;
-#ifndef SPLIT_PROXY_ARGS
- if (!suppress_blocklists)
- {
- fs->proxy_args = strsav(fs->proxy_args, "</pre>");
- }
-#endif /* ndef SPLIT_PROXY_ARGS */
+ if ((len < 3) || (*end-- != '}'))
+ {
+ /* too short */
+ fclose(fp);
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': invalid line: %s",
+ csp->config->permissions_file, buf);
+ return 1; /* never get here */
+ }
- /* the old one is now obsolete */
- if (current_imagefile)
- {
- current_imagefile->unloader = unload_imagefile;
- }
+ end[1] = '\0';
+ chomp(start);
- fs->next = files->next;
- files->next = fs;
- current_imagefile = fs;
+ if (*start == '\0')
+ {
+ /* too short */
+ fclose(fp);
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': invalid line: { }",
+ csp->config->permissions_file);
+ return 1; /* never get here */
+ }
- if (csp)
- {
- csp->ilist = fs;
- }
+ mode = MODE_PERMISSIONS;
+
+ curmask = PERMIT_MASK_ALL;
+ curadd = 0;
- return(0);
+ while (more)
+ {
+ const struct permission_alias * alias = standard_aliases;
+ char * option = start;
+ while ((*start != '\0') && (*start != ' ') && (*start != '\t'))
+ {
+ start++;
+ }
+
+ more = (*start != 0);
+ if (more)
+ {
+ *start++ = '\0';
+
+ /* Eat all the whitespace between the options */
+ while ((*start == ' ') || (*start == '\t'))
+ {
+ start++;
+ }
+ }
+
+ /* handle option in 'option' */
+
+ /* Check for standard permission name */
+ while ( (alias->name != NULL) && (0 != strcmpic(alias->name, option)) )
+ {
+ alias++;
+ }
+ if (alias->name == NULL)
+ {
+ /* try user aliases. */
+ alias = alias_list;
+ while ( (alias != NULL) && (0 != strcmpic(alias->name, option)) )
+ {
+ alias = alias->next;
+ }
+ }
+ if (alias == NULL)
+ {
+ /* Bad permission name */
+ fclose(fp);
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': invalid permission name: %s",
+ csp->config->permissions_file, option);
+ return 1; /* never get here */
+ }
+ curmask &= alias->mask;
+ curadd &= alias->mask;
+ curadd |= alias->add;
+ }
+ }
+ }
+ else if (mode == MODE_ALIAS)
+ {
+ /* define an alias */
+ struct permission_alias * new_alias;
+ int more = 1;
-load_imagefile_error:
- log_error(LOG_LEVEL_ERROR, "can't load imagefile '%s': %E", csp->config->imagefile);
- return(-1);
+ char * start = strchr(buf, '=');
+ char * end = start;
-}
-#endif /* def USE_IMAGE_LIST */
+ if ((start == NULL) || (start == buf))
+ {
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': invalid alias line: %s",
+ csp->config->permissions_file, buf);
+ return 1; /* never get here */
+ }
+ if ((new_alias = zalloc(sizeof(*new_alias))) == NULL)
+ {
+ fclose(fp);
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': out of memory!",
+ csp->config->permissions_file);
+ return 1; /* never get here */
+ }
-/*********************************************************************
- *
- * Function : load_permissions_file
- *
- * Description : Read and parse a permissions file and add to files
- * list.
- *
- * Parameters :
- * 1 : csp = Current client state (buffers, headers, etc...)
- *
- * Returns : 0 => Ok, everything else is an error.
- *
- *********************************************************************/
-int load_permissions_file(struct client_state *csp)
-{
- FILE *fp;
+ /* Eat any the whitespace after the '=' */
+ start++;
+ while ((*start == ' ') || (*start == '\t'))
+ {
+ start++;
+ }
+ if (*start == '\0')
+ {
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': invalid alias line: %s",
+ csp->config->permissions_file, buf);
+ return 1; /* never get here */
+ }
- struct permissions_spec *b, *bl;
- char buf[BUFSIZ], *p, *q;
- int permissions;
- struct file_list *fs;
- int i;
+ /* Eat any the whitespace before the '=' */
+ end--;
+ while ((*end == ' ') || (*end == '\t'))
+ {
+ /*
+ * we already know we must have at least 1 non-ws char
+ * at start of buf - no need to check
+ */
+ end--;
+ }
+ end[1] = '\0';
- if (!check_file_changed(current_permissions_file, csp->config->permissions_file, &fs))
- {
- /* No need to load */
- if (csp)
- {
- csp->permissions_list = current_permissions_file;
- }
- return(0);
- }
- if (!fs)
- {
- goto load_permissions_error;
- }
+ new_alias->name = strdup(buf);
- fs->f = bl = (struct permissions_spec *)zalloc(sizeof(*bl));
- if (bl == NULL)
- {
- goto load_permissions_error;
- }
+ curmask = PERMIT_MASK_ALL;
+ curadd = 0;
- if ((fp = fopen(csp->config->permissions_file, "r")) == NULL)
- {
- goto load_permissions_error;
- }
+ while (more)
+ {
+ const struct permission_alias * alias = standard_aliases;
+ char * option = start;
+ while ((*start != '\0') && (*start != ' ') && (*start != '\t'))
+ {
+ start++;
+ }
+ more = (*start != 0);
+ if (more)
+ {
+ *start++ = '\0';
- /*
- * default_permissions is set in this file.
- *
- * Reset it to default first.
- */
- csp->config->default_permissions = PERMIT_RE_FILTER;
+ /* Eat all the whitespace between the options */
+ while ((*start == ' ') || (*start == '\t'))
+ {
+ start++;
+ }
+ }
- while (read_config_line(buf, sizeof(buf), fp, fs) != NULL)
- {
- p = buf;
+ /* handle option in 'option' */
- permissions = PERMIT_COOKIE_SET | PERMIT_COOKIE_READ | PERMIT_POPUPS;
+ /* Check for standard permission name */
+ while ( (alias->name != NULL) && (0 != strcmpic(alias->name, option)) )
+ {
+ alias++;
+ }
+ if (alias->name == NULL)
+ {
+ /* try user aliases. */
+ alias = alias_list;
+ while ( (alias != NULL) && (0 != strcmpic(alias->name, option)) )
+ {
+ alias = alias->next;
+ }
+ }
+ if (alias == NULL)
+ {
+ /* Bad permission name */
+ fclose(fp);
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': invalid permission name: %s",
+ csp->config->permissions_file, option);
+ return 1; /* never get here */
+ }
+ curmask &= alias->mask;
+ curadd &= alias->mask;
+ curadd |= alias->add;
+ }
- /*
- * FIXME: for() loop is a kludge. Want to loop around until we
- * find a non-control character. Assume there will be at most 4
- * characters.
- */
- for (i = 0; i < 4; i++)
+ /* save alias permissions */
+ new_alias->mask = curmask;
+ new_alias->add = curadd;
+
+ /* add to list */
+ new_alias->next = alias_list;
+ alias_list = new_alias;
+ }
+ else if (mode == MODE_PERMISSIONS)
{
- switch ((int)*p)
- {
- case '>':
- /*
- * Allow cookies to be read by the server, but do
- * not allow them to be set.
- */
- permissions = (permissions & ~PERMIT_COOKIE_SET);
- p++;
- break;
-
- case '<':
- /*
- * Allow server to set cookies but do not let the
- * server read them.
- */
- permissions = (permissions & ~PERMIT_COOKIE_READ);
- p++;
- break;
+ /* it's a URL pattern */
- case '^':
- /*
- * Block popups
- */
- permissions = (permissions & ~PERMIT_POPUPS);
- p++;
- break;
-
- case '%':
- /*
- * Permit filtering using PCRS
- */
- permissions = (permissions | PERMIT_RE_FILTER);
- p++;
- break;
-
- case '~':
- /*
- * All of the above (maximum filtering).
- */
- permissions = PERMIT_RE_FILTER;
- p++;
- break;
-
- default:
- /*
- * FIXME: Should break out of the loop here.
- */
- break;
+ /* allocate a new node */
+ if ((perm = zalloc(sizeof(*perm))) == NULL)
+ {
+ fclose(fp);
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': out of memory!",
+ csp->config->permissions_file);
+ return 1; /* never get here */
}
- }
- /*
- * Elide any of the "special" chars from the
- * front of the pattern
- */
- q = buf;
- if (p > q)
- {
- while ((*q++ = *p++) != '\0')
+ /* Save flags */
+ perm->mask = curmask;
+ perm->add = curadd;
+
+ /* Save the URL pattern */
+ if (create_url_spec(perm->url, buf))
{
- /* nop */
+ fclose(fp);
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': cannot create URL permission from: %s",
+ csp->config->permissions_file, buf);
+ return 1; /* never get here */
}
- }
- /* a lines containing only "special" chars sets default */
- if (*buf == '\0')
- {
- csp->config->default_permissions = permissions;
- continue;
+ /* add it to the list */
+ last_perm->next = perm;
+ last_perm = perm;
}
-
- /* allocate a new node */
- if (((b = zalloc(sizeof(*b))) == NULL)
- )
+ else if (mode == MODE_START_OF_FILE)
{
+ /* oops - please have a {} line as 1st line in file. */
fclose(fp);
- goto load_permissions_error;
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': first line is invalid: %s",
+ csp->config->permissions_file, buf);
+ return 1; /* never get here */
}
-
- /* add it to the list */
- b->next = bl->next;
- bl->next = b;
-
- /* Save flags */
- b->permissions = permissions;
-
- /* Save the URL pattern */
- if (create_url_spec(b->url, buf))
+ else
{
+ /* How did we get here? This is impossible! */
fclose(fp);
- goto load_permissions_error;
+ log_error(LOG_LEVEL_FATAL,
+ "can't load permissions file '%s': INTERNAL ERROR - mode = %d",
+ csp->config->permissions_file, mode);
+ return 1; /* never get here */
}
}
fclose(fp);
+
+ while (alias_list != NULL)
+ {
+ struct permission_alias * next = alias_list->next;
+ freez((char *)alias_list->name);
+ free(alias_list);
+ alias_list = next;
+ }
#ifndef SPLIT_PROXY_ARGS
if (!suppress_blocklists)
return(0);
-load_permissions_error:
- log_error(LOG_LEVEL_ERROR, "can't load permissions file '%s': %E",
- csp->config->permissions_file);
- return(-1);
-
}
return(0);
load_trustfile_error:
- log_error(LOG_LEVEL_ERROR, "can't load trustfile '%s': %E",
+ log_error(LOG_LEVEL_FATAL, "can't load trustfile '%s': %E",
csp->config->trustfile);
return(-1);
FILE *fp;
struct forward_spec *b, *bl;
- char buf[BUFSIZ], *p, *q, *tmp;
- char *vec[4];
- int port, n, reject;
+ char buf[BUFSIZ];
+ char *p, *tmp;
+ char *vec[4];
+ int n;
struct file_list *fs;
const struct gateway *gw;
- struct url_spec url[1];
if (!check_file_changed(current_forwardfile, csp->config->forwardfile, &fs))
{
strcpy(buf, vec[0]);
- reject = 1;
-
- if (*buf == '~')
- {
- reject = 0;
- p = buf;
- q = p+1;
- while ((*p++ = *q++))
- {
- /* nop */
- }
- }
-
/* skip lines containing only ~ */
if (*buf == '\0')
{
/* allocate a new node */
if (((b = zalloc(sizeof(*b))) == NULL)
-#ifdef REGEX
- || ((b->url->preg = zalloc(sizeof(*b->url->preg))) == NULL)
-#endif
)
{
fclose(fp);
b->next = bl->next;
bl->next = b;
- /* save a copy of the orignal specification */
- if ((b->url->spec = strdup(buf)) == NULL)
- {
- fclose(fp);
- goto load_forwardfile_error;
- }
-
- b->reject = reject;
-
- if ((p = strchr(buf, '/')))
- {
- b->url->path = strdup(p);
- b->url->pathlen = strlen(b->url->path);
- *p = '\0';
- }
- else
- {
- b->url->path = NULL;
- b->url->pathlen = 0;
- }
-#ifdef REGEX
- if (b->url->path)
- {
- int errcode;
- char rebuf[BUFSIZ];
-
- sprintf(rebuf, "^(%s)", b->url->path);
-
- errcode = regcomp(b->url->preg, rebuf,
- (REG_EXTENDED|REG_NOSUB|REG_ICASE));
-
- if (errcode)
- {
- size_t errlen = regerror(errcode, b->url->preg, buf, sizeof(buf));
-
- buf[errlen] = '\0';
-
- log_error(LOG_LEVEL_ERROR, "error compiling %s: %s",
- b->url->spec, buf);
- fclose(fp);
- goto load_forwardfile_error;
- }
- }
- else
- {
- freez(b->url->preg);
- }
-#endif
- if ((p = strchr(buf, ':')) == NULL)
- {
- port = 0;
- }
- else
- {
- *p++ = '\0';
- port = atoi(p);
- }
-
- b->url->port = port;
-
- if ((b->url->domain = strdup(buf)) == NULL)
+ /* Save the URL pattern */
+ if (create_url_spec(b->url, buf))
{
fclose(fp);
goto load_forwardfile_error;
}
- /* split domain into components */
- *url = dsplit(b->url->domain);
- b->url->dbuf = url->dbuf;
- b->url->dcnt = url->dcnt;
- b->url->dvec = url->dvec;
-
/* now parse the gateway specs */
p = vec[2];
return(0);
load_forwardfile_error:
- log_error(LOG_LEVEL_ERROR, "can't load forwardfile '%s': %E",
+ log_error(LOG_LEVEL_FATAL, "can't load forwardfile '%s': %E",
csp->config->forwardfile);
return(-1);
return( 0 );
load_re_filterfile_error:
- log_error(LOG_LEVEL_ERROR, "can't load re_filterfile '%s': %E",
+ log_error(LOG_LEVEL_FATAL, "can't load re_filterfile '%s': %E",
csp->config->re_filterfile);
return(-1);