X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=cgi.c;h=bd0c8f6f7c529c13a3577da983e1f4bf6321e9ba;hp=925063d5a32b30fbd8629762467b019e06ad00ca;hb=bd6912e45154b4479b165af980a54a0f16564e19;hpb=933b48ce6989346cf7c3afcfd00894152f7fd191 diff --git a/cgi.c b/cgi.c index 925063d5..bd0c8f6f 100644 --- a/cgi.c +++ b/cgi.c @@ -1,4 +1,4 @@ -const char cgi_rcs[] = "$Id: cgi.c,v 1.89 2007/01/23 15:51:16 fabiankeil Exp $"; +const char cgi_rcs[] = "$Id: cgi.c,v 1.101 2008/02/03 15:45:06 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/cgi.c,v $ @@ -38,6 +38,50 @@ const char cgi_rcs[] = "$Id: cgi.c,v 1.89 2007/01/23 15:51:16 fabiankeil Exp $"; * * Revisions : * $Log: cgi.c,v $ + * Revision 1.101 2008/02/03 15:45:06 fabiankeil + * Add SOCKS5 support for "Forwarding failure" CGI page. + * + * Revision 1.100 2007/10/17 18:40:53 fabiankeil + * - Send CGI pages as HTTP/1.1 unless the client asked for HTTP/1.0. + * - White space fix. + * + * Revision 1.99 2007/08/05 13:42:22 fabiankeil + * #1763173 from Stefan Huehner: declare some more functions static. + * + * Revision 1.98 2007/05/14 10:33:51 fabiankeil + * - Use strlcpy() and strlcat() instead of strcpy() and strcat(). + * + * Revision 1.97 2007/04/09 18:11:35 fabiankeil + * Don't mistake VC++'s _snprintf() for a snprintf() replacement. + * + * Revision 1.96 2007/03/08 17:41:05 fabiankeil + * Use sizeof() more often. + * + * Revision 1.95 2007/02/10 17:01:37 fabiankeil + * Don't overlook map result for the forwarding-type. + * + * Revision 1.94 2007/02/08 19:44:49 fabiankeil + * Use a transparent background for the PNG replacement pattern. + * + * Revision 1.93 2007/02/07 10:45:22 fabiankeil + * - Save the reason for generating http_responses. + * - Fix --disable-toggle (again). + * - Use TBL birthday hack for 403 responses as well. + * - Uglify the @menu@ again to fix JavaScript + * errors on the "blocked" template. + * - Escape an ampersand in cgi_error_unknown(). + * + * Revision 1.92 2007/01/28 13:41:17 fabiankeil + * - Add HEAD support to finish_http_response. + * - Add error favicon to internal HTML error messages. + * + * Revision 1.91 2007/01/27 13:09:16 fabiankeil + * Add new config option "templdir" to + * change the templates directory. + * + * Revision 1.90 2007/01/25 13:47:26 fabiankeil + * Added "forwarding-failed" template support for error_response(). + * * Revision 1.89 2007/01/23 15:51:16 fabiankeil * Add favicon delivery functions. * @@ -555,10 +599,6 @@ const char cgi_rcs[] = "$Id: cgi.c,v 1.89 2007/01/23 15:51:16 fabiankeil Exp $"; #include #include -#ifdef _WIN32 -#define snprintf _snprintf -#endif /* def _WIN32 */ - #include "project.h" #include "cgi.h" #include "list.h" @@ -731,12 +771,12 @@ static const struct cgi_dispatcher cgi_dispatchers[] = { */ const char image_pattern_data[] = "\211\120\116\107\015\012\032\012\000\000\000\015\111\110\104" - "\122\000\000\000\004\000\000\000\004\010\002\000\000\000\046" - "\223\011\051\000\000\000\006\142\113\107\104\000\310\000\310" - "\000\310\052\045\225\037\000\000\000\032\111\104\101\124\170" - "\332\143\070\161\342\304\377\377\377\041\044\003\234\165\342" - "\304\011\006\234\062\000\125\200\052\251\125\174\360\223\000" - "\000\000\000\111\105\116\104\256\102\140\202"; + "\122\000\000\000\004\000\000\000\004\010\006\000\000\000\251" + "\361\236\176\000\000\000\006\142\113\107\104\000\000\000\000" + "\000\000\371\103\273\177\000\000\000\033\111\104\101\124\010" + "\327\143\140\140\140\060\377\377\377\077\003\234\106\341\060" + "\060\230\063\020\124\001\000\161\021\031\241\034\364\030\143" + "\000\000\000\000\111\105\116\104\256\102\140\202"; /* * 1x1 transparant PNG. @@ -871,7 +911,7 @@ struct http_response *dispatch_cgi(struct client_state *csp) * Returns : pointer to value (no copy!), or NULL if none found. * *********************************************************************/ -char *grep_cgi_referrer(const struct client_state *csp) +static char *grep_cgi_referrer(const struct client_state *csp) { struct list_entry *p; @@ -903,7 +943,7 @@ char *grep_cgi_referrer(const struct client_state *csp) * FALSE if the referrer is unsafe or not set. * *********************************************************************/ -int referrer_is_safe (const struct client_state *csp) +static int referrer_is_safe(const struct client_state *csp) { char *referrer; const char alternative_prefix[] = "http://" CGI_SITE_1_HOST "/"; @@ -1010,10 +1050,6 @@ static struct http_response *dispatch_known_cgi(struct client_state * csp, return cgi_error_memory(); } - log_error(LOG_LEVEL_GPC, "%s%s cgi call", csp->http->hostport, csp->http->path); - log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 200 3", - csp->ip_addr_str, csp->http->cmd); - /* * Find and start the right CGI function */ @@ -1063,7 +1099,8 @@ static struct http_response *dispatch_known_cgi(struct client_state * csp, if (!err) { /* It worked */ - return finish_http_response(rsp); + rsp->reason = RSP_REASON_CGI_CALL; + return finish_http_response(csp, rsp); } else { @@ -1350,11 +1387,13 @@ struct http_response *error_response(struct client_state *csp, return cgi_error_memory(); } +#ifdef FEATURE_FORCE_LOAD if (csp->flags & CSP_FLAG_FORCED) { path = strdup(FORCE_PREFIX); } else +#endif /* def FEATURE_FORCE_LOAD */ { path = strdup(""); } @@ -1392,10 +1431,12 @@ struct http_response *error_response(struct client_state *csp, free_http_response(rsp); return cgi_error_memory(); } + rsp->reason = RSP_REASON_NO_SUCH_DOMAIN; } else if (!strcmp(templatename, "forwarding-failed")) { - const struct forward_spec * fwd = forward_url(csp->http, csp); + const struct forward_spec *fwd = forward_url(csp, csp->http); + char *socks_type = NULL; if (fwd == NULL) { log_error(LOG_LEVEL_FATAL, "gateway spec is NULL. This shouldn't happen!"); @@ -1421,8 +1462,27 @@ struct http_response *error_response(struct client_state *csp, csp->error_message = strdup("Failure reason missing. Check the log file for details."); } if (!err) err = map(exports, "gateway", 1, fwd->gateway_host, 1); - if (!err) map(exports, "forwarding-type", 1, (fwd->type == SOCKS_4) ? - "socks4-" : "socks4a-", 1); + + /* + * XXX: this is almost the same code as in cgi_show_url_info() + * and thus should be factored out and shared. + */ + switch (fwd->type) + { + case SOCKS_4: + socks_type = "socks4-"; + break; + case SOCKS_4A: + socks_type = "socks4a-"; + break; + case SOCKS_5: + socks_type = "socks5-"; + break; + default: + log_error(LOG_LEVEL_FATAL, "Unknown socks type: %d.", fwd->type); + } + + if (!err) err = map(exports, "forwarding-type", 1, socks_type, 1); if (!err) err = map(exports, "error-message", 1, html_encode(csp->error_message), 0); if (!err) rsp->status = strdup("503 Forwarding failure"); @@ -1432,6 +1492,7 @@ struct http_response *error_response(struct client_state *csp, free_http_response(rsp); return cgi_error_memory(); } + rsp->reason = RSP_REASON_FORWARDING_FAILED; } else if (!strcmp(templatename, "connect-failed")) { @@ -1442,6 +1503,7 @@ struct http_response *error_response(struct client_state *csp, free_http_response(rsp); return cgi_error_memory(); } + rsp->reason = RSP_REASON_CONNECT_FAILED; } err = template_fill_for_cgi(csp, templatename, exports, rsp); @@ -1451,7 +1513,7 @@ struct http_response *error_response(struct client_state *csp, return cgi_error_memory(); } - return finish_http_response(rsp); + return finish_http_response(csp, rsp); } @@ -1519,7 +1581,10 @@ void cgi_init_error_messages(void) "\r\n"; cgi_error_memory_response->body = "\r\n" - "500 Internal Privoxy Error\r\n" + "\r\n" + " 500 Internal Privoxy Error\r\n" + " " + "\r\n" "\r\n" "

500 Internal Privoxy Error

\r\n" "

Privoxy ran out of memory while processing your request.

\r\n" @@ -1531,6 +1596,7 @@ void cgi_init_error_messages(void) strlen(cgi_error_memory_response->head); cgi_error_memory_response->content_length = strlen(cgi_error_memory_response->body); + cgi_error_memory_response->reason = RSP_REASON_OUT_OF_MEMORY; } @@ -1583,7 +1649,10 @@ jb_err cgi_error_no_template(struct client_state *csp, "500 Internal Privoxy Error"; static const char body_prefix[] = "\r\n" - "500 Internal Privoxy Error\r\n" + "\r\n" + " 500 Internal Privoxy Error\r\n" + " " + "\r\n" "\r\n" "

500 Internal Privoxy Error

\r\n" "

Privoxy encountered an error while processing your request:

\r\n" @@ -1602,6 +1671,7 @@ jb_err cgi_error_no_template(struct client_state *csp, ").

\r\n" "\r\n" "\r\n"; + const size_t body_size = strlen(body_prefix) + strlen(template_name) + strlen(body_suffix) + 1; assert(csp); assert(rsp); @@ -1615,14 +1685,14 @@ jb_err cgi_error_no_template(struct client_state *csp, rsp->head_length = 0; rsp->is_static = 0; - rsp->body = malloc(strlen(body_prefix) + strlen(template_name) + strlen(body_suffix) + 1); + rsp->body = malloc(body_size); if (rsp->body == NULL) { return JB_ERR_MEMORY; } - strcpy(rsp->body, body_prefix); - strcat(rsp->body, template_name); - strcat(rsp->body, body_suffix); + strlcpy(rsp->body, body_prefix, body_size); + strlcat(rsp->body, template_name, body_size); + strlcat(rsp->body, body_suffix, body_size); rsp->status = strdup(status); if (rsp->status == NULL) @@ -1666,7 +1736,10 @@ jb_err cgi_error_unknown(struct client_state *csp, "500 Internal Privoxy Error"; static const char body_prefix[] = "\r\n" - "500 Internal Privoxy Error\r\n" + "\r\n" + " 500 Internal Privoxy Error\r\n" + " " + "\r\n" "\r\n" "

500 Internal Privoxy Error

\r\n" "

Privoxy encountered an error while processing your request:

\r\n" @@ -1674,11 +1747,16 @@ jb_err cgi_error_unknown(struct client_state *csp, static const char body_suffix[] = "

\r\n" "

Please " - "" + "" "file a bug report.

\r\n" "\r\n" "\r\n"; char errnumbuf[30]; + /* + * Due to sizeof(errnumbuf), body_size will be slightly + * bigger than necessary but it doesn't really matter. + */ + const size_t body_size = strlen(body_prefix) + sizeof(errnumbuf) + strlen(body_suffix) + 1; assert(csp); assert(rsp); @@ -1689,17 +1767,18 @@ jb_err cgi_error_unknown(struct client_state *csp, rsp->content_length = 0; rsp->head_length = 0; rsp->is_static = 0; + rsp->reason = RSP_REASON_INTERNAL_ERROR; snprintf(errnumbuf, sizeof(errnumbuf), "%d", error_to_report); - rsp->body = malloc(strlen(body_prefix) + strlen(errnumbuf) + strlen(body_suffix) + 1); + rsp->body = malloc(body_size); if (rsp->body == NULL) { return JB_ERR_MEMORY; } - strcpy(rsp->body, body_prefix); - strcat(rsp->body, errnumbuf); - strcat(rsp->body, body_suffix); + strlcpy(rsp->body, body_prefix, body_size); + strlcat(rsp->body, errnumbuf, body_size); + strlcat(rsp->body, body_suffix, body_size); rsp->status = strdup(status); if (rsp->status == NULL) @@ -1840,6 +1919,9 @@ char *add_help_link(const char *item, * HTTP header - e.g.: * "Sun, 06 Nov 1994 08:49:37 GMT" * + * XXX: Should probably get a third parameter for + * the buffer size. + * * Parameters : * 1 : time_offset = Time returned will be current time * plus this number of seconds. @@ -1909,6 +1991,8 @@ void get_http_time(int time_offset, char *buf) * * Description : Fill in the missing headers in an http response, * and flatten the headers to an http head. + * For HEAD requests the body is freed once + * the Content-Length header is set. * * Parameters : * 1 : rsp = pointer to http_response to be processed @@ -1917,7 +2001,7 @@ void get_http_time(int time_offset, char *buf) * On error, free()s rsp and returns cgi_error_memory() * *********************************************************************/ -struct http_response *finish_http_response(struct http_response *rsp) +struct http_response *finish_http_response(const struct client_state *csp, struct http_response *rsp) { char buf[BUFFER_SIZE]; jb_err err; @@ -1931,9 +2015,12 @@ struct http_response *finish_http_response(struct http_response *rsp) } /* - * Fill in the HTTP Status + * Fill in the HTTP Status, using HTTP/1.1 + * unless the client asked for HTTP/1.0. */ - snprintf(buf, sizeof(buf), "HTTP/1.0 %s", rsp->status ? rsp->status : "200 OK"); + snprintf(buf, sizeof(buf), "%s %s", + strcmpic(csp->http->ver, "HTTP/1.0") ? "HTTP/1.1" : "HTTP/1.0", + rsp->status ? rsp->status : "200 OK"); err = enlist_first(rsp->headers, buf); /* @@ -1949,14 +2036,32 @@ struct http_response *finish_http_response(struct http_response *rsp) err = enlist(rsp->headers, buf); } + if (0 == strcmpic(csp->http->gpc, "head")) + { + /* + * The client only asked for the head. Dispose + * the body and log an offensive message. + * + * While it may seem to be a bit inefficient to + * prepare the body if it isn't needed, it's the + * only way to get the Content-Length right for + * dynamic pages. We could have disposed the body + * earlier, but not without duplicating the + * Content-Length setting code above. + */ + log_error(LOG_LEVEL_CGI, "Preparing to give head to %s.", csp->ip_addr_str); + freez(rsp->body); + rsp->content_length = 0; + } + if (strncmpic(rsp->status, "302", 3)) { - /* - * If it's not a redirect without any content, - * set the Content-Type to text/html if it's - * not already specified. - */ - if (!err) err = enlist_unique(rsp->headers, "Content-Type: text/html", 13); + /* + * If it's not a redirect without any content, + * set the Content-Type to text/html if it's + * not already specified. + */ + if (!err) err = enlist_unique(rsp->headers, "Content-Type: text/html", 13); } /* @@ -2010,7 +2115,7 @@ struct http_response *finish_http_response(struct http_response *rsp) * is older than Privoxy's error message, the server would send status code * 304 and the browser would display the outdated error message again and again. * - * For documents delivered with status code 404 or 503 we set "Last-Modified" + * For documents delivered with status code 403, 404 and 503 we set "Last-Modified" * to Tim Berners-Lee's birthday, which predates the age of any page on the web * and can be safely used to "revalidate" without getting a status code 304. * @@ -2021,7 +2126,9 @@ struct http_response *finish_http_response(struct http_response *rsp) get_http_time(0, buf); if (!err) err = enlist_unique_header(rsp->headers, "Date", buf); - if (!strncmpic(rsp->status, "404", 3) || !strncmpic(rsp->status, "503", 3)) + if (!strncmpic(rsp->status, "403", 3) + || !strncmpic(rsp->status, "404", 3) + || !strncmpic(rsp->status, "503", 3)) { if (!err) err = enlist_unique_header(rsp->headers, "Last-Modified", "Wed, 08 Jun 1955 12:00:00 GMT"); } @@ -2109,9 +2216,8 @@ void free_http_response(struct http_response *rsp) * Function : template_load * * Description : CGI support function that loads a given HTML - * template from the confdir, ignoring comment - * lines and following #include statements up to - * a depth of 1. + * template, ignoring comment lines and following + * #include statements up to a depth of 1. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) @@ -2158,11 +2264,23 @@ jb_err template_load(struct client_state *csp, char **template_ptr, } } - /* Generate full path */ + /* + * Generate full path using either templdir + * or confdir/templates as base directory. + */ + if (NULL != csp->config->templdir) + { + templates_dir_path = strdup(csp->config->templdir); + } + else + { + templates_dir_path = make_path(csp->config->confdir, "templates"); + } - templates_dir_path = make_path(csp->config->confdir, "templates"); if (templates_dir_path == NULL) { + log_error(LOG_LEVEL_ERROR, "Out of memory while generating template path for %s.", + templatename); return JB_ERR_MEMORY; } @@ -2170,6 +2288,8 @@ jb_err template_load(struct client_state *csp, char **template_ptr, free(templates_dir_path); if (full_path == NULL) { + log_error(LOG_LEVEL_ERROR, "Out of memory while generating full template path for %s.", + templatename); return JB_ERR_MEMORY; } @@ -2178,6 +2298,7 @@ jb_err template_load(struct client_state *csp, char **template_ptr, file_buffer = strdup(""); if (file_buffer == NULL) { + log_error(LOG_LEVEL_ERROR, "Not enough free memory to buffer %s.", full_path); free(full_path); return JB_ERR_MEMORY; } @@ -2474,7 +2595,7 @@ struct map *default_exports(const struct client_state *csp, const char *caller) if (!err) err = map_block_killer(exports, "can-toggle"); #endif - snprintf(buf, 20, "%d", csp->config->hport); + snprintf(buf, sizeof(buf), "%d", csp->config->hport); if (!err) err = map(exports, "my-port", 1, buf, 1); if(!strcmp(CODE_STATUS, "stable")) @@ -2543,7 +2664,7 @@ jb_err map_block_killer(struct map *exports, const char *name) assert(name); assert(strlen(name) < 490); - snprintf(buf, 1000, "if-%s-start.*if-%s-end", name, name); + snprintf(buf, sizeof(buf), "if-%s-start.*if-%s-end", name, name); return map(exports, buf, 1, "", 1); } @@ -2573,7 +2694,7 @@ jb_err map_block_keep(struct map *exports, const char *name) assert(name); assert(strlen(name) < 490); - snprintf(buf, 500, "if-%s-start", name); + snprintf(buf, sizeof(buf), "if-%s-start", name); err = map(exports, buf, 1, "", 1); if (err) @@ -2581,7 +2702,7 @@ jb_err map_block_keep(struct map *exports, const char *name) return err; } - snprintf(buf, 500, "if-%s-end", name); + snprintf(buf, sizeof(buf), "if-%s-end", name); return map(exports, buf, 1, "", 1); } @@ -2620,7 +2741,7 @@ jb_err map_conditional(struct map *exports, const char *name, int choose_first) assert(name); assert(strlen(name) < 480); - snprintf(buf, 1000, (choose_first + snprintf(buf, sizeof(buf), (choose_first ? "else-not-%s@.*@endif-%s" : "if-%s-then@.*@else-not-%s"), name, name); @@ -2631,7 +2752,7 @@ jb_err map_conditional(struct map *exports, const char *name, int choose_first) return err; } - snprintf(buf, 1000, (choose_first ? "if-%s-then" : "endif-%s"), name); + snprintf(buf, sizeof(buf), (choose_first ? "if-%s-then" : "endif-%s"), name); return map(exports, buf, 1, "", 1); } @@ -2681,6 +2802,10 @@ char *make_menu(const char *self, const unsigned feature_flags) { char *html_encoded_prefix; + /* + * Line breaks would be great, but break + * the "blocked" template's JavaScript. + */ string_append(&result, "
  • name); string_append(&result, "\">"); string_append(&result, d->description); - string_append(&result, "
    • \n"); + string_append(&result, ""); } }