X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=cgisimple.c;h=7d64402147727f735993440478df23cbf8cd9a9a;hp=3ddf01a9b94ae1d7be2871db62849bca5566c688;hb=4109bc45d04f7bf5ff60f566e988eb8da396e3da;hpb=3bab8c3b9323bf1d4cd9dbdac2b50636e99fd379 diff --git a/cgisimple.c b/cgisimple.c index 3ddf01a9..7d644021 100644 --- a/cgisimple.c +++ b/cgisimple.c @@ -1,22 +1,19 @@ -const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.32 2002/04/26 18:29:13 jongfoster Exp $"; +const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.131 2014/10/18 11:28:49 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/cgisimple.c,v $ * * Purpose : Simple CGIs to get information about Privoxy's * status. - * - * Functions declared include: - * * - * Copyright : Written by and Copyright (C) 2001 the SourceForge + * Copyright : Written by and Copyright (C) 2001-2014 the * Privoxy team. http://www.privoxy.org/ * * Based on the Internet Junkbuster originally written - * by and Copyright (C) 1997 Anonymous Coders and + * by and Copyright (C) 1997 Anonymous Coders and * Junkbusters Corporation. http://www.junkbusters.com * - * This program is free software; you can redistribute it + * This program is free software; you can redistribute it * and/or modify it under the terms of the GNU General * Public License as published by the Free Software * Foundation; either version 2 of the License, or (at @@ -34,146 +31,8 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.32 2002/04/26 18:29:13 jongfo * or write to the Free Software Foundation, Inc., 59 * Temple Place - Suite 330, Boston, MA 02111-1307, USA. * - * Revisions : - * $Log: cgisimple.c,v $ - * Revision 1.32 2002/04/26 18:29:13 jongfoster - * Fixing this Visual C++ warning: - * cgisimple.c(775) : warning C4018: '<' : signed/unsigned mismatch - * - * Revision 1.31 2002/04/26 12:54:36 oes - * - Kill obsolete REDIRECT_URL code - * - Error handling fixes - * - Style sheet related HTML snipplet changes - * - cgi_show_url_info: - * - Matches now in table, actions on single lines, - * linked to help - * - standard.action suppressed - * - Buttons to View and Edit AFs - * - * Revision 1.30 2002/04/24 02:18:08 oes - * - show-status is now the starting point for editing - * the actions files, generate list of all AFs with buttons - * for viewing and editing, new look for file list (Jon: - * buttons now aligned ;-P ), view mode now supports multiple - * AFs, name changes, no view links for unspecified files, - * no edit link for standard.action. - * - * - Jon's multiple AF patch: cgi_show_url_info now uses all - * AFs and marks the output accordingly - * - * Revision 1.29 2002/04/10 13:38:35 oes - * load_template signature changed - * - * Revision 1.28 2002/04/07 15:42:12 jongfoster - * Fixing send-banner?type=auto when the image-blocker is - * a redirect to send-banner - * - * Revision 1.27 2002/04/05 15:50:48 oes - * added send-stylesheet CGI - * - * Revision 1.26 2002/04/04 00:36:36 gliptak - * always use pcre for matching - * - * Revision 1.25 2002/04/03 22:28:03 gliptak - * Removed references to gnu_regex - * - * Revision 1.24 2002/04/02 16:12:47 oes - * Fix: moving misplaced lines into #ifdef FEATURE_FORCE - * - * Revision 1.23 2002/03/26 22:29:54 swa - * we have a new homepage! - * - * Revision 1.22 2002/03/24 16:18:15 jongfoster - * Removing old logo - * - * Revision 1.21 2002/03/24 15:23:33 jongfoster - * Name changes - * - * Revision 1.20 2002/03/24 13:25:43 swa - * name change related issues - * - * Revision 1.19 2002/03/16 23:54:06 jongfoster - * Adding graceful termination feature, to help look for memory leaks. - * If you enable this (which, by design, has to be done by hand - * editing config.h) and then go to http://i.j.b/die, then the program - * will exit cleanly after the *next* request. It should free all the - * memory that was used. - * - * Revision 1.18 2002/03/12 01:44:49 oes - * Changed default for "blocked" image from jb logo to checkboard pattern - * - * Revision 1.17 2002/03/08 16:43:18 oes - * Added choice beween GIF and PNG built-in images - * - * Revision 1.16 2002/03/07 03:48:38 oes - * - Changed built-in images from GIF to PNG - * (with regard to Unisys patent issue) - * - Added a 4x4 pattern PNG which is less intrusive - * than the logo but also clearly marks the deleted banners - * - * Revision 1.15 2002/03/06 22:54:35 jongfoster - * Automated function-comment nitpicking. - * - * Revision 1.14 2002/03/02 04:14:50 david__schmidt - * Clean up a little CRLF unpleasantness that suddenly appeared - * - * Revision 1.13 2002/02/21 00:10:37 jongfoster - * Adding send-banner?type=auto option - * - * Revision 1.12 2002/01/23 01:03:32 jongfoster - * Fixing gcc [CygWin] compiler warnings - * - * Revision 1.11 2002/01/23 00:01:04 jongfoster - * Adding cgi_transparent_gif() for http://i.j.b/t - * Adding missing html_encode() to many CGI functions. - * Adding urlmatch.[ch] to http://i.j.b/show-version - * - * Revision 1.10 2002/01/17 21:10:37 jongfoster - * Changes to cgi_show_url_info to use new matching code from urlmatch.c. - * Also fixing a problem in the same function with improperly quoted URLs - * in output HTML, and adding code to handle https:// URLs correctly. - * - * Revision 1.9 2001/11/30 23:09:15 jongfoster - * Now reports on FEATURE_CGI_EDIT_ACTIONS - * Removing FEATURE_DENY_GZIP from template - * - * Revision 1.8 2001/11/13 00:14:07 jongfoster - * Fixing stupid bug now I've figured out what || means. - * (It always returns 0 or 1, not one of it's paramaters.) - * - * Revision 1.7 2001/10/23 21:48:19 jongfoster - * Cleaning up error handling in CGI functions - they now send back - * a HTML error page and should never cause a FATAL error. (Fixes one - * potential source of "denial of service" attacks). - * - * CGI actions file editor that works and is actually useful. - * - * Ability to toggle JunkBuster remotely using a CGI call. - * - * You can turn off both the above features in the main configuration - * file, e.g. if you are running a multi-user proxy. - * - * Revision 1.6 2001/10/14 22:00:32 jongfoster - * Adding support for a 404 error when an invalid CGI page is requested. - * - * Revision 1.5 2001/10/07 15:30:41 oes - * Removed FEATURE_DENY_GZIP - * - * Revision 1.4 2001/10/02 15:31:12 oes - * Introduced show-request cgi - * - * Revision 1.3 2001/09/22 16:34:44 jongfoster - * Removing unneeded #includes - * - * Revision 1.2 2001/09/19 18:01:11 oes - * Fixed comments; cosmetics - * - * Revision 1.1 2001/09/16 17:08:54 jongfoster - * Moving simple CGI functions from cgi.c to new file cgisimple.c - * - * **********************************************************************/ - + #include "config.h" @@ -184,9 +43,9 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.32 2002/04/26 18:29:13 jongfo #include #include -#ifdef _WIN32 -#define snprintf _snprintf -#endif /* def _WIN32 */ +#if defined (HAVE_ACCESS) && defined (HAVE_UNISTD_H) +#include +#endif /* def HAVE_ACCESS && HAVE_UNISTD_H */ #include "project.h" #include "cgi.h" @@ -204,18 +63,21 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.32 2002/04/26 18:29:13 jongfo const char cgisimple_h_rcs[] = CGISIMPLE_H_VERSION; - static char *show_rcs(void); static jb_err show_defines(struct map *exports); - +static jb_err cgi_show_file(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters); +static jb_err load_file(const char *filename, char **buffer, size_t *length); /********************************************************************* * * Function : cgi_default * - * Description : CGI function that is called if no action was given. - * Lists menu of available unhidden CGIs. - * + * Description : CGI function that is called for the CGI_SITE_1_HOST + * and CGI_SITE_2_HOST/CGI_SITE_2_PATH base URLs. + * Boring - only exports the default exports. + * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) * 2 : rsp = http_response data structure for output @@ -225,64 +87,35 @@ static jb_err show_defines(struct map *exports); * * Returns : JB_ERR_OK on success * JB_ERR_MEMORY on out-of-memory - * (Problems other than out-of-memory should be - * handled by this routine - it should set the - * rsp appropriately and return "success") * *********************************************************************/ jb_err cgi_default(struct client_state *csp, struct http_response *rsp, const struct map *parameters) { - char *tmp; struct map *exports; + (void)parameters; + assert(csp); assert(rsp); - assert(parameters); if (NULL == (exports = default_exports(csp, ""))) { return JB_ERR_MEMORY; } - /* If there were other parameters, export a dump as "cgi-parameters" */ - if (parameters->first) - { - tmp = strdup("

What made you think this cgi takes parameters?\n" - "Anyway, here they are, in case you're interested:

\n"); - string_join(&tmp, dump_map(parameters)); - if (tmp == NULL) - { - free_map(exports); - return JB_ERR_MEMORY; - } - if (map(exports, "cgi-parameters", 1, tmp, 0)) - { - return JB_ERR_MEMORY; - } - } - else - { - if (map(exports, "cgi-parameters", 1, "", 1)) - { - return JB_ERR_MEMORY; - } - } - return template_fill_for_cgi(csp, "default", exports, rsp); } - - /********************************************************************* * * Function : cgi_error_404 * * Description : CGI function that is called if an unknown action was * given. - * + * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) * 2 : rsp = http_response data structure for output @@ -291,7 +124,7 @@ jb_err cgi_default(struct client_state *csp, * CGI Parameters : none * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_error_404(struct client_state *csp, @@ -309,12 +142,7 @@ jb_err cgi_error_404(struct client_state *csp, return JB_ERR_MEMORY; } - rsp->status = strdup("404 Privoxy configuration page not found"); - if (rsp->status == NULL) - { - free_map(exports); - return JB_ERR_MEMORY; - } + rsp->status = strdup_or_die("404 Privoxy configuration page not found"); return template_fill_for_cgi(csp, "cgi-error-404", exports, rsp); } @@ -329,7 +157,7 @@ jb_err cgi_error_404(struct client_state *csp, * NOTE: Turning this on in a production build * would be a BAD idea. An EXTREMELY BAD idea. * In short, don't do it. - * + * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) * 2 : rsp = http_response data structure for output @@ -338,13 +166,26 @@ jb_err cgi_error_404(struct client_state *csp, * CGI Parameters : none * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_die (struct client_state *csp, struct http_response *rsp, const struct map *parameters) { + static const char status[] = "200 OK Privoxy shutdown request received"; + static const char body[] = + "\n" + "\n" + " Privoxy shutdown request received\n" + " \n" + " \n" + "\n" + "\n" + "

Privoxy shutdown request received

\n" + "

Privoxy is going to shut down after the next request.

\n" + "\n" + "\n"; + assert(csp); assert(rsp); assert(parameters); @@ -352,12 +193,16 @@ jb_err cgi_die (struct client_state *csp, /* quit */ g_terminate = 1; - /* - * I don't really care what gets sent back to the browser. - * Take the easy option - "out of memory" page. - */ + csp->flags &= ~CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE; - return JB_ERR_MEMORY; + rsp->content_length = 0; + rsp->head_length = 0; + rsp->is_static = 0; + + rsp->body = strdup_or_die(body); + rsp->status = strdup_or_die(status); + + return JB_ERR_OK; } #endif /* def FEATURE_GRACEFUL_TERMINATION */ @@ -368,7 +213,7 @@ jb_err cgi_die (struct client_state *csp, * * Description : Show the client's request and what sed() would have * made of it. - * + * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) * 2 : rsp = http_response data structure for output @@ -377,7 +222,7 @@ jb_err cgi_die (struct client_state *csp, * CGI Parameters : none * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_show_request(struct client_state *csp, @@ -395,11 +240,11 @@ jb_err cgi_show_request(struct client_state *csp, { return JB_ERR_MEMORY; } - + /* * Repair the damage done to the IOB by get_header() */ - for (p = csp->iob->buf; p < csp->iob->eod; p++) + for (p = csp->client_iob->buf; p < csp->client_iob->cur; p++) { if (*p == '\0') *p = '\n'; } @@ -409,14 +254,14 @@ jb_err cgi_show_request(struct client_state *csp, * be sending to the server if this wasn't a CGI call */ - if (map(exports, "client-request", 1, html_encode(csp->iob->buf), 0)) + if (map(exports, "client-request", 1, html_encode(csp->client_iob->buf), 0)) { free_map(exports); return JB_ERR_MEMORY; } - if (map(exports, "processed-request", 1, html_encode_and_free_original( - sed(client_patterns, add_client_headers, csp)), 0)) + if (map(exports, "processed-request", 1, + html_encode_and_free_original(list_to_text(csp->headers)), 0)) { free_map(exports); return JB_ERR_MEMORY; @@ -430,7 +275,7 @@ jb_err cgi_show_request(struct client_state *csp, * * Function : cgi_send_banner * - * Description : CGI function that returns a banner. + * Description : CGI function that returns a banner. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) @@ -441,10 +286,11 @@ jb_err cgi_show_request(struct client_state *csp, * type : Selects the type of banner between "trans", "logo", * and "auto". Defaults to "logo" if absent or invalid. * "auto" means to select as if we were image-blocking. - * (Only the first character really counts). + * (Only the first character really counts; b and t are + * equivalent). * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_send_banner(struct client_state *csp, @@ -453,20 +299,24 @@ jb_err cgi_send_banner(struct client_state *csp, { char imagetype = lookup(parameters, "type")[0]; - if (imagetype == 'a') /* auto */ + /* + * If type is auto, then determine the right thing + * to do from the set-image-blocker action + */ + if (imagetype == 'a') { - /* Default to pattern */ + /* + * Default to pattern + */ imagetype = 'p'; + #ifdef FEATURE_IMAGE_BLOCKING if ((csp->action->flags & ACTION_IMAGE_BLOCKER) != 0) { static const char prefix1[] = CGI_PREFIX "send-banner?type="; static const char prefix2[] = "http://" CGI_SITE_1_HOST "/send-banner?type="; + const char *p = csp->action->string[ACTION_STRING_IMAGE_BLOCKER]; - /* determine HOW images should be blocked */ - const char * p = csp->action->string[ACTION_STRING_IMAGE_BLOCKER]; - - /* and handle accordingly: */ if (p == NULL) { /* Use default - nothing to do here. */ @@ -479,6 +329,11 @@ jb_err cgi_send_banner(struct client_state *csp, { imagetype = 'p'; } + + /* + * If the action is to call this CGI, determine + * the argument: + */ else if (0 == strncmpic(p, prefix1, sizeof(prefix1) - 1)) { imagetype = p[sizeof(prefix1) - 1]; @@ -487,21 +342,90 @@ jb_err cgi_send_banner(struct client_state *csp, { imagetype = p[sizeof(prefix2) - 1]; } + + /* + * Everything else must (should) be a URL to + * redirect to. + */ + else + { + imagetype = 'r'; + } } #endif /* def FEATURE_IMAGE_BLOCKING */ } - - if ((imagetype == 'b') || (imagetype == 't')) /* blank / transparent */ - { - rsp->body = bindup(image_blank_data, image_blank_length); - rsp->content_length = image_blank_length; + /* + * Now imagetype is either the non-auto type we were called with, + * or it was auto and has since been determined. In any case, we + * can proceed to actually answering the request by sending a redirect + * or an image as appropriate: + */ + if (imagetype == 'r') + { + rsp->status = strdup_or_die("302 Local Redirect from Privoxy"); + if (enlist_unique_header(rsp->headers, "Location", + csp->action->string[ACTION_STRING_IMAGE_BLOCKER])) + { + return JB_ERR_MEMORY; + } } - else /* pattern */ + else { - rsp->body = bindup(image_pattern_data, image_pattern_length); - rsp->content_length = image_pattern_length; - } + if ((imagetype == 'b') || (imagetype == 't')) + { + rsp->body = bindup(image_blank_data, image_blank_length); + rsp->content_length = image_blank_length; + } + else + { + rsp->body = bindup(image_pattern_data, image_pattern_length); + rsp->content_length = image_pattern_length; + } + + if (rsp->body == NULL) + { + return JB_ERR_MEMORY; + } + if (enlist(rsp->headers, "Content-Type: " BUILTIN_IMAGE_MIMETYPE)) + { + return JB_ERR_MEMORY; + } + + rsp->is_static = 1; + } + + return JB_ERR_OK; + +} + + +/********************************************************************* + * + * Function : cgi_transparent_image + * + * Description : CGI function that sends a 1x1 transparent image. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : None + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +jb_err cgi_transparent_image(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + (void)csp; + (void)parameters; + + rsp->body = bindup(image_blank_data, image_blank_length); + rsp->content_length = image_blank_length; if (rsp->body == NULL) { @@ -522,9 +446,9 @@ jb_err cgi_send_banner(struct client_state *csp, /********************************************************************* * - * Function : cgi_transparent_image + * Function : cgi_send_default_favicon * - * Description : CGI function that sends a 1x1 transparent image. + * Description : CGI function that sends the standard favicon. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) @@ -534,22 +458,103 @@ jb_err cgi_send_banner(struct client_state *csp, * CGI Parameters : None * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ -jb_err cgi_transparent_image(struct client_state *csp, - struct http_response *rsp, - const struct map *parameters) +jb_err cgi_send_default_favicon(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) { - rsp->body = bindup(image_blank_data, image_blank_length); - rsp->content_length = image_blank_length; + static const char default_favicon_data[] = + "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" + "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" + "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" + "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" + "\000\000\377\377\377\000\377\000\052\000\017\360\000\000\077" + "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" + "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" + "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" + "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" + "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" + "\017\000\000"; + static const size_t favicon_length = sizeof(default_favicon_data) - 1; + + (void)csp; + (void)parameters; + + rsp->body = bindup(default_favicon_data, favicon_length); + rsp->content_length = favicon_length; if (rsp->body == NULL) { return JB_ERR_MEMORY; } - if (enlist(rsp->headers, "Content-Type: " BUILTIN_IMAGE_MIMETYPE)) + if (enlist(rsp->headers, "Content-Type: image/x-icon")) + { + return JB_ERR_MEMORY; + } + + rsp->is_static = 1; + + return JB_ERR_OK; + +} + + +/********************************************************************* + * + * Function : cgi_send_error_favicon + * + * Description : CGI function that sends the favicon for error pages. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : None + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +jb_err cgi_send_error_favicon(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + static const char error_favicon_data[] = + "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" + "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" + "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" + "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" + "\000\000\377\377\377\000\000\000\377\000\017\360\000\000\077" + "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" + "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" + "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" + "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" + "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" + "\017\000\000"; + static const size_t favicon_length = sizeof(error_favicon_data) - 1; + + (void)csp; + (void)parameters; + + rsp->body = bindup(error_favicon_data, favicon_length); + rsp->content_length = favicon_length; + + if (rsp->body == NULL) + { + return JB_ERR_MEMORY; + } + + if (enlist(rsp->headers, "Content-Type: image/x-icon")) { return JB_ERR_MEMORY; } @@ -576,7 +581,7 @@ jb_err cgi_transparent_image(struct client_state *csp, * CGI Parameters : None * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_send_stylesheet(struct client_state *csp, @@ -584,10 +589,12 @@ jb_err cgi_send_stylesheet(struct client_state *csp, const struct map *parameters) { jb_err err; - + assert(csp); assert(rsp); + (void)parameters; + err = template_load(csp, &rsp->body, "cgi-style.css", 0); if (err == JB_ERR_FILE) @@ -614,166 +621,278 @@ jb_err cgi_send_stylesheet(struct client_state *csp, /********************************************************************* * - * Function : cgi_show_version + * Function : cgi_send_url_info_osd * - * Description : CGI function that returns a a web page describing the - * file versions of Privoxy. + * Description : CGI function that sends the OpenSearch Description + * template for the show-url-info page. It allows to + * access the page through "search engine plugins". * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) * 2 : rsp = http_response data structure for output * 3 : parameters = map of cgi parameters * - * CGI Parameters : none + * CGI Parameters : None * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ -jb_err cgi_show_version(struct client_state *csp, - struct http_response *rsp, - const struct map *parameters) +jb_err cgi_send_url_info_osd(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) { - struct map *exports; + jb_err err = JB_ERR_MEMORY; + struct map *exports = default_exports(csp, NULL); - assert(csp); - assert(rsp); - assert(parameters); + (void)csp; + (void)parameters; - if (NULL == (exports = default_exports(csp, "show-version"))) + if (NULL != exports) { - return JB_ERR_MEMORY; + err = template_fill_for_cgi(csp, "url-info-osd.xml", exports, rsp); + if (JB_ERR_OK == err) + { + err = enlist(rsp->headers, + "Content-Type: application/opensearchdescription+xml"); + } } - if (map(exports, "sourceversions", 1, show_rcs(), 0)) + return err; + +} + + +/********************************************************************* + * + * Function : get_content_type + * + * Description : Use the file extension to guess the content type + * header we should use to serve the file. + * + * Parameters : + * 1 : filename = Name of the file whose content type + * we care about + * + * Returns : The guessed content type. + * + *********************************************************************/ +static const char *get_content_type(const char *filename) +{ + int i; + struct content_type { - free_map(exports); - return JB_ERR_MEMORY; + const char extension[6]; + const char content_type[11]; + }; + static const struct content_type content_types[] = + { + {".css", "text/css"}, + {".jpg", "image/jpeg"}, + {".jpeg", "image/jpeg"}, + {".png", "image/png"}, + }; + + for (i = 0; i < SZ(content_types); i++) + { + if (strstr(filename, content_types[i].extension)) + { + return content_types[i].content_type; + } } - return template_fill_for_cgi(csp, "show-version", exports, rsp); + /* No match by extension, default to html */ + return "text/html"; } - /********************************************************************* * - * Function : cgi_show_status + * Function : cgi_send_user_manual * - * Description : CGI function that returns a a web page describing the - * current status of Privoxy. + * Description : CGI function that sends a file in the user + * manual directory. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) * 2 : rsp = http_response data structure for output * 3 : parameters = map of cgi parameters * - * CGI Parameters : - * file : Which file to show. Only first letter is checked, - * valid values are: - * - "p"ermissions (actions) file - * - "r"egex - * - "t"rust - * Default is to show menu and other information. + * CGI Parameters : file=name.html, the name of the HTML file + * (relative to user-manual from config) * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ -jb_err cgi_show_status(struct client_state *csp, - struct http_response *rsp, - const struct map *parameters) +jb_err cgi_send_user_manual(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) { - char *s = NULL; - unsigned i; - int j; - - FILE * fp; - char buf[BUFFER_SIZE]; - const char * filename = NULL; - char * file_description = NULL; -#ifdef FEATURE_STATISTICS - float perc_rej; /* Percentage of http requests rejected */ - int local_urls_read; - int local_urls_rejected; -#endif /* ndef FEATURE_STATISTICS */ - struct file_list * fl; - struct url_actions * b; + const char *filename; + char *full_path; jb_err err = JB_ERR_OK; - - struct map *exports; + const char *content_type; assert(csp); assert(rsp); assert(parameters); - if (NULL == (exports = default_exports(csp, "show-status"))) + if (0 == strncmpic(csp->config->usermanual, "http://", 7)) { - return JB_ERR_MEMORY; + log_error(LOG_LEVEL_CGI, "Request for local user-manual " + "received while user-manual delivery is disabled."); + return cgi_error_404(csp, rsp, parameters); } - switch (*(lookup(parameters, "file"))) + if (!parameters->first) { - case 'a': - if (!get_number_param(csp, parameters, "index", &i) && i < MAX_ACTION_FILES && csp->actions_list[i]) - { - filename = csp->actions_list[i]->filename; - file_description = "Actions File"; - } - break; + /* requested http://p.p/user-manual (without trailing slash) */ + return cgi_redirect(rsp, CGI_PREFIX "user-manual/"); + } - case 'f': - if (csp->rlist) - { - filename = csp->rlist->filename; - file_description = "Filter File"; - } - break; + get_string_param(parameters, "file", &filename); + if (filename == NULL) + { + /* It's '/' so serve the index.html if there is one. */ + filename = "index.html"; + } + else if (NULL != strchr(filename, '/') || NULL != strstr(filename, "..")) + { + /* + * We currently only support a flat file + * hierarchy for the documentation. + */ + log_error(LOG_LEVEL_ERROR, + "Rejecting the request to serve '%s' as it contains '/' or '..'", + filename); + return JB_ERR_CGI_PARAMS; + } -#ifdef FEATURE_TRUST - case 't': - if (csp->tlist) - { - filename = csp->tlist->filename; - file_description = "Trust File"; - } - break; -#endif /* def FEATURE_TRUST */ + full_path = make_path(csp->config->usermanual, filename); + if (full_path == NULL) + { + return JB_ERR_MEMORY; } - if (NULL != filename) + err = load_file(full_path, &rsp->body, &rsp->content_length); + if (JB_ERR_OK != err) { - if ( map(exports, "file-description", 1, file_description, 1) - || map(exports, "filepath", 1, html_encode(filename), 0) ) + assert((JB_ERR_FILE == err) || (JB_ERR_MEMORY == err)); + if (JB_ERR_FILE == err) { - free_map(exports); - return JB_ERR_MEMORY; + err = cgi_error_no_template(csp, rsp, full_path); } + freez(full_path); + return err; + } + freez(full_path); - if ((fp = fopen(filename, "r")) == NULL) - { - if (map(exports, "content", 1, "

ERROR OPENING FILE!

", 1)) - { - free_map(exports); - return JB_ERR_MEMORY; - } - } - else - { - s = strdup(""); - while ((s != NULL) && fgets(buf, sizeof(buf), fp)) - { - string_join (&s, html_encode(buf)); - } - fclose(fp); + content_type = get_content_type(filename); + log_error(LOG_LEVEL_CGI, + "Content-Type guessed for %s: %s", filename, content_type); - if (map(exports, "contents", 1, s, 0)) - { - free_map(exports); - return JB_ERR_MEMORY; - } - } + return enlist_unique_header(rsp->headers, "Content-Type", content_type); - return template_fill_for_cgi(csp, "show-status-file", exports, rsp); +} + + +/********************************************************************* + * + * Function : cgi_show_version + * + * Description : CGI function that returns a a web page describing the + * file versions of Privoxy. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : none + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +jb_err cgi_show_version(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + struct map *exports; + + assert(csp); + assert(rsp); + assert(parameters); + + if (NULL == (exports = default_exports(csp, "show-version"))) + { + return JB_ERR_MEMORY; + } + + if (map(exports, "sourceversions", 1, show_rcs(), 0)) + { + free_map(exports); + return JB_ERR_MEMORY; + } + + return template_fill_for_cgi(csp, "show-version", exports, rsp); +} + + +/********************************************************************* + * + * Function : cgi_show_status + * + * Description : CGI function that returns a web page describing the + * current status of Privoxy. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : + * file : Which file to show. Only first letter is checked, + * valid values are: + * - "a"ction file + * - "r"egex + * - "t"rust + * Default is to show menu and other information. + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +jb_err cgi_show_status(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + char *s = NULL; + unsigned i; + int j; + + char buf[BUFFER_SIZE]; +#ifdef FEATURE_STATISTICS + float perc_rej; /* Percentage of http requests rejected */ + int local_urls_read; + int local_urls_rejected; +#endif /* ndef FEATURE_STATISTICS */ + jb_err err = JB_ERR_OK; + + struct map *exports; + + assert(csp); + assert(rsp); + assert(parameters); + + if ('\0' != *(lookup(parameters, "file"))) + { + return cgi_show_file(csp, rsp, parameters); + } + + if (NULL == (exports = default_exports(csp, "show-status"))) + { + return JB_ERR_MEMORY; } s = strdup(""); @@ -787,7 +906,7 @@ jb_err cgi_show_status(struct client_state *csp, if (!err) err = map(exports, "options", 1, csp->config->proxy_args, 1); if (!err) err = show_defines(exports); - if (err) + if (err) { free_map(exports); return JB_ERR_MEMORY; @@ -818,46 +937,61 @@ jb_err cgi_show_status(struct client_state *csp, perc_rej = (float)local_urls_rejected * 100.0F / (float)local_urls_read; - sprintf(buf, "%d", local_urls_read); + snprintf(buf, sizeof(buf), "%d", local_urls_read); if (!err) err = map(exports, "requests-received", 1, buf, 1); - sprintf(buf, "%d", local_urls_rejected); + snprintf(buf, sizeof(buf), "%d", local_urls_rejected); if (!err) err = map(exports, "requests-blocked", 1, buf, 1); - sprintf(buf, "%6.2f", perc_rej); + snprintf(buf, sizeof(buf), "%6.2f", perc_rej); if (!err) err = map(exports, "percent-blocked", 1, buf, 1); } #else /* ndef FEATURE_STATISTICS */ - err = err || map_block_killer(exports, "statistics"); + if (!err) err = map_block_killer(exports, "statistics"); #endif /* ndef FEATURE_STATISTICS */ - - /* + + /* * List all action files in use, together with view and edit links, * except for standard.action, which should only be viewable. (Not * enforced in the editor itself) * FIXME: Shouldn't include hardwired HTML here, use line template instead! */ s = strdup(""); - for (i = 0; i < MAX_ACTION_FILES; i++) + for (i = 0; i < MAX_AF_FILES; i++) { - if (((fl = csp->actions_list[i]) != NULL) && ((b = fl->f) != NULL)) + if (csp->actions_list[i] != NULL) { if (!err) err = string_append(&s, ""); if (!err) err = string_join(&s, html_encode(csp->actions_list[i]->filename)); - snprintf(buf, 100, "View ", i); + snprintf(buf, sizeof(buf), + "View", i); if (!err) err = string_append(&s, buf); - if (NULL == strstr(csp->actions_list[i]->filename, "standard.action") && NULL != csp->config->actions_file_short[i]) +#ifdef FEATURE_CGI_EDIT_ACTIONS + if ((csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS) + && (NULL != csp->config->actions_file_short[i])) { - snprintf(buf, 100, "Edit", csp->config->actions_file_short[i]); - if (!err) err = string_append(&s, buf); +#ifdef HAVE_ACCESS + if (access(csp->config->actions_file[i], W_OK) == 0) + { +#endif /* def HAVE_ACCESS */ + snprintf(buf, sizeof(buf), "  Edit", i); + if (!err) err = string_append(&s, buf); +#ifdef HAVE_ACCESS + } + else + { + if (!err) err = string_append(&s, "  No write access."); + } +#endif /* def HAVE_ACCESS */ } +#endif if (!err) err = string_append(&s, "\n"); } } - if (*s != '\0') + if (*s != '\0') { if (!err) err = map(exports, "actions-filenames", 1, s, 0); } @@ -866,13 +1000,30 @@ jb_err cgi_show_status(struct client_state *csp, if (!err) err = map(exports, "actions-filenames", 1, "None specified", 1); } - if (csp->rlist) + /* + * List all re_filterfiles in use, together with view options. + * FIXME: Shouldn't include hardwired HTML here, use line template instead! + */ + s = strdup(""); + for (i = 0; i < MAX_AF_FILES; i++) { - if (!err) err = map(exports, "re-filter-filename", 1, html_encode(csp->rlist->filename), 0); + if (csp->rlist[i] != NULL) + { + if (!err) err = string_append(&s, ""); + if (!err) err = string_join(&s, html_encode(csp->rlist[i]->filename)); + snprintf(buf, sizeof(buf), + "View", i); + if (!err) err = string_append(&s, buf); + if (!err) err = string_append(&s, "\n"); + } + } + if (*s != '\0') + { + if (!err) err = map(exports, "re-filter-filenames", 1, s, 0); } else { - if (!err) err = map(exports, "re-filter-filename", 1, "None specified", 1); + if (!err) err = map(exports, "re-filter-filenames", 1, "None specified", 1); if (!err) err = map_block_killer(exports, "have-filterfile"); } @@ -890,6 +1041,15 @@ jb_err cgi_show_status(struct client_state *csp, if (!err) err = map_block_killer(exports, "trust-support"); #endif /* ndef FEATURE_TRUST */ +#ifdef FEATURE_CGI_EDIT_ACTIONS + if (!err && (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS)) + { + err = map_block_killer(exports, "cgi-editor-is-disabled"); + } +#endif /* ndef CGI_EDIT_ACTIONS */ + + if (!err) err = map(exports, "force-prefix", 1, FORCE_PREFIX, 1); + if (err) { free_map(exports); @@ -899,7 +1059,7 @@ jb_err cgi_show_status(struct client_state *csp, return template_fill_for_cgi(csp, "show-status", exports, rsp); } - + /********************************************************************* * * Function : cgi_show_url_info @@ -920,7 +1080,7 @@ jb_err cgi_show_status(struct client_state *csp, * the template. * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_show_url_info(struct client_state *csp, @@ -943,12 +1103,7 @@ jb_err cgi_show_url_info(struct client_state *csp, /* * Get the url= parameter (if present) and remove any leading/trailing spaces. */ - url_param = strdup(lookup(parameters, "url")); - if (url_param == NULL) - { - free_map(exports); - return JB_ERR_MEMORY; - } + url_param = strdup_or_die(lookup(parameters, "url")); chomp(url_param); /* @@ -956,7 +1111,7 @@ jb_err cgi_show_url_info(struct client_state *csp, * 1) "http://" or "https://" prefix present and followed by URL - OK * 2) Only the "http://" or "https://" part is present, no URL - change * to empty string so it will be detected later as "no URL". - * 3) Parameter specified but doesn't contain "http(s?)://" - add a + * 3) Parameter specified but doesn't start with "http(s?)://" - add a * "http://" prefix. * 4) Parameter not specified or is empty string - let this fall through * for now, next block of code will handle it. @@ -967,7 +1122,7 @@ jb_err cgi_show_url_info(struct client_state *csp, { /* * Empty URL (just prefix). - * Make it totally empty so it's caught by the next if() + * Make it totally empty so it's caught by the next if () */ url_param[0] = '\0'; } @@ -978,29 +1133,43 @@ jb_err cgi_show_url_info(struct client_state *csp, { /* * Empty URL (just prefix). - * Make it totally empty so it's caught by the next if() + * Make it totally empty so it's caught by the next if () */ url_param[0] = '\0'; } } - else if (url_param[0] != '\0') + else if ((url_param[0] != '\0') + && ((NULL == strstr(url_param, "://") + || (strstr(url_param, "://") > strstr(url_param, "/"))))) { /* - * Unknown prefix - assume http:// + * No prefix or at least no prefix before + * the first slash - assume http:// */ - char * url_param_prefixed = malloc(7 + 1 + strlen(url_param)); - if (NULL == url_param_prefixed) + char *url_param_prefixed = strdup_or_die("http://"); + + if (JB_ERR_OK != string_join(&url_param_prefixed, url_param)) { - free(url_param); free_map(exports); return JB_ERR_MEMORY; } - strcpy(url_param_prefixed, "http://"); - strcpy(url_param_prefixed + 7, url_param); - free(url_param); url_param = url_param_prefixed; } + /* + * Hide "toggle off" warning if Privoxy is toggled on. + */ + if ( +#ifdef FEATURE_TOGGLE + (global_toggle_state == 1) && +#endif /* def FEATURE_TOGGLE */ + map_block_killer(exports, "privoxy-is-toggled-off") + ) + { + freez(url_param); + free_map(exports); + return JB_ERR_MEMORY; + } if (url_param[0] == '\0') { @@ -1025,7 +1194,7 @@ jb_err cgi_show_url_info(struct client_state *csp, struct http_request url_to_query[1]; struct current_action_spec action[1]; int i; - + if (map(exports, "url", 1, html_encode(url_param), 0)) { free(url_param); @@ -1043,12 +1212,15 @@ jb_err cgi_show_url_info(struct client_state *csp, return JB_ERR_MEMORY; } - err = parse_http_url(url_param, url_to_query, csp); + memset(url_to_query, '\0', sizeof(url_to_query)); + err = parse_http_url(url_param, url_to_query, REQUIRE_PROTOCOL); + assert((err != JB_ERR_OK) || (url_to_query->ssl == !strncmpic(url_param, "https://", 8))); free(url_param); if (err == JB_ERR_MEMORY) { + free_http_request(url_to_query); free_current_action(action); free_map(exports); return JB_ERR_MEMORY; @@ -1059,8 +1231,10 @@ jb_err cgi_show_url_info(struct client_state *csp, err = map(exports, "matches", 1, "[Invalid URL specified!]" , 1); if (!err) err = map(exports, "final", 1, lookup(exports, "default"), 1); + if (!err) err = map_block_killer(exports, "valid-url"); free_current_action(action); + free_http_request(url_to_query); if (err) { @@ -1072,7 +1246,7 @@ jb_err cgi_show_url_info(struct client_state *csp, } /* - * We have a warning about SSL paths. Hide it for insecure sites. + * We have a warning about SSL paths. Hide it for unencrypted sites. */ if (!url_to_query->ssl) { @@ -1080,16 +1254,17 @@ jb_err cgi_show_url_info(struct client_state *csp, { free_current_action(action); free_map(exports); + free_http_request(url_to_query); return JB_ERR_MEMORY; } } - matches = strdup(""); + matches = strdup_or_die("
"); - for (i = 0; i < MAX_ACTION_FILES; i++) + for (i = 0; i < MAX_AF_FILES; i++) { if (NULL == csp->config->actions_file_short[i] - || !strcmp(csp->config->actions_file_short[i], "standard")) continue; + || !strcmp(csp->config->actions_file_short[i], "standard.action")) continue; b = NULL; hits = 1; @@ -1100,11 +1275,31 @@ jb_err cgi_show_url_info(struct client_state *csp, /* FIXME: Hardcoded HTML! */ string_append(&matches, "\n"); + string_append(&matches, "View"); +#ifdef FEATURE_CGI_EDIT_ACTIONS + if (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS) + { +#ifdef HAVE_ACCESS + if (access(csp->config->actions_file[i], W_OK) == 0) + { +#endif /* def HAVE_ACCESS */ + snprintf(buf, sizeof(buf), + " ", i); + string_append(&matches, buf); + string_append(&matches, "Edit"); +#ifdef HAVE_ACCESS + } + else + { + string_append(&matches, " No write access."); + } +#endif /* def HAVE_ACCESS */ + } +#endif /* FEATURE_CGI_EDIT_ACTIONS */ + + string_append(&matches, "\n"); hits = 0; b = b->next; @@ -1117,7 +1312,7 @@ jb_err cgi_show_url_info(struct client_state *csp, { string_append(&matches, "\n"); @@ -1140,16 +1335,121 @@ jb_err cgi_show_url_info(struct client_state *csp, } string_append(&matches, "
In file: "); string_join (&matches, html_encode(csp->config->actions_file_short[i])); - snprintf(buf, 150, ".action ", i); + snprintf(buf, sizeof(buf), " ", i); string_append(&matches, buf); - string_append(&matches, "View config->actions_file_short[i])); - string_append(&matches, "\">Edit
{"); string_join (&matches, actions_to_html(csp, b->action)); - string_append(&matches, " }
\n"); + string_append(&matches, " }
\n"); string_join (&matches, html_encode(b->url->spec)); string_append(&matches, "
\n"); + /* + * XXX: Kludge to make sure the "Forward settings" section + * shows what forward-override{} would do with the requested URL. + * No one really cares how the CGI request would be forwarded + * if it wasn't intercepted as CGI request in the first place. + * + * From here on the action bitmask will no longer reflect + * the real url (http://config.privoxy.org/show-url-info?url=.*), + * but luckily it's no longer required later on anyway. + */ + free_current_action(csp->action); + get_url_actions(csp, url_to_query); + + /* + * Fill in forwarding settings. + * + * The possibilities are: + * - no forwarding + * - http forwarding only + * - socks4(a) forwarding only + * - socks4(a) and http forwarding. + * + * XXX: Parts of this code could be reused for the + * "forwarding-failed" template which currently doesn't + * display the proxy port and an eventual second forwarder. + */ + { + const struct forward_spec *fwd = forward_url(csp, url_to_query); + + if ((fwd->gateway_host == NULL) && (fwd->forward_host == NULL)) + { + if (!err) err = map_block_killer(exports, "socks-forwarder"); + if (!err) err = map_block_killer(exports, "http-forwarder"); + } + else + { + char port[10]; /* We save proxy ports as int but need a string here */ + + if (!err) err = map_block_killer(exports, "no-forwarder"); + + if (fwd->gateway_host != NULL) + { + char *socks_type = NULL; + + switch (fwd->type) + { + case SOCKS_4: + socks_type = "socks4"; + break; + case SOCKS_4A: + socks_type = "socks4a"; + break; + case SOCKS_5: + socks_type = "socks5"; + break; + case SOCKS_5T: + socks_type = "socks5t"; + break; + default: + log_error(LOG_LEVEL_FATAL, "Unknown socks type: %d.", fwd->type); + } + + if (!err) err = map(exports, "socks-type", 1, socks_type, 1); + if (!err) err = map(exports, "gateway-host", 1, fwd->gateway_host, 1); + snprintf(port, sizeof(port), "%d", fwd->gateway_port); + if (!err) err = map(exports, "gateway-port", 1, port, 1); + } + else + { + if (!err) err = map_block_killer(exports, "socks-forwarder"); + } + + if (fwd->forward_host != NULL) + { + if (!err) err = map(exports, "forward-host", 1, fwd->forward_host, 1); + snprintf(port, sizeof(port), "%d", fwd->forward_port); + if (!err) err = map(exports, "forward-port", 1, port, 1); + } + else + { + if (!err) err = map_block_killer(exports, "http-forwarder"); + } + } + } + free_http_request(url_to_query); - if (matches == NULL) + if (err || matches == NULL) { free_current_action(action); free_map(exports); return JB_ERR_MEMORY; } - if (map(exports, "matches", 1, matches , 0)) +#ifdef FEATURE_CGI_EDIT_ACTIONS + if ((csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS)) + { + err = map_block_killer(exports, "cgi-editor-is-disabled"); + } +#endif /* FEATURE_CGI_EDIT_ACTIONS */ + + /* + * If zlib support is available, if no content filters + * are enabled or if the prevent-compression action is enabled, + * suppress the "compression could prevent filtering" warning. + */ +#ifndef FEATURE_ZLIB + if (!content_filters_enabled(action) || + (action->flags & ACTION_NO_COMPRESSION)) +#endif + { + if (!err) err = map_block_killer(exports, "filters-might-be-ineffective"); + } + + if (err || map(exports, "matches", 1, matches , 0)) { free_current_action(action); free_map(exports); @@ -1185,7 +1485,7 @@ jb_err cgi_show_url_info(struct client_state *csp, * CGI Parameters : None * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_robots_txt(struct client_state *csp, @@ -1195,7 +1495,10 @@ jb_err cgi_robots_txt(struct client_state *csp, char buf[100]; jb_err err; - rsp->body = strdup( + (void)csp; + (void)parameters; + + rsp->body = strdup_or_die( "# This is the Privoxy control interface.\n" "# It isn't very useful to index it, and you're likely to break stuff.\n" "# So go away!\n" @@ -1203,16 +1506,12 @@ jb_err cgi_robots_txt(struct client_state *csp, "User-agent: *\n" "Disallow: /\n" "\n"); - if (rsp->body == NULL) - { - return JB_ERR_MEMORY; - } err = enlist_unique(rsp->headers, "Content-Type: text/plain", 13); rsp->is_static = 1; - get_http_time(7 * 24 * 60 * 60, buf); /* 7 days into future */ + get_http_time(7 * 24 * 60 * 60, buf, sizeof(buf)); /* 7 days into future */ if (!err) err = enlist_unique_header(rsp->headers, "Expires", buf); return (err ? JB_ERR_MEMORY : JB_ERR_OK); @@ -1230,106 +1529,192 @@ jb_err cgi_robots_txt(struct client_state *csp, * 1 : exports = map to extend * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ static jb_err show_defines(struct map *exports) { jb_err err = JB_ERR_OK; + int i; + struct feature { + const char name[31]; + const unsigned char is_available; + }; + static const struct feature features[] = { + { + "FEATURE_ACCEPT_FILTER", +#ifdef FEATURE_ACCEPT_FILTER + 1, +#else + 0, +#endif + }, + { + "FEATURE_ACL", #ifdef FEATURE_ACL - if (!err) err = map_conditional(exports, "FEATURE_ACL", 1); -#else /* ifndef FEATURE_ACL */ - if (!err) err = map_conditional(exports, "FEATURE_ACL", 0); -#endif /* ndef FEATURE_ACL */ - + 1, +#else + 0, +#endif + }, + { + "FEATURE_CGI_EDIT_ACTIONS", #ifdef FEATURE_CGI_EDIT_ACTIONS - if (!err) err = map_conditional(exports, "FEATURE_CGI_EDIT_ACTIONS", 1); -#else /* ifndef FEATURE_COOKIE_JAR */ - if (!err) err = map_conditional(exports, "FEATURE_CGI_EDIT_ACTIONS", 0); -#endif /* ndef FEATURE_COOKIE_JAR */ - -#ifdef FEATURE_COOKIE_JAR - if (!err) err = map_conditional(exports, "FEATURE_COOKIE_JAR", 1); -#else /* ifndef FEATURE_COOKIE_JAR */ - if (!err) err = map_conditional(exports, "FEATURE_COOKIE_JAR", 0); -#endif /* ndef FEATURE_COOKIE_JAR */ - + 1, +#else + 0, +#endif + }, + { + "FEATURE_COMPRESSION", +#ifdef FEATURE_COMPRESSION + 1, +#else + 0, +#endif + }, + { + "FEATURE_CONNECTION_KEEP_ALIVE", +#ifdef FEATURE_CONNECTION_KEEP_ALIVE + 1, +#else + 0, +#endif + }, + { + "FEATURE_CONNECTION_SHARING", +#ifdef FEATURE_CONNECTION_SHARING + 1, +#else + 0, +#endif + }, + { + "FEATURE_FAST_REDIRECTS", #ifdef FEATURE_FAST_REDIRECTS - if (!err) err = map_conditional(exports, "FEATURE_FAST_REDIRECTS", 1); -#else /* ifndef FEATURE_FAST_REDIRECTS */ - if (!err) err = map_conditional(exports, "FEATURE_FAST_REDIRECTS", 0); -#endif /* ndef FEATURE_FAST_REDIRECTS */ - + 1, +#else + 0, +#endif + }, + { + "FEATURE_FORCE_LOAD", #ifdef FEATURE_FORCE_LOAD - if (!err) err = map_conditional(exports, "FEATURE_FORCE_LOAD", 1); - if (!err) err = map(exports, "FORCE_PREFIX", 1, FORCE_PREFIX, 1); -#else /* ifndef FEATURE_FORCE_LOAD */ - if (!err) err = map_conditional(exports, "FEATURE_FORCE_LOAD", 0); - if (!err) err = map(exports, "FORCE_PREFIX", 1, "(none - disabled)", 1); -#endif /* ndef FEATURE_FORCE_LOAD */ - + 1, +#else + 0, +#endif + }, + { + "FEATURE_GRACEFUL_TERMINATION", +#ifdef FEATURE_GRACEFUL_TERMINATION + 1, +#else + 0, +#endif + }, + { + "FEATURE_IMAGE_BLOCKING", #ifdef FEATURE_IMAGE_BLOCKING - if (!err) err = map_conditional(exports, "FEATURE_IMAGE_BLOCKING", 1); -#else /* ifndef FEATURE_IMAGE_BLOCKING */ - if (!err) err = map_conditional(exports, "FEATURE_IMAGE_BLOCKING", 0); -#endif /* ndef FEATURE_IMAGE_BLOCKING */ - + 1, +#else + 0, +#endif + }, + { + "FEATURE_IMAGE_DETECT_MSIE", #ifdef FEATURE_IMAGE_DETECT_MSIE - if (!err) err = map_conditional(exports, "FEATURE_IMAGE_DETECT_MSIE", 1); -#else /* ifndef FEATURE_IMAGE_DETECT_MSIE */ - if (!err) err = map_conditional(exports, "FEATURE_IMAGE_DETECT_MSIE", 0); -#endif /* ndef FEATURE_IMAGE_DETECT_MSIE */ - -#ifdef FEATURE_KILL_POPUPS - if (!err) err = map_conditional(exports, "FEATURE_KILL_POPUPS", 1); -#else /* ifndef FEATURE_KILL_POPUPS */ - if (!err) err = map_conditional(exports, "FEATURE_KILL_POPUPS", 0); -#endif /* ndef FEATURE_KILL_POPUPS */ - + 1, +#else + 0, +#endif + }, + { + "FEATURE_IPV6_SUPPORT", +#ifdef HAVE_RFC2553 + 1, +#else + 0, +#endif + }, + { + "FEATURE_NO_GIFS", #ifdef FEATURE_NO_GIFS - if (!err) err = map_conditional(exports, "FEATURE_NO_GIFS", 1); -#else /* ifndef FEATURE_NO_GIFS */ - if (!err) err = map_conditional(exports, "FEATURE_NO_GIFS", 0); -#endif /* ndef FEATURE_NO_GIFS */ - + 1, +#else + 0, +#endif + }, + { + "FEATURE_PTHREAD", #ifdef FEATURE_PTHREAD - if (!err) err = map_conditional(exports, "FEATURE_PTHREAD", 1); -#else /* ifndef FEATURE_PTHREAD */ - if (!err) err = map_conditional(exports, "FEATURE_PTHREAD", 0); -#endif /* ndef FEATURE_PTHREAD */ - + 1, +#else + 0, +#endif + }, + { + "FEATURE_STATISTICS", #ifdef FEATURE_STATISTICS - if (!err) err = map_conditional(exports, "FEATURE_STATISTICS", 1); -#else /* ifndef FEATURE_STATISTICS */ - if (!err) err = map_conditional(exports, "FEATURE_STATISTICS", 0); -#endif /* ndef FEATURE_STATISTICS */ - + 1, +#else + 0, +#endif + }, + { + "FEATURE_STRPTIME_SANITY_CHECKS", +#ifdef FEATURE_STRPTIME_SANITY_CHECKS + 1, +#else + 0, +#endif + }, + { + "FEATURE_TOGGLE", #ifdef FEATURE_TOGGLE - if (!err) err = map_conditional(exports, "FEATURE_TOGGLE", 1); -#else /* ifndef FEATURE_TOGGLE */ - if (!err) err = map_conditional(exports, "FEATURE_TOGGLE", 0); -#endif /* ndef FEATURE_TOGGLE */ - + 1, +#else + 0, +#endif + }, + { + "FEATURE_TRUST", #ifdef FEATURE_TRUST - if (!err) err = map_conditional(exports, "FEATURE_TRUST", 1); -#else /* ifndef FEATURE_TRUST */ - if (!err) err = map_conditional(exports, "FEATURE_TRUST", 0); -#endif /* ndef FEATURE_TRUST */ - -#ifdef STATIC_PCRE - if (!err) err = map_conditional(exports, "STATIC_PCRE", 1); -#else /* ifndef STATIC_PCRE */ - if (!err) err = map_conditional(exports, "STATIC_PCRE", 0); -#endif /* ndef STATIC_PCRE */ + 1, +#else + 0, +#endif + }, + { + "FEATURE_ZLIB", +#ifdef FEATURE_ZLIB + 1, +#else + 0, +#endif + }, + { + "FEATURE_DYNAMIC_PCRE", +#ifdef FEATURE_DYNAMIC_PCRE + 1, +#else + 0, +#endif + } + }; -#ifdef STATIC_PCRS - if (!err) err = map_conditional(exports, "STATIC_PCRS", 1); -#else /* ifndef STATIC_PCRS */ - if (!err) err = map_conditional(exports, "STATIC_PCRS", 0); -#endif /* ndef STATIC_PCRS */ + for (i = 0; i < SZ(features); i++) + { + err = map_conditional(exports, features[i].name, features[i].is_available); + if (err) + { + break; + } + } return err; + } @@ -1346,7 +1731,7 @@ static jb_err show_defines(struct map *exports) *********************************************************************/ static char *show_rcs(void) { - char *result = strdup(""); + char *result = strdup_or_die(""); char buf[BUFFER_SIZE]; /* Instead of including *all* dot h's in the project (thus creating a @@ -1357,13 +1742,17 @@ static char *show_rcs(void) #define SHOW_RCS(__x) \ { \ extern const char __x[]; \ - sprintf(buf, "%s\n", __x); \ + snprintf(buf, sizeof(buf), " %s\n", __x); \ string_append(&result, buf); \ } /* In alphabetical order */ SHOW_RCS(actions_h_rcs) SHOW_RCS(actions_rcs) +#ifdef AMIGA + SHOW_RCS(amiga_h_rcs) + SHOW_RCS(amiga_rcs) +#endif /* def AMIGA */ SHOW_RCS(cgi_h_rcs) SHOW_RCS(cgi_rcs) #ifdef FEATURE_CGI_EDIT_ACTIONS @@ -1389,10 +1778,6 @@ static char *show_rcs(void) SHOW_RCS(jbsockets_rcs) SHOW_RCS(jcc_h_rcs) SHOW_RCS(jcc_rcs) -#ifdef FEATURE_KILL_POPUPS - SHOW_RCS(killpopup_h_rcs) - SHOW_RCS(killpopup_rcs) -#endif /* def FEATURE_KILL_POPUPS */ SHOW_RCS(list_h_rcs) SHOW_RCS(list_rcs) SHOW_RCS(loadcfg_h_rcs) @@ -1429,6 +1814,202 @@ static char *show_rcs(void) } +/********************************************************************* + * + * Function : cgi_show_file + * + * Description : CGI function that shows the content of a + * configuration file. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : + * file : Which file to show. Only first letter is checked, + * valid values are: + * - "a"ction file + * - "r"egex + * - "t"rust + * Default is to show menu and other information. + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +static jb_err cgi_show_file(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + unsigned i; + const char * filename = NULL; + char * file_description = NULL; + + assert(csp); + assert(rsp); + assert(parameters); + + switch (*(lookup(parameters, "file"))) + { + case 'a': + if (!get_number_param(csp, parameters, "index", &i) && i < MAX_AF_FILES && csp->actions_list[i]) + { + filename = csp->actions_list[i]->filename; + file_description = "Actions File"; + } + break; + + case 'f': + if (!get_number_param(csp, parameters, "index", &i) && i < MAX_AF_FILES && csp->rlist[i]) + { + filename = csp->rlist[i]->filename; + file_description = "Filter File"; + } + break; + +#ifdef FEATURE_TRUST + case 't': + if (csp->tlist) + { + filename = csp->tlist->filename; + file_description = "Trust File"; + } + break; +#endif /* def FEATURE_TRUST */ + } + + if (NULL != filename) + { + struct map *exports; + char *s; + jb_err err; + size_t length; + + exports = default_exports(csp, "show-status"); + if (NULL == exports) + { + return JB_ERR_MEMORY; + } + + if (map(exports, "file-description", 1, file_description, 1) + || map(exports, "filepath", 1, html_encode(filename), 0)) + { + free_map(exports); + return JB_ERR_MEMORY; + } + + err = load_file(filename, &s, &length); + if (JB_ERR_OK != err) + { + if (map(exports, "contents", 1, "

ERROR OPENING FILE!

", 1)) + { + free_map(exports); + return JB_ERR_MEMORY; + } + } + else + { + s = html_encode_and_free_original(s); + if (NULL == s) + { + free_map(exports); + return JB_ERR_MEMORY; + } + + if (map(exports, "contents", 1, s, 0)) + { + free_map(exports); + return JB_ERR_MEMORY; + } + } + + return template_fill_for_cgi(csp, "show-status-file", exports, rsp); + } + + return JB_ERR_CGI_PARAMS; +} + + +/********************************************************************* + * + * Function : load_file + * + * Description : Loads a file into a buffer. + * + * Parameters : + * 1 : filename = Name of the file to be loaded. + * 2 : buffer = Used to return the file's content. + * 3 : length = Used to return the size of the file. + * + * Returns : JB_ERR_OK in case of success, + * JB_ERR_FILE in case of ordinary file loading errors + * (fseek() and ftell() errors are fatal) + * JB_ERR_MEMORY in case of out-of-memory. + * + *********************************************************************/ +static jb_err load_file(const char *filename, char **buffer, size_t *length) +{ + FILE *fp; + long ret; + jb_err err = JB_ERR_OK; + + fp = fopen(filename, "rb"); + if (NULL == fp) + { + log_error(LOG_LEVEL_ERROR, "Failed to open %s: %E", filename); + return JB_ERR_FILE; + } + + /* Get file length */ + if (fseek(fp, 0, SEEK_END)) + { + log_error(LOG_LEVEL_FATAL, + "Unexpected error while fseek()ing to the end of %s: %E", + filename); + } + ret = ftell(fp); + if (-1 == ret) + { + log_error(LOG_LEVEL_FATAL, + "Unexpected ftell() error while loading %s: %E", + filename); + } + *length = (size_t)ret; + + /* Go back to the beginning. */ + if (fseek(fp, 0, SEEK_SET)) + { + log_error(LOG_LEVEL_FATAL, + "Unexpected error while fseek()ing to the beginning of %s: %E", + filename); + } + + *buffer = (char *)zalloc(*length + 1); + if (NULL == *buffer) + { + err = JB_ERR_MEMORY; + } + else if (1 != fread(*buffer, *length, 1, fp)) + { + /* + * May theoretically happen if the file size changes between + * fseek() and fread() because it's edited in-place. Privoxy + * and common text editors don't do that, thus we just fail. + */ + log_error(LOG_LEVEL_ERROR, + "Couldn't completely read file %s.", filename); + freez(*buffer); + err = JB_ERR_FILE; + } + + fclose(fp); + + return err; + +} + + /* Local Variables: tab-width: 3