X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=cgisimple.c;h=9cc233968ea0510fea60847cff5208234881a036;hp=64fd90dce8be855b20d331a1ae73f4377f957053;hb=36b7381311cfb84104619fd8bead33aa3186081d;hpb=4dc78efef707ae654ed69a373c609727bc0ac8b9 diff --git a/cgisimple.c b/cgisimple.c index 64fd90dc..9cc23396 100644 --- a/cgisimple.c +++ b/cgisimple.c @@ -1,4 +1,4 @@ -const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.50 2007/01/23 15:51:17 fabiankeil Exp $"; +const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.70 2008/04/24 16:12:38 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/cgisimple.c,v $ @@ -9,7 +9,7 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.50 2007/01/23 15:51:17 fabian * Functions declared include: * * - * Copyright : Written by and Copyright (C) 2001-2007 the SourceForge + * Copyright : Written by and Copyright (C) 2001-2008 the SourceForge * Privoxy team. http://www.privoxy.org/ * * Based on the Internet Junkbuster originally written @@ -36,6 +36,88 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.50 2007/01/23 15:51:17 fabian * * Revisions : * $Log: cgisimple.c,v $ + * Revision 1.70 2008/04/24 16:12:38 fabiankeil + * In cgi_show_status(), load the requested file at once. + * Using string_join() for every line really doesn't scale. + * + * Revision 1.69 2008/04/17 14:40:48 fabiankeil + * Provide get_http_time() with the buffer size so it doesn't + * have to blindly assume that the buffer is big enough. + * + * Revision 1.68 2008/03/27 18:27:21 fabiankeil + * Remove kill-popups action. + * + * Revision 1.67 2008/03/27 17:00:05 fabiankeil + * Turn the favicon blobs into locals. + * + * Revision 1.66 2008/02/23 16:57:12 fabiankeil + * Rename url_actions() to get_url_actions() and let it + * use the standard parameter ordering. + * + * Revision 1.65 2008/02/23 16:33:43 fabiankeil + * Let forward_url() use the standard parameter ordering + * and mark its second parameter immutable. + * + * Revision 1.64 2008/02/03 13:56:07 fabiankeil + * Add SOCKS5 support for show-url-info CGI page. + * + * Revision 1.63 2008/02/01 06:04:31 fabiankeil + * If edit buttons on the show-url-info CGI page are hidden, explain why. + * + * Revision 1.62 2008/02/01 05:52:40 fabiankeil + * Hide edit buttons on the show-url-info CGI page if enable-edit-action + * is disabled. Patch by Lee with additional white space adjustments. + * + * Revision 1.61 2008/01/26 11:13:25 fabiankeil + * If enable-edit-actions is disabled, hide the edit buttons and explain why. + * + * Revision 1.60 2007/10/27 13:12:13 fabiankeil + * Finish 1.49 and check write access before + * showing edit buttons on show-url-info page. + * + * Revision 1.59 2007/10/19 16:42:36 fabiankeil + * Plug memory leak I introduced five months ago. + * Yay Valgrind and Privoxy-Regression-Test. + * + * Revision 1.58 2007/07/21 12:19:50 fabiankeil + * If show-url-info is called with an URL that Privoxy + * would reject as invalid, don't show unresolved forwarding + * variables, "final matches" or claim the site's secure. + * + * Revision 1.57 2007/06/01 16:53:05 fabiankeil + * Adjust cgi_show_url_info() to show what forward-override{} + * would do with the requested URL (instead of showing how the + * request for the CGI page would be forwarded if it wasn't a + * CGI request). + * + * Revision 1.56 2007/05/21 10:50:35 fabiankeil + * - Use strlcpy() instead of strcpy(). + * - Stop treating actions files special. Expect a complete file name + * (with or without path) like it's done for the rest of the files. + * Closes FR#588084. + * - Don't rerun sed() in cgi_show_request(). + * + * Revision 1.55 2007/04/13 13:36:46 fabiankeil + * Reference action files in CGI URLs by id instead + * of using the first part of the file name. + * Fixes BR 1694250 and BR 1590556. + * + * Revision 1.54 2007/04/09 18:11:35 fabiankeil + * Don't mistake VC++'s _snprintf() for a snprintf() replacement. + * + * Revision 1.53 2007/04/08 13:21:04 fabiankeil + * Reference action files in CGI URLs by id instead + * of using the first part of the file name. + * Fixes BR 1694250 and BR 1590556. + * + * Revision 1.52 2007/02/13 15:10:26 fabiankeil + * Apparently fopen()ing in "binary" mode doesn't require + * #ifdefs, it's already done without them in cgiedit.c. + * + * Revision 1.51 2007/02/10 16:55:22 fabiankeil + * - Show forwarding settings on the show-url-info page + * - Fix some HTML syntax errors. + * * Revision 1.50 2007/01/23 15:51:17 fabiankeil * Add favicon delivery functions. * @@ -296,10 +378,6 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.50 2007/01/23 15:51:17 fabian #include #endif /* def HAVE_ACCESS */ -#ifdef _WIN32 -#define snprintf _snprintf -#endif /* def _WIN32 */ - #include "project.h" #include "cgi.h" #include "cgisimple.h" @@ -316,45 +394,11 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.50 2007/01/23 15:51:17 fabian const char cgisimple_h_rcs[] = CGISIMPLE_H_VERSION; - static char *show_rcs(void); static jb_err show_defines(struct map *exports); - -/* - * 16x16 ico blobs for favicon delivery functions. - */ -const char default_favicon_data[] = - "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" - "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" - "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" - "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" - "\000\000\377\377\377\000\377\000\052\000\017\360\000\000\077" - "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" - "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" - "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" - "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" - "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" - "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" - "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" - "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" - "\017\000\000"; -const char error_favicon_data[] = - "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" - "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" - "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" - "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" - "\000\000\377\377\377\000\000\000\377\000\017\360\000\000\077" - "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" - "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" - "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" - "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" - "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" - "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" - "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" - "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" - "\017\000\000"; -const size_t default_favicon_length = sizeof(default_favicon_data) - 1; -const size_t error_favicon_length = sizeof(error_favicon_data) - 1; +static jb_err cgi_show_file(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters); /********************************************************************* * @@ -532,8 +576,8 @@ jb_err cgi_show_request(struct client_state *csp, return JB_ERR_MEMORY; } - if (map(exports, "processed-request", 1, html_encode_and_free_original( - sed(client_patterns, add_client_headers, csp)), 0)) + if (map(exports, "processed-request", 1, + html_encode_and_free_original(list_to_text(csp->headers)), 0)) { free_map(exports); return JB_ERR_MEMORY; @@ -738,8 +782,25 @@ jb_err cgi_send_default_favicon(struct client_state *csp, struct http_response *rsp, const struct map *parameters) { - rsp->body = bindup(default_favicon_data, default_favicon_length); - rsp->content_length = default_favicon_length; + static const char default_favicon_data[] = + "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" + "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" + "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" + "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" + "\000\000\377\377\377\000\377\000\052\000\017\360\000\000\077" + "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" + "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" + "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" + "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" + "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" + "\017\000\000"; + static const size_t favicon_length = sizeof(default_favicon_data) - 1; + + rsp->body = bindup(default_favicon_data, favicon_length); + rsp->content_length = favicon_length; if (rsp->body == NULL) { @@ -779,8 +840,25 @@ jb_err cgi_send_error_favicon(struct client_state *csp, struct http_response *rsp, const struct map *parameters) { - rsp->body = bindup(error_favicon_data, error_favicon_length); - rsp->content_length = error_favicon_length; + static const char error_favicon_data[] = + "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" + "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" + "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" + "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" + "\000\000\377\377\377\000\000\000\377\000\017\360\000\000\077" + "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" + "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" + "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" + "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" + "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" + "\017\000\000"; + static const size_t favicon_length = sizeof(error_favicon_data) - 1; + + rsp->body = bindup(error_favicon_data, favicon_length); + rsp->content_length = favicon_length; if (rsp->body == NULL) { @@ -905,15 +983,7 @@ jb_err cgi_send_user_manual(struct client_state *csp, } /* Open user-manual file */ -#ifdef WIN32 - /* - * XXX: Do we support other operating systems that - * require special treatment to fopen in binary mode? - */ if (NULL == (fp = fopen(full_path, "rb"))) -#else - if (NULL == (fp = fopen(full_path, "r"))) -#endif /* def WIN32 */ { log_error(LOG_LEVEL_ERROR, "Cannot open user-manual file %s: %E", full_path); err = cgi_error_no_template(csp, rsp, full_path); @@ -937,7 +1007,7 @@ jb_err cgi_send_user_manual(struct client_state *csp, if (!fread(rsp->body, length, 1, fp)) { /* - * This happens if we didn't fopen in binary mode. + * May happen if the file size changes between fseek() and fread(). * If it does, we just log it and serve what we got. */ log_error(LOG_LEVEL_ERROR, "Couldn't completely read user-manual file %s.", full_path); @@ -1015,7 +1085,7 @@ jb_err cgi_show_version(struct client_state *csp, return template_fill_for_cgi(csp, "show-version", exports, rsp); } - + /********************************************************************* * * Function : cgi_show_status @@ -1031,7 +1101,7 @@ jb_err cgi_show_version(struct client_state *csp, * CGI Parameters : * file : Which file to show. Only first letter is checked, * valid values are: - * - "p"ermissions (actions) file + * - "a"ction file * - "r"egex * - "t"rust * Default is to show menu and other information. @@ -1048,10 +1118,7 @@ jb_err cgi_show_status(struct client_state *csp, unsigned i; int j; - FILE * fp; char buf[BUFFER_SIZE]; - const char * filename = NULL; - char * file_description = NULL; #ifdef FEATURE_STATISTICS float perc_rej; /* Percentage of http requests rejected */ int local_urls_read; @@ -1065,74 +1132,14 @@ jb_err cgi_show_status(struct client_state *csp, assert(rsp); assert(parameters); - if (NULL == (exports = default_exports(csp, "show-status"))) + if ('\0' != *(lookup(parameters, "file"))) { - return JB_ERR_MEMORY; - } - - switch (*(lookup(parameters, "file"))) - { - case 'a': - if (!get_number_param(csp, parameters, "index", &i) && i < MAX_AF_FILES && csp->actions_list[i]) - { - filename = csp->actions_list[i]->filename; - file_description = "Actions File"; - } - break; - - case 'f': - if (!get_number_param(csp, parameters, "index", &i) && i < MAX_AF_FILES && csp->rlist[i]) - { - filename = csp->rlist[i]->filename; - file_description = "Filter File"; - } - break; - -#ifdef FEATURE_TRUST - case 't': - if (csp->tlist) - { - filename = csp->tlist->filename; - file_description = "Trust File"; - } - break; -#endif /* def FEATURE_TRUST */ + return cgi_show_file(csp, rsp, parameters); } - if (NULL != filename) + if (NULL == (exports = default_exports(csp, "show-status"))) { - if ( map(exports, "file-description", 1, file_description, 1) - || map(exports, "filepath", 1, html_encode(filename), 0) ) - { - free_map(exports); - return JB_ERR_MEMORY; - } - - if ((fp = fopen(filename, "r")) == NULL) - { - if (map(exports, "content", 1, "

ERROR OPENING FILE!

", 1)) - { - free_map(exports); - return JB_ERR_MEMORY; - } - } - else - { - s = strdup(""); - while ((s != NULL) && fgets(buf, sizeof(buf), fp)) - { - string_join (&s, html_encode(buf)); - } - fclose(fp); - - if (map(exports, "contents", 1, s, 0)) - { - free_map(exports); - return JB_ERR_MEMORY; - } - } - - return template_fill_for_cgi(csp, "show-status-file", exports, rsp); + return JB_ERR_MEMORY; } s = strdup(""); @@ -1204,18 +1211,20 @@ jb_err cgi_show_status(struct client_state *csp, { if (!err) err = string_append(&s, ""); if (!err) err = string_join(&s, html_encode(csp->actions_list[i]->filename)); - snprintf(buf, 100, "View", i); + snprintf(buf, sizeof(buf), + "View", i); if (!err) err = string_append(&s, buf); #ifdef FEATURE_CGI_EDIT_ACTIONS - if (NULL == strstr(csp->actions_list[i]->filename, "standard.action") && NULL != csp->config->actions_file_short[i]) + if ((csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS) + && (NULL == strstr(csp->actions_list[i]->filename, "standard.action")) + && (NULL != csp->config->actions_file_short[i])) { #ifdef HAVE_ACCESS if (access(csp->config->actions_file[i], W_OK) == 0) { #endif /* def HAVE_ACCESS */ - snprintf(buf, 100, "  Edit", - csp->config->actions_file_short[i]); + snprintf(buf, sizeof(buf), "  Edit", i); if (!err) err = string_append(&s, buf); #ifdef HAVE_ACCESS } @@ -1280,6 +1289,13 @@ jb_err cgi_show_status(struct client_state *csp, if (!err) err = map_block_killer(exports, "trust-support"); #endif /* ndef FEATURE_TRUST */ +#ifdef FEATURE_CGI_EDIT_ACTIONS + if (!err && (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS)) + { + err = map_block_killer(exports, "cgi-editor-is-disabled"); + } +#endif /* ndef CGI_EDIT_ACTIONS */ + if (err) { free_map(exports); @@ -1378,15 +1394,16 @@ jb_err cgi_show_url_info(struct client_state *csp, /* * Unknown prefix - assume http:// */ - char * url_param_prefixed = malloc(7 + 1 + strlen(url_param)); + const size_t url_param_prefixed_size = 7 + 1 + strlen(url_param); + char * url_param_prefixed = malloc(url_param_prefixed_size); if (NULL == url_param_prefixed) { free(url_param); free_map(exports); return JB_ERR_MEMORY; } - strcpy(url_param_prefixed, "http://"); - strcpy(url_param_prefixed + 7, url_param); + strlcpy(url_param_prefixed, "http://", url_param_prefixed_size); + strlcat(url_param_prefixed, url_param, url_param_prefixed_size); free(url_param); url_param = url_param_prefixed; } @@ -1463,6 +1480,7 @@ jb_err cgi_show_url_info(struct client_state *csp, err = map(exports, "matches", 1, "[Invalid URL specified!]" , 1); if (!err) err = map(exports, "final", 1, lookup(exports, "default"), 1); + if (!err) err = map_block_killer(exports, "valid-url"); free_current_action(action); free_http_request(url_to_query); @@ -1477,7 +1495,7 @@ jb_err cgi_show_url_info(struct client_state *csp, } /* - * We have a warning about SSL paths. Hide it for insecure sites. + * We have a warning about SSL paths. Hide it for unencrypted sites. */ if (!url_to_query->ssl) { @@ -1495,7 +1513,7 @@ jb_err cgi_show_url_info(struct client_state *csp, for (i = 0; i < MAX_AF_FILES; i++) { if (NULL == csp->config->actions_file_short[i] - || !strcmp(csp->config->actions_file_short[i], "standard")) continue; + || !strcmp(csp->config->actions_file_short[i], "standard.action")) continue; b = NULL; hits = 1; @@ -1506,14 +1524,30 @@ jb_err cgi_show_url_info(struct client_state *csp, /* FIXME: Hardcoded HTML! */ string_append(&matches, "In file: "); string_join (&matches, html_encode(csp->config->actions_file_short[i])); - snprintf(buf, 150, ".action ", i); + snprintf(buf, sizeof(buf), " ", i); string_append(&matches, buf); string_append(&matches, "View"); #ifdef FEATURE_CGI_EDIT_ACTIONS - string_append(&matches, " config->actions_file_short[i])); - string_append(&matches, "\">Edit"); -#endif + if (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS) + { +#ifdef HAVE_ACCESS + if (access(csp->config->actions_file[i], W_OK) == 0) + { +#endif /* def HAVE_ACCESS */ + snprintf(buf, sizeof(buf), + " ", i); + string_append(&matches, buf); + string_append(&matches, "Edit"); +#ifdef HAVE_ACCESS + } + else + { + string_append(&matches, " No write access."); + } +#endif /* def HAVE_ACCESS */ + } +#endif /* FEATURE_CGI_EDIT_ACTIONS */ + string_append(&matches, "\n"); hits = 0; @@ -1550,6 +1584,19 @@ jb_err cgi_show_url_info(struct client_state *csp, } string_append(&matches, "\n"); + /* + * XXX: Kludge to make sure the "Forward settings" section + * shows what forward-override{} would do with the requested URL. + * No one really cares how the CGI request would be forwarded + * if it wasn't intercepted as CGI request in the first place. + * + * From here on the action bitmask will no longer reflect + * the real url (http://config.privoxy.org/show-url-info?url=.*), + * but luckily it's no longer required later on anyway. + */ + free_current_action(csp->action); + get_url_actions(csp, url_to_query); + /* * Fill in forwarding settings. * @@ -1561,10 +1608,10 @@ jb_err cgi_show_url_info(struct client_state *csp, * * XXX: Parts of this code could be reused for the * "forwarding-failed" template which currently doesn't - * display the proxy port and an eventuell second forwarder. + * display the proxy port and an eventual second forwarder. */ { - const struct forward_spec * fwd = forward_url(url_to_query, csp); + const struct forward_spec *fwd = forward_url(csp, url_to_query); if ((fwd->gateway_host == NULL) && (fwd->forward_host == NULL)) { @@ -1579,8 +1626,24 @@ jb_err cgi_show_url_info(struct client_state *csp, if (fwd->gateway_host != NULL) { - if (!err) err = map(exports, "socks-type", 1, (fwd->type == SOCKS_4) ? - "socks4" : "socks4a", 1); + char *socks_type = NULL; + + switch (fwd->type) + { + case SOCKS_4: + socks_type = "socks4"; + break; + case SOCKS_4A: + socks_type = "socks4a"; + break; + case SOCKS_5: + socks_type = "socks5"; + break; + default: + log_error(LOG_LEVEL_FATAL, "Unknown socks type: %d.", fwd->type); + } + + if (!err) err = map(exports, "socks-type", 1, socks_type, 1); if (!err) err = map(exports, "gateway-host", 1, fwd->gateway_host, 1); snprintf(port, sizeof(port), "%d", fwd->gateway_port); if (!err) err = map(exports, "gateway-port", 1, port, 1); @@ -1612,7 +1675,14 @@ jb_err cgi_show_url_info(struct client_state *csp, return JB_ERR_MEMORY; } - if (map(exports, "matches", 1, matches , 0)) +#ifdef FEATURE_CGI_EDIT_ACTIONS + if ((csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS)) + { + err = map_block_killer(exports, "cgi-editor-is-disabled"); + } +#endif /* FEATURE_CGI_EDIT_ACTIONS */ + + if (err || map(exports, "matches", 1, matches , 0)) { free_current_action(action); free_map(exports); @@ -1675,7 +1745,7 @@ jb_err cgi_robots_txt(struct client_state *csp, rsp->is_static = 1; - get_http_time(7 * 24 * 60 * 60, buf); /* 7 days into future */ + get_http_time(7 * 24 * 60 * 60, buf, sizeof(buf)); /* 7 days into future */ if (!err) err = enlist_unique_header(rsp->headers, "Expires", buf); return (err ? JB_ERR_MEMORY : JB_ERR_OK); @@ -1750,12 +1820,6 @@ static jb_err show_defines(struct map *exports) if (!err) err = map_conditional(exports, "FEATURE_IMAGE_DETECT_MSIE", 0); #endif /* ndef FEATURE_IMAGE_DETECT_MSIE */ -#ifdef FEATURE_KILL_POPUPS - if (!err) err = map_conditional(exports, "FEATURE_KILL_POPUPS", 1); -#else /* ifndef FEATURE_KILL_POPUPS */ - if (!err) err = map_conditional(exports, "FEATURE_KILL_POPUPS", 0); -#endif /* ndef FEATURE_KILL_POPUPS */ - #ifdef FEATURE_NO_GIFS if (!err) err = map_conditional(exports, "FEATURE_NO_GIFS", 1); #else /* ifndef FEATURE_NO_GIFS */ @@ -1868,10 +1932,6 @@ static char *show_rcs(void) SHOW_RCS(jbsockets_rcs) SHOW_RCS(jcc_h_rcs) SHOW_RCS(jcc_rcs) -#ifdef FEATURE_KILL_POPUPS - SHOW_RCS(killpopup_h_rcs) - SHOW_RCS(killpopup_rcs) -#endif /* def FEATURE_KILL_POPUPS */ SHOW_RCS(list_h_rcs) SHOW_RCS(list_rcs) SHOW_RCS(loadcfg_h_rcs) @@ -1908,6 +1968,152 @@ static char *show_rcs(void) } +/********************************************************************* + * + * Function : cgi_show_file + * + * Description : CGI function that shows the content of a + * configuration file. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : + * file : Which file to show. Only first letter is checked, + * valid values are: + * - "a"ction file + * - "r"egex + * - "t"rust + * Default is to show menu and other information. + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +static jb_err cgi_show_file(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + unsigned i; + const char * filename = NULL; + char * file_description = NULL; + + assert(csp); + assert(rsp); + assert(parameters); + + switch (*(lookup(parameters, "file"))) + { + case 'a': + if (!get_number_param(csp, parameters, "index", &i) && i < MAX_AF_FILES && csp->actions_list[i]) + { + filename = csp->actions_list[i]->filename; + file_description = "Actions File"; + } + break; + + case 'f': + if (!get_number_param(csp, parameters, "index", &i) && i < MAX_AF_FILES && csp->rlist[i]) + { + filename = csp->rlist[i]->filename; + file_description = "Filter File"; + } + break; + +#ifdef FEATURE_TRUST + case 't': + if (csp->tlist) + { + filename = csp->tlist->filename; + file_description = "Trust File"; + } + break; +#endif /* def FEATURE_TRUST */ + } + + if (NULL != filename) + { + struct map *exports; + char *s; + FILE * fp; + + exports = default_exports(csp, "show-status"); + if (NULL == exports) + { + return JB_ERR_MEMORY; + } + + if ( map(exports, "file-description", 1, file_description, 1) + || map(exports, "filepath", 1, html_encode(filename), 0) ) + { + free_map(exports); + return JB_ERR_MEMORY; + } + + if ((fp = fopen(filename, "rb")) == NULL) + { + if (map(exports, "content", 1, "

ERROR OPENING FILE!

", 1)) + { + free_map(exports); + return JB_ERR_MEMORY; + } + } + else + { + /* + * XXX: this code is "quite similar" to the one + * in cgi_send_user_manual() and should be refactored. + * While at it, the return codes for ftell() and fseek + * should be verified. + */ + size_t length; + /* Get file length */ + fseek(fp, 0, SEEK_END); + length = (size_t)ftell(fp); + fseek(fp, 0, SEEK_SET); + + s = (char *)zalloc(length+1); + if (NULL == s) + { + fclose(fp); + return JB_ERR_MEMORY; + } + if (!fread(s, length, 1, fp)) + { + /* + * May happen if the file size changes between fseek() and fread(). + * If it does, we just log it and serve what we got. + */ + log_error(LOG_LEVEL_ERROR, "Couldn't completely read file %s.", filename); + } + fclose(fp); + + s = html_encode_and_free_original(s); + if (NULL == s) + { + return JB_ERR_MEMORY; + } + + if (map(exports, "contents", 1, s, 0)) + { + free_map(exports); + return JB_ERR_MEMORY; + } + } + + return template_fill_for_cgi(csp, "show-status-file", exports, rsp); + } + + /* + * XXX: should return JB_ERR_PARSE but CGI handlers + * currently aren't expected to do that. + */ + return JB_ERR_OK; +} + + /* Local Variables: tab-width: 3