X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=filters.c;h=467b8029de225f9100d46449dd55b178d7547a35;hp=480190a2c68ab9e1adccf41e3527b89dff849df1;hb=9b87e59614c7e19ed0b40d9037fbf77ae9871214;hpb=50f87c9446b435d47c371f63615260636639f450 diff --git a/filters.c b/filters.c index 480190a2..467b8029 100644 --- a/filters.c +++ b/filters.c @@ -1,4 +1,4 @@ -const char filters_rcs[] = "$Id: filters.c,v 1.168 2012/03/09 16:23:50 fabiankeil Exp $"; +const char filters_rcs[] = "$Id: filters.c,v 1.177 2013/04/23 09:37:28 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/filters.c,v $ @@ -200,10 +200,6 @@ static int match_sockaddr(const struct sockaddr_storage *network, netmask_addr += 12; addr_len = 4; } - else if (network->ss_family != address->ss_family) - { - return 0; - } /* XXX: Port check is signaled in netmask */ if (*netmask_port && *network_port != *address_port) @@ -261,7 +257,7 @@ int block_acl(const struct access_control_addr *dst, const struct client_state * #else (csp->ip_addr_long & acl->src->mask) == acl->src->addr #endif - ) + ) { if (dst == NULL) { @@ -291,7 +287,7 @@ int block_acl(const struct access_control_addr *dst, const struct client_state * ((dst->addr & acl->dst->mask) == acl->dst->addr) && ((dst->port == acl->dst->port) || (acl->dst->port == 0)) #endif - ) + ) { if (acl->action == ACL_PERMIT) { @@ -374,7 +370,7 @@ int acl_addr(const char *aspec, struct access_control_addr *aca) #else (masklength > 32) #endif - ) + ) { freez(acl_spec); return(-1); @@ -785,8 +781,8 @@ struct http_response *trust_url(struct client_state *csp) struct map * exports; char buf[BUFFER_SIZE]; char *p; - struct url_spec **tl; - struct url_spec *t; + struct pattern_spec **tl; + struct pattern_spec *t; jb_err err; /* @@ -1088,6 +1084,11 @@ char *get_last_url(char *subject, const char *redirect_mode) if (0 == strcmpic(redirect_mode, "check-decoded-url") && strchr(subject, '%')) { + char *url_segment = NULL; + char **url_segments; + size_t max_segments; + int segments; + log_error(LOG_LEVEL_REDIRECTS, "Checking \"%s\" for encoded redirects.", subject); @@ -1097,24 +1098,22 @@ char *get_last_url(char *subject, const char *redirect_mode) * go backwards through the segments, URL-decode them * and look for a URL in the decoded result. * Stop the search after the first match. - */ - char *url_segment = NULL; - /* + * * XXX: This estimate is guaranteed to be high enough as we * let ssplit() ignore empty fields, but also a bit wasteful. */ - size_t max_segments = strlen(subject) / 2; - char **url_segments = malloc(max_segments * sizeof(char *)); - int segments; + max_segments = strlen(subject) / 2; + url_segments = malloc(max_segments * sizeof(char *)); if (NULL == url_segments) { - log_error(LOG_LEVEL_ERROR, "Out of memory while decoding URL: %s", new_url); + log_error(LOG_LEVEL_ERROR, + "Out of memory while decoding URL: %s", subject); freez(subject); return NULL; } - segments = ssplit(subject, "?&", url_segments, max_segments, 1, 1); + segments = ssplit(subject, "?&", url_segments, max_segments); while (segments-- > 0) { @@ -1174,10 +1173,10 @@ char *get_last_url(char *subject, const char *redirect_mode) } if ((new_url != NULL) - && ( (new_url != subject) + && ( (new_url != subject) || (0 == strncmpic(subject, "http://", 7)) || (0 == strncmpic(subject, "https://", 8)) - )) + )) { /* * Return new URL if we found a redirect @@ -1410,7 +1409,7 @@ int is_untrusted_url(const struct client_state *csp) { struct file_list *fl; struct block_spec *b; - struct url_spec **trusted_url; + struct pattern_spec **trusted_url; struct http_request rhttp[1]; const char * referer; jb_err err; @@ -1472,7 +1471,7 @@ int is_untrusted_url(const struct client_state *csp) string_append(&new_entry, csp->http->hostport); path = csp->http->path; - if ((path[0] == '/') + if ( (path[0] == '/') && (path[1] == '~') && ((path_end = strchr(path + 2, '/')) != NULL)) { @@ -1689,7 +1688,7 @@ static char *pcrs_filter_response(struct client_state *csp) csp->flags |= CSP_FLAG_MODIFIED; csp->content_length = size; - IOB_RESET(csp); + clear_iob(csp->iob); return(new); @@ -1719,8 +1718,8 @@ static char *gif_deanimate_response(struct client_state *csp) size = (size_t)(csp->iob->eod - csp->iob->cur); - if ( (NULL == (in = (struct binbuffer *)zalloc(sizeof *in))) - || (NULL == (out = (struct binbuffer *)zalloc(sizeof *out)))) + if ( (NULL == (in = (struct binbuffer *)zalloc(sizeof *in ))) + || (NULL == (out = (struct binbuffer *)zalloc(sizeof *out))) ) { log_error(LOG_LEVEL_DEANIMATE, "failed! (no mem)"); return NULL; @@ -2127,7 +2126,7 @@ const static struct forward_spec *get_forward_override_settings(struct client_st return NULL; } - vec_count = ssplit(forward_settings, " \t", vec, SZ(vec), 1, 1); + vec_count = ssplit(forward_settings, " \t", vec, SZ(vec)); if ((vec_count == 2) && !strcasecmp(vec[0], "forward")) { fwd->type = SOCKS_NONE; @@ -2155,6 +2154,11 @@ const static struct forward_spec *get_forward_override_settings(struct client_st fwd->type = SOCKS_5; socks_proxy = vec[1]; } + else if (!strcasecmp(vec[0], "forward-socks5t")) + { + fwd->type = SOCKS_5T; + socks_proxy = vec[1]; + } if (NULL != socks_proxy) { @@ -2207,7 +2211,7 @@ const static struct forward_spec *get_forward_override_settings(struct client_st const struct forward_spec *forward_url(struct client_state *csp, const struct http_request *http) { - static const struct forward_spec fwd_default[1] = { FORWARD_SPEC_INITIALIZER }; + static const struct forward_spec fwd_default[1]; /* Zero'ed due to being static. */ struct forward_spec *fwd = csp->config->forward; if (csp->action->flags & ACTION_FORWARD_OVERRIDE)