X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=filters.c;h=c891f4f9f793218411beb3b0a57df788463afada;hp=b6b46e0772b689c365e5e7536f4e3001050b5fdb;hb=c5b8825873c2e08323d2521afab84a959bfa7248;hpb=91f1a0a9247ca0d106678b44161a9a99cb33085c

diff --git a/filters.c b/filters.c
index b6b46e07..c891f4f9 100644
--- a/filters.c
+++ b/filters.c
@@ -1,4 +1,3 @@
-const char filters_rcs[] = "$Id: filters.c,v 1.205 2017/06/04 14:42:54 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/filters.c,v $
@@ -6,7 +5,7 @@ const char filters_rcs[] = "$Id: filters.c,v 1.205 2017/06/04 14:42:54 fabiankei
  * Purpose     :  Declares functions to parse/crunch headers and pages.
  *
  * Copyright   :  Written by and Copyright (C) 2001-2016 the
- *                Privoxy team. http://www.privoxy.org/
+ *                Privoxy team. https://www.privoxy.org/
  *
  *                Based on the Internet Junkbuster originally written
  *                by and Copyright (C) 1997 Anonymous Coders and
@@ -78,8 +77,6 @@ const char filters_rcs[] = "$Id: filters.c,v 1.205 2017/06/04 14:42:54 fabiankei
 #include "win32.h"
 #endif
 
-const char filters_h_rcs[] = FILTERS_H_VERSION;
-
 typedef char *(*filter_function_ptr)();
 static filter_function_ptr get_filter_function(const struct client_state *csp);
 static jb_err prepare_for_filtering(struct client_state *csp);
@@ -105,12 +102,12 @@ static void apply_url_actions(struct current_action_spec *action,
  *          3  :  len  = length of IP address in octets
  *          4  :  port = port number in network order;
  *
- * Returns     :  0 = no errror; -1 otherwise.
+ * Returns     :  void
  *
  *********************************************************************/
-static int sockaddr_storage_to_ip(const struct sockaddr_storage *addr,
-                                  uint8_t **ip, unsigned int *len,
-                                  in_port_t **port)
+static void sockaddr_storage_to_ip(const struct sockaddr_storage *addr,
+                                   uint8_t **ip, unsigned int *len,
+                                   in_port_t **port)
 {
    assert(NULL != addr);
    assert(addr->ss_family == AF_INET || addr->ss_family == AF_INET6);
@@ -148,12 +145,7 @@ static int sockaddr_storage_to_ip(const struct sockaddr_storage *addr,
          }
          break;
 
-      default:
-         /* Unsupported address family */
-         return(-1);
    }
-
-   return(0);
 }
 
 
@@ -214,7 +206,7 @@ static int match_sockaddr(const struct sockaddr_storage *network,
       return 0;
    }
 
-   /* TODO: Optimize by checking by words insted of octets */
+   /* TODO: Optimize by checking by words instead of octets */
    for (i = 0; (i < addr_len) && netmask_addr[i]; i++)
    {
       if ((network_addr[i] & netmask_addr[i]) !=
@@ -453,10 +445,7 @@ int acl_addr(const char *aspec, struct access_control_addr *aca)
    }
 
    aca->mask.ss_family = aca->addr.ss_family;
-   if (sockaddr_storage_to_ip(&aca->mask, &mask_data, &addr_len, &mask_port))
-   {
-      return(-1);
-   }
+   sockaddr_storage_to_ip(&aca->mask, &mask_data, &addr_len, &mask_port);
 
    if (p)
    {
@@ -516,7 +505,7 @@ int acl_addr(const char *aspec, struct access_control_addr *aca)
  *
  * Description :  Check to see if CONNECT requests to the destination
  *                port of this request are forbidden. The check is
- *                independend of the actual request method.
+ *                independent of the actual request method.
  *
  * Parameters  :
  *          1  :  csp = Current client state (buffers, headers, etc...)
@@ -1066,7 +1055,7 @@ char *get_last_url(char *subject, const char *redirect_mode)
    }
 
    if (0 == strcmpic(redirect_mode, "check-decoded-url") && strchr(subject, '%'))
-   {  
+   {
       char *url_segment = NULL;
       char **url_segments;
       size_t max_segments;
@@ -2311,7 +2300,20 @@ void get_url_actions(struct client_state *csp, struct http_request *http)
    struct url_actions *b;
    int i;
 
-   init_current_action(csp->action);
+#ifdef FEATURE_HTTPS_INSPECTION
+   if (!csp->http->client_ssl)
+#endif
+   {
+      /*
+       * When filtering TLS traffic this function gets called a
+       * second time after the encrypted headers have been received.
+       *
+       * Only initialize the first time. The second time we apply
+       * the newly set actions on top of the ones that were set
+       * the first time.
+       */
+      init_current_action(csp->action);
+   }
 
    for (i = 0; i < MAX_AF_FILES; i++)
    {
@@ -2477,10 +2479,11 @@ static const struct forward_spec *get_forward_override_settings(struct client_st
 
       if (NULL != socks_proxy)
       {
-         /* Parse the SOCKS proxy host[:port] */
+         /* Parse the SOCKS proxy [user:pass@]host[:port] */
          fwd->gateway_port = 1080;
          parse_forwarder_address(socks_proxy,
-            &fwd->gateway_host, &fwd->gateway_port);
+            &fwd->gateway_host, &fwd->gateway_port,
+            &fwd->auth_username, &fwd->auth_password);
 
          http_parent = vec[2];
       }
@@ -2498,7 +2501,8 @@ static const struct forward_spec *get_forward_override_settings(struct client_st
    {
       fwd->forward_port = 8000;
       parse_forwarder_address(http_parent,
-         &fwd->forward_host, &fwd->forward_port);
+         &fwd->forward_host, &fwd->forward_port,
+         NULL, NULL);
    }
 
    assert (NULL != fwd);