X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=loadcfg.c;h=5870e9f36af753fd5e345ad5f169db24fe568ad1;hp=a41bcfbd0b90fb30b6b51ca7b3f8c0267c546f5d;hb=a9f0837233938408364f067bf89def53b677f68f;hpb=cdce878b344dabb6c0b348f4c0a8eb9c5b86dd3c

diff --git a/loadcfg.c b/loadcfg.c
index a41bcfbd..5870e9f3 100644
--- a/loadcfg.c
+++ b/loadcfg.c
@@ -1,4 +1,4 @@
-const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.150 2016/03/27 16:54:50 fabiankeil Exp $";
+const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.154 2016/09/27 22:48:28 ler762 Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/loadcfg.c,v $
@@ -53,6 +53,7 @@ const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.150 2016/03/27 16:54:50 fabiankei
 # ifndef STRICT
 #  define STRICT
 # endif
+# include <winsock2.h>
 # include <windows.h>
 
 # include "win32.h"
@@ -166,6 +167,8 @@ static struct file_list *current_configfile = NULL;
 #define hash_tolerate_pipelining         1360286620U /* "tolerate-pipelining" */
 #define hash_toggle                          447966U /* "toggle" */
 #define hash_trust_info_url               430331967U /* "trust-info-url" */
+#define hash_trust_x_forwarded_for       2971537414U /* "trust-x-forwarded-for" */
+#define hash_trusted_cgi_referrer        4270883427U /* "trusted-cgi-referrer" */
 #define hash_trustfile                     56494766U /* "trustfile" */
 #define hash_usermanual                  1416668518U /* "user-manual" */
 #define hash_activity_animation          1817904738U /* "activity-animation" */
@@ -255,6 +258,7 @@ static void unload_configfile (void * data)
    freez(config->proxy_info_url);
    freez(config->proxy_args);
    freez(config->usermanual);
+   freez(config->trusted_cgi_referrer);
 
 #ifdef FEATURE_TRUST
    freez(config->trustfile);
@@ -599,6 +603,8 @@ struct configuration_spec * load_config(void)
 #ifdef FEATURE_CLIENT_TAGS
    config->client_tag_lifetime       = 60;
 #endif
+   config->trust_x_forwarded_for     = 0;
+   config->trusted_cgi_referrer      = NULL;
    /*
     * 128 client sockets ought to be enough for everybody who can't
     * be bothered to read the documentation to figure out how to
@@ -1376,11 +1382,42 @@ struct configuration_spec * load_config(void)
          case hash_max_client_connections :
          {
             int max_client_connections = parse_numeric_value(cmd, arg);
-            if (0 <= max_client_connections)
+
+#ifndef _WIN32
+            /*
+             * Reject values below 1 for obvious reasons and values above
+             * FD_SETSIZE/2 because Privoxy needs two sockets to serve
+             * client connections that need forwarding.
+             *
+             * We ignore the fact that the first three file descriptors
+             * are usually set to /dev/null, one is used for logging
+             * and yet another file descriptor is required to load
+             * config files.
+             */
+            if ((max_client_connections < 1) || (FD_SETSIZE/2 < max_client_connections))
+            {
+               log_error(LOG_LEVEL_FATAL, "max-client-connections value %d"
+                  " is invalid. Value needs to be above 1 and below %d"
+                  " (FD_SETSIZE/2).", max_client_connections, FD_SETSIZE/2);
+            }
+#else
+            /*
+             * The Windows libc uses FD_SETSIZE for an array used
+             * by select(), but has no problems with file descriptors
+             * above the limit as long as no more than FD_SETSIZE are
+             * passed to select().
+             * https://msdn.microsoft.com/en-us/library/windows/desktop/ms739169%28v=vs.85%29.aspx
+             *
+             * XXX: Do OS/2, Amiga etc. belong here as well?
+             */
+            if (max_client_connections < 1)
             {
-               /* XXX: log error */
-               config->max_client_connections = max_client_connections;
+               log_error(LOG_LEVEL_FATAL, "max-client-connections value"
+                  " has to be a number above 1. %d is invalid.",
+                  max_client_connections);
             }
+#endif
+            config->max_client_connections = max_client_connections;
             break;
          }
 
@@ -1556,6 +1593,25 @@ struct configuration_spec * load_config(void)
             break;
 #endif /* def FEATURE_TRUST */
 
+/* *************************************************************************
+ * trust-x-forwarded-for (0|1)
+ * *************************************************************************/
+         case hash_trust_x_forwarded_for :
+            config->trust_x_forwarded_for = parse_toggle_state(cmd, arg);
+            break;
+
+/* *************************************************************************
+ * trusted-cgi-referrer http://www.example.org/some/path.html
+ * *************************************************************************/
+         case hash_trusted_cgi_referrer :
+            /*
+             * We don't validate the specified referrer as
+             * it's only used for string comparison.
+             */
+            freez(config->trusted_cgi_referrer);
+            config->trusted_cgi_referrer = strdup_or_die(arg);
+            break;
+
 /* *************************************************************************
  * trustfile filename
  * (In confdir by default.)