X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=loadcfg.c;h=c8542ace56100f9a26c188ff0ef5cad8dd6abd8d;hp=f3bec21426251ba275f8eda79511579fdffe626d;hb=4e179d819e103967d36503691735dad6fe805e4c;hpb=e4e794d8b8965c902489f8784a6a02859aa3658d diff --git a/loadcfg.c b/loadcfg.c index f3bec214..c8542ace 100644 --- a/loadcfg.c +++ b/loadcfg.c @@ -1,4 +1,4 @@ -const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.133 2012/10/21 12:32:21 fabiankeil Exp $"; +const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.165 2017/06/26 12:13:52 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/loadcfg.c,v $ @@ -8,7 +8,7 @@ const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.133 2012/10/21 12:32:21 fabiankei * routine to load the configuration and the global * variables it writes to. * - * Copyright : Written by and Copyright (C) 2001-2009 the + * Copyright : Written by and Copyright (C) 2001-2017 the * Privoxy team. http://www.privoxy.org/ * * Based on the Internet Junkbuster originally written @@ -53,6 +53,7 @@ const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.133 2012/10/21 12:32:21 fabiankei # ifndef STRICT # define STRICT # endif +# include # include # include "win32.h" @@ -85,6 +86,20 @@ const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.133 2012/10/21 12:32:21 fabiankei #include "urlmatch.h" #include "cgi.h" #include "gateway.h" +#ifdef FEATURE_CLIENT_TAGS +#include "client-tags.h" +#endif + +/* + * Default number of seconds after which an + * open connection will no longer be reused. + */ +#define DEFAULT_KEEP_ALIVE_TIMEOUT 180 + +/* + * Default backlog passed to listen(). + */ +#define DEFAULT_LISTEN_BACKLOG 128 const char loadcfg_h_rcs[] = LOADCFG_H_VERSION; @@ -124,14 +139,18 @@ static struct file_list *current_configfile = NULL; #define hash_allow_cgi_request_crunching 258915987U /* "allow-cgi-request-crunching" */ #define hash_buffer_limit 1881726070U /* "buffer-limit */ #define hash_client_header_order 2701453514U /* "client-header-order" */ +#define hash_client_specific_tag 3353703383U /* "client-specific-tag" */ +#define hash_client_tag_lifetime 647957580U /* "client-tag-lifetime" */ #define hash_compression_level 2464423563U /* "compression-level" */ #define hash_confdir 1978389U /* "confdir" */ #define hash_connection_sharing 1348841265U /* "connection-sharing" */ #define hash_debug 78263U /* "debug" */ #define hash_default_server_timeout 2530089913U /* "default-server-timeout" */ #define hash_deny_access 1227333715U /* "deny-access" */ +#define hash_enable_accept_filter 2909040407U /* "enable-accept-filter" */ #define hash_enable_edit_actions 2517097536U /* "enable-edit-actions" */ #define hash_enable_compression 3943696946U /* "enable-compression" */ +#define hash_enable_proxy_authentication_forwarding 4040610791U /* enable-proxy-authentication-forwarding */ #define hash_enable_remote_toggle 2979744683U /* "enable-remote-toggle" */ #define hash_enable_remote_http_toggle 110543988U /* "enable-remote-http-toggle" */ #define hash_enforce_blocks 1862427469U /* "enforce-blocks" */ @@ -140,24 +159,30 @@ static struct file_list *current_configfile = NULL; #define hash_forward_socks4 3963965521U /* "forward-socks4" */ #define hash_forward_socks4a 2639958518U /* "forward-socks4a" */ #define hash_forward_socks5 3963965522U /* "forward-socks5" */ +#define hash_forward_socks5t 2639958542U /* "forward-socks5t" */ #define hash_forwarded_connect_retries 101465292U /* "forwarded-connect-retries" */ #define hash_handle_as_empty_returns_ok 1444873247U /* "handle-as-empty-doc-returns-ok" */ #define hash_hostname 10308071U /* "hostname" */ #define hash_keep_alive_timeout 3878599515U /* "keep-alive-timeout" */ #define hash_listen_address 1255650842U /* "listen-address" */ +#define hash_listen_backlog 1255655735U /* "listen-backlog" */ #define hash_logdir 422889U /* "logdir" */ #define hash_logfile 2114766U /* "logfile" */ #define hash_max_client_connections 3595884446U /* "max-client-connections" */ #define hash_permit_access 3587953268U /* "permit-access" */ #define hash_proxy_info_url 3903079059U /* "proxy-info-url" */ +#define hash_receive_buffer_size 2880297454U /* "receive-buffer-size */ #define hash_single_threaded 4250084780U /* "single-threaded" */ #define hash_socket_timeout 1809001761U /* "socket-timeout" */ #define hash_split_large_cgi_forms 671658948U /* "split-large-cgi-forms" */ #define hash_suppress_blocklists 1948693308U /* "suppress-blocklists" */ #define hash_templdir 11067889U /* "templdir" */ +#define hash_temporary_directory 1824125181U /* "temporary-directory" */ #define hash_tolerate_pipelining 1360286620U /* "tolerate-pipelining" */ #define hash_toggle 447966U /* "toggle" */ #define hash_trust_info_url 430331967U /* "trust-info-url" */ +#define hash_trust_x_forwarded_for 2971537414U /* "trust-x-forwarded-for" */ +#define hash_trusted_cgi_referrer 4270883427U /* "trusted-cgi-referrer" */ #define hash_trustfile 56494766U /* "trustfile" */ #define hash_usermanual 1416668518U /* "user-manual" */ #define hash_activity_animation 1817904738U /* "activity-animation" */ @@ -173,6 +198,9 @@ static struct file_list *current_configfile = NULL; static void savearg(char *command, char *argument, struct configuration_spec * config); +#ifdef FEATURE_CLIENT_TAGS +static void free_client_specific_tags(struct client_tag_spec *tag_list); +#endif /********************************************************************* * @@ -207,7 +235,7 @@ static void unload_configfile (void * data) while (cur_fwd != NULL) { struct forward_spec * next_fwd = cur_fwd->next; - free_url_spec(cur_fwd->url); + free_pattern_spec(cur_fwd->url); freez(cur_fwd->gateway_host); freez(cur_fwd->forward_host); @@ -220,6 +248,9 @@ static void unload_configfile (void * data) freez(config->logdir); freez(config->templdir); freez(config->hostname); +#ifdef FEATURE_EXTERNAL_FILTERS + freez(config->temporary_directory); +#endif for (i = 0; i < MAX_LISTENING_SOCKETS; i++) { @@ -241,12 +272,17 @@ static void unload_configfile (void * data) freez(config->proxy_info_url); freez(config->proxy_args); freez(config->usermanual); + freez(config->trusted_cgi_referrer); #ifdef FEATURE_TRUST freez(config->trustfile); list_remove_all(config->trust_info); #endif /* def FEATURE_TRUST */ +#ifdef FEATURE_CLIENT_TAGS + free_client_specific_tags(config->client_tags); +#endif + freez(config); } @@ -275,6 +311,126 @@ void unload_current_config_file(void) #endif +#ifdef FEATURE_CLIENT_TAGS +/********************************************************************* + * + * Function : register_tag + * + * Description : Registers a client-specific-tag and its description + * + * Parameters : + * 1 : config: The tag list + * 2 : name: The name of the client-specific-tag + * 3 : description: The human-readable description for the tag + * + * Returns : N/A + * + *********************************************************************/ +static void register_tag(struct client_tag_spec *tag_list, + const char *name, const char *description) +{ + struct client_tag_spec *new_tag; + struct client_tag_spec *last_tag; + + last_tag = tag_list; + while (last_tag->next != NULL) + { + last_tag = last_tag->next; + } + if (last_tag->name == NULL) + { + /* First entry */ + new_tag = last_tag; + } + else + { + new_tag = zalloc_or_die(sizeof(struct client_tag_spec)); + } + new_tag->name = strdup_or_die(name); + new_tag->description = strdup_or_die(description); + if (new_tag != last_tag) + { + last_tag->next = new_tag; + } +} + + +/********************************************************************* + * + * Function : free_client_specific_tags + * + * Description : Frees client-specific tags and their descriptions + * + * Parameters : + * 1 : tag_list: The tag list to free + * + * Returns : N/A + * + *********************************************************************/ +static void free_client_specific_tags(struct client_tag_spec *tag_list) +{ + struct client_tag_spec *this_tag; + struct client_tag_spec *next_tag; + + next_tag = tag_list; + do + { + this_tag = next_tag; + next_tag = next_tag->next; + + freez(this_tag->name); + freez(this_tag->description); + + if (this_tag != tag_list) + { + freez(this_tag); + } + } while (next_tag != NULL); +} +#endif /* def FEATURE_CLIENT_TAGS */ + + +/********************************************************************* + * + * Function : parse_numeric_value + * + * Description : Parse the value of a directive that can only have + * a single numeric value. Terminates with a fatal error + * if the value is NULL or not numeric. + * + * Parameters : + * 1 : name: The name of the directive. Used for log messages. + * 2 : value: The value to parse + * + * + * Returns : The numerical value as integer + * + *********************************************************************/ +static int parse_numeric_value(const char *name, const char *value) +{ + int number; + char *endptr; + + assert(name != NULL); + assert(value != NULL); + + if ((value == NULL) || (*value == '\0')) + { + log_error(LOG_LEVEL_FATAL, "Directive %s used without argument", name); + } + + number = (int)strtol(value, &endptr, 0); + if (*endptr != '\0') + { + log_error(LOG_LEVEL_FATAL, + "Directive '%s' used with non-numerical value: '%s'", name, value); + } + + return number; + +} + + /********************************************************************* * * Function : parse_toggle_value @@ -437,15 +593,7 @@ struct configuration_spec * load_config(void) global_toggle_state = 1; #endif /* def FEATURE_TOGGLE */ - fs->f = config = (struct configuration_spec *)zalloc(sizeof(*config)); - - if (NULL == config) - { - freez(fs->filename); - freez(fs); - log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration"); - return NULL; - } + fs->f = config = zalloc_or_die(sizeof(*config)); /* * This is backwards from how it's usually done. @@ -463,10 +611,25 @@ struct configuration_spec * load_config(void) */ config->multi_threaded = 1; config->buffer_limit = 4096 * 1024; - config->usermanual = strdup(USER_MANUAL_URL); - config->proxy_args = strdup(""); + config->receive_buffer_size = BUFFER_SIZE; + config->usermanual = strdup_or_die(USER_MANUAL_URL); + config->proxy_args = strdup_or_die(""); config->forwarded_connect_retries = 0; - config->max_client_connections = 0; +#ifdef FEATURE_CLIENT_TAGS + config->client_tag_lifetime = 60; +#endif + config->trust_x_forwarded_for = 0; +#if defined(FEATURE_ACCEPT_FILTER) && defined(SO_ACCEPTFILTER) + config->enable_accept_filter = 0; +#endif + config->listen_backlog = DEFAULT_LISTEN_BACKLOG; + config->trusted_cgi_referrer = NULL; + /* + * 128 client sockets ought to be enough for everybody who can't + * be bothered to read the documentation to figure out how to + * increase the limit. + */ + config->max_client_connections = 128; config->socket_timeout = 300; /* XXX: Should be a macro. */ #ifdef FEATURE_CONNECTION_KEEP_ALIVE config->default_server_timeout = 0; @@ -478,6 +641,7 @@ struct configuration_spec * load_config(void) config->feature_flags &= ~RUNTIME_FEATURE_SPLIT_LARGE_FORMS; config->feature_flags &= ~RUNTIME_FEATURE_ACCEPT_INTERCEPTED_REQUESTS; config->feature_flags &= ~RUNTIME_FEATURE_EMPTY_DOC_RETURNS_OK; + config->feature_flags &= ~RUNTIME_FEATURE_FORWARD_PROXY_AUTHENTICATION_HEADERS; #ifdef FEATURE_COMPRESSION config->feature_flags &= ~RUNTIME_FEATURE_COMPRESSION; /* @@ -567,7 +731,7 @@ struct configuration_spec * load_config(void) "(You can increase this limit by changing MAX_AF_FILES in project.h and recompiling).", MAX_AF_FILES); } - config->actions_file_short[i] = strdup(arg); + config->actions_file_short[i] = strdup_or_die(arg); config->actions_file[i] = make_path(config->confdir, arg); break; @@ -590,7 +754,7 @@ struct configuration_spec * load_config(void) * *************************************************************************/ case hash_admin_address : freez(config->admin_address); - config->admin_address = strdup(arg); + config->admin_address = strdup_or_die(arg); break; /* ************************************************************************* @@ -611,7 +775,7 @@ struct configuration_spec * load_config(void) * buffer-limit n * *************************************************************************/ case hash_buffer_limit : - config->buffer_limit = (size_t)(1024 * atoi(arg)); + config->buffer_limit = (size_t)(1024 * parse_numeric_value(cmd, arg)); break; /* ************************************************************************* @@ -622,6 +786,60 @@ struct configuration_spec * load_config(void) parse_client_header_order(config->ordered_client_headers, arg); break; +/* ************************************************************************* + * client-specific-tag tag-name description + * *************************************************************************/ +#ifdef FEATURE_CLIENT_TAGS + case hash_client_specific_tag: + { + char *name; + char *description; + + name = arg; + description = strstr(arg, " "); + if (description == NULL) + { + log_error(LOG_LEVEL_FATAL, + "client-specific-tag '%s' lacks a description.", name); + } + *description = '\0'; + /* + * The length is limited because we don't want truncated + * HTML caused by the cgi interface using static buffer + * sizes. + */ + if (strlen(name) > CLIENT_TAG_LENGTH_MAX) + { + log_error(LOG_LEVEL_FATAL, + "client-specific-tag '%s' is longer than %d characters.", + name, CLIENT_TAG_LENGTH_MAX); + } + description++; + register_tag(config->client_tags, name, description); + } + break; +#endif /* def FEATURE_CLIENT_TAGS */ + +/* ************************************************************************* + * client-tag-lifetime ttl + * *************************************************************************/ +#ifdef FEATURE_CLIENT_TAGS + case hash_client_tag_lifetime: + { + int ttl = parse_numeric_value(cmd, arg); + if (0 <= ttl) + { + config->client_tag_lifetime = (unsigned)ttl; + } + else + { + log_error(LOG_LEVEL_FATAL, + "client-tag-lifetime can't be negative."); + } + break; + } +#endif /* def FEATURE_CLIENT_TAGS */ + /* ************************************************************************* * confdir directory-name * *************************************************************************/ @@ -635,25 +853,19 @@ struct configuration_spec * load_config(void) * *************************************************************************/ #ifdef FEATURE_COMPRESSION case hash_compression_level : - if (*arg != '\0') + { + int compression_level = parse_numeric_value(cmd, arg); + if (-1 <= compression_level && compression_level <= 9) { - int compression_level = atoi(arg); - if (-1 <= compression_level && compression_level <= 9) - { - config->compression_level = compression_level;; - } - else - { - log_error(LOG_LEVEL_FATAL, - "Invalid compression-level value: %s", arg); - } + config->compression_level = compression_level; } else { log_error(LOG_LEVEL_FATAL, - "Invalid compression-level directive. Compression value missing"); + "Invalid compression-level value: %s", arg); } break; + } #endif /* ************************************************************************* @@ -677,7 +889,7 @@ struct configuration_spec * load_config(void) * Specifies debug level, multiple values are ORed together. * *************************************************************************/ case hash_debug : - config->debug |= atoi(arg); + config->debug |= parse_numeric_value(cmd, arg); break; /* ************************************************************************* @@ -685,20 +897,19 @@ struct configuration_spec * load_config(void) * *************************************************************************/ #ifdef FEATURE_CONNECTION_KEEP_ALIVE case hash_default_server_timeout : - if (*arg != '\0') + { + int timeout = parse_numeric_value(cmd, arg); + if (0 <= timeout) { - int timeout = atoi(arg); - if (0 <= timeout) - { - config->default_server_timeout = (unsigned int)timeout; - } - else - { - log_error(LOG_LEVEL_FATAL, - "Invalid default-server-timeout value: %s", arg); - } + config->default_server_timeout = (unsigned int)timeout; + } + else + { + log_error(LOG_LEVEL_FATAL, + "Invalid default-server-timeout value: %s", arg); } break; + } #endif /* ************************************************************************* @@ -720,14 +931,7 @@ struct configuration_spec * load_config(void) } /* allocate a new node */ - cur_acl = (struct access_control_list *) zalloc(sizeof(*cur_acl)); - - if (cur_acl == NULL) - { - log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration"); - /* Never get here - LOG_LEVEL_FATAL causes program exit */ - break; - } + cur_acl = zalloc_or_die(sizeof(*cur_acl)); cur_acl->action = ACL_DENY; if (acl_addr(vec[0], cur_acl->src) < 0) @@ -783,6 +987,15 @@ struct configuration_spec * load_config(void) break; #endif /* def FEATURE_ACL */ +#if defined(FEATURE_ACCEPT_FILTER) && defined(SO_ACCEPTFILTER) +/* ************************************************************************* + * enable-accept-filter 0|1 + * *************************************************************************/ + case hash_enable_accept_filter : + config->enable_accept_filter = parse_toggle_state(cmd, arg); + break; +#endif /* defined(FEATURE_ACCEPT_FILTER) && defined(SO_ACCEPTFILTER) */ + /* ************************************************************************* * enable-edit-actions 0|1 * *************************************************************************/ @@ -815,6 +1028,19 @@ struct configuration_spec * load_config(void) break; #endif /* def FEATURE_COMPRESSION */ +/* ************************************************************************* + * enable-proxy-authentication-forwarding 0|1 + * *************************************************************************/ + case hash_enable_proxy_authentication_forwarding: + if (parse_toggle_state(cmd, arg) == 1) + { + config->feature_flags |= RUNTIME_FEATURE_FORWARD_PROXY_AUTHENTICATION_HEADERS; + } + else + { + config->feature_flags &= ~RUNTIME_FEATURE_FORWARD_PROXY_AUTHENTICATION_HEADERS; + } + break; /* ************************************************************************* * enable-remote-toggle 0|1 @@ -882,7 +1108,7 @@ struct configuration_spec * load_config(void) "(You can increase this limit by changing MAX_AF_FILES in project.h and recompiling).", MAX_AF_FILES); } - config->re_filterfile_short[i] = strdup(arg); + config->re_filterfile_short[i] = strdup_or_die(arg); config->re_filterfile[i] = make_path(config->confdir, arg); break; @@ -905,24 +1131,18 @@ struct configuration_spec * load_config(void) } /* allocate a new node */ - cur_fwd = zalloc(sizeof(*cur_fwd)); - if (cur_fwd == NULL) - { - log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration"); - /* Never get here - LOG_LEVEL_FATAL causes program exit */ - break; - } - + cur_fwd = zalloc_or_die(sizeof(*cur_fwd)); cur_fwd->type = SOCKS_NONE; /* Save the URL pattern */ - if (create_url_spec(cur_fwd->url, vec[0])) + if (create_pattern_spec(cur_fwd->url, vec[0])) { log_error(LOG_LEVEL_ERROR, "Bad URL specifier for forward " "directive in configuration file."); string_append(&config->proxy_args, "
\nWARNING: Bad URL specifier for " "forward directive in configuration file."); + freez(cur_fwd); break; } @@ -960,24 +1180,18 @@ struct configuration_spec * load_config(void) } /* allocate a new node */ - cur_fwd = zalloc(sizeof(*cur_fwd)); - if (cur_fwd == NULL) - { - log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration"); - /* Never get here - LOG_LEVEL_FATAL causes program exit */ - break; - } - + cur_fwd = zalloc_or_die(sizeof(*cur_fwd)); cur_fwd->type = SOCKS_4; /* Save the URL pattern */ - if (create_url_spec(cur_fwd->url, vec[0])) + if (create_pattern_spec(cur_fwd->url, vec[0])) { log_error(LOG_LEVEL_ERROR, "Bad URL specifier for forward-socks4 " "directive in configuration file."); string_append(&config->proxy_args, "
\nWARNING: Bad URL specifier for " "forward-socks4 directive in configuration file."); + freez(cur_fwd); break; } @@ -1013,45 +1227,52 @@ struct configuration_spec * load_config(void) * *************************************************************************/ case hash_forward_socks4a: case hash_forward_socks5: + case hash_forward_socks5t: strlcpy(tmp, arg, sizeof(tmp)); vec_count = ssplit(tmp, " \t", vec, SZ(vec)); if (vec_count != 3) { - log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for " - "forward-socks4a directive in configuration file."); + log_error(LOG_LEVEL_ERROR, + "Wrong number of parameters for %s in configuration file.", + cmd); string_append(&config->proxy_args, - "
\nWARNING: Wrong number of parameters for " - "forward-socks4a directive in configuration file."); + "
\nWARNING: Wrong number of parameters for "); + string_append(&config->proxy_args, cmd); + string_append(&config->proxy_args, + "directive in configuration file."); break; } /* allocate a new node */ - cur_fwd = zalloc(sizeof(*cur_fwd)); - if (cur_fwd == NULL) - { - log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration"); - /* Never get here - LOG_LEVEL_FATAL causes program exit */ - break; - } + cur_fwd = zalloc_or_die(sizeof(*cur_fwd)); if (directive_hash == hash_forward_socks4a) { cur_fwd->type = SOCKS_4A; } - else + else if (directive_hash == hash_forward_socks5) { cur_fwd->type = SOCKS_5; } + else + { + assert(directive_hash == hash_forward_socks5t); + cur_fwd->type = SOCKS_5T; + } /* Save the URL pattern */ - if (create_url_spec(cur_fwd->url, vec[0])) + if (create_pattern_spec(cur_fwd->url, vec[0])) { - log_error(LOG_LEVEL_ERROR, "Bad URL specifier for forward-socks4a " - "directive in configuration file."); + log_error(LOG_LEVEL_ERROR, + "Bad URL specifier for %s in configuration file.", + cmd); string_append(&config->proxy_args, - "
\nWARNING: Bad URL specifier for " - "forward-socks4a directive in configuration file."); + "
\nWARNING: Bad URL specifier for "); + string_append(&config->proxy_args, cmd); + string_append(&config->proxy_args, + "directive in configuration file."); + freez(cur_fwd); break; } @@ -1082,7 +1303,7 @@ struct configuration_spec * load_config(void) * forwarded-connect-retries n * *************************************************************************/ case hash_forwarded_connect_retries : - config->forwarded_connect_retries = atoi(arg); + config->forwarded_connect_retries = parse_numeric_value(cmd, arg); break; /* ************************************************************************* @@ -1110,11 +1331,7 @@ struct configuration_spec * load_config(void) * *************************************************************************/ case hash_hostname : freez(config->hostname); - config->hostname = strdup(arg); - if (NULL == config->hostname) - { - log_error(LOG_LEVEL_FATAL, "Out of memory saving hostname."); - } + config->hostname = strdup_or_die(arg); break; /* ************************************************************************* @@ -1122,20 +1339,19 @@ struct configuration_spec * load_config(void) * *************************************************************************/ #ifdef FEATURE_CONNECTION_KEEP_ALIVE case hash_keep_alive_timeout : - if (*arg != '\0') + { + int timeout = parse_numeric_value(cmd, arg); + if (0 < timeout) { - int timeout = atoi(arg); - if (0 < timeout) - { - config->feature_flags |= RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE; - config->keep_alive_timeout = (unsigned int)timeout; - } - else - { - config->feature_flags &= ~RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE; - } + config->feature_flags |= RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE; + config->keep_alive_timeout = (unsigned int)timeout; + } + else + { + config->feature_flags &= ~RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE; } break; + } #endif /* ************************************************************************* @@ -1154,11 +1370,19 @@ struct configuration_spec * load_config(void) "(You can increase this limit by changing MAX_LISTENING_SOCKETS in project.h and recompiling).", MAX_LISTENING_SOCKETS); } - config->haddr[i] = strdup(arg); - if (NULL == config->haddr[i]) - { - log_error(LOG_LEVEL_FATAL, "Out of memory while copying listening address"); - } + config->haddr[i] = strdup_or_die(arg); + break; + +/* ************************************************************************* + * listen-backlog n + * *************************************************************************/ + case hash_listen_backlog : + /* + * We don't enfore an upper or lower limit because on + * many platforms all values are valid and negative + * number mean "use the highest value allowed". + */ + config->listen_backlog = parse_numeric_value(cmd, arg); break; /* ************************************************************************* @@ -1188,15 +1412,49 @@ struct configuration_spec * load_config(void) * max-client-connections number * *************************************************************************/ case hash_max_client_connections : - if (*arg != '\0') + { + int max_client_connections = parse_numeric_value(cmd, arg); + +#if !defined(_WIN32) && !defined(HAVE_POLL) + /* + * Reject values below 1 for obvious reasons and values above + * FD_SETSIZE/2 because Privoxy needs two sockets to serve + * client connections that need forwarding. + * + * We ignore the fact that the first three file descriptors + * are usually set to /dev/null, one is used for logging + * and yet another file descriptor is required to load + * config files. + */ + if ((max_client_connections < 1) || (FD_SETSIZE/2 < max_client_connections)) { - int max_client_connections = atoi(arg); - if (0 <= max_client_connections) - { - config->max_client_connections = max_client_connections; - } + log_error(LOG_LEVEL_FATAL, "max-client-connections value %d" + " is invalid. Value needs to be above 1 and below %d" + " (FD_SETSIZE/2).", max_client_connections, FD_SETSIZE/2); + } +#else + /* + * The Windows libc uses FD_SETSIZE for an array used + * by select(), but has no problems with file descriptors + * above the limit as long as no more than FD_SETSIZE are + * passed to select(). + * https://msdn.microsoft.com/en-us/library/windows/desktop/ms739169%28v=vs.85%29.aspx + * + * On platforms were we use poll() we don't have to enforce + * an upper connection limit either. + * + * XXX: Do OS/2, Amiga etc. belong here as well? + */ + if (max_client_connections < 1) + { + log_error(LOG_LEVEL_FATAL, "max-client-connections value" + " has to be a number above 1. %d is invalid.", + max_client_connections); } +#endif + config->max_client_connections = max_client_connections; break; + } /* ************************************************************************* * permit-access source-ip[/significant-bits] [dest-ip[/significant-bits]] @@ -1218,14 +1476,7 @@ struct configuration_spec * load_config(void) } /* allocate a new node */ - cur_acl = (struct access_control_list *) zalloc(sizeof(*cur_acl)); - - if (cur_acl == NULL) - { - log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration"); - /* Never get here - LOG_LEVEL_FATAL causes program exit */ - break; - } + cur_acl = zalloc_or_die(sizeof(*cur_acl)); cur_acl->action = ACL_PERMIT; if (acl_addr(vec[0], cur_acl->src) < 0) @@ -1286,34 +1537,47 @@ struct configuration_spec * load_config(void) * *************************************************************************/ case hash_proxy_info_url : freez(config->proxy_info_url); - config->proxy_info_url = strdup(arg); + config->proxy_info_url = strdup_or_die(arg); break; + /* ************************************************************************* - * single-threaded + * receive-buffer-size n + * *************************************************************************/ + case hash_receive_buffer_size : + config->receive_buffer_size = (size_t)parse_numeric_value(cmd, arg); + if (config->receive_buffer_size < BUFFER_SIZE) + { + log_error(LOG_LEVEL_INFO, + "receive-buffer-size %d seems low and may cause problems." + "Consider setting it to at least %d.", + config->receive_buffer_size, BUFFER_SIZE); + } + break; + +/* ************************************************************************* + * single-threaded 0|1 * *************************************************************************/ case hash_single_threaded : - config->multi_threaded = 0; + config->multi_threaded = 0 == parse_toggle_state(cmd, arg); break; /* ************************************************************************* * socket-timeout numer_of_seconds * *************************************************************************/ case hash_socket_timeout : - if (*arg != '\0') + { + int socket_timeout = parse_numeric_value(cmd, arg); + if (0 <= socket_timeout) { - int socket_timeout = atoi(arg); - if (0 <= socket_timeout) - { - config->socket_timeout = socket_timeout; - } - else - { - log_error(LOG_LEVEL_FATAL, - "Invalid socket-timeout: '%s'", arg); - } + config->socket_timeout = socket_timeout; + } + else + { + log_error(LOG_LEVEL_FATAL, "Invalid socket-timeout: '%s'", arg); } break; + } /* ************************************************************************* * split-large-cgi-forms @@ -1337,6 +1601,16 @@ struct configuration_spec * load_config(void) config->templdir = make_path(NULL, arg); break; +#ifdef FEATURE_EXTERNAL_FILTERS +/* ************************************************************************* + * temporary-directory directory-name + * *************************************************************************/ + case hash_temporary_directory : + freez(config->temporary_directory); + config->temporary_directory = make_path(NULL, arg); + break; +#endif + /* ************************************************************************* * tolerate-pipelining (0|1) * *************************************************************************/ @@ -1369,6 +1643,25 @@ struct configuration_spec * load_config(void) break; #endif /* def FEATURE_TRUST */ +/* ************************************************************************* + * trust-x-forwarded-for (0|1) + * *************************************************************************/ + case hash_trust_x_forwarded_for : + config->trust_x_forwarded_for = parse_toggle_state(cmd, arg); + break; + +/* ************************************************************************* + * trusted-cgi-referrer http://www.example.org/some/path.html + * *************************************************************************/ + case hash_trusted_cgi_referrer : + /* + * We don't validate the specified referrer as + * it's only used for string comparison. + */ + freez(config->trusted_cgi_referrer); + config->trusted_cgi_referrer = strdup_or_die(arg); + break; + /* ************************************************************************* * trustfile filename * (In confdir by default.) @@ -1390,7 +1683,7 @@ struct configuration_spec * load_config(void) * for the directives that were already parsed. Lame. */ freez(config->usermanual); - config->usermanual = strdup(arg); + config->usermanual = strdup_or_die(arg); break; /* ************************************************************************* @@ -1450,7 +1743,7 @@ struct configuration_spec * load_config(void) * log-font-size n * *************************************************************************/ case hash_log_font_size : - g_nFontSize = atoi(arg); + g_nFontSize = parse_numeric_value(cmd, arg); break; /* ************************************************************************* @@ -1464,7 +1757,7 @@ struct configuration_spec * load_config(void) * log-max-lines n * *************************************************************************/ case hash_log_max_lines : - g_nMaxBufferLines = atoi(arg); + g_nMaxBufferLines = parse_numeric_value(cmd, arg); break; /* ************************************************************************* @@ -1581,11 +1874,7 @@ struct configuration_spec * load_config(void) #ifdef FEATURE_CONNECTION_SHARING if (config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE) { - if (config->multi_threaded) - { - set_keep_alive_timeout(config->keep_alive_timeout); - } - else + if (!config->multi_threaded) { /* * While we could use keep-alive without multiple threads @@ -1632,11 +1921,7 @@ struct configuration_spec * load_config(void) if (NULL == config->haddr[0]) { - config->haddr[0] = strdup(HADDR_DEFAULT); - if (NULL == config->haddr[0]) - { - log_error(LOG_LEVEL_FATAL, "Out of memory while copying default listening address"); - } + config->haddr[0] = strdup_or_die(HADDR_DEFAULT); } for (i = 0; i < MAX_LISTENING_SOCKETS && NULL != config->haddr[i]; i++) @@ -1677,7 +1962,7 @@ struct configuration_spec * load_config(void) * * Need to set up a fake csp, so they can get to the config. */ - fake_csp = (struct client_state *) zalloc (sizeof(*fake_csp)); + fake_csp = zalloc_or_die(sizeof(*fake_csp)); fake_csp->config = config; if (run_loader(fake_csp)) @@ -1705,17 +1990,16 @@ struct configuration_spec * load_config(void) /* FIXME: end kludge */ - config->need_bind = 1; - - if (current_configfile) + if (current_configfile == NULL) + { + config->need_bind = 1; + } + else { struct configuration_spec * oldcfg = (struct configuration_spec *) current_configfile->f; /* * Check if config->haddr[i],hport[i] == oldcfg->haddr[i],hport[i] - * - * The following could be written more compactly as a single, - * (unreadably long) if statement. */ config->need_bind = 0; @@ -1761,7 +2045,7 @@ struct configuration_spec * load_config(void) * Description : Called from `load_config'. It saves each non-empty * and non-comment line from config into * config->proxy_args. This is used to create the - * show-proxy-args page. On error, frees + * show-status page. On error, frees * config->proxy_args and sets it to NULL * * Parameters : @@ -1784,7 +2068,7 @@ static void savearg(char *command, char *argument, struct configuration_spec * c * Add config option name embedded in * link to its section in the user-manual */ - buf = strdup("\nusermanual, "file://", 7) || !strncmpic(config->usermanual, "http", 4)) {