X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=loaders.c;h=a00b36d4ef8a8445d4d4f3e447f820fb7920a22f;hp=5767ee2e08a0f964a1ceea53bfb1bd08d880356b;hb=21286c2489ba78da474ddf854f2304dc2424a8ba;hpb=87a69fc505def6be1c8a4d24ae225c3623b5e861 diff --git a/loaders.c b/loaders.c index 5767ee2e..a00b36d4 100644 --- a/loaders.c +++ b/loaders.c @@ -1,4 +1,4 @@ -const char loaders_rcs[] = "$Id: loaders.c,v 1.2 2001/05/17 23:01:01 oes Exp $"; +const char loaders_rcs[] = "$Id: loaders.c,v 1.11 2001/05/29 23:25:24 oes Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/loaders.c,v $ @@ -35,6 +35,73 @@ const char loaders_rcs[] = "$Id: loaders.c,v 1.2 2001/05/17 23:01:01 oes Exp $"; * * Revisions : * $Log: loaders.c,v $ + * Revision 1.11 2001/05/29 23:25:24 oes + * + * - load_config_line() and load_permissions_file() now use chomp() + * + * Revision 1.10 2001/05/29 09:50:24 jongfoster + * Unified blocklist/imagelist/permissionslist. + * File format is still under discussion, but the internal changes + * are (mostly) done. + * + * Also modified interceptor behaviour: + * - We now intercept all URLs beginning with one of the following + * prefixes (and *only* these prefixes): + * * http://i.j.b/ + * * http://ijbswa.sf.net/config/ + * * http://ijbswa.sourceforge.net/config/ + * - New interceptors "home page" - go to http://i.j.b/ to see it. + * - Internal changes so that intercepted and fast redirect pages + * are not replaced with an image. + * - Interceptors now have the option to send a binary page direct + * to the client. (i.e. ijb-send-banner uses this) + * - Implemented show-url-info interceptor. (Which is why I needed + * the above interceptors changes - a typical URL is + * "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif". + * The previous mechanism would not have intercepted that, and + * if it had been intercepted then it then it would have replaced + * it with an image.) + * + * Revision 1.9 2001/05/26 17:12:07 jongfoster + * Fatal errors loading configuration files now give better error messages. + * + * Revision 1.8 2001/05/26 00:55:20 jongfoster + * Removing duplicated code. load_forwardfile() now uses create_url_spec() + * + * Revision 1.7 2001/05/26 00:28:36 jongfoster + * Automatic reloading of config file. + * Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32). + * Most of the global variables have been moved to a new + * struct configuration_spec, accessed through csp->config->globalname + * Most of the globals remaining are used by the Win32 GUI. + * + * Revision 1.6 2001/05/23 12:27:33 oes + * + * Fixed ugly indentation of my last changes + * + * Revision 1.5 2001/05/23 10:39:05 oes + * - Added support for escaping the comment character + * in config files by a backslash + * - Added support for line continuation in config + * files + * - Fixed a buffer overflow bug with long config lines + * + * Revision 1.4 2001/05/22 18:56:28 oes + * CRLF -> LF + * + * Revision 1.3 2001/05/20 01:21:20 jongfoster + * Version 2.9.4 checkin. + * - Merged popupfile and cookiefile, and added control over PCRS + * filtering, in new "permissionsfile". + * - Implemented LOG_LEVEL_FATAL, so that if there is a configuration + * file error you now get a message box (in the Win32 GUI) rather + * than the program exiting with no explanation. + * - Made killpopup use the PCRS MIME-type checking and HTTP-header + * skipping. + * - Removed tabs from "config" + * - Moved duplicated url parsing code in "loaders.c" to a new funcition. + * - Bumped up version number. + * * Revision 1.2 2001/05/17 23:01:01 oes * - Cleaned CRLF's from the sources and related files * @@ -88,15 +155,10 @@ const char loaders_h_rcs[] = LOADERS_H_VERSION; #define ijb_isspace(__X) isspace((int)(unsigned char)(__X)) -#define NLOADERS 8 -static int (*loaders[NLOADERS])(struct client_state *); - - /* * Currently active files. * These are also entered in the main linked list of files. */ -static struct file_list *current_blockfile = NULL; static struct file_list *current_permissions_file = NULL; static struct file_list *current_forwardfile = NULL; @@ -104,10 +166,6 @@ static struct file_list *current_forwardfile = NULL; static struct file_list *current_aclfile = NULL; #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST -static struct file_list *current_imagefile = NULL; -#endif /* def USE_IMAGE_LIST */ - #ifdef TRUST_FILES static struct file_list *current_trustfile = NULL; #endif /* def TRUST_FILES */ @@ -115,10 +173,10 @@ static struct file_list *current_trustfile = NULL; #ifdef PCRS static struct file_list *current_re_filterfile = NULL; #endif /* def PCRS */ - - -static int create_url_spec(struct url_spec * url, char * buf); - + + +static int create_url_spec(struct url_spec * url, char * buf); + /********************************************************************* * @@ -161,10 +219,12 @@ void sweep(void) { /* mark this client's files as active */ - if (ncsp->blist) /* block files */ - { - ncsp->blist->active = 1; - } + /* + * Always have a configuration file. + * (Also note the slightly non-standard extra + * indirection here.) + */ + ncsp->config->config_file_list->active = 1; if (ncsp->permissions_list) /* permissions files */ { @@ -183,13 +243,6 @@ void sweep(void) } #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST - if (ncsp->ilist) /* image files */ - { - ncsp->ilist->active = 1; - } -#endif /* def USE_IMAGE_LIST */ - #ifdef PCRS if (ncsp->rlist) /* perl re files */ { @@ -211,9 +264,10 @@ void sweep(void) csp->next = ncsp->next; freez(ncsp->ip_addr_str); +#ifdef TRUST_FILES freez(ncsp->referrer); +#endif /* def TRUST_FILES */ freez(ncsp->x_forwarded); - freez(ncsp->ip_addr_str); freez(ncsp->iob->buf); free_http_request(ncsp->http); @@ -254,125 +308,126 @@ void sweep(void) } -/********************************************************************* - * - * Function : create_url_spec - * - * Description : Creates a "url_spec" structure from a string. - * When finished, free with unload_url(). - * - * Parameters : - * 1 : url = Target url_spec to be filled in. Must be - * zeroed out before the call (e.g. using zalloc). - * 2 : buf = Source pattern, null terminated. NOTE: The - * contents of this buffer are destroyed by this - * function. If this function succeeds, the - * buffer is copied to url->spec. If this - * function fails, the contents of the buffer - * are lost forever. - * - * Returns : 0 => Ok, everything else is an error. - * - *********************************************************************/ -static int create_url_spec(struct url_spec * url, char * buf) -{ - char *p; - struct url_spec tmp_url[1]; - - /* paranoia - should never happen. */ - if ((url == NULL) || (buf == NULL)) - { - return 1; - } - - /* save a copy of the orignal specification */ - if ((url->spec = strdup(buf)) == NULL) - { - return 1; - } - - if ((p = strchr(buf, '/'))) - { - if (NULL == (url->path = strdup(p))) - { - freez(url->spec); - return 1; - } - url->pathlen = strlen(url->path); - *p = '\0'; - } - else - { - url->path = NULL; - url->pathlen = 0; - } -#ifdef REGEX - if (url->path) - { - int errcode; - char rebuf[BUFSIZ]; - - if (NULL == (url->preg = zalloc(sizeof(*url->preg)))) - { - freez(url->spec); - freez(url->path); - return 1; - } - - sprintf(rebuf, "^(%s)", url->path); - - errcode = regcomp(url->preg, rebuf, - (REG_EXTENDED|REG_NOSUB|REG_ICASE)); - if (errcode) - { - size_t errlen = - regerror(errcode, - url->preg, buf, sizeof(buf)); - - buf[errlen] = '\0'; - - log_error(LOG_LEVEL_ERROR, "error compiling %s: %s", - url->spec, buf); - - freez(url->spec); - freez(url->path); - freez(url->preg); - - return 1; - } - } -#endif - if ((p = strchr(buf, ':')) == NULL) - { - url->port = 0; - } - else - { - *p++ = '\0'; - url->port = atoi(p); - } - - if ((url->domain = strdup(buf)) == NULL) - { - freez(url->spec); - freez(url->path); -#ifdef REGEX - freez(url->preg); -#endif /* def REGEX */ - return 1; - } - - /* split domain into components */ - - *tmp_url = dsplit(url->domain); - url->dbuf = tmp_url->dbuf; - url->dcnt = tmp_url->dcnt; - url->dvec = tmp_url->dvec; - - return 0; /* OK */ -} - - +/********************************************************************* + * + * Function : create_url_spec + * + * Description : Creates a "url_spec" structure from a string. + * When finished, free with unload_url(). + * + * Parameters : + * 1 : url = Target url_spec to be filled in. Must be + * zeroed out before the call (e.g. using zalloc). + * 2 : buf = Source pattern, null terminated. NOTE: The + * contents of this buffer are destroyed by this + * function. If this function succeeds, the + * buffer is copied to url->spec. If this + * function fails, the contents of the buffer + * are lost forever. + * + * Returns : 0 => Ok, everything else is an error. + * + *********************************************************************/ +static int create_url_spec(struct url_spec * url, char * buf) +{ + char *p; + struct url_spec tmp_url[1]; + + /* paranoia - should never happen. */ + if ((url == NULL) || (buf == NULL)) + { + return 1; + } + + /* save a copy of the orignal specification */ + if ((url->spec = strdup(buf)) == NULL) + { + return 1; + } + + if ((p = strchr(buf, '/'))) + { + if (NULL == (url->path = strdup(p))) + { + freez(url->spec); + return 1; + } + url->pathlen = strlen(url->path); + *p = '\0'; + } + else + { + url->path = NULL; + url->pathlen = 0; + } +#ifdef REGEX + if (url->path) + { + int errcode; + char rebuf[BUFSIZ]; + + if (NULL == (url->preg = zalloc(sizeof(*url->preg)))) + { + freez(url->spec); + freez(url->path); + return 1; + } + + sprintf(rebuf, "^(%s)", url->path); + + errcode = regcomp(url->preg, rebuf, + (REG_EXTENDED|REG_NOSUB|REG_ICASE)); + if (errcode) + { + size_t errlen = + regerror(errcode, + url->preg, buf, sizeof(buf)); + + buf[errlen] = '\0'; + + log_error(LOG_LEVEL_ERROR, "error compiling %s: %s", + url->spec, buf); + + freez(url->spec); + freez(url->path); + freez(url->preg); + + return 1; + } + } +#endif + if ((p = strchr(buf, ':')) == NULL) + { + url->port = 0; + } + else + { + *p++ = '\0'; + url->port = atoi(p); + } + + if ((url->domain = strdup(buf)) == NULL) + { + freez(url->spec); + freez(url->path); +#ifdef REGEX + freez(url->preg); +#endif /* def REGEX */ + return 1; + } + + /* split domain into components */ + + *tmp_url = dsplit(url->domain); + url->dbuf = tmp_url->dbuf; + url->dcnt = tmp_url->dcnt; + url->dvec = tmp_url->dvec; + url->unanchored = tmp_url->unanchored; + + return 0; /* OK */ +} + + /********************************************************************* * * Function : unload_url @@ -431,59 +486,6 @@ static void unload_aclfile(void *f) } #endif /* def ACL_FILES */ -/********************************************************************* - * - * Function : unload_blockfile - * - * Description : Unloads a blockfile. - * - * Parameters : - * 1 : f = the data structure associated with the blockfile. - * - * Returns : N/A - * - *********************************************************************/ -static void unload_blockfile(void *f) -{ - struct block_spec *b = (struct block_spec *)f; - if (b == NULL) return; - - unload_blockfile(b->next); - - unload_url(b->url); - - freez(b); - -} - - -#ifdef USE_IMAGE_LIST -/********************************************************************* - * - * Function : unload_imagefile - * - * Description : Unloads an imagefile. - * - * Parameters : - * 1 : f = the data structure associated with the imagefile. - * - * Returns : N/A - * - *********************************************************************/ -static void unload_imagefile(void *f) -{ - struct block_spec *b = (struct block_spec *)f; - if (b == NULL) return; - - unload_imagefile(b->next); - - unload_url(b->url); - - freez(b); - -} -#endif /* def USE_IMAGE_LIST */ - /********************************************************************* * @@ -492,22 +494,22 @@ static void unload_imagefile(void *f) * Description : Unloads a permissions file. * * Parameters : - * 1 : file_data = the data structure associated with the + * 1 : file_data = the data structure associated with the * permissions file. * * Returns : N/A * *********************************************************************/ static void unload_permissions_file(void *file_data) -{ +{ struct permissions_spec * next; struct permissions_spec * cur = (struct permissions_spec *)file_data; - while (cur != NULL) - { + while (cur != NULL) + { next = cur->next; unload_url(cur->url); - freez(cur); - cur = next; + freez(cur); + cur = next; } } @@ -630,9 +632,9 @@ static void unload_re_filterfile(void *f) * On error: 1 and sets newfl == NULL * *********************************************************************/ -static int check_file_changed(const struct file_list * current, - const char * filename, - struct file_list ** newfl) +int check_file_changed(const struct file_list * current, + const char * filename, + struct file_list ** newfl) { struct file_list *fs; struct stat statbuf[1]; @@ -696,8 +698,9 @@ static int check_file_changed(const struct file_list * current, * Function : read_config_line * * Description : Read a single non-empty line from a file and return - * it. Trims comments, leading and trailing whitespace. - * Also wites the file to fs->proxy_args. + * it. Trims comments, leading and trailing whitespace + * and respects escaping of newline and comment char. + * Also writes the file to fs->proxy_args. * * Parameters : * 1 : buf = Buffer to use. @@ -714,6 +717,9 @@ char *read_config_line(char *buf, int buflen, FILE *fp, struct file_list *fs) { char *p, *q; char linebuf[BUFSIZ]; + int contflag = 0; + + *buf = '\0'; while (fgets(linebuf, sizeof(linebuf), fp)) { @@ -730,59 +736,55 @@ char *read_config_line(char *buf, int buflen, FILE *fp, struct file_list *fs) } #endif /* ndef SPLIT_PROXY_ARGS */ - /* Trim off newline and any comment */ - if ((p = strpbrk(linebuf, "\r\n#")) != NULL) + /* Trim off newline */ + if ((p = strpbrk(linebuf, "\r\n")) != NULL) { *p = '\0'; } - - /* Trim leading whitespace */ - p = linebuf; - while (*p && ijb_isspace(*p)) + + /* Line continuation? Trim escape and set flag. */ + if ((p != linebuf) && (*--p == '\\')) { - *p++; + contflag = 1; + *p = '\0'; } - if (*p) + /* If there's a comment char.. */ + if ((p = strpbrk(linebuf, "#")) != NULL) { - /* There is something other than whitespace on the line. */ - - /* Move the data to the start of buf */ - if (p != linebuf) + /* ..and it's escaped, left-shift the line over the escape. */ + if ((p != linebuf) && (*(p-1) == '\\')) { - /* strcpy that can cope with overlap. */ - q = linebuf; - while ((*q++ = *p++) != '\0') - { - /* Do nothing */ - } + q = p-1; + while ((*q++ = *p++) != '\0') /* nop */; } - - /* Trim trailing whitespace */ - p = linebuf + strlen(linebuf) - 1; - - /* - * Note: the (p >= linebuf) below is paranoia, it's not really needed. - * When p == linebuf then ijb_isspace(*p) will be false and we'll drop - * out of the loop. - */ - while ((p >= linebuf) && ijb_isspace(*p)) + /* Else, chop off the rest of the line */ + else { - p--; + *p = '\0'; } - p[1] = '\0'; + } + + /* Remove leading and trailing whitespace */ + chomp(linebuf); - /* More paranoia. This if statement is always true. */ - if (*linebuf) + if (*linebuf) + { + strncat(buf, linebuf, buflen - strlen(buf)); + if (contflag) + { + contflag = 0; + continue; + } + else { - strcpy(buf, linebuf); return buf; } } } - /* EOF */ return NULL; + } @@ -807,7 +809,7 @@ int load_aclfile(struct client_state *csp) struct access_control_list *a, *bl; struct file_list *fs; - if (!check_file_changed(current_aclfile, aclfile, &fs)) + if (!check_file_changed(current_aclfile, csp->config->aclfile, &fs)) { /* No need to load */ if (csp) @@ -829,7 +831,7 @@ int load_aclfile(struct client_state *csp) goto load_aclfile_error; } - fp = fopen(aclfile, "r"); + fp = fopen(csp->config->aclfile, "r"); if (fp == NULL) { @@ -916,18 +918,61 @@ int load_aclfile(struct client_state *csp) return(0); load_aclfile_error: - log_error(LOG_LEVEL_ERROR, "can't load access control list %s: %E", aclfile); + log_error(LOG_LEVEL_FATAL, "can't load access control list %s: %E", + csp->config->aclfile); return(-1); } #endif /* def ACL_FILES */ +struct permission_alias +{ + const char * name; + unsigned mask; /* a bit set to "0" = remove permission */ + unsigned add; /* a bit set to "1" = add permission */ + struct permission_alias * next; +}; + + +/* + * Note: this is special-cased in the code so we don't need to + * fill in the ->next fields. + */ +static const struct permission_alias standard_aliases[] = +{ + { "+block", PERMIT_MASK_ALL, PERMIT_BLOCK }, +/* { "+cookies", PERMIT_MASK_ALL, PERMIT_COOKIE_SET | PERMIT_COOKIE_READ }, */ + { "+cookies-read", PERMIT_MASK_ALL, PERMIT_COOKIE_READ }, + { "+cookies-set", PERMIT_MASK_ALL, PERMIT_COOKIE_SET }, + { "+fast-redirects", PERMIT_MASK_ALL, PERMIT_FAST_REDIRECTS }, + { "+filter", PERMIT_MASK_ALL, PERMIT_RE_FILTER }, + { "+image", PERMIT_MASK_ALL, PERMIT_IMAGE }, + { "+popup", PERMIT_MASK_ALL, PERMIT_POPUPS }, + { "+popups", PERMIT_MASK_ALL, PERMIT_POPUPS }, + { "+referer", PERMIT_MASK_ALL, PERMIT_REFERER }, + { "+referrer", PERMIT_MASK_ALL, PERMIT_REFERER }, + { "-block", ~PERMIT_BLOCK, 0 }, +/* { "-cookies", ~(PERMIT_COOKIE_SET | PERMIT_COOKIE_READ), 0 }, */ + { "-cookies-read", ~PERMIT_COOKIE_READ, 0 }, + { "-cookies-set", ~PERMIT_COOKIE_SET, 0 }, + { "-fast-redirects", ~PERMIT_FAST_REDIRECTS, 0 }, + { "-filter", ~PERMIT_RE_FILTER, 0 }, + { "-image", ~PERMIT_IMAGE, 0 }, + { "-popup", ~PERMIT_POPUPS, 0 }, + { "-popups", ~PERMIT_POPUPS, 0 }, + { "-referer", ~PERMIT_REFERER, 0 }, + { "-referrer", ~PERMIT_REFERER, 0 }, + { NULL, 0, 0 } /* End marker */ +}; + + /********************************************************************* * - * Function : load_blockfile + * Function : load_permissions_file * - * Description : Read and parse a blockfile and add to files list. + * Description : Read and parse a permissions file and add to files + * list. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) @@ -935,403 +980,371 @@ load_aclfile_error: * Returns : 0 => Ok, everything else is an error. * *********************************************************************/ -int load_blockfile(struct client_state *csp) +int load_permissions_file(struct client_state *csp) { FILE *fp; - struct block_spec *b, *bl; - char buf[BUFSIZ], *p, *q; - int reject; + struct permissions_spec *last_perm; + struct permissions_spec *perm; + char buf[BUFSIZ]; struct file_list *fs; +#define MODE_START_OF_FILE 1 +#define MODE_PERMISSIONS 2 +#define MODE_ALIAS 3 + int mode = MODE_START_OF_FILE; + unsigned curmask = PERMIT_MASK_ALL; + unsigned curadd = 0; + struct permission_alias * alias_list = NULL; - if (!check_file_changed(current_blockfile, blockfile, &fs)) + if (!check_file_changed(current_permissions_file, csp->config->permissions_file, &fs)) { /* No need to load */ if (csp) { - csp->blist = current_blockfile; + csp->permissions_list = current_permissions_file; } - return(0); + return 0; } if (!fs) { - goto load_blockfile_error; + log_error(LOG_LEVEL_FATAL, "can't load permissions file '%s': error finding file: %E", + csp->config->permissions_file); + return 1; /* never get here */ } - fs->f = bl = (struct block_spec *) zalloc(sizeof(*bl)); - if (bl == NULL) + fs->f = last_perm = (struct permissions_spec *)zalloc(sizeof(*last_perm)); + if (last_perm == NULL) { - goto load_blockfile_error; + log_error(LOG_LEVEL_FATAL, "can't load permissions file '%s': out of memory!", + csp->config->permissions_file); + return 1; /* never get here */ } - if ((fp = fopen(blockfile, "r")) == NULL) + if ((fp = fopen(csp->config->permissions_file, "r")) == NULL) { - goto load_blockfile_error; + log_error(LOG_LEVEL_FATAL, "can't load permissions file '%s': error opening file: %E", + csp->config->permissions_file); + return 1; /* never get here */ } while (read_config_line(buf, sizeof(buf), fp, fs) != NULL) { - reject = 1; - - if (*buf == '~') + if (*buf == '{') { - reject = 0; - p = buf; - q = p+1; - while ((*p++ = *q++)) + /* It's a header block */ + if (buf[1] == '{') { - /* nop */ - } - } - - /* skip lines containing only ~ */ - if (*buf == '\0') - { - continue; - } - - /* allocate a new node */ - if ((b = zalloc(sizeof(*b))) == NULL) - { - fclose(fp); - goto load_blockfile_error; - } - - /* add it to the list */ - b->next = bl->next; - bl->next = b; - - b->reject = reject; - - /* Save the URL pattern */ - if (create_url_spec(b->url, buf)) - { - fclose(fp); - goto load_blockfile_error; - } - } - - fclose(fp); - -#ifndef SPLIT_PROXY_ARGS - if (!suppress_blocklists) - { - fs->proxy_args = strsav(fs->proxy_args, ""); - } -#endif /* ndef SPLIT_PROXY_ARGS */ - - /* the old one is now obsolete */ - if (current_blockfile) - { - current_blockfile->unloader = unload_blockfile; - } - - fs->next = files->next; - files->next = fs; - current_blockfile = fs; + /* It's {{settings}} or {{alias}} */ + int len = strlen(buf); + char * start = buf + 2; + char * end = buf + len - 1; + if ((len < 5) || (*end-- != '}') || (*end-- != '}')) + { + /* too short */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid line: %s", + csp->config->permissions_file, buf); + return 1; /* never get here */ + } - if (csp) - { - csp->blist = fs; - } + /* Trim leading and trailing whitespace. */ + end[1] = '\0'; + chomp(start); - return(0); + if (*start == '\0') + { + /* too short */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid line: {{ }}", + csp->config->permissions_file); + return 1; /* never get here */ + } -load_blockfile_error: - log_error(LOG_LEVEL_ERROR, "can't load blockfile '%s': %E", blockfile); - return(-1); + if (0 == strcmpic(start, "alias")) + { + /* it's an {{alias}} block */ -} + mode = MODE_ALIAS; + } + else + { + /* invalid {{something}} block */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid line: {{%s}}", + csp->config->permissions_file, start); + return 1; /* never get here */ + } + } + else + { + /* It's a permissions block */ + int more = 1; -#ifdef USE_IMAGE_LIST -/********************************************************************* - * - * Function : load_imagefile - * - * Description : Read and parse an imagefile and add to files list. - * - * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * - * Returns : 0 => Ok, everything else is an error. - * - *********************************************************************/ -int load_imagefile(struct client_state *csp) -{ - FILE *fp; + int len = strlen(buf); + char * start = buf + 1; + char * end = buf + len - 1; - struct block_spec *b, *bl; - char buf[BUFSIZ], *p, *q; - int reject; - struct file_list *fs; - - if (!check_file_changed(current_imagefile, imagefile, &fs)) - { - /* No need to load */ - if (csp) - { - csp->ilist = current_imagefile; - } - return(0); - } - if (!fs) - { - goto load_imagefile_error; - } + if ((len < 3) || (*end-- != '}')) + { + /* too short */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid line: %s", + csp->config->permissions_file, buf); + return 1; /* never get here */ + } - fs->f = bl = (struct block_spec *)zalloc(sizeof(*bl)); - if (bl == NULL) - { - goto load_imagefile_error; - } + end[1] = '\0'; + chomp(start); - if ((fp = fopen(imagefile, "r")) == NULL) - { - goto load_imagefile_error; - } + if (*start == '\0') + { + /* too short */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid line: { }", + csp->config->permissions_file); + return 1; /* never get here */ + } - while (read_config_line(buf, sizeof(buf), fp, fs) != NULL) - { - reject = 1; + mode = MODE_PERMISSIONS; + + curmask = PERMIT_MASK_ALL; + curadd = 0; - if (*buf == '~') - { - reject = 0; - p = buf; - q = p+1; - while ((*p++ = *q++)) - { - /* nop */ + while (more) + { + const struct permission_alias * alias = standard_aliases; + char * option = start; + while ((*start != '\0') && (*start != ' ') && (*start != '\t')) + { + start++; + } + + more = (*start != 0); + if (more) + { + *start++ = '\0'; + + /* Eat all the whitespace between the options */ + while ((*start == ' ') || (*start == '\t')) + { + start++; + } + } + + /* handle option in 'option' */ + + /* Check for standard permission name */ + while ( (alias->name != NULL) && (0 != strcmpic(alias->name, option)) ) + { + alias++; + } + if (alias->name == NULL) + { + /* try user aliases. */ + alias = alias_list; + while ( (alias != NULL) && (0 != strcmpic(alias->name, option)) ) + { + alias = alias->next; + } + } + if (alias == NULL) + { + /* Bad permission name */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid permission name: %s", + csp->config->permissions_file, option); + return 1; /* never get here */ + } + curmask &= alias->mask; + curadd &= alias->mask; + curadd |= alias->add; + } } } - - /* skip lines containing only ~ */ - if (*buf == '\0') + else if (mode == MODE_ALIAS) { - continue; - } + /* define an alias */ + struct permission_alias * new_alias; + int more = 1; - /* allocate a new node */ - if ((b = zalloc(sizeof(*b))) == NULL) - { - fclose(fp); - goto load_imagefile_error; - } + char * start = strchr(buf, '='); + char * end = start; - /* add it to the list */ - b->next = bl->next; - bl->next = b; - - b->reject = reject; + if ((start == NULL) || (start == buf)) + { + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid alias line: %s", + csp->config->permissions_file, buf); + return 1; /* never get here */ + } - /* Save the URL pattern */ - if (create_url_spec(b->url, buf)) - { - fclose(fp); - goto load_imagefile_error; - } - } - - fclose(fp); + if ((new_alias = zalloc(sizeof(*new_alias))) == NULL) + { + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': out of memory!", + csp->config->permissions_file); + return 1; /* never get here */ + } -#ifndef SPLIT_PROXY_ARGS - if (!suppress_blocklists) - { - fs->proxy_args = strsav(fs->proxy_args, ""); - } -#endif /* ndef SPLIT_PROXY_ARGS */ + /* Eat any the whitespace after the '=' */ + start++; + while ((*start == ' ') || (*start == '\t')) + { + start++; + } + if (*start == '\0') + { + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid alias line: %s", + csp->config->permissions_file, buf); + return 1; /* never get here */ + } - /* the old one is now obsolete */ - if (current_imagefile) - { - current_imagefile->unloader = unload_imagefile; - } + /* Eat any the whitespace before the '=' */ + end--; + while ((*end == ' ') || (*end == '\t')) + { + /* + * we already know we must have at least 1 non-ws char + * at start of buf - no need to check + */ + end--; + } + end[1] = '\0'; - fs->next = files->next; - files->next = fs; - current_imagefile = fs; + new_alias->name = strdup(buf); - if (csp) - { - csp->ilist = fs; - } + curmask = PERMIT_MASK_ALL; + curadd = 0; - return(0); + while (more) + { + const struct permission_alias * alias = standard_aliases; + char * option = start; + while ((*start != '\0') && (*start != ' ') && (*start != '\t')) + { + start++; + } -load_imagefile_error: - log_error(LOG_LEVEL_ERROR, "can't load imagefile '%s': %E", imagefile); - return(-1); + more = (*start != 0); + if (more) + { + *start++ = '\0'; -} -#endif /* def USE_IMAGE_LIST */ + /* Eat all the whitespace between the options */ + while ((*start == ' ') || (*start == '\t')) + { + start++; + } + } - -/********************************************************************* - * - * Function : load_permissions_file - * - * Description : Read and parse a permissions file and add to files - * list. - * - * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * - * Returns : 0 => Ok, everything else is an error. - * - *********************************************************************/ -int load_permissions_file(struct client_state *csp) -{ - FILE *fp; + /* handle option in 'option' */ - struct permissions_spec *b, *bl; - char buf[BUFSIZ], *p, *q; - int permissions; - struct file_list *fs; - int i; + /* Check for standard permission name */ + while ( (alias->name != NULL) && (0 != strcmpic(alias->name, option)) ) + { + alias++; + } + if (alias->name == NULL) + { + /* try user aliases. */ + alias = alias_list; + while ( (alias != NULL) && (0 != strcmpic(alias->name, option)) ) + { + alias = alias->next; + } + } + if (alias == NULL) + { + /* Bad permission name */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid permission name: %s", + csp->config->permissions_file, option); + return 1; /* never get here */ + } + curmask &= alias->mask; + curadd &= alias->mask; + curadd |= alias->add; + } - if (!check_file_changed(current_permissions_file, permissions_file, &fs)) - { - /* No need to load */ - if (csp) - { - csp->permissions_list = current_permissions_file; + /* save alias permissions */ + new_alias->mask = curmask; + new_alias->add = curadd; + + /* add to list */ + new_alias->next = alias_list; + alias_list = new_alias; } - return(0); - } - if (!fs) - { - goto load_permissions_error; - } - - fs->f = bl = (struct permissions_spec *)zalloc(sizeof(*bl)); - if (bl == NULL) - { - goto load_permissions_error; - } - - if ((fp = fopen(permissions_file, "r")) == NULL) - { - goto load_permissions_error; - } - - - /* - * default_permissions is set in this file. - * - * Reset it to default first. - */ - default_permissions = PERMIT_RE_FILTER; + else if (mode == MODE_PERMISSIONS) + { + /* it's a URL pattern */ - while (read_config_line(buf, sizeof(buf), fp, fs) != NULL) - { - p = buf; - - permissions = PERMIT_COOKIE_SET | PERMIT_COOKIE_READ | PERMIT_POPUPS; - - /* - * FIXME: for() loop is a kludge. Want to loop around until we - * find a non-control character. Assume there will be at most 4 - * characters. - */ - for (i = 0; i < 4; i++) - { - switch ((int)*p) + /* allocate a new node */ + if ((perm = zalloc(sizeof(*perm))) == NULL) { - case '>': - /* - * Allow cookies to be read by the server, but do - * not allow them to be set. - */ - permissions = (permissions & ~PERMIT_COOKIE_SET); - p++; - break; - - case '<': - /* - * Allow server to set cookies but do not let the - * server read them. - */ - permissions = (permissions & ~PERMIT_COOKIE_READ); - p++; - break; - - case '^': - /* - * Block popups - */ - permissions = (permissions & ~PERMIT_POPUPS); - p++; - break; - - case '%': - /* - * Permit filtering using PCRS - */ - permissions = (permissions | PERMIT_RE_FILTER); - p++; - break; - - case '~': - /* - * All of the above (maximum filtering). - */ - permissions = PERMIT_RE_FILTER; - p++; - break; + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': out of memory!", + csp->config->permissions_file); + return 1; /* never get here */ + } - default: - /* - * FIXME: Should break out of the loop here. - */ - break; - } - } + /* Save flags */ + perm->mask = curmask; + perm->add = curadd; - /* - * Elide any of the "special" chars from the - * front of the pattern - */ - q = buf; - if (p > q) - { - while ((*q++ = *p++) != '\0') + /* Save the URL pattern */ + if (create_url_spec(perm->url, buf)) { - /* nop */ - } - } + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': cannot create URL permission from: %s", + csp->config->permissions_file, buf); + return 1; /* never get here */ + } - /* a lines containing only "special" chars sets default */ - if (*buf == '\0') - { - default_permissions = permissions; - continue; + /* add it to the list */ + last_perm->next = perm; + last_perm = perm; } - - /* allocate a new node */ - if (((b = zalloc(sizeof(*b))) == NULL) - ) + else if (mode == MODE_START_OF_FILE) { + /* oops - please have a {} line as 1st line in file. */ fclose(fp); - goto load_permissions_error; + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': first line is invalid: %s", + csp->config->permissions_file, buf); + return 1; /* never get here */ } - - /* add it to the list */ - b->next = bl->next; - bl->next = b; - - /* Save flags */ - b->permissions = permissions; - - /* Save the URL pattern */ - if (create_url_spec(b->url, buf)) - { + else + { + /* How did we get here? This is impossible! */ fclose(fp); - goto load_permissions_error; + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': INTERNAL ERROR - mode = %d", + csp->config->permissions_file, mode); + return 1; /* never get here */ } } fclose(fp); + + while (alias_list != NULL) + { + struct permission_alias * next = alias_list->next; + freez((char *)alias_list->name); + free(alias_list); + alias_list = next; + } #ifndef SPLIT_PROXY_ARGS if (!suppress_blocklists) @@ -1357,10 +1370,6 @@ int load_permissions_file(struct client_state *csp) return(0); -load_permissions_error: - log_error(LOG_LEVEL_ERROR, "can't load permissions file '%s': %E", permissions_file); - return(-1); - } @@ -1388,7 +1397,7 @@ int load_trustfile(struct client_state *csp) int reject, trusted; struct file_list *fs; - if (!check_file_changed(current_trustfile, trustfile, &fs)) + if (!check_file_changed(current_trustfile, csp->config->trustfile, &fs)) { /* No need to load */ if (csp) @@ -1408,12 +1417,12 @@ int load_trustfile(struct client_state *csp) goto load_trustfile_error; } - if ((fp = fopen(trustfile, "r")) == NULL) + if ((fp = fopen(csp->config->trustfile, "r")) == NULL) { goto load_trustfile_error; } - tl = trust_list; + tl = csp->config->trust_list; while (read_config_line(buf, sizeof(buf), fp, fs) != NULL) { @@ -1456,8 +1465,8 @@ int load_trustfile(struct client_state *csp) b->reject = reject; - /* Save the URL pattern */ - if (create_url_spec(b->url, buf)) + /* Save the URL pattern */ + if (create_url_spec(b->url, buf)) { fclose(fp); goto load_trustfile_error; @@ -1501,7 +1510,8 @@ int load_trustfile(struct client_state *csp) return(0); load_trustfile_error: - log_error(LOG_LEVEL_ERROR, "can't load trustfile '%s': %E", trustfile); + log_error(LOG_LEVEL_FATAL, "can't load trustfile '%s': %E", + csp->config->trustfile); return(-1); } @@ -1525,14 +1535,14 @@ int load_forwardfile(struct client_state *csp) FILE *fp; struct forward_spec *b, *bl; - char buf[BUFSIZ], *p, *q, *tmp; - char *vec[4]; - int port, n, reject; + char buf[BUFSIZ]; + char *p, *tmp; + char *vec[4]; + int n; struct file_list *fs; const struct gateway *gw; - struct url_spec url[1]; - if (!check_file_changed(current_forwardfile, forwardfile, &fs)) + if (!check_file_changed(current_forwardfile, csp->config->forwardfile, &fs)) { /* No need to load */ if (csp) @@ -1553,7 +1563,7 @@ int load_forwardfile(struct client_state *csp) goto load_forwardfile_error; } - if ((fp = fopen(forwardfile, "r")) == NULL) + if ((fp = fopen(csp->config->forwardfile, "r")) == NULL) { goto load_forwardfile_error; } @@ -1576,19 +1586,6 @@ int load_forwardfile(struct client_state *csp) strcpy(buf, vec[0]); - reject = 1; - - if (*buf == '~') - { - reject = 0; - p = buf; - q = p+1; - while ((*p++ = *q++)) - { - /* nop */ - } - } - /* skip lines containing only ~ */ if (*buf == '\0') { @@ -1597,9 +1594,6 @@ int load_forwardfile(struct client_state *csp) /* allocate a new node */ if (((b = zalloc(sizeof(*b))) == NULL) -#ifdef REGEX - || ((b->url->preg = zalloc(sizeof(*b->url->preg))) == NULL) -#endif ) { fclose(fp); @@ -1610,78 +1604,13 @@ int load_forwardfile(struct client_state *csp) b->next = bl->next; bl->next = b; - /* save a copy of the orignal specification */ - if ((b->url->spec = strdup(buf)) == NULL) + /* Save the URL pattern */ + if (create_url_spec(b->url, buf)) { fclose(fp); goto load_forwardfile_error; } - b->reject = reject; - - if ((p = strchr(buf, '/'))) - { - b->url->path = strdup(p); - b->url->pathlen = strlen(b->url->path); - *p = '\0'; - } - else - { - b->url->path = NULL; - b->url->pathlen = 0; - } -#ifdef REGEX - if (b->url->path) - { - int errcode; - char rebuf[BUFSIZ]; - - sprintf(rebuf, "^(%s)", b->url->path); - - errcode = regcomp(b->url->preg, rebuf, - (REG_EXTENDED|REG_NOSUB|REG_ICASE)); - - if (errcode) - { - size_t errlen = regerror(errcode, b->url->preg, buf, sizeof(buf)); - - buf[errlen] = '\0'; - - log_error(LOG_LEVEL_ERROR, "error compiling %s: %s", - b->url->spec, buf); - fclose(fp); - goto load_forwardfile_error; - } - } - else - { - freez(b->url->preg); - } -#endif - if ((p = strchr(buf, ':')) == NULL) - { - port = 0; - } - else - { - *p++ = '\0'; - port = atoi(p); - } - - b->url->port = port; - - if ((b->url->domain = strdup(buf)) == NULL) - { - fclose(fp); - goto load_forwardfile_error; - } - - /* split domain into components */ - *url = dsplit(b->url->domain); - b->url->dbuf = url->dbuf; - b->url->dcnt = url->dcnt; - b->url->dvec = url->dvec; - /* now parse the gateway specs */ p = vec[2]; @@ -1770,7 +1699,8 @@ int load_forwardfile(struct client_state *csp) return(0); load_forwardfile_error: - log_error(LOG_LEVEL_ERROR, "can't load forwardfile '%s': %E", forwardfile); + log_error(LOG_LEVEL_FATAL, "can't load forwardfile '%s': %E", + csp->config->forwardfile); return(-1); } @@ -1802,7 +1732,7 @@ int load_re_filterfile(struct client_state *csp) int error; pcrs_job *dummy; - if (!check_file_changed(current_re_filterfile, re_filterfile, &fs)) + if (!check_file_changed(current_re_filterfile, csp->config->re_filterfile, &fs)) { /* No need to load */ if (csp) @@ -1823,7 +1753,7 @@ int load_re_filterfile(struct client_state *csp) } /* Open the file or fail */ - if ((fp = fopen(re_filterfile, "r")) == NULL) + if ((fp = fopen(csp->config->re_filterfile, "r")) == NULL) { goto load_re_filterfile_error; } @@ -1875,7 +1805,8 @@ int load_re_filterfile(struct client_state *csp) return( 0 ); load_re_filterfile_error: - log_error(LOG_LEVEL_ERROR, "can't load re_filterfile '%s': %E", re_filterfile); + log_error(LOG_LEVEL_FATAL, "can't load re_filterfile '%s': %E", + csp->config->re_filterfile); return(-1); } @@ -1892,19 +1823,21 @@ load_re_filterfile_error: * Parameters : * 1 : loader = pointer to a function that can parse and load * the appropriate config file. + * 2 : config = The configuration_spec to add the loader to. * * Returns : N/A * *********************************************************************/ -void add_loader(int (*loader)(struct client_state *)) +void add_loader(int (*loader)(struct client_state *), + struct configuration_spec * config) { int i; for (i=0; i < NLOADERS; i++) { - if (loaders[i] == NULL) + if (config->loaders[i] == NULL) { - loaders[i] = loader; + config->loaders[i] = loader; break; } } @@ -1923,6 +1856,8 @@ void add_loader(int (*loader)(struct client_state *)) * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) + * Must be non-null. Reads: "csp->config" + * Writes: various data members. * * Returns : 0 => Ok, everything else is an error. * @@ -1934,34 +1869,17 @@ int run_loader(struct client_state *csp) for (i=0; i < NLOADERS; i++) { - if (loaders[i] == NULL) + if (csp->config->loaders[i] == NULL) { break; } - ret |= (loaders[i])(csp); + ret |= (csp->config->loaders[i])(csp); } return(ret); } -/********************************************************************* - * - * Function : remove_all_loaders - * - * Description : Remove all loaders from the list. - * - * Parameters : N/A - * - * Returns : N/A - * - *********************************************************************/ -void remove_all_loaders(void) -{ - memset( loaders, 0, sizeof( loaders ) ); -} - - /* Local Variables: tab-width: 3