X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=parsers.c;h=47be9199f18d77464d89a90b4f43f0536327671d;hp=828eea10cd3f4f9fd072dac9f2b42c6e42c5653a;hb=5a08c9106649551a5b0b19c32053a8acd74d1754;hpb=7fcd2bbc56b5a153530ad4d3a4f86de07f59719f diff --git a/parsers.c b/parsers.c index 828eea10..47be9199 100644 --- a/parsers.c +++ b/parsers.c @@ -1,4 +1,4 @@ -const char parsers_rcs[] = "$Id: parsers.c,v 1.248 2012/09/04 08:32:32 fabiankeil Exp $"; +const char parsers_rcs[] = "$Id: parsers.c,v 1.271 2012/12/07 12:50:17 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/parsers.c,v $ @@ -137,6 +137,7 @@ static jb_err server_keep_alive(struct client_state *csp, char **header); static jb_err server_proxy_connection(struct client_state *csp, char **header); static jb_err client_keep_alive(struct client_state *csp, char **header); static jb_err client_save_content_length(struct client_state *csp, char **header); +static jb_err client_proxy_connection(struct client_state *csp, char **header); #endif /* def FEATURE_CONNECTION_KEEP_ALIVE */ static jb_err client_host_adder (struct client_state *csp); @@ -184,11 +185,12 @@ static const struct parsers client_patterns[] = { #ifdef FEATURE_CONNECTION_KEEP_ALIVE { "Keep-Alive:", 11, client_keep_alive }, { "Content-Length:", 15, client_save_content_length }, + { "Proxy-Connection:", 17, client_proxy_connection }, #else { "Keep-Alive:", 11, crumble }, + { "Proxy-Connection:", 17, crumble }, #endif { "connection:", 11, client_connection }, - { "proxy-connection:", 17, crumble }, { "max-forwards:", 13, client_max_forwards }, { "Accept-Language:", 16, client_accept_language }, { "if-none-match:", 14, client_if_none_match }, @@ -196,6 +198,9 @@ static const struct parsers client_patterns[] = { { "Request-Range:", 14, client_range }, { "If-Range:", 9, client_range }, { "X-Filter:", 9, client_x_filter }, +#if 0 + { "Transfer-Encoding:", 18, client_transfer_encoding }, +#endif { "*", 0, crunch_client_header }, { "*", 0, filter_header }, { NULL, 0, NULL } @@ -280,21 +285,21 @@ long flush_socket(jb_socket fd, struct iob *iob) * * Function : add_to_iob * - * Description : Add content to the buffered page, expanding the + * Description : Add content to the buffer, expanding the * buffer if necessary. * * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * 2 : buf = holds the content to be added to the page - * 3 : n = number of bytes to be added + * 1 : iob = Destination buffer. + * 2 : buffer_limit = Limit to which the destination may grow + * 3 : src = holds the content to be added + * 4 : n = number of bytes to be added * * Returns : JB_ERR_OK on success, JB_ERR_MEMORY if out-of-memory * or buffer limit reached. * *********************************************************************/ -jb_err add_to_iob(struct client_state *csp, char *buf, long n) +jb_err add_to_iob(struct iob *iob, const size_t buffer_limit, char *src, long n) { - struct iob *iob = csp->iob; size_t used, offset, need; char *p; @@ -308,24 +313,24 @@ jb_err add_to_iob(struct client_state *csp, char *buf, long n) * If the buffer can't hold the new data, extend it first. * Use the next power of two if possible, else use the actual need. */ - if (need > csp->config->buffer_limit) + if (need > buffer_limit) { log_error(LOG_LEVEL_INFO, "Buffer limit reached while extending the buffer (iob). Needed: %d. Limit: %d", - need, csp->config->buffer_limit); + need, buffer_limit); return JB_ERR_MEMORY; } if (need > iob->size) { - size_t want = csp->iob->size ? csp->iob->size : 512; + size_t want = iob->size ? iob->size : 512; while (want <= need) { want *= 2; } - if (want <= csp->config->buffer_limit && NULL != (p = (char *)realloc(iob->buf, want))) + if (want <= buffer_limit && NULL != (p = (char *)realloc(iob->buf, want))) { iob->size = want; } @@ -346,7 +351,7 @@ jb_err add_to_iob(struct client_state *csp, char *buf, long n) } /* copy the new data into the iob buffer */ - memcpy(iob->eod, buf, (size_t)n); + memcpy(iob->eod, src, (size_t)n); /* point to the end of the data */ iob->eod += n; @@ -359,6 +364,27 @@ jb_err add_to_iob(struct client_state *csp, char *buf, long n) } +/********************************************************************* + * + * Function : clear_iob + * + * Description : Frees the memory allocated for an I/O buffer and + * resets the structure. + * + * Parameters : + * 1 : iob = I/O buffer to clear. + * + * Returns : JB_ERR_OK on success, JB_ERR_MEMORY if out-of-memory + * or buffer limit reached. + * + *********************************************************************/ +void clear_iob(struct iob *iob) +{ + free(iob->buf); + memset(iob, '\0', sizeof(*iob));; +} + + #ifdef FEATURE_ZLIB /********************************************************************* * @@ -510,11 +536,6 @@ jb_err decompress_iob(struct client_state *csp) } else if (csp->content_type & CT_DEFLATE) { - /* - * XXX: The debug level should be lowered - * before the next stable release. - */ - log_error(LOG_LEVEL_INFO, "Decompressing deflated iob: %d", *cur); /* * In theory (that is, according to RFC 1950), deflate-compressed * data should begin with a two-byte zlib header and have an @@ -722,31 +743,6 @@ jb_err decompress_iob(struct client_state *csp) #endif /* defined(FEATURE_ZLIB) */ -/********************************************************************* - * - * Function : string_move - * - * Description : memmove wrapper to move the last part of a string - * towards the beginning, overwriting the part in - * the middle. strlcpy() can't be used here as the - * strings overlap. - * - * Parameters : - * 1 : dst = Destination to overwrite - * 2 : src = Source to move. - * - * Returns : N/A - * - *********************************************************************/ -static void string_move(char *dst, char *src) -{ - assert(dst < src); - - /* +1 to copy the terminating nul as well. */ - memmove(dst, src, strlen(src)+1); -} - - /********************************************************************* * * Function : normalize_lws @@ -1235,6 +1231,7 @@ jb_err update_server_headers(struct client_state *csp) log_error(LOG_LEVEL_HEADER, "Content modified with no Content-Length header set. " "Created: %s.", header); + csp->flags |= CSP_FLAG_SERVER_CONTENT_LENGTH_SET; } } #endif /* def FEATURE_CONNECTION_KEEP_ALIVE */ @@ -1889,7 +1886,8 @@ static jb_err client_connection(struct client_state *csp, char **header) if (!strcmpic(*header, connection_close)) { #ifdef FEATURE_CONNECTION_KEEP_ALIVE - if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_SHARING)) + if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_SHARING) + && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED)) { if (!strcmpic(csp->http->ver, "HTTP/1.1")) { @@ -1921,7 +1919,8 @@ static jb_err client_connection(struct client_state *csp, char **header) csp->flags &= ~CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE; } } - else if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE)) + else if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE) + && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED)) { log_error(LOG_LEVEL_HEADER, "Keeping the client header '%s' around. " @@ -1940,13 +1939,81 @@ static jb_err client_connection(struct client_state *csp, char **header) freez(old_header); } - /* Signal client_connection_adder() to return early. */ + /* Signal client_connection_header_adder() to return early. */ csp->flags |= CSP_FLAG_CLIENT_CONNECTION_HEADER_SET; return JB_ERR_OK; } +#ifdef FEATURE_CONNECTION_KEEP_ALIVE +/********************************************************************* + * + * Function : client_proxy_connection + * + * Description : Sets the CLIENT_CONNECTION_KEEP_ALIVE flag when + * appropriate and removes the Proxy-Connection + * header. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : header = On input, pointer to header to modify. + * On output, pointer to the modified header, or NULL + * to remove the header. This function frees the + * original string if necessary. + * + * Returns : JB_ERR_OK + * + *********************************************************************/ +static jb_err client_proxy_connection(struct client_state *csp, char **header) +{ + if (0 == (csp->flags & CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE) + && (csp->http->ssl == 0) + && (NULL == strstr(*header, "close"))) + { + log_error(LOG_LEVEL_HEADER, + "The client connection can be kept alive due to: %s", *header); + csp->flags |= CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE; + } + crumble(csp, header); + + return JB_ERR_OK; +} +#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */ + + +/********************************************************************* + * + * Function : client_transfer_encoding + * + * Description : Raise the CSP_FLAG_CHUNKED_CLIENT_BODY flag if + * the request body is "chunked" + * + * XXX: Currently not called through sed() as we + * need the flag earlier on. Should be fixed. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : header = On input, pointer to header to modify. + * On output, pointer to the modified header, or NULL + * to remove the header. This function frees the + * original string if necessary. + * + * Returns : JB_ERR_OK on success, or + * + *********************************************************************/ +jb_err client_transfer_encoding(struct client_state *csp, char **header) +{ + if (strstr(*header, "chunked")) + { + csp->flags |= CSP_FLAG_CHUNKED_CLIENT_BODY; + log_error(LOG_LEVEL_HEADER, "Expecting chunked client body"); + } + + return JB_ERR_OK; +} + + /********************************************************************* * * Function : crumble @@ -3037,7 +3104,7 @@ static jb_err client_from(struct client_state *csp, char **header) *********************************************************************/ static jb_err client_send_cookie(struct client_state *csp, char **header) { - if (csp->action->flags & ACTION_NO_COOKIE_READ) + if (csp->action->flags & ACTION_CRUNCH_OUTGOING_COOKIES) { log_error(LOG_LEVEL_HEADER, "Crunched outgoing cookie: %s", *header); freez(*header); @@ -3665,8 +3732,7 @@ static jb_err server_connection_adder(struct client_state *csp) * Function : server_proxy_connection_adder * * Description : Adds a "Proxy-Connection: keep-alive" header to - * csp->headers if the client asked for keep-alive. - * XXX: We should reuse existent ones. + * csp->headers when appropriate. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) @@ -3682,7 +3748,9 @@ static jb_err server_proxy_connection_adder(struct client_state *csp) if ((csp->flags & CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE) && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED) - && !(csp->flags & CSP_FLAG_SERVER_PROXY_CONNECTION_HEADER_SET)) + && !(csp->flags & CSP_FLAG_SERVER_PROXY_CONNECTION_HEADER_SET) + && ((csp->flags & CSP_FLAG_SERVER_CONTENT_LENGTH_SET) + || (csp->flags & CSP_FLAG_CHUNKED))) { log_error(LOG_LEVEL_HEADER, "Adding: %s", proxy_connection_header); err = enlist(csp->headers, proxy_connection_header); @@ -3719,6 +3787,7 @@ static jb_err client_connection_header_adder(struct client_state *csp) #ifdef FEATURE_CONNECTION_KEEP_ALIVE if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE) + && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED) && (csp->http->ssl == 0) && !strcmpic(csp->http->ver, "HTTP/1.1")) { @@ -3784,6 +3853,50 @@ static jb_err server_http(struct client_state *csp, char **header) return JB_ERR_OK; } +/********************************************************************* + * + * Function : add_cooky_expiry_date + * + * Description : Adds a cookie expiry date to a string. + * + * Parameters : + * 1 : cookie = On input, pointer to cookie to modify. + * On output, pointer to the modified header. + * The original string is freed. + * 2 : lifetime = Seconds the cookie should be valid + * + * Returns : N/A + * + *********************************************************************/ +static void add_cookie_expiry_date(char **cookie, time_t lifetime) +{ + char tmp[50]; + struct tm *timeptr = NULL; + time_t expiry_date = time(NULL) + lifetime; +#ifdef HAVE_GMTIME_R + struct tm gmt; + + timeptr = gmtime_r(&expiry_date, &gmt); +#elif defined(MUTEX_LOCKS_AVAILABLE) + privoxy_mutex_lock(&gmtime_mutex); + timeptr = gmtime(&expiry_date); + privoxy_mutex_unlock(&gmtime_mutex); +#else + timeptr = gmtime(&expiry_date); +#endif + + if (NULL == timeptr) + { + log_error(LOG_LEVEL_FATAL, + "Failed to get the time in add_cooky_expiry_date()"); + } + strftime(tmp, sizeof(tmp), "; expires=%a, %d-%b-%Y %H:%M:%S GMT", timeptr); + if (JB_ERR_OK != string_append(cookie, tmp)) + { + log_error(LOG_LEVEL_FATAL, "Out of memory in add_cooky_expiry()"); + } +} + /********************************************************************* * @@ -3793,10 +3906,6 @@ static jb_err server_http(struct client_state *csp, char **header) * Crunch, accept or rewrite it to a session cookie. * Called from `sed'. * - * TODO: Allow the user to specify a new expiration - * time to cause the cookie to expire even before the - * browser is closed. - * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) * 2 : header = On input, pointer to header to modify. @@ -3810,20 +3919,23 @@ static jb_err server_http(struct client_state *csp, char **header) *********************************************************************/ static jb_err server_set_cookie(struct client_state *csp, char **header) { - time_t now; - time_t cookie_time; - - time(&now); - - if ((csp->action->flags & ACTION_NO_COOKIE_SET) != 0) + if ((csp->action->flags & ACTION_CRUNCH_INCOMING_COOKIES) != 0) { log_error(LOG_LEVEL_HEADER, "Crunching incoming cookie: %s", *header); freez(*header); } - else if ((csp->action->flags & ACTION_NO_COOKIE_KEEP) != 0) + else if ((0 != (csp->action->flags & ACTION_SESSION_COOKIES_ONLY)) + || (0 != (csp->action->flags & ACTION_LIMIT_COOKIE_LIFETIME))) { - /* Flag whether or not to log a message */ - int changed = 0; + time_t now; + time_t cookie_time; + long cookie_lifetime = 0; + enum + { + NO_EXPIRY_DATE_SPECIFIED, + EXPIRY_DATE_ACCEPTABLE, + EXPIRY_DATE_UNACCEPTABLE + } expiry_date_status = NO_EXPIRY_DATE_SPECIFIED; /* A variable to store the tag we're working on */ char *cur_tag; @@ -3837,6 +3949,20 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) cur_tag++; } + time(&now); + + if ((csp->action->flags & ACTION_LIMIT_COOKIE_LIFETIME) != 0) + { + const char *param = csp->action->string[ACTION_STRING_LIMIT_COOKIE_LIFETIME]; + + cookie_lifetime = strtol(param, NULL, 0); + if (cookie_lifetime < 0) + { + log_error(LOG_LEVEL_FATAL, "Invalid cookie lifetime limit: %s", param); + } + cookie_lifetime *= 60; + } + /* Loop through each tag in the cookie */ while (*cur_tag) { @@ -3890,7 +4016,7 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) log_error(LOG_LEVEL_ERROR, "Can't parse \'%s\', send by %s. Unsupported time format?", cur_tag, csp->http->url); string_move(cur_tag, next_tag); - changed = 1; + expiry_date_status = EXPIRY_DATE_UNACCEPTABLE; } else { @@ -3928,12 +4054,21 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) * anyway, which in many cases will be shorter * than a browser session. */ - if (cookie_time - now < 0) + if (cookie_time < now) { log_error(LOG_LEVEL_HEADER, "Cookie \'%s\' is already expired and can pass unmodified.", *header); /* Just in case some clown sets more then one expiration date */ cur_tag = next_tag; + expiry_date_status = EXPIRY_DATE_ACCEPTABLE; + } + else if ((cookie_lifetime != 0) && (cookie_time < (now + cookie_lifetime))) + { + log_error(LOG_LEVEL_HEADER, "Cookie \'%s\' can pass unmodified. " + "Its lifetime is below the limit.", *header); + /* Just in case some clown sets more then one expiration date */ + cur_tag = next_tag; + expiry_date_status = EXPIRY_DATE_ACCEPTABLE; } else { @@ -3944,7 +4079,7 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) string_move(cur_tag, next_tag); /* That changed the header, need to issue a log message */ - changed = 1; + expiry_date_status = EXPIRY_DATE_UNACCEPTABLE; /* * Note that the next tag has now been moved to *cur_tag, @@ -3961,11 +4096,19 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) } } - if (changed) + if (expiry_date_status != EXPIRY_DATE_ACCEPTABLE) { assert(NULL != *header); - log_error(LOG_LEVEL_HEADER, "Cookie rewritten to a temporary one: %s", - *header); + if (cookie_lifetime != 0) + { + add_cookie_expiry_date(header, cookie_lifetime); + log_error(LOG_LEVEL_HEADER, "Cookie rewritten to: %s", *header); + } + else if (expiry_date_status != NO_EXPIRY_DATE_SPECIFIED) + { + log_error(LOG_LEVEL_HEADER, + "Cookie rewritten to a temporary one: %s", *header); + } } } @@ -4036,7 +4179,7 @@ static jb_err parse_header_time(const char *header_time, time_t *result) * attempt to work around GNU libc's strptime() * reporting negative year values when using %Y. */ - static const char * const time_formats[] = { + static const char time_formats[][22] = { /* Tue, 02-Jun-37 20:00:00 */ "%a, %d-%b-%y %H:%M:%S", /* Tue, 02 Jun 2037 20:00:00 */ @@ -4069,6 +4212,44 @@ static jb_err parse_header_time(const char *header_time, time_t *result) continue; } *result = timegm(&gmt); + +#ifdef FEATURE_STRPTIME_SANITY_CHECKS + /* + * Verify that parsing the date recreated from the first + * parse operation gets the previous result. If it doesn't, + * either strptime() or strftime() are malfunctioning. + * + * We could string-compare the recreated date with the original + * header date, but this leads to false positives as strptime() + * may let %a accept all day formats while strftime() will only + * create one. + */ + { + char recreated_date[100]; + struct tm *tm; + time_t result2; + + tm = gmtime(result); + strftime(recreated_date, sizeof(recreated_date), time_formats[i], tm); + memset(&gmt, 0, sizeof(gmt)); + if (NULL == strptime(recreated_date, time_formats[i], &gmt)) + { + log_error(LOG_LEVEL_ERROR, + "Failed to parse '%s' generated with '%s' to recreate '%s'.", + recreated_date, time_formats[i], header_time); + continue; + } + result2 = timegm(&gmt); + if (*result != result2) + { + log_error(LOG_LEVEL_ERROR, "strftime() and strptime() disagree. " + "Format: '%s'. In: '%s', out: '%s'. %d != %d. Rejecting.", + time_formats[i], header_time, recreated_date, *result, result2); + continue; + } + } +#endif + return JB_ERR_OK; } } @@ -4305,6 +4486,7 @@ static void create_content_length_header(unsigned long long content_length, } +#ifdef FEATURE_CONNECTION_KEEP_ALIVE /********************************************************************* * * Function : get_expected_content_length @@ -4336,7 +4518,7 @@ unsigned long long get_expected_content_length(struct list *headers) return content_length; } - +#endif /* Local Variables: