X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=parsers.c;h=c520d0a3e47b49761aebcf6e88bf607dd874422a;hp=f5dbd1b001a02a2db9519c49838e0398c09fa2c2;hb=312148396e9a26b0b3bd84bd7377973fd4b206e7;hpb=b2a94203a0fd55da643043e8df9e97735d35645e diff --git a/parsers.c b/parsers.c index f5dbd1b0..c520d0a3 100644 --- a/parsers.c +++ b/parsers.c @@ -1,11 +1,11 @@ -const char parsers_rcs[] = "$Id: parsers.c,v 1.238 2011/12/31 14:47:45 fabiankeil Exp $"; +const char parsers_rcs[] = "$Id: parsers.c,v 1.263 2012/11/11 12:38:42 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/parsers.c,v $ * * Purpose : Declares functions to parse/crunch headers and pages. * - * Copyright : Written by and Copyright (C) 2001-2011 the + * Copyright : Written by and Copyright (C) 2001-2012 the * Privoxy team. http://www.privoxy.org/ * * Based on the Internet Junkbuster originally written @@ -92,19 +92,6 @@ const char parsers_rcs[] = "$Id: parsers.c,v 1.238 2011/12/31 14:47:45 fabiankei const char parsers_h_rcs[] = PARSERS_H_VERSION; -/* Fix a problem with Solaris. There should be no effect on other - * platforms. - * Solaris's isspace() is a macro which uses its argument directly - * as an array index. Therefore we need to make sure that high-bit - * characters generate +ve values, and ideally we also want to make - * the argument match the declared parameter type of "int". - * - * Why did they write a character function that can't take a simple - * "char" argument? Doh! - */ -#define ijb_isupper(__X) isupper((int)(unsigned char)(__X)) -#define ijb_tolower(__X) tolower((int)(unsigned char)(__X)) - static char *get_header_line(struct iob *iob); static jb_err scan_headers(struct client_state *csp); static jb_err header_tagger(struct client_state *csp, char *header); @@ -293,21 +280,21 @@ long flush_socket(jb_socket fd, struct iob *iob) * * Function : add_to_iob * - * Description : Add content to the buffered page, expanding the + * Description : Add content to the buffer, expanding the * buffer if necessary. * * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * 2 : buf = holds the content to be added to the page - * 3 : n = number of bytes to be added + * 1 : iob = Destination buffer. + * 2 : buffer_limit = Limit to which the destination may grow + * 3 : src = holds the content to be added + * 4 : n = number of bytes to be added * * Returns : JB_ERR_OK on success, JB_ERR_MEMORY if out-of-memory * or buffer limit reached. * *********************************************************************/ -jb_err add_to_iob(struct client_state *csp, char *buf, long n) +jb_err add_to_iob(struct iob *iob, const size_t buffer_limit, char *src, long n) { - struct iob *iob = csp->iob; size_t used, offset, need; char *p; @@ -321,24 +308,24 @@ jb_err add_to_iob(struct client_state *csp, char *buf, long n) * If the buffer can't hold the new data, extend it first. * Use the next power of two if possible, else use the actual need. */ - if (need > csp->config->buffer_limit) + if (need > buffer_limit) { log_error(LOG_LEVEL_INFO, "Buffer limit reached while extending the buffer (iob). Needed: %d. Limit: %d", - need, csp->config->buffer_limit); + need, buffer_limit); return JB_ERR_MEMORY; } if (need > iob->size) { - size_t want = csp->iob->size ? csp->iob->size : 512; + size_t want = iob->size ? iob->size : 512; while (want <= need) { want *= 2; } - if (want <= csp->config->buffer_limit && NULL != (p = (char *)realloc(iob->buf, want))) + if (want <= buffer_limit && NULL != (p = (char *)realloc(iob->buf, want))) { iob->size = want; } @@ -359,7 +346,7 @@ jb_err add_to_iob(struct client_state *csp, char *buf, long n) } /* copy the new data into the iob buffer */ - memcpy(iob->eod, buf, (size_t)n); + memcpy(iob->eod, src, (size_t)n); /* point to the end of the data */ iob->eod += n; @@ -372,6 +359,27 @@ jb_err add_to_iob(struct client_state *csp, char *buf, long n) } +/********************************************************************* + * + * Function : clear_iob + * + * Description : Frees the memory allocated for an I/O buffer and + * resets the structure. + * + * Parameters : + * 1 : iob = I/O buffer to clear. + * + * Returns : JB_ERR_OK on success, JB_ERR_MEMORY if out-of-memory + * or buffer limit reached. + * + *********************************************************************/ +void clear_iob(struct iob *iob) +{ + free(iob->buf); + memset(iob, '\0', sizeof(*iob));; +} + + #ifdef FEATURE_ZLIB /********************************************************************* * @@ -523,11 +531,6 @@ jb_err decompress_iob(struct client_state *csp) } else if (csp->content_type & CT_DEFLATE) { - /* - * XXX: The debug level should be lowered - * before the next stable release. - */ - log_error(LOG_LEVEL_INFO, "Decompressing deflated iob: %d", *cur); /* * In theory (that is, according to RFC 1950), deflate-compressed * data should begin with a two-byte zlib header and have an @@ -783,11 +786,11 @@ static void normalize_lws(char *header) while (*p != '\0') { - if (ijb_isspace(*p) && ijb_isspace(*(p+1))) + if (privoxy_isspace(*p) && privoxy_isspace(*(p+1))) { char *q = p+1; - while (ijb_isspace(*q)) + while (privoxy_isspace(*q)) { q++; } @@ -820,7 +823,7 @@ static void normalize_lws(char *header) } p = strchr(header, ':'); - if ((p != NULL) && (p != header) && ijb_isspace(*(p-1))) + if ((p != NULL) && (p != header) && privoxy_isspace(*(p-1))) { /* * There's still space before the colon. @@ -995,7 +998,7 @@ char *get_header_value(const struct list *header_list, const char *header_name) * Found: return pointer to start of value */ ret = cur_entry->str + length; - while (*ret && ijb_isspace(*ret)) ret++; + while (*ret && privoxy_isspace(*ret)) ret++; return ret; } } @@ -1038,6 +1041,79 @@ static jb_err scan_headers(struct client_state *csp) } +/********************************************************************* + * + * Function : enforce_header_order + * + * Description : Enforces a given header order. + * + * Parameters : + * 1 : headers = List of headers to order. + * 2 : ordered_headers = List of ordered header names. + * + * Returns : N/A + * + *********************************************************************/ +static void enforce_header_order(struct list *headers, const struct list *ordered_headers) +{ + struct list_entry *sorted_header; + struct list new_headers[1]; + struct list_entry *header; + + init_list(new_headers); + + /* The request line is always the first "header" */ + + assert(NULL != headers->first->str); + enlist(new_headers, headers->first->str); + freez(headers->first->str) + + /* Enlist the specified headers in the given order */ + + for (sorted_header = ordered_headers->first; sorted_header != NULL; + sorted_header = sorted_header->next) + { + const size_t sorted_header_length = strlen(sorted_header->str); + for (header = headers->first; header != NULL; header = header->next) + { + /* Header enlisted in previous run? -> ignore */ + if (header->str == NULL) continue; + + if (0 == strncmpic(sorted_header->str, header->str, sorted_header_length) + && (header->str[sorted_header_length] == ':')) + { + log_error(LOG_LEVEL_HEADER, "Enlisting sorted header %s", header->str); + if (JB_ERR_OK != enlist(new_headers, header->str)) + { + log_error(LOG_LEVEL_HEADER, "Failed to enlist %s", header->str); + } + freez(header->str); + } + } + } + + /* Enlist the rest of the headers behind the ordered ones */ + for (header = headers->first; header != NULL; header = header->next) + { + /* Header enlisted in previous run? -> ignore */ + if (header->str == NULL) continue; + + log_error(LOG_LEVEL_HEADER, + "Enlisting left-over header %s", header->str); + if (JB_ERR_OK != enlist(new_headers, header->str)) + { + log_error(LOG_LEVEL_HEADER, "Failed to enlist %s", header->str); + } + freez(header->str); + } + + list_remove_all(headers); + list_duplicate(headers, new_headers); + list_remove_all(new_headers); + + return; +} + /********************************************************************* * * Function : sed @@ -1104,6 +1180,11 @@ jb_err sed(struct client_state *csp, int filter_server_headers) f++; } + if (!filter_server_headers && !list_is_empty(csp->config->ordered_client_headers)) + { + enforce_header_order(csp->headers, csp->config->ordered_client_headers); + } + return err; } @@ -1493,14 +1574,14 @@ static jb_err filter_header(struct client_state *csp, char **header) for (job = joblist; NULL != job; job = job->next) { matches = pcrs_execute(job, *header, size, &newheader, &size); - if ( 0 < matches ) + if (0 < matches) { current_hits += matches; log_error(LOG_LEVEL_HEADER, "Transforming \"%s\" to \"%s\"", *header, newheader); freez(*header); *header = newheader; } - else if ( 0 == matches ) + else if (0 == matches) { /* Filter doesn't change header */ freez(newheader); @@ -1557,8 +1638,7 @@ static jb_err filter_header(struct client_state *csp, char **header) * to remove the header. This function frees the * original string if necessary. * - * Returns : JB_ERR_OK on success, or - * JB_ERR_MEMORY on out-of-memory error. + * Returns : JB_ERR_OK on success. * *********************************************************************/ static jb_err server_connection(struct client_state *csp, char **header) @@ -1567,7 +1647,7 @@ static jb_err server_connection(struct client_state *csp, char **header) #ifdef FEATURE_CONNECTION_KEEP_ALIVE && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED) #endif - ) + ) { #ifdef FEATURE_CONNECTION_KEEP_ALIVE if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE)) @@ -1585,11 +1665,7 @@ static jb_err server_connection(struct client_state *csp, char **header) { char *old_header = *header; - *header = strdup("Connection: close"); - if (header == NULL) - { - return JB_ERR_MEMORY; - } + *header = strdup_or_die("Connection: close"); log_error(LOG_LEVEL_HEADER, "Replaced: \'%s\' with \'%s\'", old_header, *header); freez(old_header); } @@ -1740,22 +1816,20 @@ static jb_err client_keep_alive(struct client_state *csp, char **header) * Content-Length header. * * Parameters : - * 1 : header = The Content-Length header. + * 1 : header_value = The Content-Length header value. * 2 : length = Storage to return the value. * * Returns : JB_ERR_OK on success, or * JB_ERR_PARSE if no value is recognized. * *********************************************************************/ -static jb_err get_content_length(const char *header, unsigned long long *length) +static jb_err get_content_length(const char *header_value, unsigned long long *length) { - assert(header[14] == ':'); - #ifdef _WIN32 assert(sizeof(unsigned long long) > 4); - if (1 != sscanf(header+14, ": %I64u", length)) + if (1 != sscanf(header_value, "%I64u", length)) #else - if (1 != sscanf(header+14, ": %llu", length)) + if (1 != sscanf(header_value, "%llu", length)) #endif { return JB_ERR_PARSE; @@ -1785,10 +1859,12 @@ static jb_err get_content_length(const char *header, unsigned long long *length) static jb_err client_save_content_length(struct client_state *csp, char **header) { unsigned long long content_length = 0; + const char *header_value; assert(*(*header+14) == ':'); - if (JB_ERR_OK != get_content_length(*header, &content_length)) + header_value = *header + 15; + if (JB_ERR_OK != get_content_length(header_value, &content_length)) { log_error(LOG_LEVEL_ERROR, "Crunching invalid header: %s", *header); freez(*header); @@ -1819,8 +1895,7 @@ static jb_err client_save_content_length(struct client_state *csp, char **header * to remove the header. This function frees the * original string if necessary. * - * Returns : JB_ERR_OK on success, or - * JB_ERR_MEMORY on out-of-memory error. + * Returns : JB_ERR_OK on success. * *********************************************************************/ static jb_err client_connection(struct client_state *csp, char **header) @@ -1830,7 +1905,8 @@ static jb_err client_connection(struct client_state *csp, char **header) if (!strcmpic(*header, connection_close)) { #ifdef FEATURE_CONNECTION_KEEP_ALIVE - if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_SHARING)) + if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_SHARING) + && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED)) { if (!strcmpic(csp->http->ver, "HTTP/1.1")) { @@ -1847,11 +1923,7 @@ static jb_err client_connection(struct client_state *csp, char **header) { char *old_header = *header; - *header = strdup("Connection: keep-alive"); - if (header == NULL) - { - return JB_ERR_MEMORY; - } + *header = strdup_or_die("Connection: keep-alive"); log_error(LOG_LEVEL_HEADER, "Replaced: \'%s\' with \'%s\'", old_header, *header); freez(old_header); @@ -1866,7 +1938,8 @@ static jb_err client_connection(struct client_state *csp, char **header) csp->flags &= ~CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE; } } - else if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE)) + else if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE) + && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED)) { log_error(LOG_LEVEL_HEADER, "Keeping the client header '%s' around. " @@ -1879,17 +1952,13 @@ static jb_err client_connection(struct client_state *csp, char **header) { char *old_header = *header; - *header = strdup(connection_close); - if (header == NULL) - { - return JB_ERR_MEMORY; - } + *header = strdup_or_die(connection_close); log_error(LOG_LEVEL_HEADER, "Replaced: \'%s\' with \'%s\'", old_header, *header); freez(old_header); } - /* Signal client_connection_adder() to return early. */ + /* Signal client_connection_header_adder() to return early. */ csp->flags |= CSP_FLAG_CLIENT_CONNECTION_HEADER_SET; return JB_ERR_OK; @@ -2037,7 +2106,7 @@ static jb_err server_content_type(struct client_state *csp, char **header) if ((csp->content_type & CT_TEXT) || (csp->action->flags & ACTION_FORCE_TEXT_MODE)) { freez(*header); - *header = strdup("Content-Type: "); + *header = strdup_or_die("Content-Type: "); string_append(header, csp->action->string[ACTION_STRING_CONTENT_TYPE]); if (header == NULL) @@ -2327,10 +2396,12 @@ static jb_err server_adjust_content_length(struct client_state *csp, char **head static jb_err server_save_content_length(struct client_state *csp, char **header) { unsigned long long content_length = 0; + const char *header_value; assert(*(*header+14) == ':'); - if (JB_ERR_OK != get_content_length(*header, &content_length)) + header_value = *header + 15; + if (JB_ERR_OK != get_content_length(header_value, &content_length)) { log_error(LOG_LEVEL_ERROR, "Crunching invalid header: %s", *header); freez(*header); @@ -2474,7 +2545,7 @@ static jb_err server_last_modified(struct client_state *csp, char **header) newval = csp->action->string[ACTION_STRING_LAST_MODIFIED]; - if (0 == strcmpic(newval, "block") ) + if (0 == strcmpic(newval, "block")) { /* * Blocking Last-Modified header. Useless but why not. @@ -2770,7 +2841,7 @@ static jb_err client_accept_language(struct client_state *csp, char **header) newval = csp->action->string[ACTION_STRING_LANGUAGE]; - if ((newval == NULL) || (0 == strcmpic(newval, "block")) ) + if ((newval == NULL) || (0 == strcmpic(newval, "block"))) { /* * Blocking Accept-Language header @@ -2947,7 +3018,7 @@ static jb_err client_from(struct client_state *csp, char **header) /* * Are we blocking the e-mail address? */ - if ((newval == NULL) || (0 == strcmpic(newval, "block")) ) + if ((newval == NULL) || (0 == strcmpic(newval, "block"))) { log_error(LOG_LEVEL_HEADER, "crunched From!"); return JB_ERR_OK; @@ -2984,7 +3055,7 @@ static jb_err client_from(struct client_state *csp, char **header) *********************************************************************/ static jb_err client_send_cookie(struct client_state *csp, char **header) { - if (csp->action->flags & ACTION_NO_COOKIE_READ) + if (csp->action->flags & ACTION_CRUNCH_OUTGOING_COOKIES) { log_error(LOG_LEVEL_HEADER, "Crunched outgoing cookie: %s", *header); freez(*header); @@ -3141,16 +3212,9 @@ static jb_err client_host(struct client_state *csp, char **header) *csp->http->hostport == ' ' || *csp->http->hostport == '\0') { - if (NULL == (p = strdup((*header)+6))) - { - return JB_ERR_MEMORY; - } + p = strdup_or_die((*header)+6); chomp(p); - if (NULL == (q = strdup(p))) - { - freez(p); - return JB_ERR_MEMORY; - } + q = strdup_or_die(p); freez(csp->http->hostport); csp->http->hostport = p; @@ -3207,7 +3271,7 @@ static jb_err client_if_modified_since(struct client_state *csp, char **header) const char *newval; char * endptr; - if ( 0 == strcmpic(*header, "If-Modified-Since: Wed, 08 Jun 1955 12:00:00 GMT")) + if (0 == strcmpic(*header, "If-Modified-Since: Wed, 08 Jun 1955 12:00:00 GMT")) { /* * The client got an error message because of a temporary problem, @@ -3354,7 +3418,7 @@ static jb_err client_if_none_match(struct client_state *csp, char **header) *********************************************************************/ jb_err client_x_filter(struct client_state *csp, char **header) { - if ( 0 == strcmpic(*header, "X-Filter: No")) + if (0 == strcmpic(*header, "X-Filter: No")) { if (!(csp->config->feature_flags & RUNTIME_FEATURE_HTTP_TOGGLE)) { @@ -3386,11 +3450,25 @@ jb_err client_x_filter(struct client_state *csp, char **header) * Function : client_range * * Description : Removes Range, Request-Range and If-Range headers if - * content filtering is enabled. If the client's version - * of the document has been altered by Privoxy, the server - * could interpret the range differently than the client - * intended in which case the user could end up with - * corrupted content. + * content filtering is enabled and the range doesn't + * start at byte 0. + * + * If the client's version of the document has been + * altered by Privoxy, the server could interpret the + * range differently than the client intended in which + * case the user could end up with corrupted content. + * + * If the range starts at byte 0 this isn't an issue + * so the header can pass. Partial requests like this + * are used to render preview images for videos without + * downloading the whole video. + * + * While HTTP doesn't require that range requests are + * honoured and the client could simply abort the download + * after receiving a sufficient amount of data, various + * clients don't handle complete responses to range + * requests gracefully and emit misleading error messages + * instead. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) @@ -3404,7 +3482,8 @@ jb_err client_x_filter(struct client_state *csp, char **header) *********************************************************************/ static jb_err client_range(struct client_state *csp, char **header) { - if (content_filters_enabled(csp->action)) + if (content_filters_enabled(csp->action) + && (0 != strncmpic(strstr(*header, ":"), ": bytes=0-", 10))) { log_error(LOG_LEVEL_HEADER, "Content filtering is enabled." " Crunching: \'%s\' to prevent range-mismatch problems.", *header); @@ -3441,7 +3520,7 @@ static jb_err client_host_adder(struct client_state *csp) return JB_ERR_OK; } - if ( !csp->http->hostport || !*(csp->http->hostport)) + if (!csp->http->hostport || !*(csp->http->hostport)) { /* XXX: When does this happen and why is it OK? */ log_error(LOG_LEVEL_INFO, "Weirdness in client_host_adder detected and ignored."); @@ -3451,7 +3530,7 @@ static jb_err client_host_adder(struct client_state *csp) /* * remove 'user:pass@' from 'proto://user:pass@host' */ - if ( (p = strchr( csp->http->hostport, '@')) != NULL ) + if ((p = strchr( csp->http->hostport, '@')) != NULL) { p++; } @@ -3584,7 +3663,7 @@ static jb_err server_connection_adder(struct client_state *csp) #ifdef FEATURE_CONNECTION_KEEP_ALIVE && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED) #endif - ) + ) { log_error(LOG_LEVEL_HEADER, "A HTTP/1.1 response " "without Connection header implies keep-alive."); @@ -3604,8 +3683,7 @@ static jb_err server_connection_adder(struct client_state *csp) * Function : server_proxy_connection_adder * * Description : Adds a "Proxy-Connection: keep-alive" header to - * csp->headers if the client asked for keep-alive. - * XXX: We should reuse existent ones. + * csp->headers when appropriate. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) @@ -3621,7 +3699,9 @@ static jb_err server_proxy_connection_adder(struct client_state *csp) if ((csp->flags & CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE) && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED) - && !(csp->flags & CSP_FLAG_SERVER_PROXY_CONNECTION_HEADER_SET)) + && !(csp->flags & CSP_FLAG_SERVER_PROXY_CONNECTION_HEADER_SET) + && ((csp->flags & CSP_FLAG_SERVER_CONTENT_LENGTH_SET) + || (csp->flags & CSP_FLAG_CHUNKED))) { log_error(LOG_LEVEL_HEADER, "Adding: %s", proxy_connection_header); err = enlist(csp->headers, proxy_connection_header); @@ -3658,6 +3738,7 @@ static jb_err client_connection_header_adder(struct client_state *csp) #ifdef FEATURE_CONNECTION_KEEP_ALIVE if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE) + && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED) && (csp->http->ssl == 0) && !strcmpic(csp->http->ver, "HTTP/1.1")) { @@ -3723,6 +3804,50 @@ static jb_err server_http(struct client_state *csp, char **header) return JB_ERR_OK; } +/********************************************************************* + * + * Function : add_cooky_expiry_date + * + * Description : Adds a cookie expiry date to a string. + * + * Parameters : + * 1 : cookie = On input, pointer to cookie to modify. + * On output, pointer to the modified header. + * The original string is freed. + * 2 : lifetime = Seconds the cookie should be valid + * + * Returns : N/A + * + *********************************************************************/ +static void add_cookie_expiry_date(char **cookie, time_t lifetime) +{ + char tmp[50]; + struct tm *timeptr = NULL; + time_t expiry_date = time(NULL) + lifetime; +#ifdef HAVE_GMTIME_R + struct tm gmt; + + timeptr = gmtime_r(&expiry_date, &gmt); +#elif defined(MUTEX_LOCKS_AVAILABLE) + privoxy_mutex_lock(&gmtime_mutex); + timeptr = gmtime(&expiry_date); + privoxy_mutex_unlock(&gmtime_mutex); +#else + timeptr = gmtime(&expiry_date); +#endif + + if (NULL == timeptr) + { + log_error(LOG_LEVEL_FATAL, + "Failed to get the time in add_cooky_expiry_date()"); + } + strftime(tmp, sizeof(tmp), "; expires=%a, %d-%b-%Y %H:%M:%S GMT", timeptr); + if (JB_ERR_OK != string_append(cookie, tmp)) + { + log_error(LOG_LEVEL_FATAL, "Out of memory in add_cooky_expiry()"); + } +} + /********************************************************************* * @@ -3732,10 +3857,6 @@ static jb_err server_http(struct client_state *csp, char **header) * Crunch, accept or rewrite it to a session cookie. * Called from `sed'. * - * TODO: Allow the user to specify a new expiration - * time to cause the cookie to expire even before the - * browser is closed. - * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) * 2 : header = On input, pointer to header to modify. @@ -3749,20 +3870,18 @@ static jb_err server_http(struct client_state *csp, char **header) *********************************************************************/ static jb_err server_set_cookie(struct client_state *csp, char **header) { - time_t now; - time_t cookie_time; - - time(&now); - - if ((csp->action->flags & ACTION_NO_COOKIE_SET) != 0) + if ((csp->action->flags & ACTION_CRUNCH_INCOMING_COOKIES) != 0) { log_error(LOG_LEVEL_HEADER, "Crunching incoming cookie: %s", *header); freez(*header); } - else if ((csp->action->flags & ACTION_NO_COOKIE_KEEP) != 0) + else if ((0 != (csp->action->flags & ACTION_SESSION_COOKIES_ONLY)) + || (0 != (csp->action->flags & ACTION_LIMIT_COOKIE_LIFETIME))) { - /* Flag whether or not to log a message */ - int changed = 0; + time_t now; + time_t cookie_time; + long cookie_lifetime = 0; + int expiry_date_acceptable = 0; /* A variable to store the tag we're working on */ char *cur_tag; @@ -3771,11 +3890,25 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) cur_tag = *header + 11; /* skip whitespace between "Set-Cookie:" and value */ - while (*cur_tag && ijb_isspace(*cur_tag)) + while (*cur_tag && privoxy_isspace(*cur_tag)) { cur_tag++; } + time(&now); + + if ((csp->action->flags & ACTION_LIMIT_COOKIE_LIFETIME) != 0) + { + const char *param = csp->action->string[ACTION_STRING_LIMIT_COOKIE_LIFETIME]; + + cookie_lifetime = strtol(param, NULL, 0); + if (cookie_lifetime < 0) + { + log_error(LOG_LEVEL_FATAL, "Invalid cookie lifetime limit: %s", param); + } + cookie_lifetime *= 60U; + } + /* Loop through each tag in the cookie */ while (*cur_tag) { @@ -3787,7 +3920,7 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) next_tag++; /* skip whitespace ";" and start of tag */ - while (*next_tag && ijb_isspace(*next_tag)) + while (*next_tag && privoxy_isspace(*next_tag)) { next_tag++; } @@ -3829,7 +3962,7 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) log_error(LOG_LEVEL_ERROR, "Can't parse \'%s\', send by %s. Unsupported time format?", cur_tag, csp->http->url); string_move(cur_tag, next_tag); - changed = 1; + expiry_date_acceptable = 0; } else { @@ -3867,12 +4000,21 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) * anyway, which in many cases will be shorter * than a browser session. */ - if (cookie_time - now < 0) + if (cookie_time < now) { log_error(LOG_LEVEL_HEADER, "Cookie \'%s\' is already expired and can pass unmodified.", *header); /* Just in case some clown sets more then one expiration date */ cur_tag = next_tag; + expiry_date_acceptable = 1; + } + else if ((cookie_lifetime != 0) && (cookie_time < (now + cookie_lifetime))) + { + log_error(LOG_LEVEL_HEADER, "Cookie \'%s\' can pass unmodified. " + "Its lifetime is below the limit.", *header); + /* Just in case some clown sets more then one expiration date */ + cur_tag = next_tag; + expiry_date_acceptable = 1; } else { @@ -3883,7 +4025,7 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) string_move(cur_tag, next_tag); /* That changed the header, need to issue a log message */ - changed = 1; + expiry_date_acceptable = 0; /* * Note that the next tag has now been moved to *cur_tag, @@ -3900,11 +4042,19 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) } } - if (changed) + if (!expiry_date_acceptable) { assert(NULL != *header); - log_error(LOG_LEVEL_HEADER, "Cookie rewritten to a temporary one: %s", - *header); + if (cookie_lifetime == 0) + { + log_error(LOG_LEVEL_HEADER, "Cookie rewritten to a temporary one: %s", + *header); + } + else + { + add_cookie_expiry_date(header, cookie_lifetime); + log_error(LOG_LEVEL_HEADER, "Cookie rewritten to: %s", *header); + } } } @@ -4033,7 +4183,7 @@ static jb_err parse_header_time(const char *header_time, time_t *result) * the "Host:" header) * 2 : http = storage for the result (host, port and hostport). * - * Returns : JB_ERR_MEMORY in case of memory problems, + * Returns : JB_ERR_MEMORY (or terminates) in case of memory problems, * JB_ERR_PARSE if the host header couldn't be found, * JB_ERR_OK otherwise. * @@ -4052,19 +4202,9 @@ jb_err get_destination_from_headers(const struct list *headers, struct http_requ return JB_ERR_PARSE; } - p = strdup(host); - if (NULL == p) - { - log_error(LOG_LEVEL_ERROR, "Out of memory while parsing \"Host:\" header"); - return JB_ERR_MEMORY; - } + p = strdup_or_die(host); chomp(p); - if (NULL == (q = strdup(p))) - { - freez(p); - log_error(LOG_LEVEL_ERROR, "Out of memory while parsing \"Host:\" header"); - return JB_ERR_MEMORY; - } + q = strdup_or_die(p); freez(http->hostport); http->hostport = p; @@ -4105,7 +4245,7 @@ jb_err get_destination_from_headers(const struct list *headers, struct http_requ * Function : create_forged_referrer * * Description : Helper for client_referrer to forge a referer as - * 'http://[hostname:port/' to fool stupid + * 'http://hostname[:port]/' to fool stupid * checks for in-site links * * Parameters : @@ -4196,16 +4336,10 @@ static jb_err create_fake_referrer(char **header, const char *fake_referrer) static jb_err handle_conditional_hide_referrer_parameter(char **header, const char *host, const int parameter_conditional_block) { - char *referer = strdup(*header); + char *referer = strdup_or_die(*header); const size_t hostlength = strlen(host); const char *referer_url = NULL; - if (NULL == referer) - { - freez(*header); - return JB_ERR_MEMORY; - } - /* referer begins with 'Referer: http[s]://' */ if ((hostlength+17) < strlen(referer)) { @@ -4260,6 +4394,40 @@ static void create_content_length_header(unsigned long long content_length, } +#ifdef FEATURE_CONNECTION_KEEP_ALIVE +/********************************************************************* + * + * Function : get_expected_content_length + * + * Description : Figures out the content length from a list of headers. + * + * Parameters : + * 1 : headers = List of headers + * + * Returns : Number of bytes to expect + * + *********************************************************************/ +unsigned long long get_expected_content_length(struct list *headers) +{ + const char *content_length_header; + unsigned long long content_length = 0; + + content_length_header = get_header_value(headers, "Content-Length:"); + if (content_length_header != NULL) + { + if (JB_ERR_OK != get_content_length(content_length_header, &content_length)) + { + log_error(LOG_LEVEL_ERROR, + "Failed to get the Content-Length in %s", content_length_header); + /* XXX: The header will be removed later on */ + return 0; + } + } + + return content_length; +} +#endif + /* Local Variables: tab-width: 3