X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=parsers.c;h=d3e8f15461410cef744493a134030bc0d4695b3e;hp=37737a74e8173de6e9c738c011caded9574621e0;hb=7b6a23a1fddd4997ccd35abdc54651710e5c33f9;hpb=9a962b219983489e778f24d95e1d6b3ddb8c7a87 diff --git a/parsers.c b/parsers.c index 37737a74..d3e8f154 100644 --- a/parsers.c +++ b/parsers.c @@ -1,4 +1,4 @@ -const char parsers_rcs[] = "$Id: parsers.c,v 1.266 2012/11/24 13:58:17 fabiankeil Exp $"; +const char parsers_rcs[] = "$Id: parsers.c,v 1.283 2014/02/10 14:42:18 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/parsers.c,v $ @@ -148,6 +148,7 @@ static jb_err server_connection_adder(struct client_state *csp); #ifdef FEATURE_CONNECTION_KEEP_ALIVE static jb_err server_proxy_connection_adder(struct client_state *csp); #endif /* def FEATURE_CONNECTION_KEEP_ALIVE */ +static jb_err proxy_authentication(struct client_state *csp, char **header); static jb_err create_forged_referrer(char **header, const char *hostport); static jb_err create_fake_referrer(char **header, const char *fake_referrer); @@ -198,6 +199,10 @@ static const struct parsers client_patterns[] = { { "Request-Range:", 14, client_range }, { "If-Range:", 9, client_range }, { "X-Filter:", 9, client_x_filter }, + { "Proxy-Authorization:", 20, proxy_authentication }, +#if 0 + { "Transfer-Encoding:", 18, client_transfer_encoding }, +#endif { "*", 0, crunch_client_header }, { "*", 0, filter_header }, { NULL, 0, NULL } @@ -220,6 +225,7 @@ static const struct parsers server_patterns[] = { { "Transfer-Encoding:", 18, server_transfer_coding }, { "content-disposition:", 20, server_content_disposition }, { "Last-Modified:", 14, server_last_modified }, + { "Proxy-Authenticate:", 19, proxy_authentication }, { "*", 0, crunch_server_header }, { "*", 0, filter_header }, { NULL, 0, NULL } @@ -1091,6 +1097,7 @@ static void enforce_header_order(struct list *headers, const struct list *ordere return; } + /********************************************************************* * * Function : sed @@ -1120,19 +1127,21 @@ jb_err sed(struct client_state *csp, int filter_server_headers) const add_header_func_ptr *f; jb_err err = JB_ERR_OK; + scan_headers(csp); + if (filter_server_headers) { v = server_patterns; f = add_server_headers; + check_negative_tag_patterns(csp, PATTERN_SPEC_NO_RESPONSE_TAG_PATTERN); } else { v = client_patterns; f = add_client_headers; + check_negative_tag_patterns(csp, PATTERN_SPEC_NO_REQUEST_TAG_PATTERN); } - scan_headers(csp); - while ((err == JB_ERR_OK) && (v->str != NULL)) { for (p = csp->headers->first; (err == JB_ERR_OK) && (p != NULL); p = p->next) @@ -1228,6 +1237,7 @@ jb_err update_server_headers(struct client_state *csp) log_error(LOG_LEVEL_HEADER, "Content modified with no Content-Length header set. " "Created: %s.", header); + csp->flags |= CSP_FLAG_SERVER_CONTENT_LENGTH_SET; } } #endif /* def FEATURE_CONNECTION_KEEP_ALIVE */ @@ -1269,10 +1279,8 @@ static jb_err header_tagger(struct client_state *csp, char *header) { int wanted_filter_type; int multi_action_index; - int i; pcrs_job *job; - struct file_list *fl; struct re_filterfile_spec *b; struct list_entry *tag_name; @@ -1289,151 +1297,127 @@ static jb_err header_tagger(struct client_state *csp, char *header) multi_action_index = ACTION_MULTI_CLIENT_HEADER_TAGGER; } - if (filters_available(csp) == FALSE) + if (list_is_empty(csp->action->multi[multi_action_index]) + || filters_available(csp) == FALSE) { - log_error(LOG_LEVEL_ERROR, "Inconsistent configuration: " - "tagging enabled, but no taggers available."); + /* Return early if no taggers apply or if none are available. */ return JB_ERR_OK; } - for (i = 0; i < MAX_AF_FILES; i++) + /* Execute all applying taggers */ + for (tag_name = csp->action->multi[multi_action_index]->first; + NULL != tag_name; tag_name = tag_name->next) { - fl = csp->rlist[i]; - if ((NULL == fl) || (NULL == fl->f)) + char *modified_tag = NULL; + char *tag = header; + size_t size = header_length; + pcrs_job *joblist; + + b = get_filter(csp, tag_name->str, wanted_filter_type); + if (b == NULL) { - /* - * Either there are no filter files - * left, or this filter file just - * contains no valid filters. - * - * Continue to be sure we don't miss - * valid filter files that are chained - * after empty or invalid ones. - */ continue; } - /* For all filters, */ - for (b = fl->f; b; b = b->next) + joblist = b->joblist; + + if (b->dynamic) joblist = compile_dynamic_pcrs_job_list(csp, b); + + if (NULL == joblist) { - if (b->type != wanted_filter_type) + log_error(LOG_LEVEL_RE_FILTER, + "Tagger %s has empty joblist. Nothing to do.", b->name); + continue; + } + + /* execute their pcrs_joblist on the header. */ + for (job = joblist; NULL != job; job = job->next) + { + const int hits = pcrs_execute(job, tag, size, &modified_tag, &size); + + if (0 < hits) { - /* skip the ones we don't care about, */ - continue; + /* Success, continue with the modified version. */ + if (tag != header) + { + freez(tag); + } + tag = modified_tag; } - /* leaving only taggers that could apply, of which we use the ones, */ - for (tag_name = csp->action->multi[multi_action_index]->first; - NULL != tag_name; tag_name = tag_name->next) + else { - /* that do apply, and */ - if (strcmp(b->name, tag_name->str) == 0) + /* Tagger doesn't match */ + if (0 > hits) { - char *modified_tag = NULL; - char *tag = header; - size_t size = header_length; - pcrs_job *joblist = b->joblist; + /* Regex failure, log it but continue anyway. */ + assert(NULL != header); + log_error(LOG_LEVEL_ERROR, + "Problems with tagger \'%s\' and header \'%s\': %s", + b->name, *header, pcrs_strerror(hits)); + } + freez(modified_tag); + } + } - if (b->dynamic) joblist = compile_dynamic_pcrs_job_list(csp, b); + if (b->dynamic) pcrs_free_joblist(joblist); - if (NULL == joblist) + /* If this tagger matched */ + if (tag != header) + { + if (0 == size) + { + /* + * There is no technical limitation which makes + * it impossible to use empty tags, but I assume + * no one would do it intentionally. + */ + freez(tag); + log_error(LOG_LEVEL_INFO, + "Tagger \'%s\' created an empty tag. Ignored.", b->name); + continue; + } + + if (!list_contains_item(csp->tags, tag)) + { + if (JB_ERR_OK != enlist(csp->tags, tag)) + { + log_error(LOG_LEVEL_ERROR, + "Insufficient memory to add tag \'%s\', " + "based on tagger \'%s\' and header \'%s\'", + tag, b->name, *header); + } + else + { + char *action_message; + /* + * update the action bits right away, to make + * tagging based on tags set by earlier taggers + * of the same kind possible. + */ + if (update_action_bits_for_tag(csp, tag)) { - log_error(LOG_LEVEL_RE_FILTER, - "Tagger %s has empty joblist. Nothing to do.", b->name); - continue; + action_message = "Action bits updated accordingly."; } - - /* execute their pcrs_joblist on the header. */ - for (job = joblist; NULL != job; job = job->next) + else { - const int hits = pcrs_execute(job, tag, size, &modified_tag, &size); - - if (0 < hits) - { - /* Success, continue with the modified version. */ - if (tag != header) - { - freez(tag); - } - tag = modified_tag; - } - else - { - /* Tagger doesn't match */ - if (0 > hits) - { - /* Regex failure, log it but continue anyway. */ - assert(NULL != header); - log_error(LOG_LEVEL_ERROR, - "Problems with tagger \'%s\' and header \'%s\': %s", - b->name, *header, pcrs_strerror(hits)); - } - freez(modified_tag); - } + action_message = "No action bits update necessary."; } - if (b->dynamic) pcrs_free_joblist(joblist); - - /* If this tagger matched */ - if (tag != header) - { - if (0 == size) - { - /* - * There is to technical limitation which makes - * it impossible to use empty tags, but I assume - * no one would do it intentionally. - */ - freez(tag); - log_error(LOG_LEVEL_INFO, - "Tagger \'%s\' created an empty tag. Ignored.", - b->name); - continue; - } - - if (!list_contains_item(csp->tags, tag)) - { - if (JB_ERR_OK != enlist(csp->tags, tag)) - { - log_error(LOG_LEVEL_ERROR, - "Insufficient memory to add tag \'%s\', " - "based on tagger \'%s\' and header \'%s\'", - tag, b->name, *header); - } - else - { - char *action_message; - /* - * update the action bits right away, to make - * tagging based on tags set by earlier taggers - * of the same kind possible. - */ - if (update_action_bits_for_tag(csp, tag)) - { - action_message = "Action bits updated accordingly."; - } - else - { - action_message = "No action bits update necessary."; - } - - log_error(LOG_LEVEL_HEADER, - "Tagger \'%s\' added tag \'%s\'. %s", - b->name, tag, action_message); - } - } - else - { - /* XXX: Is this log-worthy? */ - log_error(LOG_LEVEL_HEADER, - "Tagger \'%s\' didn't add tag \'%s\'. " - "Tag already present", b->name, tag); - } - freez(tag); - } /* if the tagger matched */ - } /* if the tagger applies */ - } /* for every tagger that could apply */ - } /* for all filters */ - } /* for all filter files */ + log_error(LOG_LEVEL_HEADER, + "Tagger \'%s\' added tag \'%s\'. %s", + b->name, tag, action_message); + } + } + else + { + /* XXX: Is this log-worthy? */ + log_error(LOG_LEVEL_HEADER, + "Tagger \'%s\' didn't add tag \'%s\'. Tag already present", + b->name, tag); + } + freez(tag); + } + } return JB_ERR_OK; } @@ -1468,11 +1452,9 @@ static jb_err filter_header(struct client_state *csp, char **header) char *newheader = NULL; pcrs_job *job; - struct file_list *fl; struct re_filterfile_spec *b; struct list_entry *filtername; - int i; int wanted_filter_type; int multi_action_index; @@ -1492,97 +1474,72 @@ static jb_err filter_header(struct client_state *csp, char **header) multi_action_index = ACTION_MULTI_CLIENT_HEADER_FILTER; } - if (filters_available(csp) == FALSE) + if (list_is_empty(csp->action->multi[multi_action_index]) + || filters_available(csp) == FALSE) { - log_error(LOG_LEVEL_ERROR, "Inconsistent configuration: " - "header filtering enabled, but no matching filters available."); + /* Return early if no filters apply or if none are available. */ return JB_ERR_OK; } - for (i = 0; i < MAX_AF_FILES; i++) + /* Execute all applying header filters */ + for (filtername = csp->action->multi[multi_action_index]->first; + filtername != NULL; filtername = filtername->next) { - fl = csp->rlist[i]; - if ((NULL == fl) || (NULL == fl->f)) + int current_hits = 0; + pcrs_job *joblist; + + b = get_filter(csp, filtername->str, wanted_filter_type); + if (b == NULL) { - /* - * Either there are no filter files - * left, or this filter file just - * contains no valid filters. - * - * Continue to be sure we don't miss - * valid filter files that are chained - * after empty or invalid ones. - */ continue; } - /* - * For all applying +filter actions, look if a filter by that - * name exists and if yes, execute its pcrs_joblist on the - * buffer. - */ - for (b = fl->f; b; b = b->next) - { - if (b->type != wanted_filter_type) - { - /* Skip other filter types */ - continue; - } - - for (filtername = csp->action->multi[multi_action_index]->first; - filtername ; filtername = filtername->next) - { - if (strcmp(b->name, filtername->str) == 0) - { - int current_hits = 0; - pcrs_job *joblist = b->joblist; - - if (b->dynamic) joblist = compile_dynamic_pcrs_job_list(csp, b); - if (NULL == joblist) - { - log_error(LOG_LEVEL_RE_FILTER, "Filter %s has empty joblist. Nothing to do.", b->name); - continue; - } + joblist = b->joblist; - log_error(LOG_LEVEL_RE_FILTER, "filtering \'%s\' (size %d) with \'%s\' ...", - *header, size, b->name); + if (b->dynamic) joblist = compile_dynamic_pcrs_job_list(csp, b); - /* Apply all jobs from the joblist */ - for (job = joblist; NULL != job; job = job->next) - { - matches = pcrs_execute(job, *header, size, &newheader, &size); - if (0 < matches) - { - current_hits += matches; - log_error(LOG_LEVEL_HEADER, "Transforming \"%s\" to \"%s\"", *header, newheader); - freez(*header); - *header = newheader; - } - else if (0 == matches) - { - /* Filter doesn't change header */ - freez(newheader); - } - else - { - /* RegEx failure */ - log_error(LOG_LEVEL_ERROR, "Filtering \'%s\' with \'%s\' didn't work out: %s", - *header, b->name, pcrs_strerror(matches)); - if (newheader != NULL) - { - log_error(LOG_LEVEL_ERROR, "Freeing what's left: %s", newheader); - freez(newheader); - } - } - } + if (NULL == joblist) + { + log_error(LOG_LEVEL_RE_FILTER, "Filter %s has empty joblist. Nothing to do.", b->name); + continue; + } - if (b->dynamic) pcrs_free_joblist(joblist); + log_error(LOG_LEVEL_RE_FILTER, "filtering \'%s\' (size %d) with \'%s\' ...", + *header, size, b->name); - log_error(LOG_LEVEL_RE_FILTER, "... produced %d hits (new size %d).", current_hits, size); - hits += current_hits; + /* Apply all jobs from the joblist */ + for (job = joblist; NULL != job; job = job->next) + { + matches = pcrs_execute(job, *header, size, &newheader, &size); + if (0 < matches) + { + current_hits += matches; + log_error(LOG_LEVEL_HEADER, "Transforming \"%s\" to \"%s\"", *header, newheader); + freez(*header); + *header = newheader; + } + else if (0 == matches) + { + /* Filter doesn't change header */ + freez(newheader); + } + else + { + /* RegEx failure */ + log_error(LOG_LEVEL_ERROR, "Filtering \'%s\' with \'%s\' didn't work out: %s", + *header, b->name, pcrs_strerror(matches)); + if (newheader != NULL) + { + log_error(LOG_LEVEL_ERROR, "Freeing what's left: %s", newheader); + freez(newheader); } } } + + if (b->dynamic) pcrs_free_joblist(joblist); + + log_error(LOG_LEVEL_RE_FILTER, "... produced %d hits (new size %d).", current_hits, size); + hits += current_hits; } /* @@ -1729,6 +1686,36 @@ static jb_err server_proxy_connection(struct client_state *csp, char **header) } +/********************************************************************* + * + * Function : proxy_authentication + * + * Description : Removes headers that are relevant for proxy + * authentication unless forwarding them has + * been explicitly requested. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : header = On input, pointer to header to modify. + * On output, pointer to the modified header, or NULL + * to remove the header. This function frees the + * original string if necessary. + * + * Returns : JB_ERR_OK. + * + *********************************************************************/ +static jb_err proxy_authentication(struct client_state *csp, char **header) +{ + if ((csp->config->feature_flags & + RUNTIME_FEATURE_FORWARD_PROXY_AUTHENTICATION_HEADERS) == 0) { + log_error(LOG_LEVEL_HEADER, + "Forwarding proxy authentication headers is disabled. Crunching: %s", *header); + freez(*header); + } + return JB_ERR_OK; +} + + /********************************************************************* * * Function : client_keep_alive @@ -1748,7 +1735,7 @@ static jb_err server_proxy_connection(struct client_state *csp, char **header) static jb_err client_keep_alive(struct client_state *csp, char **header) { unsigned int keep_alive_timeout; - const char *timeout_position = strstr(*header, ": "); + char *timeout_position; if (!(csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE)) { @@ -1758,29 +1745,41 @@ static jb_err client_keep_alive(struct client_state *csp, char **header) return JB_ERR_OK; } + /* Check for parameter-less format "Keep-Alive: 100" */ + timeout_position = strstr(*header, ": "); if ((NULL == timeout_position) || (1 != sscanf(timeout_position, ": %u", &keep_alive_timeout))) { - log_error(LOG_LEVEL_ERROR, "Couldn't parse: %s", *header); - } - else - { - if (keep_alive_timeout < csp->config->keep_alive_timeout) - { - log_error(LOG_LEVEL_HEADER, - "Reducing keep-alive timeout from %u to %u.", - csp->config->keep_alive_timeout, keep_alive_timeout); - csp->server_connection.keep_alive_timeout = keep_alive_timeout; - } - else + /* Assume parameter format "Keep-Alive: timeout=100" */ + timeout_position = strstr(*header, "timeout="); + if ((NULL == timeout_position) + || (1 != sscanf(timeout_position, "timeout=%u", &keep_alive_timeout))) { - /* XXX: Is this log worthy? */ log_error(LOG_LEVEL_HEADER, - "Client keep-alive timeout is %u. Sticking with %u.", - keep_alive_timeout, csp->config->keep_alive_timeout); + "Couldn't parse: '%s'. Using default timeout %u", + *header, csp->config->keep_alive_timeout); + freez(*header); + + return JB_ERR_OK; } } + if (keep_alive_timeout < csp->config->keep_alive_timeout) + { + log_error(LOG_LEVEL_HEADER, + "Reducing keep-alive timeout from %u to %u.", + csp->config->keep_alive_timeout, keep_alive_timeout); + csp->server_connection.keep_alive_timeout = keep_alive_timeout; + } + else + { + /* XXX: Is this log worthy? */ + log_error(LOG_LEVEL_HEADER, + "Client keep-alive timeout is %u. Sticking with %u.", + keep_alive_timeout, csp->config->keep_alive_timeout); + freez(*header); + } + return JB_ERR_OK; } @@ -1978,6 +1977,38 @@ static jb_err client_proxy_connection(struct client_state *csp, char **header) #endif /* def FEATURE_CONNECTION_KEEP_ALIVE */ +/********************************************************************* + * + * Function : client_transfer_encoding + * + * Description : Raise the CSP_FLAG_CHUNKED_CLIENT_BODY flag if + * the request body is "chunked" + * + * XXX: Currently not called through sed() as we + * need the flag earlier on. Should be fixed. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : header = On input, pointer to header to modify. + * On output, pointer to the modified header, or NULL + * to remove the header. This function frees the + * original string if necessary. + * + * Returns : JB_ERR_OK on success, or + * + *********************************************************************/ +jb_err client_transfer_encoding(struct client_state *csp, char **header) +{ + if (strstr(*header, "chunked")) + { + csp->flags |= CSP_FLAG_CHUNKED_CLIENT_BODY; + log_error(LOG_LEVEL_HEADER, "Expecting chunked client body"); + } + + return JB_ERR_OK; +} + + /********************************************************************* * * Function : crumble @@ -2069,17 +2100,25 @@ static jb_err server_content_type(struct client_state *csp, char **header) /* Remove header if it isn't the first Content-Type header */ if ((csp->content_type & CT_DECLARED)) { - /* - * Another, slightly slower, way to see if - * we already parsed another Content-Type header. - */ - assert(NULL != get_header_value(csp->headers, "Content-Type:")); - - log_error(LOG_LEVEL_ERROR, - "Multiple Content-Type headers. Removing and ignoring: \'%s\'", - *header); - freez(*header); - + if (content_filters_enabled(csp->action)) + { + /* + * Making sure the client interprets the content the same way + * Privoxy did is only relevant if Privoxy modified it. + * + * Checking for this is "hard" as it's not yet known when + * this function is called, thus go shopping and and just + * check if Privoxy could filter it. + * + * The main thing is that we don't mess with the headers + * unless the user signalled that it's acceptable. + */ + log_error(LOG_LEVEL_HEADER, + "Multiple Content-Type headers detected. " + "Removing and ignoring: %s", + *header); + freez(*header); + } return JB_ERR_OK; } @@ -3191,9 +3230,6 @@ static jb_err client_max_forwards(struct client_state *csp, char **header) * port information, parse and evaluate the Host * header field. * - * Also, kill ill-formed HOST: headers as sent by - * Apple's iTunes software when used with a proxy. - * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) * 2 : header = On input, pointer to header to modify. @@ -3209,18 +3245,6 @@ static jb_err client_host(struct client_state *csp, char **header) { char *p, *q; - /* - * If the header field name is all upper-case, chances are that it's - * an ill-formed one from iTunes. BTW, killing innocent headers here is - * not a problem -- they are regenerated later. - */ - if ((*header)[1] == 'O') - { - log_error(LOG_LEVEL_HEADER, "Killed all-caps Host header line: %s", *header); - freez(*header); - return JB_ERR_OK; - } - if (!csp->http->hostport || (*csp->http->hostport == '*') || *csp->http->hostport == ' ' || *csp->http->hostport == '\0') { @@ -3894,7 +3918,12 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) time_t now; time_t cookie_time; long cookie_lifetime = 0; - int expiry_date_acceptable = 0; + enum + { + NO_EXPIRY_DATE_SPECIFIED, + EXPIRY_DATE_ACCEPTABLE, + EXPIRY_DATE_UNACCEPTABLE + } expiry_date_status = NO_EXPIRY_DATE_SPECIFIED; /* A variable to store the tag we're working on */ char *cur_tag; @@ -3919,7 +3948,7 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) { log_error(LOG_LEVEL_FATAL, "Invalid cookie lifetime limit: %s", param); } - cookie_lifetime *= 60U; + cookie_lifetime *= 60; } /* Loop through each tag in the cookie */ @@ -3975,7 +4004,7 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) log_error(LOG_LEVEL_ERROR, "Can't parse \'%s\', send by %s. Unsupported time format?", cur_tag, csp->http->url); string_move(cur_tag, next_tag); - expiry_date_acceptable = 0; + expiry_date_status = EXPIRY_DATE_UNACCEPTABLE; } else { @@ -4019,7 +4048,7 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) "Cookie \'%s\' is already expired and can pass unmodified.", *header); /* Just in case some clown sets more then one expiration date */ cur_tag = next_tag; - expiry_date_acceptable = 1; + expiry_date_status = EXPIRY_DATE_ACCEPTABLE; } else if ((cookie_lifetime != 0) && (cookie_time < (now + cookie_lifetime))) { @@ -4027,7 +4056,7 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) "Its lifetime is below the limit.", *header); /* Just in case some clown sets more then one expiration date */ cur_tag = next_tag; - expiry_date_acceptable = 1; + expiry_date_status = EXPIRY_DATE_ACCEPTABLE; } else { @@ -4038,7 +4067,7 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) string_move(cur_tag, next_tag); /* That changed the header, need to issue a log message */ - expiry_date_acceptable = 0; + expiry_date_status = EXPIRY_DATE_UNACCEPTABLE; /* * Note that the next tag has now been moved to *cur_tag, @@ -4055,19 +4084,19 @@ static jb_err server_set_cookie(struct client_state *csp, char **header) } } - if (!expiry_date_acceptable) + if (expiry_date_status != EXPIRY_DATE_ACCEPTABLE) { assert(NULL != *header); - if (cookie_lifetime == 0) - { - log_error(LOG_LEVEL_HEADER, "Cookie rewritten to a temporary one: %s", - *header); - } - else + if (cookie_lifetime != 0) { add_cookie_expiry_date(header, cookie_lifetime); log_error(LOG_LEVEL_HEADER, "Cookie rewritten to: %s", *header); } + else if (expiry_date_status != NO_EXPIRY_DATE_SPECIFIED) + { + log_error(LOG_LEVEL_HEADER, + "Cookie rewritten to a temporary one: %s", *header); + } } } @@ -4171,6 +4200,44 @@ static jb_err parse_header_time(const char *header_time, time_t *result) continue; } *result = timegm(&gmt); + +#ifdef FEATURE_STRPTIME_SANITY_CHECKS + /* + * Verify that parsing the date recreated from the first + * parse operation gets the previous result. If it doesn't, + * either strptime() or strftime() are malfunctioning. + * + * We could string-compare the recreated date with the original + * header date, but this leads to false positives as strptime() + * may let %a accept all day formats while strftime() will only + * create one. + */ + { + char recreated_date[100]; + struct tm *tm; + time_t result2; + + tm = gmtime(result); + strftime(recreated_date, sizeof(recreated_date), time_formats[i], tm); + memset(&gmt, 0, sizeof(gmt)); + if (NULL == strptime(recreated_date, time_formats[i], &gmt)) + { + log_error(LOG_LEVEL_ERROR, + "Failed to parse '%s' generated with '%s' to recreate '%s'.", + recreated_date, time_formats[i], header_time); + continue; + } + result2 = timegm(&gmt); + if (*result != result2) + { + log_error(LOG_LEVEL_ERROR, "strftime() and strptime() disagree. " + "Format: '%s'. In: '%s', out: '%s'. %d != %d. Rejecting.", + time_formats[i], header_time, recreated_date, *result, result2); + continue; + } + } +#endif + return JB_ERR_OK; } }