Also use shiny new connect_port_is_forbidden() in jcc.c.

diff --git a/filters.h b/filters.h
index e84c9fb..3a5ac9f 100644 (file)
--- a/filters.h
+++ b/filters.h
@@ -1,6 +1,6 @@
 #ifndef FILTERS_H_INCLUDED
 #define FILTERS_H_INCLUDED
 #ifndef FILTERS_H_INCLUDED
 #define FILTERS_H_INCLUDED

-#define FILTERS_H_VERSION "$Id: filters.h,v 1.32 2008/02/23 16:33:43 fabiankeil Exp $"
+#define FILTERS_H_VERSION "$Id: filters.h,v 1.33 2008/02/23 16:57:12 fabiankeil Exp $"

 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/filters.h,v $
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/filters.h,v $


@@ -39,6 +39,10 @@
  *
  * Revisions   :
  *    $Log: filters.h,v $
  *
  * Revisions   :
  *    $Log: filters.h,v $

+ *    Revision 1.33  2008/02/23 16:57:12  fabiankeil
+ *    Rename url_actions() to get_url_actions() and let it
+ *    use the standard parameter ordering.
+ *

  *    Revision 1.32  2008/02/23 16:33:43  fabiankeil
  *    Let forward_url() use the standard parameter ordering
  *    and mark its second parameter immutable.
  *    Revision 1.32  2008/02/23 16:33:43  fabiankeil
  *    Let forward_url() use the standard parameter ordering
  *    and mark its second parameter immutable.


@@ -301,6 +305,7 @@ extern int is_untrusted_url(const struct client_state *csp);
 #ifdef FEATURE_IMAGE_BLOCKING
 extern int is_imageurl(const struct client_state *csp);
 #endif /* def FEATURE_IMAGE_BLOCKING */
 #ifdef FEATURE_IMAGE_BLOCKING
 extern int is_imageurl(const struct client_state *csp);
 #endif /* def FEATURE_IMAGE_BLOCKING */

+extern int connect_port_is_forbidden(const struct client_state *csp);

 
 /*
  * Determining applicable actions
 
 /*
  * Determining applicable actions

diff --git a/jcc.c b/jcc.c
index 0e5f9f7..6138e56 100644 (file)
--- a/jcc.c
+++ b/jcc.c
@@ -1,4 +1,4 @@
-const char jcc_rcs[] = "$Id: jcc.c,v 1.166 2008/02/23 16:33:43 fabiankeil Exp $";
+const char jcc_rcs[] = "$Id: jcc.c,v 1.167 2008/02/23 16:57:12 fabiankeil Exp $";

 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/jcc.c,v $
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/jcc.c,v $


@@ -33,6 +33,10 @@ const char jcc_rcs[] = "$Id: jcc.c,v 1.166 2008/02/23 16:33:43 fabiankeil Exp $"
  *
  * Revisions   :
  *    $Log: jcc.c,v $
  *
  * Revisions   :
  *    $Log: jcc.c,v $

+ *    Revision 1.167  2008/02/23 16:57:12  fabiankeil
+ *    Rename url_actions() to get_url_actions() and let it
+ *    use the standard parameter ordering.
+ *

  *    Revision 1.166  2008/02/23 16:33:43  fabiankeil
  *    Let forward_url() use the standard parameter ordering
  *    and mark its second parameter immutable.
  *    Revision 1.166  2008/02/23 16:33:43  fabiankeil
  *    Let forward_url() use the standard parameter ordering
  *    and mark its second parameter immutable.


@@ -2188,16 +2192,9 @@ static void chat(struct client_state *csp)
     *
     */
 
     *
     */
 

-   /*
-    * Check if a CONNECT request is allowable:
-    * In the absence of a +limit-connect action, allow only port 443.
-    * If there is an action, allow whatever matches the specificaton.
-    */
-   if(http->ssl)
+   if (http->ssl)

    {
    {

-      if(  ( !(csp->action->flags & ACTION_LIMIT_CONNECT) && csp->http->port != 443)
-           || (csp->action->flags & ACTION_LIMIT_CONNECT
-              && !match_portlist(csp->action->string[ACTION_STRING_LIMIT_CONNECT], csp->http->port)) )
+      if (connect_port_is_forbidden(csp))

       {
          const char *acceptable_connect_ports =
             csp->action->string[ACTION_STRING_LIMIT_CONNECT] ?
       {
          const char *acceptable_connect_ports =
             csp->action->string[ACTION_STRING_LIMIT_CONNECT] ?