From 12f52e6af55d51d4b268af7956d97c772eebbb5c Mon Sep 17 00:00:00 2001 From: jongfoster Date: Tue, 29 May 2001 09:50:24 +0000 Subject: [PATCH] Unified blocklist/imagelist/permissionslist. File format is still under discussion, but the internal changes are (mostly) done. Also modified interceptor behaviour: - We now intercept all URLs beginning with one of the following prefixes (and *only* these prefixes): * http://i.j.b/ * http://ijbswa.sf.net/config/ * http://ijbswa.sourceforge.net/config/ - New interceptors "home page" - go to http://i.j.b/ to see it. - Internal changes so that intercepted and fast redirect pages are not replaced with an image. - Interceptors now have the option to send a binary page direct to the client. (i.e. ijb-send-banner uses this) - Implemented show-url-info interceptor. (Which is why I needed the above interceptors changes - a typical URL is "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif". The previous mechanism would not have intercepted that, and if it had been intercepted then it then it would have replaced it with an image.) --- acconfig.h | 18 +- blocklist | 1060 ---------------------------------------- config | 98 ++-- config.h | 20 +- config.h.in | 70 ++- configure | 14 +- configure.in | 56 ++- filters.c | 540 +++++++++++++-------- filters.h | 27 +- imagelist | 34 -- jcc.c | 110 +++-- loadcfg.c | 98 ++-- loaders.c | 806 +++++++++++++++---------------- loaders.h | 14 +- miscutil.c | 11 +- miscutil.h | 11 +- parsers.c | 69 +-- pcrs.c | 8 +- permissionsfile | 1229 +++++++++++++++++++++++++++++++++++++++++++---- project.h | 135 ++++-- showargs.c | 39 +- w32.rc | 11 +- w32log.c | 25 +- w32log.h | 13 +- w32res.h | 22 +- 25 files changed, 2371 insertions(+), 2167 deletions(-) delete mode 100644 blocklist delete mode 100644 imagelist diff --git a/acconfig.h b/acconfig.h index d90de204..bee43ab1 100644 --- a/acconfig.h +++ b/acconfig.h @@ -37,6 +37,11 @@ * * Revisions : * $Log: acconfig.h,v $ + * Revision 1.3 2001/05/26 01:26:34 jongfoster + * New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor. + * This #define cannot be set from ./configure - there's no point, it + * doesn't work yet. See feature request # 425722 + * * Revision 1.2 2001/05/22 17:43:35 oes * * - Enabled filtering banners by size rather than URL @@ -168,9 +173,11 @@ /* * Detect image requests automatically for MSIE. Will fall back to - * other image-detection methods (i.e. USE_IMAGE_LIST) for other + * other image-detection methods (i.e. "+image" permission) for other * browsers. * + * You must also define IMAGE_BLOCKING to use this feature. + * * It detects the following header pair as an image request: * * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0) @@ -197,13 +204,12 @@ #undef DETECT_MSIE_IMAGES /* - * Use image list to detect images. - * If you do not define this then everything is treated as HTML. + * Allow blocking using images as well as HTML. + * If you do not define this then everything is blocked as HTML. * - * Whatever the setting of this value, DETECT_MSIE_IMAGES will - * override it for people using Internet Explorer. + * Note that this is required if you want to use DETECT_MSIE_IMAGES. */ -#undef USE_IMAGE_LIST +#undef IMAGE_BLOCKING /* * Allows the use of ACL files to control access to the proxy by IP address. diff --git a/blocklist b/blocklist deleted file mode 100644 index 7b48f3af..00000000 --- a/blocklist +++ /dev/null @@ -1,1060 +0,0 @@ -# -# This is /etc/junkbuster/blocklist which was put here by a junkbuster rpm -# -# $Id: blocklist,v 1.3 2000/09/17 07:29:18 swa Exp $ -# -# Last modified on Mon Sep 25 20:41:50 2000 (CEST) -# -# -------------------------------------------------------------------------- -# -# Newest version is always available from -# -# http://www.waldherr.org/blocklist -# -# Read http://www.waldherr.org/junkbuster/update.shtml on how to keep -# this file up-to-date. -# -# This list is Copyright (c) Stefan Waldherr . -# -# No distribution of this list without acknowledgement of the author(s). -# No selling of thist list without prior written agreement. -# -# -------------------------------------------------------------------------- -# -# Contributors are listed in the Hall Of Fame at -# -# http://www.waldherr.org/junkbuster/hof.shtml -# -# PS: I know that there are a ton of redundant regexps in this -# file, but I haven't had time to fix them. Any help -# appreciated. -# -# -------------------------------------------------------------------------- -# -# For more detail, see http://www.junkbusters.com/ht/en/ijbfaq.html#blocking -# -# -------------------------------------------------------------------------- -# -# Empty lines and lines beginning with a `#' are ignored. -# The following line should be included to block use of telnet (port 23) -:23 - -# -------------------------------------------------------------------------- -# -# generic paths -# -# -------------------------------------------------------------------------- - -/*.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\.(gif|jpe?g)) -/*.*/(.*[-_.])?count(er)?(\.cgi|\.dll|\.exe|[?/]) -/*.*/(ng)?adclient\.cgi -/*.*/(plain|live|rotate)[-_.]?ads?/ - -/*.*/(sponsor)s?[0-9]?/ -###/*.*/(sponsor|banner)s?[0-9]?/ -###/*.*/.*banner([-_]?[a-z0-9]+)?\.(gif|jpg) - -/*.*/_?(plain|live)?ads?(-banners)?/ -/*.*/abanners/ -/*.*/ad(sdna_image|gifs?)/ -/*.*/ad(server|stream|juggler)\.(cgi|pl|dll|exe) -/*.*/adbanners/ -/*.*/adserver -/*.*/adstream\.cgi -/*.*/adv((er)?ts?|ertis(ing|ements?))?/ -/*.*/anzei(gen)?/? -/*.*/ban[-_]cgi/ -/*.*/banner_?ads/ -/*.*/banner_?anzeigen -/*.*/bannerimage/ -/*.*/banners?/ -/*.*/banners?\.cgi/ -/*.*/cgi-bin/centralad/getimage -/*.*/images/addver\.gif -/*.*/images/advert\.gif -/*.*/images/marketing/.*\.(gif|jpe?g) -/*.*/place-ads -/*.*/popupads/ -/*.*/promobar.* -/*.*/publicite/ -/*.*/randomads/.*\.(gif|jpe?g) -/*.*/reklama/.*\.(gif|jpe?g) -/*.*/reklame/.*\.(gif|jpe?g) -/*.*/reklaam/.*\.(gif|jpe?g) -/*.*/siteads/ -/*.*/sponsor.*\.gif -/*.*/sponsors?[0-9]?/ -/*.*/ucbandeimg/ -/*.*/werb\..* -/*.*/werbebanner/ -/*.*/werbung/.*\.(gif|jpe?g) -/.*/adv\. # www.telegraaf.nl -/.*/advert[0-9]+\.jpg -/.*bann\.gif -/Media/Images/Adds/ -/_banner/ -/ad_images/ -/adgenius/ -/adimages/ -/*.*/ads/ -/*.*/ads\\ -/viewad/ -/adserve/ -/adverts/ -/annonser?/ -/bando/ -/bannerad/ -/bannerfarm/ -/bin/getimage.cgi/...\?AD -/bin/nph-oma.count/ct/default.shtml -/bin/nph-oma.count/ix/default.html -/cgi-bin/getimage.cgi/....\?GROUP= -/cgi-bin/nph-load -/cgi-bin/webad.dll/ad -/cwmail/acc\.gif -/cwmail/amzn-bm1\.gif -/db_area/banrgifs/ -/gif/teasere/ -/grafikk/annonse/ -/graphics/defaultAd/ -/grf/annonif -/htmlad/ -/image\.ng/AdType -/image\.ng/transactionID -/images/.*/.*_anim\.gif # alvin brattli -/ip_img/.*\.(gif|jpe?g) -/marketpl*/ -/minibanners/ -/netscapeworld/nw-ad/ -/promotions/houseads/ -/rotads/ -/rotateads/ -/rotations/ -/torget/jobline/.*\.gif -/viewad/ -/werbung/ -/worldnet/ad\.cgi -/zhp/auktion/img/ -/cgi-bin/nph-adclick.exe/ -/*.*/Image/BannerAdvertising/ -/*.*/ad-bin/ -/*.*/adlib/server\.cgi -/*.*/gsa_bs/gsa_bs.cmdl -/autoads/ -/anz/pics/ - -# for our finnish friends, by Kai Puolamaki -/*.*/mainos/*.*/.*\.gif -/*.*/mainos/*.*/.*\.jpe?g - -# more from a finnish friend Petri Haapio -cgi.tietovalta.fi -keltaisetsivut.fi/web/img/\.*gif -haku.net/pics/pana\.*gif -www.fi/guvat/\.*gif -/*.*/(.*[-_.].*)?maino(kset|nta|s).*(/|\.(gif|html?|jpe?g|png)) -/*.*/(ilm(oitus)?|kampanja)(hallinta|kuvat?)(/|\.(gif|html?|jpe?g|png)) - -# and even more from a finnish friend Hannu Napari -194.251.243.50/cgi-bin/banner - -www.dime.net/ad -www.iltalehti.fi/ad -www.iltalehti.fi/ilmkuvat -www.mtv3.fi/mainoskuvat - -# -/*.*/adfinity -/*.*/[?]adserv -/*.*/bizgrphx/ -/*.*/smallad2\.gif -/*.*/ana2ad\.gif -/*.*/adimg/ -/*.*/.*counter\.pl -/*.*/spin_html/ -/*.*/images/topics/topicgimp\.gif -discovery.com/.*banner_id -/*.*/.*bannr\.gif -cruel.com/images/ -idrink.com/frm_bottom.htm -/*.*/.*pb_ihtml\.gif -/*.*/ph-ad.*\.focalink\.com -/cgi-bin/adjuggler - -/we_ba/ # hausfrauenseite.de *bwhahahaaaaa* - -# ms sucks ! -/.*(ms)?backoff(ice)?.*\.(gif|jpe?g) -/.*(/ie4|/ie3|msie|sqlbans|powrbybo|activex|backoffice|explorer|netnow|getpoint|ntbutton|hmlink).*\.(gif|jpe?g) -/.*activex.*(gif|jpe?g) -/.*explorer?.(gif|jpe?g) -/.*freeie\.(gif|jpe?g) -/.*/ie_?(buttonlogo|static?|anim.*)?\.(gif|jpe?g) -/.*ie_sm\.(gif|jpe?g) -/.*msie(30)?\.(gif|jpe?g) -/.*msnlogo\.(gif|jpe?g) -/.*office97_ad1\.(gif|jpe?g) -/.*pbbobansm\.(gif|jpe?g) -/.*powrbybo\.(gif|jpe?g) -/.*sqlbans\.(gif|jpe?g) -/.*exc_ms\.gif -/.*ie4get_animated\.gif -/.*ie4_animated\.gif -/.*n_iemap\.gif -/.*ieget\.gif -/.*logo_msnhm_* -/.*mcsp2\.gif -/.*msn2\.gif -/.*add_active\.gif -/.*n_msnmap\.gif -/.*Ad00\.gif -/.*s_msn\.gif -/.*addchannel\.gif -/.*adddesktop\.gif -/.*/ns4\.gif -/.*/v3sban\.gif -/.*/?FPCreated\.gif -/.*/opera35\.gif -/.*/opera13\.gif -/.*/opera_b\.gif -/.*/ie_horiz\.gif -/.*/ie_logo\.gif - -# ... and even more! -/.*/favicon\.ico - -# generally useless information and promo stuff (commented out) -#/*.*/(counter|getpcbutton|BuiltByNOF|netscape|hotmail|vcr(rated)?|rsaci(rated)?|freeloader|cache_now(_anim)?|apache_pb|now_(anim_)?button|ie_?(buttonlogo|static?|.*ani.*)?)\.(gif|jpe?g) - -/*.*/images/na/us/brand/ -/*.*/advantage\.(gif|jpg) -/*.*/advanbar\.(gif|jpg) -/*.*/advanbtn\.(gif|jpg) -/*.*/biznetsmall\.(gif|jpg) -/*.*/utopiad\.(gif|jpg) -/*.*/epipo\.(gif|jpg) -/*.*/amazon([a-zA-Z0-9]+)\.(gif|jpg) -/*.*/bnlogo.(gif|jpg) -/*.*/buynow([a-zA-Z0-9]+)\.(gif|jpg) - -/p/d/publicid - - -# for the dutch folks by a dutch friend gertjan@west.nl -/*.*/Advertenties/ -/.*./Adverteerders/ -netdirect.nl/nd_servlet/___ - -# -------------------------------------------------------------------------- -# -# specific servers -# -# -------------------------------------------------------------------------- - -# the next two lines work -12.16.1.10/web_GIF -12.16.1.10/~web_ani -193.158.37.3/cgi-bin/impact -193.210.156.114 -193.98.1.160/img -194.221.183.222/mailsentlu -194.221.183.223 -194.221.183.224 -194.221.183.225 -194.221.183.226 -194.221.183.227 -194.231.79.38 -195.124.124.56 -195.27.70.69 -195.30.94.21 -195.63.104.222//inbox -195.63.104.222//log # www.weltbild.de -195.63.104.222//meld -195.63.104.222//menu -195.63.104.222/folderlu -195.63.104.222/folderru -195.63.104.222/inbox -195.63.104.222/loginlu -195.63.104.222/loginmu -195.63.104.222/loginru -195.63.104.222/logoutlu -195.63.104.222/logoutmu -195.63.104.222/logoutru -195.63.104.61//inbox -195.63.104.61//log # www.weltbild.de -195.63.104.61//meld -195.63.104.61//menu -195.63.104.61/inbox -195.63.104.61/loginlu -195.63.104.61/loginmu -195.63.104.61/loginru -195.63.104.61/logoutlu -195.63.104.61/logoutmu -195.63.104.61/logoutru -199.78.52.10 -1st-fuss.com -204.253.46.71:1977 -204.94.67.40/wc/ -205.153.208.93 -205.216.163.62 -205.217.103.58:1977 -206.165.5.162/images/gcanim\.gif -206.221.254.181:80 -206.50.219.33 -207.137.96.35 -207.159.129.131/abacus -207.159.135.72 -207.82.250.9 -207.87.15.234 -207.87.27.10/tool/includes/gifs/ -208.156.39.142 -208.156.39.144 -208.156.60.230 -208.156.60.234 -208.156.60.235 -209.1.112.252/adgraph/ -209.1.135.142:1971 -209.1.135.144:1971 -209.132.97.164/IMG/ -209.185.222.45 -209.185.222.60 -209.185.253.199 -209.207.224.220/servfu.pl -209.207.224.222/servfu.pl -209.239.37.214/cgi-pilotfaq/getimage\.cgi -209.297.224.220 -209.75.21.6 -209.85.89.183/cgi-bin/cycle\?host -212.63.155.122/(banner|concret|softwareclub) -216.15.157.34 -216.27.61.150 -216.49.10.236/web1000/ -247media.com -62.144.115.12/dk/ -ICDirect.com/cgi-bin -Shannon.Austria.Eu.net/\.cgi/ -WebSiteSponsor.de -207.181.220.145 -213.165.64.42 - -# -# generic hosts (probably most effective) -# -ad*.*.* -ad*.*.*.* -*.ads.*.* -banner*.*.* -banner*.*.*.* - -*.admaximize.com -*.imgis.com -/*.*/*preferences.com* -1ad.prolinks.de -adwisdom.com -akamaitech.net/.*/Banners/ -altavista.telia.com/av/pix/sponsors/ -amazon.com/g/associates/logos/ -annonce.insite.dk -asinglesplace.com/asplink\.gif -athand.com/rotation -automatiseringgids.nl/gfx/advertenties/ -#avenuea.com/Banners/ -avenuea.com/view/ -badservant.guj.de -befriends.net/personals/matchmaking\.jpg -bizad.nikkeibp.co.jp -bs.gsanet.com/gsa_bs/ -cash-for-clicks.de -cda.at/customer/ -cgicounter.puretec.de/cgi-bin/ -ciec.org/images/countdown\.gif -classic.adlink.de/cgi-bin/accipiter/adserver.exe -click..wisewire.com -clickhere.egroups.com/img/ -imagine-inc.com -commonwealth.riddler.com/Commonwealth/bin/statdeploy\?[0-9]+ -customad.cnn.com -dagbladet.no/ann-gif -deja.com/jump/ -digits.com/wc/ -dino.mainz.ibm.de -dn.adzerver.com/image.ad -ds.austriaonline.at -emap.admedia.net -etrade.com/promo/ -eur.yimg.com/a/ -eur.a1.yimg.com/eur.yimg.com/a/ -us.a1.yimg.com/us.yimg.com/a/ -eurosponsor.de -fastcounter.linkexchange.com -flycast.com -focalink.com/SmartBanner -freepage.de/cgi-bin/feets/freepage_ext/.*/rw_banner -freespace.virgin.net/andy.drake -futurecard.com/images/ -gaia.occ.com/click.* -globaltrack.com -globaltrak.net -go.com/cimages\?SEEK_ -gp.dejanews.com/gtplacer -gtp.dejanews.com/gtplacer -deja.com/gifs/onsale/ -hitbox.com -home.miningco.com/event.ng/.*AdID -hurra.de -hyperbanner.net -icount.com/.*count -image*.narrative.com/news/.*\.(gif|jpe?g) -image.click2net.com -image.linkexchange.com -images.nytimes.com -images.yahoo.com/adv/ -images.yahoo.com/promotions/ -imageserv.adtech.de -img.web.de -impartner.de/cgi-bin -informer2.comdirect.de:6004/cd/banner2 -infoseek.go.com/cimages -ins.at/asp/images/ -kaufwas.com/cgi-bin/zentralbanner\.cgi -leader.linkexchange.com -link4ads.com -link4link.com -linktrader.com/cgi-bin/ -logiclink.nl/cgi-bin/ -lucky.theonion.com/cgi-bin/oniondirectin\.cgi -lucky.theonion.com/cgi-bin/onionimp\.cgi -lucky.theonion.com/cgi-bin/onionimpin\.cgi -m.doubleclick.net -mailorderbrides.com/mlbrd2\.gif -media.priceline.com -mediaplex.com -members.sexroulette.com -messenger.netscape.com -miningco.com/zadz/ -# movielink became moviefone -moviefone.com/.*banner -moviefone.com/.*newbutton -moviefone.com/.*ad\.gif -moviefone.com/.*mmail -moviefone.com/.*poster\.gif -moviefone.com/.*btyb -moviefone.com/.*h_guy -moviefone.com/.*h_showtick -moviefone.com/.*h_aML -moviefone.com/.*/m_ -moviefone.com/.*/icon_ -moviefone.com/.*/NF_.*back -moviefone.com/.*/h_.*gif -moviefone.com/media/imagelinks -moviefone.com/media/imagelinks/MF.(ad|sponsor) -moviefone.com/media/art -mqgraphics.mapquest.com/graphics/Advertisements/ -netgravity.* -newads.cmpnet.com -news.com/cgi-bin/acc_clickthru -ngadcenter.net -ngserve.pcworld.com/adgifs/ -nol.at:81 -nrsite.com -nytsyn.com/gifs -offers.egroups.com -pagecount.com -ph-ad.*\.focalink.com -preferences.com -promotions.yahoo.com/ -pub.nomade.fr -qsound.com/tracker/tracker.exe -resource-marketing.com/tb/ -revenue.infi.net -rtl.de/homepage/wb/images/ -schnellsuche.de/images/* -shout-ads.com/cgibin/shout.php3 -sjmercury.com/advert/ -smartclicks.com/.*/smart(img|banner|host|bar|site) -smh.com.au/adproof/ -spinbox1.filez.com -static.wired.com/advertising/ -swiftad.com -sysdoc.pair.com/cgi-sys/cgiwrap/sysdoc/sponsor\.gif -t-online.de/home/040255162-001/* -taz.de/taz/anz/ -tcsads.tcs.co.at -teleauskunft.de/commercial/ -thecounter.com/id -tm.intervu.net -tvguide.com/rbitmaps/ -ubl.com/graphics/ -ubl.com/images/ -ultra.multimania.com -ultra1.socomm.net -uproar.com -us.yimg.com/a/ -us.yimg.com/promotions/ -valueclick.com -valueclick.net -victory.cnn.com -videoserver.kpix.com -washingtonpost.com/wp-adv/ -webconnect.net/cgi-bin/webconnect.dll -webcounter.goweb.de -webserv.vnunet.com/ip_img/.*ban -werbung.pro-sieben.de/cgi-bin -whatis.com/cgi-bin/getimage.exe/ -www..bigyellow.com/......mat.* -www.adclub.net -www.addme.com/link8\.gif -www.aftonbladet.se/annons -www.americanpassage.com/ -www.angelfire.com/in/twistriot/images/wish4\.gif -www.bizlink.ru/cgi-bin/irads\.cgi -www.blacklightmedia.com/adlemur -www.bluesnews.com/flameq\.gif -www.bluesnews.com/images/ad[0-9]+\.gif -www.bluesnews.com/images/gcanim3\.gif -www.bluesnews.com/images/throbber2\.gif -www.bluesnews.com/miscimages/fragbutton\.gif -www.businessweek.com/sponsors/ -www.canoe.ca/AdsCanoe/ -www.cdnow.com/MN/client.banners -www.clickagents.com -www.clickthrough.ca -www.clicmoi.com/cgi-bin/pub\.exe -www.dailycal.org/graphics/adbanner-ab\.gif -www.detelefoongids.com/pic/[0-9]* -www.dhd.de/CGI/werbepic -www.dsf.de/cgi-bin/site_newiac.adpos -www.firsttarget.com/cgi-bin/klicklog.cgi -www.forbes.com/forbes/gifs/ads -www.forbes.com/tool/includes/gifs/ -www.fxweb.holowww.com/.*\.cgi -www.geocities.com/TimesSquare/Zone/5267/ -www.goto.com/images-promoters/ -www.handelsblatt.de/hbad -www.hotlinks.de/cgi-bin/barimage\.cgi -www.infoseek.com/cimages -www.infoworld.com/pageone/gif -www.isys.net/customer/images -www.javaworld.com/javaworld/jw-ad -www.kron.com/place-ads/ -www.leo.org/leoclick/ -www.linkexchange.ru/cgi-bin/erle\.cgi -www.linkstation.de/cgi-bin/zeige -www.linux.org/graphic/miniature/ -www.linux.org/graphic/square/ -www.linux.org/graphic/standard/ -www.luncha.se/annonsering -www.mediashower.com -www.ml.org/gfx/spon/icom/ -www.ml.org/gfx/spon/wmv -www.musicblvd.com/mb2/graphics/netgravity/ -nedstat.nl/cgi-bin/ -www.news.com/Midas/Images/ -www.newscientist.com/houseads -www.nextcard.com/affiliates/ -www.nikkeibp.asiabiztech.com/image/NAIS4\.gif -www.nordlys.no/imaker/.*/.*/.*/.....\.gif # alvin brattli -www.nordlys.no/imaker/.*/.*/.*/..003 # alvin brattli -www.oanda.com/server/banner -omdispatch.co.uk -www.oneandonlynetwork.com -www.page2page.de/cgi-bin/ -www.prnet.de/.*/bannerschnippel/.*\.(gif|jpe?g) -www.promptsoftware.com/marketing/ -#www.reklama.ru/cgi-bin/banners/ -www.riddler.com/sponsors/ -www.rle.ru/cgi-bin/erle\.cgi -www.rock.com/images/affiliates/search_black\.gif -www.rtl.de/search/.*kunde -#www.search.com/Banners -www.sfgate.com/place-ads/ -www.shareware.com/midas/images/borders-btn\.gif -#www.sjmercury.com/products/marcom/banners/ -www.smartclicks.com:81 -www.sol.dk/graphics/portalmenu -www.sponsornetz.de/jump/show.exe -www.sponsorpool.net -www.sunworld.com/sunworldonline/icons/adinfo.sm\.gif -www.swwwap.com/cgi-bin/ -www.taz.de/~taz/anz/ -www.telecom.at/icons/.*film\.(gif|jpe?g) -www.theonion.com/bin/ -www.topsponsor.de/cgi-bin/show.exe -www.ugo.net -www.ugu.com/images/EJ\.gif -www.warzone.com/pics/banner/ -www.warzone.com/wzfb/ads.cgi -www.webpeep.com -www.websitepromote.com/partner/img/ -www.winjey.com/onlinewerbung/*\.gif -www.wishing.com/webaudit -www.www-pool.de/cgi-bin/banner-pool -www2.blol.com/agrJRU\.gif -www3.exn.net:80 -yahoo.com/CategoryID=0 -yahoo.de/adv/images -~cpan.valueclick.com -~www.hitbox.com - -#swa -www.bannerland.de/click.exe -*.cyberclick.net -*.eu-adcenter.net/ -www.web-stat.com -www.slate.com/snav/ -www.slate.com/redirect/ -www.slate.com/articleimages/ -usads.imdb.com -www.forbes.com/tool/images/frontend/ -www.zserver.com -www.spinbox.com -pathfinder.com/shopping/marketplace/images/ -/*.*/adbanner* -/*.*/adgraphic* -static.wired.com/images -perso.estat.com/cgi-bin/perso/ -dinoadserver1.roka.net -fooladclient*.fool.com -affiliate.aol.com/static/ -cybereps.com:8000 -iadnet.com -orientserve.com -wvolante.com -findcommerce.com -smartage.com - -# www.sunday-times.co.uk -www.sunday-times.co.uk/standing/newsint/ticker - -# Für Germany.Net-User: Germany.Net (fast) banner- u. grafikfrei! -germany.net/gebu-frei\.gif -germany.net/bilder/menue/leiste\.gif -germany.net/bilder/gn_logos/* -germany.net/bilder/90x90/* -germany.net/banner-homepage/* -germany.net/downloadshop/* -germany.net/bilder/action/promopoly/germanynet/basisdienste/hilfe/* - -# Block as much of GeoCities as possible -# All geocities-owned images -www.geocities.com/images -www.geocities.com/MemberBanners/live/ -pic.geocities.com/images -# And the popup (it still pops up, but does not eat up precious bandwidth) -#www.geocities.com/ad_container/pop.html # already fixed by other regexp - -# from corion@informatik.uni-frankfurt.de -sam.songline.com/@ -img.getstats.com/ -#ads.xmonitor.net/xadengine.cgi # fixed by above regexp -# Also block the japanese geocities popups -www.geocities.co.jp/images -# Also block the come.to, surf.to etc. popups -v3.come.to/pop.asp - -# Also block the xoom stuff. -xb.xoom.com -home.talkcity.com/homepopup.html.* - -# Max Maischein again ... -# Halflife.net uses WON banners -# Banners from Freeserve -#banner.freeservers.com/cgi-bin/fs_adbar # fixed by above regexp -# And those nasty va-popups ! -/.*/?va_banner.html -# And an all-around hit against advert*.jpg -/.*/advert[0-9]+\.jpg -# And yet another Internet Explorer gif ... -/.*/ie_horiz\.gif -# Some uninteresting buttons I think... -mircx.com/images/buttons/ -services.mircx.com/.*\.gif -# Ooops - UserFriendly (Iambe) has a banner that gets eaten ... -~www.userfriendly.org/images/banners/banner_dp_heart\.gif -# Easyspace - yet another "free disk space" provider with banner popups -www.easyspace.com/(fpub)?banner.html -www.easyspace.com/100\.gif -# Some russian banner exchanges -banner.ricor.ru/cgi-bin/banner.pl -#www.bizlink.ru/cgi-bin/irads.cgi # already fixed by other regexp -stx9.sextracker.com/stx/send/ -# And even more of geocities : -www.geocities.com/pictures/ -# Gaah - www.angelfire.com - another webspace provider with popups -angelfire.com/sys/download.html -# Gamasutra.com uses this ad provider -sally.songline.com/@ - -# Eule.de (search engine) -# maybe images.eule.de as a whole... -www.eule.de/cgi-bin/ -images.eule.de/comdirect\.gif -images.eule.de/wp\.gif -aladin.de/125_1\.gif -images.eule.de/neu/books\.gif - -# -------------------------------------------------------------------------- -# -# some images -# -# -------------------------------------------------------------------------- - -# some images on cnn's website just suck! -/.*cnnstore\.gif -/.*book.search\.gif -/.*cnnpostopinionhome.\.gif -/.*custom_feature\.gif -/.*explore.anim.*gif -/.*infoseek\.gif -/.*pathnet.warner\.gif -/.*images/cnnfn_infoseek\.gif -/.*images/pathfinder_btn2\.gif -/.*img/gen/fosz_front_em_abc\.gif -/.*img/promos/bnsearch\.gif -/.*navbars/nav_partner_logos\.gif -/BarnesandNoble/images/bn.recommend.box.* -/digitaljam/images/digital_ban\.gif -/hotstories/companies/images/companies_banner\.gif -/markets/images/markets_banner\.gif -/ows-img/bnoble\.gif -/ows-img/nb_Infoseek\.gif -cnn.com/images/custom/totale\.gif -cnn.com/images/lotd/custom.wheels\.gif -cnn.com/images/.*/by/main.12\.gif -cnn.com/images/.*/find115\.gif -cnn.com/.*/free.email.120\.gif -cnnfn.com/images/left_banner\.gif -focus.de/A/AF/AFL/ -www.cnn.com/images/.*/bn/books\.gif -www.cnn.com/images/.*/pointcast\.gif -www.cnn.com/images/.*/fusa\.gif -cnn.com/images/.*/start120\.gif -images.cnn.com/SHOP/ -/.*by/main\.gif -/.*gutter117\.gif -/.*barnes_logo\.gif -# the / indicates the beginning of the path (and no longer the FQDN) -/.*nbclogo\.gif -/.*microdell\.gif -/.*secureit\.gif - -g.deja.com/gifs/(q|us)west_120x120\.gif - -# -/gif/buttons/banner_.* -/gif/buttons/cd_shop_.* -/gif/cd_shop/cd_shop_ani_.* - -#altavista -/av/gifs/av_map\.gif -/av/gifs/av_logo\.gif -/av/gifs/new/ns\.gif -altavista.com/i/valsdc3\.gif -jump.altavista.com/gn_sf - -# tucows -tucows.*.*/images/locallogo\.gif -#tucows.dsuper.net/images/locallogo\.gif - -# -mt_freshmeat\.jpg - -# simpliemu.hypermart.net/frames.html -go2net.com/mgic/adpopup -go2net.com/metaspy/images/exposed\.gif -go2net.com/metaspy/images/ms_un\.gif - -# -www.cebu-usa.com/cwbanim1\.gif -www.cebu-usa.com/Connection\.jpg -www.cebu-usa.com/phonead\.gif -www.cebu-usa.com/ban3\.jpg -www.cebu-usa.com/tlban\.gif -www.cebu-usa.com/apwlogo1\.gif -www.cebu-usa.com/rose\.gif - -# fnet -www.fnet.de/img/geldboerselogo\.jpg - -# hirsch@mathcs.emory.edu -/images/getareal2\.gif - -www.assalom.com/aziza/logos/cniaffil\.gif -www.assalom.com/aziza/logos/4starrl1\.gif -www.phantomstar.com/images/media/m1\.gif - -# -wahlstreet.de/MediaW\$/tsponline\.gif -wahlstreet.de/MediaW\$/dzii156x60\.gif -wahlstreet.de/MediaW\$/etban156x60_2_opt2\.gif - -# linuxtoday.com -/pics/gotlx1\.gif -/pics/getareal1\.gif -/pics/amzn-b5\.gif -/ltbs/cgi-bin/click.cgi -linuxtoday.com/ltbs/pics/ - -# Geocities popups -/ad[-_]container/ -/include/watermark/v2/ - -# Reinier Bikker -# Banner.xxLINK.nl/ - -# Mark Lutz -/.*/*werb.*\.(gif|jpe?g) # hope that's not to restrictive - -#Free Yellow thing at bottom of pages (HereticPC) -www.freeyellow.com/images/powerlink5a\.gif -www.freeyellow.com/images/powerlink5b\.gif -www.freeyellow.com/images/powerlink5c\.gif -www.freeyellow.com/images/powerlink5d\.gif -www.freeyellow.com/images/powerlink5e\.gif - -#HereticPC -www.eads.com/images/refbutton\.gif -www.fortunecity.com/console2/newnav/* -www.goldetc.net/search\.gif -www.cris.com/~Lzrdking/carpix/cars3-le\.gif -www.justfreestuff.com/scott\.gif -www.cyberthrill.com/entrance\.gif -secure.pec.net/images/pec69ani\.gif -www.new-direction.com/avviva\.gif -internetmarketingcenter\.gif -www.new-direction.com/wp-linkexchange-loop\.gif -www.new-direction.com/windough\.gif -www.digitalwork.com/universal_images/affiliate/dw_le_3\.gif -service.bfast.com/bfast/click/* -www.new-direction.com/magiclearning\.gif -www.new-direction.com/mailloop\.gif - -www.free-banners.com/images/hitslogo\.gif -rob.simplenet.com/dyndns/fortune5\.gif -nasdaq-amex.com/images/bn_ticker\.gif - -# -# navilor@hotmail.com -# -# -# wayne@staff.msen.com -# -a*.*.*.yimg.com/([0-9]*|\/)*us.yimg.com/* -ad.doubleclick.net -www.dnps.com/ads -www.realtop50.com/cgi-bin/ad -~a*.*.*.yimg.com/([0-9]|\/)*us.yimg.com/i/* - -# -www.yacht.de/images/(my_ani|eissingani|chartertrans|fum|schnupper|fysshop|garmin)\.gif -www.sponsorweb.de/web-sponsor/nt-bin/show.exe - -# -# Club-internet pops up a complain if you refuse cookie (still pops up...) -perso.club-internet.fr/html/Popup/popup_frame_nocookie.html -perso.club-internet.fr/pagesperso/popup_nocookie.html - -gmx.net/images/newsbanner/ -cash4banner.de - -quicken.lexware.de/images/us7-468x60.gif -/img/special/chatpromo\.gif -www.travelocity.com/images/promos/ - -# wonder that that does... -p01.com/1x1.dyn - -/*.*/phpAds/viewbanner.php -/*.*/phpAds/phpads.php - -www.linux-magazin.de/banner -comtrack.comclick.com -click-fr.com -iac-online.de/filler - -media.interadnet.com -stat.www.fi/cgi-bin -/cgi/banners.cgi -ads-digi.sol.no -fp.buy.com -disneystoreaffiliates.com - -powerwork.mobile.de/cgi-bin/getimage\.cgi - - - -#################################################### -# Jon's addition: -# -# Register ads -#www.theregister.co.uk/media/155\.gif -www.theregister.dealtime.co.uk/BannerIn/ -#www.theregister.co.uk/media/SearchDomainRed\.gif -#www.theregister.co.uk/media/ByDomainbusterRed\.gif -#www.theregister.co.uk/media/454\.gif -#www.theregister.co.uk/media/461\.gif -#www.theregister.co.uk/media/dealtime-lh\.gif -# Ad target: -www.domainbuster.com/cgi-bin/domainbuster/dpro\.pl - -#www.theregister.co.uk/media/.*\.swf -#www.theregister.co.uk/media/.*\.js - -# get agressive: -www.theregister.co.uk/media/ - -# Dilbert: -www.dilbert.com/comics/dilbert/images/.*_140x800.*\.gif - -# stattrack.com -# Uses URL: http://www.stattrack.com/cgi-bin/stats/image.cgi -/cgi-bin/stats/ -# And loads JavaScript from http://www.stattrack.com/stats/code -www.stattrack.com/stats/ - -#GeoCities crap -##geo.yahoo.com/serv -##visit.geocities.com/visit.gif -*.*.*.yimg.com/*/www.geocities.com/js_source -#http://us.toto.geo.yahoo.com/toto?s=76001086 -##*.toto.geo.yahoo.com - -# Nuke GeoCities rubbish -*.*.geo.yahoo.com -*.geo.yahoo.com -geo.yahoo.com -visit.geocities.com -*.*.*.yimg.com/.*/www.geocities.com/ - -#http://counter16.bravenet.com/counter.php -counter*.*.* - -#http://stat.cybermonitor.com/7emezone_p?1707_USdvd -stat*.*.* - -#http://members.tripod.com/adm/popup/..... -members.tripod.com/adm/popup/ - -#This is the worst ad idea ever! Bye bye! -#count.exitexchange.com/exit/1100661 -#count.exitexchange.com/clients/navbar.html -#(used in http://skyhivisuals.tripod.com/malfunctions_.htm) -exitexchange.com - -#SourceForge ads. -sfads.osdn.com - -#Crap trapping sites -webhideout.com - -#################################################### - - - -# -# some regexps are simply too aggressive ... -# -# equalizer to /*.*(.*[-_.])?ads?[0-9]?(/|[-_.].*|.(gif|jpe?g)) -# or other regexps -# -# -~adamwhone.co.uk -~adsl.tin.it -~stsci.edu -~tgs.com -~sun.com -~povray.org -~admin.*.* -~admin.*.*.* -~ad.siemens.de # SIEMENS Automation & Drives -~add-url.altavista.com -~adis.on.ca -~address*.*.* -~address*.*.*.* -~add*.*.* -~add*.*.*.* -~adu*.*.* -~adu*.*.*.* -~advice.*.* -~advice.*.*.* - -# univ. don't advertise, do they :-) -~*.*.edu -~*.*.*.edu -~www.ugu.com/sui/ugu/adv -~adfa.edu.au -~adsl*.*.* - -~clubs.yahoo.com/clubs -~edit.my.yahoo.com/config/show_identity -~www.ix.de/newsticker/data/ad -~www.heise.de/newsticker/data/ad -~www.careernet.de/anzeige -~www.careernet.de/bewerber/stellenanzeigen -~www.baumgartner.de/stellenmarkt/anzeigen -~www.dspartner.de/Anzeigen -~www.aws-jobs.de/Anzeigen -~www.jobware.de/.*/anzeigen/ -~www.jobworld.de/bilder/ -~www.cnn.com/TECH/computing/.*/internet.ads/ -~www.financial.de/shop/ -~gnn.de/.*\.html -~www.auktionen.de - -~194.221.152.2/phptelefontmp -~harvard.edu/images/banner/ - -~adswww.harvard.edu -~www.dhd.de/CGI/anzeigen/ - -~ads.web.de/web/ -~img.web.de/web/img/ - -~www.segel.de/menu/bilder/anzeigen\.gif -~www.corel.com/graphics/banners/ -~www.software.ibm.com/ad/ -~www.omg.org/docs/ad/ - -~sperrmuell.de/scripts/anzeigen -www.freenet.de/index.html -www.01019freenet.de/index.html -~www.freenet.de/freenet/ -~www.01019freenet.de/freenet/ -~webfactory.de/anzeigen.php -~www.cdmag.com -~www.internatif.org/bortzmeyer/debian/sponsor/ -~hp.com - -~www.software.hosting.ibm.com/ad/ -~www.ibm.com/software/ad/ -~brickshelf.com - -~www.debian.org/Pics/banner-blue\.gif -~www.linux.de/pics/Nachrichten_banner\.gif -~www.werbekurier.de - -~finder.shopping.yahoo.com/shop/ -~national.com/pf -~mozilla.org -~eidos.de -~e-sheep.com -~punkassgear.com -~mozilla.org -~mozillazine.org -~adbusters.org -~annoy.com -~consumer-direct.com -~www.iez-auktion.de -~ibm.com -~sgi.com - -# my banking stuff => no ads. last regexp for fast access :-) -~comdirekt.de -~comdirect.de -~teledata.de - - -~msdn.microsoft.com - -# do not forget newline at the end of this file!!! - diff --git a/config b/config index 2dea6183..88529d01 100644 --- a/config +++ b/config @@ -1,7 +1,7 @@ # Sample Configuration file for the Internet Junkbuster 2.0 # -# $Id: config,v 1.5 2001/05/23 10:39:05 oes Exp $ +# $Id: config,v 1.6 2001/05/26 17:25:14 jongfoster Exp $ # # Table of Contents @@ -61,30 +61,14 @@ # files in the current working directory. In either case, an # absolute path name can be used to avoid problems. -# -# The blockfile contains regular expressions, one per line, of URLs -# to be blocked by Junkbuster. -# -# Default: Don't block anything. -# -blockfile ./blocklist - -# -# The imagefile contains regular expressions, one per line, of URLs -# to be blocked as images by Junkbuster, regardless of whether they -# look like image URLs or not. -# -# Default: Block all URLs as HTML requests. -# -imagefile ./imagelist - # # The permissions file contains patterns to specify the -# cookie and filtering rules to apply to each site. +# filtering rules to apply to each site. # # Default: Cookies to and from all destinations are filtered. # Popups are disabled for all sites. # All sites are filtered if re_filterfile specified. +# No sites are blocked. Nothing is an image. # permissionsfile ./permissionsfile @@ -105,8 +89,7 @@ re_filterfile ./re_filterfile # Junkbuster (e.g., it's not blocking an ad you think it should # block) but in most cases you probably will never look at it. # -# If you do not use 'log-buffer-size'/'log-max-lines' (see below) -# your logfile will grow indefinitely, and you will probably want to +# Your logfile will grow indefinitely, and you will probably want to # periodically remove it. On Unix systems, you can do this with a # cron job (see 'man cron'). # @@ -292,18 +275,22 @@ user-agent . # Junkbuster has the ability to mask the Referer header. Referer # headers can be used to track users as they browse around the web, # and many consider them invasive. Junkbuster provides several -# options for dealing with referer headers: +# options for dealing with referer headers. +# +# Note that the setting of this value can be overridden on a +# site-by-site basis in the permissionsfile, in order to send +# the unmodified Referer header to sites which require it. +# This option controls what to do for sites without that +# permission. # # VALUE EFFECT # ===== ====== # default Kill the referrer-header from the client. -# . Pass the referrer unchanged. -# @ Pass the referrer if the server is in the cookie file, -# kill the referrer otherwise. -# L Pass the referrer if the server is in the cookie file, -# send a forged referrer that points to the +# @ Kill the referrer-header from the client. +# . Always pass the referrer unchanged. +# L Send a forged referrer that points to the # root-directory URL of the current request otherwise. -# 'text' Always send as the referrer. +# 'text' Send as the referrer. # # L is probably preferable to @, because it will break fewer Web # sites while still concealing your browsing path. @@ -343,7 +330,7 @@ referer L # # As an example of the last option: # -# tinygif 3 http://no.where/ijb-send-banner.gif +# tinygif 3 http://i.j.b/ijb-send-banner.gif # # Will replace every blocked image with an image built into junkbuster. # @@ -357,30 +344,6 @@ referer L # tinygif 2 -# -# Many sites, like yahoo.com, don't just link to other sites. -# Instead, they will link to some script on their own server, -# giving the destination as a parameter, which will then redirect -# you to the final target. -# -# URLs resulting from this scheme typically look like: -# http://some.place/some_script?http://some.where-else -# -# Sometimes, there are even multiple consecutive redirects encoded -# in the URL. These redirections via scripts make your web browing -# more traceable, since the server from which you follow such a link -# can see where you go to. Apart from that, valuable bandwidth and -# time is wasted, while your browser aks the server for one redirect -# after the other. Plus, it feeds the advertisers. -# -# The fast-redirects option enables interception of these requests -# by junkbuster, who will cut off all but the last valid URL in the -# request and send a local redirect back to your browser without -# contacting the remote site. -# -# Default: Don't intercept script-redirect URLs -# -fast-redirects # # The debug option sets the level of debugging information to log in @@ -432,28 +395,27 @@ debug 8192 # Errors - *we highly recommended enabling this* #single-threaded # -# 'toggle' controls whether Junkbuster can temporarily be toggled on -# and off. +# 'toggle' allows you to temporarily disable all Junkbuster's +# filtering. Just set "toggle 0". # # The Windows version of Junkbuster puts an icon in the system -# tray. If you right-click on that icon (or select the 'Options' -# menu), one choice is "Enable". Clicking on enable toggles -# Junkbuster on and off. This is useful if you want to temporarily -# disable Junkbuster, e.g., to access a site that requires cookies -# which you normally have blocked. -# -# Unix versions of Junkbuster are toggled on and off by sending a -# SIGHUP to Junkbuster. +# tray, which allows you to change this option without having +# to edit this file. If you right-click on that icon (or select +# the 'Options' menu), one choice is "Enable". Clicking on enable +# toggles Junkbuster on and off. This is useful if you want to +# temporarily disable Junkbuster, e.g., to access a site that +# requires cookies which you normally have blocked. # -# 'toggle 1' means permit toggling of Junkbuster, 'toggle 0' means -# don't. +# 'toggle 1' means Junkbuster runs normally, 'toggle 0' means +# that Junkbuster becomes a non-anonymizing non-blocking +# proxy. # # Default: 1 # toggle 1 # -# 5. WINDOWS GUI OTPIONS +# 5. WINDOWS GUI OPTIONS # # Junkbuster has a number of options specific to the Windows GUI # interface: @@ -509,8 +471,8 @@ toggle 1 # show-on-task-bar {1 or 0} # -# Controls whether or not Junkbuster will appear on the Task bar -# when minimized. +# Controls whether or not Junkbuster will appear as a button on the Task +# bar when minimized. # #Win32-only: show-on-task-bar 0 diff --git a/config.h b/config.h index 1e75adbf..02f9724e 100644 --- a/config.h +++ b/config.h @@ -39,6 +39,13 @@ * * Revisions : * $Log: config.h,v $ + * Revision 1.5 2001/05/26 00:28:36 jongfoster + * Automatic reloading of config file. + * Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32). + * Most of the global variables have been moved to a new + * struct configuration_spec, accessed through csp->config->globalname + * Most of the globals remaining are used by the Win32 GUI. + * * Revision 1.4 2001/05/25 22:17:28 jongfoster * Resurrecting these files which are required for the MS Visual C++ * build only. @@ -151,9 +158,11 @@ /* * Detect image requests automatically for MSIE. Will fall back to - * other image-detection methods (i.e. USE_IMAGE_LIST) for other + * other image-detection methods (i.e. "+image" permission) for other * browsers. * + * You must also define IMAGE_BLOCKING to use this feature. + * * It detects the following header pair as an image request: * * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0) @@ -180,13 +189,12 @@ #define DETECT_MSIE_IMAGES 1 /* - * Use image list to detect images. - * If you do not define this then everything is treated as HTML. + * Allow blocking using images as well as HTML. + * If you do not define this then everything is blocked as HTML. * - * Whatever the setting of this value, DETECT_MSIE_IMAGES will - * override it for people using Internet Explorer. + * Note that this is required if you want to use DETECT_MSIE_IMAGES. */ -#define USE_IMAGE_LIST 1 +#define IMAGE_BLOCKING 1 /* * Allows the use of ACL files to control access to the proxy by IP address. diff --git a/config.h.in b/config.h.in index b0217675..5405bf5a 100644 --- a/config.h.in +++ b/config.h.in @@ -3,7 +3,7 @@ #define _CONFIG_H /********************************************************************* * - * File : $Source: /cvsroot/ijbswa/current/config.h.in,v $ + * File : $Source: /cvsroot/ijbswa/current/acconfig.h,v $ * * Purpose : This file should be the first thing included in every * .c file. (Before even system headers). It contains @@ -37,9 +37,58 @@ * Temple Place - Suite 330, Boston, MA 02111-1307, USA. * * Revisions : - * $Log: config.h.in,v $ - * Revision 1.1 2001/05/15 13:58:49 oes - * Initial revision + * $Log: acconfig.h,v $ + * Revision 1.3 2001/05/26 01:26:34 jongfoster + * New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor. + * This #define cannot be set from ./configure - there's no point, it + * doesn't work yet. See feature request # 425722 + * + * Revision 1.2 2001/05/22 17:43:35 oes + * + * - Enabled filtering banners by size rather than URL + * by adding patterns that replace all standard banner + * sizes with the "Junkbuster" gif to the re_filterfile + * + * - Enabled filtering WebBugs by providing a pattern + * which kills all 1x1 images + * + * - Added support for PCRE_UNGREEDY behaviour to pcrs, + * which is selected by the (nonstandard and therefore + * capital) letter 'U' in the option string. + * It causes the quantifiers to be ungreedy by default. + * Appending a ? turns back to greedy (!). + * + * - Added a new interceptor ijb-send-banner, which + * sends back the "Junkbuster" gif. Without imagelist or + * MSIE detection support, or if tinygif = 1, or the + * URL isn't recognized as an imageurl, a lame HTML + * explanation is sent instead. + * + * - Added new feature, which permits blocking remote + * script redirects and firing back a local redirect + * to the browser. + * The feature is conditionally compiled, i.e. it + * can be disabled with --disable-fast-redirects, + * plus it must be activated by a "fast-redirects" + * line in the config file, has its own log level + * and of course wants to be displayed by show-proxy-args + * Note: Boy, all the #ifdefs in 1001 locations and + * all the fumbling with configure.in and acconfig.h + * were *way* more work than the feature itself :-( + * + * - Because a generic redirect template was needed for + * this, tinygif = 3 now uses the same. + * + * - Moved GIFs, and other static HTTP response templates + * to project.h + * + * - Many minor fixes + * + * - Removed some >400 CRs again (Jon, you really worked + * a lot! ;-) + * + * Revision 1.1.1.1 2001/05/15 13:58:45 oes + * Initial import of version 2.9.3 source tree * * *********************************************************************/ @@ -133,9 +182,11 @@ /* * Detect image requests automatically for MSIE. Will fall back to - * other image-detection methods (i.e. USE_IMAGE_LIST) for other + * other image-detection methods (i.e. "+image" permission) for other * browsers. * + * You must also define IMAGE_BLOCKING to use this feature. + * * It detects the following header pair as an image request: * * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0) @@ -162,13 +213,12 @@ #undef DETECT_MSIE_IMAGES /* - * Use image list to detect images. - * If you do not define this then everything is treated as HTML. + * Allow blocking using images as well as HTML. + * If you do not define this then everything is blocked as HTML. * - * Whatever the setting of this value, DETECT_MSIE_IMAGES will - * override it for people using Internet Explorer. + * Note that this is required if you want to use DETECT_MSIE_IMAGES. */ -#undef USE_IMAGE_LIST +#undef IMAGE_BLOCKING /* * Allows the use of ACL files to control access to the proxy by IP address. diff --git a/configure b/configure index 849b8303..b1956704 100755 --- a/configure +++ b/configure @@ -38,8 +38,8 @@ ac_help="$ac_help --disable-ie-images Don't auto-detect whether a request from MS Internet Explorer is for an image or HTML." ac_help="$ac_help - --disable-image-list Don't try to figure out whether a request is for an - image or HTML using the imagelist - assume HTML." + --disable-image-blocking Don't try to figure out whether a request is + for an image or HTML - assume HTML." ac_help="$ac_help --disable-acl-files Prevents the use of ACL files to control access to the proxy by IP address." @@ -1540,18 +1540,18 @@ EOF fi -# Check whether --enable-image-list or --disable-image-list was given. -if test "${enable_image_list+set}" = set; then - enableval="$enable_image_list" +# Check whether --enable-image-blocking or --disable-image-blocking was given. +if test "${enable_image_blocking+set}" = set; then + enableval="$enable_image_blocking" if test $enableval = yes; then cat >> confdefs.h <<\EOF -#define USE_IMAGE_LIST 1 +#define IMAGE_BLOCKING 1 EOF fi else cat >> confdefs.h <<\EOF -#define USE_IMAGE_LIST 1 +#define IMAGE_BLOCKING 1 EOF fi diff --git a/configure.in b/configure.in index 593ef0dd..848911e7 100644 --- a/configure.in +++ b/configure.in @@ -1,6 +1,6 @@ dnl Process this file with autoconf to produce a configure script. dnl -dnl $Id: configure.in,v 1.2 2001/05/20 01:21:20 jongfoster Exp $ +dnl $Id: configure.in,v 1.3 2001/05/22 18:46:04 oes Exp $ dnl dnl Written by and Copyright (C) 2001 the SourceForge dnl IJBSWA team. http://ijbswa.sourceforge.net @@ -28,6 +28,50 @@ dnl or write to the Free Software Foundation, Inc., 59 dnl Temple Place - Suite 330, Boston, MA 02111-1307, USA. dnl dnl $Log: configure.in,v $ +dnl Revision 1.3 2001/05/22 18:46:04 oes +dnl +dnl - Enabled filtering banners by size rather than URL +dnl by adding patterns that replace all standard banner +dnl sizes with the "Junkbuster" gif to the re_filterfile +dnl +dnl - Enabled filtering WebBugs by providing a pattern +dnl which kills all 1x1 images +dnl +dnl - Added support for PCRE_UNGREEDY behaviour to pcrs, +dnl which is selected by the (nonstandard and therefore +dnl capital) letter 'U' in the option string. +dnl It causes the quantifiers to be ungreedy by default. +dnl Appending a ? turns back to greedy (!). +dnl +dnl - Added a new interceptor ijb-send-banner, which +dnl sends back the "Junkbuster" gif. Without imagelist or +dnl MSIE detection support, or if tinygif = 1, or the +dnl URL isn't recognized as an imageurl, a lame HTML +dnl explanation is sent instead. +dnl +dnl - Added new feature, which permits blocking remote +dnl script redirects and firing back a local redirect +dnl to the browser. +dnl The feature is conditionally compiled, i.e. it +dnl can be disabled with --disable-fast-redirects, +dnl plus it must be activated by a "fast-redirects" +dnl line in the config file, has its own log level +dnl and of course wants to be displayed by show-proxy-args +dnl Note: Boy, all the #ifdefs in 1001 locations and +dnl all the fumbling with configure.in and acconfig.h +dnl were *way* more work than the feature itself :-( +dnl +dnl - Because a generic redirect template was needed for +dnl this, tinygif = 3 now uses the same. +dnl +dnl - Moved GIFs, and other static HTTP response templates +dnl to project.h +dnl +dnl - Some minor fixes +dnl +dnl - Removed some >400 CRs again (Jon, you really worked +dnl a lot! ;-) +dnl dnl Revision 1.2 2001/05/20 01:21:20 jongfoster dnl Version 2.9.4 checkin. dnl - Merged popupfile and cookiefile, and added control over PCRS @@ -233,13 +277,13 @@ AC_ARG_ENABLE(ie-images, fi], AC_DEFINE(DETECT_MSIE_IMAGES)) -AC_ARG_ENABLE(image-list, -[ --disable-image-list Don't try to figure out whether a request is for an - image or HTML using the imagelist - assume HTML.], +AC_ARG_ENABLE(image-blocking, +[ --disable-image-blocking Don't try to figure out whether a request is + for an image or HTML - assume HTML.], [if test $enableval = yes; then - AC_DEFINE(USE_IMAGE_LIST) + AC_DEFINE(IMAGE_BLOCKING) fi], -AC_DEFINE(USE_IMAGE_LIST)) +AC_DEFINE(IMAGE_BLOCKING)) AC_ARG_ENABLE(acl-files, [ --disable-acl-files Prevents the use of ACL files to control access to diff --git a/filters.c b/filters.c index 44a884f5..8f0d3769 100644 --- a/filters.c +++ b/filters.c @@ -1,4 +1,4 @@ -const char filters_rcs[] = "$Id: filters.c,v 1.8 2001/05/26 17:13:28 jongfoster Exp $"; +const char filters_rcs[] = "$Id: filters.c,v 1.9 2001/05/27 22:17:04 oes Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/filters.c,v $ @@ -38,6 +38,19 @@ const char filters_rcs[] = "$Id: filters.c,v 1.8 2001/05/26 17:13:28 jongfoster * * Revisions : * $Log: filters.c,v $ + * Revision 1.9 2001/05/27 22:17:04 oes + * + * - re_process_buffer no longer writes the modified buffer + * to the client, which was very ugly. It now returns the + * buffer, which it is then written by chat. + * + * - content_length now adjusts the Content-Length: header + * for modified documents rather than crunch()ing it. + * (Length info in csp->content_length, which is 0 for + * unmodified documents) + * + * - For this to work, sed() is called twice when filtering. + * * Revision 1.8 2001/05/26 17:13:28 jongfoster * Filled in a function comment. * @@ -148,6 +161,7 @@ const char filters_rcs[] = "$Id: filters.c,v 1.8 2001/05/26 17:13:28 jongfoster #include "jbsockets.h" #include "errlog.h" #include "jbsockets.h" +#include "miscutil.h" #ifdef _WIN32 #include "win32.h" @@ -184,12 +198,12 @@ static const char CBLOCK[] = BANNER "\n" "

Your request for %s%s
\n" - "was blocked because it matches the following pattern " - "in the blockfile: %s\n

" + "was blocked." #ifdef FORCE_LOAD - "

Go there anyway.

" + " " + "Go there anyway." #endif /* def FORCE_LOAD */ + "

\n" "\n" "\n"; @@ -210,7 +224,7 @@ static const char CTRUST[] = "\n" WHITEBG "
" - "" + "" BANNER "" "
" @@ -373,71 +387,37 @@ int acl_addr(char *aspec, struct access_control_addr *aca) *********************************************************************/ char *block_url(struct http_request *http, struct client_state *csp) { - struct file_list *fl; - struct block_spec *b; - struct url_spec url[1]; char *p; int n; - if (((fl = csp->blist) == NULL) || ((b = fl->f) == NULL)) + if ((csp->permissions & PERMIT_BLOCK) == 0) { return(NULL); } - - *url = dsplit(http->host); - - /* if splitting the domain fails, punt */ - if (url->dbuf == NULL) return(NULL); - - for (b = b->next; b ; b = b->next) + else { - if ((b->url->port == 0) || (b->url->port == http->port)) - { - if ((b->url->domain[0] == '\0') || (domaincmp(b->url, url) == 0)) - { - if ((b->url->path == NULL) || -#ifdef REGEX - (regexec(b->url->preg, http->path, 0, NULL, 0) == 0) -#else - (strncmp(b->url->path, http->path, b->url->pathlen) == 0) -#endif - ) - { - freez(url->dbuf); - freez(url->dvec); - - if (b->reject == 0) return(NULL); - - n = strlen(CBLOCK); - n += strlen(http->hostport); - n += strlen(http->path); - n += strlen(b->url->spec); + n = strlen(CBLOCK); + n += strlen(http->hostport); + n += strlen(http->path); #ifdef FORCE_LOAD - n += strlen(http->hostport); - n += strlen(http->path); + n += strlen(http->hostport); + n += strlen(http->path); #endif /* def FORCE_LOAD */ - p = (char *)malloc(n); + p = (char *)malloc(n); #ifdef FORCE_LOAD - sprintf(p, CBLOCK, http->hostport, http->path, b->url->spec, http->hostport, http->path); + sprintf(p, CBLOCK, http->hostport, http->path, http->hostport, http->path); #else - sprintf(p, CBLOCK, http->hostport, http->path, b->url->spec); + sprintf(p, CBLOCK, http->hostport, http->path); #endif /* def FORCE_LOAD */ - return(p); - } - } - } + return(p); } - freez(url->dbuf); - freez(url->dvec); - return(NULL); - } -#if defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) +#ifdef IMAGE_BLOCKING /********************************************************************* * * Function : block_imageurl @@ -470,81 +450,9 @@ int block_imageurl(struct http_request *http, struct client_state *csp) } #endif -#if defined(USE_IMAGE_LIST) - return block_imageurl_using_imagelist(http, csp); -#else - /* Don't know - assume HTML */ - return 0; -#endif + return ((csp->permissions & PERMIT_IMAGE) != 0); } -#endif /* defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) */ - - -#ifdef USE_IMAGE_LIST -/********************************************************************* - * - * Function : block_imageurl - * - * Description : Test if a URL is in the imagelist. - * - * Parameters : - * 1 : http = URL to check. - * 2 : csp = Current client state (buffers, headers, etc...) - * - * Returns : True (nonzero) if URL is in image list, false (0) - * otherwise - * - *********************************************************************/ -int block_imageurl_using_imagelist(struct http_request *http, struct client_state *csp) -{ - struct file_list *fl; - struct block_spec *b; - struct url_spec url[1]; - - if (((fl = csp->ilist) == NULL) || ((b = fl->f) == NULL)) - { - return(0); - } - - *url = dsplit(http->host); - - /* if splitting the domain fails, punt */ - if (url->dbuf == NULL) return(0); - - for (b = b->next; b ; b = b->next) - { - - if ((b->url->port == 0) || (b->url->port == http->port)) - { - /* port matches, check domain */ - if ((b->url->domain[0] == '\0') || (domaincmp(b->url, url) == 0)) - { - /* domain matches, check path */ - if ((b->url->path == NULL) || -#ifdef REGEX - (regexec(b->url->preg, http->path, 0, NULL, 0) == 0) -#else - (strncmp(b->url->path, http->path, b->url->pathlen) == 0) -#endif - ) - { - /* Matches */ - freez(url->dbuf); - freez(url->dvec); - - if (b->reject == 0) return(0); - - return(1); - } - } - } - } - freez(url->dbuf); - freez(url->dvec); - return(0); - -} -#endif /* def USE_IMAGE_LIST */ +#endif /* def IMAGE_BLOCKING */ #ifdef PCRS @@ -576,13 +484,13 @@ char *re_process_buffer(struct client_state *csp) /* Sanity first ;-) */ if (size <= 0) { - return; + return(strdup("")); } if ( ( NULL == (fl = csp->rlist) ) || ( NULL == (b = fl->f) ) ) { log_error(LOG_LEVEL_ERROR, "Unable to get current state of regexp filtering."); - return; + return(strdup("")); } joblist = b->joblist; @@ -821,6 +729,26 @@ trust_url_not_trusted: #endif /* def TRUST_FILES */ +static const char C_HOME_PAGE[] = + "HTTP/1.0 200 OK\n" + "Pragma: no-cache\n" + "Expires: Thu Jul 31, 1997 07:42:22 pm GMT\n" + "Content-Type: text/html\n\n" + "\n" + "\n" + "Internet Junkbuster: Information\n" + "\n" + BODY + "

" + BANNER + "

\n" + "

JunkBuster web site

\n" + "

Proxy configuration

\n" + "

Look up a URL

\n" + "\n" + "\n"; + + /********************************************************************* * * Function : intercept_url @@ -836,33 +764,71 @@ trust_url_not_trusted: * 1 : http = http_request request, check `basename's of blocklist * 2 : csp = Current client state (buffers, headers, etc...) * - * Returns : NULL for no recognized URLs, or an HTML description page. + * Returns : 1 if it intercepts & handles the request. * *********************************************************************/ -char *intercept_url(struct http_request *http, struct client_state *csp) +int intercept_url(struct http_request *http, struct client_state *csp) { - char *basename; + char *basename = NULL; const struct interceptors *v; - basename = strrchr(http->path, '/'); + if (0 == strcmpic(http->host,"i.j.b")) + { + /* + * Catch http://i.j.b/... + */ + basename = http->path; + } + else if ( ( (0 == strcmpic(http->host,"ijbswa.sourceforge.net")) + || (0 == strcmpic(http->host,"ijbswa.sf.net")) ) + && (0 == strncmpic(http->path,"/config", 7)) + && ((http->path[7] == '/') || (http->path[7] == '\0'))) + { + /* + * Catch http://ijbswa.sourceforge.net/config/... + * and http://ijbswa.sf.net/config/... + */ + basename = http->path + 7; + } + + if (!basename) + { + /* Don't want to intercept */ + return(0); + } - if (basename == NULL) return(NULL); + /* We have intercepted it. */ + + /* remove any leading slash */ + if (*basename == '/') + { + basename++; + } - basename ++; /* first char past the last slash */ + log_error(LOG_LEVEL_GPC, "%s%s intercepted!", http->hostport, http->path); + log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 200 3", + csp->ip_addr_str, http->cmd); - if (*basename) + for (v = intercept_patterns; v->str; v++) { - for (v = intercept_patterns; v->str; v++) + if (strncmp(basename, v->str, v->len) == 0) { - if (strncmp(basename, v->str, v->len) == 0) + char * p = ((v->interceptor)(http, csp)); + + if (p != NULL) { - return((v->interceptor)(http, csp)); + /* Send HTML redirection result */ + write_socket(csp->cfd, p, strlen(p)); + + freez(p); } + return(1); } } - return(NULL); + write_socket(csp->cfd, C_HOME_PAGE, strlen(C_HOME_PAGE)); + return(1); } #ifdef FAST_REDIRECTS @@ -929,10 +895,11 @@ int url_permissions(struct http_request *http, struct client_state *csp) struct file_list *fl; struct permissions_spec *b; struct url_spec url[1]; + int permissions = csp->config->default_permissions; if (((fl = csp->permissions_list) == NULL) || ((b = fl->f) == NULL)) { - return(csp->config->default_permissions); + return(permissions); } *url = dsplit(http->host); @@ -940,7 +907,7 @@ int url_permissions(struct http_request *http, struct client_state *csp) /* if splitting the domain fails, punt */ if (url->dbuf == NULL) { - return(csp->config->default_permissions); + return(permissions); } for (b = b->next; NULL != b; b = b->next) @@ -957,9 +924,8 @@ int url_permissions(struct http_request *http, struct client_state *csp) #endif ) { - freez(url->dbuf); - freez(url->dvec); - return(b->permissions); + permissions &= b->mask; + permissions |= b->add; } } } @@ -967,7 +933,7 @@ int url_permissions(struct http_request *http, struct client_state *csp) freez(url->dbuf); freez(url->dvec); - return(csp->config->default_permissions); + return(permissions); } @@ -1175,13 +1141,6 @@ char *show_proxy_args(struct http_request *http, struct client_state *csp) } switch (which_file) { - case 'b': - if (csp->blist) - { - filename = csp->blist->filename; - file_description = "Block List"; - } - break; case 'p': if (csp->permissions_list) { @@ -1207,16 +1166,6 @@ char *show_proxy_args(struct http_request *http, struct client_state *csp) break; #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST - case 'i': - if (csp->ilist) - { - filename = csp->ilist->filename; - file_description = "Image List"; - } - break; -#endif /* def USE_IMAGE_LIST */ - #ifdef PCRS case 'r': if (csp->rlist) @@ -1311,12 +1260,12 @@ char *show_proxy_args(struct http_request *http, struct client_state *csp) } #endif /* def SPLIT_PROXY_ARGS */ - s = strsav(s, csp->config->proxy_args->header); - s = strsav(s, csp->config->proxy_args->invocation); + s = strsav(s, csp->config->proxy_args_header); + s = strsav(s, csp->config->proxy_args_invocation); #ifdef STATISTICS s = add_stats(s); #endif /* def STATISTICS */ - s = strsav(s, csp->config->proxy_args->gateways); + s = strsav(s, csp->config->proxy_args_gateways); #ifdef SPLIT_PROXY_ARGS s = strsav(s, @@ -1324,13 +1273,6 @@ char *show_proxy_args(struct http_request *http, struct client_state *csp) "

(Click a filename to view it)

\n" ""); #else /* ifndef SPLIT_PROXY_ARGS */ - if (csp->blist) - { - s = strsav(s, csp->blist->proxy_args); - } - if (csp->clist) { s = strsav(s, csp->clist->proxy_args); @@ -1406,13 +1334,6 @@ char *show_proxy_args(struct http_request *http, struct client_state *csp) } #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST - if (csp->ilist) - { - s = strsav(s, csp->ilist->proxy_args); - } -#endif /* def USE_IMAGE_LIST */ - #ifdef PCRS if (csp->rlist) { @@ -1429,33 +1350,250 @@ char *show_proxy_args(struct http_request *http, struct client_state *csp) #endif /* ndef SPLIT_PROXY_ARGS */ - s = strsav(s, csp->config->proxy_args->trailer); + s = strsav(s, csp->config->proxy_args_trailer); return(s); } +static const char C_URL_INFO_HEADER[] = + "HTTP/1.0 200 OK\n" + "Pragma: no-cache\n" + "Expires: Thu Jul 31, 1997 07:42:22 pm GMT\n" + "Content-Type: text/html\n\n" + "\n" + "\n" + "Internet Junkbuster: URL Info\n" + "\n" + BODY + "

" + BANNER + "

\n" + "

Information for: http://%s

\n"; +static const char C_URL_INFO_FOOTER[] = + "\n

\n" + "\n" + "\n"; + +static const char C_URL_INFO_FORM[] = + "HTTP/1.0 200 OK\n" + "Pragma: no-cache\n" + "Expires: Thu Jul 31, 1997 07:42:22 pm GMT\n" + "Content-Type: text/html\n\n" + "\n" + "\n" + "Internet Junkbuster: URL Info\n" + "\n" + BODY + "

" + BANNER + "

\n" + "
\n" + "

Please enter a URL, without the leading "http:":

" + "

" + "

\n" + "
\n" + "\n" + "\n"; + + +/********************************************************************* + * + * Function : permissions_to_text + * + * Description : Converts a permissionsfil entry from numeric form + * ("mask" and "add") to text. + * + * Parameters : + * 1 : mask = As from struct permissions_spec + * 2 : add = As from struct permissions_spec + * + * Returns : A string. Caller must free it. + * + *********************************************************************/ +char * permissions_to_text(unsigned mask, unsigned add) +{ + char * result = strdup(""); + + /* sanity - prevents "-feature +feature" */ + mask |= add; + +#define PERMISSION_TO_TEXT(__bit, __name) \ + if (!(mask & __bit)) \ + { \ + result = strsav(result, " -" __name); \ + } \ + else if (add & __bit) \ + { \ + result = strsav(result, " +" __name); \ + } + + PERMISSION_TO_TEXT(PERMIT_COOKIE_SET, "cookies-set"); + PERMISSION_TO_TEXT(PERMIT_COOKIE_READ, "cookies-read"); + PERMISSION_TO_TEXT(PERMIT_RE_FILTER, "filter"); + PERMISSION_TO_TEXT(PERMIT_POPUPS, "popup"); + PERMISSION_TO_TEXT(PERMIT_REFERER, "referer"); + PERMISSION_TO_TEXT(PERMIT_FAST_REDIRECTS, "fast-redirects"); + PERMISSION_TO_TEXT(PERMIT_BLOCK, "block"); + PERMISSION_TO_TEXT(PERMIT_IMAGE, "image"); + + return result; +} + + + /********************************************************************* + * + * Function : ijb_show_url_info + * + * Description : (please fill me in) + * + * Parameters : + * 1 : http = http_request request for crunched URL + * 2 : csp = Current client state (buffers, headers, etc...) + * + * Returns : ???FIXME + * + *********************************************************************/ +char *ijb_show_url_info(struct http_request *http, struct client_state *csp) +{ + char * query_string = strchr(http->path, '?'); + char * host = NULL; + + if (query_string != NULL) + { + query_string = url_decode(query_string + 1); + if (strncmpic(query_string, "url=", 4) == 0) + { + host = strdup(query_string + 4); + } + freez(query_string); + } + if (host != NULL) + { + char * result; + char * path; + char * s; + int port = 80; + struct file_list *fl; + struct permissions_spec *b; + struct url_spec url[1]; + int permissions = csp->config->default_permissions; + + result = (char *)malloc(sizeof(C_URL_INFO_HEADER) + 2 * strlen(host)); + sprintf(result, C_URL_INFO_HEADER, host, host); + + s = permissions_to_text(permissions, permissions); + result = strsav(result, "

Defaults:

\n

{"); + result = strsav(result, s); + result = strsav(result, " }

\n

Patterns affecting the URL:

\n

\n"); + freez(s); + + s = strchr(host, '/'); + if (s != NULL) + { + path = strdup(s); + *s = '\0'; + } + else + { + path = strdup(""); + } + s = strchr(host, ':'); + if (s != NULL) + { + *s++ = '\0'; + port = atoi(s); + } + + if (((fl = csp->permissions_list) == NULL) || ((b = fl->f) == NULL)) + { + freez(host); + freez(path); + result = strsav(result, C_URL_INFO_FOOTER); + return result; + } + + *url = dsplit(host); + + /* if splitting the domain fails, punt */ + if (url->dbuf == NULL) + { + freez(host); + freez(path); + result = strsav(result, C_URL_INFO_FOOTER); + return result; + } + + for (b = b->next; NULL != b; b = b->next) + { + if ((b->url->port == 0) || (b->url->port == port)) + { + if ((b->url->domain[0] == '\0') || (domaincmp(b->url, url) == 0)) + { + if ((b->url->path == NULL) || +#ifdef REGEX + (regexec(b->url->preg, path, 0, NULL, 0) == 0) +#else + (strncmp(b->url->path, path, b->url->pathlen) == 0) +#endif + ) + { + s = permissions_to_text(b->mask, b->add); + result = strsav(result, "{"); + result = strsav(result, s); + result = strsav(result, " }
\n"); + result = strsav(result, b->url->spec); + result = strsav(result, "
\n
\n"); + freez(s); + permissions &= b->mask; + permissions |= b->add; + } + } + } + } + + freez(url->dbuf); + freez(url->dvec); + + freez(host); + freez(path); + + s = permissions_to_text(permissions, permissions); + result = strsav(result, "

\n

Final Results:

\n

{"); + result = strsav(result, s); + result = strsav(result, " }
\n
\n"); + freez(s); + + result = strsav(result, C_URL_INFO_FOOTER); + return result; + } + else + { + return strdup(C_URL_INFO_FORM); + } +} + + /********************************************************************* * * Function : ijb_send_banner * - * Description : This "crunch"es "http:/any.thing/ijb-send-banner and - * thus triggers sending the image in jcc.c:chat. - * For the unlikely case, that the imagefile/MSIE - * mechanism is not used, or tinygif = 0, a page - * describing the reson of the interception is generated. + * Description : This "crunch"es "http://i.j.b/ijb-send-banner and + * sends the image. * * Parameters : * 1 : http = http_request request for crunched URL * 2 : csp = Current client state (buffers, headers, etc...) * - * Returns : A string that contains why this was intercepted. + * Returns : NULL, indicating that it has already sent the data. * *********************************************************************/ char *ijb_send_banner(struct http_request *http, struct client_state *csp) { - return(strdup(CNOBANNER)); + write_socket(csp->cfd, JBGIF, sizeof(JBGIF)-1); + + return(NULL); } #ifdef TRUST_FILES diff --git a/filters.h b/filters.h index eccc0c10..3de1dac4 100644 --- a/filters.h +++ b/filters.h @@ -1,6 +1,6 @@ #ifndef _FILTERS_H #define _FILTERS_H -#define FILTERS_H_VERSION "$Id: filters.h,v 1.4 2001/05/26 15:26:15 jongfoster Exp $" +#define FILTERS_H_VERSION "$Id: filters.h,v 1.5 2001/05/27 22:17:04 oes Exp $" /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/filters.h,v $ @@ -40,6 +40,19 @@ * * Revisions : * $Log: filters.h,v $ + * Revision 1.5 2001/05/27 22:17:04 oes + * + * - re_process_buffer no longer writes the modified buffer + * to the client, which was very ugly. It now returns the + * buffer, which it is then written by chat. + * + * - content_length now adjusts the Content-Length: header + * for modified documents rather than crunch()ing it. + * (Length info in csp->content_length, which is 0 for + * unmodified documents) + * + * - For this to work, sed() is called twice when filtering. + * * Revision 1.4 2001/05/26 15:26:15 jongfoster * ACL feature now provides more security by immediately dropping * connections from untrusted hosts. @@ -123,16 +136,12 @@ extern char *block_url(struct http_request *http, struct client_state *csp); #ifdef TRUST_FILES extern char *trust_url(struct http_request *http, struct client_state *csp); #endif /* def TRUST_FILES */ -extern char *intercept_url(struct http_request *http, struct client_state *csp); +extern int intercept_url(struct http_request *http, struct client_state *csp); extern char *redirect_url(struct http_request *http, struct client_state *csp); -#if defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) +#ifdef IMAGE_BLOCKING extern int block_imageurl(struct http_request *http, struct client_state *csp); -#endif /* defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) */ - -#ifdef USE_IMAGE_LIST -extern int block_imageurl_using_imagelist(struct http_request *http, struct client_state *csp); -#endif /* def USE_IMAGE_LIST */ +#endif /* def IMAGE_BLOCKING */ extern int url_permissions(struct http_request *http, struct client_state *csp); extern const struct gateway *forward_url(struct http_request *http, struct client_state *csp); @@ -147,6 +156,8 @@ extern char *ijb_send_banner(struct http_request *http, struct client_state *csp extern char *ij_untrusted_url(struct http_request *http, struct client_state *csp); #endif /* def TRUST_FILES */ +char *ijb_show_url_info(struct http_request *http, struct client_state *csp); + #ifdef STATISTICS extern char *add_stats(char *s); #endif /* def STATISTICS */ diff --git a/imagelist b/imagelist deleted file mode 100644 index e83fed0d..00000000 --- a/imagelist +++ /dev/null @@ -1,34 +0,0 @@ -# -# This is /etc/junkbuster/imagelist which was put here by a junkbuster rpm -# -# Last modified on Fri Oct 1 22:42:21 1999 (CEST) -# -# -------------------------------------------------------------------------- -# -# Newest version is always available from -# -# http://www.waldherr.org/imagelist -# -# Read http://www.waldherr.org/junkbuster/update.shtml on how to keep -# this file up-to-date. -# -# Comments: Stefan Waldherr -# -# Note that the regexp is split into domain and path, hence the `/' as the -# beginning of a path. -# - -# generic, most powerful regepxs, path contains `.gif', `.jpeg' or `.jpg' -/.*\.gif -/.*\.jpe?g - -adforce.imgis.com -ad.preferences.com/image.* -ads.web.aol.com -focalink.com -ad-adex3.flycast.com -ad.doubleclick.net -connect.247media.ads.link4ads.com -ln.doubleclick.net -mojofarm.mediaplex.com/ad/ -www.carbuyer.com/cgi-carbuyer/getimage.cgi diff --git a/jcc.c b/jcc.c index cb302751..0ee0e157 100644 --- a/jcc.c +++ b/jcc.c @@ -1,4 +1,4 @@ -const char jcc_rcs[] = "$Id: jcc.c,v 1.11 2001/05/26 17:27:53 jongfoster Exp $"; +const char jcc_rcs[] = "$Id: jcc.c,v 1.12 2001/05/27 22:17:04 oes Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/jcc.c,v $ @@ -33,6 +33,19 @@ const char jcc_rcs[] = "$Id: jcc.c,v 1.11 2001/05/26 17:27:53 jongfoster Exp $"; * * Revisions : * $Log: jcc.c,v $ + * Revision 1.12 2001/05/27 22:17:04 oes + * + * - re_process_buffer no longer writes the modified buffer + * to the client, which was very ugly. It now returns the + * buffer, which it is then written by chat. + * + * - content_length now adjusts the Content-Length: header + * for modified documents rather than crunch()ing it. + * (Length info in csp->content_length, which is 0 for + * unmodified documents) + * + * - For this to work, sed() is called twice when filtering. + * * Revision 1.11 2001/05/26 17:27:53 jongfoster * Added support for CLF and fixed LOG_LEVEL_LOG. * Also did CRLF->LF fix of my previous patch. @@ -239,21 +252,23 @@ static int32 server_thread(void *data); *********************************************************************/ static void chat(struct client_state *csp) { -/* This next line is a little ugly, but it simplifies the if statement below. */ -/* Basically if TOGGLE, then we want the if to test "csp->toggled_on", else we don't */ +/* + * This next lines are a little ugly, but they simplifies the if statements below. + * Basically if TOGGLE, then we want the if to test "csp->toggled_on", else we don't + * And if FORCE_LOAD, then we want the if to test "csp->toggled_on", else we don't + */ #ifdef TOGGLE -# define IS_TOGGLED_ON csp->toggled_on && +# define IS_TOGGLED_ON_AND (csp->toggled_on) && #else /* ifndef TOGGLE */ -# define IS_TOGGLED_ON +# define IS_TOGGLED_ON_AND #endif /* ndef TOGGLE */ +#ifdef FORCE_LOAD +# define IS_NOT_FORCED_AND (!csp->force) && +#else /* ifndef TOGGLE */ +# define IS_NOT_FORCED_AND +#endif /* def FORCE_LOAD */ -/* This next line is a little ugly, but it simplifies the if statement below. */ -/* Basically if TRUST_FILES, then we want the if to call "trust_url", else we don't */ -#ifdef TRUST_FILES -# define IS_TRUSTED_URL (p = trust_url(http, csp)) || -#else /* ifndef TRUST_FILES */ -# define IS_TRUSTED_URL -#endif /* ndef TRUST_FILES */ +#define IS_ENABLED_AND IS_TOGGLED_ON_AND IS_NOT_FORCED_AND char buf[BUFSIZ], *hdr, *p, *req; char *err = NULL; @@ -392,15 +407,13 @@ static void chat(struct client_state *csp) if (!csp->toggled_on) { /* Most compatible set of permissions */ - csp->permissions = PERMIT_COOKIE_SET | PERMIT_COOKIE_READ | PERMIT_POPUPS; + csp->permissions = PERMIT_MOST_COMPATIBLE; } else +#endif /* ndef TOGGLE */ { csp->permissions = url_permissions(http, csp); } -#else /* ifndef TOGGLE */ - csp->permissions = url_permissions(http, csp); -#endif /* ndef TOGGLE */ #ifdef KILLPOPUPS block_popups = ((csp->permissions & PERMIT_POPUPS) == 0); @@ -443,18 +456,52 @@ static void chat(struct client_state *csp) * we're toggled off or in force mode. */ - if (IS_TOGGLED_ON -#ifdef FORCE_LOAD - (!csp->force) && -#endif /* def FORCE_LOAD */ - ( (p = intercept_url(http, csp)) || - IS_TRUSTED_URL - (p = block_url(http, csp)) + if (intercept_url(http, csp)) + { + /* + * The interceptor will write out the data. + * We don't need to do anything else + */ + +#ifdef STATISTICS + csp->rejected = 1; +#endif /* def STATISTICS */ + + freez(hdr); + return; + } + #ifdef FAST_REDIRECTS - || (csp->config->fast_redirects && (p = redirect_url(http, csp))) + else if (IS_ENABLED_AND + ((csp->permissions & PERMIT_FAST_REDIRECTS) != 0) && + (p = redirect_url(http, csp))) + { + /* This must be blocked as HTML */ +#ifdef STATISTICS + csp->rejected = 1; +#endif /* def STATISTICS */ + + log_error(LOG_LEVEL_GPC, "%s%s crunch!", http->hostport, http->path); + + log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 200 3", + csp->ip_addr_str, http->cmd); + + /* Send HTML redirection result */ + write_socket(csp->cfd, p, strlen(p)); + + freez(p); + freez(hdr); + return; + } #endif /* def FAST_REDIRECTS */ - )) + + else if (IS_ENABLED_AND ( +#ifdef TRUST_FILES + (p = trust_url(http, csp)) || +#endif /* def TRUST_FILES */ + (p = block_url(http, csp)) )) { + /* Block as HTML or image */ #ifdef STATISTICS csp->rejected = 1; #endif /* def STATISTICS */ @@ -464,7 +511,7 @@ static void chat(struct client_state *csp) log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 200 1", csp->ip_addr_str, http->cmd); -#if defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) +#ifdef IMAGE_BLOCKING /* Block as image? */ if ( (csp->config->tinygif > 0) && block_imageurl(http, csp) ) { @@ -472,13 +519,13 @@ static void chat(struct client_state *csp) log_error(LOG_LEVEL_GPC, "%s%s image crunch!", http->hostport, http->path); - if ((csp->config->tinygif == 2) || strstr(http->path, "ijb-send-banner")) + if (csp->config->tinygif == 1) { - write_socket(csp->cfd, JBGIF, sizeof(JBGIF)-1); + write_socket(csp->cfd, BLANKGIF, sizeof(BLANKGIF)-1); } - else if (csp->config->tinygif == 1) + else if (csp->config->tinygif == 2) { - write_socket(csp->cfd, BLANKGIF, sizeof(BLANKGIF)-1); + write_socket(csp->cfd, JBGIF, sizeof(JBGIF)-1); } else if ((csp->config->tinygif == 3) && (csp->config->tinygifurl)) { @@ -490,11 +537,12 @@ static void chat(struct client_state *csp) } else { + /* Should never happen */ write_socket(csp->cfd, JBGIF, sizeof(JBGIF)-1); } } else -#endif /* defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) */ +#endif /* def IMAGE_BLOCKING */ /* Block as HTML */ { /* Send HTML "blocked" message, interception, or redirection result */ diff --git a/loadcfg.c b/loadcfg.c index 82bd9163..401cd8e9 100644 --- a/loadcfg.c +++ b/loadcfg.c @@ -1,4 +1,4 @@ -const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.5 2001/05/25 22:34:30 jongfoster Exp $"; +const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.6 2001/05/26 00:28:36 jongfoster Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/loadcfg.c,v $ @@ -35,6 +35,13 @@ const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.5 2001/05/25 22:34:30 jongfoster * * Revisions : * $Log: loadcfg.c,v $ + * Revision 1.6 2001/05/26 00:28:36 jongfoster + * Automatic reloading of config file. + * Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32). + * Most of the global variables have been moved to a new + * struct configuration_spec, accessed through csp->config->globalname + * Most of the globals remaining are used by the Win32 GUI. + * * Revision 1.5 2001/05/25 22:34:30 jongfoster * Hard tabs->Spaces * @@ -266,9 +273,9 @@ void unload_configfile (void * data) config->jar = NULL; } #endif /* def JAR_FILES */ -#if defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) +#ifdef IMAGE_BLOCKING freez((char *)config->tinygifurl); -#endif /* defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) */ +#endif /* def IMAGE_BLOCKING */ freez((char *)config->from); freez((char *)config->haddr); @@ -276,7 +283,6 @@ void unload_configfile (void * data) freez((char *)config->referrer); freez((char *)config->logfile); - freez((char *)config->blockfile); freez((char *)config->permissions_file); freez((char *)config->forwardfile); @@ -284,10 +290,6 @@ void unload_configfile (void * data) freez((char *)config->aclfile); #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST - freez((char *)config->imagefile); -#endif /* def USE_IMAGE_LIST */ - #ifdef JAR_FILES freez((char *)config->jarfile); #endif /* def JAR_FILES */ @@ -372,7 +374,7 @@ struct configuration_spec * load_config(void) */ config->multi_threaded = 1; - config->default_permissions = PERMIT_RE_FILTER; + config->default_permissions = PERMIT_RE_FILTER | PERMIT_FAST_REDIRECTS; config->hport = HADDR_PORT; if ((configfp = fopen(configfile, "r")) == NULL) @@ -444,7 +446,7 @@ struct configuration_spec * load_config(void) config->debug |= atoi(arg); continue; -#if defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) +#ifdef IMAGE_BLOCKING case hash_tinygif : freez((char *)config->tinygifurl); config->tinygif = atoi(arg); @@ -477,7 +479,7 @@ struct configuration_spec * load_config(void) log_error(LOG_LEVEL_ERROR, "tinygif setting invalid."); } continue; -#endif /* defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) */ +#endif /* def IMAGE_BLOCKING */ case hash_add_forwarded_header : config->add_forwarded = 1; @@ -509,18 +511,6 @@ struct configuration_spec * load_config(void) config->logfile = strdup(arg); continue; - case hash_blockfile : - freez((char *)config->blockfile); - config->blockfile = strdup(arg); - continue; - -#ifdef USE_IMAGE_LIST - case hash_imagefile : - freez((char *)config->imagefile); - config->imagefile = strdup(arg); - continue; -#endif /* def USE_IMAGE_LIST */ - #ifdef JAR_FILES case hash_jarfile : freez((char *)config->jarfile); @@ -571,13 +561,6 @@ struct configuration_spec * load_config(void) freez((char *)config->from); config->from = strdup(arg); continue; - -#ifdef FAST_REDIRECTS - case hash_fast_redirects : - config->fast_redirects = 1; - continue; -#endif /* def FAST_REDIRECTS */ - #ifdef _WIN_CONSOLE case hash_hide_console : hideConsole = 1; @@ -646,9 +629,9 @@ struct configuration_spec * load_config(void) /* Warnings about unsupported features */ -#ifndef USE_IMAGE_LIST + case hash_blockfile : case hash_imagefile : -#endif /* ndef USE_IMAGE_LIST */ + case hash_fast_redirects : #ifndef PCRS case hash_re_filterfile : #endif /* ndef PCRS */ @@ -669,18 +652,15 @@ struct configuration_spec * load_config(void) #ifndef _WIN_CONSOLE case hash_hide_console : #endif /* ndef _WIN_CONSOLE */ -#if !defined(DETECT_MSIE_IMAGES) && !defined(USE_IMAGE_LIST) +#ifndef IMAGE_BLOCKING case hash_tinygif : -#endif /* !defined(DETECT_MSIE_IMAGES) && !defined(USE_IMAGE_LIST) */ +#endif /* def IMAGE_BLOCKING */ #ifndef JAR_FILES case hash_jarfile : #endif /* ndef JAR_FILES */ #ifndef ACL_FILES case hash_aclfile : #endif /* ndef ACL_FILES */ -#ifndef FAST_REDIRECTS - case hash_fast_redirects : -#endif /* ndef FAST_REDIRECTS */ #ifdef SPLIT_PROXY_ARGS case hash_suppress_blocklists : #endif /* def SPLIT_PROXY_ARGS */ @@ -699,7 +679,7 @@ struct configuration_spec * load_config(void) if (p != NULL) { sprintf( p, "
\nWARNING: unrecognized directive : %s

\n", buf ); - config->proxy_args->invocation = strsav( config->proxy_args->invocation, p ); + config->proxy_args_invocation = strsav( config->proxy_args_invocation, p ); freez( p ); } continue; @@ -715,18 +695,6 @@ struct configuration_spec * load_config(void) add_loader(load_permissions_file, config); } - if (config->blockfile) - { - add_loader(load_blockfile, config); - } - -#ifdef USE_IMAGE_LIST - if (config->imagefile) - { - add_loader(load_imagefile, config); - } -#endif /* def USE_IMAGE_LIST */ - if (config->forwardfile) { add_loader(load_forwardfile, config); @@ -745,13 +713,13 @@ struct configuration_spec * load_config(void) add_loader(load_re_filterfile, config); } #endif /* def PCRS */ - -#ifdef TRUST_FILES - if (config->trustfile) - { - add_loader(load_trustfile, config); - } -#endif + +#ifdef TRUST_FILES + if (config->trustfile) + { + add_loader(load_trustfile, config); + } +#endif #ifdef JAR_FILES if ( NULL != config->jarfile ) @@ -835,21 +803,17 @@ struct configuration_spec * load_config(void) /* FIXME: this is a kludge for win32 */ #if defined(_WIN32) && !defined (_WIN_CONSOLE) - g_blockfile = config->blockfile; g_permissions_file = config->permissions_file; g_forwardfile = config->forwardfile; #ifdef ACL_FILES g_aclfile = config->aclfile; #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST - g_imagefile = config->imagefile; -#endif /* def USE_IMAGE_LIST */ -#ifdef PCRS - g_re_filterfile = config->re_filterfile; -#endif -#ifdef TRUST_FILES - g_trustfile = config->trustfile; -#endif +#ifdef PCRS + g_re_filterfile = config->re_filterfile; +#endif +#ifdef TRUST_FILES + g_trustfile = config->trustfile; +#endif #endif /* defined(_WIN32) && !defined (_WIN_CONSOLE) */ diff --git a/loaders.c b/loaders.c index c0b6a242..75d37db4 100644 --- a/loaders.c +++ b/loaders.c @@ -1,4 +1,4 @@ -const char loaders_rcs[] = "$Id: loaders.c,v 1.8 2001/05/26 00:55:20 jongfoster Exp $"; +const char loaders_rcs[] = "$Id: loaders.c,v 1.9 2001/05/26 17:12:07 jongfoster Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/loaders.c,v $ @@ -35,6 +35,9 @@ const char loaders_rcs[] = "$Id: loaders.c,v 1.8 2001/05/26 00:55:20 jongfoster * * Revisions : * $Log: loaders.c,v $ + * Revision 1.9 2001/05/26 17:12:07 jongfoster + * Fatal errors loading configuration files now give better error messages. + * * Revision 1.8 2001/05/26 00:55:20 jongfoster * Removing duplicated code. load_forwardfile() now uses create_url_spec() * @@ -129,7 +132,6 @@ const char loaders_h_rcs[] = LOADERS_H_VERSION; * Currently active files. * These are also entered in the main linked list of files. */ -static struct file_list *current_blockfile = NULL; static struct file_list *current_permissions_file = NULL; static struct file_list *current_forwardfile = NULL; @@ -137,10 +139,6 @@ static struct file_list *current_forwardfile = NULL; static struct file_list *current_aclfile = NULL; #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST -static struct file_list *current_imagefile = NULL; -#endif /* def USE_IMAGE_LIST */ - #ifdef TRUST_FILES static struct file_list *current_trustfile = NULL; #endif /* def TRUST_FILES */ @@ -201,11 +199,6 @@ void sweep(void) */ ncsp->config->config_file_list->active = 1; - if (ncsp->blist) /* block files */ - { - ncsp->blist->active = 1; - } - if (ncsp->permissions_list) /* permissions files */ { ncsp->permissions_list->active = 1; @@ -223,13 +216,6 @@ void sweep(void) } #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST - if (ncsp->ilist) /* image files */ - { - ncsp->ilist->active = 1; - } -#endif /* def USE_IMAGE_LIST */ - #ifdef PCRS if (ncsp->rlist) /* perl re files */ { @@ -251,9 +237,10 @@ void sweep(void) csp->next = ncsp->next; freez(ncsp->ip_addr_str); +#ifdef TRUST_FILES freez(ncsp->referrer); +#endif /* def TRUST_FILES */ freez(ncsp->x_forwarded); - freez(ncsp->ip_addr_str); freez(ncsp->iob->buf); free_http_request(ncsp->http); @@ -471,59 +458,6 @@ static void unload_aclfile(void *f) } #endif /* def ACL_FILES */ -/********************************************************************* - * - * Function : unload_blockfile - * - * Description : Unloads a blockfile. - * - * Parameters : - * 1 : f = the data structure associated with the blockfile. - * - * Returns : N/A - * - *********************************************************************/ -static void unload_blockfile(void *f) -{ - struct block_spec *b = (struct block_spec *)f; - if (b == NULL) return; - - unload_blockfile(b->next); - - unload_url(b->url); - - freez(b); - -} - - -#ifdef USE_IMAGE_LIST -/********************************************************************* - * - * Function : unload_imagefile - * - * Description : Unloads an imagefile. - * - * Parameters : - * 1 : f = the data structure associated with the imagefile. - * - * Returns : N/A - * - *********************************************************************/ -static void unload_imagefile(void *f) -{ - struct block_spec *b = (struct block_spec *)f; - if (b == NULL) return; - - unload_imagefile(b->next); - - unload_url(b->url); - - freez(b); - -} -#endif /* def USE_IMAGE_LIST */ - /********************************************************************* * @@ -999,133 +933,53 @@ load_aclfile_error: #endif /* def ACL_FILES */ -/********************************************************************* - * - * Function : load_blockfile - * - * Description : Read and parse a blockfile and add to files list. - * - * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * - * Returns : 0 => Ok, everything else is an error. - * - *********************************************************************/ -int load_blockfile(struct client_state *csp) +struct permission_alias { - FILE *fp; + const char * name; + unsigned mask; /* a bit set to "0" = remove permission */ + unsigned add; /* a bit set to "1" = add permission */ + struct permission_alias * next; +}; - struct block_spec *b, *bl; - char buf[BUFSIZ], *p, *q; - int reject; - struct file_list *fs; - if (!check_file_changed(current_blockfile, csp->config->blockfile, &fs)) - { - /* No need to load */ - if (csp) - { - csp->blist = current_blockfile; - } - return(0); - } - if (!fs) - { - goto load_blockfile_error; - } - - fs->f = bl = (struct block_spec *) zalloc(sizeof(*bl)); - if (bl == NULL) - { - goto load_blockfile_error; - } - - if ((fp = fopen(csp->config->blockfile, "r")) == NULL) - { - goto load_blockfile_error; - } - - while (read_config_line(buf, sizeof(buf), fp, fs) != NULL) - { - reject = 1; - - if (*buf == '~') - { - reject = 0; - p = buf; - q = p+1; - while ((*p++ = *q++)) - { - /* nop */ - } - } - - /* skip lines containing only ~ */ - if (*buf == '\0') - { - continue; - } - - /* allocate a new node */ - if ((b = zalloc(sizeof(*b))) == NULL) - { - fclose(fp); - goto load_blockfile_error; - } - - /* add it to the list */ - b->next = bl->next; - bl->next = b; - - b->reject = reject; - - /* Save the URL pattern */ - if (create_url_spec(b->url, buf)) - { - fclose(fp); - goto load_blockfile_error; - } - } - - fclose(fp); - -#ifndef SPLIT_PROXY_ARGS - if (!suppress_blocklists) - { - fs->proxy_args = strsav(fs->proxy_args, ""); - } -#endif /* ndef SPLIT_PROXY_ARGS */ - - /* the old one is now obsolete */ - if (current_blockfile) - { - current_blockfile->unloader = unload_blockfile; - } - - fs->next = files->next; - files->next = fs; - current_blockfile = fs; - - if (csp) - { - csp->blist = fs; - } - - return(0); - -load_blockfile_error: - log_error(LOG_LEVEL_FATAL, "can't load blockfile '%s': %E", csp->config->blockfile); - return(-1); - -} +/* + * Note: this is special-cased in the code so we don't need to + * fill in the ->next fields. + */ +static const struct permission_alias standard_aliases[] = +{ + { "+block", PERMIT_MASK_ALL, PERMIT_BLOCK }, +/* { "+cookies", PERMIT_MASK_ALL, PERMIT_COOKIE_SET | PERMIT_COOKIE_READ }, */ + { "+cookies-read", PERMIT_MASK_ALL, PERMIT_COOKIE_READ }, + { "+cookies-set", PERMIT_MASK_ALL, PERMIT_COOKIE_SET }, + { "+fast-redirects", PERMIT_MASK_ALL, PERMIT_FAST_REDIRECTS }, + { "+filter", PERMIT_MASK_ALL, PERMIT_RE_FILTER }, + { "+image", PERMIT_MASK_ALL, PERMIT_IMAGE }, + { "+popup", PERMIT_MASK_ALL, PERMIT_POPUPS }, + { "+popups", PERMIT_MASK_ALL, PERMIT_POPUPS }, + { "+referer", PERMIT_MASK_ALL, PERMIT_REFERER }, + { "+referrer", PERMIT_MASK_ALL, PERMIT_REFERER }, + { "-block", ~PERMIT_BLOCK, 0 }, +/* { "-cookies", ~(PERMIT_COOKIE_SET | PERMIT_COOKIE_READ), 0 }, */ + { "-cookies-read", ~PERMIT_COOKIE_READ, 0 }, + { "-cookies-set", ~PERMIT_COOKIE_SET, 0 }, + { "-fast-redirects", ~PERMIT_FAST_REDIRECTS, 0 }, + { "-filter", ~PERMIT_RE_FILTER, 0 }, + { "-image", ~PERMIT_IMAGE, 0 }, + { "-popup", ~PERMIT_POPUPS, 0 }, + { "-popups", ~PERMIT_POPUPS, 0 }, + { "-referer", ~PERMIT_REFERER, 0 }, + { "-referrer", ~PERMIT_REFERER, 0 }, + { NULL, 0, 0 } /* End marker */ +}; -#ifdef USE_IMAGE_LIST /********************************************************************* * - * Function : load_imagefile + * Function : load_permissions_file * - * Description : Read and parse an imagefile and add to files list. + * Description : Read and parse a permissions file and add to files + * list. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) @@ -1133,281 +987,394 @@ load_blockfile_error: * Returns : 0 => Ok, everything else is an error. * *********************************************************************/ -int load_imagefile(struct client_state *csp) +int load_permissions_file(struct client_state *csp) { FILE *fp; - struct block_spec *b, *bl; - char buf[BUFSIZ], *p, *q; - int reject; + struct permissions_spec *last_perm; + struct permissions_spec *perm; + char buf[BUFSIZ]; struct file_list *fs; +#define MODE_START_OF_FILE 1 +#define MODE_PERMISSIONS 2 +#define MODE_ALIAS 3 + int mode = MODE_START_OF_FILE; + unsigned curmask = PERMIT_MASK_ALL; + unsigned curadd = 0; + struct permission_alias * alias_list = NULL; - if (!check_file_changed(current_imagefile, csp->config->imagefile, &fs)) + if (!check_file_changed(current_permissions_file, csp->config->permissions_file, &fs)) { /* No need to load */ if (csp) { - csp->ilist = current_imagefile; + csp->permissions_list = current_permissions_file; } - return(0); + return 0; } if (!fs) { - goto load_imagefile_error; + log_error(LOG_LEVEL_FATAL, "can't load permissions file '%s': error finding file: %E", + csp->config->permissions_file); + return 1; /* never get here */ } - fs->f = bl = (struct block_spec *)zalloc(sizeof(*bl)); - if (bl == NULL) + fs->f = last_perm = (struct permissions_spec *)zalloc(sizeof(*last_perm)); + if (last_perm == NULL) { - goto load_imagefile_error; + log_error(LOG_LEVEL_FATAL, "can't load permissions file '%s': out of memory!", + csp->config->permissions_file); + return 1; /* never get here */ } - if ((fp = fopen(csp->config->imagefile, "r")) == NULL) + if ((fp = fopen(csp->config->permissions_file, "r")) == NULL) { - goto load_imagefile_error; + log_error(LOG_LEVEL_FATAL, "can't load permissions file '%s': error opening file: %E", + csp->config->permissions_file); + return 1; /* never get here */ } while (read_config_line(buf, sizeof(buf), fp, fs) != NULL) { - reject = 1; - - if (*buf == '~') + if (*buf == '{') { - reject = 0; - p = buf; - q = p+1; - while ((*p++ = *q++)) + /* It's a header block */ + if (buf[1] == '{') { - /* nop */ - } - } + /* It's {{settings}} or {{alias}} */ + int len = strlen(buf); + char * start = buf + 2; + char * end = buf + len - 1; + if ((len < 5) || (*end-- != '}') || (*end-- != '}')) + { + /* too short */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid line: %s", + csp->config->permissions_file, buf); + return 1; /* never get here */ + } - /* skip lines containing only ~ */ - if (*buf == '\0') - { - continue; - } + /* Trim leading and trailing whitespace. */ + while ((*end == ' ') || (*end == '\t')) + { + /* + * don't need to worry about going off front of string + * because we know there's a '{' there. + */ + end--; + } + end[1] = '\0'; + while ((*start == ' ') || (*start == '\t')) + { + start++; + } - /* allocate a new node */ - if ((b = zalloc(sizeof(*b))) == NULL) - { - fclose(fp); - goto load_imagefile_error; - } + if (*start == '\0') + { + /* too short */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid line: {{ }}", + csp->config->permissions_file); + return 1; /* never get here */ + } - /* add it to the list */ - b->next = bl->next; - bl->next = b; + if (0 == strcmpic(start, "alias")) + { + /* it's an {{alias}} block */ - b->reject = reject; + mode = MODE_ALIAS; + } + else + { + /* invalid {{something}} block */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid line: {{%s}}", + csp->config->permissions_file, start); + return 1; /* never get here */ + } + } + else + { + /* It's a permissions block */ - /* Save the URL pattern */ - if (create_url_spec(b->url, buf)) - { - fclose(fp); - goto load_imagefile_error; - } - } + int more = 1; - fclose(fp); + int len = strlen(buf); + char * start = buf + 1; + char * end = buf + len - 1; -#ifndef SPLIT_PROXY_ARGS - if (!suppress_blocklists) - { - fs->proxy_args = strsav(fs->proxy_args, ""); - } -#endif /* ndef SPLIT_PROXY_ARGS */ + if ((len < 3) || (*end-- != '}')) + { + /* too short */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid line: %s", + csp->config->permissions_file, buf); + return 1; /* never get here */ + } - /* the old one is now obsolete */ - if (current_imagefile) - { - current_imagefile->unloader = unload_imagefile; - } + /* Trim leading and trailing whitespace. */ + while ((*end == ' ') || (*end == '\t')) + { + /* + * don't need to worry about going off front of string + * because we know there's a '{' there. + */ + end--; + } + end[1] = '\0'; + while ((*start == ' ') || (*start == '\t')) + { + start++; + } - fs->next = files->next; - files->next = fs; - current_imagefile = fs; + if (*start == '\0') + { + /* too short */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid line: { }", + csp->config->permissions_file); + return 1; /* never get here */ + } - if (csp) - { - csp->ilist = fs; - } + mode = MODE_PERMISSIONS; + + curmask = PERMIT_MASK_ALL; + curadd = 0; - return(0); + while (more) + { + const struct permission_alias * alias = standard_aliases; + char * option = start; + while ((*start != '\0') && (*start != ' ') && (*start != '\t')) + { + start++; + } + + more = (*start != 0); + if (more) + { + *start++ = '\0'; + + /* Eat all the whitespace between the options */ + while ((*start == ' ') || (*start == '\t')) + { + start++; + } + } + + /* handle option in 'option' */ + + /* Check for standard permission name */ + while ( (alias->name != NULL) && (0 != strcmpic(alias->name, option)) ) + { + alias++; + } + if (alias->name == NULL) + { + /* try user aliases. */ + alias = alias_list; + while ( (alias != NULL) && (0 != strcmpic(alias->name, option)) ) + { + alias = alias->next; + } + } + if (alias == NULL) + { + /* Bad permission name */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid permission name: %s", + csp->config->permissions_file, option); + return 1; /* never get here */ + } + curmask &= alias->mask; + curadd &= alias->mask; + curadd |= alias->add; + } + } + } + else if (mode == MODE_ALIAS) + { + /* define an alias */ + struct permission_alias * new_alias; + int more = 1; -load_imagefile_error: - log_error(LOG_LEVEL_FATAL, "can't load imagefile '%s': %E", csp->config->imagefile); - return(-1); + char * start = strchr(buf, '='); + char * end = start; -} -#endif /* def USE_IMAGE_LIST */ + if ((start == NULL) || (start == buf)) + { + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid alias line: %s", + csp->config->permissions_file, buf); + return 1; /* never get here */ + } + if ((new_alias = zalloc(sizeof(*new_alias))) == NULL) + { + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': out of memory!", + csp->config->permissions_file); + return 1; /* never get here */ + } -/********************************************************************* - * - * Function : load_permissions_file - * - * Description : Read and parse a permissions file and add to files - * list. - * - * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * - * Returns : 0 => Ok, everything else is an error. - * - *********************************************************************/ -int load_permissions_file(struct client_state *csp) -{ - FILE *fp; + /* Eat any the whitespace after the '=' */ + start++; + while ((*start == ' ') || (*start == '\t')) + { + start++; + } + if (*start == '\0') + { + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid alias line: %s", + csp->config->permissions_file, buf); + return 1; /* never get here */ + } - struct permissions_spec *b, *bl; - char buf[BUFSIZ], *p, *q; - int permissions; - struct file_list *fs; - int i; + /* Eat any the whitespace before the '=' */ + end--; + while ((*end == ' ') || (*end == '\t')) + { + /* + * we already know we must have at least 1 non-ws char + * at start of buf - no need to check + */ + end--; + } + end[1] = '\0'; - if (!check_file_changed(current_permissions_file, csp->config->permissions_file, &fs)) - { - /* No need to load */ - if (csp) - { - csp->permissions_list = current_permissions_file; - } - return(0); - } - if (!fs) - { - goto load_permissions_error; - } + new_alias->name = strdup(buf); - fs->f = bl = (struct permissions_spec *)zalloc(sizeof(*bl)); - if (bl == NULL) - { - goto load_permissions_error; - } + curmask = PERMIT_MASK_ALL; + curadd = 0; - if ((fp = fopen(csp->config->permissions_file, "r")) == NULL) - { - goto load_permissions_error; - } + while (more) + { + const struct permission_alias * alias = standard_aliases; + char * option = start; + while ((*start != '\0') && (*start != ' ') && (*start != '\t')) + { + start++; + } + more = (*start != 0); + if (more) + { + *start++ = '\0'; - /* - * default_permissions is set in this file. - * - * Reset it to default first. - */ - csp->config->default_permissions = PERMIT_RE_FILTER; + /* Eat all the whitespace between the options */ + while ((*start == ' ') || (*start == '\t')) + { + start++; + } + } - while (read_config_line(buf, sizeof(buf), fp, fs) != NULL) - { - p = buf; + /* handle option in 'option' */ - permissions = PERMIT_COOKIE_SET | PERMIT_COOKIE_READ | PERMIT_POPUPS; + /* Check for standard permission name */ + while ( (alias->name != NULL) && (0 != strcmpic(alias->name, option)) ) + { + alias++; + } + if (alias->name == NULL) + { + /* try user aliases. */ + alias = alias_list; + while ( (alias != NULL) && (0 != strcmpic(alias->name, option)) ) + { + alias = alias->next; + } + } + if (alias == NULL) + { + /* Bad permission name */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': invalid permission name: %s", + csp->config->permissions_file, option); + return 1; /* never get here */ + } + curmask &= alias->mask; + curadd &= alias->mask; + curadd |= alias->add; + } - /* - * FIXME: for() loop is a kludge. Want to loop around until we - * find a non-control character. Assume there will be at most 4 - * characters. - */ - for (i = 0; i < 4; i++) + /* save alias permissions */ + new_alias->mask = curmask; + new_alias->add = curadd; + + /* add to list */ + new_alias->next = alias_list; + alias_list = new_alias; + } + else if (mode == MODE_PERMISSIONS) { - switch ((int)*p) - { - case '>': - /* - * Allow cookies to be read by the server, but do - * not allow them to be set. - */ - permissions = (permissions & ~PERMIT_COOKIE_SET); - p++; - break; - - case '<': - /* - * Allow server to set cookies but do not let the - * server read them. - */ - permissions = (permissions & ~PERMIT_COOKIE_READ); - p++; - break; + /* it's a URL pattern */ - case '^': - /* - * Block popups - */ - permissions = (permissions & ~PERMIT_POPUPS); - p++; - break; - - case '%': - /* - * Permit filtering using PCRS - */ - permissions = (permissions | PERMIT_RE_FILTER); - p++; - break; - - case '~': - /* - * All of the above (maximum filtering). - */ - permissions = PERMIT_RE_FILTER; - p++; - break; - - default: - /* - * FIXME: Should break out of the loop here. - */ - break; + /* allocate a new node */ + if ((perm = zalloc(sizeof(*perm))) == NULL) + { + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': out of memory!", + csp->config->permissions_file); + return 1; /* never get here */ } - } - /* - * Elide any of the "special" chars from the - * front of the pattern - */ - q = buf; - if (p > q) - { - while ((*q++ = *p++) != '\0') + /* Save flags */ + perm->mask = curmask; + perm->add = curadd; + + /* Save the URL pattern */ + if (create_url_spec(perm->url, buf)) { - /* nop */ + fclose(fp); + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': cannot create URL permission from: %s", + csp->config->permissions_file, buf); + return 1; /* never get here */ } - } - /* a lines containing only "special" chars sets default */ - if (*buf == '\0') - { - csp->config->default_permissions = permissions; - continue; + /* add it to the list */ + last_perm->next = perm; + last_perm = perm; } - - /* allocate a new node */ - if (((b = zalloc(sizeof(*b))) == NULL) - ) + else if (mode == MODE_START_OF_FILE) { + /* oops - please have a {} line as 1st line in file. */ fclose(fp); - goto load_permissions_error; + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': first line is invalid: %s", + csp->config->permissions_file, buf); + return 1; /* never get here */ } - - /* add it to the list */ - b->next = bl->next; - bl->next = b; - - /* Save flags */ - b->permissions = permissions; - - /* Save the URL pattern */ - if (create_url_spec(b->url, buf)) + else { + /* How did we get here? This is impossible! */ fclose(fp); - goto load_permissions_error; + log_error(LOG_LEVEL_FATAL, + "can't load permissions file '%s': INTERNAL ERROR - mode = %d", + csp->config->permissions_file, mode); + return 1; /* never get here */ } } fclose(fp); + + while (alias_list != NULL) + { + struct permission_alias * next = alias_list->next; + freez((char *)alias_list->name); + free(alias_list); + alias_list = next; + } #ifndef SPLIT_PROXY_ARGS if (!suppress_blocklists) @@ -1433,11 +1400,6 @@ int load_permissions_file(struct client_state *csp) return(0); -load_permissions_error: - log_error(LOG_LEVEL_FATAL, "can't load permissions file '%s': %E", - csp->config->permissions_file); - return(-1); - } @@ -1603,9 +1565,10 @@ int load_forwardfile(struct client_state *csp) FILE *fp; struct forward_spec *b, *bl; - char buf[BUFSIZ], *p, *q, *tmp; - char *vec[4]; - int n, reject; + char buf[BUFSIZ]; + char *p, *tmp; + char *vec[4]; + int n; struct file_list *fs; const struct gateway *gw; @@ -1653,19 +1616,6 @@ int load_forwardfile(struct client_state *csp) strcpy(buf, vec[0]); - reject = 1; - - if (*buf == '~') - { - reject = 0; - p = buf; - q = p+1; - while ((*p++ = *q++)) - { - /* nop */ - } - } - /* skip lines containing only ~ */ if (*buf == '\0') { @@ -1684,14 +1634,12 @@ int load_forwardfile(struct client_state *csp) b->next = bl->next; bl->next = b; - b->reject = reject; - - /* Save the URL pattern */ - if (create_url_spec(b->url, buf)) - { - fclose(fp); - goto load_forwardfile_error; - } + /* Save the URL pattern */ + if (create_url_spec(b->url, buf)) + { + fclose(fp); + goto load_forwardfile_error; + } /* now parse the gateway specs */ diff --git a/loaders.h b/loaders.h index 3947dd90..7030ac33 100644 --- a/loaders.h +++ b/loaders.h @@ -1,6 +1,6 @@ #ifndef _LOADERS_H #define _LOADERS_H -#define LOADERS_H_VERSION "$Id: loaders.h,v 1.2 2001/05/20 01:21:20 jongfoster Exp $" +#define LOADERS_H_VERSION "$Id: loaders.h,v 1.3 2001/05/26 00:28:36 jongfoster Exp $" /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/loaders.h,v $ @@ -37,6 +37,13 @@ * * Revisions : * $Log: loaders.h,v $ + * Revision 1.3 2001/05/26 00:28:36 jongfoster + * Automatic reloading of config file. + * Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32). + * Most of the global variables have been moved to a new + * struct configuration_spec, accessed through csp->config->globalname + * Most of the globals remaining are used by the Win32 GUI. + * * Revision 1.2 2001/05/20 01:21:20 jongfoster * Version 2.9.4 checkin. * - Merged popupfile and cookiefile, and added control over PCRS @@ -69,7 +76,6 @@ extern int check_file_changed(const struct file_list * current, const char * filename, struct file_list ** newfl); -extern int load_blockfile(struct client_state *csp); extern int load_permissions_file(struct client_state *csp); extern int load_forwardfile(struct client_state *csp); @@ -77,10 +83,6 @@ extern int load_forwardfile(struct client_state *csp); extern int load_aclfile(struct client_state *csp); #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST -extern int load_imagefile(struct client_state *csp); -#endif /* def USE_IMAGE_LIST */ - #ifdef TRUST_FILES extern int load_trustfile(struct client_state *csp); #endif /* def TRUST_FILES */ diff --git a/miscutil.c b/miscutil.c index 1257a99d..63a87eac 100644 --- a/miscutil.c +++ b/miscutil.c @@ -1,7 +1,7 @@ -const char miscutil_rcs[] = "$Id: miscutil.c,v 1.1 2001/05/13 21:57:06 administrator Exp $"; +const char miscutil_rcs[] = "$Id: miscutil.c,v 1.1.1.1 2001/05/15 13:59:00 oes Exp $"; /********************************************************************* * - * File : $Source: /home/administrator/cvs/ijb/miscutil.c,v $ + * File : $Source: /cvsroot/ijbswa/current/miscutil.c,v $ * * Purpose : zalloc, hash_string, safe_strerror, strcmpic, * strncmpic, and MinGW32 strdup functions. These are @@ -35,6 +35,9 @@ const char miscutil_rcs[] = "$Id: miscutil.c,v 1.1 2001/05/13 21:57:06 administr * * Revisions : * $Log: miscutil.c,v $ + * Revision 1.1.1.1 2001/05/15 13:59:00 oes + * Initial import of version 2.9.3 source tree + * * *********************************************************************/ @@ -196,7 +199,7 @@ char *safe_strerror(int err) * Returns : 0 if s1==s2, Negative if s1s2 * *********************************************************************/ -int strcmpic(char *s1, char *s2) +int strcmpic(const char *s1, const char *s2) { while (*s1 && *s2) { @@ -225,7 +228,7 @@ int strcmpic(char *s1, char *s2) * Returns : 0 if s1==s2, Negative if s1s2 * *********************************************************************/ -int strncmpic(char *s1, char *s2, size_t n) +int strncmpic(const char *s1, const char *s2, size_t n) { if (n <= 0) return(0); diff --git a/miscutil.h b/miscutil.h index 0a6b95e1..6b04adce 100644 --- a/miscutil.h +++ b/miscutil.h @@ -1,9 +1,9 @@ #ifndef _MISCUTIL_H #define _MISCUTIL_H -#define MISCUTIL_H_VERSION "$Id: miscutil.h,v 1.1 2001/05/13 21:57:06 administrator Exp $" +#define MISCUTIL_H_VERSION "$Id: miscutil.h,v 1.1.1.1 2001/05/15 13:59:00 oes Exp $" /********************************************************************* * - * File : $Source: /home/administrator/cvs/ijb/miscutil.h,v $ + * File : $Source: /cvsroot/ijbswa/current/miscutil.h,v $ * * Purpose : zalloc, hash_string, safe_strerror, strcmpic, * strncmpic, and MinGW32 strdup functions. These are @@ -37,6 +37,9 @@ * * Revisions : * $Log: miscutil.h,v $ + * Revision 1.1.1.1 2001/05/15 13:59:00 oes + * Initial import of version 2.9.3 source tree + * * *********************************************************************/ @@ -51,8 +54,8 @@ extern unsigned long hash_string(const char* s); extern char *safe_strerror(int err); -extern int strcmpic(char *s1, char *s2); -extern int strncmpic(char *s1, char *s2, size_t n); +extern int strcmpic(const char *s1, const char *s2); +extern int strncmpic(const char *s1, const char *s2, size_t n); #ifdef __MINGW32__ extern char *strdup(const char *s); diff --git a/parsers.c b/parsers.c index 3b5d233b..9f85bd5a 100644 --- a/parsers.c +++ b/parsers.c @@ -1,4 +1,4 @@ -const char parsers_rcs[] = "$Id: parsers.c,v 1.8 2001/05/27 22:17:04 oes Exp $"; +const char parsers_rcs[] = "$Id: parsers.c,v 1.9 2001/05/28 17:26:33 jongfoster Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/parsers.c,v $ @@ -41,6 +41,11 @@ const char parsers_rcs[] = "$Id: parsers.c,v 1.8 2001/05/27 22:17:04 oes Exp $"; * * Revisions : * $Log: parsers.c,v $ + * Revision 1.9 2001/05/28 17:26:33 jongfoster + * Fixing segfault if last header was crunched. + * Fixing Windows build (snprintf() is _snprintf() under Win32, but we + * can use the cross-platform sprintf() instead.) + * * Revision 1.8 2001/05/27 22:17:04 oes * * - re_process_buffer no longer writes the modified buffer @@ -202,6 +207,7 @@ const struct interceptors intercept_patterns[] = { #ifdef TRUST_FILES { "ij-untrusted-url", 15, ij_untrusted_url }, #endif /* def TRUST_FILES */ + { "show-url-info", 13, ijb_show_url_info }, { NULL, 0, NULL } }; @@ -859,54 +865,55 @@ char *client_referrer(const struct parsers *v, char *s, struct client_state *csp strclean(s, FORCE_PREFIX); #endif /* def FORCE_LOAD */ +#ifdef TRUST_FILES csp->referrer = strdup(s); +#endif /* def TRUST_FILES */ + + /* + * Check permissionsfile. If we have allowed this site to get the + * referer, then send it and we're done. + */ + if (csp->permissions & PERMIT_REFERER) + { + return(strdup(s)); + } - if (csp->config->referrer == NULL) + /* + * Check configfile. Are we blocking referer? + */ + if ( (csp->config->referrer == NULL) + || (*csp->config->referrer == '@') ) { log_error(LOG_LEVEL_HEADER, "crunch!"); return(NULL); } + /* + * Check configfile. Are we always sending referer? + */ if (*csp->config->referrer == '.') { return(strdup(s)); } - if (*csp->config->referrer == '@') - { - if (csp->permissions & PERMIT_COOKIE_READ) - { - return(strdup(s)); - } - else - { - log_error(LOG_LEVEL_HEADER, "crunch!"); - return(NULL); - } - } - /* * New option § or L: Forge a referer as http://[hostname:port of REQUEST]/ * to fool stupid checks for in-site links */ - if (*csp->config->referrer == '§' || *csp->config->referrer == 'L') { - if (csp->permissions & PERMIT_COOKIE_READ) - { - return(strdup(s)); - } - else - { - log_error(LOG_LEVEL_HEADER, "crunch+forge!"); - s = strsav(NULL, "Referer: "); - s = strsav(s, "http://"); - s = strsav(s, csp->http->hostport); - s = strsav(s, "/"); - return(s); - } + log_error(LOG_LEVEL_HEADER, "crunch+forge!"); + s = strsav(NULL, "Referer: "); + s = strsav(s, "http://"); + s = strsav(s, csp->http->hostport); + s = strsav(s, "/"); + return(s); } + /* + * We have a specific (fixed) referer we want to send. + */ + log_error(LOG_LEVEL_HEADER, "modified"); s = strsav( NULL, "Referer: " ); @@ -957,7 +964,7 @@ char *client_uagent(const struct parsers *v, char *s, struct client_state *csp) if (*csp->config->uagent == '@') { - if (csp->permissions & PERMIT_COOKIE_READ) + if (csp->permissions & PERMIT_USER_AGENT) { return(strdup(s)); } @@ -1006,7 +1013,7 @@ char *client_ua(const struct parsers *v, char *s, struct client_state *csp) if (*csp->config->uagent == '@') { - if (csp->permissions & PERMIT_COOKIE_READ) + if (csp->permissions & PERMIT_USER_AGENT) { return(strdup(s)); } diff --git a/pcrs.c b/pcrs.c index 0cff5f83..89bab8fa 100644 --- a/pcrs.c +++ b/pcrs.c @@ -1,4 +1,4 @@ -const char pcrs_rcs[] = "$Id: pcrs.c,v 1.3 2001/05/25 11:03:55 oes Exp $"; +const char pcrs_rcs[] = "$Id: pcrs.c,v 1.4 2001/05/25 14:12:40 oes Exp $"; /********************************************************************* * @@ -43,6 +43,9 @@ const char pcrs_rcs[] = "$Id: pcrs.c,v 1.3 2001/05/25 11:03:55 oes Exp $"; * * Revisions : * $Log: pcrs.c,v $ + * Revision 1.4 2001/05/25 14:12:40 oes + * Fixed bug: Empty substitutes now detected + * * Revision 1.3 2001/05/25 11:03:55 oes * Added sanity check for NULL jobs to pcrs_exec_substitution * @@ -176,7 +179,8 @@ int my_strsep(char *token, char **text, char delimiter, char quote_char) *********************************************************************/ int pcrs_compile_perl_options(char *optstring, int *globalflag) { - int i, rc = 0; + size_t i; + int rc = 0; *globalflag = 0; for (i=0; i < strlen(optstring); i++) { diff --git a/permissionsfile b/permissionsfile index f357c4d3..0e030645 100755 --- a/permissionsfile +++ b/permissionsfile @@ -1,108 +1,1175 @@ # Sample permissions file for the Internet Junkbuster 2.9.4 # # For information, see http://ijbswa.sourceforge.net/ + +# Valid permissions are: # -# Empty lines and lines beginning with a # are ignored. -# -# Each line has the following format: -# [flags][domain][:port][/path] -# -# There should be no spaces between the components. -# -# The domain, port, and path parts make up the pattern used -# to match URLs. The port part must be a number and must -# match exactly. The domain part is matched by comparing -# each sub-domain (between the dots) from right to left. -# e.g.: -# - The pattern "com" matches "anything.com" -# - The pattern "yahoo.com" would match "mail.yahoo.com", -# "login.yahoo.com", "www.yahoo.com", or "yahoo.com". -# "*" characters are allowed immediately before a dot or at -# the end of the domain, and match anything. e.g.: -# - "microsoft.*" matches "microsoft.com" and "microsoft.net", -# (and "www.microsoft.com", "office.microsoft.com", etc) -# but not "microsoft.xyz.com" or "microsoft.co.uk". -# - "ad*.*.*.*" matches "ad.doubleclick.co.uk" -# - "*.*click.*.*" is invalid ("*" is not followed by ".") -# -# The path part is a prefix match (if JunkBuster was compiled -# without REGEX), or a POSIX regular expression (if JunkBuster -# was compiled with REXEX but not PCRE), or a PERL (PCRE) -# regular expression (if JunkBuster was compiled with the -# default options). "^" is automatically prepended to the RE -# before the "/". -# -# Flags are: -# -# (no flags) Allow cookies and popups, don't re_filter. (compatibility mode) -# > Do not allow cookies to be set by the website. -# < Do not allow cookies to be read by the website. -# <> Block all cookies. -# % Enable re_filterfile processing for this site -# ^ Block popups from this site. -# ~ Same as all of <>%^ -# -# Multiple flags may be specified. -# -# If a web page's URL matches the specified pattern, then the -# flags specified for that site are used. If it matches more -# than one pattern, then the first match (searching top-to-bottom -# in this file) is used. -# -# If a URL does not match any of the patterns in this file, -# then the default settings are used. The default can be set -# by a line in this file which contains flags but no pattern. -# If this is not specified, then the default is ~ # +# +block +# Block this URL +# +# +image +# Treat this URL as an image. This only matters if it's also blocked, in +# which case a "blocked" image rather than a HTML page will be sent. +# +# +cookies-read +# Allow the website to read cookies +# +# +cookies-set +# Allow the website to set cookies +# +# +filter +# Filter the website through the re_filterfile +# +# +popup +# +popups +# Allow the website to use window.open() +# +# +referer +# +referrer +# Send the "Referer:" (sic) header to the web site +# +# +fast-redirects # -# EXAMPLES: +# Many sites, like yahoo.com, don't just link to other sites. +# Instead, they will link to some script on their own server, +# giving the destination as a parameter, which will then redirect +# you to the final target. # -# To permit an entire site to set cookies, simply include its domain name: -# really-trustyworthy-people.org +# URLs resulting from this scheme typically look like: +# http://some.place/some_script?http://some.where-else # -# You can allow cookies out, but stop them coming in: -# >%^send-user-cookies.com +# Sometimes, there are even multiple consecutive redirects encoded +# in the URL. These redirections via scripts make your web browing +# more traceable, since the server from which you follow such a link +# can see where you go to. Apart from that, valuable bandwidth and +# time is wasted, while your browser aks the server for one redirect +# after the other. Plus, it feeds the advertisers. # -# dabs.com requires cookies and popups: -# %dabs.com +# The fast-redirects option enables interception of these requests +# by junkbuster, who will cut off all but the last valid URL in the +# request and send a local redirect back to your browser without +# contacting the remote site. # -# Windows Update is fragile, so allow everything: -# windowsupdate.microsoft.com # +# All of these permissions also have a "-permission" setting to turn +# them off - e.g. "-block" allows you to unblock a previously blocked site. # -#%^>tvguide.com -#%^>wired.com/news/ -#%^americanexpress.com -#%^cnn.com -#%^www.nytimes.com -#%^amazon.de -#%^amazon.co.uk -#%^slashdot.org -#%^www.palmgear.com -#%^onelist.com -#%^freshmeat.net + + +############################################################################# +# Aliases +############################################################################# +{{alias}} +############################################################################# +# +# You can define a short form for a list of permissions - e.g., instead +# of "+cookies-set +cookies-read -filter -fast-redirects", you can +# just write "shop". This is called an alias. +# +# Currently, an alias can contain any character except space, tab, or '='. +# But please use only 'a'-'z', '0'-'9', '+', and '-'. +# +# Alias names are not case sensitive. +# +# Aliases beginning with '+' or '-' may be used for system permission names +# in future releases - so try to avoid alias names like this. (e.g. +# "+cookies" below is not a good name) +# +# Aliases must be defined before they are used. +# ++cookies = +cookies-set +cookies-read +-cookies = -cookies-set -cookies-read +fragile = -block +cookies -filter -fast-redirects +referer +popups +shop = +cookies -filter -fast-redirects ++imageblock = +block +image + +#For people who don't like to type too much: ;-) +c0 = -cookies +c1 = +cookies +c2 = +cookies-set -cookies-read +c3 = -cookies-set +cookies-read +#... etc. Customize to your heart's content. + +############################################################################# +# Defaults +############################################################################# +{-block -image -cookies +filter +fast-redirects -referer -popups} +/ # Match all URLs + +############################################################################# +# Not yet implemented +############################################################################# +#{{filter}} +#s/Microsoft/MicroSuck/ig + +############################################################################# +# Permissions list +############################################################################# # Sites that need cookies -%^javasoft.com -%^sun.com -%^msdn.microsoft.com -%^sourceforge.net -%^yahoo.com +{+cookies} +javasoft.com +sun.com +yahoo.com +msdn.microsoft.com + +# Alternative way of saying the same thing +{+cookies-set +cookies-read} +sourceforge.net +sf.net # These sites are very complex and require # minimal interference. +{fragile} office.microsoft.com windowsupdate.microsoft.com -# Shopping -dabs.com -overclockers.co.uk +# Shopping sites - still want to block ads. +{shop} +quietpc.com worldpay.com # for quietpc.com jungle.com scan.co.uk -# Explicitly set default to ~ -~ +# These shops require pop-ups +{shop +popups} +dabs.com +overclockers.co.uk + +############################################################################# +# Imagelist: +############################################################################# +{+image} +############################################################################# +/.*\.gif +/.*\.jpe?g + +############################################################################# +{+imageblock} +############################################################################# +adforce.imgis.com +ad.preferences.com/image.* +ads.web.aol.com +focalink.com +ad-adex3.flycast.com +ad.doubleclick.net +connect.247media.ads.link4ads.com +ln.doubleclick.net +mojofarm.mediaplex.com/ad/ +www.carbuyer.com/cgi-carbuyer/getimage.cgi + +############################################################################# +# Blocklist: +############################################################################# +{+block} +############################################################################# +/*.*/(.*[-_.])?ads?[0-9]?(/|[-_.].*|\.(gif|jpe?g)) +/*.*/(.*[-_.])?count(er)?(\.cgi|\.dll|\.exe|[?/]) +/*.*/(ng)?adclient\.cgi +/*.*/(plain|live|rotate)[-_.]?ads?/ + +/*.*/(sponsor)s?[0-9]?/ +###/*.*/(sponsor|banner)s?[0-9]?/ +###/*.*/.*banner([-_]?[a-z0-9]+)?\.(gif|jpg) + +/*.*/_?(plain|live)?ads?(-banners)?/ +/*.*/abanners/ +/*.*/ad(sdna_image|gifs?)/ +/*.*/ad(server|stream|juggler)\.(cgi|pl|dll|exe) +/*.*/adbanners/ +/*.*/adserver +/*.*/adstream\.cgi +/*.*/adv((er)?ts?|ertis(ing|ements?))?/ +/*.*/anzei(gen)?/? +/*.*/ban[-_]cgi/ +/*.*/banner_?ads/ +/*.*/banner_?anzeigen +/*.*/bannerimage/ +/*.*/banners?/ +/*.*/banners?\.cgi/ +/*.*/cgi-bin/centralad/getimage +/*.*/images/addver\.gif +/*.*/images/advert\.gif +/*.*/images/marketing/.*\.(gif|jpe?g) +/*.*/place-ads +/*.*/popupads/ +/*.*/promobar.* +/*.*/publicite/ +/*.*/randomads/.*\.(gif|jpe?g) +/*.*/reklama/.*\.(gif|jpe?g) +/*.*/reklame/.*\.(gif|jpe?g) +/*.*/reklaam/.*\.(gif|jpe?g) +/*.*/siteads/ +/*.*/sponsor.*\.gif +/*.*/sponsors?[0-9]?/ +/*.*/ucbandeimg/ +/*.*/werb\..* +/*.*/werbebanner/ +/*.*/werbung/.*\.(gif|jpe?g) +/.*/adv\. # www.telegraaf.nl +/.*/advert[0-9]+\.jpg +/.*bann\.gif +/Media/Images/Adds/ +/_banner/ +/ad_images/ +/adgenius/ +/adimages/ +/*.*/ads/ +/*.*/ads\\ +/viewad/ +/adserve/ +/adverts/ +/annonser?/ +/bando/ +/bannerad/ +/bannerfarm/ +/bin/getimage.cgi/...\?AD +/bin/nph-oma.count/ct/default.shtml +/bin/nph-oma.count/ix/default.html +/cgi-bin/getimage.cgi/....\?GROUP= +/cgi-bin/nph-load +/cgi-bin/webad.dll/ad +/cwmail/acc\.gif +/cwmail/amzn-bm1\.gif +/db_area/banrgifs/ +/gif/teasere/ +/grafikk/annonse/ +/graphics/defaultAd/ +/grf/annonif +/htmlad/ +/image\.ng/AdType +/image\.ng/transactionID +/images/.*/.*_anim\.gif # alvin brattli +/ip_img/.*\.(gif|jpe?g) +/marketpl*/ +/minibanners/ +/netscapeworld/nw-ad/ +/promotions/houseads/ +/rotads/ +/rotateads/ +/rotations/ +/torget/jobline/.*\.gif +/viewad/ +/werbung/ +/worldnet/ad\.cgi +/zhp/auktion/img/ +/cgi-bin/nph-adclick.exe/ +/*.*/Image/BannerAdvertising/ +/*.*/ad-bin/ +/*.*/adlib/server\.cgi +/*.*/gsa_bs/gsa_bs.cmdl +/autoads/ +/anz/pics/ + +# for our finnish friends, by Kai Puolamaki +/*.*/mainos/*.*/.*\.gif +/*.*/mainos/*.*/.*\.jpe?g + +# more from a finnish friend Petri Haapio +cgi.tietovalta.fi +keltaisetsivut.fi/web/img/\.*gif +haku.net/pics/pana\.*gif +www.fi/guvat/\.*gif +/*.*/(.*[-_.].*)?maino(kset|nta|s).*(/|\.(gif|html?|jpe?g|png)) +/*.*/(ilm(oitus)?|kampanja)(hallinta|kuvat?)(/|\.(gif|html?|jpe?g|png)) + +# and even more from a finnish friend Hannu Napari +194.251.243.50/cgi-bin/banner + +www.dime.net/ad +www.iltalehti.fi/ad +www.iltalehti.fi/ilmkuvat +www.mtv3.fi/mainoskuvat + +# +/*.*/adfinity +/*.*/[?]adserv +/*.*/bizgrphx/ +/*.*/smallad2\.gif +/*.*/ana2ad\.gif +/*.*/adimg/ +/*.*/.*counter\.pl +/*.*/spin_html/ +/*.*/images/topics/topicgimp\.gif +discovery.com/.*banner_id +/*.*/.*bannr\.gif +cruel.com/images/ +idrink.com/frm_bottom.htm +/*.*/.*pb_ihtml\.gif +/*.*/ph-ad.*\.focalink\.com +/cgi-bin/adjuggler + +/we_ba/ # hausfrauenseite.de *bwhahahaaaaa* + +# ms sucks ! +/.*(ms)?backoff(ice)?.*\.(gif|jpe?g) +/.*(/ie4|/ie3|msie|sqlbans|powrbybo|activex|backoffice|explorer|netnow|getpoint|ntbutton|hmlink).*\.(gif|jpe?g) +/.*activex.*(gif|jpe?g) +/.*explorer?.(gif|jpe?g) +/.*freeie\.(gif|jpe?g) +/.*/ie_?(buttonlogo|static?|anim.*)?\.(gif|jpe?g) +/.*ie_sm\.(gif|jpe?g) +/.*msie(30)?\.(gif|jpe?g) +/.*msnlogo\.(gif|jpe?g) +/.*office97_ad1\.(gif|jpe?g) +/.*pbbobansm\.(gif|jpe?g) +/.*powrbybo\.(gif|jpe?g) +/.*sqlbans\.(gif|jpe?g) +/.*exc_ms\.gif +/.*ie4get_animated\.gif +/.*ie4_animated\.gif +/.*n_iemap\.gif +/.*ieget\.gif +/.*logo_msnhm_* +/.*mcsp2\.gif +/.*msn2\.gif +/.*add_active\.gif +/.*n_msnmap\.gif +/.*Ad00\.gif +/.*s_msn\.gif +/.*addchannel\.gif +/.*adddesktop\.gif +/.*/ns4\.gif +/.*/v3sban\.gif +/.*/?FPCreated\.gif +/.*/opera35\.gif +/.*/opera13\.gif +/.*/opera_b\.gif +/.*/ie_horiz\.gif +/.*/ie_logo\.gif + +# ... and even more! +/.*/favicon\.ico + +# generally useless information and promo stuff (commented out) +#/*.*/(counter|getpcbutton|BuiltByNOF|netscape|hotmail|vcr(rated)?|rsaci(rated)?|freeloader|cache_now(_anim)?|apache_pb|now_(anim_)?button|ie_?(buttonlogo|static?|.*ani.*)?)\.(gif|jpe?g) + +/*.*/images/na/us/brand/ +/*.*/advantage\.(gif|jpg) +/*.*/advanbar\.(gif|jpg) +/*.*/advanbtn\.(gif|jpg) +/*.*/biznetsmall\.(gif|jpg) +/*.*/utopiad\.(gif|jpg) +/*.*/epipo\.(gif|jpg) +/*.*/amazon([a-zA-Z0-9]+)\.(gif|jpg) +/*.*/bnlogo.(gif|jpg) +/*.*/buynow([a-zA-Z0-9]+)\.(gif|jpg) + +/p/d/publicid + + +# for the dutch folks by a dutch friend gertjan@west.nl +/*.*/Advertenties/ +/.*./Adverteerders/ +netdirect.nl/nd_servlet/___ + +# -------------------------------------------------------------------------- +# +# specific servers +# +# -------------------------------------------------------------------------- + +# the next two lines work +12.16.1.10/web_GIF +12.16.1.10/~web_ani +193.158.37.3/cgi-bin/impact +193.210.156.114 +193.98.1.160/img +194.221.183.222/mailsentlu +194.221.183.223 +194.221.183.224 +194.221.183.225 +194.221.183.226 +194.221.183.227 +194.231.79.38 +195.124.124.56 +195.27.70.69 +195.30.94.21 +195.63.104.222//inbox +195.63.104.222//log # www.weltbild.de +195.63.104.222//meld +195.63.104.222//menu +195.63.104.222/folderlu +195.63.104.222/folderru +195.63.104.222/inbox +195.63.104.222/loginlu +195.63.104.222/loginmu +195.63.104.222/loginru +195.63.104.222/logoutlu +195.63.104.222/logoutmu +195.63.104.222/logoutru +195.63.104.61//inbox +195.63.104.61//log # www.weltbild.de +195.63.104.61//meld +195.63.104.61//menu +195.63.104.61/inbox +195.63.104.61/loginlu +195.63.104.61/loginmu +195.63.104.61/loginru +195.63.104.61/logoutlu +195.63.104.61/logoutmu +195.63.104.61/logoutru +199.78.52.10 +1st-fuss.com +204.253.46.71:1977 +204.94.67.40/wc/ +205.153.208.93 +205.216.163.62 +205.217.103.58:1977 +206.165.5.162/images/gcanim\.gif +206.221.254.181:80 +206.50.219.33 +207.137.96.35 +207.159.129.131/abacus +207.159.135.72 +207.82.250.9 +207.87.15.234 +207.87.27.10/tool/includes/gifs/ +208.156.39.142 +208.156.39.144 +208.156.60.230 +208.156.60.234 +208.156.60.235 +209.1.112.252/adgraph/ +209.1.135.142:1971 +209.1.135.144:1971 +209.132.97.164/IMG/ +209.185.222.45 +209.185.222.60 +209.185.253.199 +209.207.224.220/servfu.pl +209.207.224.222/servfu.pl +209.239.37.214/cgi-pilotfaq/getimage\.cgi +209.297.224.220 +209.75.21.6 +209.85.89.183/cgi-bin/cycle\?host +212.63.155.122/(banner|concret|softwareclub) +216.15.157.34 +216.27.61.150 +216.49.10.236/web1000/ +247media.com +62.144.115.12/dk/ +ICDirect.com/cgi-bin +Shannon.Austria.Eu.net/\.cgi/ +WebSiteSponsor.de +207.181.220.145 +213.165.64.42 + +# +# generic hosts (probably most effective) +# +ad*.*.* +ad*.*.*.* +*.ads.*.* +banner*.*.* +banner*.*.*.* + +*.admaximize.com +*.imgis.com +/*.*/*preferences.com* +1ad.prolinks.de +adwisdom.com +akamaitech.net/.*/Banners/ +altavista.telia.com/av/pix/sponsors/ +amazon.com/g/associates/logos/ +annonce.insite.dk +asinglesplace.com/asplink\.gif +athand.com/rotation +automatiseringgids.nl/gfx/advertenties/ +#avenuea.com/Banners/ +avenuea.com/view/ +badservant.guj.de +befriends.net/personals/matchmaking\.jpg +bizad.nikkeibp.co.jp +bs.gsanet.com/gsa_bs/ +cash-for-clicks.de +cda.at/customer/ +cgicounter.puretec.de/cgi-bin/ +ciec.org/images/countdown\.gif +classic.adlink.de/cgi-bin/accipiter/adserver.exe +click..wisewire.com +clickhere.egroups.com/img/ +imagine-inc.com +commonwealth.riddler.com/Commonwealth/bin/statdeploy\?[0-9]+ +customad.cnn.com +dagbladet.no/ann-gif +deja.com/jump/ +digits.com/wc/ +dino.mainz.ibm.de +dn.adzerver.com/image.ad +ds.austriaonline.at +emap.admedia.net +etrade.com/promo/ +eur.yimg.com/a/ +eur.a1.yimg.com/eur.yimg.com/a/ +us.a1.yimg.com/us.yimg.com/a/ +eurosponsor.de +fastcounter.linkexchange.com +flycast.com +focalink.com/SmartBanner +freepage.de/cgi-bin/feets/freepage_ext/.*/rw_banner +freespace.virgin.net/andy.drake +futurecard.com/images/ +gaia.occ.com/click.* +globaltrack.com +globaltrak.net +go.com/cimages\?SEEK_ +gp.dejanews.com/gtplacer +gtp.dejanews.com/gtplacer +deja.com/gifs/onsale/ +hitbox.com +home.miningco.com/event.ng/.*AdID +hurra.de +hyperbanner.net +icount.com/.*count +image*.narrative.com/news/.*\.(gif|jpe?g) +image.click2net.com +image.linkexchange.com +images.nytimes.com +images.yahoo.com/adv/ +images.yahoo.com/promotions/ +imageserv.adtech.de +img.web.de +impartner.de/cgi-bin +informer2.comdirect.de:6004/cd/banner2 +infoseek.go.com/cimages +ins.at/asp/images/ +kaufwas.com/cgi-bin/zentralbanner\.cgi +leader.linkexchange.com +link4ads.com +link4link.com +linktrader.com/cgi-bin/ +logiclink.nl/cgi-bin/ +lucky.theonion.com/cgi-bin/oniondirectin\.cgi +lucky.theonion.com/cgi-bin/onionimp\.cgi +lucky.theonion.com/cgi-bin/onionimpin\.cgi +m.doubleclick.net +mailorderbrides.com/mlbrd2\.gif +media.priceline.com +mediaplex.com +members.sexroulette.com +messenger.netscape.com +miningco.com/zadz/ +# movielink became moviefone +moviefone.com/.*banner +moviefone.com/.*newbutton +moviefone.com/.*ad\.gif +moviefone.com/.*mmail +moviefone.com/.*poster\.gif +moviefone.com/.*btyb +moviefone.com/.*h_guy +moviefone.com/.*h_showtick +moviefone.com/.*h_aML +moviefone.com/.*/m_ +moviefone.com/.*/icon_ +moviefone.com/.*/NF_.*back +moviefone.com/.*/h_.*gif +moviefone.com/media/imagelinks +moviefone.com/media/imagelinks/MF.(ad|sponsor) +moviefone.com/media/art +mqgraphics.mapquest.com/graphics/Advertisements/ +netgravity.* +newads.cmpnet.com +news.com/cgi-bin/acc_clickthru +ngadcenter.net +ngserve.pcworld.com/adgifs/ +nol.at:81 +nrsite.com +nytsyn.com/gifs +offers.egroups.com +pagecount.com +ph-ad.*\.focalink.com +preferences.com +promotions.yahoo.com/ +pub.nomade.fr +qsound.com/tracker/tracker.exe +resource-marketing.com/tb/ +revenue.infi.net +rtl.de/homepage/wb/images/ +schnellsuche.de/images/* +shout-ads.com/cgibin/shout.php3 +sjmercury.com/advert/ +smartclicks.com/.*/smart(img|banner|host|bar|site) +smh.com.au/adproof/ +spinbox1.filez.com +static.wired.com/advertising/ +swiftad.com +sysdoc.pair.com/cgi-sys/cgiwrap/sysdoc/sponsor\.gif +t-online.de/home/040255162-001/* +taz.de/taz/anz/ +tcsads.tcs.co.at +teleauskunft.de/commercial/ +thecounter.com/id +tm.intervu.net +tvguide.com/rbitmaps/ +ubl.com/graphics/ +ubl.com/images/ +ultra.multimania.com +ultra1.socomm.net +uproar.com +us.yimg.com/a/ +us.yimg.com/promotions/ +valueclick.com +valueclick.net +victory.cnn.com +videoserver.kpix.com +washingtonpost.com/wp-adv/ +webconnect.net/cgi-bin/webconnect.dll +webcounter.goweb.de +webserv.vnunet.com/ip_img/.*ban +werbung.pro-sieben.de/cgi-bin +whatis.com/cgi-bin/getimage.exe/ +www..bigyellow.com/......mat.* +www.adclub.net +www.addme.com/link8\.gif +www.aftonbladet.se/annons +www.americanpassage.com/ +www.angelfire.com/in/twistriot/images/wish4\.gif +www.bizlink.ru/cgi-bin/irads\.cgi +www.blacklightmedia.com/adlemur +www.bluesnews.com/flameq\.gif +www.bluesnews.com/images/ad[0-9]+\.gif +www.bluesnews.com/images/gcanim3\.gif +www.bluesnews.com/images/throbber2\.gif +www.bluesnews.com/miscimages/fragbutton\.gif +www.businessweek.com/sponsors/ +www.canoe.ca/AdsCanoe/ +www.cdnow.com/MN/client.banners +www.clickagents.com +www.clickthrough.ca +www.clicmoi.com/cgi-bin/pub\.exe +www.dailycal.org/graphics/adbanner-ab\.gif +www.detelefoongids.com/pic/[0-9]* +www.dhd.de/CGI/werbepic +www.dsf.de/cgi-bin/site_newiac.adpos +www.firsttarget.com/cgi-bin/klicklog.cgi +www.forbes.com/forbes/gifs/ads +www.forbes.com/tool/includes/gifs/ +www.fxweb.holowww.com/.*\.cgi +www.geocities.com/TimesSquare/Zone/5267/ +www.goto.com/images-promoters/ +www.handelsblatt.de/hbad +www.hotlinks.de/cgi-bin/barimage\.cgi +www.infoseek.com/cimages +www.infoworld.com/pageone/gif +www.isys.net/customer/images +www.javaworld.com/javaworld/jw-ad +www.kron.com/place-ads/ +www.leo.org/leoclick/ +www.linkexchange.ru/cgi-bin/erle\.cgi +www.linkstation.de/cgi-bin/zeige +www.linux.org/graphic/miniature/ +www.linux.org/graphic/square/ +www.linux.org/graphic/standard/ +www.luncha.se/annonsering +www.mediashower.com +www.ml.org/gfx/spon/icom/ +www.ml.org/gfx/spon/wmv +www.musicblvd.com/mb2/graphics/netgravity/ +nedstat.nl/cgi-bin/ +www.news.com/Midas/Images/ +www.newscientist.com/houseads +www.nextcard.com/affiliates/ +www.nikkeibp.asiabiztech.com/image/NAIS4\.gif +www.nordlys.no/imaker/.*/.*/.*/.....\.gif # alvin brattli +www.nordlys.no/imaker/.*/.*/.*/..003 # alvin brattli +www.oanda.com/server/banner +omdispatch.co.uk +www.oneandonlynetwork.com +www.page2page.de/cgi-bin/ +www.prnet.de/.*/bannerschnippel/.*\.(gif|jpe?g) +www.promptsoftware.com/marketing/ +#www.reklama.ru/cgi-bin/banners/ +www.riddler.com/sponsors/ +www.rle.ru/cgi-bin/erle\.cgi +www.rock.com/images/affiliates/search_black\.gif +www.rtl.de/search/.*kunde +#www.search.com/Banners +www.sfgate.com/place-ads/ +www.shareware.com/midas/images/borders-btn\.gif +#www.sjmercury.com/products/marcom/banners/ +www.smartclicks.com:81 +www.sol.dk/graphics/portalmenu +www.sponsornetz.de/jump/show.exe +www.sponsorpool.net +www.sunworld.com/sunworldonline/icons/adinfo.sm\.gif +www.swwwap.com/cgi-bin/ +www.taz.de/~taz/anz/ +www.telecom.at/icons/.*film\.(gif|jpe?g) +www.theonion.com/bin/ +www.topsponsor.de/cgi-bin/show.exe +www.ugo.net +www.ugu.com/images/EJ\.gif +www.warzone.com/pics/banner/ +www.warzone.com/wzfb/ads.cgi +www.webpeep.com +www.websitepromote.com/partner/img/ +www.winjey.com/onlinewerbung/*\.gif +www.wishing.com/webaudit +www.www-pool.de/cgi-bin/banner-pool +www2.blol.com/agrJRU\.gif +www3.exn.net:80 +yahoo.com/CategoryID=0 +yahoo.de/adv/images + +#swa +www.bannerland.de/click.exe +*.cyberclick.net +*.eu-adcenter.net/ +www.web-stat.com +www.slate.com/snav/ +www.slate.com/redirect/ +www.slate.com/articleimages/ +usads.imdb.com +www.forbes.com/tool/images/frontend/ +www.zserver.com +www.spinbox.com +pathfinder.com/shopping/marketplace/images/ +/*.*/adbanner* +/*.*/adgraphic* +static.wired.com/images +perso.estat.com/cgi-bin/perso/ +dinoadserver1.roka.net +fooladclient*.fool.com +affiliate.aol.com/static/ +cybereps.com:8000 +iadnet.com +orientserve.com +wvolante.com +findcommerce.com +smartage.com + +# www.sunday-times.co.uk +www.sunday-times.co.uk/standing/newsint/ticker + +# Für Germany.Net-User: Germany.Net (fast) banner- u. grafikfrei! +germany.net/gebu-frei\.gif +germany.net/bilder/menue/leiste\.gif +germany.net/bilder/gn_logos/* +germany.net/bilder/90x90/* +germany.net/banner-homepage/* +germany.net/downloadshop/* +germany.net/bilder/action/promopoly/germanynet/basisdienste/hilfe/* + +# Block as much of GeoCities as possible +# All geocities-owned images +www.geocities.com/images +www.geocities.com/MemberBanners/live/ +pic.geocities.com/images +# And the popup (it still pops up, but does not eat up precious bandwidth) +#www.geocities.com/ad_container/pop.html # already fixed by other regexp + +# from corion@informatik.uni-frankfurt.de +sam.songline.com/@ +img.getstats.com/ +#ads.xmonitor.net/xadengine.cgi # fixed by above regexp +# Also block the japanese geocities popups +www.geocities.co.jp/images +# Also block the come.to, surf.to etc. popups +v3.come.to/pop.asp + +# Also block the xoom stuff. +xb.xoom.com +home.talkcity.com/homepopup.html.* + +# Max Maischein again ... +# Halflife.net uses WON banners +# Banners from Freeserve +#banner.freeservers.com/cgi-bin/fs_adbar # fixed by above regexp +# And those nasty va-popups ! +/.*/?va_banner.html +# And an all-around hit against advert*.jpg +/.*/advert[0-9]+\.jpg +# And yet another Internet Explorer gif ... +/.*/ie_horiz\.gif +# Some uninteresting buttons I think... +mircx.com/images/buttons/ +services.mircx.com/.*\.gif +# Ooops - UserFriendly (Iambe) has a banner that gets eaten ... +~www.userfriendly.org/images/banners/banner_dp_heart\.gif +# Easyspace - yet another "free disk space" provider with banner popups +www.easyspace.com/(fpub)?banner.html +www.easyspace.com/100\.gif +# Some russian banner exchanges +banner.ricor.ru/cgi-bin/banner.pl +#www.bizlink.ru/cgi-bin/irads.cgi # already fixed by other regexp +stx9.sextracker.com/stx/send/ +# And even more of geocities : +www.geocities.com/pictures/ +# Gaah - www.angelfire.com - another webspace provider with popups +angelfire.com/sys/download.html +# Gamasutra.com uses this ad provider +sally.songline.com/@ + +# Eule.de (search engine) +# maybe images.eule.de as a whole... +www.eule.de/cgi-bin/ +images.eule.de/comdirect\.gif +images.eule.de/wp\.gif +aladin.de/125_1\.gif +images.eule.de/neu/books\.gif + +# -------------------------------------------------------------------------- +# +# some images +# +# -------------------------------------------------------------------------- + +# some images on cnn's website just suck! +/.*cnnstore\.gif +/.*book.search\.gif +/.*cnnpostopinionhome.\.gif +/.*custom_feature\.gif +/.*explore.anim.*gif +/.*infoseek\.gif +/.*pathnet.warner\.gif +/.*images/cnnfn_infoseek\.gif +/.*images/pathfinder_btn2\.gif +/.*img/gen/fosz_front_em_abc\.gif +/.*img/promos/bnsearch\.gif +/.*navbars/nav_partner_logos\.gif +/BarnesandNoble/images/bn.recommend.box.* +/digitaljam/images/digital_ban\.gif +/hotstories/companies/images/companies_banner\.gif +/markets/images/markets_banner\.gif +/ows-img/bnoble\.gif +/ows-img/nb_Infoseek\.gif +cnn.com/images/custom/totale\.gif +cnn.com/images/lotd/custom.wheels\.gif +cnn.com/images/.*/by/main.12\.gif +cnn.com/images/.*/find115\.gif +cnn.com/.*/free.email.120\.gif +cnnfn.com/images/left_banner\.gif +focus.de/A/AF/AFL/ +www.cnn.com/images/.*/bn/books\.gif +www.cnn.com/images/.*/pointcast\.gif +www.cnn.com/images/.*/fusa\.gif +cnn.com/images/.*/start120\.gif +images.cnn.com/SHOP/ +/.*by/main\.gif +/.*gutter117\.gif +/.*barnes_logo\.gif +# the / indicates the beginning of the path (and no longer the FQDN) +/.*nbclogo\.gif +/.*microdell\.gif +/.*secureit\.gif + +g.deja.com/gifs/(q|us)west_120x120\.gif + +# +/gif/buttons/banner_.* +/gif/buttons/cd_shop_.* +/gif/cd_shop/cd_shop_ani_.* + +#altavista +/av/gifs/av_map\.gif +/av/gifs/av_logo\.gif +/av/gifs/new/ns\.gif +altavista.com/i/valsdc3\.gif +jump.altavista.com/gn_sf + +# tucows +tucows.*.*/images/locallogo\.gif +#tucows.dsuper.net/images/locallogo\.gif + +# +mt_freshmeat\.jpg + +# simpliemu.hypermart.net/frames.html +go2net.com/mgic/adpopup +go2net.com/metaspy/images/exposed\.gif +go2net.com/metaspy/images/ms_un\.gif + +# +www.cebu-usa.com/cwbanim1\.gif +www.cebu-usa.com/Connection\.jpg +www.cebu-usa.com/phonead\.gif +www.cebu-usa.com/ban3\.jpg +www.cebu-usa.com/tlban\.gif +www.cebu-usa.com/apwlogo1\.gif +www.cebu-usa.com/rose\.gif + +# fnet +www.fnet.de/img/geldboerselogo\.jpg + +# hirsch@mathcs.emory.edu +/images/getareal2\.gif + +www.assalom.com/aziza/logos/cniaffil\.gif +www.assalom.com/aziza/logos/4starrl1\.gif +www.phantomstar.com/images/media/m1\.gif + +# +wahlstreet.de/MediaW\$/tsponline\.gif +wahlstreet.de/MediaW\$/dzii156x60\.gif +wahlstreet.de/MediaW\$/etban156x60_2_opt2\.gif + +# linuxtoday.com +/pics/gotlx1\.gif +/pics/getareal1\.gif +/pics/amzn-b5\.gif +/ltbs/cgi-bin/click.cgi +linuxtoday.com/ltbs/pics/ + +# Geocities popups +/ad[-_]container/ +/include/watermark/v2/ + +# Reinier Bikker +# Banner.xxLINK.nl/ + +# Mark Lutz +/.*/*werb.*\.(gif|jpe?g) # hope that's not to restrictive + +#Free Yellow thing at bottom of pages (HereticPC) +www.freeyellow.com/images/powerlink5a\.gif +www.freeyellow.com/images/powerlink5b\.gif +www.freeyellow.com/images/powerlink5c\.gif +www.freeyellow.com/images/powerlink5d\.gif +www.freeyellow.com/images/powerlink5e\.gif + +#HereticPC +www.eads.com/images/refbutton\.gif +www.fortunecity.com/console2/newnav/* +www.goldetc.net/search\.gif +www.cris.com/~Lzrdking/carpix/cars3-le\.gif +www.justfreestuff.com/scott\.gif +www.cyberthrill.com/entrance\.gif +secure.pec.net/images/pec69ani\.gif +www.new-direction.com/avviva\.gif +internetmarketingcenter\.gif +www.new-direction.com/wp-linkexchange-loop\.gif +www.new-direction.com/windough\.gif +www.digitalwork.com/universal_images/affiliate/dw_le_3\.gif +service.bfast.com/bfast/click/* +www.new-direction.com/magiclearning\.gif +www.new-direction.com/mailloop\.gif + +www.free-banners.com/images/hitslogo\.gif +rob.simplenet.com/dyndns/fortune5\.gif +nasdaq-amex.com/images/bn_ticker\.gif + +# +# navilor@hotmail.com +# +# +# wayne@staff.msen.com +# +a*.*.*.yimg.com/([0-9]*|\/)*us.yimg.com/* +ad.doubleclick.net +www.dnps.com/ads +www.realtop50.com/cgi-bin/ad + + +# +www.yacht.de/images/(my_ani|eissingani|chartertrans|fum|schnupper|fysshop|garmin)\.gif +www.sponsorweb.de/web-sponsor/nt-bin/show.exe + +# +# Club-internet pops up a complain if you refuse cookie (still pops up...) +perso.club-internet.fr/html/Popup/popup_frame_nocookie.html +perso.club-internet.fr/pagesperso/popup_nocookie.html + +gmx.net/images/newsbanner/ +cash4banner.de + +quicken.lexware.de/images/us7-468x60.gif +/img/special/chatpromo\.gif +www.travelocity.com/images/promos/ + +# wonder that that does... +p01.com/1x1.dyn + +/*.*/phpAds/viewbanner.php +/*.*/phpAds/phpads.php + +www.linux-magazin.de/banner +comtrack.comclick.com +click-fr.com +iac-online.de/filler + +media.interadnet.com +stat.www.fi/cgi-bin +/cgi/banners.cgi +ads-digi.sol.no +fp.buy.com +disneystoreaffiliates.com + +powerwork.mobile.de/cgi-bin/getimage\.cgi + + + +#################################################### +# Jon's addition: +# +# The Register ads - oh, and all images in Register stories (sigh). +www.theregister.co.uk/media/ + + +# Dilbert: +www.dilbert.com/comics/dilbert/images/.*_140x800.*\.gif + +# stattrack.com +# Uses URL: http://www.stattrack.com/cgi-bin/stats/image.cgi +/cgi-bin/stats/ +# And loads JavaScript from http://www.stattrack.com/stats/code +www.stattrack.com/stats/ + +#Now they're Yahoo GeoCities, their junk is in a different place. +##geo.yahoo.com/serv +##visit.geocities.com/visit.gif +*.*.*.yimg.com/*/www.geocities.com/js_source +#http://us.toto.geo.yahoo.com/toto?s=76001086 +##*.toto.geo.yahoo.com +*.*.geo.yahoo.com +*.geo.yahoo.com +geo.yahoo.com +visit.geocities.com +*.*.*.yimg.com/.*/www.geocities.com/ + +#http://counter16.bravenet.com/counter.php +counter*.*.* + +#http://stat.cybermonitor.com/7emezone_p?1707_USdvd +stat*.*.* + +#http://members.tripod.com/adm/popup/..... +members.tripod.com/adm/popup/ + +#This is the worst ad idea ever! +#count.exitexchange.com/exit/1100661 +#count.exitexchange.com/clients/navbar.html +#(used in http://skyhivisuals.tripod.com/malfunctions_.htm) +exitexchange.com + +#SourceForge ads. +sfads.osdn.com + +#This site traps the browser +webhideout.com + + +#Lindsay.Marshall@newcastle.ac.uk suggested these, to kill Opera adverts: + +www.qksrv.net +mirror.qkimg.net + +############################################################################# +{-block} +############################################################################# + +cpan.valueclick.com + +#Why were these in the Waldherr blockfile? +#www.hitbox.com +#a*.*.*.yimg.com/([0-9]|\/)*us.yimg.com/i/* + +# some regexps are simply too aggressive ... +# +# equalizer to /*.*(.*[-_.])?ads?[0-9]?(/|[-_.].*|.(gif|jpe?g)) +# or other regexps +# +# +adamwhone.co.uk +adsl.tin.it +stsci.edu +tgs.com +sun.com +povray.org +admin.*.* +admin.*.*.* +ad.siemens.de # SIEMENS Automation & Drives +add-url.altavista.com +adis.on.ca +address*.*.* +address*.*.*.* +add*.*.* +add*.*.*.* +adu*.*.* +adu*.*.*.* +advice.*.* +advice.*.*.* + +# univ. don't advertise, do they :-) +*.*.edu +*.*.*.edu +www.ugu.com/sui/ugu/adv +adfa.edu.au +adsl*.*.* + +clubs.yahoo.com/clubs +edit.my.yahoo.com/config/show_identity +www.ix.de/newsticker/data/ad +www.heise.de/newsticker/data/ad +www.careernet.de/anzeige +www.careernet.de/bewerber/stellenanzeigen +www.baumgartner.de/stellenmarkt/anzeigen +www.dspartner.de/Anzeigen +www.aws-jobs.de/Anzeigen +www.jobware.de/.*/anzeigen/ +www.jobworld.de/bilder/ +www.cnn.com/TECH/computing/.*/internet.ads/ +www.financial.de/shop/ +gnn.de/.*\.html +www.auktionen.de + +194.221.152.2/phptelefontmp +harvard.edu/images/banner/ + +adswww.harvard.edu +www.dhd.de/CGI/anzeigen/ + +ads.web.de/web/ +img.web.de/web/img/ + +www.segel.de/menu/bilder/anzeigen\.gif +www.corel.com/graphics/banners/ +www.software.ibm.com/ad/ +www.omg.org/docs/ad/ + +sperrmuell.de/scripts/anzeigen +www.freenet.de/index.html +www.01019freenet.de/index.html +www.freenet.de/freenet/ +www.01019freenet.de/freenet/ +webfactory.de/anzeigen.php +www.cdmag.com +www.internatif.org/bortzmeyer/debian/sponsor/ +hp.com + +www.software.hosting.ibm.com/ad/ +www.ibm.com/software/ad/ +brickshelf.com + +www.debian.org/Pics/banner-blue\.gif +www.linux.de/pics/Nachrichten_banner\.gif +www.werbekurier.de + +finder.shopping.yahoo.com/shop/ +national.com/pf +mozilla.org +eidos.de +e-sheep.com +punkassgear.com +mozilla.org +mozillazine.org +adbusters.org +annoy.com +consumer-direct.com +www.iez-auktion.de +ibm.com +sgi.com + +# my banking stuff => no ads. last regexp for fast access :-) +comdirekt.de +comdirect.de +teledata.de + + +# Jon's addition: MSDN + +msdn.microsoft.com # End of file diff --git a/project.h b/project.h index f9c2ad87..2263285c 100644 --- a/project.h +++ b/project.h @@ -1,6 +1,6 @@ #ifndef _PROJECT_H #define _PROJECT_H -#define PROJECT_H_VERSION "$Id: project.h,v 1.5 2001/05/26 00:28:36 jongfoster Exp $" +#define PROJECT_H_VERSION "$Id: project.h,v 1.6 2001/05/27 22:17:04 oes Exp $" /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/project.h,v $ @@ -36,6 +36,19 @@ * * Revisions : * $Log: project.h,v $ + * Revision 1.6 2001/05/27 22:17:04 oes + * + * - re_process_buffer no longer writes the modified buffer + * to the client, which was very ugly. It now returns the + * buffer, which it is then written by chat. + * + * - content_length now adjusts the Content-Length: header + * for modified documents rather than crunch()ing it. + * (Length info in csp->content_length, which is 0 for + * unmodified documents) + * + * - For this to work, sed() is called twice when filtering. + * * Revision 1.5 2001/05/26 00:28:36 jongfoster * Automatic reloading of config file. * Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32). @@ -201,15 +214,16 @@ struct gateway }; -struct proxy_args +/* Generic linked list of strings */ +struct list { - char *header; - char *invocation; - char *gateways; - char *trailer; + char *str; + struct list *last; + struct list *next; }; +/* An I/O buffer */ struct iob { char *buf; @@ -218,13 +232,6 @@ struct iob }; -struct list -{ - char *str; - struct list *last; - struct list *next; -}; - #define IOB_PEEK(CSP) ((CSP->iob->cur > CSP->iob->eod) ? (CSP->iob->eod - CSP->iob->cur) : 0) #define IOB_RESET(CSP) if(CSP->iob->buf) free(CSP->iob->buf); memset(CSP->iob, '\0', sizeof(CSP->iob)); @@ -254,13 +261,21 @@ struct list struct client_state { + /* The proxy's configuration */ struct configuration_spec * config; + + /* The permissions that the current URL has */ int permissions; - + + + /* socket to talk to client (web browser) */ int cfd; + + /* socket to talk to server (web server or proxy) */ int sfd; + #ifdef STATISTICS /* 1 if this URL was rejected, 0 otherwise. Allows actual stats inc to * occur in main thread only for thread-safety. @@ -276,9 +291,17 @@ struct client_state int toggled_on; #endif /* def TOGGLE */ + /* + * Client PC's IP address, as reported by the accept()_ function. + * Both as string and number + */ char *ip_addr_str; long ip_addr_long; + +#ifdef TRUST_FILES + /* The referer in this request, if one was specified. */ char *referrer; +#endif /* def TRUST_FILES */ #if defined(DETECT_MSIE_IMAGES) /* Types the client will accept. @@ -287,23 +310,33 @@ struct client_state int accept_types; #endif /* defined(DETECT_MSIE_IMAGES) */ - const struct gateway *gw; + /* The URL that was requested */ struct http_request http[1]; + /* An I/O buffer used for buffering data read from the client */ struct iob iob[1]; + /* List of all headers for this request */ struct list headers[1]; + + /* List of all cookies for this request */ struct list cookie_list[1]; + #if defined(PCRS) || defined(KILLPOPUPS) + /* Nonzero if this has a text MIME type */ int is_text; #endif /* defined(PCRS) || defined(KILLPOPUPS) */ + /* The "X-Forwarded-For:" header sent by the client */ char *x_forwarded; + /* + * Nonzero if this client is processing data. + * Set to zero when the thread associated with this structure dies. + */ int active; /* files associated with this client */ - struct file_list *blist; /* blockfile */ struct file_list *flist; /* forwardfile */ struct file_list *permissions_list; @@ -312,10 +345,6 @@ struct client_state struct file_list *alist; /* aclfile */ #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST - struct file_list *ilist; /* imagefile */ -#endif /* def USE_IMAGE_LIST */ - #ifdef PCRS struct file_list *rlist; /* Perl re_filterfile */ size_t content_length; /* Length after processing */ @@ -345,8 +374,7 @@ struct interceptors }; -/* this allows the proxy to permit/block access to any host and/or path */ - +/* A URL pattern */ struct url_spec { char *spec; @@ -407,30 +435,44 @@ struct file_list }; +#ifdef TRUST_FILES struct block_spec { struct url_spec url[1]; int reject; struct block_spec *next; }; +#endif /* def TRUST_FILES */ + + +#define PERMIT_COOKIE_SET 0x0001U +#define PERMIT_COOKIE_READ 0x0002U +#define PERMIT_RE_FILTER 0x0004U +#define PERMIT_POPUPS 0x0008U +#define PERMIT_REFERER 0x0010U /* sic - follow HTTP, not English */ +#define PERMIT_FAST_REDIRECTS 0x0020U +#define PERMIT_BLOCK 0x0040U +#define PERMIT_IMAGE 0x0080U + +#define PERMIT_USER_AGENT PERMIT_COOKIE_SET /* FIXME Alias this for now */ +#define PERMIT_MASK_ALL (~0U) -#define PERMIT_COOKIE_SET 0x0001 -#define PERMIT_COOKIE_READ 0x0002 -#define PERMIT_RE_FILTER 0x0004 -#define PERMIT_POPUPS 0x0008 +#define PERMIT_MOST_COMPATIBLE (PERMIT_COOKIE_SET | PERMIT_COOKIE_READ | \ + PERMIT_REFERER | PERMIT_POPUPS | PERMIT_USER_AGENT) struct permissions_spec { - struct url_spec url[1]; - int permissions; + struct url_spec url[1]; + unsigned mask; /* a bit set to "0" = remove permission */ + unsigned add; /* a bit set to "1" = add permission */ struct permissions_spec * next; }; + struct forward_spec { struct url_spec url[1]; - int reject; struct gateway gw[1]; struct forward_spec *next; }; @@ -467,6 +509,7 @@ struct access_control_list }; #endif /* def ACL_FILES */ + /* Maximum number of loaders (permissions, block, forward, acl...) */ #define NLOADERS 8 @@ -480,14 +523,13 @@ struct configuration_spec int debug; int multi_threaded; -#if defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) +#ifdef IMAGE_BLOCKING int tinygif; const char *tinygifurl; -#endif /* defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) */ +#endif /* def IMAGE_BLOCKING */ const char *logfile; - const char *blockfile; const char *permissions_file; const char *forwardfile; @@ -495,10 +537,6 @@ struct configuration_spec const char *aclfile; #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST - const char *imagefile; -#endif /* def USE_IMAGE_LIST */ - #ifdef PCRS const char *re_filterfile; #endif /* def PCRS */ @@ -534,14 +572,10 @@ struct configuration_spec #endif /* ndef SPLIT_PROXY_ARGS */ #ifndef SPLIT_PROXY_ARGS - /* suppress listing sblock and simage */ + /* suppress listing config files */ int suppress_blocklists; #endif /* ndef SPLIT_PROXY_ARGS */ -#ifdef FAST_REDIRECTS - int fast_redirects; -#endif /* def FAST_REDIRECTS */ - #ifdef TRUST_FILES const char * trustfile; @@ -549,13 +583,20 @@ struct configuration_spec struct url_spec *trust_list[64]; #endif /* def TRUST_FILES */ - struct proxy_args proxy_args[1]; + /* Various strings for show-proxy-args */ + char *proxy_args_header; + char *proxy_args_invocation; + char *proxy_args_gateways; + char *proxy_args_trailer; + /* the configuration file object. */ struct file_list *config_file_list; + /* List of loaders */ int (*loaders[NLOADERS])(struct client_state *); - int need_bind; /* bool, nonzero if we need to bind() to the new port */ + /* bool, nonzero if we need to bind() to the new port */ + int need_bind; }; @@ -628,7 +669,7 @@ static const char CHEADER[] = static const char SHEADER[] = "HTTP/1.0 502 Invalid header received from server\n\n"; -#if defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) +#ifdef IMAGE_BLOCKING /* * Hint: You can encode your own GIFs like that: @@ -660,9 +701,9 @@ static const char JBGIF[] = "\372\003S\275\274k2\354\254z\347?\335\274x\306^9\374\276" "\037Q\000\000;"; -#endif /* defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) */ +#endif /* def IMAGE_BLOCKING */ -#if defined(FAST_REDIRECTS) || defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) +#if defined(FAST_REDIRECTS) || defined(IMAGE_BLOCKING) static const char HTTP_REDIRECT_TEMPLATE[] = "HTTP/1.0 302 Local Redirect from Junkbuster\r\n" @@ -671,7 +712,7 @@ static const char HTTP_REDIRECT_TEMPLATE[] = "Expires: Thu Jul 31, 1997 07:42:22 pm GMT\r\n" "Location: %s\r\n"; -#endif /* defined(DETECT_MSIE_IMAGES) || defined(USE_IMAGE_LIST) */ +#endif /* defined(FAST_REDIRECTS) || defined(IMAGE_BLOCKING) */ #ifdef __cplusplus } /* extern "C" */ diff --git a/showargs.c b/showargs.c index 3889b8c6..1b0afe63 100644 --- a/showargs.c +++ b/showargs.c @@ -1,4 +1,4 @@ -const char showargs_rcs[] = "$Id: showargs.c,v 1.6 2001/05/25 22:32:56 jongfoster Exp $"; +const char showargs_rcs[] = "$Id: showargs.c,v 1.7 2001/05/26 00:28:36 jongfoster Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/showargs.c,v $ @@ -33,6 +33,13 @@ const char showargs_rcs[] = "$Id: showargs.c,v 1.6 2001/05/25 22:32:56 jongfoste * * Revisions : * $Log: showargs.c,v $ + * Revision 1.7 2001/05/26 00:28:36 jongfoster + * Automatic reloading of config file. + * Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32). + * Most of the global variables have been moved to a new + * struct configuration_spec, accessed through csp->config->globalname + * Most of the globals remaining are used by the Win32 GUI. + * * Revision 1.6 2001/05/25 22:32:56 jongfoster * CRLF->LF * @@ -237,7 +244,7 @@ void savearg(char *c, char *o, struct configuration_spec * config) strcat(buf, "
\n"); - config->proxy_args->invocation = strsav(config->proxy_args->invocation, buf); + config->proxy_args_invocation = strsav(config->proxy_args_invocation, buf); } @@ -261,10 +268,10 @@ void init_proxy_args(int argc, const char *argv[], struct configuration_spec * c char * b; int i; - freez(config->proxy_args->header); - freez(config->proxy_args->invocation); - freez(config->proxy_args->gateways); - freez(config->proxy_args->trailer); + freez(config->proxy_args_header); + freez(config->proxy_args_invocation); + freez(config->proxy_args_gateways); + freez(config->proxy_args_trailer); b = NULL; @@ -298,10 +305,10 @@ void init_proxy_args(int argc, const char *argv[], struct configuration_spec * c } b = strsav(b, "
\n"); - config->proxy_args->header = b; + config->proxy_args_header = b; - config->proxy_args->invocation = strsav( - config->proxy_args->invocation, + config->proxy_args_invocation = strsav( + config->proxy_args_invocation, "
\n" "and the following options were set in the configuration file" "

\n" @@ -319,7 +326,7 @@ void init_proxy_args(int argc, const char *argv[], struct configuration_spec * c } b = strsav(b, "
\n"); - config->proxy_args->gateways = b; + config->proxy_args_gateways = b; } @@ -490,11 +497,11 @@ void end_proxy_args(struct configuration_spec * config) b = strsav(b, "

  • #undef DETECT_MSIE_IMAGES - Disables detecting image requests automatically for MSIE.
    • \n"); #endif /* ndef DETECT_MSIE_IMAGES */ -#ifdef USE_IMAGE_LIST - b = strsav(b, "
  • #define USE_IMAGE_LIST - Enables using image list to detect images.
    • \n"); -#else /* ifndef USE_IMAGE_LIST */ - b = strsav(b, "
  • #undef USE_IMAGE_LIST - Disables using image list to detect images.
    • \n"); -#endif /* ndef USE_IMAGE_LIST */ +#ifdef IMAGE_BLOCKING + b = strsav(b, "
  • #define IMAGE_BLOCKING - Enables sending \"blocked\" images instead of HTML.
    • \n"); +#else /* ifndef IMAGE_BLOCKING */ + b = strsav(b, "
  • #undef IMAGE_BLOCKING - Disables sending \"blocked\" images instead of HTML.
    • \n"); +#endif /* ndef IMAGE_BLOCKING */ #ifdef ACL_FILES b = strsav(b, "
  • #define ACL_FILES - Enables the use of ACL files to control access to the proxy by IP address.
    • \n"); @@ -534,7 +541,7 @@ void end_proxy_args(struct configuration_spec * config) "\n" ); - config->proxy_args->trailer = b; + config->proxy_args_trailer = b; } diff --git a/w32.rc b/w32.rc index 2ca33d95..834664d9 100644 --- a/w32.rc +++ b/w32.rc @@ -31,6 +31,9 @@ * * Revisions : * $Log: w32.rc,v $ + * Revision 1.6 2001/05/26 14:15:18 jongfoster + * Cosmetic fix: // -> block comment + * * Revision 1.5 2001/05/26 13:24:31 jongfoster * New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor. * This #define cannot be set from ./configure - there's no point, it @@ -128,15 +131,11 @@ BEGIN BEGIN MENUITEM "&Junkbuster...", ID_TOOLS_EDITJUNKBUSTER MENUITEM SEPARATOR - MENUITEM "&Blockers...", ID_TOOLS_EDITBLOCKERS MENUITEM "&Permissions...", ID_TOOLS_EDITPERMISSIONS MENUITEM "&Forward...", ID_TOOLS_EDITFORWARD #ifdef ACL_FILES MENUITEM "&Access Control Lists...", ID_TOOLS_EDITACLS #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST - MENUITEM "&Images...", ID_TOOLS_EDITIMAGE -#endif /* def USE_IMAGE_LIST */ #ifdef PCRS MENUITEM "Perl &Regexps...", ID_TOOLS_EDITPERLRE #endif /* def PCRS */ @@ -179,15 +178,11 @@ BEGIN #endif MENUITEM "&Junkbuster...", ID_TOOLS_EDITJUNKBUSTER MENUITEM SEPARATOR - MENUITEM "&Blockers...", ID_TOOLS_EDITBLOCKERS MENUITEM "&Permissions...", ID_TOOLS_EDITPERMISSIONS MENUITEM "&Forward...", ID_TOOLS_EDITFORWARD #ifdef ACL_FILES MENUITEM "&Access Control Lists...",ID_TOOLS_EDITACLS #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST - MENUITEM "&Images...", ID_TOOLS_EDITIMAGE -#endif /* def USE_IMAGE_LIST */ #ifdef PCRS MENUITEM "Perl &Regexps...", ID_TOOLS_EDITPERLRE #endif /* def PCRS */ diff --git a/w32log.c b/w32log.c index e1fa8cc5..90a3bd71 100644 --- a/w32log.c +++ b/w32log.c @@ -1,4 +1,4 @@ -const char w32log_rcs[] = "$Id: w32log.c,v 1.6 2001/05/26 00:31:30 jongfoster Exp $"; +const char w32log_rcs[] = "$Id: w32log.c,v 1.7 2001/05/26 01:26:34 jongfoster Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/w32log.c,v $ @@ -32,6 +32,11 @@ const char w32log_rcs[] = "$Id: w32log.c,v 1.6 2001/05/26 00:31:30 jongfoster Ex * * Revisions : * $Log: w32log.c,v $ + * Revision 1.7 2001/05/26 01:26:34 jongfoster + * New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor. + * This #define cannot be set from ./configure - there's no point, it + * doesn't work yet. See feature request # 425722 + * * Revision 1.6 2001/05/26 00:31:30 jongfoster * Fixing compiler warning about comparing signed/unsigned. * @@ -162,15 +167,11 @@ int g_nFontSize = DEFAULT_LOG_FONT_SIZE; /* FIXME: this is a kludge */ -const char * g_blockfile = NULL; const char * g_permissions_file = NULL; const char * g_forwardfile = NULL; #ifdef ACL_FILES const char * g_aclfile = NULL; #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST -const char * g_imagefile = NULL; -#endif /* def USE_IMAGE_LIST */ #ifdef PCRS const char * g_re_filterfile = NULL; #endif @@ -1083,10 +1084,6 @@ void OnLogCommand(int nCommand) EditFile(configfile); break; - case ID_TOOLS_EDITBLOCKERS: - EditFile(g_blockfile); - break; - case ID_TOOLS_EDITPERMISSIONS: EditFile(g_permissions_file); break; @@ -1101,12 +1098,6 @@ void OnLogCommand(int nCommand) break; #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST - case ID_TOOLS_EDITIMAGE: - EditFile(g_imagefile); - break; -#endif /* def USE_IMAGE_LIST */ - #ifdef PCRS case ID_TOOLS_EDITPERLRE: EditFile(g_re_filterfile); @@ -1170,14 +1161,10 @@ void OnLogInitMenu(HMENU hmenu) { /* Only enable editors if there is a file to edit */ EnableMenuItem(hmenu, ID_TOOLS_EDITPERMISSIONS, MF_BYCOMMAND | (g_permissions_file ? MF_ENABLED : MF_GRAYED)); - EnableMenuItem(hmenu, ID_TOOLS_EDITBLOCKERS, MF_BYCOMMAND | (g_blockfile ? MF_ENABLED : MF_GRAYED)); EnableMenuItem(hmenu, ID_TOOLS_EDITFORWARD, MF_BYCOMMAND | (g_forwardfile ? MF_ENABLED : MF_GRAYED)); #ifdef ACL_FILES EnableMenuItem(hmenu, ID_TOOLS_EDITACLS, MF_BYCOMMAND | (g_aclfile ? MF_ENABLED : MF_GRAYED)); #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST - EnableMenuItem(hmenu, ID_TOOLS_EDITIMAGE, MF_BYCOMMAND | (g_imagefile ? MF_ENABLED : MF_GRAYED)); -#endif /* def USE_IMAGE_LIST */ #ifdef PCRS EnableMenuItem(hmenu, ID_TOOLS_EDITPERLRE, MF_BYCOMMAND | (g_re_filterfile ? MF_ENABLED : MF_GRAYED)); #endif diff --git a/w32log.h b/w32log.h index 75da1c59..db36556c 100644 --- a/w32log.h +++ b/w32log.h @@ -1,6 +1,6 @@ #ifndef _W32LOG_H #define _W32LOG_H -#define W32LOG_H_VERSION "$Id: w32log.h,v 1.1.1.1 2001/05/15 13:59:07 oes Exp $" +#define W32LOG_H_VERSION "$Id: w32log.h,v 1.2 2001/05/26 00:28:36 jongfoster Exp $" /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/w32log.h,v $ @@ -34,6 +34,13 @@ * * Revisions : * $Log: w32log.h,v $ + * Revision 1.2 2001/05/26 00:28:36 jongfoster + * Automatic reloading of config file. + * Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32). + * Most of the global variables have been moved to a new + * struct configuration_spec, accessed through csp->config->globalname + * Most of the globals remaining are used by the Win32 GUI. + * * Revision 1.1.1.1 2001/05/15 13:59:07 oes * Initial import of version 2.9.3 source tree * @@ -77,15 +84,11 @@ extern int g_nFontSize; /* FIXME: this is a kludge */ -extern const char * g_blockfile; extern const char * g_permissions_file; extern const char * g_forwardfile; #ifdef ACL_FILES extern const char * g_aclfile; #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST -extern const char * g_imagefile; -#endif /* def USE_IMAGE_LIST */ #ifdef PCRS extern const char * g_re_filterfile; #endif diff --git a/w32res.h b/w32res.h index f4417b8a..78cc0514 100644 --- a/w32res.h +++ b/w32res.h @@ -1,6 +1,6 @@ #ifndef _W32RES_H #define _W32RES_H -#define W32RES_H_VERSION "$Id: w32res.h,v 1.3 2001/05/26 00:28:36 jongfoster Exp $" +#define W32RES_H_VERSION "$Id: w32res.h,v 1.4 2001/05/26 01:26:34 jongfoster Exp $" /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/w32res.h,v $ @@ -34,6 +34,11 @@ * * Revisions : * $Log: w32res.h,v $ + * Revision 1.4 2001/05/26 01:26:34 jongfoster + * New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor. + * This #define cannot be set from ./configure - there's no point, it + * doesn't work yet. See feature request # 425722 + * * Revision 1.3 2001/05/26 00:28:36 jongfoster * Automatic reloading of config file. * Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32). @@ -119,24 +124,19 @@ /* Break these out so they are easier to extend, but keep consecutive */ #define ID_TOOLS_EDITJUNKBUSTER 5000 -#define ID_TOOLS_EDITBLOCKERS 5001 -#define ID_TOOLS_EDITPERMISSIONS 5002 -#define ID_TOOLS_EDITFORWARD 5003 +#define ID_TOOLS_EDITPERMISSIONS 5001 +#define ID_TOOLS_EDITFORWARD 5002 #ifdef ACL_FILES -#define ID_TOOLS_EDITACLS 5005 +#define ID_TOOLS_EDITACLS 5003 #endif /* def ACL_FILES */ -#ifdef USE_IMAGE_LIST -#define ID_TOOLS_EDITIMAGE 5006 -#endif /* def USE_IMAGE_LIST */ - #ifdef PCRS -#define ID_TOOLS_EDITPERLRE 5008 +#define ID_TOOLS_EDITPERLRE 5004 #endif /* def PCRS */ #ifdef TRUST_FILES -#define ID_TOOLS_EDITTRUST 5004 +#define ID_TOOLS_EDITTRUST 5005 #endif /* def TRUST_FILES */ /* -- 2.39.2