As Hal noticed, checking dispatch_cgi() as the last cruncher

looks like a bug if CGI requests are blocked unintentionally,
so don't do it unless the user enabled the new config option
"allow-cgi-request-crunching".

diff --git a/jcc.c b/jcc.c
index cccc49b..408612b 100644 (file)
--- a/jcc.c
+++ b/jcc.c
@@ -1,4 +1,4 @@
-const char jcc_rcs[] = "$Id: jcc.c,v 1.138 2007/06/03 18:45:18 fabiankeil Exp $";
+const char jcc_rcs[] = "$Id: jcc.c,v 1.139 2007/07/14 07:46:41 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/jcc.c,v $
@@ -33,6 +33,14 @@ const char jcc_rcs[] = "$Id: jcc.c,v 1.138 2007/06/03 18:45:18 fabiankeil Exp $"
  *
  * Revisions   :
  *    $Log: jcc.c,v $
+ *    Revision 1.139  2007/07/14 07:46:41  fabiankeil
+ *    - Allow to rewrite the request destination behind the client's back.
+ *    - Turn the weird-looking unconditional for loop that
+ *      reads the client request into a conditional while loop.
+ *      Move the stuff that only runs once out of the loop.
+ *    - Move parts of chat(), server_content_type() and the
+ *      necessary stuff to fix BR#1750917 into get_filter_function().
+ *
  *    Revision 1.138  2007/06/03 18:45:18  fabiankeil
  *    Temporary workaround for BR#1730105.
  *
@@ -1587,6 +1595,19 @@ int crunch_response_triggered(struct client_state *csp, const struct cruncher cr
    struct http_response *rsp = NULL;
    const struct cruncher *c;
 
+   /*
+    * If CGI request crunching is disabled,
+    * check the CGI dispatcher out of order to
+    * prevent unintentional blocks or redirects. 
+    */
+   if (!(csp->config->feature_flags & RUNTIME_FEATURE_CGI_CRUNCHING)
+       && (NULL != (rsp = dispatch_cgi(csp))))
+   {
+      /* Deliver, log and free the interception response. */
+      send_crunch_response(csp, rsp);
+      return TRUE;
+   }
+
    for (c = crunchers; c->cruncher != NULL; c++)
    {
       /*

diff --git a/loadcfg.c b/loadcfg.c
index dd32234..260f921 100644 (file)
--- a/loadcfg.c
+++ b/loadcfg.c
@@ -1,4 +1,4 @@
-const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.63 2007/04/09 18:11:36 fabiankeil Exp $";
+const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.64 2007/05/21 10:44:08 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/loadcfg.c,v $
@@ -35,6 +35,15 @@ const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.63 2007/04/09 18:11:36 fabiankeil
  *
  * Revisions   :
  *    $Log: loadcfg.c,v $
+ *    Revision 1.64  2007/05/21 10:44:08  fabiankeil
+ *    - Use strlcpy() instead of strcpy().
+ *    - Stop treating actions files special. Expect a complete file name
+ *      (with or without path) like it's done for the rest of the files.
+ *      Closes FR#588084.
+ *    - Remove an unnecessary temporary memory allocation.
+ *    - Don't log anything to the console when running as
+ *      daemon and no errors occurred.
+ *
  *    Revision 1.63  2007/04/09 18:11:36  fabiankeil
  *    Don't mistake VC++'s _snprintf() for a snprintf() replacement.
  *
@@ -486,6 +495,7 @@ static struct file_list *current_configfile = NULL;
 #define hash_actions_file                1196306641ul /* "actionsfile" */
 #define hash_accept_intercepted_requests 1513024973ul /* "accept-intercepted-requests" */
 #define hash_admin_address               4112573064ul /* "admin-address" */
+#define hash_allow_cgi_request_crunching  258915987ul /* "allow-cgi-request-crunching" */
 #define hash_buffer_limit                1881726070ul /* "buffer-limit */
 #define hash_confdir                        1978389ul /* "confdir" */
 #define hash_debug                            78263ul /* "debug" */
@@ -818,6 +828,20 @@ struct configuration_spec * load_config(void)
             config->admin_address = strdup(arg);
             continue;
 
+/* *************************************************************************
+ * allow-cgi-request-crunching
+ * *************************************************************************/
+         case hash_allow_cgi_request_crunching:
+            if ((*arg != '\0') && (0 != atoi(arg)))
+            {
+               config->feature_flags |= RUNTIME_FEATURE_CGI_CRUNCHING;
+            }
+            else
+            {
+               config->feature_flags &= ~RUNTIME_FEATURE_CGI_CRUNCHING;
+            }
+            continue;
+
 /* *************************************************************************
  * buffer-limit n
  * *************************************************************************/

diff --git a/project.h b/project.h
index 6ef421c..efc2400 100644 (file)
--- a/project.h
+++ b/project.h
@@ -1,7 +1,7 @@
 #ifndef PROJECT_H_INCLUDED
 #define PROJECT_H_INCLUDED
 /** Version string. */
-#define PROJECT_H_VERSION "$Id: project.h,v 1.97 2007/05/27 12:38:08 fabiankeil Exp $"
+#define PROJECT_H_VERSION "$Id: project.h,v 1.98 2007/07/14 07:31:26 fabiankeil Exp $"
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/project.h,v $
@@ -37,6 +37,9 @@
  *
  * Revisions   :
  *    $Log: project.h,v $
+ *    Revision 1.98  2007/07/14 07:31:26  fabiankeil
+ *    Add new csp->content_type flag (CT_DECLARED).
+ *
  *    Revision 1.97  2007/05/27 12:38:08  fabiankeil
  *    - Remove some left-overs from the switch to dedicated header filters.
  *    - Adjust "X-Filter: No" to disable dedicated header filters.
@@ -1579,6 +1582,9 @@ struct access_control_list
 /** configuration_spec::feature_flags: Don't allow to circumvent blocks with the force prefix. */
 #define RUNTIME_FEATURE_ENFORCE_BLOCKS              32
 
+/** configuration_spec::feature_flags: Allow to block or redirect CGI requests. */
+#define RUNTIME_FEATURE_CGI_CRUNCHING               64
+
 
 /**
  * Data loaded from the configuration file.