1 const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.94 2009/04/17 11:27:49 fabiankeil Exp $";
2 /*********************************************************************
4 * File : $Source: /cvsroot/ijbswa/current/loadcfg.c,v $
6 * Purpose : Loads settings from the configuration file into
7 * global variables. This file contains both the
8 * routine to load the configuration and the global
9 * variables it writes to.
11 * Copyright : Written by and Copyright (C) 2001-2009 the
12 * Privoxy team. http://www.privoxy.org/
14 * Based on the Internet Junkbuster originally written
15 * by and Copyright (C) 1997 Anonymous Coders and
16 * Junkbusters Corporation. http://www.junkbusters.com
18 * This program is free software; you can redistribute it
19 * and/or modify it under the terms of the GNU General
20 * Public License as published by the Free Software
21 * Foundation; either version 2 of the License, or (at
22 * your option) any later version.
24 * This program is distributed in the hope that it will
25 * be useful, but WITHOUT ANY WARRANTY; without even the
26 * implied warranty of MERCHANTABILITY or FITNESS FOR A
27 * PARTICULAR PURPOSE. See the GNU General Public
28 * License for more details.
30 * The GNU General Public License should be included with
31 * this file. If not, you can view it at
32 * http://www.gnu.org/copyleft/gpl.html
33 * or write to the Free Software Foundation, Inc., 59
34 * Temple Place - Suite 330, Boston, MA 02111-1307, USA.
38 * Revision 1.94 2009/04/17 11:27:49 fabiankeil
39 * Petr Pisar's privoxy-3.0.12-ipv6-3.diff.
41 * Revision 1.93 2009/03/18 21:46:26 fabiankeil
42 * Revert the last commit as there's a better way.
44 * Revision 1.92 2009/03/18 20:43:19 fabiankeil
45 * Don't enable LOG_LEVEL_INFO by default and don't apply the user's
46 * debug settings until the logfile has been opened (if there is one).
47 * Patch submitted by Roland in #2624120.
49 * Revision 1.91 2009/03/09 17:29:08 fabiankeil
50 * As of r1.88, the show-status page can use a single line for
51 * warnings about ignored directives and the names of the ignored
52 * directives themselves. Reminded by Lee, finally closes #1856559.
54 * Revision 1.90 2009/03/07 17:58:02 fabiankeil
55 * Fix two mingw32-only buffer overflows. Note that triggering
56 * them requires control over the configuration file in which
57 * case all bets are off anyway.
59 * Revision 1.89 2009/03/01 18:46:33 fabiankeil
60 * - Help clang understand that we aren't
61 * dereferencing NULL pointers here.
62 * - Some style fixes in the modified region.
64 * Revision 1.88 2009/02/28 10:57:10 fabiankeil
65 * Gimme a break or two. Don't let the show-status page
66 * link to the website documentation for the user-manual
69 * Revision 1.87 2009/02/15 07:56:13 fabiankeil
70 * Increase default socket timeout to 300 seconds.
72 * Revision 1.86 2009/02/08 19:18:57 fabiankeil
73 * Now that we have the match-all.action file, the other action
74 * files changed their position in config->actions_file[] back
75 * to the way it was before standard.action got removed and the
76 * changes from revision 1.84 have to be reverted.
78 * Revision 1.85 2009/01/22 12:06:26 fabiankeil
79 * Don't keep connections alive when running single-threaded.
81 * Revision 1.84 2009/01/14 16:14:36 fabiankeil
82 * Due to the standard.action file removal, the other action
83 * files changed their position in config->actions_file[].
84 * Update mingw32 kludge accordingly.
86 * Revision 1.83 2008/12/20 14:53:55 fabiankeil
87 * Add config option socket-timeout to control the time
88 * Privoxy waits for data to arrive on a socket. Useful
89 * in case of stale ssh tunnels or when fuzz-testing.
91 * Revision 1.82 2008/11/16 12:43:49 fabiankeil
92 * Turn keep-alive support into a runtime feature
93 * that is disabled by setting keep-alive-timeout
94 * to a negative value.
96 * Revision 1.81 2008/11/13 09:08:42 fabiankeil
97 * Add new config option: keep-alive-timeout.
99 * Revision 1.80 2008/08/31 15:59:03 fabiankeil
100 * There's no reason to let remote toggling support depend
101 * on FEATURE_CGI_EDIT_ACTIONS, so make sure it doesn't.
103 * Revision 1.79 2008/08/30 12:03:07 fabiankeil
104 * Remove FEATURE_COOKIE_JAR.
106 * Revision 1.78 2008/08/02 08:23:22 fabiankeil
107 * If the enforce-blocks directive is used with FEATURE_FORCE_LOAD
108 * disabled, log a message that blocks will always be enforced
109 * instead of complaining about an unrecognized directive.
110 * Reported by Pietro Leone.
112 * Revision 1.77 2008/05/26 16:13:22 fabiankeil
113 * Reuse directive_hash and don't hash the same directive twice.
115 * Revision 1.76 2008/05/10 09:03:16 fabiankeil
116 * - Merge three string_append() calls.
117 * - Remove useless assertion.
119 * Revision 1.75 2008/03/30 14:52:05 fabiankeil
120 * Rename load_actions_file() and load_re_filterfile()
121 * as they load multiple files "now".
123 * Revision 1.74 2008/03/26 18:07:07 fabiankeil
124 * Add hostname directive. Closes PR#1918189.
126 * Revision 1.73 2008/02/16 16:54:51 fabiankeil
129 * Revision 1.72 2008/02/03 13:46:15 fabiankeil
130 * Add SOCKS5 support. Patch #1862863 by Eric M. Hopper with minor changes.
132 * Revision 1.71 2007/12/23 15:24:56 fabiankeil
133 * Reword "unrecognized directive" warning, use better
134 * mark up and add a <br>. Fixes parts of #1856559.
136 * Revision 1.70 2007/12/15 14:24:05 fabiankeil
137 * Plug memory leak if listen-address only specifies the port.
139 * Revision 1.69 2007/10/27 13:02:27 fabiankeil
140 * Relocate daemon-mode-related log messages to make sure
141 * they aren't shown again in case of configuration reloads.
143 * Revision 1.68 2007/10/19 16:32:34 fabiankeil
144 * Plug memory leak introduced with my last commit.
146 * Revision 1.67 2007/10/14 14:12:41 fabiankeil
147 * When in daemon mode, close stderr after the configuration file has been
148 * parsed the first time. If logfile isn't set, stop logging. Fixes BR#897436.
150 * Revision 1.66 2007/08/05 14:02:09 fabiankeil
151 * #1763173 from Stefan Huehner: declare unload_configfile() static.
153 * Revision 1.65 2007/07/21 11:51:36 fabiankeil
154 * As Hal noticed, checking dispatch_cgi() as the last cruncher
155 * looks like a bug if CGI requests are blocked unintentionally,
156 * so don't do it unless the user enabled the new config option
157 * "allow-cgi-request-crunching".
159 * Revision 1.64 2007/05/21 10:44:08 fabiankeil
160 * - Use strlcpy() instead of strcpy().
161 * - Stop treating actions files special. Expect a complete file name
162 * (with or without path) like it's done for the rest of the files.
164 * - Remove an unnecessary temporary memory allocation.
165 * - Don't log anything to the console when running as
166 * daemon and no errors occurred.
168 * Revision 1.63 2007/04/09 18:11:36 fabiankeil
169 * Don't mistake VC++'s _snprintf() for a snprintf() replacement.
171 * Revision 1.62 2007/03/17 15:20:05 fabiankeil
172 * New config option: enforce-blocks.
174 * Revision 1.61 2007/03/16 16:47:35 fabiankeil
175 * - Mention other reasons why acl directive loading might have failed.
176 * - Don't log the acl source if the acl destination is to blame.
178 * Revision 1.60 2007/01/27 13:09:16 fabiankeil
179 * Add new config option "templdir" to
180 * change the templates directory.
182 * Revision 1.59 2006/12/31 17:56:38 fabiankeil
183 * Added config option accept-intercepted-requests
184 * and disabled it by default.
186 * Revision 1.58 2006/12/31 14:24:29 fabiankeil
187 * Fix gcc43 compiler warnings.
189 * Revision 1.57 2006/12/21 12:57:48 fabiankeil
190 * Add config option "split-large-forms"
191 * to work around the browser bug reported
194 * Revision 1.56 2006/12/17 17:04:51 fabiankeil
195 * Move the <br> in the generated HTML for the config
196 * options from the beginning of the string to its end.
197 * Keeps the white space in balance.
199 * Revision 1.55 2006/11/28 15:31:52 fabiankeil
200 * Fix memory leak in case of config file reloads.
202 * Revision 1.54 2006/10/21 16:04:22 fabiankeil
203 * Modified kludge for win32 to make ming32 menu
204 * "Options/Edit Filters" (sort of) work again.
205 * Same limitations as for the action files apply.
208 * Revision 1.53 2006/09/06 18:45:03 fabiankeil
209 * Incorporate modified version of Roland Rosenfeld's patch to
210 * optionally access the user-manual via Privoxy. Closes patch 679075.
212 * Formatting changed to Privoxy style, added call to
213 * cgi_error_no_template if the requested file doesn't
214 * exist and modified check whether or not Privoxy itself
215 * should serve the manual. Should work cross-platform now.
217 * Revision 1.52 2006/09/06 10:43:32 fabiankeil
218 * Added config option enable-remote-http-toggle
219 * to specify if Privoxy should recognize special
220 * headers (currently only X-Filter) to change its
221 * behaviour. Disabled by default.
223 * Revision 1.51 2006/09/06 09:23:37 fabiankeil
224 * Make number of retries in case of forwarded-connect problems
225 * a config file option (forwarded-connect-retries) and use 0 as
228 * Revision 1.50 2006/07/18 14:48:46 david__schmidt
229 * Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
230 * with what was really the latest development (the v_3_0_branch branch)
232 * Revision 1.48.2.7 2006/02/02 17:29:16 david__schmidt
233 * Don't forget to malloc space for the null terminator...
235 * Revision 1.48.2.6 2006/01/29 23:10:56 david__schmidt
236 * Multiple filter file support
238 * Revision 1.48.2.5 2003/05/08 15:17:25 oes
239 * Closed two memory leaks; hopefully the last remaining ones
240 * (in the main execution paths, anyway).
242 * Revision 1.48.2.4 2003/04/11 12:06:14 oes
243 * Addressed bug #719435
244 * - Extraneous filterfile directives now logged as errors
245 * - This and unrecnonised directives now really obvious on status page
247 * Revision 1.48.2.3 2003/03/11 11:53:59 oes
248 * Cosmetic: Renamed cryptic variable
250 * Revision 1.48.2.2 2002/11/12 16:28:20 oes
251 * Move unrelated variable declaration out of #ifdef FEATURE_ACL; fixes bug #636655
253 * Revision 1.48.2.1 2002/08/21 17:58:05 oes
254 * Temp kludge to let user and default action file be edited through win32 GUI (FR 592080)
256 * Revision 1.48 2002/05/14 21:30:38 oes
257 * savearg now uses own linking code instead of (now special-cased) add_help_link
259 * Revision 1.47 2002/05/12 21:36:29 jongfoster
260 * Correcting function comments
262 * Revision 1.46 2002/04/26 12:55:14 oes
263 * - New option "user-manual", defaults to our site
264 * via project.h #define
265 * - savearg now embeds option names in help links
267 * Revision 1.45 2002/04/24 02:11:54 oes
268 * Jon's multiple AF patch: Allow up to MAX_AF_FILES actionsfile options
270 * Revision 1.44 2002/04/08 20:37:13 swa
273 * Revision 1.43 2002/04/08 20:36:50 swa
276 * Revision 1.42 2002/04/05 15:50:15 oes
277 * fix for invalid HTML proxy_args
279 * Revision 1.41 2002/03/31 17:19:00 jongfoster
280 * Win32 only: Enabling STRICT to fix a VC++ compile warning.
282 * Revision 1.40 2002/03/26 22:29:55 swa
283 * we have a new homepage!
285 * Revision 1.39 2002/03/24 13:25:43 swa
286 * name change related issues
288 * Revision 1.38 2002/03/24 13:05:48 jongfoster
289 * Renaming re_filterfile to filterfile
291 * Revision 1.37 2002/03/16 23:54:06 jongfoster
292 * Adding graceful termination feature, to help look for memory leaks.
293 * If you enable this (which, by design, has to be done by hand
294 * editing config.h) and then go to http://i.j.b/die, then the program
295 * will exit cleanly after the *next* request. It should free all the
296 * memory that was used.
298 * Revision 1.36 2002/03/13 00:27:05 jongfoster
301 * Revision 1.35 2002/03/07 03:52:44 oes
302 * Set logging to tty for --no-daemon mode
304 * Revision 1.34 2002/03/06 23:14:35 jongfoster
305 * Trivial cosmetic changes to make function comments easier to find.
307 * Revision 1.33 2002/03/05 04:52:42 oes
308 * Deleted non-errlog debugging code
310 * Revision 1.32 2002/03/04 18:24:53 oes
311 * Re-enabled output of unknown config directive hash
313 * Revision 1.31 2002/03/03 15:07:20 oes
314 * Re-enabled automatic config reloading
316 * Revision 1.30 2002/01/22 23:31:43 jongfoster
317 * Replacing strsav() with string_append()
319 * Revision 1.29 2002/01/17 21:02:30 jongfoster
320 * Moving all our URL and URL pattern parsing code to urlmatch.c.
322 * Renaming free_url to free_url_spec, since it frees a struct url_spec.
324 * Revision 1.28 2001/12/30 14:07:32 steudten
325 * - Add signal handling (unix)
326 * - Add SIGHUP handler (unix)
327 * - Add creation of pidfile (unix)
328 * - Add action 'top' in rc file (RH)
329 * - Add entry 'SIGNALS' to manpage
330 * - Add exit message to logfile (unix)
332 * Revision 1.27 2001/11/07 00:02:13 steudten
333 * Add line number in error output for lineparsing for
334 * actionsfile and configfile.
335 * Special handling for CLF added.
337 * Revision 1.26 2001/11/05 21:41:43 steudten
338 * Add changes to be a real daemon just for unix os.
339 * (change cwd to /, detach from controlling tty, set
340 * process group and session leader to the own process.
342 * Add some fatal-error log message for failed malloc().
343 * Add '-d' if compiled with 'configure --with-debug' to
344 * enable debug output.
346 * Revision 1.25 2001/10/25 03:40:48 david__schmidt
347 * Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
348 * threads to call select() simultaneously. So, it's time to do a real, live,
349 * native OS/2 port. See defines for __EMX__ (the porting layer) vs. __OS2__
350 * (native). Both versions will work, but using __OS2__ offers multi-threading.
352 * Revision 1.24 2001/10/23 21:40:30 jongfoster
353 * Added support for enable-edit-actions and enable-remote-toggle config
356 * Revision 1.23 2001/10/07 15:36:00 oes
357 * Introduced new config option "buffer-limit"
359 * Revision 1.22 2001/09/22 16:36:59 jongfoster
360 * Removing unused parameter fs from read_config_line()
362 * Revision 1.21 2001/09/16 17:10:43 jongfoster
363 * Moving function savearg() here, since it was the only thing left in
366 * Revision 1.20 2001/07/30 22:08:36 jongfoster
367 * Tidying up #defines:
368 * - All feature #defines are now of the form FEATURE_xxx
369 * - Permanently turned off WIN_GUI_EDIT
370 * - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
372 * Revision 1.19 2001/07/15 17:45:16 jongfoster
373 * Removing some unused #includes
375 * Revision 1.18 2001/07/13 14:01:14 oes
376 * - Removed all #ifdef PCRS
377 * - Removed vim-settings
379 * Revision 1.17 2001/06/29 13:31:03 oes
380 * - Improved comments
381 * - Fixed (actionsfile) and sorted hashes
382 * - Introduced admin_address and proxy-info-url
383 * as config parameters
384 * - Renamed config->proxy_args_invocation (which didn't have
385 * the invocation but the options!) to config->proxy_args
386 * - Various adaptions
387 * - Removed logentry from cancelled commit
389 * Revision 1.16 2001/06/09 10:55:28 jongfoster
390 * Changing BUFSIZ ==> BUFFER_SIZE
392 * Revision 1.15 2001/06/07 23:13:40 jongfoster
393 * Merging ACL and forward files into config file.
394 * Cosmetic: Sorting config file options alphabetically.
395 * Cosmetic: Adding brief syntax comments to config file options.
397 * Revision 1.14 2001/06/07 14:46:25 joergs
398 * Missing make_path() added for re_filterfile.
400 * Revision 1.13 2001/06/05 22:33:54 jongfoster
402 * Fixed minor memory leak.
403 * Also now uses make_path to prepend the pathnames.
405 * Revision 1.12 2001/06/05 20:04:09 jongfoster
406 * Now uses _snprintf() in place of snprintf() under Win32.
408 * Revision 1.11 2001/06/04 18:31:58 swa
409 * files are now prefixed with either `confdir' or `logdir'.
410 * `make redhat-dist' replaces both entries confdir and logdir
413 * Revision 1.10 2001/06/03 19:11:54 oes
414 * introduced confdir option
416 * Revision 1.9 2001/06/01 20:06:24 jongfoster
417 * Removed support for "tinygif" option - moved to actions file.
419 * Revision 1.8 2001/05/31 21:27:13 jongfoster
420 * Removed many options from the config file and into the
421 * "actions" file: add_forwarded, suppress_vanilla_wafer,
422 * wafer, add_header, user_agent, referer, from
423 * Also globally replaced "permission" with "action".
425 * Revision 1.7 2001/05/29 09:50:24 jongfoster
426 * Unified blocklist/imagelist/permissionslist.
427 * File format is still under discussion, but the internal changes
430 * Also modified interceptor behaviour:
431 * - We now intercept all URLs beginning with one of the following
432 * prefixes (and *only* these prefixes):
434 * * http://ijbswa.sf.net/config/
435 * * http://ijbswa.sourceforge.net/config/
436 * - New interceptors "home page" - go to http://i.j.b/ to see it.
437 * - Internal changes so that intercepted and fast redirect pages
438 * are not replaced with an image.
439 * - Interceptors now have the option to send a binary page direct
440 * to the client. (i.e. ijb-send-banner uses this)
441 * - Implemented show-url-info interceptor. (Which is why I needed
442 * the above interceptors changes - a typical URL is
443 * "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
444 * The previous mechanism would not have intercepted that, and
445 * if it had been intercepted then it then it would have replaced
448 * Revision 1.6 2001/05/26 00:28:36 jongfoster
449 * Automatic reloading of config file.
450 * Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
451 * Most of the global variables have been moved to a new
452 * struct configuration_spec, accessed through csp->config->globalname
453 * Most of the globals remaining are used by the Win32 GUI.
455 * Revision 1.5 2001/05/25 22:34:30 jongfoster
458 * Revision 1.4 2001/05/22 18:46:04 oes
460 * - Enabled filtering banners by size rather than URL
461 * by adding patterns that replace all standard banner
462 * sizes with the "Junkbuster" gif to the re_filterfile
464 * - Enabled filtering WebBugs by providing a pattern
465 * which kills all 1x1 images
467 * - Added support for PCRE_UNGREEDY behaviour to pcrs,
468 * which is selected by the (nonstandard and therefore
469 * capital) letter 'U' in the option string.
470 * It causes the quantifiers to be ungreedy by default.
471 * Appending a ? turns back to greedy (!).
473 * - Added a new interceptor ijb-send-banner, which
474 * sends back the "Junkbuster" gif. Without imagelist or
475 * MSIE detection support, or if tinygif = 1, or the
476 * URL isn't recognized as an imageurl, a lame HTML
477 * explanation is sent instead.
479 * - Added new feature, which permits blocking remote
480 * script redirects and firing back a local redirect
482 * The feature is conditionally compiled, i.e. it
483 * can be disabled with --disable-fast-redirects,
484 * plus it must be activated by a "fast-redirects"
485 * line in the config file, has its own log level
486 * and of course wants to be displayed by show-proxy-args
487 * Note: Boy, all the #ifdefs in 1001 locations and
488 * all the fumbling with configure.in and acconfig.h
489 * were *way* more work than the feature itself :-(
491 * - Because a generic redirect template was needed for
492 * this, tinygif = 3 now uses the same.
494 * - Moved GIFs, and other static HTTP response templates
499 * - Removed some >400 CRs again (Jon, you really worked
502 * Revision 1.3 2001/05/20 01:21:20 jongfoster
503 * Version 2.9.4 checkin.
504 * - Merged popupfile and cookiefile, and added control over PCRS
505 * filtering, in new "permissionsfile".
506 * - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
507 * file error you now get a message box (in the Win32 GUI) rather
508 * than the program exiting with no explanation.
509 * - Made killpopup use the PCRS MIME-type checking and HTTP-header
511 * - Removed tabs from "config"
512 * - Moved duplicated url parsing code in "loaders.c" to a new funcition.
513 * - Bumped up version number.
515 * Revision 1.2 2001/05/17 23:01:01 oes
516 * - Cleaned CRLF's from the sources and related files
518 * Revision 1.1.1.1 2001/05/15 13:58:58 oes
519 * Initial import of version 2.9.3 source tree
522 *********************************************************************/
528 #include <sys/types.h>
542 # include <windows.h>
545 # ifndef _WIN_CONSOLE
547 # endif /* ndef _WIN_CONSOLE */
549 #else /* ifndef _WIN32 */
553 # include <sys/wait.h>
555 # include <sys/time.h>
556 # include <sys/stat.h>
566 #include "miscutil.h"
570 #include "urlmatch.h"
574 const char loadcfg_h_rcs[] = LOADCFG_H_VERSION;
577 * Fix a problem with Solaris. There should be no effect on other
579 * Solaris's isspace() is a macro which uses it's argument directly
580 * as an array index. Therefore we need to make sure that high-bit
581 * characters generate +ve values, and ideally we also want to make
582 * the argument match the declared parameter type of "int".
584 #define ijb_isupper(__X) isupper((int)(unsigned char)(__X))
585 #define ijb_tolower(__X) tolower((int)(unsigned char)(__X))
587 #ifdef FEATURE_TOGGLE
588 /* Privoxy is enabled by default. */
589 int global_toggle_state = 1;
590 #endif /* def FEATURE_TOGGLE */
592 /* The filename of the configfile */
593 const char *configfile = NULL;
596 * CGI functions will later need access to the invocation args,
597 * so we will make argc and argv global.
600 const char **Argv = NULL;
602 static struct file_list *current_configfile = NULL;
606 * This takes the "cryptic" hash of each keyword and aliases them to
607 * something a little more readable. This also makes changing the
608 * hash values easier if they should change or the hash algorthm changes.
609 * Use the included "hash" program to find out what the hash will be
610 * for any string supplied on the command line. (Or just put it in the
611 * config file and read the number from the error message in the log).
613 * Please keep this list sorted alphabetically (but with the Windows
614 * console and GUI specific options last).
617 #define hash_actions_file 1196306641ul /* "actionsfile" */
618 #define hash_accept_intercepted_requests 1513024973ul /* "accept-intercepted-requests" */
619 #define hash_admin_address 4112573064ul /* "admin-address" */
620 #define hash_allow_cgi_request_crunching 258915987ul /* "allow-cgi-request-crunching" */
621 #define hash_buffer_limit 1881726070ul /* "buffer-limit */
622 #define hash_confdir 1978389ul /* "confdir" */
623 #define hash_debug 78263ul /* "debug" */
624 #define hash_deny_access 1227333715ul /* "deny-access" */
625 #define hash_enable_edit_actions 2517097536ul /* "enable-edit-actions" */
626 #define hash_enable_remote_toggle 2979744683ul /* "enable-remote-toggle" */
627 #define hash_enable_remote_http_toggle 110543988ul /* "enable-remote-http-toggle" */
628 #define hash_enforce_blocks 1862427469ul /* "enforce-blocks" */
629 #define hash_filterfile 250887266ul /* "filterfile" */
630 #define hash_forward 2029845ul /* "forward" */
631 #define hash_forward_socks4 3963965521ul /* "forward-socks4" */
632 #define hash_forward_socks4a 2639958518ul /* "forward-socks4a" */
633 #define hash_forward_socks5 3963965522ul /* "forward-socks5" */
634 #define hash_forwarded_connect_retries 101465292ul /* "forwarded-connect-retries" */
635 #define hash_hostname 10308071ul /* "hostname" */
636 #define hash_keep_alive_timeout 3878599515ul /* "keep-alive-timeout" */
637 #define hash_listen_address 1255650842ul /* "listen-address" */
638 #define hash_logdir 422889ul /* "logdir" */
639 #define hash_logfile 2114766ul /* "logfile" */
640 #define hash_permit_access 3587953268ul /* "permit-access" */
641 #define hash_proxy_info_url 3903079059ul /* "proxy-info-url" */
642 #define hash_single_threaded 4250084780ul /* "single-threaded" */
643 #define hash_socket_timeout 1809001761ul /* "socket-timeout" */
644 #define hash_split_large_cgi_forms 671658948ul /* "split-large-cgi-forms" */
645 #define hash_suppress_blocklists 1948693308ul /* "suppress-blocklists" */
646 #define hash_templdir 11067889ul /* "templdir" */
647 #define hash_toggle 447966ul /* "toggle" */
648 #define hash_trust_info_url 430331967ul /* "trust-info-url" */
649 #define hash_trustfile 56494766ul /* "trustfile" */
650 #define hash_usermanual 1416668518ul /* "user-manual" */
651 #define hash_activity_animation 1817904738ul /* "activity-animation" */
652 #define hash_close_button_minimizes 3651284693ul /* "close-button-minimizes" */
653 #define hash_hide_console 2048809870ul /* "hide-console" */
654 #define hash_log_buffer_size 2918070425ul /* "log-buffer-size" */
655 #define hash_log_font_name 2866730124ul /* "log-font-name" */
656 #define hash_log_font_size 2866731014ul /* "log-font-size" */
657 #define hash_log_highlight_messages 4032101240ul /* "log-highlight-messages" */
658 #define hash_log_max_lines 2868344173ul /* "log-max-lines" */
659 #define hash_log_messages 2291744899ul /* "log-messages" */
660 #define hash_show_on_task_bar 215410365ul /* "show-on-task-bar" */
663 static void savearg(char *command, char *argument, struct configuration_spec * config);
665 /*********************************************************************
667 * Function : unload_configfile
669 * Description : Free the config structure and all components.
672 * 1 : data: struct configuration_spec to unload
676 *********************************************************************/
677 static void unload_configfile (void * data)
679 struct configuration_spec * config = (struct configuration_spec *)data;
680 struct forward_spec *cur_fwd = config->forward;
684 struct access_control_list *cur_acl = config->acl;
686 while (cur_acl != NULL)
688 struct access_control_list * next_acl = cur_acl->next;
693 #endif /* def FEATURE_ACL */
695 while (cur_fwd != NULL)
697 struct forward_spec * next_fwd = cur_fwd->next;
698 free_url_spec(cur_fwd->url);
700 freez(cur_fwd->gateway_host);
701 freez(cur_fwd->forward_host);
705 config->forward = NULL;
707 freez(config->confdir);
708 freez(config->logdir);
709 freez(config->templdir);
710 freez(config->hostname);
712 freez(config->haddr);
713 freez(config->logfile);
715 for (i = 0; i < MAX_AF_FILES; i++)
717 freez(config->actions_file_short[i]);
718 freez(config->actions_file[i]);
719 freez(config->re_filterfile_short[i]);
720 freez(config->re_filterfile[i]);
723 freez(config->admin_address);
724 freez(config->proxy_info_url);
725 freez(config->proxy_args);
726 freez(config->usermanual);
729 freez(config->trustfile);
730 list_remove_all(config->trust_info);
731 #endif /* def FEATURE_TRUST */
733 for (i = 0; i < MAX_AF_FILES; i++)
735 freez(config->re_filterfile[i]);
742 #ifdef FEATURE_GRACEFUL_TERMINATION
743 /*********************************************************************
745 * Function : unload_current_config_file
747 * Description : Unloads current config file - reset to state at
748 * beginning of program.
754 *********************************************************************/
755 void unload_current_config_file(void)
757 if (current_configfile)
759 current_configfile->unloader = unload_configfile;
760 current_configfile = NULL;
766 /*********************************************************************
768 * Function : load_config
770 * Description : Load the config file and all parameters.
772 * XXX: more than thousand lines long
773 * and thus in serious need of refactoring.
777 * Returns : The configuration_spec, or NULL on error.
779 *********************************************************************/
780 struct configuration_spec * load_config(void)
782 char buf[BUFFER_SIZE];
784 FILE *configfp = NULL;
785 struct configuration_spec * config = NULL;
786 struct client_state * fake_csp;
787 struct file_list *fs;
788 unsigned long linenum = 0;
790 char *logfile = NULL;
791 #ifdef FEATURE_CONNECTION_KEEP_ALIVE
792 int keep_alive_timeout = DEFAULT_KEEP_ALIVE_TIMEOUT;
795 if (!check_file_changed(current_configfile, configfile, &fs))
797 /* No need to load */
798 return ((struct configuration_spec *)current_configfile->f);
802 log_error(LOG_LEVEL_FATAL,
803 "can't check configuration file '%s': %E", configfile);
807 if (NULL != current_configfile)
809 log_error(LOG_LEVEL_INFO, "Reloading configuration file '%s'", configfile);
812 #ifdef FEATURE_TOGGLE
813 global_toggle_state = 1;
814 #endif /* def FEATURE_TOGGLE */
816 fs->f = config = (struct configuration_spec *)zalloc(sizeof(*config));
822 log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
827 * This is backwards from how it's usually done.
828 * Following the usual pattern, "fs" would be stored in a member
829 * variable in "csp", and then we'd access "config" from "fs->f",
830 * using a cast. However, "config" is used so often that a
831 * cast each time would be very ugly, and the extra indirection
832 * would waste CPU cycles. Therefore we store "config" in
833 * "csp->config", and "fs" in "csp->config->config_file_list".
835 config->config_file_list = fs;
840 config->multi_threaded = 1;
841 config->buffer_limit = 4096 * 1024;
842 config->usermanual = strdup(USER_MANUAL_URL);
843 config->proxy_args = strdup("");
844 config->forwarded_connect_retries = 0;
845 config->socket_timeout = 300; /* XXX: Should be a macro. */
846 config->feature_flags &= ~RUNTIME_FEATURE_CGI_TOGGLE;
847 config->feature_flags &= ~RUNTIME_FEATURE_SPLIT_LARGE_FORMS;
848 config->feature_flags &= ~RUNTIME_FEATURE_ACCEPT_INTERCEPTED_REQUESTS;
850 configfp = fopen(configfile, "r");
851 if (NULL == configfp)
853 log_error(LOG_LEVEL_FATAL,
854 "can't open configuration file '%s': %E", configfile);
855 /* Never get here - LOG_LEVEL_FATAL causes program exit */
858 while (read_config_line(buf, sizeof(buf), configfp, &linenum) != NULL)
860 char cmd[BUFFER_SIZE];
861 char arg[BUFFER_SIZE];
862 char tmp[BUFFER_SIZE];
864 struct access_control_list *cur_acl;
865 #endif /* def FEATURE_ACL */
866 struct forward_spec *cur_fwd;
869 unsigned long directive_hash;
871 strlcpy(tmp, buf, sizeof(tmp));
873 /* Copy command (i.e. up to space or tab) into cmd */
876 while (*p && (*p != ' ') && (*p != '\t'))
882 /* Skip over the whitespace in buf */
883 while (*p && ((*p == ' ') || (*p == '\t')))
888 /* Copy the argument into arg */
889 strlcpy(arg, p, sizeof(arg));
891 /* Should never happen, but check this anyway */
897 /* Make sure the command field is lower case */
898 for (p = cmd; *p; p++)
902 *p = (char)ijb_tolower(*p);
906 directive_hash = hash_string(cmd);
907 switch (directive_hash)
909 /* *************************************************************************
910 * actionsfile actions-file-name
911 * In confdir by default
912 * *************************************************************************/
913 case hash_actions_file :
915 while ((i < MAX_AF_FILES) && (NULL != config->actions_file[i]))
920 if (i >= MAX_AF_FILES)
922 log_error(LOG_LEVEL_FATAL, "Too many 'actionsfile' directives in config file - limit is %d.\n"
923 "(You can increase this limit by changing MAX_AF_FILES in project.h and recompiling).",
926 config->actions_file_short[i] = strdup(arg);
927 config->actions_file[i] = make_path(config->confdir, arg);
930 /* *************************************************************************
931 * accept-intercepted-requests
932 * *************************************************************************/
933 case hash_accept_intercepted_requests:
934 if ((*arg != '\0') && (0 != atoi(arg)))
936 config->feature_flags |= RUNTIME_FEATURE_ACCEPT_INTERCEPTED_REQUESTS;
940 config->feature_flags &= ~RUNTIME_FEATURE_ACCEPT_INTERCEPTED_REQUESTS;
944 /* *************************************************************************
945 * admin-address email-address
946 * *************************************************************************/
947 case hash_admin_address :
948 freez(config->admin_address);
949 config->admin_address = strdup(arg);
952 /* *************************************************************************
953 * allow-cgi-request-crunching
954 * *************************************************************************/
955 case hash_allow_cgi_request_crunching:
956 if ((*arg != '\0') && (0 != atoi(arg)))
958 config->feature_flags |= RUNTIME_FEATURE_CGI_CRUNCHING;
962 config->feature_flags &= ~RUNTIME_FEATURE_CGI_CRUNCHING;
966 /* *************************************************************************
968 * *************************************************************************/
969 case hash_buffer_limit :
970 config->buffer_limit = (size_t)(1024 * atoi(arg));
973 /* *************************************************************************
974 * confdir directory-name
975 * *************************************************************************/
977 freez(config->confdir);
978 config->confdir = make_path( NULL, arg);
981 /* *************************************************************************
983 * Specifies debug level, multiple values are ORed together.
984 * *************************************************************************/
986 config->debug |= atoi(arg);
989 /* *************************************************************************
990 * deny-access source-ip[/significant-bits] [dest-ip[/significant-bits]]
991 * *************************************************************************/
993 case hash_deny_access:
994 strlcpy(tmp, arg, sizeof(tmp));
995 vec_count = ssplit(tmp, " \t", vec, SZ(vec), 1, 1);
997 if ((vec_count != 1) && (vec_count != 2))
999 log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for "
1000 "deny-access directive in configuration file.");
1001 string_append(&config->proxy_args,
1002 "<br>\nWARNING: Wrong number of parameters for "
1003 "deny-access directive in configuration file.<br><br>\n");
1007 /* allocate a new node */
1008 cur_acl = (struct access_control_list *) zalloc(sizeof(*cur_acl));
1010 if (cur_acl == NULL)
1012 log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
1013 /* Never get here - LOG_LEVEL_FATAL causes program exit */
1016 cur_acl->action = ACL_DENY;
1018 if (acl_addr(vec[0], cur_acl->src) < 0)
1020 log_error(LOG_LEVEL_ERROR, "Invalid source address, port or netmask "
1021 "for deny-access directive in configuration file: \"%s\"", vec[0]);
1022 string_append(&config->proxy_args,
1023 "<br>\nWARNING: Invalid source address, port or netmask "
1024 "for deny-access directive in configuration file: \"");
1025 string_append(&config->proxy_args,
1027 string_append(&config->proxy_args,
1034 if (acl_addr(vec[1], cur_acl->dst) < 0)
1036 log_error(LOG_LEVEL_ERROR, "Invalid destination address, port or netmask "
1037 "for deny-access directive in configuration file: \"%s\"", vec[1]);
1038 string_append(&config->proxy_args,
1039 "<br>\nWARNING: Invalid destination address, port or netmask "
1040 "for deny-access directive in configuration file: \"");
1041 string_append(&config->proxy_args,
1043 string_append(&config->proxy_args,
1049 #ifdef HAVE_GETADDRINFO
1052 cur_acl->wildcard_dst = 1;
1054 #endif /* def HAVE_GETADDRINFO */
1057 * Add it to the list. Note we reverse the list to get the
1058 * behaviour the user expects. With both the ACL and
1059 * actions file, the last match wins. However, the internal
1060 * implementations are different: The actions file is stored
1061 * in the same order as the file, and scanned completely.
1062 * With the ACL, we reverse the order as we load it, then
1063 * when we scan it we stop as soon as we get a match.
1065 cur_acl->next = config->acl;
1066 config->acl = cur_acl;
1069 #endif /* def FEATURE_ACL */
1071 /* *************************************************************************
1072 * enable-edit-actions 0|1
1073 * *************************************************************************/
1074 #ifdef FEATURE_CGI_EDIT_ACTIONS
1075 case hash_enable_edit_actions:
1076 if ((*arg != '\0') && (0 != atoi(arg)))
1078 config->feature_flags |= RUNTIME_FEATURE_CGI_EDIT_ACTIONS;
1082 config->feature_flags &= ~RUNTIME_FEATURE_CGI_EDIT_ACTIONS;
1085 #endif /* def FEATURE_CGI_EDIT_ACTIONS */
1087 /* *************************************************************************
1088 * enable-remote-toggle 0|1
1089 * *************************************************************************/
1090 #ifdef FEATURE_TOGGLE
1091 case hash_enable_remote_toggle:
1092 if ((*arg != '\0') && (0 != atoi(arg)))
1094 config->feature_flags |= RUNTIME_FEATURE_CGI_TOGGLE;
1098 config->feature_flags &= ~RUNTIME_FEATURE_CGI_TOGGLE;
1101 #endif /* def FEATURE_TOGGLE */
1103 /* *************************************************************************
1104 * enable-remote-http-toggle 0|1
1105 * *************************************************************************/
1106 case hash_enable_remote_http_toggle:
1107 if ((*arg != '\0') && (0 != atoi(arg)))
1109 config->feature_flags |= RUNTIME_FEATURE_HTTP_TOGGLE;
1113 config->feature_flags &= ~RUNTIME_FEATURE_HTTP_TOGGLE;
1117 /* *************************************************************************
1118 * enforce-blocks 0|1
1119 * *************************************************************************/
1120 case hash_enforce_blocks:
1121 #ifdef FEATURE_FORCE_LOAD
1122 if ((*arg != '\0') && (0 != atoi(arg)))
1124 config->feature_flags |= RUNTIME_FEATURE_ENFORCE_BLOCKS;
1128 config->feature_flags &= ~RUNTIME_FEATURE_ENFORCE_BLOCKS;
1131 log_error(LOG_LEVEL_ERROR, "Ignoring directive 'enforce-blocks'. "
1132 "FEATURE_FORCE_LOAD is disabled, blocks will always be enforced.");
1133 #endif /* def FEATURE_FORCE_LOAD */
1136 /* *************************************************************************
1137 * filterfile file-name
1138 * In confdir by default.
1139 * *************************************************************************/
1140 case hash_filterfile :
1142 while ((i < MAX_AF_FILES) && (NULL != config->re_filterfile[i]))
1147 if (i >= MAX_AF_FILES)
1149 log_error(LOG_LEVEL_FATAL, "Too many 'filterfile' directives in config file - limit is %d.\n"
1150 "(You can increase this limit by changing MAX_AF_FILES in project.h and recompiling).",
1153 config->re_filterfile_short[i] = strdup(arg);
1154 config->re_filterfile[i] = make_path(config->confdir, arg);
1158 /* *************************************************************************
1159 * forward url-pattern (.|http-proxy-host[:port])
1160 * *************************************************************************/
1162 strlcpy(tmp, arg, sizeof(tmp));
1163 vec_count = ssplit(tmp, " \t", vec, SZ(vec), 1, 1);
1167 log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for forward "
1168 "directive in configuration file.");
1169 string_append(&config->proxy_args,
1170 "<br>\nWARNING: Wrong number of parameters for "
1171 "forward directive in configuration file.");
1175 /* allocate a new node */
1176 cur_fwd = zalloc(sizeof(*cur_fwd));
1177 if (cur_fwd == NULL)
1179 log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
1180 /* Never get here - LOG_LEVEL_FATAL causes program exit */
1184 cur_fwd->type = SOCKS_NONE;
1186 /* Save the URL pattern */
1187 if (create_url_spec(cur_fwd->url, vec[0]))
1189 log_error(LOG_LEVEL_ERROR, "Bad URL specifier for forward "
1190 "directive in configuration file.");
1191 string_append(&config->proxy_args,
1192 "<br>\nWARNING: Bad URL specifier for "
1193 "forward directive in configuration file.");
1197 /* Parse the parent HTTP proxy host:port */
1200 if (strcmp(p, ".") != 0)
1202 cur_fwd->forward_host = strdup(p);
1204 if ((*cur_fwd->forward_host == '[')
1205 && (NULL != (p = strchr(cur_fwd->forward_host, ']'))))
1208 memmove(cur_fwd->forward_host, cur_fwd->forward_host + 1,
1209 (size_t)(p - cur_fwd->forward_host));
1212 cur_fwd->forward_port = atoi(++p);
1215 else if (NULL != (p = strchr(cur_fwd->forward_host, ':')))
1218 cur_fwd->forward_port = atoi(p);
1221 if (cur_fwd->forward_port <= 0)
1223 cur_fwd->forward_port = 8000;
1228 cur_fwd->next = config->forward;
1229 config->forward = cur_fwd;
1233 /* *************************************************************************
1234 * forward-socks4 url-pattern socks-proxy[:port] (.|http-proxy[:port])
1235 * *************************************************************************/
1236 case hash_forward_socks4:
1237 strlcpy(tmp, arg, sizeof(tmp));
1238 vec_count = ssplit(tmp, " \t", vec, SZ(vec), 1, 1);
1242 log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for "
1243 "forward-socks4 directive in configuration file.");
1244 string_append(&config->proxy_args,
1245 "<br>\nWARNING: Wrong number of parameters for "
1246 "forward-socks4 directive in configuration file.");
1250 /* allocate a new node */
1251 cur_fwd = zalloc(sizeof(*cur_fwd));
1252 if (cur_fwd == NULL)
1254 log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
1255 /* Never get here - LOG_LEVEL_FATAL causes program exit */
1259 cur_fwd->type = SOCKS_4;
1261 /* Save the URL pattern */
1262 if (create_url_spec(cur_fwd->url, vec[0]))
1264 log_error(LOG_LEVEL_ERROR, "Bad URL specifier for forward-socks4 "
1265 "directive in configuration file.");
1266 string_append(&config->proxy_args,
1267 "<br>\nWARNING: Bad URL specifier for "
1268 "forward-socks4 directive in configuration file.");
1272 /* Parse the SOCKS proxy host[:port] */
1275 if (strcmp(p, ".") != 0)
1277 cur_fwd->gateway_host = strdup(p);
1279 if ((*cur_fwd->gateway_host == '[')
1280 && (NULL != (p = strchr(cur_fwd->gateway_host, ']'))))
1283 memmove(cur_fwd->gateway_host, cur_fwd->gateway_host + 1,
1284 (size_t)(p - cur_fwd->gateway_host));
1287 cur_fwd->gateway_port = atoi(++p);
1290 else if (NULL != (p = strchr(cur_fwd->gateway_host, ':')))
1293 cur_fwd->gateway_port = atoi(p);
1296 if (cur_fwd->gateway_port <= 0)
1298 cur_fwd->gateway_port = 1080;
1302 /* Parse the parent HTTP proxy host[:port] */
1305 if (strcmp(p, ".") != 0)
1307 cur_fwd->forward_host = strdup(p);
1309 if ((*cur_fwd->forward_host == '[')
1310 && (NULL != (p = strchr(cur_fwd->forward_host, ']'))))
1313 memmove(cur_fwd->forward_host, cur_fwd->forward_host + 1,
1314 (size_t)(p - cur_fwd->forward_host));
1317 cur_fwd->forward_port = atoi(++p);
1320 else if (NULL != (p = strchr(cur_fwd->forward_host, ':')))
1323 cur_fwd->forward_port = atoi(p);
1326 if (cur_fwd->forward_port <= 0)
1328 cur_fwd->forward_port = 8000;
1333 cur_fwd->next = config->forward;
1334 config->forward = cur_fwd;
1338 /* *************************************************************************
1339 * forward-socks4a url-pattern socks-proxy[:port] (.|http-proxy[:port])
1340 * *************************************************************************/
1341 case hash_forward_socks4a:
1342 case hash_forward_socks5:
1343 strlcpy(tmp, arg, sizeof(tmp));
1344 vec_count = ssplit(tmp, " \t", vec, SZ(vec), 1, 1);
1348 log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for "
1349 "forward-socks4a directive in configuration file.");
1350 string_append(&config->proxy_args,
1351 "<br>\nWARNING: Wrong number of parameters for "
1352 "forward-socks4a directive in configuration file.");
1356 /* allocate a new node */
1357 cur_fwd = zalloc(sizeof(*cur_fwd));
1358 if (cur_fwd == NULL)
1360 log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
1361 /* Never get here - LOG_LEVEL_FATAL causes program exit */
1365 if (directive_hash == hash_forward_socks4a)
1367 cur_fwd->type = SOCKS_4A;
1371 cur_fwd->type = SOCKS_5;
1374 /* Save the URL pattern */
1375 if (create_url_spec(cur_fwd->url, vec[0]))
1377 log_error(LOG_LEVEL_ERROR, "Bad URL specifier for forward-socks4a "
1378 "directive in configuration file.");
1379 string_append(&config->proxy_args,
1380 "<br>\nWARNING: Bad URL specifier for "
1381 "forward-socks4a directive in configuration file.");
1385 /* Parse the SOCKS proxy host[:port] */
1388 cur_fwd->gateway_host = strdup(p);
1390 if ((*cur_fwd->gateway_host == '[')
1391 && (NULL != (p = strchr(cur_fwd->gateway_host, ']'))))
1394 memmove(cur_fwd->gateway_host, cur_fwd->gateway_host + 1,
1395 (size_t)(p - cur_fwd->gateway_host));
1398 cur_fwd->gateway_port = atoi(++p);
1401 else if (NULL != (p = strchr(cur_fwd->gateway_host, ':')))
1404 cur_fwd->gateway_port = atoi(p);
1407 if (cur_fwd->gateway_port <= 0)
1409 cur_fwd->gateway_port = 1080;
1412 /* Parse the parent HTTP proxy host[:port] */
1415 if (strcmp(p, ".") != 0)
1417 cur_fwd->forward_host = strdup(p);
1419 if (*cur_fwd->forward_host == '[' &&
1420 NULL != (p = strchr(cur_fwd->forward_host, ']')))
1423 memmove(cur_fwd->forward_host, cur_fwd->forward_host + 1,
1424 (size_t) (p - cur_fwd->forward_host));
1427 cur_fwd->forward_port = atoi(++p);
1430 else if (NULL != (p = strchr(cur_fwd->forward_host, ':')))
1433 cur_fwd->forward_port = atoi(p);
1436 if (cur_fwd->forward_port <= 0)
1438 cur_fwd->forward_port = 8000;
1443 cur_fwd->next = config->forward;
1444 config->forward = cur_fwd;
1448 /* *************************************************************************
1449 * forwarded-connect-retries n
1450 * *************************************************************************/
1451 case hash_forwarded_connect_retries :
1452 config->forwarded_connect_retries = atoi(arg);
1455 /* *************************************************************************
1456 * hostname hostname-to-show-on-cgi-pages
1457 * *************************************************************************/
1458 case hash_hostname :
1459 freez(config->hostname);
1460 config->hostname = strdup(arg);
1461 if (NULL == config->hostname)
1463 log_error(LOG_LEVEL_FATAL, "Out of memory saving hostname.");
1467 /* *************************************************************************
1468 * keep-alive-timeout timeout
1469 * *************************************************************************/
1470 #ifdef FEATURE_CONNECTION_KEEP_ALIVE
1471 case hash_keep_alive_timeout :
1474 int timeout = atoi(arg);
1477 config->feature_flags |= RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE;
1478 keep_alive_timeout = timeout;
1482 config->feature_flags &= ~RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE;
1488 /* *************************************************************************
1489 * listen-address [ip][:port]
1490 * *************************************************************************/
1491 case hash_listen_address :
1492 freez(config->haddr);
1493 config->haddr = strdup(arg);
1496 /* *************************************************************************
1497 * logdir directory-name
1498 * *************************************************************************/
1500 freez(config->logdir);
1501 config->logdir = make_path(NULL, arg);
1504 /* *************************************************************************
1505 * logfile log-file-name
1506 * In logdir by default
1507 * *************************************************************************/
1511 logfile = make_path(config->logdir, arg);
1512 if (NULL == logfile)
1514 log_error(LOG_LEVEL_FATAL, "Out of memory while creating logfile path");
1519 /* *************************************************************************
1520 * permit-access source-ip[/significant-bits] [dest-ip[/significant-bits]]
1521 * *************************************************************************/
1523 case hash_permit_access:
1524 strlcpy(tmp, arg, sizeof(tmp));
1525 vec_count = ssplit(tmp, " \t", vec, SZ(vec), 1, 1);
1527 if ((vec_count != 1) && (vec_count != 2))
1529 log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for "
1530 "permit-access directive in configuration file.");
1531 string_append(&config->proxy_args,
1532 "<br>\nWARNING: Wrong number of parameters for "
1533 "permit-access directive in configuration file.<br><br>\n");
1538 /* allocate a new node */
1539 cur_acl = (struct access_control_list *) zalloc(sizeof(*cur_acl));
1541 if (cur_acl == NULL)
1543 log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
1544 /* Never get here - LOG_LEVEL_FATAL causes program exit */
1547 cur_acl->action = ACL_PERMIT;
1549 if (acl_addr(vec[0], cur_acl->src) < 0)
1551 log_error(LOG_LEVEL_ERROR, "Invalid source address, port or netmask "
1552 "for permit-access directive in configuration file: \"%s\"", vec[0]);
1553 string_append(&config->proxy_args,
1554 "<br>\nWARNING: Invalid source address, port or netmask for "
1555 "permit-access directive in configuration file: \"");
1556 string_append(&config->proxy_args,
1558 string_append(&config->proxy_args,
1565 if (acl_addr(vec[1], cur_acl->dst) < 0)
1567 log_error(LOG_LEVEL_ERROR, "Invalid destination address, port or netmask "
1568 "for permit-access directive in configuration file: \"%s\"", vec[1]);
1569 string_append(&config->proxy_args,
1570 "<br>\nWARNING: Invalid destination address, port or netmask for "
1571 "permit-access directive in configuration file: \"");
1572 string_append(&config->proxy_args,
1574 string_append(&config->proxy_args,
1580 #ifdef HAVE_GETADDRINFO
1583 cur_acl->wildcard_dst = 1;
1585 #endif /* def HAVE_GETADDRINFO */
1588 * Add it to the list. Note we reverse the list to get the
1589 * behaviour the user expects. With both the ACL and
1590 * actions file, the last match wins. However, the internal
1591 * implementations are different: The actions file is stored
1592 * in the same order as the file, and scanned completely.
1593 * With the ACL, we reverse the order as we load it, then
1594 * when we scan it we stop as soon as we get a match.
1596 cur_acl->next = config->acl;
1597 config->acl = cur_acl;
1600 #endif /* def FEATURE_ACL */
1602 /* *************************************************************************
1603 * proxy-info-url url
1604 * *************************************************************************/
1605 case hash_proxy_info_url :
1606 freez(config->proxy_info_url);
1607 config->proxy_info_url = strdup(arg);
1610 /* *************************************************************************
1612 * *************************************************************************/
1613 case hash_single_threaded :
1614 config->multi_threaded = 0;
1617 /* *************************************************************************
1618 * socket-timeout numer_of_seconds
1619 * *************************************************************************/
1620 case hash_socket_timeout :
1623 int socket_timeout = atoi(arg);
1624 if (0 < socket_timeout)
1626 config->socket_timeout = socket_timeout;
1630 log_error(LOG_LEVEL_FATAL,
1631 "Invalid socket-timeout: '%s'", arg);
1636 /* *************************************************************************
1637 * split-large-cgi-forms
1638 * *************************************************************************/
1639 case hash_split_large_cgi_forms :
1640 if ((*arg != '\0') && (0 != atoi(arg)))
1642 config->feature_flags |= RUNTIME_FEATURE_SPLIT_LARGE_FORMS;
1646 config->feature_flags &= ~RUNTIME_FEATURE_SPLIT_LARGE_FORMS;
1650 /* *************************************************************************
1651 * templdir directory-name
1652 * *************************************************************************/
1653 case hash_templdir :
1654 freez(config->templdir);
1655 config->templdir = make_path(NULL, arg);
1658 /* *************************************************************************
1660 * *************************************************************************/
1661 #ifdef FEATURE_TOGGLE
1663 global_toggle_state = atoi(arg);
1665 #endif /* def FEATURE_TOGGLE */
1667 /* *************************************************************************
1668 * trust-info-url url
1669 * *************************************************************************/
1670 #ifdef FEATURE_TRUST
1671 case hash_trust_info_url :
1672 enlist(config->trust_info, arg);
1674 #endif /* def FEATURE_TRUST */
1676 /* *************************************************************************
1677 * trustfile filename
1678 * (In confdir by default.)
1679 * *************************************************************************/
1680 #ifdef FEATURE_TRUST
1681 case hash_trustfile :
1682 freez(config->trustfile);
1683 config->trustfile = make_path(config->confdir, arg);
1685 #endif /* def FEATURE_TRUST */
1687 /* *************************************************************************
1689 * *************************************************************************/
1690 case hash_usermanual :
1692 * XXX: If this isn't the first config directive, the
1693 * show-status page links to the website documentation
1694 * for the directives that were already parsed. Lame.
1696 freez(config->usermanual);
1697 config->usermanual = strdup(arg);
1700 /* *************************************************************************
1701 * Win32 Console options:
1702 * *************************************************************************/
1704 /* *************************************************************************
1706 * *************************************************************************/
1708 case hash_hide_console :
1711 #endif /*def _WIN_CONSOLE*/
1714 /* *************************************************************************
1715 * Win32 GUI options:
1716 * *************************************************************************/
1718 #if defined(_WIN32) && ! defined(_WIN_CONSOLE)
1719 /* *************************************************************************
1720 * activity-animation (0|1)
1721 * *************************************************************************/
1722 case hash_activity_animation :
1723 g_bShowActivityAnimation = atoi(arg);
1726 /* *************************************************************************
1727 * close-button-minimizes (0|1)
1728 * *************************************************************************/
1729 case hash_close_button_minimizes :
1730 g_bCloseHidesWindow = atoi(arg);
1733 /* *************************************************************************
1734 * log-buffer-size (0|1)
1735 * *************************************************************************/
1736 case hash_log_buffer_size :
1737 g_bLimitBufferSize = atoi(arg);
1740 /* *************************************************************************
1741 * log-font-name fontname
1742 * *************************************************************************/
1743 case hash_log_font_name :
1744 if (strlcpy(g_szFontFaceName, arg,
1745 sizeof(g_szFontFaceName)) >= sizeof(g_szFontFaceName))
1747 log_error(LOG_LEVEL_FATAL,
1748 "log-font-name argument '%s' is longer than %u characters.",
1749 arg, sizeof(g_szFontFaceName)-1);
1753 /* *************************************************************************
1755 * *************************************************************************/
1756 case hash_log_font_size :
1757 g_nFontSize = atoi(arg);
1760 /* *************************************************************************
1761 * log-highlight-messages (0|1)
1762 * *************************************************************************/
1763 case hash_log_highlight_messages :
1764 g_bHighlightMessages = atoi(arg);
1767 /* *************************************************************************
1769 * *************************************************************************/
1770 case hash_log_max_lines :
1771 g_nMaxBufferLines = atoi(arg);
1774 /* *************************************************************************
1775 * log-messages (0|1)
1776 * *************************************************************************/
1777 case hash_log_messages :
1778 g_bLogMessages = atoi(arg);
1781 /* *************************************************************************
1782 * show-on-task-bar (0|1)
1783 * *************************************************************************/
1784 case hash_show_on_task_bar :
1785 g_bShowOnTaskBar = atoi(arg);
1788 #endif /* defined(_WIN32) && ! defined(_WIN_CONSOLE) */
1791 /* *************************************************************************
1792 * Warnings about unsupported features
1793 * *************************************************************************/
1795 case hash_deny_access:
1796 #endif /* ndef FEATURE_ACL */
1797 #ifndef FEATURE_CGI_EDIT_ACTIONS
1798 case hash_enable_edit_actions:
1799 #endif /* ndef FEATURE_CGI_EDIT_ACTIONS */
1800 #ifndef FEATURE_TOGGLE
1801 case hash_enable_remote_toggle:
1802 #endif /* ndef FEATURE_TOGGLE */
1804 case hash_permit_access:
1805 #endif /* ndef FEATURE_ACL */
1806 #ifndef FEATURE_TOGGLE
1808 #endif /* ndef FEATURE_TOGGLE */
1809 #ifndef FEATURE_TRUST
1810 case hash_trustfile :
1811 case hash_trust_info_url :
1812 #endif /* ndef FEATURE_TRUST */
1814 #ifndef _WIN_CONSOLE
1815 case hash_hide_console :
1816 #endif /* ndef _WIN_CONSOLE */
1818 #if defined(_WIN_CONSOLE) || ! defined(_WIN32)
1819 case hash_activity_animation :
1820 case hash_close_button_minimizes :
1821 case hash_log_buffer_size :
1822 case hash_log_font_name :
1823 case hash_log_font_size :
1824 case hash_log_highlight_messages :
1825 case hash_log_max_lines :
1826 case hash_log_messages :
1827 case hash_show_on_task_bar :
1828 #endif /* defined(_WIN_CONSOLE) || ! defined(_WIN32) */
1829 /* These warnings are annoying - so hide them. -- Jon */
1830 /* log_error(LOG_LEVEL_INFO, "Unsupported directive \"%s\" ignored.", cmd); */
1833 /* *************************************************************************/
1835 /* *************************************************************************/
1837 * I decided that I liked this better as a warning than an
1838 * error. To change back to an error, just change log level
1839 * to LOG_LEVEL_FATAL.
1841 log_error(LOG_LEVEL_ERROR, "Ignoring unrecognized directive '%s' (%luul) in line %lu "
1842 "in configuration file (%s).", buf, directive_hash, linenum, configfile);
1843 string_append(&config->proxy_args,
1844 " <strong class='warning'>Warning: Ignoring unrecognized directive:</strong>");
1847 /* *************************************************************************/
1848 } /* end switch( hash_string(cmd) ) */
1850 /* Save the argument for the show-status page. */
1851 savearg(cmd, arg, config);
1853 } /* end while ( read_config_line(...) ) */
1857 set_debug_level(config->debug);
1859 freez(config->logfile);
1863 if (NULL != logfile)
1865 config->logfile = logfile;
1866 init_error_log(Argv[0], config->logfile);
1874 #ifdef FEATURE_CONNECTION_KEEP_ALIVE
1875 if (config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE)
1877 if (config->multi_threaded)
1879 set_keep_alive_timeout(keep_alive_timeout);
1884 * While we could use keep-alive without multiple threads
1885 * if we didn't bother with enforcing the connection timeout,
1886 * that might make Tor users sad, even though they shouldn't
1887 * enable the single-threaded option anyway.
1889 config->feature_flags &= ~RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE;
1890 log_error(LOG_LEVEL_ERROR,
1891 "Config option single-threaded disables connection keep-alive.");
1896 if (NULL == config->proxy_args)
1898 log_error(LOG_LEVEL_FATAL, "Out of memory loading config - insufficient memory for config->proxy_args");
1901 if (config->actions_file[0])
1903 add_loader(load_action_files, config);
1906 if (config->re_filterfile[0])
1908 add_loader(load_re_filterfiles, config);
1911 #ifdef FEATURE_TRUST
1912 if (config->trustfile)
1914 add_loader(load_trustfile, config);
1916 #endif /* def FEATURE_TRUST */
1918 if ( NULL == config->haddr )
1920 config->haddr = strdup( HADDR_DEFAULT );
1923 if ( NULL != config->haddr )
1925 if ((*config->haddr == '[')
1926 && (NULL != (p = strchr(config->haddr, ']')))
1928 && (0 < (config->hport = atoi(p + 2))))
1931 memmove((void *)config->haddr, config->haddr + 1,
1932 (size_t)(p - config->haddr));
1934 else if (NULL != (p = strchr(config->haddr, ':'))
1935 && (0 < (config->hport = atoi(p + 1))))
1941 log_error(LOG_LEVEL_FATAL, "invalid bind port spec %s", config->haddr);
1942 /* Never get here - LOG_LEVEL_FATAL causes program exit */
1944 if (*config->haddr == '\0')
1947 * Only the port specified. We stored it in config->hport
1948 * and don't need its text representation anymore.
1950 freez(config->haddr);
1955 * Want to run all the loaders once now.
1957 * Need to set up a fake csp, so they can get to the config.
1959 fake_csp = (struct client_state *) zalloc (sizeof(*fake_csp));
1960 fake_csp->config = config;
1962 if (run_loader(fake_csp))
1965 log_error(LOG_LEVEL_FATAL, "A loader failed while loading config file. Exiting.");
1966 /* Never get here - LOG_LEVEL_FATAL causes program exit */
1970 /* FIXME: this is a kludge for win32 */
1971 #if defined(_WIN32) && !defined (_WIN_CONSOLE)
1973 g_default_actions_file = config->actions_file[1]; /* FIXME Hope this is default.action */
1974 g_user_actions_file = config->actions_file[2]; /* FIXME Hope this is user.action */
1975 g_re_filterfile = config->re_filterfile[0]; /* FIXME Hope this is default.filter */
1977 #ifdef FEATURE_TRUST
1978 g_trustfile = config->trustfile;
1979 #endif /* def FEATURE_TRUST */
1982 #endif /* defined(_WIN32) && !defined (_WIN_CONSOLE) */
1983 /* FIXME: end kludge */
1986 config->need_bind = 1;
1988 if (current_configfile)
1990 struct configuration_spec * oldcfg = (struct configuration_spec *)
1991 current_configfile->f;
1993 * Check if config->haddr,hport == oldcfg->haddr,hport
1995 * The following could be written more compactly as a single,
1996 * (unreadably long) if statement.
1998 config->need_bind = 0;
1999 if (config->hport != oldcfg->hport)
2001 config->need_bind = 1;
2003 else if (config->haddr == NULL)
2005 if (oldcfg->haddr != NULL)
2007 config->need_bind = 1;
2010 else if (oldcfg->haddr == NULL)
2012 config->need_bind = 1;
2014 else if (0 != strcmp(config->haddr, oldcfg->haddr))
2016 config->need_bind = 1;
2019 current_configfile->unloader = unload_configfile;
2022 fs->next = files->next;
2025 current_configfile = fs;
2031 /*********************************************************************
2033 * Function : savearg
2035 * Description : Called from `load_config'. It saves each non-empty
2036 * and non-comment line from config into
2037 * config->proxy_args. This is used to create the
2038 * show-proxy-args page. On error, frees
2039 * config->proxy_args and sets it to NULL
2042 * 1 : command = config setting that was found
2043 * 2 : argument = the setting's argument (if any)
2044 * 3 : config = Configuration to save into.
2048 *********************************************************************/
2049 static void savearg(char *command, char *argument, struct configuration_spec * config)
2058 * Add config option name embedded in
2059 * link to its section in the user-manual
2061 buf = strdup("\n<a href=\"");
2062 if (!strncmpic(config->usermanual, "file://", 7) ||
2063 !strncmpic(config->usermanual, "http", 4))
2065 string_append(&buf, config->usermanual);
2069 string_append(&buf, "http://" CGI_SITE_2_HOST "/user-manual/");
2071 string_append(&buf, CONFIG_HELP_PREFIX);
2072 string_join (&buf, string_toupper(command));
2073 string_append(&buf, "\">");
2074 string_append(&buf, command);
2075 string_append(&buf, "</a> ");
2079 freez(config->proxy_args);
2083 if ( (NULL != argument) && ('\0' != *argument) )
2085 s = html_encode(argument);
2089 freez(config->proxy_args);
2093 if (strncmpic(argument, "http://", 7) == 0)
2095 string_append(&buf, "<a href=\"");
2096 string_append(&buf, s);
2097 string_append(&buf, "\">");
2098 string_join (&buf, s);
2099 string_append(&buf, "</a>");
2103 string_join (&buf, s);
2107 string_append(&buf, "<br>");
2108 string_join(&config->proxy_args, buf);