1 const char parsers_rcs[] = "$Id: parsers.c,v 1.2 2001/05/17 23:02:36 oes Exp $";
2 /*********************************************************************
4 * File : $Source: /cvsroot/ijbswa/current/parsers.c,v $
6 * Purpose : Declares functions to parse/crunch headers and pages.
7 * Functions declared include:
8 * `add_to_iob', `client_cookie_adder', `client_from',
9 * `client_referrer', `client_send_cookie', `client_ua',
10 * `client_uagent', `client_x_forwarded',
11 * `client_x_forwarded_adder', `client_xtra_adder',
12 * `content_type', `crumble', `destroy_list', `enlist',
13 * `flush_socket', `free_http_request', `get_header',
14 * `list_to_text', `match', `parse_http_request', `sed',
15 * and `server_set_cookie'.
17 * Copyright : Written by and Copyright (C) 2001 the SourceForge
18 * IJBSWA team. http://ijbswa.sourceforge.net
20 * Based on the Internet Junkbuster originally written
21 * by and Copyright (C) 1997 Anonymous Coders and
22 * Junkbusters Corporation. http://www.junkbusters.com
24 * This program is free software; you can redistribute it
25 * and/or modify it under the terms of the GNU General
26 * Public License as published by the Free Software
27 * Foundation; either version 2 of the License, or (at
28 * your option) any later version.
30 * This program is distributed in the hope that it will
31 * be useful, but WITHOUT ANY WARRANTY; without even the
32 * implied warranty of MERCHANTABILITY or FITNESS FOR A
33 * PARTICULAR PURPOSE. See the GNU General Public
34 * License for more details.
36 * The GNU General Public License should be included with
37 * this file. If not, you can view it at
38 * http://www.gnu.org/copyleft/gpl.html
39 * or write to the Free Software Foundation, Inc., 59
40 * Temple Place - Suite 330, Boston, MA 02111-1307, USA.
44 * Revision 1.2 2001/05/17 23:02:36 oes
45 * - Made referrer option accept 'L' as a substitute for 'ยง'
47 * Revision 1.1.1.1 2001/05/15 13:59:01 oes
48 * Initial import of version 2.9.3 source tree
51 *********************************************************************/
57 #include <sys/types.h>
75 #include "jbsockets.h"
78 const char parsers_h_rcs[] = PARSERS_H_VERSION;
80 /* Fix a problem with Solaris. There should be no effect on other
82 * Solaris's isspace() is a macro which uses it's argument directly
83 * as an array index. Therefore we need to make sure that high-bit
84 * characters generate +ve values, and ideally we also want to make
85 * the argument match the declared parameter type of "int".
87 * Why did they write a character function that can't take a simple
88 * "char" argument? Doh!
90 #define ijb_isupper(__X) isupper((int)(unsigned char)(__X))
91 #define ijb_tolower(__X) tolower((int)(unsigned char)(__X))
94 const struct parsers client_patterns[] = {
95 { "referer:", 8, client_referrer },
96 { "user-agent:", 11, client_uagent },
97 { "ua-", 3, client_ua },
98 { "from:", 5, client_from },
99 { "cookie:", 7, client_send_cookie },
100 { "x-forwarded-for:", 16, client_x_forwarded },
101 { "proxy-connection:", 17, crumble },
103 { "Accept-Encoding: gzip", 21, crumble },
104 #endif /* def DENY_GZIP */
105 #if defined(DETECT_MSIE_IMAGES)
106 { "Accept:", 7, client_accept },
107 #endif /* defined(DETECT_MSIE_IMAGES) */
109 { "Host:", 5, client_host },
110 #endif /* def FORCE_LOAD */
111 /* { "if-modified-since:", 18, crumble }, */
115 const struct interceptors intercept_patterns[] = {
116 { "show-proxy-args", 14, show_proxy_args },
118 { "ij-untrusted-url", 14, ij_untrusted_url },
119 #endif /* def TRUST_FILES */
123 const struct parsers server_patterns[] = {
124 { "set-cookie:", 11, server_set_cookie },
125 { "connection:", 11, crumble },
126 #if defined(PCRS) || defined(KILLPOPUPS)
127 { "Content-Type:", 13, content_type },
128 { "Content-Length:", 15, crumble },
129 #endif /* defined(PCRS) || defined(KILLPOPUPS) */
134 void (* const add_client_headers[])(struct client_state *) = {
136 client_x_forwarded_adder,
142 void (* const add_server_headers[])(struct client_state *) = {
147 /*********************************************************************
151 * Description : Do a `strncmpic' on every pattern in pats.
154 * 1 : buf = a string to match to a list of patterns
155 * 2 : pats = list of strings to compare against buf.
157 * Returns : Return the matching "struct parsers *",
158 * or NULL if no pattern matches.
160 *********************************************************************/
161 static const struct parsers *match(char *buf, const struct parsers *pats)
163 const struct parsers *v;
168 log_error(LOG_LEVEL_ERROR, "NULL parameter to match()");
172 for (v = pats; v->str ; v++)
174 if (strncmpic(buf, v->str, v->len) == 0)
184 /*********************************************************************
186 * Function : flush_socket
188 * Description : Write any pending "buffered" content.
191 * 1 : fd = file descriptor of the socket to read
192 * 2 : csp = Current client state (buffers, headers, etc...)
194 * Returns : On success, the number of bytes written are returned (zero
195 * indicates nothing was written). On error, -1 is returned,
196 * and errno is set appropriately. If count is zero and the
197 * file descriptor refers to a regular file, 0 will be
198 * returned without causing any other effect. For a special
199 * file, the results are not portable.
201 *********************************************************************/
202 int flush_socket(int fd, struct client_state *csp)
204 struct iob *iob = csp->iob;
205 int n = iob->eod - iob->cur;
212 n = write_socket(fd, iob->cur, n);
213 iob->eod = iob->cur = iob->buf;
219 /*********************************************************************
221 * Function : add_to_iob
223 * Description : Add content to the buffered page.
226 * 1 : csp = Current client state (buffers, headers, etc...)
227 * 2 : buf = holds the content to be added to the page
228 * 3 : n = number of bytes to be added
230 * Returns : Number of bytes in the content buffer.
232 *********************************************************************/
233 int add_to_iob(struct client_state *csp, char *buf, int n)
235 struct iob *iob = csp->iob;
239 have = iob->eod - iob->cur;
248 if ((p = (char *)malloc(need + 1)) == NULL)
250 log_error(LOG_LEVEL_ERROR, "malloc() iob failed: %E");
256 /* there is something in the buffer - save it */
257 memcpy(p, iob->cur, have);
259 /* replace the buffer with the new space */
263 /* point to the end of the data */
268 /* the buffer is empty, free it and reinitialize */
273 /* copy the new data into the iob buffer */
276 /* point to the end of the data */
279 /* null terminate == cheap insurance */
282 /* set the pointers to the new values */
291 /*********************************************************************
293 * Function : get_header
295 * Description : This (odd) routine will parse the csp->iob
298 * 1 : csp = Current client state (buffers, headers, etc...)
300 * Returns : Any one of the following:
302 * 1) a pointer to a dynamically allocated string that contains a header line
303 * 2) NULL indicating that the end of the header was reached
304 * 3) "" indicating that the end of the iob was reached before finding
305 * a complete header line.
307 *********************************************************************/
308 char *get_header(struct client_state *csp)
314 if ((iob->cur == NULL)
315 || ((p = strchr(iob->cur, '\n')) == NULL))
317 return(""); /* couldn't find a complete header */
322 ret = strdup(iob->cur);
326 if ((q = strchr(ret, '\r'))) *q = '\0';
328 /* is this a blank linke (i.e. the end of the header) ? */
340 /*********************************************************************
344 * Description : Append a string into a specified string list.
347 * 1 : h = pointer to list 'dummy' header
348 * 2 : s = string to add to the list
352 *********************************************************************/
353 void enlist(struct list *h, const char *s)
355 struct list *n = (struct list *)malloc(sizeof(*n));
378 /*********************************************************************
380 * Function : destroy_list
382 * Description : Destroy a string list (opposite of enlist)
385 * 1 : h = pointer to list 'dummy' header
389 *********************************************************************/
390 void destroy_list(struct list *h)
394 for (p = h->next; p ; p = n)
401 memset(h, '\0', sizeof(*h));
406 /*********************************************************************
408 * Function : list_to_text
410 * Description : "Flaten" a string list into 1 long \r\n delimited string.
413 * 1 : h = pointer to list 'dummy' header
415 * Returns : NULL on malloc error, else new long string.
417 *********************************************************************/
418 static char *list_to_text(struct list *h)
427 for (p = h->next; p ; p = p->next)
431 size += strlen(p->str) + 2;
435 if ((ret = (char *)malloc(size + 1)) == NULL)
444 for (p = h->next; p ; p = p->next)
450 *s++ = '\r'; *s++ = '\n';
459 /*********************************************************************
463 * Description : add, delete or modify lines in the HTTP header streams.
464 * On entry, it receives a linked list of headers space
465 * that was allocated dynamically (both the list nodes
466 * and the header contents).
468 * As a side effect it frees the space used by the original
472 * 1 : pats = list of patterns to match against headers
473 * 2 : more_headers = list of functions to add more
474 * headers (client or server)
475 * 3 : csp = Current client state (buffers, headers, etc...)
477 * Returns : Single pointer to a fully formed header.
479 *********************************************************************/
480 char *sed(const struct parsers pats[], void (* const more_headers[])(struct client_state *), struct client_state *csp)
483 const struct parsers *v;
487 for (p = csp->headers->next; p ; p = p->next)
489 log_error(LOG_LEVEL_HEADER, "scan: %s", p->str);
491 if ((v = match(p->str, pats)))
493 hdr = v->parser(v, p->str, csp);
500 /* place any additional headers on the csp->headers list */
501 for (f = more_headers; *f ; f++)
506 /* add the blank line at the end of the header */
507 enlist(csp->headers, "");
509 hdr = list_to_text(csp->headers);
516 /*********************************************************************
518 * Function : free_http_request
520 * Description : Freez a http_request structure
523 * 1 : http = points to a http_request structure to free
527 *********************************************************************/
528 void free_http_request(struct http_request *http)
533 freez(http->hostport);
540 /*********************************************************************
542 * Function : parse_http_request
544 * Description : Parse out the host and port from the URL. Find the
545 * hostname & path, port (if ':'), and/or password (if '@')
548 * 1 : req = URL (or is it URI?) to break down
549 * 2 : http = pointer to the http structure to hold elements
550 * 3 : csp = Current client state (buffers, headers, etc...)
554 *********************************************************************/
555 void parse_http_request(char *req, struct http_request *http, struct client_state *csp)
557 char *buf, *v[10], *url, *p;
560 memset(http, '\0', sizeof(*http));
562 http->cmd = strdup(req);
566 n = ssplit(buf, " \r\n", v, SZ(v), 1, 1);
570 /* this could be a CONNECT request */
571 if (strcmpic(v[0], "connect") == 0)
574 http->gpc = strdup(v[0]);
575 http->hostport = strdup(v[1]);
576 http->ver = strdup(v[2]);
581 /* This next line is a little ugly, but it simplifies the if statement below. */
582 /* Basically if using webDAV, we want the OR condition to use these too. */
586 * These are the headers as defined in RFC2518 to add webDAV support
589 #define OR_WEBDAV || \
590 (0 == strcmpic(v[0], "propfind")) || \
591 (0 == strcmpic(v[0], "proppatch")) || \
592 (0 == strcmpic(v[0], "move")) || \
593 (0 == strcmpic(v[0], "copy")) || \
594 (0 == strcmpic(v[0], "mkcol")) || \
595 (0 == strcmpic(v[0], "lock")) || \
596 (0 == strcmpic(v[0], "unlock"))
598 #else /* No webDAV support is enabled. Provide an empty OR_WEBDAV macro. */
604 /* or it could be a GET or a POST (possibly webDAV too) */
605 if ((strcmpic(v[0], "get") == 0) ||
606 (strcmpic(v[0], "head") == 0) OR_WEBDAV ||
607 (strcmpic(v[0], "post") == 0))
610 http->gpc = strdup(v[0]);
612 http->ver = strdup(v[2]);
614 if (strncmpic(url, "http://", 7) == 0)
618 else if (strncmpic(url, "https://", 8) == 0)
627 if (url && (p = strchr(url, '/')))
629 http->path = strdup(p);
631 http->hostport = strdup(url);
639 if (http->hostport == NULL)
641 free_http_request(http);
645 buf = strdup(http->hostport);
648 /* check if url contains password */
649 n = ssplit(buf, "@", v, SZ(v), 1, 1);
652 char * newbuf = NULL;
653 newbuf = strdup(v[1]);
658 n = ssplit(buf, ":", v, SZ(v), 1, 1);
662 http->host = strdup(v[0]);
668 http->host = strdup(v[0]);
669 http->port = atoi(v[1]);
674 if (http->host == NULL)
676 free_http_request(http);
679 if (http->path == NULL)
681 http->path = strdup("");
687 /* here begins the family of parser functions that reformat header lines */
690 /*********************************************************************
694 * Description : This is called if a header matches a pattern to "crunch"
697 * 1 : v = Pointer to parsers structure, which basically holds
698 * headers (client or server) that we want to "crunch"
699 * 2 : s = header (from sed) to "crunch"
700 * 3 : csp = Current client state (buffers, headers, etc...)
702 * Returns : Always NULL.
704 *********************************************************************/
705 char *crumble(const struct parsers *v, char *s, struct client_state *csp)
707 log_error(LOG_LEVEL_HEADER, "crunch!");
713 #if defined(PCRS) || defined(KILLPOPUPS)
715 /*********************************************************************
717 * Function : content_type
719 * Description : Is this a text/* or javascript MIME Type?
723 * 2 : s = header string we are "considering"
724 * 3 : csp = Current client state (buffers, headers, etc...)
726 * Returns : A duplicate string pointer to this header (ie. pass thru)
728 *********************************************************************/
729 char *content_type(const struct parsers *v, char *s, struct client_state *csp)
731 if (strstr (s, " text/") || strstr (s, "application/x-javascript"))
740 #endif /* defined(PCRS) || defined(KILLPOPUPS) */
743 /*********************************************************************
745 * Function : client_referrer
747 * Description : Handle the "referer" config setting properly.
752 * 2 : s = header (from sed) to "crunch"
753 * 3 : csp = Current client state (buffers, headers, etc...)
755 * Returns : NULL if crunched, or a malloc'ed string with the original
758 *********************************************************************/
759 char *client_referrer(const struct parsers *v, char *s, struct client_state *csp)
762 /* Since the referrer can include the prefix even
763 * even if the request itself is non-forced, we must
764 * clean it unconditionally
766 strclean(s, FORCE_PREFIX);
767 #endif /* def FORCE_LOAD */
769 csp->referrer = strdup(s);
771 if (referrer == NULL)
773 log_error(LOG_LEVEL_HEADER, "crunch!");
777 if (*referrer == '.')
782 if (*referrer == '@')
784 if (csp->permissions & PERMIT_COOKIE_READ)
790 log_error(LOG_LEVEL_HEADER, "crunch!");
796 * New option ยง or L: Forge a referer as http://[hostname:port of REQUEST]/
797 * to fool stupid checks for in-site links
800 if (*referrer == 'ยง' || *referrer == 'L')
802 if (csp->permissions & PERMIT_COOKIE_READ)
808 log_error(LOG_LEVEL_HEADER, "crunch+forge!");
809 s = strsav(NULL, "Referer: ");
810 s = strsav(s, "http://");
811 s = strsav(s, csp->http->hostport);
817 log_error(LOG_LEVEL_HEADER, "modified");
819 s = strsav( NULL, "Referer: " );
820 s = strsav( s, referrer );
826 /*********************************************************************
828 * Function : client_uagent
830 * Description : Handle the "user-agent" config setting properly.
835 * 2 : s = header (from sed) to "crunch"
836 * 3 : csp = Current client state (buffers, headers, etc...)
838 * Returns : A malloc'ed pointer to the default agent, or
839 * a malloc'ed string pointer to this header (ie. pass thru).
841 *********************************************************************/
842 char *client_uagent(const struct parsers *v, char *s, struct client_state *csp)
844 #ifdef DETECT_MSIE_IMAGES
845 if (strstr (s, "MSIE "))
847 /* This is Microsoft Internet Explorer.
848 * Enable auto-detect.
850 csp->accept_types |= ACCEPT_TYPE_IS_MSIE;
852 #endif /* def DETECT_MSIE_IMAGES */
856 log_error(LOG_LEVEL_HEADER, "default");
857 return(strdup(DEFAULT_USER_AGENT));
867 if (csp->permissions & PERMIT_COOKIE_READ)
873 log_error(LOG_LEVEL_HEADER, "default");
874 return(strdup(DEFAULT_USER_AGENT));
878 log_error(LOG_LEVEL_HEADER, "modified");
880 s = strsav( NULL, "User-Agent: " );
881 s = strsav( s, uagent );
887 /*********************************************************************
889 * Function : client_ua
891 * Description : Handle "ua-" headers properly. Called from `sed'.
895 * 2 : s = header (from sed) to "crunch"
896 * 3 : csp = Current client state (buffers, headers, etc...)
898 * Returns : NULL if crunched, or a malloc'ed string to original header
900 *********************************************************************/
901 char *client_ua(const struct parsers *v, char *s, struct client_state *csp)
905 log_error(LOG_LEVEL_HEADER, "crunch!");
916 if (csp->permissions & PERMIT_COOKIE_READ)
922 log_error(LOG_LEVEL_HEADER, "crunch!");
927 log_error(LOG_LEVEL_HEADER, "crunch!");
933 /*********************************************************************
935 * Function : client_from
937 * Description : Handle the "from" config setting properly.
942 * 2 : s = header (from sed) to "crunch"
943 * 3 : csp = Current client state (buffers, headers, etc...)
945 * Returns : NULL if crunched, or a malloc'ed string to
946 * modified/original header.
948 *********************************************************************/
949 char *client_from(const struct parsers *v, char *s, struct client_state *csp)
951 /* if not set, zap it */
954 log_error(LOG_LEVEL_HEADER, "crunch!");
963 log_error(LOG_LEVEL_HEADER, " modified");
965 s = strsav( NULL, "From: " );
966 s = strsav( s, from );
972 /*********************************************************************
974 * Function : client_send_cookie
976 * Description : Handle the "cookie" header properly. Called from `sed'.
977 * If cookie is accepted, add it to the cookie_list,
978 * else we crunch it. Mmmmmmmmmmm ... cookie ......
981 * 1 : v = pattern of cookie `sed' found matching
982 * 2 : s = header (from sed) to "crunch"
983 * 3 : csp = Current client state (buffers, headers, etc...)
985 * Returns : Always NULL.
987 *********************************************************************/
988 char *client_send_cookie(const struct parsers *v, char *s, struct client_state *csp)
990 if (csp->permissions & PERMIT_COOKIE_READ)
992 enlist(csp->cookie_list, s + v->len + 1);
996 log_error(LOG_LEVEL_HEADER, " crunch!");
1000 * Always return NULL here. The cookie header
1001 * will be sent at the end of the header.
1008 /*********************************************************************
1010 * Function : client_x_forwarded
1012 * Description : Handle the "x-forwarded-for" config setting properly,
1013 * also used in the add_client_headers list. Called from `sed'.
1017 * 2 : s = header (from sed) to "crunch"
1018 * 3 : csp = Current client state (buffers, headers, etc...)
1020 * Returns : Always NULL.
1022 *********************************************************************/
1023 char *client_x_forwarded(const struct parsers *v, char *s, struct client_state *csp)
1027 csp->x_forwarded = strdup(s);
1031 * Always return NULL, since this information
1032 * will be sent at the end of the header.
1039 #if defined(DETECT_MSIE_IMAGES)
1040 /*********************************************************************
1042 * Function : client_accept
1044 * Description : Detect whether the client wants HTML or an image.
1045 * Clients do not always make this information available
1046 * in a sane way. Always passes the header through
1047 * the proxy unchanged.
1051 * 2 : s = Header string. Null terminated.
1052 * 3 : csp = Current client state (buffers, headers, etc...)
1054 * Returns : Duplicate of argument s.
1056 *********************************************************************/
1057 char *client_accept(const struct parsers *v, char *s, struct client_state *csp)
1059 #ifdef DETECT_MSIE_IMAGES
1060 if (strstr (s, "image/gif"))
1062 /* Client will accept HTML. If this seems counterintuitive,
1065 csp->accept_types |= ACCEPT_TYPE_MSIE_HTML;
1069 csp->accept_types |= ACCEPT_TYPE_MSIE_IMAGE;
1071 #endif /* def DETECT_MSIE_IMAGES */
1076 #endif /* defined(DETECT_MSIE_IMAGES) */
1080 /* the following functions add headers directly to the header list */
1083 /*********************************************************************
1085 * Function : client_cookie_adder
1087 * Description : Used in the add_client_headers list. Called from `sed'.
1090 * 1 : csp = Current client state (buffers, headers, etc...)
1094 *********************************************************************/
1095 void client_cookie_adder(struct client_state *csp)
1101 for (l = csp->cookie_list->next; l ; l = l->next)
1105 tmp = strsav(tmp, "; ");
1107 tmp = strsav(tmp, l->str);
1110 for (l = wafer_list->next; l ; l = l->next)
1114 tmp = strsav(tmp, "; ");
1117 if ((e = cookie_encode(l->str)))
1119 tmp = strsav(tmp, e);
1128 ret = strdup("Cookie: ");
1129 ret = strsav(ret, tmp);
1130 log_error(LOG_LEVEL_HEADER, "addh: %s", ret);
1131 enlist(csp->headers, ret);
1139 /*********************************************************************
1141 * Function : client_xtra_adder
1143 * Description : Used in the add_client_headers list. Called from `sed'.
1146 * 1 : csp = Current client state (buffers, headers, etc...)
1150 *********************************************************************/
1151 void client_xtra_adder(struct client_state *csp)
1155 for (l = xtra_list->next; l ; l = l->next)
1157 log_error(LOG_LEVEL_HEADER, "addh: %s", l->str);
1158 enlist(csp->headers, l->str);
1164 /*********************************************************************
1166 * Function : client_x_forwarded_adder
1168 * Description : Used in the add_client_headers list. Called from `sed'.
1171 * 1 : csp = Current client state (buffers, headers, etc...)
1175 *********************************************************************/
1176 void client_x_forwarded_adder(struct client_state *csp)
1180 if (add_forwarded == 0) return;
1182 if (csp->x_forwarded)
1184 p = strsav(p, csp->x_forwarded);
1185 p = strsav(p, ", ");
1186 p = strsav(p, csp->ip_addr_str);
1190 p = strsav(p, "X-Forwarded-For: ");
1191 p = strsav(p, csp->ip_addr_str);
1194 log_error(LOG_LEVEL_HEADER, "addh: %s", p);
1195 enlist(csp->headers, p);
1200 /*********************************************************************
1202 * Function : server_set_cookie
1204 * Description : Handle the server "cookie" header properly.
1205 * Log cookie to the jar file. Then "crunch" it,
1206 * or accept it. Called from `sed'.
1209 * 1 : v = parser pattern that matched this header
1210 * 2 : s = header that matched this pattern
1211 * 3 : csp = Current client state (buffers, headers, etc...)
1213 * Returns : `crumble' or a newly malloc'ed string.
1215 *********************************************************************/
1216 char *server_set_cookie(const struct parsers *v, char *s, struct client_state *csp)
1221 fprintf(jar, "%s\t%s\n", csp->http->host, (s + v->len + 1));
1223 #endif /* def JAR_FILES */
1225 if (!(csp->permissions & PERMIT_COOKIE_SET))
1227 return(crumble(v, s, csp));
1236 /*********************************************************************
1238 * Function : client_host
1240 * Description : Clean the FORCE_PREFIX out of the 'host' http
1241 * header, if we use force
1245 * 2 : s = header (from sed) to clean
1246 * 3 : csp = Current client state (buffers, headers, etc...)
1248 * Returns : A malloc'ed pointer to the cleaned host header
1250 *********************************************************************/
1251 char *client_host(const struct parsers *v, char *s, struct client_state *csp)
1253 char *cleanhost = strdup(s);
1256 strclean(cleanhost, FORCE_PREFIX);
1260 #endif /* def FORCE_LOAD */
1264 /*********************************************************************
1266 * Function : strclean
1268 * Description : In-Situ-Eliminate all occurances of substring in
1272 * 1 : string = string to clean
1273 * 2 : substring = substring to eliminate
1275 * Returns : Number of eliminations
1277 *********************************************************************/
1278 int strclean(const char *string, const char *substring)
1280 int hits = 0, len = strlen(substring);
1283 while((pos = strstr(string, substring)))
1290 while (*p++ != '\0');
1297 #endif /* def FORCE_LOAD */