Privoxy is going to shut down after the next request.
\n" + "\n" + "\n"; + assert(csp); assert(rsp); assert(parameters); @@ -419,12 +202,21 @@ jb_err cgi_die (struct client_state *csp, /* quit */ g_terminate = 1; - /* - * I don't really care what gets sent back to the browser. - * Take the easy option - "out of memory" page. - */ + csp->flags &= ~CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE; + + rsp->content_length = 0; + rsp->head_length = 0; + rsp->is_static = 0; + + rsp->body = strdup(body); + rsp->status = strdup(status); + + if ((rsp->body == NULL) || (rsp->status == NULL)) + { + return JB_ERR_MEMORY; + } - return JB_ERR_MEMORY; + return JB_ERR_OK; } #endif /* def FEATURE_GRACEFUL_TERMINATION */ @@ -435,7 +227,7 @@ jb_err cgi_die (struct client_state *csp, * * Description : Show the client's request and what sed() would have * made of it. - * + * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) * 2 : rsp = http_response data structure for output @@ -444,7 +236,7 @@ jb_err cgi_die (struct client_state *csp, * CGI Parameters : none * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_show_request(struct client_state *csp, @@ -462,7 +254,7 @@ jb_err cgi_show_request(struct client_state *csp, { return JB_ERR_MEMORY; } - + /* * Repair the damage done to the IOB by get_header() */ @@ -482,8 +274,8 @@ jb_err cgi_show_request(struct client_state *csp, return JB_ERR_MEMORY; } - if (map(exports, "processed-request", 1, html_encode_and_free_original( - sed(client_patterns, add_client_headers, csp)), 0)) + if (map(exports, "processed-request", 1, + html_encode_and_free_original(list_to_text(csp->headers)), 0)) { free_map(exports); return JB_ERR_MEMORY; @@ -497,7 +289,7 @@ jb_err cgi_show_request(struct client_state *csp, * * Function : cgi_send_banner * - * Description : CGI function that returns a banner. + * Description : CGI function that returns a banner. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) @@ -512,7 +304,7 @@ jb_err cgi_show_request(struct client_state *csp, * equivalent). * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_send_banner(struct client_state *csp, @@ -525,7 +317,7 @@ jb_err cgi_send_banner(struct client_state *csp, * If type is auto, then determine the right thing * to do from the set-image-blocker action */ - if (imagetype == 'a') + if (imagetype == 'a') { /* * Default to pattern @@ -576,14 +368,14 @@ jb_err cgi_send_banner(struct client_state *csp, } #endif /* def FEATURE_IMAGE_BLOCKING */ } - + /* * Now imagetype is either the non-auto type we were called with, * or it was auto and has since been determined. In any case, we * can proceed to actually answering the request by sending a redirect * or an image as appropriate: */ - if (imagetype == 'r') + if (imagetype == 'r') { rsp->status = strdup("302 Local Redirect from Privoxy"); if (rsp->status == NULL) @@ -598,7 +390,7 @@ jb_err cgi_send_banner(struct client_state *csp, } else { - if ((imagetype == 'b') || (imagetype == 't')) + if ((imagetype == 'b') || (imagetype == 't')) { rsp->body = bindup(image_blank_data, image_blank_length); rsp->content_length = image_blank_length; @@ -640,13 +432,16 @@ jb_err cgi_send_banner(struct client_state *csp, * CGI Parameters : None * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_transparent_image(struct client_state *csp, struct http_response *rsp, const struct map *parameters) { + (void)csp; + (void)parameters; + rsp->body = bindup(image_blank_data, image_blank_length); rsp->content_length = image_blank_length; @@ -667,6 +462,128 @@ jb_err cgi_transparent_image(struct client_state *csp, } +/********************************************************************* + * + * Function : cgi_send_default_favicon + * + * Description : CGI function that sends the standard favicon. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : None + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +jb_err cgi_send_default_favicon(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + static const char default_favicon_data[] = + "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" + "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" + "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" + "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" + "\000\000\377\377\377\000\377\000\052\000\017\360\000\000\077" + "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" + "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" + "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" + "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" + "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" + "\017\000\000"; + static const size_t favicon_length = sizeof(default_favicon_data) - 1; + + (void)csp; + (void)parameters; + + rsp->body = bindup(default_favicon_data, favicon_length); + rsp->content_length = favicon_length; + + if (rsp->body == NULL) + { + return JB_ERR_MEMORY; + } + + if (enlist(rsp->headers, "Content-Type: image/x-icon")) + { + return JB_ERR_MEMORY; + } + + rsp->is_static = 1; + + return JB_ERR_OK; + +} + + +/********************************************************************* + * + * Function : cgi_send_error_favicon + * + * Description : CGI function that sends the favicon for error pages. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : None + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +jb_err cgi_send_error_favicon(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + static const char error_favicon_data[] = + "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" + "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" + "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" + "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" + "\000\000\377\377\377\000\000\000\377\000\017\360\000\000\077" + "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" + "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" + "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" + "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" + "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" + "\017\000\000"; + static const size_t favicon_length = sizeof(error_favicon_data) - 1; + + (void)csp; + (void)parameters; + + rsp->body = bindup(error_favicon_data, favicon_length); + rsp->content_length = favicon_length; + + if (rsp->body == NULL) + { + return JB_ERR_MEMORY; + } + + if (enlist(rsp->headers, "Content-Type: image/x-icon")) + { + return JB_ERR_MEMORY; + } + + rsp->is_static = 1; + + return JB_ERR_OK; + +} + + /********************************************************************* * * Function : cgi_send_stylesheet @@ -682,7 +599,7 @@ jb_err cgi_transparent_image(struct client_state *csp, * CGI Parameters : None * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_send_stylesheet(struct client_state *csp, @@ -690,10 +607,12 @@ jb_err cgi_send_stylesheet(struct client_state *csp, const struct map *parameters) { jb_err err; - + assert(csp); assert(rsp); + (void)parameters; + err = template_load(csp, &rsp->body, "cgi-style.css", 0); if (err == JB_ERR_FILE) @@ -716,6 +635,94 @@ jb_err cgi_send_stylesheet(struct client_state *csp, return JB_ERR_OK; } + + +/********************************************************************* + * + * Function : cgi_send_url_info_osd + * + * Description : CGI function that sends the OpenSearch Description + * template for the show-url-info page. It allows to + * access the page through "search engine plugins". + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : None + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +jb_err cgi_send_url_info_osd(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + jb_err err = JB_ERR_MEMORY; + struct map *exports = default_exports(csp, NULL); + + (void)csp; + (void)parameters; + + if (NULL != exports) + { + err = template_fill_for_cgi(csp, "url-info-osd.xml", exports, rsp); + if (JB_ERR_OK == err) + { + err = enlist(rsp->headers, + "Content-Type: application/opensearchdescription+xml"); + } + } + + return err; + +} + + +/********************************************************************* + * + * Function : get_content_type + * + * Description : Use the file extension to guess the content type + * header we should use to serve the file. + * + * Parameters : + * 1 : filename = Name of the file whose content type + * we care about + * + * Returns : The guessed content type. + * + *********************************************************************/ +static const char *get_content_type(const char *filename) +{ + int i; + struct content_type + { + const char *extension; + const char *content_type; + }; + static const struct content_type content_types[] = + { + {".css", "text/css"}, + {".jpg", "image/jpeg"}, + {".jpeg", "image/jpeg"}, + {".png", "image/png"}, + }; + + for (i = 0; i < SZ(content_types); i++) + { + if (strstr(filename, content_types[i].extension)) + { + return content_types[i].content_type; + } + } + + /* No match by extension, default to html */ + return "text/html"; +} + /********************************************************************* * * Function : cgi_send_user_manual @@ -732,23 +739,29 @@ jb_err cgi_send_stylesheet(struct client_state *csp, * (relative to user-manual from config) * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_send_user_manual(struct client_state *csp, struct http_response *rsp, const struct map *parameters) { - const char * filename; + const char *filename; char *full_path; - FILE *fp; jb_err err = JB_ERR_OK; - size_t length; + const char *content_type; assert(csp); assert(rsp); assert(parameters); + if (0 == strncmpic(csp->config->usermanual, "http://", 7)) + { + log_error(LOG_LEVEL_CGI, "Request for local user-manual " + "received while user-manual delivery is disabled."); + return cgi_error_404(csp, rsp, parameters); + } + if (!parameters->first) { /* requested http://p.p/user-manual (without trailing slash) */ @@ -756,88 +769,48 @@ jb_err cgi_send_user_manual(struct client_state *csp, } get_string_param(parameters, "file", &filename); - /* Check paramter for hack attempts */ - if (filename && strchr(filename, '/')) + if (filename == NULL) { - return JB_ERR_CGI_PARAMS; + /* It's '/' so serve the index.html if there is one. */ + filename = "index.html"; } - if (filename && strstr(filename, "..")) + else if (NULL != strchr(filename, '/') || NULL != strstr(filename, "..")) { + /* + * We currently only support a flat file + * hierarchy for the documentation. + */ + log_error(LOG_LEVEL_ERROR, + "Rejecting the request to serve '%s' as it contains '/' or '..'", + filename); return JB_ERR_CGI_PARAMS; } - full_path = make_path(csp->config->usermanual, filename ? filename : "index.html"); + full_path = make_path(csp->config->usermanual, filename); if (full_path == NULL) { return JB_ERR_MEMORY; } - /* Open user-manual file */ -#ifdef WIN32 - /* - * XXX: Do we support other operating systems that - * require special treatment to fopen in binary mode? - */ - if (NULL == (fp = fopen(full_path, "rb"))) -#else - if (NULL == (fp = fopen(full_path, "r"))) -#endif /* def WIN32 */ + err = load_file(full_path, &rsp->body, &rsp->content_length); + if (JB_ERR_OK != err) { - log_error(LOG_LEVEL_ERROR, "Cannot open user-manual file %s: %E", full_path); - err = cgi_error_no_template(csp, rsp, full_path); - free(full_path); + assert((JB_ERR_FILE == err) || (JB_ERR_MEMORY == err)); + if (JB_ERR_FILE == err) + { + err = cgi_error_no_template(csp, rsp, full_path); + } + freez(full_path); return err; } + freez(full_path); - /* Get file length */ - fseek(fp, 0, SEEK_END); - length = (size_t)ftell(fp); - fseek(fp, 0, SEEK_SET); - - /* Allocate memory and load the file directly into the body */ - rsp->body = (char *)zalloc(length+1); - if (!rsp->body) - { - fclose(fp); - free(full_path); - return JB_ERR_MEMORY; - } - if (!fread(rsp->body, length, 1, fp)) - { - /* - * This happens if we didn't fopen in binary mode. - * If it does, we just log it and serve what we got. - */ - log_error(LOG_LEVEL_ERROR, "Couldn't completely read user-manual file %s.", full_path); - } - fclose(fp); - free(full_path); - - rsp->content_length = length; + content_type = get_content_type(filename); + log_error(LOG_LEVEL_CGI, + "Content-Type guessed for %s: %s", filename, content_type); - /* Guess correct Content-Type based on the filename's ending */ - if (filename) - { - length = strlen(filename); - } - else - { - length = 0; - } - if((length>=4) && !strcmp(&filename[length-4], ".css")) - { - err = enlist(rsp->headers, "Content-Type: text/css"); - } - else if((length>=4) && !strcmp(&filename[length-4], ".jpg")) - { - err = enlist(rsp->headers, "Content-Type: image/jpeg"); - } - else - { - err = enlist(rsp->headers, "Content-Type: text/html"); - } + return enlist_unique_header(rsp->headers, "Content-Type", content_type); - return err; } @@ -856,7 +829,7 @@ jb_err cgi_send_user_manual(struct client_state *csp, * CGI Parameters : none * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_show_version(struct client_state *csp, @@ -883,7 +856,7 @@ jb_err cgi_show_version(struct client_state *csp, return template_fill_for_cgi(csp, "show-version", exports, rsp); } - + /********************************************************************* * * Function : cgi_show_status @@ -899,13 +872,13 @@ jb_err cgi_show_version(struct client_state *csp, * CGI Parameters : * file : Which file to show. Only first letter is checked, * valid values are: - * - "p"ermissions (actions) file + * - "a"ction file * - "r"egex * - "t"rust * Default is to show menu and other information. * * Returns : JB_ERR_OK on success - * JB_ERR_MEMORY on out-of-memory error. + * JB_ERR_MEMORY on out-of-memory error. * *********************************************************************/ jb_err cgi_show_status(struct client_state *csp, @@ -916,10 +889,7 @@ jb_err cgi_show_status(struct client_state *csp, unsigned i; int j; - FILE * fp; char buf[BUFFER_SIZE]; - const char * filename = NULL; - char * file_description = NULL; #ifdef FEATURE_STATISTICS float perc_rej; /* Percentage of http requests rejected */ int local_urls_read; @@ -933,74 +903,14 @@ jb_err cgi_show_status(struct client_state *csp, assert(rsp); assert(parameters); - if (NULL == (exports = default_exports(csp, "show-status"))) - { - return JB_ERR_MEMORY; - } - - switch (*(lookup(parameters, "file"))) + if ('\0' != *(lookup(parameters, "file"))) { - case 'a': - if (!get_number_param(csp, parameters, "index", &i) && i < MAX_AF_FILES && csp->actions_list[i]) - { - filename = csp->actions_list[i]->filename; - file_description = "Actions File"; - } - break; - - case 'f': - if (!get_number_param(csp, parameters, "index", &i) && i < MAX_AF_FILES && csp->rlist[i]) - { - filename = csp->rlist[i]->filename; - file_description = "Filter File"; - } - break; - -#ifdef FEATURE_TRUST - case 't': - if (csp->tlist) - { - filename = csp->tlist->filename; - file_description = "Trust File"; - } - break; -#endif /* def FEATURE_TRUST */ + return cgi_show_file(csp, rsp, parameters); } - if (NULL != filename) + if (NULL == (exports = default_exports(csp, "show-status"))) { - if ( map(exports, "file-description", 1, file_description, 1) - || map(exports, "filepath", 1, html_encode(filename), 0) ) - { - free_map(exports); - return JB_ERR_MEMORY; - } - - if ((fp = fopen(filename, "r")) == NULL) - { - if (map(exports, "content", 1, "In file: "); string_join (&matches, html_encode(csp->config->actions_file_short[i])); - snprintf(buf, 150, ".action ", i); + snprintf(buf, sizeof(buf), " ", i); string_append(&matches, buf); string_append(&matches, "View"); #ifdef FEATURE_CGI_EDIT_ACTIONS - string_append(&matches, " config->actions_file_short[i])); - string_append(&matches, "\">Edit"); -#endif + if (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS) + { +#ifdef HAVE_ACCESS + if (access(csp->config->actions_file[i], W_OK) == 0) + { +#endif /* def HAVE_ACCESS */ + snprintf(buf, sizeof(buf), + " ", i); + string_append(&matches, buf); + string_append(&matches, "Edit"); +#ifdef HAVE_ACCESS + } + else + { + string_append(&matches, " No write access."); + } +#endif /* def HAVE_ACCESS */ + } +#endif /* FEATURE_CGI_EDIT_ACTIONS */ + string_append(&matches, " |
---|
{");
string_join (&matches, actions_to_html(csp, b->action));
- string_append(&matches, " } \n ");
+ string_append(&matches, " } |