]> git.cameronkatri.com Git - mandoc.git/blob - cgi.c
Rewrite http_parse() completely:
[mandoc.git] / cgi.c
1 /* $Id: cgi.c,v 1.83 2014/07/25 16:07:13 schwarze Exp $ */
2 /*
3 * Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv>
4 * Copyright (c) 2014 Ingo Schwarze <schwarze@usta.de>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18 #ifdef HAVE_CONFIG_H
19 #include "config.h"
20 #endif
21
22 #include <ctype.h>
23 #include <errno.h>
24 #include <fcntl.h>
25 #include <limits.h>
26 #include <stdio.h>
27 #include <stdlib.h>
28 #include <string.h>
29 #include <unistd.h>
30
31 #include "mandoc.h"
32 #include "mandoc_aux.h"
33 #include "main.h"
34 #include "manpath.h"
35 #include "mansearch.h"
36 #include "cgi.h"
37
38 /*
39 * A query as passed to the search function.
40 */
41 struct query {
42 char *manpath; /* desired manual directory */
43 char *arch; /* architecture */
44 char *sec; /* manual section */
45 char *expr; /* unparsed expression string */
46 int equal; /* match whole names, not substrings */
47 };
48
49 struct req {
50 struct query q;
51 char **p; /* array of available manpaths */
52 size_t psz; /* number of available manpaths */
53 };
54
55 static void catman(const struct req *, const char *);
56 static void format(const struct req *, const char *);
57 static void html_print(const char *);
58 static void html_printquery(const struct req *);
59 static void html_putchar(char);
60 static int http_decode(char *);
61 static void http_parse(struct req *, const char *);
62 static void http_print(const char *);
63 static void http_putchar(char);
64 static void http_printquery(const struct req *);
65 static void pathgen(struct req *);
66 static void pg_error_badrequest(const char *);
67 static void pg_error_internal(void);
68 static void pg_index(const struct req *);
69 static void pg_noresult(const struct req *, const char *);
70 static void pg_search(const struct req *);
71 static void pg_searchres(const struct req *,
72 struct manpage *, size_t);
73 static void pg_show(struct req *, const char *);
74 static void resp_begin_html(int, const char *);
75 static void resp_begin_http(int, const char *);
76 static void resp_end_html(void);
77 static void resp_searchform(const struct req *);
78 static void resp_show(const struct req *, const char *);
79
80 static const char *scriptname; /* CGI script name */
81
82 static const int sec_prios[] = {1, 4, 5, 8, 6, 3, 7, 2, 9};
83 static const char *const sec_numbers[] = {
84 "0", "1", "2", "3", "3p", "4", "5", "6", "7", "8", "9"
85 };
86 static const char *const sec_names[] = {
87 "All Sections",
88 "1 - General Commands",
89 "2 - System Calls",
90 "3 - Subroutines",
91 "3p - Perl Subroutines",
92 "4 - Special Files",
93 "5 - File Formats",
94 "6 - Games",
95 "7 - Macros and Conventions",
96 "8 - Maintenance Commands",
97 "9 - Kernel Interface"
98 };
99 static const int sec_MAX = sizeof(sec_names) / sizeof(char *);
100
101 static const char *const arch_names[] = {
102 "amd64", "alpha", "armish", "armv7",
103 "aviion", "hppa", "hppa64", "i386",
104 "ia64", "landisk", "loongson", "luna88k",
105 "macppc", "mips64", "octeon", "sgi",
106 "socppc", "solbourne", "sparc", "sparc64",
107 "vax", "zaurus",
108 "amiga", "arc", "arm32", "atari",
109 "beagle", "cats", "hp300", "mac68k",
110 "mvme68k", "mvme88k", "mvmeppc", "palm",
111 "pc532", "pegasos", "pmax", "powerpc",
112 "sun3", "wgrisc", "x68k"
113 };
114 static const int arch_MAX = sizeof(arch_names) / sizeof(char *);
115
116 /*
117 * Print a character, escaping HTML along the way.
118 * This will pass non-ASCII straight to output: be warned!
119 */
120 static void
121 html_putchar(char c)
122 {
123
124 switch (c) {
125 case ('"'):
126 printf("&quote;");
127 break;
128 case ('&'):
129 printf("&amp;");
130 break;
131 case ('>'):
132 printf("&gt;");
133 break;
134 case ('<'):
135 printf("&lt;");
136 break;
137 default:
138 putchar((unsigned char)c);
139 break;
140 }
141 }
142
143 static void
144 http_printquery(const struct req *req)
145 {
146
147 if (NULL != req->q.manpath) {
148 printf("&manpath=");
149 http_print(req->q.manpath);
150 }
151 if (NULL != req->q.sec) {
152 printf("&sec=");
153 http_print(req->q.sec);
154 }
155 if (NULL != req->q.arch) {
156 printf("&arch=");
157 http_print(req->q.arch);
158 }
159 if (NULL != req->q.expr) {
160 printf("&query=");
161 http_print(req->q.expr);
162 }
163 if (0 == req->q.equal)
164 printf("&apropos=1");
165 }
166
167 static void
168 html_printquery(const struct req *req)
169 {
170
171 if (NULL != req->q.manpath) {
172 printf("&amp;manpath=");
173 html_print(req->q.manpath);
174 }
175 if (NULL != req->q.sec) {
176 printf("&amp;sec=");
177 html_print(req->q.sec);
178 }
179 if (NULL != req->q.arch) {
180 printf("&amp;arch=");
181 html_print(req->q.arch);
182 }
183 if (NULL != req->q.expr) {
184 printf("&amp;query=");
185 html_print(req->q.expr);
186 }
187 if (0 == req->q.equal)
188 printf("&amp;apropos=1");
189 }
190
191 static void
192 http_print(const char *p)
193 {
194
195 if (NULL == p)
196 return;
197 while ('\0' != *p)
198 http_putchar(*p++);
199 }
200
201 /*
202 * Call through to html_putchar().
203 * Accepts NULL strings.
204 */
205 static void
206 html_print(const char *p)
207 {
208
209 if (NULL == p)
210 return;
211 while ('\0' != *p)
212 html_putchar(*p++);
213 }
214
215 /*
216 * Transfer the responsibility for the allocated string *val
217 * to the query structure.
218 */
219 static void
220 set_query_attr(char **attr, char **val)
221 {
222
223 free(*attr);
224 if (**val == '\0') {
225 *attr = NULL;
226 free(*val);
227 } else
228 *attr = *val;
229 *val = NULL;
230 }
231
232 /*
233 * Parse the QUERY_STRING for key-value pairs
234 * and store the values into the query structure.
235 */
236 static void
237 http_parse(struct req *req, const char *qs)
238 {
239 char *key, *val;
240 size_t keysz, valsz;
241
242 req->q.manpath = NULL;
243 req->q.arch = NULL;
244 req->q.sec = NULL;
245 req->q.expr = NULL;
246 req->q.equal = 1;
247
248 key = val = NULL;
249 while (*qs != '\0') {
250
251 /* Parse one key. */
252
253 keysz = strcspn(qs, "=;&");
254 key = mandoc_strndup(qs, keysz);
255 qs += keysz;
256 if (*qs != '=')
257 goto next;
258
259 /* Parse one value. */
260
261 valsz = strcspn(++qs, ";&");
262 val = mandoc_strndup(qs, valsz);
263 qs += valsz;
264
265 /* Decode and catch encoding errors. */
266
267 if ( ! (http_decode(key) && http_decode(val)))
268 goto next;
269
270 /* Handle key-value pairs. */
271
272 if ( ! strcmp(key, "query"))
273 set_query_attr(&req->q.expr, &val);
274
275 else if ( ! strcmp(key, "apropos"))
276 req->q.equal = !strcmp(val, "0");
277
278 else if ( ! strcmp(key, "manpath")) {
279 #ifdef COMPAT_OLDURI
280 if ( ! strncmp(val, "OpenBSD ", 8)) {
281 val[7] = '-';
282 if ('C' == val[8])
283 val[8] = 'c';
284 }
285 #endif
286 set_query_attr(&req->q.manpath, &val);
287 }
288
289 else if ( ! (strcmp(key, "sec")
290 #ifdef COMPAT_OLDURI
291 && strcmp(key, "sektion")
292 #endif
293 )) {
294 if ( ! strcmp(val, "0"))
295 *val = '\0';
296 set_query_attr(&req->q.sec, &val);
297 }
298
299 else if ( ! strcmp(key, "arch")) {
300 if ( ! strcmp(val, "default"))
301 *val = '\0';
302 set_query_attr(&req->q.arch, &val);
303 }
304
305 /*
306 * The key must be freed in any case.
307 * The val may have been handed over to the query
308 * structure, in which case it is now NULL.
309 */
310 next:
311 free(key);
312 key = NULL;
313 free(val);
314 val = NULL;
315
316 if (*qs != '\0')
317 qs++;
318 }
319
320 /* Fall back to the default manpath. */
321
322 if (req->q.manpath == NULL)
323 req->q.manpath = mandoc_strdup(req->p[0]);
324 }
325
326 static void
327 http_putchar(char c)
328 {
329
330 if (isalnum((unsigned char)c)) {
331 putchar((unsigned char)c);
332 return;
333 } else if (' ' == c) {
334 putchar('+');
335 return;
336 }
337 printf("%%%.2x", c);
338 }
339
340 /*
341 * HTTP-decode a string. The standard explanation is that this turns
342 * "%4e+foo" into "n foo" in the regular way. This is done in-place
343 * over the allocated string.
344 */
345 static int
346 http_decode(char *p)
347 {
348 char hex[3];
349 char *q;
350 int c;
351
352 hex[2] = '\0';
353
354 q = p;
355 for ( ; '\0' != *p; p++, q++) {
356 if ('%' == *p) {
357 if ('\0' == (hex[0] = *(p + 1)))
358 return(0);
359 if ('\0' == (hex[1] = *(p + 2)))
360 return(0);
361 if (1 != sscanf(hex, "%x", &c))
362 return(0);
363 if ('\0' == c)
364 return(0);
365
366 *q = (char)c;
367 p += 2;
368 } else
369 *q = '+' == *p ? ' ' : *p;
370 }
371
372 *q = '\0';
373 return(1);
374 }
375
376 static void
377 resp_begin_http(int code, const char *msg)
378 {
379
380 if (200 != code)
381 printf("Status: %d %s\r\n", code, msg);
382
383 printf("Content-Type: text/html; charset=utf-8\r\n"
384 "Cache-Control: no-cache\r\n"
385 "Pragma: no-cache\r\n"
386 "\r\n");
387
388 fflush(stdout);
389 }
390
391 static void
392 resp_begin_html(int code, const char *msg)
393 {
394
395 resp_begin_http(code, msg);
396
397 printf("<!DOCTYPE HTML PUBLIC "
398 " \"-//W3C//DTD HTML 4.01//EN\""
399 " \"http://www.w3.org/TR/html4/strict.dtd\">\n"
400 "<HTML>\n"
401 "<HEAD>\n"
402 "<META HTTP-EQUIV=\"Content-Type\""
403 " CONTENT=\"text/html; charset=utf-8\">\n"
404 "<LINK REL=\"stylesheet\" HREF=\"%s/man-cgi.css\""
405 " TYPE=\"text/css\" media=\"all\">\n"
406 "<LINK REL=\"stylesheet\" HREF=\"%s/man.css\""
407 " TYPE=\"text/css\" media=\"all\">\n"
408 "<TITLE>%s</TITLE>\n"
409 "</HEAD>\n"
410 "<BODY>\n"
411 "<!-- Begin page content. //-->\n",
412 CSS_DIR, CSS_DIR, CUSTOMIZE_TITLE);
413 }
414
415 static void
416 resp_end_html(void)
417 {
418
419 puts("</BODY>\n"
420 "</HTML>");
421 }
422
423 static void
424 resp_searchform(const struct req *req)
425 {
426 int i;
427
428 puts(CUSTOMIZE_BEGIN);
429 puts("<!-- Begin search form. //-->");
430 printf("<DIV ID=\"mancgi\">\n"
431 "<FORM ACTION=\"%s\" METHOD=\"get\">\n"
432 "<FIELDSET>\n"
433 "<LEGEND>Manual Page Search Parameters</LEGEND>\n",
434 scriptname);
435
436 /* Write query input box. */
437
438 printf( "<TABLE><TR><TD>\n"
439 "<INPUT TYPE=\"text\" NAME=\"query\" VALUE=\"");
440 if (NULL != req->q.expr)
441 html_print(req->q.expr);
442 puts("\" SIZE=\"40\">");
443
444 /* Write submission and reset buttons. */
445
446 printf( "<INPUT TYPE=\"submit\" VALUE=\"Submit\">\n"
447 "<INPUT TYPE=\"reset\" VALUE=\"Reset\">\n");
448
449 /* Write show radio button */
450
451 printf( "</TD><TD>\n"
452 "<INPUT TYPE=\"radio\" ");
453 if (req->q.equal)
454 printf("CHECKED ");
455 printf( "NAME=\"apropos\" ID=\"show\" VALUE=\"0\">\n"
456 "<LABEL FOR=\"show\">Show named manual page</LABEL>\n");
457
458 /* Write section selector. */
459
460 printf( "</TD></TR><TR><TD>\n"
461 "<SELECT NAME=\"sec\">");
462 for (i = 0; i < sec_MAX; i++) {
463 printf("<OPTION VALUE=\"%s\"", sec_numbers[i]);
464 if (NULL != req->q.sec &&
465 0 == strcmp(sec_numbers[i], req->q.sec))
466 printf(" SELECTED");
467 printf(">%s</OPTION>\n", sec_names[i]);
468 }
469 puts("</SELECT>");
470
471 /* Write architecture selector. */
472
473 printf( "<SELECT NAME=\"arch\">\n"
474 "<OPTION VALUE=\"default\"");
475 if (NULL == req->q.arch)
476 printf(" SELECTED");
477 puts(">All Architectures</OPTION>");
478 for (i = 0; i < arch_MAX; i++) {
479 printf("<OPTION VALUE=\"%s\"", arch_names[i]);
480 if (NULL != req->q.arch &&
481 0 == strcmp(arch_names[i], req->q.arch))
482 printf(" SELECTED");
483 printf(">%s</OPTION>\n", arch_names[i]);
484 }
485 puts("</SELECT>");
486
487 /* Write manpath selector. */
488
489 if (req->psz > 1) {
490 puts("<SELECT NAME=\"manpath\">");
491 for (i = 0; i < (int)req->psz; i++) {
492 printf("<OPTION ");
493 if (NULL == req->q.manpath ? 0 == i :
494 0 == strcmp(req->q.manpath, req->p[i]))
495 printf("SELECTED ");
496 printf("VALUE=\"");
497 html_print(req->p[i]);
498 printf("\">");
499 html_print(req->p[i]);
500 puts("</OPTION>");
501 }
502 puts("</SELECT>");
503 }
504
505 /* Write search radio button */
506
507 printf( "</TD><TD>\n"
508 "<INPUT TYPE=\"radio\" ");
509 if (0 == req->q.equal)
510 printf("CHECKED ");
511 printf( "NAME=\"apropos\" ID=\"search\" VALUE=\"1\">\n"
512 "<LABEL FOR=\"search\">Search with apropos query</LABEL>\n");
513
514 puts("</TD></TR></TABLE>\n"
515 "</FIELDSET>\n"
516 "</FORM>\n"
517 "</DIV>");
518 puts("<!-- End search form. //-->");
519 }
520
521 static int
522 validate_urifrag(const char *frag)
523 {
524
525 while ('\0' != *frag) {
526 if ( ! (isalnum((unsigned char)*frag) ||
527 '-' == *frag || '.' == *frag ||
528 '/' == *frag || '_' == *frag))
529 return(0);
530 frag++;
531 }
532 return(1);
533 }
534
535 static int
536 validate_manpath(const struct req *req, const char* manpath)
537 {
538 size_t i;
539
540 if ( ! strcmp(manpath, "mandoc"))
541 return(1);
542
543 for (i = 0; i < req->psz; i++)
544 if ( ! strcmp(manpath, req->p[i]))
545 return(1);
546
547 return(0);
548 }
549
550 static int
551 validate_filename(const char *file)
552 {
553
554 if ('.' == file[0] && '/' == file[1])
555 file += 2;
556
557 return ( ! (strstr(file, "../") || strstr(file, "/..") ||
558 (strncmp(file, "man", 3) && strncmp(file, "cat", 3))));
559 }
560
561 static void
562 pg_index(const struct req *req)
563 {
564
565 resp_begin_html(200, NULL);
566 resp_searchform(req);
567 printf("<P>\n"
568 "This web interface is documented in the "
569 "<A HREF=\"%s/mandoc/man8/man.cgi.8\">man.cgi</A> "
570 "manual, and the "
571 "<A HREF=\"%s/mandoc/man1/apropos.1\">apropos</A> "
572 "manual explains the query syntax.\n"
573 "</P>\n",
574 scriptname, scriptname);
575 resp_end_html();
576 }
577
578 static void
579 pg_noresult(const struct req *req, const char *msg)
580 {
581 resp_begin_html(200, NULL);
582 resp_searchform(req);
583 puts("<P>");
584 puts(msg);
585 puts("</P>");
586 resp_end_html();
587 }
588
589 static void
590 pg_error_badrequest(const char *msg)
591 {
592
593 resp_begin_html(400, "Bad Request");
594 puts("<H1>Bad Request</H1>\n"
595 "<P>\n");
596 puts(msg);
597 printf("Try again from the\n"
598 "<A HREF=\"%s\">main page</A>.\n"
599 "</P>", scriptname);
600 resp_end_html();
601 }
602
603 static void
604 pg_error_internal(void)
605 {
606 resp_begin_html(500, "Internal Server Error");
607 puts("<P>Internal Server Error</P>");
608 resp_end_html();
609 }
610
611 static void
612 pg_searchres(const struct req *req, struct manpage *r, size_t sz)
613 {
614 char *arch, *archend;
615 size_t i, iuse, isec;
616 int archprio, archpriouse;
617 int prio, priouse;
618 char sec;
619
620 for (i = 0; i < sz; i++) {
621 if (validate_filename(r[i].file))
622 continue;
623 fprintf(stderr, "invalid filename %s in %s database\n",
624 r[i].file, req->q.manpath);
625 pg_error_internal();
626 return;
627 }
628
629 if (1 == sz) {
630 /*
631 * If we have just one result, then jump there now
632 * without any delay.
633 */
634 printf("Status: 303 See Other\r\n");
635 printf("Location: http://%s%s/%s/%s?",
636 HTTP_HOST, scriptname, req->q.manpath, r[0].file);
637 http_printquery(req);
638 printf("\r\n"
639 "Content-Type: text/html; charset=utf-8\r\n"
640 "\r\n");
641 return;
642 }
643
644 resp_begin_html(200, NULL);
645 resp_searchform(req);
646 puts("<DIV CLASS=\"results\">");
647 puts("<TABLE>");
648
649 for (i = 0; i < sz; i++) {
650 printf("<TR>\n"
651 "<TD CLASS=\"title\">\n"
652 "<A HREF=\"%s/%s/%s?",
653 scriptname, req->q.manpath, r[i].file);
654 html_printquery(req);
655 printf("\">");
656 html_print(r[i].names);
657 printf("</A>\n"
658 "</TD>\n"
659 "<TD CLASS=\"desc\">");
660 html_print(r[i].output);
661 puts("</TD>\n"
662 "</TR>");
663 }
664
665 puts("</TABLE>\n"
666 "</DIV>");
667
668 /*
669 * In man(1) mode, show one of the pages
670 * even if more than one is found.
671 */
672
673 if (req->q.equal) {
674 puts("<HR>");
675 iuse = 0;
676 priouse = 10;
677 archpriouse = 3;
678 for (i = 0; i < sz; i++) {
679 isec = strcspn(r[i].file, "123456789");
680 sec = r[i].file[isec];
681 if ('\0' == sec)
682 continue;
683 prio = sec_prios[sec - '1'];
684 if (NULL == req->q.arch) {
685 archprio =
686 (NULL == (arch = strchr(
687 r[i].file + isec, '/'))) ? 3 :
688 (NULL == (archend = strchr(
689 arch + 1, '/'))) ? 0 :
690 strncmp(arch, "amd64/",
691 archend - arch) ? 2 : 1;
692 if (archprio < archpriouse) {
693 archpriouse = archprio;
694 priouse = prio;
695 iuse = i;
696 continue;
697 }
698 if (archprio > archpriouse)
699 continue;
700 }
701 if (prio >= priouse)
702 continue;
703 priouse = prio;
704 iuse = i;
705 }
706 resp_show(req, r[iuse].file);
707 }
708
709 resp_end_html();
710 }
711
712 static void
713 catman(const struct req *req, const char *file)
714 {
715 FILE *f;
716 size_t len;
717 int i;
718 char *p;
719 int italic, bold;
720
721 if (NULL == (f = fopen(file, "r"))) {
722 puts("<P>You specified an invalid manual file.</P>");
723 return;
724 }
725
726 puts("<DIV CLASS=\"catman\">\n"
727 "<PRE>");
728
729 while (NULL != (p = fgetln(f, &len))) {
730 bold = italic = 0;
731 for (i = 0; i < (int)len - 1; i++) {
732 /*
733 * This means that the catpage is out of state.
734 * Ignore it and keep going (although the
735 * catpage is bogus).
736 */
737
738 if ('\b' == p[i] || '\n' == p[i])
739 continue;
740
741 /*
742 * Print a regular character.
743 * Close out any bold/italic scopes.
744 * If we're in back-space mode, make sure we'll
745 * have something to enter when we backspace.
746 */
747
748 if ('\b' != p[i + 1]) {
749 if (italic)
750 printf("</I>");
751 if (bold)
752 printf("</B>");
753 italic = bold = 0;
754 html_putchar(p[i]);
755 continue;
756 } else if (i + 2 >= (int)len)
757 continue;
758
759 /* Italic mode. */
760
761 if ('_' == p[i]) {
762 if (bold)
763 printf("</B>");
764 if ( ! italic)
765 printf("<I>");
766 bold = 0;
767 italic = 1;
768 i += 2;
769 html_putchar(p[i]);
770 continue;
771 }
772
773 /*
774 * Handle funny behaviour troff-isms.
775 * These grok'd from the original man2html.c.
776 */
777
778 if (('+' == p[i] && 'o' == p[i + 2]) ||
779 ('o' == p[i] && '+' == p[i + 2]) ||
780 ('|' == p[i] && '=' == p[i + 2]) ||
781 ('=' == p[i] && '|' == p[i + 2]) ||
782 ('*' == p[i] && '=' == p[i + 2]) ||
783 ('=' == p[i] && '*' == p[i + 2]) ||
784 ('*' == p[i] && '|' == p[i + 2]) ||
785 ('|' == p[i] && '*' == p[i + 2])) {
786 if (italic)
787 printf("</I>");
788 if (bold)
789 printf("</B>");
790 italic = bold = 0;
791 putchar('*');
792 i += 2;
793 continue;
794 } else if (('|' == p[i] && '-' == p[i + 2]) ||
795 ('-' == p[i] && '|' == p[i + 1]) ||
796 ('+' == p[i] && '-' == p[i + 1]) ||
797 ('-' == p[i] && '+' == p[i + 1]) ||
798 ('+' == p[i] && '|' == p[i + 1]) ||
799 ('|' == p[i] && '+' == p[i + 1])) {
800 if (italic)
801 printf("</I>");
802 if (bold)
803 printf("</B>");
804 italic = bold = 0;
805 putchar('+');
806 i += 2;
807 continue;
808 }
809
810 /* Bold mode. */
811
812 if (italic)
813 printf("</I>");
814 if ( ! bold)
815 printf("<B>");
816 bold = 1;
817 italic = 0;
818 i += 2;
819 html_putchar(p[i]);
820 }
821
822 /*
823 * Clean up the last character.
824 * We can get to a newline; don't print that.
825 */
826
827 if (italic)
828 printf("</I>");
829 if (bold)
830 printf("</B>");
831
832 if (i == (int)len - 1 && '\n' != p[i])
833 html_putchar(p[i]);
834
835 putchar('\n');
836 }
837
838 puts("</PRE>\n"
839 "</DIV>");
840
841 fclose(f);
842 }
843
844 static void
845 format(const struct req *req, const char *file)
846 {
847 struct mparse *mp;
848 int fd;
849 struct mdoc *mdoc;
850 struct man *man;
851 void *vp;
852 enum mandoclevel rc;
853 char opts[PATH_MAX + 128];
854
855 if (-1 == (fd = open(file, O_RDONLY, 0))) {
856 puts("<P>You specified an invalid manual file.</P>");
857 return;
858 }
859
860 mp = mparse_alloc(MPARSE_SO, MANDOCLEVEL_FATAL, NULL,
861 req->q.manpath);
862 rc = mparse_readfd(mp, fd, file);
863 close(fd);
864
865 if (rc >= MANDOCLEVEL_FATAL) {
866 fprintf(stderr, "fatal mandoc error: %s/%s\n",
867 req->q.manpath, file);
868 pg_error_internal();
869 return;
870 }
871
872 snprintf(opts, sizeof(opts), "fragment,man=%s?"
873 "manpath=%s&amp;query=%%N&amp;sec=%%S&amp;arch=%s",
874 scriptname, req->q.manpath,
875 req->q.arch ? req->q.arch : "");
876
877 mparse_result(mp, &mdoc, &man, NULL);
878 if (NULL == man && NULL == mdoc) {
879 fprintf(stderr, "fatal mandoc error: %s/%s\n",
880 req->q.manpath, file);
881 pg_error_internal();
882 mparse_free(mp);
883 return;
884 }
885
886 vp = html_alloc(opts);
887
888 if (NULL != mdoc)
889 html_mdoc(vp, mdoc);
890 else
891 html_man(vp, man);
892
893 html_free(vp);
894 mparse_free(mp);
895 }
896
897 static void
898 resp_show(const struct req *req, const char *file)
899 {
900
901 if ('.' == file[0] && '/' == file[1])
902 file += 2;
903
904 if ('c' == *file)
905 catman(req, file);
906 else
907 format(req, file);
908 }
909
910 static void
911 pg_show(struct req *req, const char *path)
912 {
913 char *sub;
914
915 if (NULL == path || NULL == (sub = strchr(path, '/'))) {
916 pg_error_badrequest(
917 "You did not specify a page to show.");
918 return;
919 }
920 *sub++ = '\0';
921
922 if ( ! validate_manpath(req, path)) {
923 pg_error_badrequest(
924 "You specified an invalid manpath.");
925 return;
926 }
927
928 /*
929 * Begin by chdir()ing into the manpath.
930 * This way we can pick up the database files, which are
931 * relative to the manpath root.
932 */
933
934 if (-1 == chdir(path)) {
935 fprintf(stderr, "chdir %s: %s\n",
936 path, strerror(errno));
937 pg_error_internal();
938 return;
939 }
940
941 if ( ! validate_filename(sub)) {
942 pg_error_badrequest(
943 "You specified an invalid manual file.");
944 return;
945 }
946
947 if (strcmp(path, "mandoc")) {
948 free(req->q.manpath);
949 req->q.manpath = mandoc_strdup(path);
950 }
951
952 resp_begin_html(200, NULL);
953 resp_searchform(req);
954 resp_show(req, sub);
955 resp_end_html();
956 }
957
958 static void
959 pg_search(const struct req *req)
960 {
961 struct mansearch search;
962 struct manpaths paths;
963 struct manpage *res;
964 char **cp;
965 const char *ep, *start;
966 size_t ressz;
967 int i, sz;
968
969 /*
970 * Begin by chdir()ing into the root of the manpath.
971 * This way we can pick up the database files, which are
972 * relative to the manpath root.
973 */
974
975 if (-1 == (chdir(req->q.manpath))) {
976 fprintf(stderr, "chdir %s: %s\n",
977 req->q.manpath, strerror(errno));
978 pg_error_internal();
979 return;
980 }
981
982 search.arch = req->q.arch;
983 search.sec = req->q.sec;
984 search.deftype = req->q.equal ? TYPE_Nm : (TYPE_Nm | TYPE_Nd);
985 search.flags = req->q.equal ? MANSEARCH_MAN : 0;
986
987 paths.sz = 1;
988 paths.paths = mandoc_malloc(sizeof(char *));
989 paths.paths[0] = mandoc_strdup(".");
990
991 /*
992 * Poor man's tokenisation: just break apart by spaces.
993 * Yes, this is half-ass. But it works for now.
994 */
995
996 ep = req->q.expr;
997 while (ep && isspace((unsigned char)*ep))
998 ep++;
999
1000 sz = 0;
1001 cp = NULL;
1002 while (ep && '\0' != *ep) {
1003 cp = mandoc_reallocarray(cp, sz + 1, sizeof(char *));
1004 start = ep;
1005 while ('\0' != *ep && ! isspace((unsigned char)*ep))
1006 ep++;
1007 cp[sz] = mandoc_malloc((ep - start) + 1);
1008 memcpy(cp[sz], start, ep - start);
1009 cp[sz++][ep - start] = '\0';
1010 while (isspace((unsigned char)*ep))
1011 ep++;
1012 }
1013
1014 if (0 == mansearch(&search, &paths, sz, cp, "Nd", &res, &ressz))
1015 pg_noresult(req, "You entered an invalid query.");
1016 else if (0 == ressz)
1017 pg_noresult(req, "No results found.");
1018 else
1019 pg_searchres(req, res, ressz);
1020
1021 for (i = 0; i < sz; i++)
1022 free(cp[i]);
1023 free(cp);
1024
1025 for (i = 0; i < (int)ressz; i++) {
1026 free(res[i].file);
1027 free(res[i].names);
1028 free(res[i].output);
1029 }
1030 free(res);
1031
1032 free(paths.paths[0]);
1033 free(paths.paths);
1034 }
1035
1036 int
1037 main(void)
1038 {
1039 struct req req;
1040 const char *path;
1041 const char *querystring;
1042 int i;
1043
1044 /* Scan our run-time environment. */
1045
1046 if (NULL == (scriptname = getenv("SCRIPT_NAME")))
1047 scriptname = "";
1048
1049 if ( ! validate_urifrag(scriptname)) {
1050 fprintf(stderr, "unsafe SCRIPT_NAME \"%s\"\n",
1051 scriptname);
1052 pg_error_internal();
1053 return(EXIT_FAILURE);
1054 }
1055
1056 /*
1057 * First we change directory into the MAN_DIR so that
1058 * subsequent scanning for manpath directories is rooted
1059 * relative to the same position.
1060 */
1061
1062 if (-1 == chdir(MAN_DIR)) {
1063 fprintf(stderr, "MAN_DIR: %s: %s\n",
1064 MAN_DIR, strerror(errno));
1065 pg_error_internal();
1066 return(EXIT_FAILURE);
1067 }
1068
1069 memset(&req, 0, sizeof(struct req));
1070 pathgen(&req);
1071
1072 /* Next parse out the query string. */
1073
1074 if (NULL != (querystring = getenv("QUERY_STRING")))
1075 http_parse(&req, querystring);
1076
1077 if ( ! validate_manpath(&req, req.q.manpath)) {
1078 pg_error_badrequest(
1079 "You specified an invalid manpath.");
1080 return(EXIT_FAILURE);
1081 }
1082
1083 if ( ! (NULL == req.q.arch || validate_urifrag(req.q.arch))) {
1084 pg_error_badrequest(
1085 "You specified an invalid architecture.");
1086 return(EXIT_FAILURE);
1087 }
1088
1089 /* Dispatch to the three different pages. */
1090
1091 path = getenv("PATH_INFO");
1092 if (NULL == path)
1093 path = "";
1094 else if ('/' == *path)
1095 path++;
1096
1097 if ('\0' != *path)
1098 pg_show(&req, path);
1099 else if (NULL != req.q.expr)
1100 pg_search(&req);
1101 else
1102 pg_index(&req);
1103
1104 free(req.q.manpath);
1105 free(req.q.arch);
1106 free(req.q.sec);
1107 free(req.q.expr);
1108 for (i = 0; i < (int)req.psz; i++)
1109 free(req.p[i]);
1110 free(req.p);
1111 return(EXIT_SUCCESS);
1112 }
1113
1114 /*
1115 * Scan for indexable paths.
1116 */
1117 static void
1118 pathgen(struct req *req)
1119 {
1120 FILE *fp;
1121 char *dp;
1122 size_t dpsz;
1123
1124 if (NULL == (fp = fopen("manpath.conf", "r"))) {
1125 fprintf(stderr, "%s/manpath.conf: %s\n",
1126 MAN_DIR, strerror(errno));
1127 pg_error_internal();
1128 exit(EXIT_FAILURE);
1129 }
1130
1131 while (NULL != (dp = fgetln(fp, &dpsz))) {
1132 if ('\n' == dp[dpsz - 1])
1133 dpsz--;
1134 req->p = mandoc_realloc(req->p,
1135 (req->psz + 1) * sizeof(char *));
1136 dp = mandoc_strndup(dp, dpsz);
1137 if ( ! validate_urifrag(dp)) {
1138 fprintf(stderr, "%s/manpath.conf contains "
1139 "unsafe path \"%s\"\n", MAN_DIR, dp);
1140 pg_error_internal();
1141 exit(EXIT_FAILURE);
1142 }
1143 if (NULL != strchr(dp, '/')) {
1144 fprintf(stderr, "%s/manpath.conf contains "
1145 "path with slash \"%s\"\n", MAN_DIR, dp);
1146 pg_error_internal();
1147 exit(EXIT_FAILURE);
1148 }
1149 req->p[req->psz++] = dp;
1150 }
1151
1152 if ( req->p == NULL ) {
1153 fprintf(stderr, "%s/manpath.conf is empty\n", MAN_DIR);
1154 pg_error_internal();
1155 exit(EXIT_FAILURE);
1156 }
1157 }