While we do not recommend the idiom ".Fl Fl long" for long options

[mandoc.git] / cgi.c
diff --git a/cgi.c b/cgi.c

index 7585e5896a1426508b625ba0065548de97767dd2..6d0e3293a95db6fa58fc79f6d3401ede0b2eee9f 100644 (file)
--- a/cgi.c
+++ b/cgi.c
@@ -1,143 +1,161 @@
-/*     $Id: cgi.c,v 1.12 2011/12/07 13:00:40 kristaps Exp $ */
+/* $Id: cgi.c,v 1.172 2020/04/03 11:35:01 schwarze Exp $ */
  /*
  /*
- * Copyright (c) 2011 Kristaps Dzonsons <kristaps@bsd.lv>
+ * Copyright (c) 2014-2019 Ingo Schwarze <schwarze@usta.de>
+ * Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv>
   *
   * Permission to use, copy, modify, and distribute this software for any
   * purpose with or without fee is hereby granted, provided that the above
   * copyright notice and this permission notice appear in all copies.
   *
   *
   * Permission to use, copy, modify, and distribute this software for any
   * purpose with or without fee is hereby granted, provided that the above
   * copyright notice and this permission notice appear in all copies.
   *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
   * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
   * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR
   * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
   * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
   * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
   * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
   * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
   * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
   * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
   * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Implementation of the man.cgi(8) program.
   */
   */
-#ifdef HAVE_CONFIG_H
  #include "config.h"
  #include "config.h"
-#endif
  
  
-#include <sys/param.h>
-#include <sys/wait.h>
+#include <sys/types.h>
+#include <sys/time.h>
  
  
-#include <assert.h>
  #include <ctype.h>
  #include <ctype.h>
+#if HAVE_ERR
+#include <err.h>
+#endif
  #include <errno.h>
  #include <fcntl.h>
  #include <limits.h>
  #include <errno.h>
  #include <fcntl.h>
  #include <limits.h>
-#include <regex.h>
-#include <stdio.h>
-#include <stdarg.h>
  #include <stdint.h>
  #include <stdint.h>
+#include <stdio.h>
  #include <stdlib.h>
  #include <string.h>
  #include <unistd.h>
  
  #include <stdlib.h>
  #include <string.h>
  #include <unistd.h>
  
-#include "apropos_db.h"
+#include "mandoc_aux.h"
  #include "mandoc.h"
  #include "mandoc.h"
+#include "roff.h"
  #include "mdoc.h"
  #include "man.h"
  #include "mdoc.h"
  #include "man.h"
+#include "mandoc_parse.h"
  #include "main.h"
  #include "main.h"
-#include "manpath.h"
-
-#ifdef __linux__
-# include <db_185.h>
-#else
-# include <db.h>
-#endif
+#include "manconf.h"
+#include "mansearch.h"
+#include "cgi.h"
  
  
-enum   page {
-       PAGE_INDEX,
-       PAGE_SEARCH,
-       PAGE_SHOW,
-       PAGE__MAX
+/*
+ * A query as passed to the search function.
+ */
+struct query {
+       char            *manpath; /* desired manual directory */
+       char            *arch; /* architecture */
+       char            *sec; /* manual section */
+       char            *query; /* unparsed query expression */
+       int              equal; /* match whole names, not substrings */
  };
  
  };
  
-struct kval {
-       char            *key;
-       char            *val;
+struct req {
+       struct query      q;
+       char            **p; /* array of available manpaths */
+       size_t            psz; /* number of available manpaths */
+       int               isquery; /* QUERY_STRING used, not PATH_INFO */
  };
  
  };
  
-struct req {
-       struct kval     *fields;
-       size_t           fieldsz;
-       enum page        page;
+enum   focus {
+       FOCUS_NONE = 0,
+       FOCUS_QUERY
  };
  
  };
  
-static int              atou(const char *, unsigned *);
-static void             catman(const char *);
-static void             format(const char *);
  static void             html_print(const char *);
  static void             html_putchar(char);
  static void             html_print(const char *);
  static void             html_putchar(char);
-static int              kval_decode(char *);
-static void             kval_parse(struct kval **, size_t *, char *);
-static void             kval_free(struct kval *, size_t);
-static void             pg_index(const struct manpaths *,
-                               const struct req *, char *);
-static void             pg_search(const struct manpaths *,
-                               const struct req *, char *);
-static void             pg_show(const struct manpaths *,
-                               const struct req *, char *);
-static void             resp_bad(void);
-static void             resp_baddb(void);
-static void             resp_error400(void);
-static void             resp_error404(const char *);
-static void             resp_begin_html(int, const char *);
+static int              http_decode(char *);
+static void             http_encode(const char *);
+static void             parse_manpath_conf(struct req *);
+static void             parse_path_info(struct req *, const char *);
+static void             parse_query_string(struct req *, const char *);
+static void             pg_error_badrequest(const char *);
+static void             pg_error_internal(void);
+static void             pg_index(const struct req *);
+static void             pg_noresult(const struct req *, int, const char *,
+                               const char *);
+static void             pg_redirect(const struct req *, const char *);
+static void             pg_search(const struct req *);
+static void             pg_searchres(const struct req *,
+                               struct manpage *, size_t);
+static void             pg_show(struct req *, const char *);
+static void             resp_begin_html(int, const char *, const char *);
  static void             resp_begin_http(int, const char *);
  static void             resp_begin_http(int, const char *);
+static void             resp_catman(const struct req *, const char *);
+static void             resp_copy(const char *);
  static void             resp_end_html(void);
  static void             resp_end_html(void);
-static void             resp_index(const struct req *);
-static void             resp_search(struct res *, size_t, void *);
-static void             resp_searchform(const struct req *);
-
-static const char       *progname;
-static const char       *cache;
-static const char       *host;
-
-static const char * const pages[PAGE__MAX] = {
-       "index", /* PAGE_INDEX */ 
-       "search", /* PAGE_SEARCH */
-       "show", /* PAGE_SHOW */
+static void             resp_format(const struct req *, const char *);
+static void             resp_searchform(const struct req *, enum focus);
+static void             resp_show(const struct req *, const char *);
+static void             set_query_attr(char **, char **);
+static int              validate_arch(const char *);
+static int              validate_filename(const char *);
+static int              validate_manpath(const struct req *, const char *);
+static int              validate_urifrag(const char *);
+
+static const char       *scriptname = SCRIPT_NAME;
+
+static const int sec_prios[] = {1, 4, 5, 8, 6, 3, 7, 2, 9};
+static const char *const sec_numbers[] = {
+    "0", "1", "2", "3", "3p", "4", "5", "6", "7", "8", "9"
  };
  };
+static const char *const sec_names[] = {
+    "All Sections",
+    "1 - General Commands",
+    "2 - System Calls",
+    "3 - Library Functions",
+    "3p - Perl Library",
+    "4 - Device Drivers",
+    "5 - File Formats",
+    "6 - Games",
+    "7 - Miscellaneous Information",
+    "8 - System Manager\'s Manual",
+    "9 - Kernel Developer\'s Manual"
+};
+static const int sec_MAX = sizeof(sec_names) / sizeof(char *);
+
+static const char *const arch_names[] = {
+    "amd64",       "alpha",       "armv7",     "arm64",
+    "hppa",        "i386",        "landisk",
+    "loongson",    "luna88k",     "macppc",      "mips64",
+    "octeon",      "sgi",         "socppc",      "sparc64",
+    "amiga",       "arc",         "armish",      "arm32",
+    "atari",       "aviion",      "beagle",      "cats",
+    "hppa64",      "hp300",
+    "ia64",        "mac68k",      "mvme68k",     "mvme88k",
+    "mvmeppc",     "palm",        "pc532",       "pegasos",
+    "pmax",        "powerpc",     "solbourne",   "sparc",
+    "sun3",        "vax",         "wgrisc",      "x68k",
+    "zaurus"
+};
+static const int arch_MAX = sizeof(arch_names) / sizeof(char *);
  
  /*
  
  /*
- * This is just OpenBSD's strtol(3) suggestion.
- * I use it instead of strtonum(3) for portability's sake.
+ * Print a character, escaping HTML along the way.
+ * This will pass non-ASCII straight to output: be warned!
   */
   */
-static int
-atou(const char *buf, unsigned *v)
-{
-       char            *ep;
-       long             lval;
-
-       errno = 0;
-       lval = strtol(buf, &ep, 10);
-       if (buf[0] == '\0' || *ep != '\0')
-               return(0);
-       if ((errno == ERANGE && (lval == LONG_MAX || 
-                                       lval == LONG_MIN)) ||
-                       (lval > UINT_MAX || lval < 0))
-               return(0);
-
-       *v = (unsigned int)lval;
-       return(1);
-}
-
  static void
  html_putchar(char c)
  {
  
         switch (c) {
  static void
  html_putchar(char c)
  {
  
         switch (c) {
-       case ('"'):
-               printf("&quote;");
+       case '"':
+               printf("&quot;");
                 break;
                 break;
-       case ('&'):
+       case '&':
                 printf("&amp;");
                 break;
                 printf("&amp;");
                 break;
-       case ('>'):
+       case '>':
                 printf("&gt;");
                 break;
                 printf("&gt;");
                 break;
-       case ('<'):
+       case '<':
                 printf("&lt;");
                 break;
         default:
                 printf("&lt;");
                 break;
         default:
@@ -147,91 +165,123 @@ html_putchar(char c)
  }
  
  /*
  }
  
  /*
- * Print a word, escaping HTML along the way.
- * This will pass non-ASCII straight to output: be warned!
+ * Call through to html_putchar().
+ * Accepts NULL strings.
   */
  static void
  html_print(const char *p)
  {
   */
  static void
  html_print(const char *p)
  {
-       
+
         if (NULL == p)
                 return;
         while ('\0' != *p)
                 html_putchar(*p++);
  }
  
         if (NULL == p)
                 return;
         while ('\0' != *p)
                 html_putchar(*p++);
  }
  
+/*
+ * Transfer the responsibility for the allocated string *val
+ * to the query structure.
+ */
  static void
  static void
-kval_free(struct kval *p, size_t sz)
+set_query_attr(char **attr, char **val)
  {
  {
-       int              i;
  
  
-       for (i = 0; i < (int)sz; i++) {
-               free(p[i].key);
-               free(p[i].val);
-       }
-       free(p);
+       free(*attr);
+       if (**val == '\0') {
+               *attr = NULL;
+               free(*val);
+       } else
+               *attr = *val;
+       *val = NULL;
  }
  
  /*
  }
  
  /*
- * Parse out key-value pairs from an HTTP request variable.
- * This can be either a cookie or a POST/GET string, although man.cgi
- * uses only GET for simplicity.
+ * Parse the QUERY_STRING for key-value pairs
+ * and store the values into the query structure.
   */
  static void
   */
  static void
-kval_parse(struct kval **kv, size_t *kvsz, char *p)
+parse_query_string(struct req *req, const char *qs)
  {
  {
-       char            *key, *val;
-       size_t           sz, cur;
+       char            *key, *val;
+       size_t           keysz, valsz;
  
  
-       cur = 0;
+       req->isquery    = 1;
+       req->q.manpath  = NULL;
+       req->q.arch     = NULL;
+       req->q.sec      = NULL;
+       req->q.query    = NULL;
+       req->q.equal    = 1;
  
  
-       while (p && '\0' != *p) {
-               while (' ' == *p)
-                       p++;
+       key = val = NULL;
+       while (*qs != '\0') {
  
  
-               key = p;
-               val = NULL;
+               /* Parse one key. */
  
  
-               if (NULL != (p = strchr(p, '='))) {
-                       *p++ = '\0';
-                       val = p;
+               keysz = strcspn(qs, "=;&");
+               key = mandoc_strndup(qs, keysz);
+               qs += keysz;
+               if (*qs != '=')
+                       goto next;
  
  
-                       sz = strcspn(p, ";&");
-                       /* LINTED */
-                       p += sz;
+               /* Parse one value. */
  
  
-                       if ('\0' != *p)
-                               *p++ = '\0';
-               } else {
-                       p = key;
-                       sz = strcspn(p, ";&");
-                       /* LINTED */
-                       p += sz;
+               valsz = strcspn(++qs, ";&");
+               val = mandoc_strndup(qs, valsz);
+               qs += valsz;
  
  
-                       if ('\0' != *p)
-                               p++;
-                       continue;
-               }
+               /* Decode and catch encoding errors. */
  
  
-               if ('\0' == *key || '\0' == *val)
-                       continue;
+               if ( ! (http_decode(key) && http_decode(val)))
+                       goto next;
  
  
-               /* Just abort handling. */
+               /* Handle key-value pairs. */
  
  
-               if ( ! kval_decode(key))
-                       return;
-               if ( ! kval_decode(val))
-                       return;
+               if ( ! strcmp(key, "query"))
+                       set_query_attr(&req->q.query, &val);
+
+               else if ( ! strcmp(key, "apropos"))
+                       req->q.equal = !strcmp(val, "0");
+
+               else if ( ! strcmp(key, "manpath")) {
+#ifdef COMPAT_OLDURI
+                       if ( ! strncmp(val, "OpenBSD ", 8)) {
+                               val[7] = '-';
+                               if ('C' == val[8])
+                                       val[8] = 'c';
+                       }
+#endif
+                       set_query_attr(&req->q.manpath, &val);
+               }
+
+               else if ( ! (strcmp(key, "sec")
+#ifdef COMPAT_OLDURI
+                   && strcmp(key, "sektion")
+#endif
+                   )) {
+                       if ( ! strcmp(val, "0"))
+                               *val = '\0';
+                       set_query_attr(&req->q.sec, &val);
+               }
  
  
-               if (*kvsz + 1 >= cur) {
-                       cur++;
-                       *kv = mandoc_realloc
-                               (*kv, cur * sizeof(struct kval));
+               else if ( ! strcmp(key, "arch")) {
+                       if ( ! strcmp(val, "default"))
+                               *val = '\0';
+                       set_query_attr(&req->q.arch, &val);
                 }
  
                 }
  
-               (*kv)[(int)*kvsz].key = mandoc_strdup(key);
-               (*kv)[(int)*kvsz].val = mandoc_strdup(val);
-               (*kvsz)++;
+               /*
+                * The key must be freed in any case.
+                * The val may have been handed over to the query
+                * structure, in which case it is now NULL.
+                */
+next:
+               free(key);
+               key = NULL;
+               free(val);
+               val = NULL;
+
+               if (*qs != '\0')
+                       qs++;
         }
  }
  
         }
  }
  
@@ -241,32 +291,46 @@ kval_parse(struct kval **kv, size_t *kvsz, char *p)
   * over the allocated string.
   */
  static int
   * over the allocated string.
   */
  static int
-kval_decode(char *p)
+http_decode(char *p)
  {
         char             hex[3];
  {
         char             hex[3];
+       char            *q;
         int              c;
  
         hex[2] = '\0';
  
         int              c;
  
         hex[2] = '\0';
  
-       for ( ; '\0' != *p; p++) {
+       q = p;
+       for ( ; '\0' != *p; p++, q++) {
                 if ('%' == *p) {
                         if ('\0' == (hex[0] = *(p + 1)))
                 if ('%' == *p) {
                         if ('\0' == (hex[0] = *(p + 1)))
-                               return(0);
+                               return 0;
                         if ('\0' == (hex[1] = *(p + 2)))
                         if ('\0' == (hex[1] = *(p + 2)))
-                               return(0);
+                               return 0;
                         if (1 != sscanf(hex, "%x", &c))
                         if (1 != sscanf(hex, "%x", &c))
-                               return(0);
+                               return 0;
                         if ('\0' == c)
                         if ('\0' == c)
-                               return(0);
+                               return 0;
  
  
-                       *p = (char)c;
-                       memmove(p + 1, p + 3, strlen(p + 3) + 1);
+                       *q = (char)c;
+                       p += 2;
                 } else
                 } else
-                       *p = '+' == *p ? ' ' : *p;
+                       *q = '+' == *p ? ' ' : *p;
         }
  
         }
  
-       *p = '\0';
-       return(1);
+       *q = '\0';
+       return 1;
+}
+
+static void
+http_encode(const char *p)
+{
+       for (; *p != '\0'; p++) {
+               if (isalnum((unsigned char)*p) == 0 &&
+                   strchr("-._~", *p) == NULL)
+                       printf("%%%2.2X", (unsigned char)*p);
+               else
+                       putchar(*p);
+       }
  }
  
  static void
  }
  
  static void
@@ -274,230 +338,407 @@ resp_begin_http(int code, const char *msg)
  {
  
         if (200 != code)
  {
  
         if (200 != code)
-               printf("Status: %d %s\n", code, msg);
+               printf("Status: %d %s\r\n", code, msg);
  
  
-       puts("Content-Type: text/html; charset=utf-8"           "\n"
-            "Cache-Control: no-cache"                          "\n"
-            "Pragma: no-cache"                                 "\n"
-            "");
+       printf("Content-Type: text/html; charset=utf-8\r\n"
+            "Cache-Control: no-cache\r\n"
+            "Content-Security-Policy: default-src 'none'; "
+            "style-src 'self' 'unsafe-inline'\r\n"
+            "Pragma: no-cache\r\n"
+            "\r\n");
  
         fflush(stdout);
  }
  
  static void
  
         fflush(stdout);
  }
  
  static void
-resp_begin_html(int code, const char *msg)
+resp_copy(const char *filename)
+{
+       char     buf[4096];
+       ssize_t  sz;
+       int      fd;
+
+       if ((fd = open(filename, O_RDONLY)) != -1) {
+               fflush(stdout);
+               while ((sz = read(fd, buf, sizeof(buf))) > 0)
+                       write(STDOUT_FILENO, buf, sz);
+               close(fd);
+       }
+}
+
+static void
+resp_begin_html(int code, const char *msg, const char *file)
  {
  {
+       char    *cp;
  
         resp_begin_http(code, msg);
  
  
         resp_begin_http(code, msg);
  
-       puts("<!DOCTYPE HTML PUBLIC "                           "\n"
-            " \"-//W3C//DTD HTML 4.01//EN\""                   "\n"
-            " \"http://www.w3.org/TR/html4/strict.dtd\">"      "\n"
-            "<HTML>"                                           "\n"
-            " <HEAD>"                                          "\n"
-            "   <META HTTP-EQUIV=\"Content-Type\" "            "\n"
-            "         CONTENT=\"text/html; charset=utf-8\">"   "\n"
-            "  <LINK REL=\"stylesheet\" HREF=\"/man.cgi.css\"" "\n"
-            "        TYPE=\"text/css\" media=\"all\">"         "\n"
-            "  <TITLE>System Manpage Reference</TITLE>"        "\n"
-            " </HEAD>"                                         "\n"
-            " <BODY>"                                          "\n"
-            "<!-- Begin page content. //-->");
+       printf("<!DOCTYPE html>\n"
+              "<html>\n"
+              "<head>\n"
+              "  <meta charset=\"UTF-8\"/>\n"
+              "  <meta name=\"viewport\""
+                     " content=\"width=device-width, initial-scale=1.0\">\n"
+              "  <link rel=\"stylesheet\" href=\"%s/mandoc.css\""
+              " type=\"text/css\" media=\"all\">\n"
+              "  <title>",
+              CSS_DIR);
+       if (file != NULL) {
+               if ((cp = strrchr(file, '/')) != NULL)
+                       file = cp + 1;
+               if ((cp = strrchr(file, '.')) != NULL) {
+                       printf("%.*s(%s) - ", (int)(cp - file), file, cp + 1);
+               } else
+                       printf("%s - ", file);
+       }
+       printf("%s</title>\n"
+              "</head>\n"
+              "<body>\n",
+              CUSTOMIZE_TITLE);
+
+       resp_copy(MAN_DIR "/header.html");
  }
  
  static void
  resp_end_html(void)
  {
  
  }
  
  static void
  resp_end_html(void)
  {
  
-       puts(" </BODY>\n</HTML>");
+       resp_copy(MAN_DIR "/footer.html");
+
+       puts("</body>\n"
+            "</html>");
  }
  
  static void
  }
  
  static void
-resp_searchform(const struct req *req)
+resp_searchform(const struct req *req, enum focus focus)
  {
  {
-       int              i;
-       const char      *expr, *sec, *arch;
-
-       expr = sec = arch = "";
-
-       for (i = 0; i < (int)req->fieldsz; i++)
-               if (0 == strcmp(req->fields[i].key, "expr"))
-                       expr = req->fields[i].val;
-               else if (0 == strcmp(req->fields[i].key, "sec"))
-                       sec = req->fields[i].val;
-               else if (0 == strcmp(req->fields[i].key, "arch"))
-                       arch = req->fields[i].val;
-
-       puts("<!-- Begin search form. //-->");
-       printf("<FORM ACTION=\"");
-       html_print(progname);
-       printf("/search.html\" METHOD=\"get\">\n");
-       puts("<FIELDSET>\n"
-            "<INPUT TYPE=\"submit\" NAME=\"op\" "
-             "VALUE=\"Whatis\"> or \n"
-            "<INPUT TYPE=\"submit\" NAME=\"op\" "
-             "VALUE=\"apropos\"> for manuals satisfying \n"
-            "<INPUT TYPE=\"text\" SIZE=\"40\" "
-             "NAME=\"expr\" VALUE=\"");
-       html_print(expr);
-       puts("\">, section "
-            "<INPUT TYPE=\"text\" "
-             "SIZE=\"4\" NAME=\"sec\" VALUE=\"");
-       html_print(sec);
-       puts("\">, arch "
-            "<INPUT TYPE=\"text\" "
-             "SIZE=\"8\" NAME=\"arch\" VALUE=\"");
-       html_print(arch);
-       puts("\">.\n"
-            "<INPUT TYPE=\"reset\" VALUE=\"Reset\">\n"
-            "</FIELDSET>\n"
-            "</FORM>\n"
-            "<!-- End search form. //-->");
+       int              i;
+
+       printf("<form action=\"/%s\" method=\"get\" "
+              "autocomplete=\"off\" autocapitalize=\"none\">\n"
+              "  <fieldset>\n"
+              "    <legend>Manual Page Search Parameters</legend>\n",
+              scriptname);
+
+       /* Write query input box. */
+
+       printf("    <input type=\"search\" name=\"query\" value=\"");
+       if (req->q.query != NULL)
+               html_print(req->q.query);
+       printf( "\" size=\"40\"");
+       if (focus == FOCUS_QUERY)
+               printf(" autofocus");
+       puts(">");
+
+       /* Write submission buttons. */
+
+       printf( "    <button type=\"submit\" name=\"apropos\" value=\"0\">"
+               "man</button>\n"
+               "    <button type=\"submit\" name=\"apropos\" value=\"1\">"
+               "apropos</button>\n"
+               "    <br/>\n");
+
+       /* Write section selector. */
+
+       puts("    <select name=\"sec\">");
+       for (i = 0; i < sec_MAX; i++) {
+               printf("      <option value=\"%s\"", sec_numbers[i]);
+               if (NULL != req->q.sec &&
+                   0 == strcmp(sec_numbers[i], req->q.sec))
+                       printf(" selected=\"selected\"");
+               printf(">%s</option>\n", sec_names[i]);
+       }
+       puts("    </select>");
+
+       /* Write architecture selector. */
+
+       printf( "    <select name=\"arch\">\n"
+               "      <option value=\"default\"");
+       if (NULL == req->q.arch)
+               printf(" selected=\"selected\"");
+       puts(">All Architectures</option>");
+       for (i = 0; i < arch_MAX; i++) {
+               printf("      <option");
+               if (NULL != req->q.arch &&
+                   0 == strcmp(arch_names[i], req->q.arch))
+                       printf(" selected=\"selected\"");
+               printf(">%s</option>\n", arch_names[i]);
+       }
+       puts("    </select>");
+
+       /* Write manpath selector. */
+
+       if (req->psz > 1) {
+               puts("    <select name=\"manpath\">");
+               for (i = 0; i < (int)req->psz; i++) {
+                       printf("      <option");
+                       if (strcmp(req->q.manpath, req->p[i]) == 0)
+                               printf(" selected=\"selected\"");
+                       printf(">");
+                       html_print(req->p[i]);
+                       puts("</option>");
+               }
+               puts("    </select>");
+       }
+
+       puts("  </fieldset>\n"
+            "</form>");
+}
+
+static int
+validate_urifrag(const char *frag)
+{
+
+       while ('\0' != *frag) {
+               if ( ! (isalnum((unsigned char)*frag) ||
+                   '-' == *frag || '.' == *frag ||
+                   '/' == *frag || '_' == *frag))
+                       return 0;
+               frag++;
+       }
+       return 1;
+}
+
+static int
+validate_manpath(const struct req *req, const char* manpath)
+{
+       size_t   i;
+
+       for (i = 0; i < req->psz; i++)
+               if ( ! strcmp(manpath, req->p[i]))
+                       return 1;
+
+       return 0;
+}
+
+static int
+validate_arch(const char *arch)
+{
+       int      i;
+
+       for (i = 0; i < arch_MAX; i++)
+               if (strcmp(arch, arch_names[i]) == 0)
+                       return 1;
+
+       return 0;
+}
+
+static int
+validate_filename(const char *file)
+{
+
+       if ('.' == file[0] && '/' == file[1])
+               file += 2;
+
+       return ! (strstr(file, "../") || strstr(file, "/..") ||
+           (strncmp(file, "man", 3) && strncmp(file, "cat", 3)));
  }
  
  static void
  }
  
  static void
-resp_index(const struct req *req)
+pg_index(const struct req *req)
  {
  
  {
  
-       resp_begin_html(200, NULL);
-       resp_searchform(req);
+       resp_begin_html(200, NULL, NULL);
+       resp_searchform(req, FOCUS_QUERY);
+       printf("<p>\n"
+              "This web interface is documented in the\n"
+              "<a class=\"Xr\" href=\"/%s%sman.cgi.8\">man.cgi(8)</a>\n"
+              "manual, and the\n"
+              "<a class=\"Xr\" href=\"/%s%sapropos.1\">apropos(1)</a>\n"
+              "manual explains the query syntax.\n"
+              "</p>\n",
+              scriptname, *scriptname == '\0' ? "" : "/",
+              scriptname, *scriptname == '\0' ? "" : "/");
         resp_end_html();
  }
  
  static void
         resp_end_html();
  }
  
  static void
-resp_error400(void)
+pg_noresult(const struct req *req, int code, const char *http_msg,
+    const char *user_msg)
  {
  {
-
-       resp_begin_html(400, "Query Malformed");
-       printf("<H1>Malformed Query</H1>\n"
-              "<P>\n"
-              "  The query your entered was malformed.\n"
-              "  Try again from the\n"
-              "  <A HREF=\"%s/index.html\">main page</A>\n"
-              "</P>", progname);
+       resp_begin_html(code, http_msg, NULL);
+       resp_searchform(req, FOCUS_QUERY);
+       puts("<p>");
+       puts(user_msg);
+       puts("</p>");
         resp_end_html();
  }
  
  static void
         resp_end_html();
  }
  
  static void
-resp_error404(const char *page)
+pg_error_badrequest(const char *msg)
  {
  
  {
  
-       resp_begin_html(404, "Not Found");
-       puts("<H1>Page Not Found</H1>\n"
-            "<P>\n"
-            "  The page you're looking for, ");
-       printf("  <B>");
-       html_print(page);
-       printf("</B>,\n"
-              "  could not be found.\n"
-              "  Try searching from the\n"
-              "  <A HREF=\"%s/index.html\">main page</A>\n"
-              "</P>", progname);
+       resp_begin_html(400, "Bad Request", NULL);
+       puts("<h1>Bad Request</h1>\n"
+            "<p>\n");
+       puts(msg);
+       printf("Try again from the\n"
+              "<a href=\"/%s\">main page</a>.\n"
+              "</p>", scriptname);
         resp_end_html();
  }
  
  static void
         resp_end_html();
  }
  
  static void
-resp_bad(void)
+pg_error_internal(void)
  {
  {
-       resp_begin_html(500, "Internal Server Error");
-       puts("<P>Generic badness happened.</P>");
+       resp_begin_html(500, "Internal Server Error", NULL);
+       puts("<p>Internal Server Error</p>");
         resp_end_html();
  }
  
  static void
         resp_end_html();
  }
  
  static void
-resp_baddb(void)
+pg_redirect(const struct req *req, const char *name)
  {
  {
-
-       resp_begin_html(500, "Internal Server Error");
-       puts("<P>Your database is broken.</P>");
-       resp_end_html();
+       printf("Status: 303 See Other\r\n"
+           "Location: /");
+       if (*scriptname != '\0')
+               printf("%s/", scriptname);
+       if (strcmp(req->q.manpath, req->p[0]))
+               printf("%s/", req->q.manpath);
+       if (req->q.arch != NULL)
+               printf("%s/", req->q.arch);
+       http_encode(name);
+       if (req->q.sec != NULL) {
+               putchar('.');
+               http_encode(req->q.sec);
+       }
+       printf("\r\nContent-Type: text/html; charset=utf-8\r\n\r\n");
  }
  
  static void
  }
  
  static void
-resp_search(struct res *r, size_t sz, void *arg)
+pg_searchres(const struct req *req, struct manpage *r, size_t sz)
  {
  {
-       int              i;
+       char            *arch, *archend;
+       const char      *sec;
+       size_t           i, iuse;
+       int              archprio, archpriouse;
+       int              prio, priouse;
+
+       for (i = 0; i < sz; i++) {
+               if (validate_filename(r[i].file))
+                       continue;
+               warnx("invalid filename %s in %s database",
+                   r[i].file, req->q.manpath);
+               pg_error_internal();
+               return;
+       }
  
  
-       if (1 == sz) {
+       if (req->isquery && sz == 1) {
                 /*
                  * If we have just one result, then jump there now
                  * without any delay.
                  */
                 /*
                  * If we have just one result, then jump there now
                  * without any delay.
                  */
-               puts("Status: 303 See Other");
-               printf("Location: http://%s%s/show/%u/%u.html\n",
-                               host, progname,
-                               r[0].volume, r[0].rec);
-               puts("Content-Type: text/html; charset=utf-8\n");
+               printf("Status: 303 See Other\r\n"
+                   "Location: /");
+               if (*scriptname != '\0')
+                       printf("%s/", scriptname);
+               if (strcmp(req->q.manpath, req->p[0]))
+                       printf("%s/", req->q.manpath);
+               printf("%s\r\n"
+                   "Content-Type: text/html; charset=utf-8\r\n\r\n",
+                   r[0].file);
                 return;
         }
  
                 return;
         }
  
-       resp_begin_html(200, NULL);
-       resp_searchform((const struct req *)arg);
-
-       if (0 == sz)
-               puts("<P>No results found.</P>");
+       /*
+        * In man(1) mode, show one of the pages
+        * even if more than one is found.
+        */
  
  
-       for (i = 0; i < (int)sz; i++) {
-               printf("<P><A HREF=\"");
-               html_print(progname);
-               printf("/show/%u/%u.html\">", r[i].volume, r[i].rec);
-               html_print(r[i].title);
-               putchar('(');
-               html_print(r[i].cat);
-               if (r[i].arch && '\0' != *r[i].arch) {
-                       putchar('/');
-                       html_print(r[i].arch);
+       iuse = 0;
+       if (req->q.equal || sz == 1) {
+               priouse = 20;
+               archpriouse = 3;
+               for (i = 0; i < sz; i++) {
+                       sec = r[i].file;
+                       sec += strcspn(sec, "123456789");
+                       if (sec[0] == '\0')
+                               continue;
+                       prio = sec_prios[sec[0] - '1'];
+                       if (sec[1] != '/')
+                               prio += 10;
+                       if (req->q.arch == NULL) {
+                               archprio =
+                                   ((arch = strchr(sec + 1, '/'))
+                                       == NULL) ? 3 :
+                                   ((archend = strchr(arch + 1, '/'))
+                                       == NULL) ? 0 :
+                                   strncmp(arch, "amd64/",
+                                       archend - arch) ? 2 : 1;
+                               if (archprio < archpriouse) {
+                                       archpriouse = archprio;
+                                       priouse = prio;
+                                       iuse = i;
+                                       continue;
+                               }
+                               if (archprio > archpriouse)
+                                       continue;
+                       }
+                       if (prio >= priouse)
+                               continue;
+                       priouse = prio;
+                       iuse = i;
+               }
+               resp_begin_html(200, NULL, r[iuse].file);
+       } else
+               resp_begin_html(200, NULL, NULL);
+
+       resp_searchform(req,
+           req->q.equal || sz == 1 ? FOCUS_NONE : FOCUS_QUERY);
+
+       if (sz > 1) {
+               puts("<table class=\"results\">");
+               for (i = 0; i < sz; i++) {
+                       printf("  <tr>\n"
+                              "    <td>"
+                              "<a class=\"Xr\" href=\"/");
+                       if (*scriptname != '\0')
+                               printf("%s/", scriptname);
+                       if (strcmp(req->q.manpath, req->p[0]))
+                               printf("%s/", req->q.manpath);
+                       printf("%s\">", r[i].file);
+                       html_print(r[i].names);
+                       printf("</a></td>\n"
+                              "    <td><span class=\"Nd\">");
+                       html_print(r[i].output);
+                       puts("</span></td>\n"
+                            "  </tr>");
                 }
                 }
-               printf(")</A> ");
-               html_print(r[i].desc);
-               puts("</P>");
+               puts("</table>");
         }
  
         }
  
-       resp_end_html();
-}
-
-/* ARGSUSED */
-static void
-pg_index(const struct manpaths *ps, const struct req *req, char *path)
-{
+       if (req->q.equal || sz == 1) {
+               puts("<hr>");
+               resp_show(req, r[iuse].file);
+       }
  
  
-       resp_index(req);
+       resp_end_html();
  }
  
  static void
  }
  
  static void
-catman(const char *file)
+resp_catman(const struct req *req, const char *file)
  {
         FILE            *f;
  {
         FILE            *f;
-       size_t           len;
-       int              i;
         char            *p;
         char            *p;
+       size_t           sz;
+       ssize_t          len;
+       int              i;
         int              italic, bold;
  
         int              italic, bold;
  
-       if (NULL == (f = fopen(file, "r"))) {
-               resp_baddb();
+       if ((f = fopen(file, "r")) == NULL) {
+               puts("<p>You specified an invalid manual file.</p>");
                 return;
         }
  
                 return;
         }
  
-       resp_begin_http(200, NULL);
-       puts("<!DOCTYPE HTML PUBLIC "                           "\n"
-            " \"-//W3C//DTD HTML 4.01//EN\""                   "\n"
-            " \"http://www.w3.org/TR/html4/strict.dtd\">"      "\n"
-            "<HTML>"                                           "\n"
-            " <HEAD>"                                          "\n"
-            "  <META HTTP-EQUIV=\"Content-Type\" "             "\n"
-            "        CONTENT=\"text/html; charset=utf-8\">"    "\n"
-            "  <LINK REL=\"stylesheet\" HREF=\"/catman.css\""  "\n"
-            "        TYPE=\"text/css\" media=\"all\">"         "\n"
-            "  <TITLE>System Manpage Reference</TITLE>"        "\n"
-            " </HEAD>"                                         "\n"
-            " <BODY>"                                          "\n"
-            "<!-- Begin page content. //-->");
-
-       puts("<PRE>");
-       while (NULL != (p = fgetln(f, &len))) {
+       puts("<div class=\"catman\">\n"
+            "<pre>");
+
+       p = NULL;
+       sz = 0;
+
+       while ((len = getline(&p, &sz, f)) != -1) {
                 bold = italic = 0;
                 bold = italic = 0;
-               for (i = 0; i < (int)len - 1; i++) {
-                       /* 
+               for (i = 0; i < len - 1; i++) {
+                       /*
                          * This means that the catpage is out of state.
                          * Ignore it and keep going (although the
                          * catpage is bogus).
                          * This means that the catpage is out of state.
                          * Ignore it and keep going (although the
                          * catpage is bogus).
@@ -515,22 +756,22 @@ catman(const char *file)
  
                         if ('\b' != p[i + 1]) {
                                 if (italic)
  
                         if ('\b' != p[i + 1]) {
                                 if (italic)
-                                       printf("</I>");
+                                       printf("</i>");
                                 if (bold)
                                 if (bold)
-                                       printf("</B>");
+                                       printf("</b>");
                                 italic = bold = 0;
                                 html_putchar(p[i]);
                                 continue;
                                 italic = bold = 0;
                                 html_putchar(p[i]);
                                 continue;
-                       } else if (i + 2 >= (int)len)
+                       } else if (i + 2 >= len)
                                 continue;
  
                         /* Italic mode. */
  
                         if ('_' == p[i]) {
                                 if (bold)
                                 continue;
  
                         /* Italic mode. */
  
                         if ('_' == p[i]) {
                                 if (bold)
-                                       printf("</B>");
+                                       printf("</b>");
                                 if ( ! italic)
                                 if ( ! italic)
-                                       printf("<I>");
+                                       printf("<i>");
                                 bold = 0;
                                 italic = 1;
                                 i += 2;
                                 bold = 0;
                                 italic = 1;
                                 i += 2;
@@ -538,7 +779,7 @@ catman(const char *file)
                                 continue;
                         }
  
                                 continue;
                         }
  
-                       /* 
+                       /*
                          * Handle funny behaviour troff-isms.
                          * These grok'd from the original man2html.c.
                          */
                          * Handle funny behaviour troff-isms.
                          * These grok'd from the original man2html.c.
                          */
@@ -552,9 +793,9 @@ catman(const char *file)
                                         ('*' == p[i] && '|' == p[i + 2]) ||
                                         ('|' == p[i] && '*' == p[i + 2]))  {
                                 if (italic)
                                         ('*' == p[i] && '|' == p[i + 2]) ||
                                         ('|' == p[i] && '*' == p[i + 2]))  {
                                 if (italic)
-                                       printf("</I>");
+                                       printf("</i>");
                                 if (bold)
                                 if (bold)
-                                       printf("</B>");
+                                       printf("</b>");
                                 italic = bold = 0;
                                 putchar('*');
                                 i += 2;
                                 italic = bold = 0;
                                 putchar('*');
                                 i += 2;
@@ -566,9 +807,9 @@ catman(const char *file)
                                         ('+' == p[i] && '|' == p[i + 1]) ||
                                         ('|' == p[i] && '+' == p[i + 1]))  {
                                 if (italic)
                                         ('+' == p[i] && '|' == p[i + 1]) ||
                                         ('|' == p[i] && '+' == p[i + 1]))  {
                                 if (italic)
-                                       printf("</I>");
+                                       printf("</i>");
                                 if (bold)
                                 if (bold)
-                                       printf("</B>");
+                                       printf("</b>");
                                 italic = bold = 0;
                                 putchar('+');
                                 i += 2;
                                 italic = bold = 0;
                                 putchar('+');
                                 i += 2;
@@ -576,320 +817,445 @@ catman(const char *file)
                         }
  
                         /* Bold mode. */
                         }
  
                         /* Bold mode. */
-                       
+
                         if (italic)
                         if (italic)
-                               printf("</I>");
+                               printf("</i>");
                         if ( ! bold)
                         if ( ! bold)
-                               printf("<B>");
+                               printf("<b>");
                         bold = 1;
                         italic = 0;
                         i += 2;
                         html_putchar(p[i]);
                 }
  
                         bold = 1;
                         italic = 0;
                         i += 2;
                         html_putchar(p[i]);
                 }
  
-               /* 
+               /*
                  * Clean up the last character.
                  * Clean up the last character.
-                * We can get to a newline; don't print that. 
+                * We can get to a newline; don't print that.
                  */
  
                 if (italic)
                  */
  
                 if (italic)
-                       printf("</I>");
+                       printf("</i>");
                 if (bold)
                 if (bold)
-                       printf("</B>");
+                       printf("</b>");
  
  
-               if (i == (int)len - 1 && '\n' != p[i])
+               if (i == len - 1 && p[i] != '\n')
                         html_putchar(p[i]);
  
                 putchar('\n');
         }
                         html_putchar(p[i]);
  
                 putchar('\n');
         }
+       free(p);
  
  
-       puts("</PRE>\n"
-            "</BODY>\n"
-            "</HTML>");
+       puts("</pre>\n"
+            "</div>");
  
         fclose(f);
  }
  
  static void
  
         fclose(f);
  }
  
  static void
-format(const char *file)
+resp_format(const struct req *req, const char *file)
  {
  {
+       struct manoutput conf;
         struct mparse   *mp;
         struct mparse   *mp;
-       int              fd;
-       struct mdoc     *mdoc;
-       struct man      *man;
+       struct roff_meta *meta;
         void            *vp;
         void            *vp;
-       enum mandoclevel rc;
-       char             opts[MAXPATHLEN + 128];
+       int              fd;
+       int              usepath;
  
         if (-1 == (fd = open(file, O_RDONLY, 0))) {
  
         if (-1 == (fd = open(file, O_RDONLY, 0))) {
-               resp_baddb();
+               puts("<p>You specified an invalid manual file.</p>");
                 return;
         }
  
                 return;
         }
  
-       mp = mparse_alloc(MPARSE_AUTO, MANDOCLEVEL_FATAL, NULL, NULL);
-       rc = mparse_readfd(mp, fd, file);
+       mchars_alloc();
+       mp = mparse_alloc(MPARSE_SO | MPARSE_UTF8 | MPARSE_LATIN1 |
+           MPARSE_VALIDATE, MANDOC_OS_OTHER, req->q.manpath);
+       mparse_readfd(mp, fd, file);
         close(fd);
         close(fd);
+       meta = mparse_result(mp);
+
+       memset(&conf, 0, sizeof(conf));
+       conf.fragment = 1;
+       conf.style = mandoc_strdup(CSS_DIR "/mandoc.css");
+       usepath = strcmp(req->q.manpath, req->p[0]);
+       mandoc_asprintf(&conf.man, "/%s%s%s%s%%N.%%S",
+           scriptname, *scriptname == '\0' ? "" : "/",
+           usepath ? req->q.manpath : "", usepath ? "/" : "");
+
+       vp = html_alloc(&conf);
+       if (meta->macroset == MACROSET_MDOC)
+               html_mdoc(vp, meta);
+       else
+               html_man(vp, meta);
  
  
-       if (rc >= MANDOCLEVEL_FATAL) {
-               resp_baddb();
-               return;
-       }
+       html_free(vp);
+       mparse_free(mp);
+       mchars_free();
+       free(conf.man);
+       free(conf.style);
+}
  
  
-       snprintf(opts, sizeof(opts), "style=/man.css,"
-                       "man=%s/search.html?sec=%%S&expr=%%N,"
-                       /*"includes=/cgi-bin/man.cgi/usr/include/%%I"*/,
-                       progname);
+static void
+resp_show(const struct req *req, const char *file)
+{
  
  
-       mparse_result(mp, &mdoc, &man);
-       vp = html_alloc(opts);
+       if ('.' == file[0] && '/' == file[1])
+               file += 2;
  
  
-       if (NULL != mdoc) {
-               resp_begin_http(200, NULL);
-               html_mdoc(vp, mdoc);
-       } else if (NULL != man) {
-               resp_begin_http(200, NULL);
-               html_man(vp, man);
-       } else
-               resp_baddb();
-
-       html_free(vp);
-       mparse_free(mp);
+       if ('c' == *file)
+               resp_catman(req, file);
+       else
+               resp_format(req, file);
  }
  
  static void
  }
  
  static void
-pg_show(const struct manpaths *ps, const struct req *req, char *path)
+pg_show(struct req *req, const char *fullpath)
  {
  {
-       char            *sub;
-       char             file[MAXPATHLEN];
-       const char      *fn, *cp;
-       int              rc;
-       unsigned int     vol, rec;
-       DB              *idx;
-       DBT              key, val;
-
-       if (NULL == path) {
-               resp_error400();
-               return;
-       } else if (NULL == (sub = strrchr(path, '/'))) {
-               resp_error400();
-               return;
-       } else
-               *sub++ = '\0';
+       char            *manpath;
+       const char      *file;
  
  
-       if ( ! (atou(path, &vol) && atou(sub, &rec))) {
-               resp_error400();
-               return;
-       } else if (vol >= (unsigned int)ps->sz) {
-               resp_error400();
+       if ((file = strchr(fullpath, '/')) == NULL) {
+               pg_error_badrequest(
+                   "You did not specify a page to show.");
                 return;
         }
                 return;
         }
+       manpath = mandoc_strndup(fullpath, file - fullpath);
+       file++;
  
  
-       strlcpy(file, ps->paths[vol], MAXPATHLEN);
-       strlcat(file, "/mandoc.index", MAXPATHLEN);
+       if ( ! validate_manpath(req, manpath)) {
+               pg_error_badrequest(
+                   "You specified an invalid manpath.");
+               free(manpath);
+               return;
+       }
  
  
-       /* Open the index recno(3) database. */
+       /*
+        * Begin by chdir()ing into the manpath.
+        * This way we can pick up the database files, which are
+        * relative to the manpath root.
+        */
  
  
-       idx = dbopen(file, O_RDONLY, 0, DB_RECNO, NULL);
-       if (NULL == idx) {
-               resp_baddb();
+       if (chdir(manpath) == -1) {
+               warn("chdir %s", manpath);
+               pg_error_internal();
+               free(manpath);
                 return;
         }
                 return;
         }
+       free(manpath);
  
  
-       key.data = &rec;
-       key.size = 4;
-
-       if (0 != (rc = (*idx->get)(idx, &key, &val, 0))) {
-               rc < 0 ? resp_baddb() : resp_error400();
-               goto out;
-       } 
-
-       cp = (char *)val.data;
-
-       if (NULL == (fn = memchr(cp, '\0', val.size)))
-               resp_baddb();
-       else if (++fn - cp >= (int)val.size)
-               resp_baddb();
-       else if (NULL == memchr(fn, '\0', val.size - (fn - cp)))
-               resp_baddb();
-       else {
-               strlcpy(file, ps->paths[vol], MAXPATHLEN);
-               strlcat(file, "/", MAXPATHLEN);
-               strlcat(file, fn, MAXPATHLEN);
-               if (0 == strcmp(cp, "cat"))
-                       catman(file);
-               else
-                       format(file);
+       if ( ! validate_filename(file)) {
+               pg_error_badrequest(
+                   "You specified an invalid manual file.");
+               return;
         }
         }
-out:
-       (*idx->close)(idx);
+
+       resp_begin_html(200, NULL, file);
+       resp_searchform(req, FOCUS_NONE);
+       resp_show(req, file);
+       resp_end_html();
  }
  
  static void
  }
  
  static void
-pg_search(const struct manpaths *ps, const struct req *req, char *path)
+pg_search(const struct req *req)
  {
  {
-       size_t            tt;
-       int               i, sz, rc, whatis;
-       const char       *ep, *start;
-       char            **cp;
-       struct opts       opt;
-       struct expr      *expr;
-
-       expr = NULL;
-       cp = NULL;
-       ep = NULL;
-       sz = 0;
-       whatis = 0;
-
-       memset(&opt, 0, sizeof(struct opts));
-
-       for (sz = i = 0; i < (int)req->fieldsz; i++)
-               if (0 == strcmp(req->fields[i].key, "expr"))
-                       ep = req->fields[i].val;
-               else if (0 == strcmp(req->fields[i].key, "sec"))
-                       opt.cat = req->fields[i].val;
-               else if (0 == strcmp(req->fields[i].key, "arch"))
-                       opt.arch = req->fields[i].val;
-               else if (0 == strcmp(req->fields[i].key, "op"))
-                       whatis = 0 == strcasecmp
-                               (req->fields[i].val, "whatis");
+       struct mansearch          search;
+       struct manpaths           paths;
+       struct manpage           *res;
+       char                    **argv;
+       char                     *query, *rp, *wp;
+       size_t                    ressz;
+       int                       argc;
  
         /*
  
         /*
-        * Poor man's tokenisation.
-        * Just break apart by spaces.
-        * Yes, this is half-ass.  But it works for now.
+        * Begin by chdir()ing into the root of the manpath.
+        * This way we can pick up the database files, which are
+        * relative to the manpath root.
          */
  
          */
  
-       while (ep && isspace((unsigned char)*ep))
-               ep++;
-
-       while (ep && '\0' != *ep) {
-               cp = mandoc_realloc(cp, (sz + 1) * sizeof(char *));
-               start = ep;
-               while ('\0' != *ep && ! isspace((unsigned char)*ep))
-                       ep++;
-               cp[sz] = mandoc_malloc((ep - start) + 1);
-               memcpy(cp[sz], start, ep - start);
-               cp[sz++][ep - start] = '\0';
-               while (isspace((unsigned char)*ep))
-                       ep++;
+       if (chdir(req->q.manpath) == -1) {
+               warn("chdir %s", req->q.manpath);
+               pg_error_internal();
+               return;
         }
  
         }
  
-       rc = -1;
+       search.arch = req->q.arch;
+       search.sec = req->q.sec;
+       search.outkey = "Nd";
+       search.argmode = req->q.equal ? ARG_NAME : ARG_EXPR;
+       search.firstmatch = 1;
+
+       paths.sz = 1;
+       paths.paths = mandoc_malloc(sizeof(char *));
+       paths.paths[0] = mandoc_strdup(".");
  
         /*
  
         /*
-        * Pump down into apropos backend.
-        * The resp_search() function is called with the results.
+        * Break apart at spaces with backslash-escaping.
          */
  
          */
  
-       expr = whatis ? termcomp(sz, cp, &tt) :
-                       exprcomp(sz, cp, &tt);
-
-       if (NULL != expr)
-               rc = apropos_search
-                       (ps->sz, ps->paths, &opt,
-                        expr, tt, (void *)req, resp_search);
-
-       /* ...unless errors occured. */
-
-       if (0 == rc)
-               resp_baddb();
-       else if (-1 == rc)
-               resp_search(NULL, 0, (void *)req);
-
-       for (i = 0; i < sz; i++)
-               free(cp[i]);
+       argc = 0;
+       argv = NULL;
+       rp = query = mandoc_strdup(req->q.query);
+       for (;;) {
+               while (isspace((unsigned char)*rp))
+                       rp++;
+               if (*rp == '\0')
+                       break;
+               argv = mandoc_reallocarray(argv, argc + 1, sizeof(char *));
+               argv[argc++] = wp = rp;
+               for (;;) {
+                       if (isspace((unsigned char)*rp)) {
+                               *wp = '\0';
+                               rp++;
+                               break;
+                       }
+                       if (rp[0] == '\\' && rp[1] != '\0')
+                               rp++;
+                       if (wp != rp)
+                               *wp = *rp;
+                       if (*rp == '\0')
+                               break;
+                       wp++;
+                       rp++;
+               }
+       }
  
  
-       free(cp);
-       exprfree(expr);
+       res = NULL;
+       ressz = 0;
+       if (req->isquery && req->q.equal && argc == 1)
+               pg_redirect(req, argv[0]);
+       else if (mansearch(&search, &paths, argc, argv, &res, &ressz) == 0)
+               pg_noresult(req, 400, "Bad Request",
+                   "You entered an invalid query.");
+       else if (ressz == 0)
+               pg_noresult(req, 404, "Not Found", "No results found.");
+       else
+               pg_searchres(req, res, ressz);
+
+       free(query);
+       mansearch_free(res, ressz);
+       free(paths.paths[0]);
+       free(paths.paths);
  }
  
  int
  main(void)
  {
  }
  
  int
  main(void)
  {
-       int              i;
         struct req       req;
         struct req       req;
-       char            *p, *path, *subpath;
-       struct manpaths  paths;
-
-       /* HTTP init: read and parse the query string. */
-
-       progname = getenv("SCRIPT_NAME");
-       if (NULL == progname)
-               progname = "";
+       struct itimerval itimer;
+       const char      *path;
+       const char      *querystring;
+       int              i;
  
  
-       cache = getenv("CACHE_DIR");
-       if (NULL == cache)
-               cache = "/cache/man.cgi";
+#if HAVE_PLEDGE
+       /*
+        * The "rpath" pledge could be revoked after mparse_readfd()
+        * if the file desciptor to "/footer.html" would be opened
+        * up front, but it's probably not worth the complication
+        * of the code it would cause: it would require scattering
+        * pledge() calls in multiple low-level resp_*() functions.
+        */
  
  
-       if (-1 == chdir(cache)) {
-               resp_bad();
-               return(EXIT_FAILURE);
+       if (pledge("stdio rpath", NULL) == -1) {
+               warn("pledge");
+               pg_error_internal();
+               return EXIT_FAILURE;
         }
         }
+#endif
  
  
-       host = getenv("HTTP_HOST");
-       if (NULL == host)
-               host = "localhost";
-
-       memset(&req, 0, sizeof(struct req));
-
-       if (NULL != (p = getenv("QUERY_STRING")))
-               kval_parse(&req.fields, &req.fieldsz, p);
-
-       /* Resolve leading subpath component. */
-
-       subpath = path = NULL;
-       req.page = PAGE__MAX;
+       /* Poor man's ReDoS mitigation. */
  
  
-       if (NULL == (path = getenv("PATH_INFO")) || '\0' == *path)
-               req.page = PAGE_INDEX;
+       itimer.it_value.tv_sec = 2;
+       itimer.it_value.tv_usec = 0;
+       itimer.it_interval.tv_sec = 2;
+       itimer.it_interval.tv_usec = 0;
+       if (setitimer(ITIMER_VIRTUAL, &itimer, NULL) == -1) {
+               warn("setitimer");
+               pg_error_internal();
+               return EXIT_FAILURE;
+       }
  
  
-       if (NULL != path && '/' == *path && '\0' == *++path)
-               req.page = PAGE_INDEX;
+       /*
+        * First we change directory into the MAN_DIR so that
+        * subsequent scanning for manpath directories is rooted
+        * relative to the same position.
+        */
  
  
-       /* Strip file suffix. */
+       if (chdir(MAN_DIR) == -1) {
+               warn("MAN_DIR: %s", MAN_DIR);
+               pg_error_internal();
+               return EXIT_FAILURE;
+       }
  
  
-       if (NULL != path && NULL != (p = strrchr(path, '.')))
-               if (NULL != p && NULL == strchr(p, '/'))
-                       *p++ = '\0';
+       memset(&req, 0, sizeof(struct req));
+       req.q.equal = 1;
+       parse_manpath_conf(&req);
+
+       /* Parse the path info and the query string. */
+
+       if ((path = getenv("PATH_INFO")) == NULL)
+               path = "";
+       else if (*path == '/')
+               path++;
+
+       if (*path != '\0') {
+               parse_path_info(&req, path);
+               if (req.q.manpath == NULL || req.q.sec == NULL ||
+                   *req.q.query == '\0' || access(path, F_OK) == -1)
+                       path = "";
+       } else if ((querystring = getenv("QUERY_STRING")) != NULL)
+               parse_query_string(&req, querystring);
+
+       /* Validate parsed data and add defaults. */
+
+       if (req.q.manpath == NULL)
+               req.q.manpath = mandoc_strdup(req.p[0]);
+       else if ( ! validate_manpath(&req, req.q.manpath)) {
+               pg_error_badrequest(
+                   "You specified an invalid manpath.");
+               return EXIT_FAILURE;
+       }
  
  
-       /* Resolve subpath component. */
+       if (req.q.arch != NULL && validate_arch(req.q.arch) == 0) {
+               pg_error_badrequest(
+                   "You specified an invalid architecture.");
+               return EXIT_FAILURE;
+       }
  
  
-       if (NULL != path && NULL != (subpath = strchr(path, '/')))
-               *subpath++ = '\0';
+       /* Dispatch to the three different pages. */
+
+       if ('\0' != *path)
+               pg_show(&req, path);
+       else if (NULL != req.q.query)
+               pg_search(&req);
+       else
+               pg_index(&req);
+
+       free(req.q.manpath);
+       free(req.q.arch);
+       free(req.q.sec);
+       free(req.q.query);
+       for (i = 0; i < (int)req.psz; i++)
+               free(req.p[i]);
+       free(req.p);
+       return EXIT_SUCCESS;
+}
  
  
-       /* Map path into one we recognise. */
+/*
+ * Translate PATH_INFO to a query.
+ */
+static void
+parse_path_info(struct req *req, const char *path)
+{
+       const char      *name, *sec, *end;
+
+       req->isquery = 0;
+       req->q.equal = 1;
+       req->q.manpath = NULL;
+       req->q.arch = NULL;
+
+       /* Mandatory manual page name. */
+       if ((name = strrchr(path, '/')) == NULL)
+               name = path;
+       else
+               name++;
+
+       /* Optional trailing section. */
+       sec = strrchr(name, '.');
+       if (sec != NULL && isdigit((unsigned char)*++sec)) {
+               req->q.query = mandoc_strndup(name, sec - name - 1);
+               req->q.sec = mandoc_strdup(sec);
+       } else {
+               req->q.query = mandoc_strdup(name);
+               req->q.sec = NULL;
+       }
  
  
-       if (NULL != path && '\0' != *path)
-               for (i = 0; i < (int)PAGE__MAX; i++) 
-                       if (0 == strcmp(pages[i], path)) {
-                               req.page = (enum page)i;
-                               break;
-                       }
+       /* Handle the case of name[.section] only. */
+       if (name == path)
+               return;
  
  
-       /* Initialise MANPATH. */
+       /* Optional manpath. */
+       end = strchr(path, '/');
+       req->q.manpath = mandoc_strndup(path, end - path);
+       if (validate_manpath(req, req->q.manpath)) {
+               path = end + 1;
+               if (name == path)
+                       return;
+       } else {
+               free(req->q.manpath);
+               req->q.manpath = NULL;
+       }
  
  
-       memset(&paths, 0, sizeof(struct manpaths));
-       manpath_manconf("etc/catman.conf", &paths);
+       /* Optional section. */
+       if (strncmp(path, "man", 3) == 0 || strncmp(path, "cat", 3) == 0) {
+               path += 3;
+               end = strchr(path, '/');
+               free(req->q.sec);
+               req->q.sec = mandoc_strndup(path, end - path);
+               path = end + 1;
+               if (name == path)
+                       return;
+       }
  
  
-       /* Route pages. */
+       /* Optional architecture. */
+       end = strchr(path, '/');
+       if (end + 1 != name) {
+               pg_error_badrequest(
+                   "You specified too many directory components.");
+               exit(EXIT_FAILURE);
+       }
+       req->q.arch = mandoc_strndup(path, end - path);
+       if (validate_arch(req->q.arch) == 0) {
+               pg_error_badrequest(
+                   "You specified an invalid directory component.");
+               exit(EXIT_FAILURE);
+       }
+}
  
  
-       switch (req.page) {
-       case (PAGE_INDEX):
-               pg_index(&paths, &req, subpath);
-               break;
-       case (PAGE_SEARCH):
-               pg_search(&paths, &req, subpath);
-               break;
-       case (PAGE_SHOW):
-               pg_show(&paths, &req, subpath);
-               break;
-       default:
-               resp_error404(path);
-               break;
+/*
+ * Scan for indexable paths.
+ */
+static void
+parse_manpath_conf(struct req *req)
+{
+       FILE    *fp;
+       char    *dp;
+       size_t   dpsz;
+       ssize_t  len;
+
+       if ((fp = fopen("manpath.conf", "r")) == NULL) {
+               warn("%s/manpath.conf", MAN_DIR);
+               pg_error_internal();
+               exit(EXIT_FAILURE);
         }
  
         }
  
-       manpath_free(&paths);
-       kval_free(req.fields, req.fieldsz);
+       dp = NULL;
+       dpsz = 0;
+
+       while ((len = getline(&dp, &dpsz, fp)) != -1) {
+               if (dp[len - 1] == '\n')
+                       dp[--len] = '\0';
+               req->p = mandoc_realloc(req->p,
+                   (req->psz + 1) * sizeof(char *));
+               if ( ! validate_urifrag(dp)) {
+                       warnx("%s/manpath.conf contains "
+                           "unsafe path \"%s\"", MAN_DIR, dp);
+                       pg_error_internal();
+                       exit(EXIT_FAILURE);
+               }
+               if (strchr(dp, '/') != NULL) {
+                       warnx("%s/manpath.conf contains "
+                           "path with slash \"%s\"", MAN_DIR, dp);
+                       pg_error_internal();
+                       exit(EXIT_FAILURE);
+               }
+               req->p[req->psz++] = dp;
+               dp = NULL;
+               dpsz = 0;
+       }
+       free(dp);
  
  
-       return(EXIT_SUCCESS);
+       if (req->p == NULL) {
+               warnx("%s/manpath.conf is empty", MAN_DIR);
+               pg_error_internal();
+               exit(EXIT_FAILURE);
+       }
  }
  }