-/* $Id: cgi.c,v 1.127 2016/04/15 15:13:07 schwarze Exp $ */
+/* $Id: cgi.c,v 1.141 2016/09/12 00:06:20 schwarze Exp $ */
/*
* Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv>
* Copyright (c) 2014, 2015, 2016 Ingo Schwarze <schwarze@usta.de>
#include <sys/time.h>
#include <ctype.h>
+#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <limits.h>
int isquery; /* QUERY_STRING used, not PATH_INFO */
};
-static void catman(const struct req *, const char *);
-static void format(const struct req *, const char *);
+enum focus {
+ FOCUS_NONE = 0,
+ FOCUS_QUERY
+};
+
static void html_print(const char *);
static void html_putchar(char);
static int http_decode(char *);
-static void http_parse(struct req *, const char *);
-static void pathgen(struct req *);
-static void path_parse(struct req *req, const char *path);
+static void parse_manpath_conf(struct req *);
+static void parse_path_info(struct req *req, const char *path);
+static void parse_query_string(struct req *, const char *);
static void pg_error_badrequest(const char *);
static void pg_error_internal(void);
static void pg_index(const struct req *);
static void pg_show(struct req *, const char *);
static void resp_begin_html(int, const char *);
static void resp_begin_http(int, const char *);
+static void resp_catman(const struct req *, const char *);
static void resp_copy(const char *);
static void resp_end_html(void);
-static void resp_searchform(const struct req *);
+static void resp_format(const struct req *, const char *);
+static void resp_searchform(const struct req *, enum focus);
static void resp_show(const struct req *, const char *);
static void set_query_attr(char **, char **);
static int validate_filename(const char *);
static const int sec_MAX = sizeof(sec_names) / sizeof(char *);
static const char *const arch_names[] = {
- "amd64", "alpha", "armish", "armv7",
- "hppa", "hppa64", "i386", "landisk",
+ "amd64", "alpha", "armv7",
+ "hppa", "i386", "landisk",
"loongson", "luna88k", "macppc", "mips64",
- "octeon", "sgi", "socppc", "sparc",
- "sparc64", "zaurus",
- "amiga", "arc", "arm32", "atari",
- "aviion", "beagle", "cats", "hp300",
+ "octeon", "sgi", "socppc", "sparc64",
+ "amiga", "arc", "armish", "arm32",
+ "atari", "aviion", "beagle", "cats",
+ "hppa64", "hp300",
"ia64", "mac68k", "mvme68k", "mvme88k",
"mvmeppc", "palm", "pc532", "pegasos",
- "pmax", "powerpc", "solbourne", "sun3",
- "vax", "wgrisc", "x68k"
+ "pmax", "powerpc", "solbourne", "sparc",
+ "sun3", "vax", "wgrisc", "x68k",
+ "zaurus"
};
static const int arch_MAX = sizeof(arch_names) / sizeof(char *);
switch (c) {
case ('"'):
- printf(""e;");
+ printf(""");
break;
case ('&'):
printf("&");
* and store the values into the query structure.
*/
static void
-http_parse(struct req *req, const char *qs)
+parse_query_string(struct req *req, const char *qs)
{
char *key, *val;
size_t keysz, valsz;
fflush(stdout);
while ((sz = read(fd, buf, sizeof(buf))) > 0)
write(STDOUT_FILENO, buf, sz);
+ close(fd);
}
}
}
static void
-resp_searchform(const struct req *req)
+resp_searchform(const struct req *req, enum focus focus)
{
int i;
/* Write query input box. */
- printf( "<table><tr><td>\n"
- "<input type=\"text\" name=\"query\" value=\"");
- if (NULL != req->q.query)
+ printf("<input type=\"text\" name=\"query\" value=\"");
+ if (req->q.query != NULL)
html_print(req->q.query);
- puts("\" size=\"40\">");
-
- /* Write submission and reset buttons. */
-
- printf( "<input type=\"submit\" value=\"Submit\">\n"
- "<input type=\"reset\" value=\"Reset\">\n");
+ printf( "\" size=\"40\"");
+ if (focus == FOCUS_QUERY)
+ printf(" autofocus");
+ puts(">");
- /* Write show radio button */
+ /* Write submission buttons. */
- printf( "</td><td>\n"
- "<input type=\"radio\" ");
- if (req->q.equal)
- printf("checked=\"checked\" ");
- printf( "name=\"apropos\" id=\"show\" value=\"0\">\n"
- "<label for=\"show\">Show named manual page</label>\n");
+ printf( "<button type=\"submit\" name=\"apropos\" value=\"0\">"
+ "man</button>\n"
+ "<button type=\"submit\" name=\"apropos\" value=\"1\">"
+ "apropos</button>\n<br/>\n");
/* Write section selector. */
- puts( "</td></tr><tr><td>\n"
- "<select name=\"sec\">");
+ puts("<select name=\"sec\">");
for (i = 0; i < sec_MAX; i++) {
printf("<option value=\"%s\"", sec_numbers[i]);
if (NULL != req->q.sec &&
puts("</select>");
}
- /* Write search radio button */
-
- printf( "</td><td>\n"
- "<input type=\"radio\" ");
- if (0 == req->q.equal)
- printf("checked=\"checked\" ");
- printf( "name=\"apropos\" id=\"search\" value=\"1\">\n"
- "<label for=\"search\">Search with apropos query</label>\n");
-
- puts("</td></tr></table>\n"
- "</fieldset>\n"
+ puts("</fieldset>\n"
"</form>\n"
"</div>");
puts("<!-- End search form. //-->");
{
size_t i;
- if ( ! strcmp(manpath, "mandoc"))
- return 1;
-
for (i = 0; i < req->psz; i++)
if ( ! strcmp(manpath, req->p[i]))
return 1;
{
resp_begin_html(200, NULL);
- resp_searchform(req);
+ resp_searchform(req, FOCUS_QUERY);
printf("<p>\n"
"This web interface is documented in the\n"
- "<a href=\"/%s%smandoc/man8/man.cgi.8\">man.cgi</a>\n"
+ "<a href=\"/%s%sman.cgi.8\">man.cgi(8)</a>\n"
"manual, and the\n"
- "<a href=\"/%s%smandoc/man1/apropos.1\">apropos</a>\n"
+ "<a href=\"/%s%sapropos.1\">apropos(1)</a>\n"
"manual explains the query syntax.\n"
"</p>\n",
scriptname, *scriptname == '\0' ? "" : "/",
pg_noresult(const struct req *req, const char *msg)
{
resp_begin_html(200, NULL);
- resp_searchform(req);
+ resp_searchform(req, FOCUS_QUERY);
puts("<p>");
puts(msg);
puts("</p>");
for (i = 0; i < sz; i++) {
if (validate_filename(r[i].file))
continue;
- fprintf(stderr, "invalid filename %s in %s database\n",
+ warnx("invalid filename %s in %s database",
r[i].file, req->q.manpath);
pg_error_internal();
return;
}
resp_begin_html(200, NULL);
- resp_searchform(req);
+ resp_searchform(req,
+ req->q.equal || sz == 1 ? FOCUS_NONE : FOCUS_QUERY);
if (sz > 1) {
puts("<div class=\"results\">");
}
static void
-catman(const struct req *req, const char *file)
+resp_catman(const struct req *req, const char *file)
{
FILE *f;
char *p;
}
static void
-format(const struct req *req, const char *file)
+resp_format(const struct req *req, const char *file)
{
struct manoutput conf;
struct mparse *mp;
}
mchars_alloc();
- mp = mparse_alloc(MPARSE_SO, MANDOCLEVEL_BADARG, NULL, req->q.manpath);
+ mp = mparse_alloc(MPARSE_SO | MPARSE_UTF8 | MPARSE_LATIN1,
+ MANDOCLEVEL_BADARG, NULL, req->q.manpath);
mparse_readfd(mp, fd, file);
close(fd);
mparse_result(mp, &man, NULL);
if (man == NULL) {
- fprintf(stderr, "fatal mandoc error: %s/%s\n",
- req->q.manpath, file);
+ warnx("fatal mandoc error: %s/%s", req->q.manpath, file);
pg_error_internal();
mparse_free(mp);
mchars_free();
file += 2;
if ('c' == *file)
- catman(req, file);
+ resp_catman(req, file);
else
- format(req, file);
+ resp_format(req, file);
}
static void
*/
if (chdir(manpath) == -1) {
- fprintf(stderr, "chdir %s: %s\n",
- manpath, strerror(errno));
+ warn("chdir %s", manpath);
pg_error_internal();
free(manpath);
return;
}
-
- if (strcmp(manpath, "mandoc")) {
- free(req->q.manpath);
- req->q.manpath = manpath;
- } else
- free(manpath);
+ free(manpath);
if ( ! validate_filename(file)) {
pg_error_badrequest(
}
resp_begin_html(200, NULL);
- resp_searchform(req);
+ resp_searchform(req, FOCUS_NONE);
resp_show(req, file);
resp_end_html();
}
* relative to the manpath root.
*/
- if (-1 == (chdir(req->q.manpath))) {
- fprintf(stderr, "chdir %s: %s\n",
- req->q.manpath, strerror(errno));
+ if (chdir(req->q.manpath) == -1) {
+ warn("chdir %s", req->q.manpath);
pg_error_internal();
return;
}
itimer.it_interval.tv_sec = 2;
itimer.it_interval.tv_usec = 0;
if (setitimer(ITIMER_VIRTUAL, &itimer, NULL) == -1) {
- fprintf(stderr, "setitimer: %s\n", strerror(errno));
+ warn("setitimer");
pg_error_internal();
return EXIT_FAILURE;
}
* relative to the same position.
*/
- if (-1 == chdir(MAN_DIR)) {
- fprintf(stderr, "MAN_DIR: %s: %s\n",
- MAN_DIR, strerror(errno));
+ if (chdir(MAN_DIR) == -1) {
+ warn("MAN_DIR: %s", MAN_DIR);
pg_error_internal();
return EXIT_FAILURE;
}
memset(&req, 0, sizeof(struct req));
req.q.equal = 1;
- pathgen(&req);
+ parse_manpath_conf(&req);
/* Parse the path info and the query string. */
path++;
if (*path != '\0') {
- path_parse(&req, path);
- if (access(path, F_OK) == -1)
+ parse_path_info(&req, path);
+ if (req.q.manpath == NULL || access(path, F_OK) == -1)
path = "";
} else if ((querystring = getenv("QUERY_STRING")) != NULL)
- http_parse(&req, querystring);
+ parse_query_string(&req, querystring);
/* Validate parsed data and add defaults. */
* If PATH_INFO is not a file name, translate it to a query.
*/
static void
-path_parse(struct req *req, const char *path)
+parse_path_info(struct req *req, const char *path)
{
- char *dir;
+ char *dir[4];
+ int i;
req->isquery = 0;
req->q.equal = 1;
req->q.manpath = mandoc_strdup(path);
+ req->q.arch = NULL;
/* Mandatory manual page name. */
if ((req->q.query = strrchr(req->q.manpath, '/')) == NULL) {
}
/* Handle the case of name[.section] only. */
- if (req->q.manpath == NULL) {
- req->q.arch = NULL;
+ if (req->q.manpath == NULL)
return;
- }
req->q.query = mandoc_strdup(req->q.query);
- /* Optional architecture. */
- dir = strrchr(req->q.manpath, '/');
- if (dir != NULL && strncmp(dir + 1, "man", 3) != 0) {
- *dir++ = '\0';
- req->q.arch = mandoc_strdup(dir);
- dir = strrchr(req->q.manpath, '/');
- } else
- req->q.arch = NULL;
+ /* Split directory components. */
+ dir[i = 0] = req->q.manpath;
+ while ((dir[i + 1] = strchr(dir[i], '/')) != NULL) {
+ if (++i == 3) {
+ pg_error_badrequest(
+ "You specified too many directory components.");
+ exit(EXIT_FAILURE);
+ }
+ *dir[i]++ = '\0';
+ }
- /* Optional directory name. */
- if (dir != NULL && strncmp(dir + 1, "man", 3) == 0) {
- *dir++ = '\0';
+ /* Optional manpath. */
+ if ((i = validate_manpath(req, req->q.manpath)) == 0)
+ req->q.manpath = NULL;
+ else if (dir[1] == NULL)
+ return;
+
+ /* Optional section. */
+ if (strncmp(dir[i], "man", 3) == 0) {
free(req->q.sec);
- req->q.sec = mandoc_strdup(dir + 3);
+ req->q.sec = mandoc_strdup(dir[i++] + 3);
+ }
+ if (dir[i] == NULL) {
+ if (req->q.manpath == NULL)
+ free(dir[0]);
+ return;
}
+ if (dir[i + 1] != NULL) {
+ pg_error_badrequest(
+ "You specified an invalid directory component.");
+ exit(EXIT_FAILURE);
+ }
+
+ /* Optional architecture. */
+ if (i) {
+ req->q.arch = mandoc_strdup(dir[i]);
+ if (req->q.manpath == NULL)
+ free(dir[0]);
+ } else
+ req->q.arch = dir[0];
}
/*
* Scan for indexable paths.
*/
static void
-pathgen(struct req *req)
+parse_manpath_conf(struct req *req)
{
FILE *fp;
char *dp;
size_t dpsz;
ssize_t len;
- if (NULL == (fp = fopen("manpath.conf", "r"))) {
- fprintf(stderr, "%s/manpath.conf: %s\n",
- MAN_DIR, strerror(errno));
+ if ((fp = fopen("manpath.conf", "r")) == NULL) {
+ warn("%s/manpath.conf", MAN_DIR);
pg_error_internal();
exit(EXIT_FAILURE);
}
req->p = mandoc_realloc(req->p,
(req->psz + 1) * sizeof(char *));
if ( ! validate_urifrag(dp)) {
- fprintf(stderr, "%s/manpath.conf contains "
- "unsafe path \"%s\"\n", MAN_DIR, dp);
+ warnx("%s/manpath.conf contains "
+ "unsafe path \"%s\"", MAN_DIR, dp);
pg_error_internal();
exit(EXIT_FAILURE);
}
- if (NULL != strchr(dp, '/')) {
- fprintf(stderr, "%s/manpath.conf contains "
- "path with slash \"%s\"\n", MAN_DIR, dp);
+ if (strchr(dp, '/') != NULL) {
+ warnx("%s/manpath.conf contains "
+ "path with slash \"%s\"", MAN_DIR, dp);
pg_error_internal();
exit(EXIT_FAILURE);
}
}
free(dp);
- if ( req->p == NULL ) {
- fprintf(stderr, "%s/manpath.conf is empty\n", MAN_DIR);
+ if (req->p == NULL) {
+ warnx("%s/manpath.conf is empty", MAN_DIR);
pg_error_internal();
exit(EXIT_FAILURE);
}