version 1.139, 2016/09/01 15:07:24 |
version 1.157, 2018/05/18 14:23:00 |
|
|
/* $Id$ */ |
/* $Id$ */ |
/* |
/* |
* Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv> |
* Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv> |
* Copyright (c) 2014, 2015, 2016 Ingo Schwarze <schwarze@usta.de> |
* Copyright (c) 2014, 2015, 2016, 2017 Ingo Schwarze <schwarze@usta.de> |
* |
* |
* Permission to use, copy, modify, and distribute this software for any |
* Permission to use, copy, modify, and distribute this software for any |
* purpose with or without fee is hereby granted, provided that the above |
* purpose with or without fee is hereby granted, provided that the above |
|
|
#include <sys/time.h> |
#include <sys/time.h> |
|
|
#include <ctype.h> |
#include <ctype.h> |
|
#if HAVE_ERR |
#include <err.h> |
#include <err.h> |
|
#endif |
#include <errno.h> |
#include <errno.h> |
#include <fcntl.h> |
#include <fcntl.h> |
#include <limits.h> |
#include <limits.h> |
Line 74 static void pg_error_badrequest(const char *); |
|
Line 76 static void pg_error_badrequest(const char *); |
|
static void pg_error_internal(void); |
static void pg_error_internal(void); |
static void pg_index(const struct req *); |
static void pg_index(const struct req *); |
static void pg_noresult(const struct req *, const char *); |
static void pg_noresult(const struct req *, const char *); |
|
static void pg_redirect(const struct req *, const char *); |
static void pg_search(const struct req *); |
static void pg_search(const struct req *); |
static void pg_searchres(const struct req *, |
static void pg_searchres(const struct req *, |
struct manpage *, size_t); |
struct manpage *, size_t); |
static void pg_show(struct req *, const char *); |
static void pg_show(struct req *, const char *); |
static void resp_begin_html(int, const char *); |
static void resp_begin_html(int, const char *, const char *); |
static void resp_begin_http(int, const char *); |
static void resp_begin_http(int, const char *); |
static void resp_catman(const struct req *, const char *); |
static void resp_catman(const struct req *, const char *); |
static void resp_copy(const char *); |
static void resp_copy(const char *); |
Line 113 static const char *const sec_names[] = { |
|
Line 116 static const char *const sec_names[] = { |
|
static const int sec_MAX = sizeof(sec_names) / sizeof(char *); |
static const int sec_MAX = sizeof(sec_names) / sizeof(char *); |
|
|
static const char *const arch_names[] = { |
static const char *const arch_names[] = { |
"amd64", "alpha", "armv7", |
"amd64", "alpha", "armv7", "arm64", |
"hppa", "i386", "landisk", |
"hppa", "i386", "landisk", |
"loongson", "luna88k", "macppc", "mips64", |
"loongson", "luna88k", "macppc", "mips64", |
"octeon", "sgi", "socppc", |
"octeon", "sgi", "socppc", "sparc64", |
"sparc64", "zaurus", |
|
"amiga", "arc", "armish", "arm32", |
"amiga", "arc", "armish", "arm32", |
"atari", "aviion", "beagle", "cats", |
"atari", "aviion", "beagle", "cats", |
"hppa64", "hp300", |
"hppa64", "hp300", |
"ia64", "mac68k", "mvme68k", "mvme88k", |
"ia64", "mac68k", "mvme68k", "mvme88k", |
"mvmeppc", "palm", "pc532", "pegasos", |
"mvmeppc", "palm", "pc532", "pegasos", |
"pmax", "powerpc", "solbourne", "sparc", |
"pmax", "powerpc", "solbourne", "sparc", |
"sun3", "vax", "wgrisc", "x68k" |
"sun3", "vax", "wgrisc", "x68k", |
|
"zaurus" |
}; |
}; |
static const int arch_MAX = sizeof(arch_names) / sizeof(char *); |
static const int arch_MAX = sizeof(arch_names) / sizeof(char *); |
|
|
Line 137 html_putchar(char c) |
|
Line 140 html_putchar(char c) |
|
{ |
{ |
|
|
switch (c) { |
switch (c) { |
case ('"'): |
case '"': |
printf(""e;"); |
printf("""); |
break; |
break; |
case ('&'): |
case '&': |
printf("&"); |
printf("&"); |
break; |
break; |
case ('>'): |
case '>': |
printf(">"); |
printf(">"); |
break; |
break; |
case ('<'): |
case '<': |
printf("<"); |
printf("<"); |
break; |
break; |
default: |
default: |
Line 343 resp_copy(const char *filename) |
|
Line 346 resp_copy(const char *filename) |
|
} |
} |
|
|
static void |
static void |
resp_begin_html(int code, const char *msg) |
resp_begin_html(int code, const char *msg, const char *file) |
{ |
{ |
|
char *cp; |
|
|
resp_begin_http(code, msg); |
resp_begin_http(code, msg); |
|
|
printf("<!DOCTYPE html>\n" |
printf("<!DOCTYPE html>\n" |
"<html>\n" |
"<html>\n" |
"<head>\n" |
"<head>\n" |
"<meta charset=\"UTF-8\"/>\n" |
" <meta charset=\"UTF-8\"/>\n" |
"<link rel=\"stylesheet\" href=\"%s/mandoc.css\"" |
" <meta name=\"viewport\"" |
|
" content=\"width=device-width, initial-scale=1.0\">\n" |
|
" <link rel=\"stylesheet\" href=\"%s/mandoc.css\"" |
" type=\"text/css\" media=\"all\">\n" |
" type=\"text/css\" media=\"all\">\n" |
"<title>%s</title>\n" |
" <title>", |
|
CSS_DIR); |
|
if (file != NULL) { |
|
if ((cp = strrchr(file, '/')) != NULL) |
|
file = cp + 1; |
|
if ((cp = strrchr(file, '.')) != NULL) { |
|
printf("%.*s(%s) - ", (int)(cp - file), file, cp + 1); |
|
} else |
|
printf("%s - ", file); |
|
} |
|
printf("%s</title>\n" |
"</head>\n" |
"</head>\n" |
"<body>\n" |
"<body>\n", |
"<!-- Begin page content. //-->\n", |
CUSTOMIZE_TITLE); |
CSS_DIR, CUSTOMIZE_TITLE); |
|
|
|
resp_copy(MAN_DIR "/header.html"); |
resp_copy(MAN_DIR "/header.html"); |
} |
} |
Line 378 resp_searchform(const struct req *req, enum focus focu |
|
Line 393 resp_searchform(const struct req *req, enum focus focu |
|
{ |
{ |
int i; |
int i; |
|
|
puts("<!-- Begin search form. //-->"); |
printf("<form action=\"/%s\" method=\"get\">\n" |
printf("<div id=\"mancgi\">\n" |
" <fieldset>\n" |
"<form action=\"/%s\" method=\"get\">\n" |
" <legend>Manual Page Search Parameters</legend>\n", |
"<fieldset>\n" |
|
"<legend>Manual Page Search Parameters</legend>\n", |
|
scriptname); |
scriptname); |
|
|
/* Write query input box. */ |
/* Write query input box. */ |
|
|
printf("<input type=\"text\" name=\"query\" value=\""); |
printf(" <input type=\"text\" name=\"query\" value=\""); |
if (req->q.query != NULL) |
if (req->q.query != NULL) |
html_print(req->q.query); |
html_print(req->q.query); |
printf( "\" size=\"40\""); |
printf( "\" size=\"40\""); |
Line 397 resp_searchform(const struct req *req, enum focus focu |
|
Line 410 resp_searchform(const struct req *req, enum focus focu |
|
|
|
/* Write submission buttons. */ |
/* Write submission buttons. */ |
|
|
printf( "<button type=\"submit\" name=\"apropos\" value=\"0\">" |
printf( " <button type=\"submit\" name=\"apropos\" value=\"0\">" |
"man</button>\n" |
"man</button>\n" |
"<button type=\"submit\" name=\"apropos\" value=\"1\">" |
" <button type=\"submit\" name=\"apropos\" value=\"1\">" |
"apropos</button>\n<br/>\n"); |
"apropos</button>\n" |
|
" <br/>\n"); |
|
|
/* Write section selector. */ |
/* Write section selector. */ |
|
|
puts("<select name=\"sec\">"); |
puts(" <select name=\"sec\">"); |
for (i = 0; i < sec_MAX; i++) { |
for (i = 0; i < sec_MAX; i++) { |
printf("<option value=\"%s\"", sec_numbers[i]); |
printf(" <option value=\"%s\"", sec_numbers[i]); |
if (NULL != req->q.sec && |
if (NULL != req->q.sec && |
0 == strcmp(sec_numbers[i], req->q.sec)) |
0 == strcmp(sec_numbers[i], req->q.sec)) |
printf(" selected=\"selected\""); |
printf(" selected=\"selected\""); |
printf(">%s</option>\n", sec_names[i]); |
printf(">%s</option>\n", sec_names[i]); |
} |
} |
puts("</select>"); |
puts(" </select>"); |
|
|
/* Write architecture selector. */ |
/* Write architecture selector. */ |
|
|
printf( "<select name=\"arch\">\n" |
printf( " <select name=\"arch\">\n" |
"<option value=\"default\""); |
" <option value=\"default\""); |
if (NULL == req->q.arch) |
if (NULL == req->q.arch) |
printf(" selected=\"selected\""); |
printf(" selected=\"selected\""); |
puts(">All Architectures</option>"); |
puts(">All Architectures</option>"); |
for (i = 0; i < arch_MAX; i++) { |
for (i = 0; i < arch_MAX; i++) { |
printf("<option value=\"%s\"", arch_names[i]); |
printf(" <option value=\"%s\"", arch_names[i]); |
if (NULL != req->q.arch && |
if (NULL != req->q.arch && |
0 == strcmp(arch_names[i], req->q.arch)) |
0 == strcmp(arch_names[i], req->q.arch)) |
printf(" selected=\"selected\""); |
printf(" selected=\"selected\""); |
printf(">%s</option>\n", arch_names[i]); |
printf(">%s</option>\n", arch_names[i]); |
} |
} |
puts("</select>"); |
puts(" </select>"); |
|
|
/* Write manpath selector. */ |
/* Write manpath selector. */ |
|
|
if (req->psz > 1) { |
if (req->psz > 1) { |
puts("<select name=\"manpath\">"); |
puts(" <select name=\"manpath\">"); |
for (i = 0; i < (int)req->psz; i++) { |
for (i = 0; i < (int)req->psz; i++) { |
printf("<option "); |
printf(" <option "); |
if (strcmp(req->q.manpath, req->p[i]) == 0) |
if (strcmp(req->q.manpath, req->p[i]) == 0) |
printf("selected=\"selected\" "); |
printf("selected=\"selected\" "); |
printf("value=\""); |
printf("value=\""); |
Line 444 resp_searchform(const struct req *req, enum focus focu |
|
Line 458 resp_searchform(const struct req *req, enum focus focu |
|
html_print(req->p[i]); |
html_print(req->p[i]); |
puts("</option>"); |
puts("</option>"); |
} |
} |
puts("</select>"); |
puts(" </select>"); |
} |
} |
|
|
puts("</fieldset>\n" |
puts(" </fieldset>\n" |
"</form>\n" |
"</form>"); |
"</div>"); |
|
puts("<!-- End search form. //-->"); |
|
} |
} |
|
|
static int |
static int |
|
|
pg_index(const struct req *req) |
pg_index(const struct req *req) |
{ |
{ |
|
|
resp_begin_html(200, NULL); |
resp_begin_html(200, NULL, NULL); |
resp_searchform(req, FOCUS_QUERY); |
resp_searchform(req, FOCUS_QUERY); |
printf("<p>\n" |
printf("<p>\n" |
"This web interface is documented in the\n" |
"This web interface is documented in the\n" |
"<a href=\"/%s%sman.cgi.8\">man.cgi(8)</a>\n" |
"<a class=\"Xr\" href=\"/%s%sman.cgi.8\">man.cgi(8)</a>\n" |
"manual, and the\n" |
"manual, and the\n" |
"<a href=\"/%s%sapropos.1\">apropos(1)</a>\n" |
"<a class=\"Xr\" href=\"/%s%sapropos.1\">apropos(1)</a>\n" |
"manual explains the query syntax.\n" |
"manual explains the query syntax.\n" |
"</p>\n", |
"</p>\n", |
scriptname, *scriptname == '\0' ? "" : "/", |
scriptname, *scriptname == '\0' ? "" : "/", |
Line 511 pg_index(const struct req *req) |
|
Line 523 pg_index(const struct req *req) |
|
static void |
static void |
pg_noresult(const struct req *req, const char *msg) |
pg_noresult(const struct req *req, const char *msg) |
{ |
{ |
resp_begin_html(200, NULL); |
resp_begin_html(200, NULL, NULL); |
resp_searchform(req, FOCUS_QUERY); |
resp_searchform(req, FOCUS_QUERY); |
puts("<p>"); |
puts("<p>"); |
puts(msg); |
puts(msg); |
|
|
pg_error_badrequest(const char *msg) |
pg_error_badrequest(const char *msg) |
{ |
{ |
|
|
resp_begin_html(400, "Bad Request"); |
resp_begin_html(400, "Bad Request", NULL); |
puts("<h1>Bad Request</h1>\n" |
puts("<h1>Bad Request</h1>\n" |
"<p>\n"); |
"<p>\n"); |
puts(msg); |
puts(msg); |
Line 536 pg_error_badrequest(const char *msg) |
|
Line 548 pg_error_badrequest(const char *msg) |
|
static void |
static void |
pg_error_internal(void) |
pg_error_internal(void) |
{ |
{ |
resp_begin_html(500, "Internal Server Error"); |
resp_begin_html(500, "Internal Server Error", NULL); |
puts("<p>Internal Server Error</p>"); |
puts("<p>Internal Server Error</p>"); |
resp_end_html(); |
resp_end_html(); |
} |
} |
|
|
static void |
static void |
|
pg_redirect(const struct req *req, const char *name) |
|
{ |
|
printf("Status: 303 See Other\r\n" |
|
"Location: /"); |
|
if (*scriptname != '\0') |
|
printf("%s/", scriptname); |
|
if (strcmp(req->q.manpath, req->p[0])) |
|
printf("%s/", req->q.manpath); |
|
if (req->q.arch != NULL) |
|
printf("%s/", req->q.arch); |
|
printf("%s", name); |
|
if (req->q.sec != NULL) |
|
printf(".%s", req->q.sec); |
|
printf("\r\nContent-Type: text/html; charset=utf-8\r\n\r\n"); |
|
} |
|
|
|
static void |
pg_searchres(const struct req *req, struct manpage *r, size_t sz) |
pg_searchres(const struct req *req, struct manpage *r, size_t sz) |
{ |
{ |
char *arch, *archend; |
char *arch, *archend; |
Line 564 pg_searchres(const struct req *req, struct manpage *r, |
|
Line 593 pg_searchres(const struct req *req, struct manpage *r, |
|
* If we have just one result, then jump there now |
* If we have just one result, then jump there now |
* without any delay. |
* without any delay. |
*/ |
*/ |
printf("Status: 303 See Other\r\n"); |
printf("Status: 303 See Other\r\n" |
printf("Location: http://%s/%s%s%s/%s", |
"Location: /"); |
HTTP_HOST, scriptname, |
if (*scriptname != '\0') |
*scriptname == '\0' ? "" : "/", |
printf("%s/", scriptname); |
req->q.manpath, r[0].file); |
if (strcmp(req->q.manpath, req->p[0])) |
printf("\r\n" |
printf("%s/", req->q.manpath); |
"Content-Type: text/html; charset=utf-8\r\n" |
printf("%s\r\n" |
"\r\n"); |
"Content-Type: text/html; charset=utf-8\r\n\r\n", |
|
r[0].file); |
return; |
return; |
} |
} |
|
|
resp_begin_html(200, NULL); |
|
resp_searchform(req, |
|
req->q.equal || sz == 1 ? FOCUS_NONE : FOCUS_QUERY); |
|
|
|
if (sz > 1) { |
|
puts("<div class=\"results\">"); |
|
puts("<table>"); |
|
|
|
for (i = 0; i < sz; i++) { |
|
printf("<tr>\n" |
|
"<td class=\"title\">\n" |
|
"<a href=\"/%s%s%s/%s", |
|
scriptname, *scriptname == '\0' ? "" : "/", |
|
req->q.manpath, r[i].file); |
|
printf("\">"); |
|
html_print(r[i].names); |
|
printf("</a>\n" |
|
"</td>\n" |
|
"<td class=\"desc\">"); |
|
html_print(r[i].output); |
|
puts("</td>\n" |
|
"</tr>"); |
|
} |
|
|
|
puts("</table>\n" |
|
"</div>"); |
|
} |
|
|
|
/* |
/* |
* In man(1) mode, show one of the pages |
* In man(1) mode, show one of the pages |
* even if more than one is found. |
* even if more than one is found. |
*/ |
*/ |
|
|
|
iuse = 0; |
if (req->q.equal || sz == 1) { |
if (req->q.equal || sz == 1) { |
puts("<hr>"); |
|
iuse = 0; |
|
priouse = 20; |
priouse = 20; |
archpriouse = 3; |
archpriouse = 3; |
for (i = 0; i < sz; i++) { |
for (i = 0; i < sz; i++) { |
Line 643 pg_searchres(const struct req *req, struct manpage *r, |
|
Line 644 pg_searchres(const struct req *req, struct manpage *r, |
|
priouse = prio; |
priouse = prio; |
iuse = i; |
iuse = i; |
} |
} |
|
resp_begin_html(200, NULL, r[iuse].file); |
|
} else |
|
resp_begin_html(200, NULL, NULL); |
|
|
|
resp_searchform(req, |
|
req->q.equal || sz == 1 ? FOCUS_NONE : FOCUS_QUERY); |
|
|
|
if (sz > 1) { |
|
puts("<table class=\"results\">"); |
|
for (i = 0; i < sz; i++) { |
|
printf(" <tr>\n" |
|
" <td>" |
|
"<a class=\"Xr\" href=\"/"); |
|
if (*scriptname != '\0') |
|
printf("%s/", scriptname); |
|
if (strcmp(req->q.manpath, req->p[0])) |
|
printf("%s/", req->q.manpath); |
|
printf("%s\">", r[i].file); |
|
html_print(r[i].names); |
|
printf("</a></td>\n" |
|
" <td><span class=\"Nd\">"); |
|
html_print(r[i].output); |
|
puts("</span></td>\n" |
|
" </tr>"); |
|
} |
|
puts("</table>"); |
|
} |
|
|
|
if (req->q.equal || sz == 1) { |
|
puts("<hr>"); |
resp_show(req, r[iuse].file); |
resp_show(req, r[iuse].file); |
} |
} |
|
|
Line 803 resp_format(const struct req *req, const char *file) |
|
Line 834 resp_format(const struct req *req, const char *file) |
|
|
|
mchars_alloc(); |
mchars_alloc(); |
mp = mparse_alloc(MPARSE_SO | MPARSE_UTF8 | MPARSE_LATIN1, |
mp = mparse_alloc(MPARSE_SO | MPARSE_UTF8 | MPARSE_LATIN1, |
MANDOCLEVEL_BADARG, NULL, req->q.manpath); |
MANDOCERR_MAX, NULL, MANDOC_OS_OTHER, req->q.manpath); |
mparse_readfd(mp, fd, file); |
mparse_readfd(mp, fd, file); |
close(fd); |
close(fd); |
|
|
memset(&conf, 0, sizeof(conf)); |
memset(&conf, 0, sizeof(conf)); |
conf.fragment = 1; |
conf.fragment = 1; |
|
conf.style = mandoc_strdup(CSS_DIR "/mandoc.css"); |
usepath = strcmp(req->q.manpath, req->p[0]); |
usepath = strcmp(req->q.manpath, req->p[0]); |
mandoc_asprintf(&conf.man, "/%s%s%%N.%%S", |
mandoc_asprintf(&conf.man, "/%s%s%s%s%%N.%%S", |
|
scriptname, *scriptname == '\0' ? "" : "/", |
usepath ? req->q.manpath : "", usepath ? "/" : ""); |
usepath ? req->q.manpath : "", usepath ? "/" : ""); |
|
|
mparse_result(mp, &man, NULL); |
mparse_result(mp, &man, NULL); |
Line 836 resp_format(const struct req *req, const char *file) |
|
Line 869 resp_format(const struct req *req, const char *file) |
|
mparse_free(mp); |
mparse_free(mp); |
mchars_free(); |
mchars_free(); |
free(conf.man); |
free(conf.man); |
|
free(conf.style); |
} |
} |
|
|
static void |
static void |
Line 892 pg_show(struct req *req, const char *fullpath) |
|
Line 926 pg_show(struct req *req, const char *fullpath) |
|
return; |
return; |
} |
} |
|
|
resp_begin_html(200, NULL); |
resp_begin_html(200, NULL, file); |
resp_searchform(req, FOCUS_NONE); |
resp_searchform(req, FOCUS_NONE); |
resp_show(req, file); |
resp_show(req, file); |
resp_end_html(); |
resp_end_html(); |
Line 962 pg_search(const struct req *req) |
|
Line 996 pg_search(const struct req *req) |
|
} |
} |
} |
} |
|
|
if (0 == mansearch(&search, &paths, argc, argv, &res, &ressz)) |
res = NULL; |
|
ressz = 0; |
|
if (req->isquery && req->q.equal && argc == 1) |
|
pg_redirect(req, argv[0]); |
|
else if (mansearch(&search, &paths, argc, argv, &res, &ressz) == 0) |
pg_noresult(req, "You entered an invalid query."); |
pg_noresult(req, "You entered an invalid query."); |
else if (0 == ressz) |
else if (ressz == 0) |
pg_noresult(req, "No results found."); |
pg_noresult(req, "No results found."); |
else |
else |
pg_searchres(req, res, ressz); |
pg_searchres(req, res, ressz); |
|
|
const char *querystring; |
const char *querystring; |
int i; |
int i; |
|
|
|
#if HAVE_PLEDGE |
|
/* |
|
* The "rpath" pledge could be revoked after mparse_readfd() |
|
* if the file desciptor to "/footer.html" would be opened |
|
* up front, but it's probably not worth the complication |
|
* of the code it would cause: it would require scattering |
|
* pledge() calls in multiple low-level resp_*() functions. |
|
*/ |
|
|
|
if (pledge("stdio rpath", NULL) == -1) { |
|
warn("pledge"); |
|
pg_error_internal(); |
|
return EXIT_FAILURE; |
|
} |
|
#endif |
|
|
/* Poor man's ReDoS mitigation. */ |
/* Poor man's ReDoS mitigation. */ |
|
|
itimer.it_value.tv_sec = 2; |
itimer.it_value.tv_sec = 2; |
|
|
|
|
if (*path != '\0') { |
if (*path != '\0') { |
parse_path_info(&req, path); |
parse_path_info(&req, path); |
if (req.q.manpath == NULL || access(path, F_OK) == -1) |
if (req.q.manpath == NULL || req.q.sec == NULL || |
|
*req.q.query == '\0' || access(path, F_OK) == -1) |
path = ""; |
path = ""; |
} else if ((querystring = getenv("QUERY_STRING")) != NULL) |
} else if ((querystring = getenv("QUERY_STRING")) != NULL) |
parse_query_string(&req, querystring); |
parse_query_string(&req, querystring); |