1 /* $Id: cgi.c,v 1.102 2014/11/26 17:55:27 schwarze Exp $ */
3 * Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv>
4 * Copyright (c) 2014 Ingo Schwarze <schwarze@usta.de>
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 #include <sys/types.h>
34 #include "mandoc_aux.h"
37 #include "mansearch.h"
41 * A query as passed to the search function.
44 char *manpath; /* desired manual directory */
45 char *arch; /* architecture */
46 char *sec; /* manual section */
47 char *query; /* unparsed query expression */
48 int equal; /* match whole names, not substrings */
53 char **p; /* array of available manpaths */
54 size_t psz; /* number of available manpaths */
57 static void catman(const struct req *, const char *);
58 static void format(const struct req *, const char *);
59 static void html_print(const char *);
60 static void html_putchar(char);
61 static int http_decode(char *);
62 static void http_parse(struct req *, const char *);
63 static void http_print(const char *);
64 static void http_putchar(char);
65 static void http_printquery(const struct req *, const char *);
66 static void pathgen(struct req *);
67 static void pg_error_badrequest(const char *);
68 static void pg_error_internal(void);
69 static void pg_index(const struct req *);
70 static void pg_noresult(const struct req *, const char *);
71 static void pg_search(const struct req *);
72 static void pg_searchres(const struct req *,
73 struct manpage *, size_t);
74 static void pg_show(struct req *, const char *);
75 static void resp_begin_html(int, const char *);
76 static void resp_begin_http(int, const char *);
77 static void resp_end_html(void);
78 static void resp_searchform(const struct req *);
79 static void resp_show(const struct req *, const char *);
80 static void set_query_attr(char **, char **);
81 static int validate_filename(const char *);
82 static int validate_manpath(const struct req *, const char *);
83 static int validate_urifrag(const char *);
85 static const char *scriptname; /* CGI script name */
87 static const int sec_prios[] = {1, 4, 5, 8, 6, 3, 7, 2, 9};
88 static const char *const sec_numbers[] = {
89 "0", "1", "2", "3", "3p", "4", "5", "6", "7", "8", "9"
91 static const char *const sec_names[] = {
93 "1 - General Commands",
95 "3 - Library Functions",
100 "7 - Miscellaneous Information",
101 "8 - System Manager\'s Manual",
102 "9 - Kernel Developer\'s Manual"
104 static const int sec_MAX = sizeof(sec_names) / sizeof(char *);
106 static const char *const arch_names[] = {
107 "amd64", "alpha", "armish", "armv7",
108 "aviion", "hppa", "hppa64", "i386",
109 "ia64", "landisk", "loongson", "luna88k",
110 "macppc", "mips64", "octeon", "sgi",
111 "socppc", "solbourne", "sparc", "sparc64",
113 "amiga", "arc", "arm32", "atari",
114 "beagle", "cats", "hp300", "mac68k",
115 "mvme68k", "mvme88k", "mvmeppc", "palm",
116 "pc532", "pegasos", "pmax", "powerpc",
117 "sun3", "wgrisc", "x68k"
119 static const int arch_MAX = sizeof(arch_names) / sizeof(char *);
122 * Print a character, escaping HTML along the way.
123 * This will pass non-ASCII straight to output: be warned!
143 putchar((unsigned char)c);
149 http_printquery(const struct req *req, const char *sep)
152 if (NULL != req->q.query) {
154 http_print(req->q.query);
156 if (0 == req->q.equal)
157 printf("%sapropos=1", sep);
158 if (NULL != req->q.sec) {
159 printf("%ssec=", sep);
160 http_print(req->q.sec);
162 if (NULL != req->q.arch) {
163 printf("%sarch=", sep);
164 http_print(req->q.arch);
166 if (strcmp(req->q.manpath, req->p[0])) {
167 printf("%smanpath=", sep);
168 http_print(req->q.manpath);
173 http_print(const char *p)
183 * Call through to html_putchar().
184 * Accepts NULL strings.
187 html_print(const char *p)
197 * Transfer the responsibility for the allocated string *val
198 * to the query structure.
201 set_query_attr(char **attr, char **val)
214 * Parse the QUERY_STRING for key-value pairs
215 * and store the values into the query structure.
218 http_parse(struct req *req, const char *qs)
223 req->q.manpath = NULL;
230 while (*qs != '\0') {
234 keysz = strcspn(qs, "=;&");
235 key = mandoc_strndup(qs, keysz);
240 /* Parse one value. */
242 valsz = strcspn(++qs, ";&");
243 val = mandoc_strndup(qs, valsz);
246 /* Decode and catch encoding errors. */
248 if ( ! (http_decode(key) && http_decode(val)))
251 /* Handle key-value pairs. */
253 if ( ! strcmp(key, "query"))
254 set_query_attr(&req->q.query, &val);
256 else if ( ! strcmp(key, "apropos"))
257 req->q.equal = !strcmp(val, "0");
259 else if ( ! strcmp(key, "manpath")) {
261 if ( ! strncmp(val, "OpenBSD ", 8)) {
267 set_query_attr(&req->q.manpath, &val);
270 else if ( ! (strcmp(key, "sec")
272 && strcmp(key, "sektion")
275 if ( ! strcmp(val, "0"))
277 set_query_attr(&req->q.sec, &val);
280 else if ( ! strcmp(key, "arch")) {
281 if ( ! strcmp(val, "default"))
283 set_query_attr(&req->q.arch, &val);
287 * The key must be freed in any case.
288 * The val may have been handed over to the query
289 * structure, in which case it is now NULL.
306 if (isalnum((unsigned char)c)) {
307 putchar((unsigned char)c);
309 } else if (' ' == c) {
317 * HTTP-decode a string. The standard explanation is that this turns
318 * "%4e+foo" into "n foo" in the regular way. This is done in-place
319 * over the allocated string.
331 for ( ; '\0' != *p; p++, q++) {
333 if ('\0' == (hex[0] = *(p + 1)))
335 if ('\0' == (hex[1] = *(p + 2)))
337 if (1 != sscanf(hex, "%x", &c))
345 *q = '+' == *p ? ' ' : *p;
353 resp_begin_http(int code, const char *msg)
357 printf("Status: %d %s\r\n", code, msg);
359 printf("Content-Type: text/html; charset=utf-8\r\n"
360 "Cache-Control: no-cache\r\n"
361 "Pragma: no-cache\r\n"
368 resp_begin_html(int code, const char *msg)
371 resp_begin_http(code, msg);
373 printf("<!DOCTYPE html>\n"
376 "<META CHARSET=\"UTF-8\" />\n"
377 "<LINK REL=\"stylesheet\" HREF=\"%s/man-cgi.css\""
378 " TYPE=\"text/css\" media=\"all\">\n"
379 "<LINK REL=\"stylesheet\" HREF=\"%s/man.css\""
380 " TYPE=\"text/css\" media=\"all\">\n"
381 "<TITLE>%s</TITLE>\n"
384 "<!-- Begin page content. //-->\n",
385 CSS_DIR, CSS_DIR, CUSTOMIZE_TITLE);
397 resp_searchform(const struct req *req)
401 puts(CUSTOMIZE_BEGIN);
402 puts("<!-- Begin search form. //-->");
403 printf("<DIV ID=\"mancgi\">\n"
404 "<FORM ACTION=\"%s\" METHOD=\"get\">\n"
406 "<LEGEND>Manual Page Search Parameters</LEGEND>\n",
409 /* Write query input box. */
411 printf( "<TABLE><TR><TD>\n"
412 "<INPUT TYPE=\"text\" NAME=\"query\" VALUE=\"");
413 if (NULL != req->q.query)
414 html_print(req->q.query);
415 puts("\" SIZE=\"40\">");
417 /* Write submission and reset buttons. */
419 printf( "<INPUT TYPE=\"submit\" VALUE=\"Submit\">\n"
420 "<INPUT TYPE=\"reset\" VALUE=\"Reset\">\n");
422 /* Write show radio button */
424 printf( "</TD><TD>\n"
425 "<INPUT TYPE=\"radio\" ");
427 printf("CHECKED=\"checked\" ");
428 printf( "NAME=\"apropos\" ID=\"show\" VALUE=\"0\">\n"
429 "<LABEL FOR=\"show\">Show named manual page</LABEL>\n");
431 /* Write section selector. */
433 puts( "</TD></TR><TR><TD>\n"
434 "<SELECT NAME=\"sec\">");
435 for (i = 0; i < sec_MAX; i++) {
436 printf("<OPTION VALUE=\"%s\"", sec_numbers[i]);
437 if (NULL != req->q.sec &&
438 0 == strcmp(sec_numbers[i], req->q.sec))
439 printf(" SELECTED=\"selected\"");
440 printf(">%s</OPTION>\n", sec_names[i]);
444 /* Write architecture selector. */
446 printf( "<SELECT NAME=\"arch\">\n"
447 "<OPTION VALUE=\"default\"");
448 if (NULL == req->q.arch)
449 printf(" SELECTED=\"selected\"");
450 puts(">All Architectures</OPTION>");
451 for (i = 0; i < arch_MAX; i++) {
452 printf("<OPTION VALUE=\"%s\"", arch_names[i]);
453 if (NULL != req->q.arch &&
454 0 == strcmp(arch_names[i], req->q.arch))
455 printf(" SELECTED=\"selected\"");
456 printf(">%s</OPTION>\n", arch_names[i]);
460 /* Write manpath selector. */
463 puts("<SELECT NAME=\"manpath\">");
464 for (i = 0; i < (int)req->psz; i++) {
466 if (strcmp(req->q.manpath, req->p[i]) == 0)
467 printf("SELECTED=\"selected\" ");
469 html_print(req->p[i]);
471 html_print(req->p[i]);
477 /* Write search radio button */
479 printf( "</TD><TD>\n"
480 "<INPUT TYPE=\"radio\" ");
481 if (0 == req->q.equal)
482 printf("CHECKED=\"checked\" ");
483 printf( "NAME=\"apropos\" ID=\"search\" VALUE=\"1\">\n"
484 "<LABEL FOR=\"search\">Search with apropos query</LABEL>\n");
486 puts("</TD></TR></TABLE>\n"
490 puts("<!-- End search form. //-->");
494 validate_urifrag(const char *frag)
497 while ('\0' != *frag) {
498 if ( ! (isalnum((unsigned char)*frag) ||
499 '-' == *frag || '.' == *frag ||
500 '/' == *frag || '_' == *frag))
508 validate_manpath(const struct req *req, const char* manpath)
512 if ( ! strcmp(manpath, "mandoc"))
515 for (i = 0; i < req->psz; i++)
516 if ( ! strcmp(manpath, req->p[i]))
523 validate_filename(const char *file)
526 if ('.' == file[0] && '/' == file[1])
529 return ( ! (strstr(file, "../") || strstr(file, "/..") ||
530 (strncmp(file, "man", 3) && strncmp(file, "cat", 3))));
534 pg_index(const struct req *req)
537 resp_begin_html(200, NULL);
538 resp_searchform(req);
540 "This web interface is documented in the\n"
541 "<A HREF=\"%s/mandoc/man8/man.cgi.8\">man.cgi</A>\n"
543 "<A HREF=\"%s/mandoc/man1/apropos.1\">apropos</A>\n"
544 "manual explains the query syntax.\n"
546 scriptname, scriptname);
551 pg_noresult(const struct req *req, const char *msg)
553 resp_begin_html(200, NULL);
554 resp_searchform(req);
562 pg_error_badrequest(const char *msg)
565 resp_begin_html(400, "Bad Request");
566 puts("<H1>Bad Request</H1>\n"
569 printf("Try again from the\n"
570 "<A HREF=\"%s\">main page</A>.\n"
576 pg_error_internal(void)
578 resp_begin_html(500, "Internal Server Error");
579 puts("<P>Internal Server Error</P>");
584 pg_searchres(const struct req *req, struct manpage *r, size_t sz)
586 char *arch, *archend;
587 size_t i, iuse, isec;
588 int archprio, archpriouse;
592 for (i = 0; i < sz; i++) {
593 if (validate_filename(r[i].file))
595 fprintf(stderr, "invalid filename %s in %s database\n",
596 r[i].file, req->q.manpath);
603 * If we have just one result, then jump there now
606 printf("Status: 303 See Other\r\n");
607 printf("Location: http://%s%s/%s/%s?",
608 HTTP_HOST, scriptname, req->q.manpath, r[0].file);
609 http_printquery(req, "&");
611 "Content-Type: text/html; charset=utf-8\r\n"
616 resp_begin_html(200, NULL);
617 resp_searchform(req);
618 puts("<DIV CLASS=\"results\">");
621 for (i = 0; i < sz; i++) {
623 "<TD CLASS=\"title\">\n"
624 "<A HREF=\"%s/%s/%s?",
625 scriptname, req->q.manpath, r[i].file);
626 http_printquery(req, "&");
628 html_print(r[i].names);
631 "<TD CLASS=\"desc\">");
632 html_print(r[i].output);
641 * In man(1) mode, show one of the pages
642 * even if more than one is found.
650 for (i = 0; i < sz; i++) {
651 isec = strcspn(r[i].file, "123456789");
652 sec = r[i].file[isec];
655 prio = sec_prios[sec - '1'];
656 if (NULL == req->q.arch) {
658 (NULL == (arch = strchr(
659 r[i].file + isec, '/'))) ? 3 :
660 (NULL == (archend = strchr(
661 arch + 1, '/'))) ? 0 :
662 strncmp(arch, "amd64/",
663 archend - arch) ? 2 : 1;
664 if (archprio < archpriouse) {
665 archpriouse = archprio;
670 if (archprio > archpriouse)
678 resp_show(req, r[iuse].file);
685 catman(const struct req *req, const char *file)
693 if (NULL == (f = fopen(file, "r"))) {
694 puts("<P>You specified an invalid manual file.</P>");
698 puts("<DIV CLASS=\"catman\">\n"
701 while (NULL != (p = fgetln(f, &len))) {
703 for (i = 0; i < (int)len - 1; i++) {
705 * This means that the catpage is out of state.
706 * Ignore it and keep going (although the
710 if ('\b' == p[i] || '\n' == p[i])
714 * Print a regular character.
715 * Close out any bold/italic scopes.
716 * If we're in back-space mode, make sure we'll
717 * have something to enter when we backspace.
720 if ('\b' != p[i + 1]) {
728 } else if (i + 2 >= (int)len)
746 * Handle funny behaviour troff-isms.
747 * These grok'd from the original man2html.c.
750 if (('+' == p[i] && 'o' == p[i + 2]) ||
751 ('o' == p[i] && '+' == p[i + 2]) ||
752 ('|' == p[i] && '=' == p[i + 2]) ||
753 ('=' == p[i] && '|' == p[i + 2]) ||
754 ('*' == p[i] && '=' == p[i + 2]) ||
755 ('=' == p[i] && '*' == p[i + 2]) ||
756 ('*' == p[i] && '|' == p[i + 2]) ||
757 ('|' == p[i] && '*' == p[i + 2])) {
766 } else if (('|' == p[i] && '-' == p[i + 2]) ||
767 ('-' == p[i] && '|' == p[i + 1]) ||
768 ('+' == p[i] && '-' == p[i + 1]) ||
769 ('-' == p[i] && '+' == p[i + 1]) ||
770 ('+' == p[i] && '|' == p[i + 1]) ||
771 ('|' == p[i] && '+' == p[i + 1])) {
795 * Clean up the last character.
796 * We can get to a newline; don't print that.
804 if (i == (int)len - 1 && '\n' != p[i])
817 format(const struct req *req, const char *file)
820 struct mchars *mchars;
829 if (-1 == (fd = open(file, O_RDONLY, 0))) {
830 puts("<P>You specified an invalid manual file.</P>");
834 mchars = mchars_alloc();
835 mp = mparse_alloc(MPARSE_SO, MANDOCLEVEL_FATAL, NULL,
836 mchars, req->q.manpath);
837 rc = mparse_readfd(mp, fd, file);
840 if (rc >= MANDOCLEVEL_FATAL) {
841 fprintf(stderr, "fatal mandoc error: %s/%s\n",
842 req->q.manpath, file);
847 usepath = strcmp(req->q.manpath, req->p[0]);
848 mandoc_asprintf(&opts,
849 "fragment,man=%s?query=%%N&sec=%%S%s%s%s%s",
851 req->q.arch ? "&arch=" : "",
852 req->q.arch ? req->q.arch : "",
853 usepath ? "&manpath=" : "",
854 usepath ? req->q.manpath : "");
856 mparse_result(mp, &mdoc, &man, NULL);
857 if (NULL == man && NULL == mdoc) {
858 fprintf(stderr, "fatal mandoc error: %s/%s\n",
859 req->q.manpath, file);
866 vp = html_alloc(mchars, opts);
880 resp_show(const struct req *req, const char *file)
883 if ('.' == file[0] && '/' == file[1])
893 pg_show(struct req *req, const char *fullpath)
898 if ((file = strchr(fullpath, '/')) == NULL) {
900 "You did not specify a page to show.");
903 manpath = mandoc_strndup(fullpath, file - fullpath);
906 if ( ! validate_manpath(req, manpath)) {
908 "You specified an invalid manpath.");
914 * Begin by chdir()ing into the manpath.
915 * This way we can pick up the database files, which are
916 * relative to the manpath root.
919 if (chdir(manpath) == -1) {
920 fprintf(stderr, "chdir %s: %s\n",
921 manpath, strerror(errno));
927 if (strcmp(manpath, "mandoc")) {
928 free(req->q.manpath);
929 req->q.manpath = manpath;
933 if ( ! validate_filename(file)) {
935 "You specified an invalid manual file.");
939 resp_begin_html(200, NULL);
940 resp_searchform(req);
941 resp_show(req, file);
946 pg_search(const struct req *req)
948 struct mansearch search;
949 struct manpaths paths;
952 char *query, *rp, *wp;
957 * Begin by chdir()ing into the root of the manpath.
958 * This way we can pick up the database files, which are
959 * relative to the manpath root.
962 if (-1 == (chdir(req->q.manpath))) {
963 fprintf(stderr, "chdir %s: %s\n",
964 req->q.manpath, strerror(errno));
969 search.arch = req->q.arch;
970 search.sec = req->q.sec;
971 search.outkey = "Nd";
972 search.argmode = req->q.equal ? ARG_NAME : ARG_EXPR;
973 search.firstmatch = 1;
976 paths.paths = mandoc_malloc(sizeof(char *));
977 paths.paths[0] = mandoc_strdup(".");
980 * Break apart at spaces with backslash-escaping.
985 rp = query = mandoc_strdup(req->q.query);
987 while (isspace((unsigned char)*rp))
991 argv = mandoc_reallocarray(argv, argc + 1, sizeof(char *));
992 argv[argc++] = wp = rp;
994 if (isspace((unsigned char)*rp)) {
999 if (rp[0] == '\\' && rp[1] != '\0')
1010 if (0 == mansearch(&search, &paths, argc, argv, &res, &ressz))
1011 pg_noresult(req, "You entered an invalid query.");
1012 else if (0 == ressz)
1013 pg_noresult(req, "No results found.");
1015 pg_searchres(req, res, ressz);
1018 mansearch_free(res, ressz);
1019 free(paths.paths[0]);
1027 struct itimerval itimer;
1029 const char *querystring;
1032 /* Poor man's ReDoS mitigation. */
1034 itimer.it_value.tv_sec = 2;
1035 itimer.it_value.tv_usec = 0;
1036 itimer.it_interval.tv_sec = 2;
1037 itimer.it_interval.tv_usec = 0;
1038 if (setitimer(ITIMER_VIRTUAL, &itimer, NULL) == -1) {
1039 fprintf(stderr, "setitimer: %s\n", strerror(errno));
1040 pg_error_internal();
1041 return(EXIT_FAILURE);
1044 /* Scan our run-time environment. */
1046 if (NULL == (scriptname = getenv("SCRIPT_NAME")))
1049 if ( ! validate_urifrag(scriptname)) {
1050 fprintf(stderr, "unsafe SCRIPT_NAME \"%s\"\n",
1052 pg_error_internal();
1053 return(EXIT_FAILURE);
1057 * First we change directory into the MAN_DIR so that
1058 * subsequent scanning for manpath directories is rooted
1059 * relative to the same position.
1062 if (-1 == chdir(MAN_DIR)) {
1063 fprintf(stderr, "MAN_DIR: %s: %s\n",
1064 MAN_DIR, strerror(errno));
1065 pg_error_internal();
1066 return(EXIT_FAILURE);
1069 memset(&req, 0, sizeof(struct req));
1072 /* Next parse out the query string. */
1074 if (NULL != (querystring = getenv("QUERY_STRING")))
1075 http_parse(&req, querystring);
1077 if (req.q.manpath == NULL)
1078 req.q.manpath = mandoc_strdup(req.p[0]);
1079 else if ( ! validate_manpath(&req, req.q.manpath)) {
1080 pg_error_badrequest(
1081 "You specified an invalid manpath.");
1082 return(EXIT_FAILURE);
1085 if ( ! (NULL == req.q.arch || validate_urifrag(req.q.arch))) {
1086 pg_error_badrequest(
1087 "You specified an invalid architecture.");
1088 return(EXIT_FAILURE);
1091 /* Dispatch to the three different pages. */
1093 path = getenv("PATH_INFO");
1096 else if ('/' == *path)
1100 pg_show(&req, path);
1101 else if (NULL != req.q.query)
1106 free(req.q.manpath);
1110 for (i = 0; i < (int)req.psz; i++)
1113 return(EXIT_SUCCESS);
1117 * Scan for indexable paths.
1120 pathgen(struct req *req)
1126 if (NULL == (fp = fopen("manpath.conf", "r"))) {
1127 fprintf(stderr, "%s/manpath.conf: %s\n",
1128 MAN_DIR, strerror(errno));
1129 pg_error_internal();
1133 while (NULL != (dp = fgetln(fp, &dpsz))) {
1134 if ('\n' == dp[dpsz - 1])
1136 req->p = mandoc_realloc(req->p,
1137 (req->psz + 1) * sizeof(char *));
1138 dp = mandoc_strndup(dp, dpsz);
1139 if ( ! validate_urifrag(dp)) {
1140 fprintf(stderr, "%s/manpath.conf contains "
1141 "unsafe path \"%s\"\n", MAN_DIR, dp);
1142 pg_error_internal();
1145 if (NULL != strchr(dp, '/')) {
1146 fprintf(stderr, "%s/manpath.conf contains "
1147 "path with slash \"%s\"\n", MAN_DIR, dp);
1148 pg_error_internal();
1151 req->p[req->psz++] = dp;
1154 if ( req->p == NULL ) {
1155 fprintf(stderr, "%s/manpath.conf is empty\n", MAN_DIR);
1156 pg_error_internal();
projects / FreeBSD / FreeBSD.git / blob