Annotation of src/usr.bin/mandoc/cgi.c, Revision 1.20
1.20 ! schwarze 1: /* $Id: cgi.c,v 1.19 2014/07/21 22:32:55 schwarze Exp $ */
1.1 schwarze 2: /*
3: * Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv>
4: * Copyright (c) 2014 Ingo Schwarze <schwarze@usta.de>
5: *
6: * Permission to use, copy, modify, and distribute this software for any
7: * purpose with or without fee is hereby granted, provided that the above
8: * copyright notice and this permission notice appear in all copies.
9: *
10: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17: */
18: #include <ctype.h>
19: #include <errno.h>
20: #include <fcntl.h>
21: #include <limits.h>
22: #include <stdio.h>
23: #include <stdlib.h>
24: #include <string.h>
25: #include <unistd.h>
26:
27: #include "mandoc.h"
28: #include "mandoc_aux.h"
29: #include "main.h"
30: #include "manpath.h"
31: #include "mansearch.h"
1.7 schwarze 32: #include "cgi.h"
1.1 schwarze 33:
34: /*
35: * A query as passed to the search function.
36: */
37: struct query {
38: const char *manpath; /* desired manual directory */
39: const char *arch; /* architecture */
40: const char *sec; /* manual section */
41: const char *expr; /* unparsed expression string */
1.5 schwarze 42: int equal; /* match whole names, not substrings */
1.1 schwarze 43: };
44:
45: struct req {
46: struct query q;
47: char **p; /* array of available manpaths */
48: size_t psz; /* number of available manpaths */
49: };
50:
51: static void catman(const struct req *, const char *);
52: static int cmp(const void *, const void *);
53: static void format(const struct req *, const char *);
54: static void html_print(const char *);
55: static void html_printquery(const struct req *);
56: static void html_putchar(char);
57: static int http_decode(char *);
58: static void http_parse(struct req *, char *);
59: static void http_print(const char *);
60: static void http_putchar(char);
61: static void http_printquery(const struct req *);
62: static void pathgen(struct req *);
1.12 schwarze 63: static void pg_error_badrequest(const char *);
64: static void pg_error_internal(void);
65: static void pg_index(const struct req *);
66: static void pg_noresult(const struct req *, const char *);
1.6 schwarze 67: static void pg_search(const struct req *);
1.12 schwarze 68: static void pg_searchres(const struct req *,
69: struct manpage *, size_t);
1.19 schwarze 70: static void pg_show(struct req *, const char *);
1.1 schwarze 71: static void resp_begin_html(int, const char *);
72: static void resp_begin_http(int, const char *);
73: static void resp_end_html(void);
74: static void resp_searchform(const struct req *);
1.10 schwarze 75: static void resp_show(const struct req *, const char *);
1.1 schwarze 76:
77: static const char *scriptname; /* CGI script name */
78:
1.10 schwarze 79: static const int sec_prios[] = {1, 4, 5, 8, 6, 3, 7, 2, 9};
1.8 schwarze 80: static const char *const sec_numbers[] = {
81: "0", "1", "2", "3", "3p", "4", "5", "6", "7", "8", "9"
82: };
83: static const char *const sec_names[] = {
84: "All Sections",
85: "1 - General Commands",
86: "2 - System Calls",
87: "3 - Subroutines",
88: "3p - Perl Subroutines",
89: "4 - Special Files",
90: "5 - File Formats",
91: "6 - Games",
92: "7 - Macros and Conventions",
93: "8 - Maintenance Commands",
94: "9 - Kernel Interface"
95: };
96: static const int sec_MAX = sizeof(sec_names) / sizeof(char *);
97:
98: static const char *const arch_names[] = {
99: "amd64", "alpha", "armish", "armv7",
100: "aviion", "hppa", "hppa64", "i386",
101: "ia64", "landisk", "loongson", "luna88k",
102: "macppc", "mips64", "octeon", "sgi",
103: "socppc", "solbourne", "sparc", "sparc64",
104: "vax", "zaurus",
105: "amiga", "arc", "arm32", "atari",
106: "beagle", "cats", "hp300", "mac68k",
107: "mvme68k", "mvme88k", "mvmeppc", "palm",
108: "pc532", "pegasos", "pmax", "powerpc",
109: "sun3", "wgrisc", "x68k"
110: };
111: static const int arch_MAX = sizeof(arch_names) / sizeof(char *);
112:
1.1 schwarze 113: /*
114: * Print a character, escaping HTML along the way.
115: * This will pass non-ASCII straight to output: be warned!
116: */
117: static void
118: html_putchar(char c)
119: {
120:
121: switch (c) {
122: case ('"'):
123: printf(""e;");
124: break;
125: case ('&'):
126: printf("&");
127: break;
128: case ('>'):
129: printf(">");
130: break;
131: case ('<'):
132: printf("<");
133: break;
134: default:
135: putchar((unsigned char)c);
136: break;
137: }
138: }
139:
140: static void
141: http_printquery(const struct req *req)
142: {
143:
144: if (NULL != req->q.manpath) {
145: printf("&manpath=");
146: http_print(req->q.manpath);
147: }
148: if (NULL != req->q.sec) {
149: printf("&sec=");
150: http_print(req->q.sec);
151: }
152: if (NULL != req->q.arch) {
153: printf("&arch=");
154: http_print(req->q.arch);
155: }
156: if (NULL != req->q.expr) {
1.5 schwarze 157: printf("&query=");
158: http_print(req->q.expr);
1.1 schwarze 159: }
1.5 schwarze 160: if (0 == req->q.equal)
161: printf("&apropos=1");
1.1 schwarze 162: }
163:
164: static void
165: html_printquery(const struct req *req)
166: {
167:
168: if (NULL != req->q.manpath) {
169: printf("&manpath=");
170: html_print(req->q.manpath);
171: }
172: if (NULL != req->q.sec) {
173: printf("&sec=");
174: html_print(req->q.sec);
175: }
176: if (NULL != req->q.arch) {
177: printf("&arch=");
178: html_print(req->q.arch);
179: }
180: if (NULL != req->q.expr) {
1.5 schwarze 181: printf("&query=");
1.3 tedu 182: html_print(req->q.expr);
1.1 schwarze 183: }
1.5 schwarze 184: if (0 == req->q.equal)
185: printf("&apropos=1");
1.1 schwarze 186: }
187:
188: static void
189: http_print(const char *p)
190: {
191:
192: if (NULL == p)
193: return;
194: while ('\0' != *p)
195: http_putchar(*p++);
196: }
197:
198: /*
199: * Call through to html_putchar().
200: * Accepts NULL strings.
201: */
202: static void
203: html_print(const char *p)
204: {
205:
206: if (NULL == p)
207: return;
208: while ('\0' != *p)
209: html_putchar(*p++);
210: }
211:
212: /*
213: * Parse out key-value pairs from an HTTP request variable.
214: * This can be either a cookie or a POST/GET string, although man.cgi
215: * uses only GET for simplicity.
216: */
217: static void
218: http_parse(struct req *req, char *p)
219: {
220: char *key, *val;
221:
222: memset(&req->q, 0, sizeof(struct query));
223: req->q.manpath = req->p[0];
1.5 schwarze 224: req->q.equal = 1;
1.1 schwarze 225:
226: while ('\0' != *p) {
227: key = p;
228: val = NULL;
229:
230: p += (int)strcspn(p, ";&");
231: if ('\0' != *p)
232: *p++ = '\0';
233: if (NULL != (val = strchr(key, '=')))
234: *val++ = '\0';
235:
236: if ('\0' == *key || NULL == val || '\0' == *val)
237: continue;
238:
239: /* Just abort handling. */
240:
241: if ( ! http_decode(key))
242: break;
243: if (NULL != val && ! http_decode(val))
244: break;
245:
1.5 schwarze 246: if (0 == strcmp(key, "query"))
1.1 schwarze 247: req->q.expr = val;
1.13 schwarze 248: else if (0 == strcmp(key, "manpath")) {
249: #ifdef COMPAT_OLDURI
250: if (0 == strncmp(val, "OpenBSD ", 8)) {
251: val[7] = '-';
252: if ('C' == val[8])
253: val[8] = 'c';
254: }
255: #endif
1.1 schwarze 256: req->q.manpath = val;
1.13 schwarze 257: } else if (0 == strcmp(key, "apropos"))
1.5 schwarze 258: req->q.equal = !strcmp(val, "0");
1.13 schwarze 259: else if (0 == strcmp(key, "sec")) {
1.5 schwarze 260: if (strcmp(val, "0"))
261: req->q.sec = val;
1.13 schwarze 262: #ifdef COMPAT_OLDURI
263: } else if (0 == strcmp(key, "sektion")) {
264: if (strcmp(val, "0"))
265: req->q.sec = val;
266: #endif
1.5 schwarze 267: } else if (0 == strcmp(key, "arch")) {
268: if (strcmp(val, "default"))
269: req->q.arch = val;
270: }
1.1 schwarze 271: }
272: }
273:
274: static void
275: http_putchar(char c)
276: {
277:
278: if (isalnum((unsigned char)c)) {
279: putchar((unsigned char)c);
280: return;
281: } else if (' ' == c) {
282: putchar('+');
283: return;
284: }
285: printf("%%%.2x", c);
286: }
287:
288: /*
289: * HTTP-decode a string. The standard explanation is that this turns
290: * "%4e+foo" into "n foo" in the regular way. This is done in-place
291: * over the allocated string.
292: */
293: static int
294: http_decode(char *p)
295: {
296: char hex[3];
1.3 tedu 297: char *q;
1.1 schwarze 298: int c;
299:
300: hex[2] = '\0';
301:
1.3 tedu 302: q = p;
303: for ( ; '\0' != *p; p++, q++) {
1.1 schwarze 304: if ('%' == *p) {
305: if ('\0' == (hex[0] = *(p + 1)))
306: return(0);
307: if ('\0' == (hex[1] = *(p + 2)))
308: return(0);
309: if (1 != sscanf(hex, "%x", &c))
310: return(0);
311: if ('\0' == c)
312: return(0);
313:
1.3 tedu 314: *q = (char)c;
315: p += 2;
1.1 schwarze 316: } else
1.3 tedu 317: *q = '+' == *p ? ' ' : *p;
1.1 schwarze 318: }
319:
1.3 tedu 320: *q = '\0';
1.1 schwarze 321: return(1);
322: }
323:
324: static void
325: resp_begin_http(int code, const char *msg)
326: {
327:
328: if (200 != code)
1.2 tedu 329: printf("Status: %d %s\r\n", code, msg);
1.1 schwarze 330:
1.2 tedu 331: printf("Content-Type: text/html; charset=utf-8\r\n"
332: "Cache-Control: no-cache\r\n"
333: "Pragma: no-cache\r\n"
334: "\r\n");
1.1 schwarze 335:
336: fflush(stdout);
337: }
338:
339: static void
340: resp_begin_html(int code, const char *msg)
341: {
342:
343: resp_begin_http(code, msg);
344:
345: printf("<!DOCTYPE HTML PUBLIC "
346: " \"-//W3C//DTD HTML 4.01//EN\""
347: " \"http://www.w3.org/TR/html4/strict.dtd\">\n"
348: "<HTML>\n"
349: "<HEAD>\n"
350: "<META HTTP-EQUIV=\"Content-Type\""
351: " CONTENT=\"text/html; charset=utf-8\">\n"
352: "<LINK REL=\"stylesheet\" HREF=\"%s/man-cgi.css\""
353: " TYPE=\"text/css\" media=\"all\">\n"
354: "<LINK REL=\"stylesheet\" HREF=\"%s/man.css\""
355: " TYPE=\"text/css\" media=\"all\">\n"
1.7 schwarze 356: "<TITLE>%s</TITLE>\n"
1.1 schwarze 357: "</HEAD>\n"
358: "<BODY>\n"
359: "<!-- Begin page content. //-->\n",
1.7 schwarze 360: CSS_DIR, CSS_DIR, CUSTOMIZE_TITLE);
1.1 schwarze 361: }
362:
363: static void
364: resp_end_html(void)
365: {
366:
367: puts("</BODY>\n"
368: "</HTML>");
369: }
370:
371: static void
372: resp_searchform(const struct req *req)
373: {
374: int i;
375:
1.7 schwarze 376: puts(CUSTOMIZE_BEGIN);
1.1 schwarze 377: puts("<!-- Begin search form. //-->");
378: printf("<DIV ID=\"mancgi\">\n"
1.6 schwarze 379: "<FORM ACTION=\"%s\" METHOD=\"get\">\n"
1.1 schwarze 380: "<FIELDSET>\n"
1.8 schwarze 381: "<LEGEND>Manual Page Search Parameters</LEGEND>\n",
1.1 schwarze 382: scriptname);
1.8 schwarze 383:
384: /* Write query input box. */
385:
386: printf( "<TABLE><TR><TD>\n"
387: "<INPUT TYPE=\"text\" NAME=\"query\" VALUE=\"");
388: if (NULL != req->q.expr)
389: html_print(req->q.expr);
390: puts("\" SIZE=\"40\">");
391:
392: /* Write submission and reset buttons. */
393:
394: printf( "<INPUT TYPE=\"submit\" VALUE=\"Submit\">\n"
395: "<INPUT TYPE=\"reset\" VALUE=\"Reset\">\n");
396:
397: /* Write show radio button */
398:
399: printf( "</TD><TD>\n"
400: "<INPUT TYPE=\"radio\" ");
1.5 schwarze 401: if (req->q.equal)
1.8 schwarze 402: printf("CHECKED ");
403: printf( "NAME=\"apropos\" ID=\"show\" VALUE=\"0\">\n"
404: "<LABEL FOR=\"show\">Show named manual page</LABEL>\n");
405:
406: /* Write section selector. */
407:
408: printf( "</TD></TR><TR><TD>\n"
409: "<SELECT NAME=\"sec\">");
410: for (i = 0; i < sec_MAX; i++) {
411: printf("<OPTION VALUE=\"%s\"", sec_numbers[i]);
412: if (NULL != req->q.sec &&
413: 0 == strcmp(sec_numbers[i], req->q.sec))
414: printf(" SELECTED");
415: printf(">%s</OPTION>\n", sec_names[i]);
416: }
417: puts("</SELECT>");
418:
419: /* Write architecture selector. */
420:
421: puts("<SELECT NAME=\"arch\">");
422: for (i = 0; i < arch_MAX; i++) {
423: printf("<OPTION VALUE=\"%s\"", arch_names[i]);
424: if (NULL != req->q.arch &&
425: 0 == strcmp(arch_names[i], req->q.arch))
426: printf(" SELECTED");
427: printf(">%s</OPTION>\n", arch_names[i]);
428: }
429: puts("</SELECT>");
430:
431: /* Write manpath selector. */
432:
1.1 schwarze 433: if (req->psz > 1) {
1.8 schwarze 434: puts("<SELECT NAME=\"manpath\">");
1.1 schwarze 435: for (i = 0; i < (int)req->psz; i++) {
436: printf("<OPTION ");
437: if (NULL == req->q.manpath ? 0 == i :
438: 0 == strcmp(req->q.manpath, req->p[i]))
1.8 schwarze 439: printf("SELECTED ");
1.1 schwarze 440: printf("VALUE=\"");
441: html_print(req->p[i]);
442: printf("\">");
443: html_print(req->p[i]);
444: puts("</OPTION>");
445: }
446: puts("</SELECT>");
447: }
1.8 schwarze 448:
449: /* Write search radio button */
450:
451: printf( "</TD><TD>\n"
452: "<INPUT TYPE=\"radio\" ");
453: if (0 == req->q.equal)
454: printf("CHECKED ");
455: printf( "NAME=\"apropos\" ID=\"search\" VALUE=\"1\">\n"
456: "<LABEL FOR=\"search\">Search with apropos query</LABEL>\n");
457:
458: puts("</TD></TR></TABLE>\n"
1.1 schwarze 459: "</FIELDSET>\n"
460: "</FORM>\n"
461: "</DIV>");
462: puts("<!-- End search form. //-->");
463: }
464:
1.16 schwarze 465: static int
1.20 ! schwarze 466: validate_urifrag(const char *frag)
! 467: {
! 468:
! 469: while ('\0' != *frag) {
! 470: if ( ! (isalnum((unsigned char)*frag) ||
! 471: '-' == *frag || '.' == *frag ||
! 472: '/' == *frag || '_' == *frag))
! 473: return(0);
! 474: frag++;
! 475: }
! 476: return(1);
! 477: }
! 478:
! 479: static int
1.17 schwarze 480: validate_manpath(const struct req *req, const char* manpath)
481: {
482: size_t i;
483:
484: if ( ! strcmp(manpath, "mandoc"))
485: return(1);
486:
487: for (i = 0; i < req->psz; i++)
488: if ( ! strcmp(manpath, req->p[i]))
489: return(1);
490:
491: return(0);
492: }
493:
494: static int
1.16 schwarze 495: validate_filename(const char *file)
496: {
497:
498: if ('.' == file[0] && '/' == file[1])
499: file += 2;
500:
501: return ( ! (strstr(file, "../") || strstr(file, "/..") ||
502: (strncmp(file, "man", 3) && strncmp(file, "cat", 3))));
503: }
504:
1.1 schwarze 505: static void
1.12 schwarze 506: pg_index(const struct req *req)
1.1 schwarze 507: {
508:
509: resp_begin_html(200, NULL);
510: resp_searchform(req);
1.4 schwarze 511: printf("<P>\n"
512: "This web interface is documented in the "
1.9 schwarze 513: "<A HREF=\"%s/mandoc/man8/man.cgi.8\">man.cgi</A> "
514: "manual, and the "
515: "<A HREF=\"%s/mandoc/man1/apropos.1\">apropos</A> "
516: "manual explains the query syntax.\n"
1.4 schwarze 517: "</P>\n",
518: scriptname, scriptname);
1.1 schwarze 519: resp_end_html();
520: }
521:
522: static void
1.12 schwarze 523: pg_noresult(const struct req *req, const char *msg)
1.1 schwarze 524: {
525: resp_begin_html(200, NULL);
526: resp_searchform(req);
527: puts("<P>");
528: puts(msg);
529: puts("</P>");
530: resp_end_html();
531: }
532:
533: static void
1.12 schwarze 534: pg_error_badrequest(const char *msg)
1.1 schwarze 535: {
536:
537: resp_begin_html(400, "Bad Request");
538: puts("<H1>Bad Request</H1>\n"
539: "<P>\n");
540: puts(msg);
541: printf("Try again from the\n"
542: "<A HREF=\"%s\">main page</A>.\n"
543: "</P>", scriptname);
544: resp_end_html();
545: }
546:
547: static void
1.12 schwarze 548: pg_error_internal(void)
1.1 schwarze 549: {
550: resp_begin_html(500, "Internal Server Error");
551: puts("<P>Internal Server Error</P>");
552: resp_end_html();
553: }
554:
555: static void
1.12 schwarze 556: pg_searchres(const struct req *req, struct manpage *r, size_t sz)
1.1 schwarze 557: {
1.10 schwarze 558: size_t i, iuse, isec;
559: int prio, priouse;
560: char sec;
1.1 schwarze 561:
1.16 schwarze 562: for (i = 0; i < sz; i++) {
563: if (validate_filename(r[i].file))
564: continue;
565: fprintf(stderr, "invalid filename %s in %s database\n",
566: r[i].file, req->q.manpath);
567: pg_error_internal();
568: return;
569: }
570:
1.1 schwarze 571: if (1 == sz) {
572: /*
573: * If we have just one result, then jump there now
574: * without any delay.
575: */
1.2 tedu 576: printf("Status: 303 See Other\r\n");
1.18 schwarze 577: printf("Location: http://%s%s/%s/%s?",
578: HTTP_HOST, scriptname, req->q.manpath, r[0].file);
1.1 schwarze 579: http_printquery(req);
1.2 tedu 580: printf("\r\n"
581: "Content-Type: text/html; charset=utf-8\r\n"
582: "\r\n");
1.1 schwarze 583: return;
584: }
585:
586: qsort(r, sz, sizeof(struct manpage), cmp);
587:
588: resp_begin_html(200, NULL);
589: resp_searchform(req);
590: puts("<DIV CLASS=\"results\">");
591: puts("<TABLE>");
592:
593: for (i = 0; i < sz; i++) {
594: printf("<TR>\n"
595: "<TD CLASS=\"title\">\n"
1.6 schwarze 596: "<A HREF=\"%s/%s/%s?",
1.1 schwarze 597: scriptname, req->q.manpath, r[i].file);
598: html_printquery(req);
599: printf("\">");
600: html_print(r[i].names);
601: printf("</A>\n"
602: "</TD>\n"
603: "<TD CLASS=\"desc\">");
604: html_print(r[i].output);
605: puts("</TD>\n"
606: "</TR>");
607: }
608:
609: puts("</TABLE>\n"
610: "</DIV>");
1.10 schwarze 611:
612: /*
613: * In man(1) mode, show one of the pages
614: * even if more than one is found.
615: */
616:
617: if (req->q.equal) {
618: puts("<HR>");
619: iuse = 0;
620: priouse = 10;
621: for (i = 0; i < sz; i++) {
622: isec = strcspn(r[i].file, "123456789");
623: sec = r[i].file[isec];
624: if ('\0' == sec)
625: continue;
626: prio = sec_prios[sec - '1'];
627: if (prio >= priouse)
628: continue;
629: priouse = prio;
630: iuse = i;
631: }
632: resp_show(req, r[iuse].file);
633: }
634:
1.1 schwarze 635: resp_end_html();
636: }
637:
638: static void
639: catman(const struct req *req, const char *file)
640: {
641: FILE *f;
642: size_t len;
643: int i;
644: char *p;
645: int italic, bold;
646:
647: if (NULL == (f = fopen(file, "r"))) {
1.10 schwarze 648: puts("<P>You specified an invalid manual file.</P>");
1.1 schwarze 649: return;
650: }
651:
652: puts("<DIV CLASS=\"catman\">\n"
653: "<PRE>");
654:
655: while (NULL != (p = fgetln(f, &len))) {
656: bold = italic = 0;
657: for (i = 0; i < (int)len - 1; i++) {
658: /*
659: * This means that the catpage is out of state.
660: * Ignore it and keep going (although the
661: * catpage is bogus).
662: */
663:
664: if ('\b' == p[i] || '\n' == p[i])
665: continue;
666:
667: /*
668: * Print a regular character.
669: * Close out any bold/italic scopes.
670: * If we're in back-space mode, make sure we'll
671: * have something to enter when we backspace.
672: */
673:
674: if ('\b' != p[i + 1]) {
675: if (italic)
676: printf("</I>");
677: if (bold)
678: printf("</B>");
679: italic = bold = 0;
680: html_putchar(p[i]);
681: continue;
682: } else if (i + 2 >= (int)len)
683: continue;
684:
685: /* Italic mode. */
686:
687: if ('_' == p[i]) {
688: if (bold)
689: printf("</B>");
690: if ( ! italic)
691: printf("<I>");
692: bold = 0;
693: italic = 1;
694: i += 2;
695: html_putchar(p[i]);
696: continue;
697: }
698:
699: /*
700: * Handle funny behaviour troff-isms.
701: * These grok'd from the original man2html.c.
702: */
703:
704: if (('+' == p[i] && 'o' == p[i + 2]) ||
705: ('o' == p[i] && '+' == p[i + 2]) ||
706: ('|' == p[i] && '=' == p[i + 2]) ||
707: ('=' == p[i] && '|' == p[i + 2]) ||
708: ('*' == p[i] && '=' == p[i + 2]) ||
709: ('=' == p[i] && '*' == p[i + 2]) ||
710: ('*' == p[i] && '|' == p[i + 2]) ||
711: ('|' == p[i] && '*' == p[i + 2])) {
712: if (italic)
713: printf("</I>");
714: if (bold)
715: printf("</B>");
716: italic = bold = 0;
717: putchar('*');
718: i += 2;
719: continue;
720: } else if (('|' == p[i] && '-' == p[i + 2]) ||
721: ('-' == p[i] && '|' == p[i + 1]) ||
722: ('+' == p[i] && '-' == p[i + 1]) ||
723: ('-' == p[i] && '+' == p[i + 1]) ||
724: ('+' == p[i] && '|' == p[i + 1]) ||
725: ('|' == p[i] && '+' == p[i + 1])) {
726: if (italic)
727: printf("</I>");
728: if (bold)
729: printf("</B>");
730: italic = bold = 0;
731: putchar('+');
732: i += 2;
733: continue;
734: }
735:
736: /* Bold mode. */
737:
738: if (italic)
739: printf("</I>");
740: if ( ! bold)
741: printf("<B>");
742: bold = 1;
743: italic = 0;
744: i += 2;
745: html_putchar(p[i]);
746: }
747:
748: /*
749: * Clean up the last character.
750: * We can get to a newline; don't print that.
751: */
752:
753: if (italic)
754: printf("</I>");
755: if (bold)
756: printf("</B>");
757:
758: if (i == (int)len - 1 && '\n' != p[i])
759: html_putchar(p[i]);
760:
761: putchar('\n');
762: }
763:
764: puts("</PRE>\n"
1.10 schwarze 765: "</DIV>");
1.1 schwarze 766:
767: fclose(f);
768: }
769:
770: static void
771: format(const struct req *req, const char *file)
772: {
773: struct mparse *mp;
774: int fd;
775: struct mdoc *mdoc;
776: struct man *man;
777: void *vp;
778: enum mandoclevel rc;
779: char opts[PATH_MAX + 128];
780:
781: if (-1 == (fd = open(file, O_RDONLY, 0))) {
1.10 schwarze 782: puts("<P>You specified an invalid manual file.</P>");
1.1 schwarze 783: return;
784: }
785:
786: mp = mparse_alloc(MPARSE_SO, MANDOCLEVEL_FATAL, NULL,
787: req->q.manpath);
788: rc = mparse_readfd(mp, fd, file);
789: close(fd);
790:
791: if (rc >= MANDOCLEVEL_FATAL) {
792: fprintf(stderr, "fatal mandoc error: %s/%s\n",
793: req->q.manpath, file);
1.12 schwarze 794: pg_error_internal();
1.1 schwarze 795: return;
796: }
797:
1.19 schwarze 798: snprintf(opts, sizeof(opts), "fragment,man=%s?"
799: "manpath=%s&query=%%N&sec=%%S&arch=%s",
800: scriptname, req->q.manpath,
801: req->q.arch ? req->q.arch : "");
1.1 schwarze 802:
803: mparse_result(mp, &mdoc, &man, NULL);
804: if (NULL == man && NULL == mdoc) {
805: fprintf(stderr, "fatal mandoc error: %s/%s\n",
806: req->q.manpath, file);
1.12 schwarze 807: pg_error_internal();
1.1 schwarze 808: mparse_free(mp);
809: return;
810: }
811:
812: vp = html_alloc(opts);
813:
814: if (NULL != mdoc)
815: html_mdoc(vp, mdoc);
816: else
817: html_man(vp, man);
818:
819: html_free(vp);
820: mparse_free(mp);
821: }
822:
823: static void
1.10 schwarze 824: resp_show(const struct req *req, const char *file)
825: {
1.16 schwarze 826:
827: if ('.' == file[0] && '/' == file[1])
1.11 schwarze 828: file += 2;
1.10 schwarze 829:
830: if ('c' == *file)
831: catman(req, file);
832: else
833: format(req, file);
834: }
835:
836: static void
1.19 schwarze 837: pg_show(struct req *req, const char *path)
1.1 schwarze 838: {
839: char *sub;
840:
841: if (NULL == path || NULL == (sub = strchr(path, '/'))) {
1.12 schwarze 842: pg_error_badrequest(
1.1 schwarze 843: "You did not specify a page to show.");
844: return;
845: }
846: *sub++ = '\0';
847:
1.17 schwarze 848: if ( ! validate_manpath(req, path)) {
849: pg_error_badrequest(
850: "You specified an invalid manpath.");
851: return;
852: }
853:
1.1 schwarze 854: /*
855: * Begin by chdir()ing into the manpath.
856: * This way we can pick up the database files, which are
857: * relative to the manpath root.
858: */
859:
860: if (-1 == chdir(path)) {
1.17 schwarze 861: fprintf(stderr, "chdir %s: %s\n",
862: path, strerror(errno));
863: pg_error_internal();
1.16 schwarze 864: return;
865: }
866:
867: if ( ! validate_filename(sub)) {
868: pg_error_badrequest(
869: "You specified an invalid manual file.");
1.1 schwarze 870: return;
871: }
1.19 schwarze 872:
873: if (strcmp(path, "mandoc"))
874: req->q.manpath = path;
1.1 schwarze 875:
1.10 schwarze 876: resp_begin_html(200, NULL);
877: resp_searchform(req);
878: resp_show(req, sub);
879: resp_end_html();
1.1 schwarze 880: }
881:
882: static void
1.6 schwarze 883: pg_search(const struct req *req)
1.1 schwarze 884: {
885: struct mansearch search;
886: struct manpaths paths;
887: struct manpage *res;
888: char **cp;
889: const char *ep, *start;
890: size_t ressz;
891: int i, sz;
892:
893: /*
894: * Begin by chdir()ing into the root of the manpath.
895: * This way we can pick up the database files, which are
896: * relative to the manpath root.
897: */
898:
899: if (-1 == (chdir(req->q.manpath))) {
1.17 schwarze 900: fprintf(stderr, "chdir %s: %s\n",
901: req->q.manpath, strerror(errno));
902: pg_error_internal();
1.1 schwarze 903: return;
904: }
905:
906: search.arch = req->q.arch;
907: search.sec = req->q.sec;
1.5 schwarze 908: search.deftype = req->q.equal ? TYPE_Nm : (TYPE_Nm | TYPE_Nd);
909: search.flags = req->q.equal ? MANSEARCH_MAN : 0;
1.1 schwarze 910:
911: paths.sz = 1;
912: paths.paths = mandoc_malloc(sizeof(char *));
913: paths.paths[0] = mandoc_strdup(".");
914:
915: /*
916: * Poor man's tokenisation: just break apart by spaces.
917: * Yes, this is half-ass. But it works for now.
918: */
919:
920: ep = req->q.expr;
921: while (ep && isspace((unsigned char)*ep))
922: ep++;
923:
924: sz = 0;
925: cp = NULL;
926: while (ep && '\0' != *ep) {
927: cp = mandoc_reallocarray(cp, sz + 1, sizeof(char *));
928: start = ep;
929: while ('\0' != *ep && ! isspace((unsigned char)*ep))
930: ep++;
931: cp[sz] = mandoc_malloc((ep - start) + 1);
932: memcpy(cp[sz], start, ep - start);
933: cp[sz++][ep - start] = '\0';
934: while (isspace((unsigned char)*ep))
935: ep++;
936: }
937:
938: if (0 == mansearch(&search, &paths, sz, cp, "Nd", &res, &ressz))
1.12 schwarze 939: pg_noresult(req, "You entered an invalid query.");
1.1 schwarze 940: else if (0 == ressz)
1.12 schwarze 941: pg_noresult(req, "No results found.");
1.1 schwarze 942: else
1.12 schwarze 943: pg_searchres(req, res, ressz);
1.1 schwarze 944:
945: for (i = 0; i < sz; i++)
946: free(cp[i]);
947: free(cp);
948:
949: for (i = 0; i < (int)ressz; i++) {
950: free(res[i].file);
951: free(res[i].names);
952: free(res[i].output);
953: }
954: free(res);
955:
956: free(paths.paths[0]);
957: free(paths.paths);
958: }
959:
960: int
961: main(void)
962: {
1.6 schwarze 963: struct req req;
964: const char *path;
965: char *querystring;
1.1 schwarze 966: int i;
967:
968: /* Scan our run-time environment. */
969:
970: if (NULL == (scriptname = getenv("SCRIPT_NAME")))
971: scriptname = "";
972:
1.20 ! schwarze 973: if ( ! validate_urifrag(scriptname)) {
! 974: fprintf(stderr, "unsafe SCRIPT_NAME \"%s\"\n",
! 975: scriptname);
! 976: pg_error_internal();
! 977: return(EXIT_FAILURE);
! 978: }
! 979:
1.1 schwarze 980: /*
1.7 schwarze 981: * First we change directory into the MAN_DIR so that
1.1 schwarze 982: * subsequent scanning for manpath directories is rooted
983: * relative to the same position.
984: */
985:
1.7 schwarze 986: if (-1 == chdir(MAN_DIR)) {
1.1 schwarze 987: fprintf(stderr, "MAN_DIR: %s: %s\n",
1.7 schwarze 988: MAN_DIR, strerror(errno));
1.12 schwarze 989: pg_error_internal();
1.1 schwarze 990: return(EXIT_FAILURE);
991: }
992:
993: memset(&req, 0, sizeof(struct req));
994: pathgen(&req);
995:
996: /* Next parse out the query string. */
997:
998: if (NULL != (querystring = getenv("QUERY_STRING")))
999: http_parse(&req, querystring);
1.17 schwarze 1000:
1001: if ( ! validate_manpath(&req, req.q.manpath)) {
1002: pg_error_badrequest(
1003: "You specified an invalid manpath.");
1004: return(EXIT_FAILURE);
1005: }
1.1 schwarze 1006:
1.20 ! schwarze 1007: if ( ! (NULL == req.q.arch || validate_urifrag(req.q.arch))) {
! 1008: pg_error_badrequest(
! 1009: "You specified an invalid architecture.");
! 1010: return(EXIT_FAILURE);
! 1011: }
! 1012:
1.6 schwarze 1013: /* Dispatch to the three different pages. */
1.1 schwarze 1014:
1.6 schwarze 1015: path = getenv("PATH_INFO");
1016: if (NULL == path)
1017: path = "";
1018: else if ('/' == *path)
1019: path++;
1020:
1021: if ('\0' != *path)
1022: pg_show(&req, path);
1023: else if (NULL != req.q.expr)
1024: pg_search(&req);
1025: else
1.12 schwarze 1026: pg_index(&req);
1.1 schwarze 1027:
1028: for (i = 0; i < (int)req.psz; i++)
1029: free(req.p[i]);
1030: free(req.p);
1031: return(EXIT_SUCCESS);
1032: }
1033:
1034: static int
1035: cmp(const void *p1, const void *p2)
1036: {
1037:
1038: return(strcasecmp(((const struct manpage *)p1)->names,
1039: ((const struct manpage *)p2)->names));
1040: }
1041:
1042: /*
1043: * Scan for indexable paths.
1044: */
1045: static void
1046: pathgen(struct req *req)
1047: {
1048: FILE *fp;
1049: char *dp;
1050: size_t dpsz;
1051:
1.14 schwarze 1052: if (NULL == (fp = fopen("manpath.conf", "r"))) {
1053: fprintf(stderr, "%s/manpath.conf: %s\n",
1054: MAN_DIR, strerror(errno));
1055: pg_error_internal();
1056: exit(EXIT_FAILURE);
1057: }
1.1 schwarze 1058:
1059: while (NULL != (dp = fgetln(fp, &dpsz))) {
1060: if ('\n' == dp[dpsz - 1])
1061: dpsz--;
1062: req->p = mandoc_realloc(req->p,
1063: (req->psz + 1) * sizeof(char *));
1.20 ! schwarze 1064: dp = mandoc_strndup(dp, dpsz);
! 1065: if ( ! validate_urifrag(dp)) {
! 1066: fprintf(stderr, "%s/manpath.conf contains "
! 1067: "unsafe path \"%s\"\n", MAN_DIR, dp);
! 1068: pg_error_internal();
! 1069: exit(EXIT_FAILURE);
! 1070: }
! 1071: if (NULL != strchr(dp, '/')) {
! 1072: fprintf(stderr, "%s/manpath.conf contains "
! 1073: "path with slash \"%s\"\n", MAN_DIR, dp);
! 1074: pg_error_internal();
! 1075: exit(EXIT_FAILURE);
! 1076: }
! 1077: req->p[req->psz++] = dp;
1.14 schwarze 1078: }
1079:
1080: if ( req->p == NULL ) {
1081: fprintf(stderr, "%s/manpath.conf is empty\n", MAN_DIR);
1082: pg_error_internal();
1083: exit(EXIT_FAILURE);
1.1 schwarze 1084: }
1085: }