Annotation of src/usr.bin/mandoc/cgi.c, Revision 1.27
1.27 ! schwarze 1: /* $Id: cgi.c,v 1.26 2014/07/25 17:33:51 schwarze Exp $ */
1.1 schwarze 2: /*
3: * Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv>
4: * Copyright (c) 2014 Ingo Schwarze <schwarze@usta.de>
5: *
6: * Permission to use, copy, modify, and distribute this software for any
7: * purpose with or without fee is hereby granted, provided that the above
8: * copyright notice and this permission notice appear in all copies.
9: *
10: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17: */
18: #include <ctype.h>
19: #include <errno.h>
20: #include <fcntl.h>
21: #include <limits.h>
22: #include <stdio.h>
23: #include <stdlib.h>
24: #include <string.h>
25: #include <unistd.h>
26:
27: #include "mandoc.h"
28: #include "mandoc_aux.h"
29: #include "main.h"
30: #include "manpath.h"
31: #include "mansearch.h"
1.7 schwarze 32: #include "cgi.h"
1.1 schwarze 33:
34: /*
35: * A query as passed to the search function.
36: */
37: struct query {
1.23 schwarze 38: char *manpath; /* desired manual directory */
39: char *arch; /* architecture */
40: char *sec; /* manual section */
1.25 schwarze 41: char *query; /* unparsed query expression */
1.5 schwarze 42: int equal; /* match whole names, not substrings */
1.1 schwarze 43: };
44:
45: struct req {
46: struct query q;
47: char **p; /* array of available manpaths */
48: size_t psz; /* number of available manpaths */
49: };
50:
51: static void catman(const struct req *, const char *);
52: static void format(const struct req *, const char *);
53: static void html_print(const char *);
54: static void html_printquery(const struct req *);
55: static void html_putchar(char);
56: static int http_decode(char *);
1.23 schwarze 57: static void http_parse(struct req *, const char *);
1.1 schwarze 58: static void http_print(const char *);
59: static void http_putchar(char);
60: static void http_printquery(const struct req *);
61: static void pathgen(struct req *);
1.12 schwarze 62: static void pg_error_badrequest(const char *);
63: static void pg_error_internal(void);
64: static void pg_index(const struct req *);
65: static void pg_noresult(const struct req *, const char *);
1.6 schwarze 66: static void pg_search(const struct req *);
1.12 schwarze 67: static void pg_searchres(const struct req *,
68: struct manpage *, size_t);
1.19 schwarze 69: static void pg_show(struct req *, const char *);
1.1 schwarze 70: static void resp_begin_html(int, const char *);
71: static void resp_begin_http(int, const char *);
72: static void resp_end_html(void);
73: static void resp_searchform(const struct req *);
1.10 schwarze 74: static void resp_show(const struct req *, const char *);
1.25 schwarze 75: static void set_query_attr(char **, char **);
76: static int validate_filename(const char *);
77: static int validate_manpath(const struct req *, const char *);
78: static int validate_urifrag(const char *);
1.1 schwarze 79:
80: static const char *scriptname; /* CGI script name */
81:
1.10 schwarze 82: static const int sec_prios[] = {1, 4, 5, 8, 6, 3, 7, 2, 9};
1.8 schwarze 83: static const char *const sec_numbers[] = {
84: "0", "1", "2", "3", "3p", "4", "5", "6", "7", "8", "9"
85: };
86: static const char *const sec_names[] = {
87: "All Sections",
88: "1 - General Commands",
89: "2 - System Calls",
90: "3 - Subroutines",
91: "3p - Perl Subroutines",
92: "4 - Special Files",
93: "5 - File Formats",
94: "6 - Games",
95: "7 - Macros and Conventions",
96: "8 - Maintenance Commands",
97: "9 - Kernel Interface"
98: };
99: static const int sec_MAX = sizeof(sec_names) / sizeof(char *);
100:
101: static const char *const arch_names[] = {
102: "amd64", "alpha", "armish", "armv7",
103: "aviion", "hppa", "hppa64", "i386",
104: "ia64", "landisk", "loongson", "luna88k",
105: "macppc", "mips64", "octeon", "sgi",
106: "socppc", "solbourne", "sparc", "sparc64",
107: "vax", "zaurus",
108: "amiga", "arc", "arm32", "atari",
109: "beagle", "cats", "hp300", "mac68k",
110: "mvme68k", "mvme88k", "mvmeppc", "palm",
111: "pc532", "pegasos", "pmax", "powerpc",
112: "sun3", "wgrisc", "x68k"
113: };
114: static const int arch_MAX = sizeof(arch_names) / sizeof(char *);
115:
1.1 schwarze 116: /*
117: * Print a character, escaping HTML along the way.
118: * This will pass non-ASCII straight to output: be warned!
119: */
120: static void
121: html_putchar(char c)
122: {
123:
124: switch (c) {
125: case ('"'):
126: printf(""e;");
127: break;
128: case ('&'):
129: printf("&");
130: break;
131: case ('>'):
132: printf(">");
133: break;
134: case ('<'):
135: printf("<");
136: break;
137: default:
138: putchar((unsigned char)c);
139: break;
140: }
141: }
142:
143: static void
144: http_printquery(const struct req *req)
145: {
146:
147: if (NULL != req->q.manpath) {
148: printf("&manpath=");
149: http_print(req->q.manpath);
150: }
151: if (NULL != req->q.sec) {
152: printf("&sec=");
153: http_print(req->q.sec);
154: }
155: if (NULL != req->q.arch) {
156: printf("&arch=");
157: http_print(req->q.arch);
158: }
1.25 schwarze 159: if (NULL != req->q.query) {
1.5 schwarze 160: printf("&query=");
1.25 schwarze 161: http_print(req->q.query);
1.1 schwarze 162: }
1.5 schwarze 163: if (0 == req->q.equal)
164: printf("&apropos=1");
1.1 schwarze 165: }
166:
167: static void
168: html_printquery(const struct req *req)
169: {
170:
171: if (NULL != req->q.manpath) {
172: printf("&manpath=");
173: html_print(req->q.manpath);
174: }
175: if (NULL != req->q.sec) {
176: printf("&sec=");
177: html_print(req->q.sec);
178: }
179: if (NULL != req->q.arch) {
180: printf("&arch=");
181: html_print(req->q.arch);
182: }
1.25 schwarze 183: if (NULL != req->q.query) {
1.5 schwarze 184: printf("&query=");
1.25 schwarze 185: html_print(req->q.query);
1.1 schwarze 186: }
1.5 schwarze 187: if (0 == req->q.equal)
188: printf("&apropos=1");
1.1 schwarze 189: }
190:
191: static void
192: http_print(const char *p)
193: {
194:
195: if (NULL == p)
196: return;
197: while ('\0' != *p)
198: http_putchar(*p++);
199: }
200:
201: /*
202: * Call through to html_putchar().
203: * Accepts NULL strings.
204: */
205: static void
206: html_print(const char *p)
207: {
208:
209: if (NULL == p)
210: return;
211: while ('\0' != *p)
212: html_putchar(*p++);
213: }
214:
215: /*
1.23 schwarze 216: * Transfer the responsibility for the allocated string *val
217: * to the query structure.
1.1 schwarze 218: */
219: static void
1.23 schwarze 220: set_query_attr(char **attr, char **val)
1.1 schwarze 221: {
222:
1.23 schwarze 223: free(*attr);
224: if (**val == '\0') {
225: *attr = NULL;
226: free(*val);
227: } else
228: *attr = *val;
229: *val = NULL;
230: }
231:
232: /*
233: * Parse the QUERY_STRING for key-value pairs
234: * and store the values into the query structure.
235: */
236: static void
237: http_parse(struct req *req, const char *qs)
238: {
239: char *key, *val;
240: size_t keysz, valsz;
241:
242: req->q.manpath = NULL;
243: req->q.arch = NULL;
244: req->q.sec = NULL;
1.25 schwarze 245: req->q.query = NULL;
1.23 schwarze 246: req->q.equal = 1;
247:
248: key = val = NULL;
249: while (*qs != '\0') {
1.1 schwarze 250:
1.23 schwarze 251: /* Parse one key. */
252:
253: keysz = strcspn(qs, "=;&");
254: key = mandoc_strndup(qs, keysz);
255: qs += keysz;
256: if (*qs != '=')
257: goto next;
258:
259: /* Parse one value. */
260:
261: valsz = strcspn(++qs, ";&");
262: val = mandoc_strndup(qs, valsz);
263: qs += valsz;
264:
265: /* Decode and catch encoding errors. */
1.1 schwarze 266:
1.23 schwarze 267: if ( ! (http_decode(key) && http_decode(val)))
268: goto next;
1.1 schwarze 269:
1.23 schwarze 270: /* Handle key-value pairs. */
1.1 schwarze 271:
1.23 schwarze 272: if ( ! strcmp(key, "query"))
1.25 schwarze 273: set_query_attr(&req->q.query, &val);
1.1 schwarze 274:
1.23 schwarze 275: else if ( ! strcmp(key, "apropos"))
276: req->q.equal = !strcmp(val, "0");
277:
278: else if ( ! strcmp(key, "manpath")) {
1.13 schwarze 279: #ifdef COMPAT_OLDURI
1.23 schwarze 280: if ( ! strncmp(val, "OpenBSD ", 8)) {
1.13 schwarze 281: val[7] = '-';
282: if ('C' == val[8])
283: val[8] = 'c';
284: }
285: #endif
1.23 schwarze 286: set_query_attr(&req->q.manpath, &val);
287: }
288:
289: else if ( ! (strcmp(key, "sec")
1.13 schwarze 290: #ifdef COMPAT_OLDURI
1.23 schwarze 291: && strcmp(key, "sektion")
1.13 schwarze 292: #endif
1.23 schwarze 293: )) {
294: if ( ! strcmp(val, "0"))
295: *val = '\0';
296: set_query_attr(&req->q.sec, &val);
1.5 schwarze 297: }
1.23 schwarze 298:
299: else if ( ! strcmp(key, "arch")) {
300: if ( ! strcmp(val, "default"))
301: *val = '\0';
302: set_query_attr(&req->q.arch, &val);
303: }
304:
305: /*
306: * The key must be freed in any case.
307: * The val may have been handed over to the query
308: * structure, in which case it is now NULL.
309: */
310: next:
311: free(key);
312: key = NULL;
313: free(val);
314: val = NULL;
315:
316: if (*qs != '\0')
317: qs++;
1.1 schwarze 318: }
1.23 schwarze 319:
320: /* Fall back to the default manpath. */
321:
322: if (req->q.manpath == NULL)
323: req->q.manpath = mandoc_strdup(req->p[0]);
1.1 schwarze 324: }
325:
326: static void
327: http_putchar(char c)
328: {
329:
330: if (isalnum((unsigned char)c)) {
331: putchar((unsigned char)c);
332: return;
333: } else if (' ' == c) {
334: putchar('+');
335: return;
336: }
337: printf("%%%.2x", c);
338: }
339:
340: /*
341: * HTTP-decode a string. The standard explanation is that this turns
342: * "%4e+foo" into "n foo" in the regular way. This is done in-place
343: * over the allocated string.
344: */
345: static int
346: http_decode(char *p)
347: {
348: char hex[3];
1.3 tedu 349: char *q;
1.1 schwarze 350: int c;
351:
352: hex[2] = '\0';
353:
1.3 tedu 354: q = p;
355: for ( ; '\0' != *p; p++, q++) {
1.1 schwarze 356: if ('%' == *p) {
357: if ('\0' == (hex[0] = *(p + 1)))
358: return(0);
359: if ('\0' == (hex[1] = *(p + 2)))
360: return(0);
361: if (1 != sscanf(hex, "%x", &c))
362: return(0);
363: if ('\0' == c)
364: return(0);
365:
1.3 tedu 366: *q = (char)c;
367: p += 2;
1.1 schwarze 368: } else
1.3 tedu 369: *q = '+' == *p ? ' ' : *p;
1.1 schwarze 370: }
371:
1.3 tedu 372: *q = '\0';
1.1 schwarze 373: return(1);
374: }
375:
376: static void
377: resp_begin_http(int code, const char *msg)
378: {
379:
380: if (200 != code)
1.2 tedu 381: printf("Status: %d %s\r\n", code, msg);
1.1 schwarze 382:
1.2 tedu 383: printf("Content-Type: text/html; charset=utf-8\r\n"
384: "Cache-Control: no-cache\r\n"
385: "Pragma: no-cache\r\n"
386: "\r\n");
1.1 schwarze 387:
388: fflush(stdout);
389: }
390:
391: static void
392: resp_begin_html(int code, const char *msg)
393: {
394:
395: resp_begin_http(code, msg);
396:
397: printf("<!DOCTYPE HTML PUBLIC "
398: " \"-//W3C//DTD HTML 4.01//EN\""
399: " \"http://www.w3.org/TR/html4/strict.dtd\">\n"
400: "<HTML>\n"
401: "<HEAD>\n"
402: "<META HTTP-EQUIV=\"Content-Type\""
403: " CONTENT=\"text/html; charset=utf-8\">\n"
404: "<LINK REL=\"stylesheet\" HREF=\"%s/man-cgi.css\""
405: " TYPE=\"text/css\" media=\"all\">\n"
406: "<LINK REL=\"stylesheet\" HREF=\"%s/man.css\""
407: " TYPE=\"text/css\" media=\"all\">\n"
1.7 schwarze 408: "<TITLE>%s</TITLE>\n"
1.1 schwarze 409: "</HEAD>\n"
410: "<BODY>\n"
411: "<!-- Begin page content. //-->\n",
1.7 schwarze 412: CSS_DIR, CSS_DIR, CUSTOMIZE_TITLE);
1.1 schwarze 413: }
414:
415: static void
416: resp_end_html(void)
417: {
418:
419: puts("</BODY>\n"
420: "</HTML>");
421: }
422:
423: static void
424: resp_searchform(const struct req *req)
425: {
426: int i;
427:
1.7 schwarze 428: puts(CUSTOMIZE_BEGIN);
1.1 schwarze 429: puts("<!-- Begin search form. //-->");
430: printf("<DIV ID=\"mancgi\">\n"
1.6 schwarze 431: "<FORM ACTION=\"%s\" METHOD=\"get\">\n"
1.1 schwarze 432: "<FIELDSET>\n"
1.8 schwarze 433: "<LEGEND>Manual Page Search Parameters</LEGEND>\n",
1.1 schwarze 434: scriptname);
1.8 schwarze 435:
436: /* Write query input box. */
437:
438: printf( "<TABLE><TR><TD>\n"
439: "<INPUT TYPE=\"text\" NAME=\"query\" VALUE=\"");
1.25 schwarze 440: if (NULL != req->q.query)
441: html_print(req->q.query);
1.8 schwarze 442: puts("\" SIZE=\"40\">");
443:
444: /* Write submission and reset buttons. */
445:
446: printf( "<INPUT TYPE=\"submit\" VALUE=\"Submit\">\n"
447: "<INPUT TYPE=\"reset\" VALUE=\"Reset\">\n");
448:
449: /* Write show radio button */
450:
451: printf( "</TD><TD>\n"
452: "<INPUT TYPE=\"radio\" ");
1.5 schwarze 453: if (req->q.equal)
1.26 schwarze 454: printf("CHECKED=\"checked\" ");
1.8 schwarze 455: printf( "NAME=\"apropos\" ID=\"show\" VALUE=\"0\">\n"
456: "<LABEL FOR=\"show\">Show named manual page</LABEL>\n");
457:
458: /* Write section selector. */
459:
1.26 schwarze 460: puts( "</TD></TR><TR><TD>\n"
1.8 schwarze 461: "<SELECT NAME=\"sec\">");
462: for (i = 0; i < sec_MAX; i++) {
463: printf("<OPTION VALUE=\"%s\"", sec_numbers[i]);
464: if (NULL != req->q.sec &&
465: 0 == strcmp(sec_numbers[i], req->q.sec))
1.26 schwarze 466: printf(" SELECTED=\"selected\"");
1.8 schwarze 467: printf(">%s</OPTION>\n", sec_names[i]);
468: }
469: puts("</SELECT>");
470:
471: /* Write architecture selector. */
472:
1.21 schwarze 473: printf( "<SELECT NAME=\"arch\">\n"
474: "<OPTION VALUE=\"default\"");
475: if (NULL == req->q.arch)
1.26 schwarze 476: printf(" SELECTED=\"selected\"");
1.21 schwarze 477: puts(">All Architectures</OPTION>");
1.8 schwarze 478: for (i = 0; i < arch_MAX; i++) {
479: printf("<OPTION VALUE=\"%s\"", arch_names[i]);
480: if (NULL != req->q.arch &&
481: 0 == strcmp(arch_names[i], req->q.arch))
1.26 schwarze 482: printf(" SELECTED=\"selected\"");
1.8 schwarze 483: printf(">%s</OPTION>\n", arch_names[i]);
484: }
485: puts("</SELECT>");
486:
487: /* Write manpath selector. */
488:
1.1 schwarze 489: if (req->psz > 1) {
1.8 schwarze 490: puts("<SELECT NAME=\"manpath\">");
1.1 schwarze 491: for (i = 0; i < (int)req->psz; i++) {
492: printf("<OPTION ");
493: if (NULL == req->q.manpath ? 0 == i :
494: 0 == strcmp(req->q.manpath, req->p[i]))
1.26 schwarze 495: printf("SELECTED=\"selected\" ");
1.1 schwarze 496: printf("VALUE=\"");
497: html_print(req->p[i]);
498: printf("\">");
499: html_print(req->p[i]);
500: puts("</OPTION>");
501: }
502: puts("</SELECT>");
503: }
1.8 schwarze 504:
505: /* Write search radio button */
506:
507: printf( "</TD><TD>\n"
508: "<INPUT TYPE=\"radio\" ");
509: if (0 == req->q.equal)
1.26 schwarze 510: printf("CHECKED=\"checked\" ");
1.8 schwarze 511: printf( "NAME=\"apropos\" ID=\"search\" VALUE=\"1\">\n"
512: "<LABEL FOR=\"search\">Search with apropos query</LABEL>\n");
513:
514: puts("</TD></TR></TABLE>\n"
1.1 schwarze 515: "</FIELDSET>\n"
516: "</FORM>\n"
517: "</DIV>");
518: puts("<!-- End search form. //-->");
519: }
520:
1.16 schwarze 521: static int
1.20 schwarze 522: validate_urifrag(const char *frag)
523: {
524:
525: while ('\0' != *frag) {
526: if ( ! (isalnum((unsigned char)*frag) ||
527: '-' == *frag || '.' == *frag ||
528: '/' == *frag || '_' == *frag))
529: return(0);
530: frag++;
531: }
532: return(1);
533: }
534:
535: static int
1.17 schwarze 536: validate_manpath(const struct req *req, const char* manpath)
537: {
538: size_t i;
539:
540: if ( ! strcmp(manpath, "mandoc"))
541: return(1);
542:
543: for (i = 0; i < req->psz; i++)
544: if ( ! strcmp(manpath, req->p[i]))
545: return(1);
546:
547: return(0);
548: }
549:
550: static int
1.16 schwarze 551: validate_filename(const char *file)
552: {
553:
554: if ('.' == file[0] && '/' == file[1])
555: file += 2;
556:
557: return ( ! (strstr(file, "../") || strstr(file, "/..") ||
558: (strncmp(file, "man", 3) && strncmp(file, "cat", 3))));
559: }
560:
1.1 schwarze 561: static void
1.12 schwarze 562: pg_index(const struct req *req)
1.1 schwarze 563: {
564:
565: resp_begin_html(200, NULL);
566: resp_searchform(req);
1.4 schwarze 567: printf("<P>\n"
1.26 schwarze 568: "This web interface is documented in the\n"
569: "<A HREF=\"%s/mandoc/man8/man.cgi.8\">man.cgi</A>\n"
570: "manual, and the\n"
571: "<A HREF=\"%s/mandoc/man1/apropos.1\">apropos</A>\n"
1.9 schwarze 572: "manual explains the query syntax.\n"
1.4 schwarze 573: "</P>\n",
574: scriptname, scriptname);
1.1 schwarze 575: resp_end_html();
576: }
577:
578: static void
1.12 schwarze 579: pg_noresult(const struct req *req, const char *msg)
1.1 schwarze 580: {
581: resp_begin_html(200, NULL);
582: resp_searchform(req);
583: puts("<P>");
584: puts(msg);
585: puts("</P>");
586: resp_end_html();
587: }
588:
589: static void
1.12 schwarze 590: pg_error_badrequest(const char *msg)
1.1 schwarze 591: {
592:
593: resp_begin_html(400, "Bad Request");
594: puts("<H1>Bad Request</H1>\n"
595: "<P>\n");
596: puts(msg);
597: printf("Try again from the\n"
598: "<A HREF=\"%s\">main page</A>.\n"
599: "</P>", scriptname);
600: resp_end_html();
601: }
602:
603: static void
1.12 schwarze 604: pg_error_internal(void)
1.1 schwarze 605: {
606: resp_begin_html(500, "Internal Server Error");
607: puts("<P>Internal Server Error</P>");
608: resp_end_html();
609: }
610:
611: static void
1.12 schwarze 612: pg_searchres(const struct req *req, struct manpage *r, size_t sz)
1.1 schwarze 613: {
1.21 schwarze 614: char *arch, *archend;
1.10 schwarze 615: size_t i, iuse, isec;
1.21 schwarze 616: int archprio, archpriouse;
1.10 schwarze 617: int prio, priouse;
618: char sec;
1.1 schwarze 619:
1.16 schwarze 620: for (i = 0; i < sz; i++) {
621: if (validate_filename(r[i].file))
622: continue;
623: fprintf(stderr, "invalid filename %s in %s database\n",
624: r[i].file, req->q.manpath);
625: pg_error_internal();
626: return;
627: }
628:
1.1 schwarze 629: if (1 == sz) {
630: /*
631: * If we have just one result, then jump there now
632: * without any delay.
633: */
1.2 tedu 634: printf("Status: 303 See Other\r\n");
1.18 schwarze 635: printf("Location: http://%s%s/%s/%s?",
636: HTTP_HOST, scriptname, req->q.manpath, r[0].file);
1.1 schwarze 637: http_printquery(req);
1.2 tedu 638: printf("\r\n"
639: "Content-Type: text/html; charset=utf-8\r\n"
640: "\r\n");
1.1 schwarze 641: return;
642: }
643:
644: resp_begin_html(200, NULL);
645: resp_searchform(req);
646: puts("<DIV CLASS=\"results\">");
647: puts("<TABLE>");
648:
649: for (i = 0; i < sz; i++) {
650: printf("<TR>\n"
651: "<TD CLASS=\"title\">\n"
1.6 schwarze 652: "<A HREF=\"%s/%s/%s?",
1.1 schwarze 653: scriptname, req->q.manpath, r[i].file);
654: html_printquery(req);
655: printf("\">");
656: html_print(r[i].names);
657: printf("</A>\n"
658: "</TD>\n"
659: "<TD CLASS=\"desc\">");
660: html_print(r[i].output);
661: puts("</TD>\n"
662: "</TR>");
663: }
664:
665: puts("</TABLE>\n"
666: "</DIV>");
1.10 schwarze 667:
668: /*
669: * In man(1) mode, show one of the pages
670: * even if more than one is found.
671: */
672:
673: if (req->q.equal) {
674: puts("<HR>");
675: iuse = 0;
676: priouse = 10;
1.21 schwarze 677: archpriouse = 3;
1.10 schwarze 678: for (i = 0; i < sz; i++) {
679: isec = strcspn(r[i].file, "123456789");
680: sec = r[i].file[isec];
681: if ('\0' == sec)
682: continue;
683: prio = sec_prios[sec - '1'];
1.21 schwarze 684: if (NULL == req->q.arch) {
685: archprio =
686: (NULL == (arch = strchr(
687: r[i].file + isec, '/'))) ? 3 :
688: (NULL == (archend = strchr(
689: arch + 1, '/'))) ? 0 :
690: strncmp(arch, "amd64/",
691: archend - arch) ? 2 : 1;
692: if (archprio < archpriouse) {
693: archpriouse = archprio;
694: priouse = prio;
695: iuse = i;
696: continue;
697: }
698: if (archprio > archpriouse)
699: continue;
700: }
1.10 schwarze 701: if (prio >= priouse)
702: continue;
703: priouse = prio;
704: iuse = i;
705: }
706: resp_show(req, r[iuse].file);
707: }
708:
1.1 schwarze 709: resp_end_html();
710: }
711:
712: static void
713: catman(const struct req *req, const char *file)
714: {
715: FILE *f;
716: size_t len;
717: int i;
718: char *p;
719: int italic, bold;
720:
721: if (NULL == (f = fopen(file, "r"))) {
1.10 schwarze 722: puts("<P>You specified an invalid manual file.</P>");
1.1 schwarze 723: return;
724: }
725:
726: puts("<DIV CLASS=\"catman\">\n"
727: "<PRE>");
728:
729: while (NULL != (p = fgetln(f, &len))) {
730: bold = italic = 0;
731: for (i = 0; i < (int)len - 1; i++) {
732: /*
733: * This means that the catpage is out of state.
734: * Ignore it and keep going (although the
735: * catpage is bogus).
736: */
737:
738: if ('\b' == p[i] || '\n' == p[i])
739: continue;
740:
741: /*
742: * Print a regular character.
743: * Close out any bold/italic scopes.
744: * If we're in back-space mode, make sure we'll
745: * have something to enter when we backspace.
746: */
747:
748: if ('\b' != p[i + 1]) {
749: if (italic)
750: printf("</I>");
751: if (bold)
752: printf("</B>");
753: italic = bold = 0;
754: html_putchar(p[i]);
755: continue;
756: } else if (i + 2 >= (int)len)
757: continue;
758:
759: /* Italic mode. */
760:
761: if ('_' == p[i]) {
762: if (bold)
763: printf("</B>");
764: if ( ! italic)
765: printf("<I>");
766: bold = 0;
767: italic = 1;
768: i += 2;
769: html_putchar(p[i]);
770: continue;
771: }
772:
773: /*
774: * Handle funny behaviour troff-isms.
775: * These grok'd from the original man2html.c.
776: */
777:
778: if (('+' == p[i] && 'o' == p[i + 2]) ||
779: ('o' == p[i] && '+' == p[i + 2]) ||
780: ('|' == p[i] && '=' == p[i + 2]) ||
781: ('=' == p[i] && '|' == p[i + 2]) ||
782: ('*' == p[i] && '=' == p[i + 2]) ||
783: ('=' == p[i] && '*' == p[i + 2]) ||
784: ('*' == p[i] && '|' == p[i + 2]) ||
785: ('|' == p[i] && '*' == p[i + 2])) {
786: if (italic)
787: printf("</I>");
788: if (bold)
789: printf("</B>");
790: italic = bold = 0;
791: putchar('*');
792: i += 2;
793: continue;
794: } else if (('|' == p[i] && '-' == p[i + 2]) ||
795: ('-' == p[i] && '|' == p[i + 1]) ||
796: ('+' == p[i] && '-' == p[i + 1]) ||
797: ('-' == p[i] && '+' == p[i + 1]) ||
798: ('+' == p[i] && '|' == p[i + 1]) ||
799: ('|' == p[i] && '+' == p[i + 1])) {
800: if (italic)
801: printf("</I>");
802: if (bold)
803: printf("</B>");
804: italic = bold = 0;
805: putchar('+');
806: i += 2;
807: continue;
808: }
809:
810: /* Bold mode. */
811:
812: if (italic)
813: printf("</I>");
814: if ( ! bold)
815: printf("<B>");
816: bold = 1;
817: italic = 0;
818: i += 2;
819: html_putchar(p[i]);
820: }
821:
822: /*
823: * Clean up the last character.
824: * We can get to a newline; don't print that.
825: */
826:
827: if (italic)
828: printf("</I>");
829: if (bold)
830: printf("</B>");
831:
832: if (i == (int)len - 1 && '\n' != p[i])
833: html_putchar(p[i]);
834:
835: putchar('\n');
836: }
837:
838: puts("</PRE>\n"
1.10 schwarze 839: "</DIV>");
1.1 schwarze 840:
841: fclose(f);
842: }
843:
844: static void
845: format(const struct req *req, const char *file)
846: {
847: struct mparse *mp;
848: int fd;
849: struct mdoc *mdoc;
850: struct man *man;
851: void *vp;
852: enum mandoclevel rc;
853: char opts[PATH_MAX + 128];
854:
855: if (-1 == (fd = open(file, O_RDONLY, 0))) {
1.10 schwarze 856: puts("<P>You specified an invalid manual file.</P>");
1.1 schwarze 857: return;
858: }
859:
860: mp = mparse_alloc(MPARSE_SO, MANDOCLEVEL_FATAL, NULL,
861: req->q.manpath);
862: rc = mparse_readfd(mp, fd, file);
863: close(fd);
864:
865: if (rc >= MANDOCLEVEL_FATAL) {
866: fprintf(stderr, "fatal mandoc error: %s/%s\n",
867: req->q.manpath, file);
1.12 schwarze 868: pg_error_internal();
1.1 schwarze 869: return;
870: }
871:
1.19 schwarze 872: snprintf(opts, sizeof(opts), "fragment,man=%s?"
1.27 ! schwarze 873: "manpath=%s&query=%%N&sec=%%S%s%s",
1.19 schwarze 874: scriptname, req->q.manpath,
1.27 ! schwarze 875: req->q.arch ? "&arch=" : "",
1.19 schwarze 876: req->q.arch ? req->q.arch : "");
1.1 schwarze 877:
878: mparse_result(mp, &mdoc, &man, NULL);
879: if (NULL == man && NULL == mdoc) {
880: fprintf(stderr, "fatal mandoc error: %s/%s\n",
881: req->q.manpath, file);
1.12 schwarze 882: pg_error_internal();
1.1 schwarze 883: mparse_free(mp);
884: return;
885: }
886:
887: vp = html_alloc(opts);
888:
889: if (NULL != mdoc)
890: html_mdoc(vp, mdoc);
891: else
892: html_man(vp, man);
893:
894: html_free(vp);
895: mparse_free(mp);
896: }
897:
898: static void
1.10 schwarze 899: resp_show(const struct req *req, const char *file)
900: {
1.16 schwarze 901:
902: if ('.' == file[0] && '/' == file[1])
1.11 schwarze 903: file += 2;
1.10 schwarze 904:
905: if ('c' == *file)
906: catman(req, file);
907: else
908: format(req, file);
909: }
910:
911: static void
1.24 schwarze 912: pg_show(struct req *req, const char *fullpath)
1.1 schwarze 913: {
1.24 schwarze 914: char *manpath;
915: const char *file;
1.1 schwarze 916:
1.24 schwarze 917: if ((file = strchr(fullpath, '/')) == NULL) {
1.12 schwarze 918: pg_error_badrequest(
1.1 schwarze 919: "You did not specify a page to show.");
920: return;
921: }
1.24 schwarze 922: manpath = mandoc_strndup(fullpath, file - fullpath);
923: file++;
1.1 schwarze 924:
1.24 schwarze 925: if ( ! validate_manpath(req, manpath)) {
1.17 schwarze 926: pg_error_badrequest(
927: "You specified an invalid manpath.");
1.24 schwarze 928: free(manpath);
1.17 schwarze 929: return;
930: }
931:
1.1 schwarze 932: /*
933: * Begin by chdir()ing into the manpath.
934: * This way we can pick up the database files, which are
935: * relative to the manpath root.
936: */
937:
1.24 schwarze 938: if (chdir(manpath) == -1) {
1.17 schwarze 939: fprintf(stderr, "chdir %s: %s\n",
1.24 schwarze 940: manpath, strerror(errno));
1.17 schwarze 941: pg_error_internal();
1.24 schwarze 942: free(manpath);
1.16 schwarze 943: return;
944: }
945:
1.24 schwarze 946: if (strcmp(manpath, "mandoc")) {
947: free(req->q.manpath);
948: req->q.manpath = manpath;
949: } else
950: free(manpath);
951:
952: if ( ! validate_filename(file)) {
1.16 schwarze 953: pg_error_badrequest(
954: "You specified an invalid manual file.");
1.1 schwarze 955: return;
956: }
1.19 schwarze 957:
1.10 schwarze 958: resp_begin_html(200, NULL);
959: resp_searchform(req);
1.24 schwarze 960: resp_show(req, file);
1.10 schwarze 961: resp_end_html();
1.1 schwarze 962: }
963:
964: static void
1.6 schwarze 965: pg_search(const struct req *req)
1.1 schwarze 966: {
967: struct mansearch search;
968: struct manpaths paths;
969: struct manpage *res;
970: char **cp;
971: const char *ep, *start;
972: size_t ressz;
973: int i, sz;
974:
975: /*
976: * Begin by chdir()ing into the root of the manpath.
977: * This way we can pick up the database files, which are
978: * relative to the manpath root.
979: */
980:
981: if (-1 == (chdir(req->q.manpath))) {
1.17 schwarze 982: fprintf(stderr, "chdir %s: %s\n",
983: req->q.manpath, strerror(errno));
984: pg_error_internal();
1.1 schwarze 985: return;
986: }
987:
988: search.arch = req->q.arch;
989: search.sec = req->q.sec;
1.5 schwarze 990: search.deftype = req->q.equal ? TYPE_Nm : (TYPE_Nm | TYPE_Nd);
991: search.flags = req->q.equal ? MANSEARCH_MAN : 0;
1.1 schwarze 992:
993: paths.sz = 1;
994: paths.paths = mandoc_malloc(sizeof(char *));
995: paths.paths[0] = mandoc_strdup(".");
996:
997: /*
998: * Poor man's tokenisation: just break apart by spaces.
999: * Yes, this is half-ass. But it works for now.
1000: */
1001:
1.25 schwarze 1002: ep = req->q.query;
1.1 schwarze 1003: while (ep && isspace((unsigned char)*ep))
1004: ep++;
1005:
1006: sz = 0;
1007: cp = NULL;
1008: while (ep && '\0' != *ep) {
1009: cp = mandoc_reallocarray(cp, sz + 1, sizeof(char *));
1010: start = ep;
1011: while ('\0' != *ep && ! isspace((unsigned char)*ep))
1012: ep++;
1013: cp[sz] = mandoc_malloc((ep - start) + 1);
1014: memcpy(cp[sz], start, ep - start);
1015: cp[sz++][ep - start] = '\0';
1016: while (isspace((unsigned char)*ep))
1017: ep++;
1018: }
1019:
1020: if (0 == mansearch(&search, &paths, sz, cp, "Nd", &res, &ressz))
1.12 schwarze 1021: pg_noresult(req, "You entered an invalid query.");
1.1 schwarze 1022: else if (0 == ressz)
1.12 schwarze 1023: pg_noresult(req, "No results found.");
1.1 schwarze 1024: else
1.12 schwarze 1025: pg_searchres(req, res, ressz);
1.1 schwarze 1026:
1027: for (i = 0; i < sz; i++)
1028: free(cp[i]);
1029: free(cp);
1030:
1031: for (i = 0; i < (int)ressz; i++) {
1032: free(res[i].file);
1033: free(res[i].names);
1034: free(res[i].output);
1035: }
1036: free(res);
1037:
1038: free(paths.paths[0]);
1039: free(paths.paths);
1040: }
1041:
1042: int
1043: main(void)
1044: {
1.6 schwarze 1045: struct req req;
1046: const char *path;
1.23 schwarze 1047: const char *querystring;
1.1 schwarze 1048: int i;
1049:
1050: /* Scan our run-time environment. */
1051:
1052: if (NULL == (scriptname = getenv("SCRIPT_NAME")))
1053: scriptname = "";
1054:
1.20 schwarze 1055: if ( ! validate_urifrag(scriptname)) {
1056: fprintf(stderr, "unsafe SCRIPT_NAME \"%s\"\n",
1057: scriptname);
1058: pg_error_internal();
1059: return(EXIT_FAILURE);
1060: }
1061:
1.1 schwarze 1062: /*
1.7 schwarze 1063: * First we change directory into the MAN_DIR so that
1.1 schwarze 1064: * subsequent scanning for manpath directories is rooted
1065: * relative to the same position.
1066: */
1067:
1.7 schwarze 1068: if (-1 == chdir(MAN_DIR)) {
1.1 schwarze 1069: fprintf(stderr, "MAN_DIR: %s: %s\n",
1.7 schwarze 1070: MAN_DIR, strerror(errno));
1.12 schwarze 1071: pg_error_internal();
1.1 schwarze 1072: return(EXIT_FAILURE);
1073: }
1074:
1075: memset(&req, 0, sizeof(struct req));
1076: pathgen(&req);
1077:
1078: /* Next parse out the query string. */
1079:
1080: if (NULL != (querystring = getenv("QUERY_STRING")))
1081: http_parse(&req, querystring);
1.17 schwarze 1082:
1083: if ( ! validate_manpath(&req, req.q.manpath)) {
1084: pg_error_badrequest(
1085: "You specified an invalid manpath.");
1086: return(EXIT_FAILURE);
1087: }
1.1 schwarze 1088:
1.20 schwarze 1089: if ( ! (NULL == req.q.arch || validate_urifrag(req.q.arch))) {
1090: pg_error_badrequest(
1091: "You specified an invalid architecture.");
1092: return(EXIT_FAILURE);
1093: }
1094:
1.6 schwarze 1095: /* Dispatch to the three different pages. */
1.1 schwarze 1096:
1.6 schwarze 1097: path = getenv("PATH_INFO");
1098: if (NULL == path)
1099: path = "";
1100: else if ('/' == *path)
1101: path++;
1102:
1103: if ('\0' != *path)
1104: pg_show(&req, path);
1.25 schwarze 1105: else if (NULL != req.q.query)
1.6 schwarze 1106: pg_search(&req);
1107: else
1.12 schwarze 1108: pg_index(&req);
1.1 schwarze 1109:
1.23 schwarze 1110: free(req.q.manpath);
1111: free(req.q.arch);
1112: free(req.q.sec);
1.25 schwarze 1113: free(req.q.query);
1.1 schwarze 1114: for (i = 0; i < (int)req.psz; i++)
1115: free(req.p[i]);
1116: free(req.p);
1117: return(EXIT_SUCCESS);
1118: }
1119:
1120: /*
1121: * Scan for indexable paths.
1122: */
1123: static void
1124: pathgen(struct req *req)
1125: {
1126: FILE *fp;
1127: char *dp;
1128: size_t dpsz;
1129:
1.14 schwarze 1130: if (NULL == (fp = fopen("manpath.conf", "r"))) {
1131: fprintf(stderr, "%s/manpath.conf: %s\n",
1132: MAN_DIR, strerror(errno));
1133: pg_error_internal();
1134: exit(EXIT_FAILURE);
1135: }
1.1 schwarze 1136:
1137: while (NULL != (dp = fgetln(fp, &dpsz))) {
1138: if ('\n' == dp[dpsz - 1])
1139: dpsz--;
1140: req->p = mandoc_realloc(req->p,
1141: (req->psz + 1) * sizeof(char *));
1.20 schwarze 1142: dp = mandoc_strndup(dp, dpsz);
1143: if ( ! validate_urifrag(dp)) {
1144: fprintf(stderr, "%s/manpath.conf contains "
1145: "unsafe path \"%s\"\n", MAN_DIR, dp);
1146: pg_error_internal();
1147: exit(EXIT_FAILURE);
1148: }
1149: if (NULL != strchr(dp, '/')) {
1150: fprintf(stderr, "%s/manpath.conf contains "
1151: "path with slash \"%s\"\n", MAN_DIR, dp);
1152: pg_error_internal();
1153: exit(EXIT_FAILURE);
1154: }
1155: req->p[req->psz++] = dp;
1.14 schwarze 1156: }
1157:
1158: if ( req->p == NULL ) {
1159: fprintf(stderr, "%s/manpath.conf is empty\n", MAN_DIR);
1160: pg_error_internal();
1161: exit(EXIT_FAILURE);
1.1 schwarze 1162: }
1163: }