be more paranoid with strings
[xombrero.git] / cookie.c
blob7c7c293333289fe22c9ac67b2e7e876a61e69a7a
1 /*
2 * Copyright (c) 2010, 2011 Marco Peereboom <marco@peereboom.us>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 #include "xxxterm.h"
19 #define XT_REJECT_FILE ("rejected.txt")
20 #define XT_COOKIE_FILE ("cookies.txt")
22 /* hooked functions */
23 void (*_soup_cookie_jar_add_cookie)(SoupCookieJar *, SoupCookie *);
24 void (*_soup_cookie_jar_delete_cookie)(SoupCookieJar *,
25 SoupCookie *);
27 void
28 print_cookie(char *msg, SoupCookie *c)
30 if (c == NULL)
31 return;
33 if (msg) {
34 DNPRINTF(XT_D_COOKIE, "%s\n", msg);
37 DNPRINTF(XT_D_COOKIE, "name : %s\n", c->name);
38 DNPRINTF(XT_D_COOKIE, "value : %s\n", c->value);
39 DNPRINTF(XT_D_COOKIE, "domain : %s\n", c->domain);
40 DNPRINTF(XT_D_COOKIE, "path : %s\n", c->path);
41 DNPRINTF(XT_D_COOKIE, "expires : %s\n",
42 c->expires ? soup_date_to_string(c->expires, SOUP_DATE_HTTP) : "");
43 DNPRINTF(XT_D_COOKIE, "secure : %d\n", c->secure);
44 DNPRINTF(XT_D_COOKIE, "http_only: %d\n", c->http_only);
45 DNPRINTF(XT_D_COOKIE, "====================================\n");
48 void
49 set_hook(void **hook, char *name)
51 if (hook == NULL)
52 errx(1, "set_hook");
54 if (*hook == NULL) {
55 *hook = dlsym(RTLD_NEXT, name);
56 if (*hook == NULL)
57 errx(1, "can't hook %s", name);
61 /* override libsoup soup_cookie_equal because it doesn't look at domain */
62 gboolean
63 soup_cookie_equal(SoupCookie *cookie1, SoupCookie *cookie2)
65 g_return_val_if_fail(cookie1, FALSE);
66 g_return_val_if_fail(cookie2, FALSE);
68 return (!strcmp (cookie1->name, cookie2->name) &&
69 !strcmp (cookie1->value, cookie2->value) &&
70 !strcmp (cookie1->path, cookie2->path) &&
71 !strcmp (cookie1->domain, cookie2->domain));
74 void
75 transfer_cookies(void)
77 GSList *cf;
78 SoupCookie *sc, *pc;
80 cf = soup_cookie_jar_all_cookies(p_cookiejar);
82 for (;cf; cf = cf->next) {
83 pc = cf->data;
84 sc = soup_cookie_copy(pc);
85 _soup_cookie_jar_add_cookie(s_cookiejar, sc);
88 soup_cookies_free(cf);
91 void
92 soup_cookie_jar_delete_cookie(SoupCookieJar *jar, SoupCookie *c)
94 GSList *cf;
95 SoupCookie *ci;
97 print_cookie("soup_cookie_jar_delete_cookie", c);
99 if (cookies_enabled == 0)
100 return;
102 if (jar == NULL || c == NULL)
103 return;
105 /* find and remove from persistent jar */
106 cf = soup_cookie_jar_all_cookies(p_cookiejar);
108 for (;cf; cf = cf->next) {
109 ci = cf->data;
110 if (soup_cookie_equal(ci, c)) {
111 _soup_cookie_jar_delete_cookie(p_cookiejar, ci);
112 break;
116 soup_cookies_free(cf);
118 /* delete from session jar */
119 _soup_cookie_jar_delete_cookie(s_cookiejar, c);
122 void
123 soup_cookie_jar_add_cookie(SoupCookieJar *jar, SoupCookie *cookie)
125 struct domain *d = NULL;
126 SoupCookie *c;
127 FILE *r_cookie_f;
129 DNPRINTF(XT_D_COOKIE, "soup_cookie_jar_add_cookie: %p %p %p\n",
130 jar, p_cookiejar, s_cookiejar);
132 if (cookies_enabled == 0)
133 return;
135 /* see if we are up and running */
136 if (p_cookiejar == NULL) {
137 _soup_cookie_jar_add_cookie(jar, cookie);
138 return;
140 /* disallow p_cookiejar adds, shouldn't happen */
141 if (jar == p_cookiejar)
142 return;
144 /* sanity */
145 if (jar == NULL || cookie == NULL)
146 return;
148 if (enable_cookie_whitelist &&
149 (d = wl_find(cookie->domain, &c_wl)) == NULL) {
150 blocked_cookies++;
151 DNPRINTF(XT_D_COOKIE,
152 "soup_cookie_jar_add_cookie: reject %s\n",
153 cookie->domain);
154 if (save_rejected_cookies) {
155 if ((r_cookie_f = fopen(rc_fname, "a+")) == NULL) {
156 show_oops(NULL, "can't open reject cookie file");
157 return;
159 fseek(r_cookie_f, 0, SEEK_END);
160 fprintf(r_cookie_f, "%s%s\t%s\t%s\t%s\t%lu\t%s\t%s\n",
161 cookie->http_only ? "#HttpOnly_" : "",
162 cookie->domain,
163 *cookie->domain == '.' ? "TRUE" : "FALSE",
164 cookie->path,
165 cookie->secure ? "TRUE" : "FALSE",
166 cookie->expires ?
167 (gulong)soup_date_to_time_t(cookie->expires) :
169 cookie->name,
170 cookie->value);
171 fflush(r_cookie_f);
172 fclose(r_cookie_f);
174 if (!allow_volatile_cookies)
175 return;
178 if (cookie->expires == NULL && session_timeout) {
179 soup_cookie_set_expires(cookie,
180 soup_date_new_from_now(session_timeout));
181 print_cookie("modified add cookie", cookie);
184 /* see if we are white listed for persistence */
185 if ((d && d->handy) || (enable_cookie_whitelist == 0)) {
186 /* add to persistent jar */
187 c = soup_cookie_copy(cookie);
188 print_cookie("soup_cookie_jar_add_cookie p_cookiejar", c);
189 _soup_cookie_jar_add_cookie(p_cookiejar, c);
192 /* add to session jar */
193 print_cookie("soup_cookie_jar_add_cookie s_cookiejar", cookie);
194 _soup_cookie_jar_add_cookie(s_cookiejar, cookie);
197 void
198 setup_cookies(void)
200 char file[PATH_MAX];
202 set_hook((void *)&_soup_cookie_jar_add_cookie,
203 "soup_cookie_jar_add_cookie");
204 set_hook((void *)&_soup_cookie_jar_delete_cookie,
205 "soup_cookie_jar_delete_cookie");
207 if (cookies_enabled == 0)
208 return;
211 * the following code is intricate due to overriding several libsoup
212 * functions.
213 * do not alter order of these operations.
216 /* rejected cookies */
217 if (save_rejected_cookies)
218 snprintf(rc_fname, sizeof file, "%s/%s", work_dir,
219 XT_REJECT_FILE);
221 /* persistent cookies */
222 snprintf(file, sizeof file, "%s/%s", work_dir, XT_COOKIE_FILE);
223 p_cookiejar = soup_cookie_jar_text_new(file, read_only_cookies);
225 /* session cookies */
226 s_cookiejar = soup_cookie_jar_new();
227 g_object_set(G_OBJECT(s_cookiejar), SOUP_COOKIE_JAR_ACCEPT_POLICY,
228 cookie_policy, (void *)NULL);
229 transfer_cookies();
231 soup_session_add_feature(session, (SoupSessionFeature*)s_cookiejar);