From git at git.privoxy.org Wed Jun 18 05:46:58 2025 From: git at git.privoxy.org (User Git) Date: Wed, 18 Jun 2025 05:46:58 +0200 Subject: [Privoxy-commits] [privoxy] 01/09: Bump copyright In-Reply-To: <175021841717.92935.6150348737210002002@privoxy-git> References: <175021841717.92935.6150348737210002002@privoxy-git> Message-ID: <20250618034658.121A7C210@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 6633bf29587d10cb7ae23ab87bebd8149524f67b Author: Fabian Keil AuthorDate: Thu Jan 23 10:49:07 2025 +0100 Bump copyright --- doc/source/faq.sgml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/source/faq.sgml b/doc/source/faq.sgml index 438fa6d0..8fc8fa77 100644 --- a/doc/source/faq.sgml +++ b/doc/source/faq.sgml @@ -69,7 +69,7 @@ - Copyright &my-copy; 2001-2023 by + Copyright &my-copy; 2001-2025 by Privoxy Developers -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Wed Jun 18 05:46:57 2025 From: git at git.privoxy.org (User Git) Date: Wed, 18 Jun 2025 05:46:57 +0200 Subject: [Privoxy-commits] [privoxy] branch master updated (6adadda8 -> 44f9f5cf) Message-ID: <175021841717.92935.6150348737210002002@privoxy-git> This is an automated email from the git hooks/post-receive script. git pushed a change to branch master in repository privoxy. from 6adadda8 Remove Bronze sponsor www.proxidize.com new 6633bf29 Bump copyright new d34d4df1 Look for the "keep-alive" keyword more carefully new be5cd2bb Bump copyright new 6260031e Don't forward connection options Privoxy doesn't understand new 44725172 Add +server-header-tagger{content-type} to all standard settings new ee2c1f82 handle_established_connection(): Improve an error message new 2d03b12f Remove ifdef FEATURE_HTTPS_INSPECTION that is always true new b8f5ec4d parse_http_url(): Fail if no host is found when we expected one new 44f9f5cf init_domain_components(): Assert that the http->dbuffer and http->dvec are NULL The 9 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: default.action.master | 3 +++ doc/source/faq.sgml | 2 +- jcc.c | 5 ++-- match-all.action | 1 + parsers.c | 65 +++++++++++++++++++++++++++++++++++++++++++++++---- urlmatch.c | 7 ++++++ 6 files changed, 75 insertions(+), 8 deletions(-) -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Wed Jun 18 05:46:59 2025 From: git at git.privoxy.org (User Git) Date: Wed, 18 Jun 2025 05:46:59 +0200 Subject: [Privoxy-commits] [privoxy] 02/09: Look for the "keep-alive" keyword more carefully In-Reply-To: <175021841717.92935.6150348737210002002@privoxy-git> References: <175021841717.92935.6150348737210002002@privoxy-git> Message-ID: <20250618034658.ADABBC1E3@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit d34d4df1ee741844a53c2bfaf36b5f60fd165e62 Author: Fabian Keil AuthorDate: Sat Feb 8 13:55:15 2025 +0100 Look for the "keep-alive" keyword more carefully ... in Connection headers. Previously connections were not kept alive if the Connection header contained additional keywords like "Upgrade". --- parsers.c | 47 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 46 insertions(+), 1 deletion(-) diff --git a/parsers.c b/parsers.c index a14f970d..5428a445 100644 --- a/parsers.c +++ b/parsers.c @@ -1791,6 +1791,51 @@ static jb_err filter_header(struct client_state *csp, char **header) } +/********************************************************************* + * + * Function : connection_header_contains_keep_alive_keyword + * + * Description : Checks wether or not a Connection header contains + * the keep-alive keyword. + * + * Parameters : + * 1 : header = The Connection header to check. + * + * Returns : TRUE or FALSE. + * + *********************************************************************/ +static int connection_header_contains_keep_alive_keyword(const char *header) +{ + char *header_content; + char *keywords[4]; + int segments; + int keep_alive_keyword_present = FALSE; + + header_content = strdup(header+11); + if (header_content == NULL) + { + log_error(LOG_LEVEL_ERROR, + "Out of memory while looking for keep-alive keyword in %s", header); + return FALSE; + } + + segments = ssplit(header_content, " ,", keywords, SZ(keywords)); + while (segments-- > 0) + { + if (!strcmpic(keywords[segments], "keep-alive")) + { + keep_alive_keyword_present = TRUE; + break; + } + } + + freez(header_content); + + return keep_alive_keyword_present; + +} + + /********************************************************************* * * Function : server_connection @@ -1811,7 +1856,7 @@ static jb_err filter_header(struct client_state *csp, char **header) *********************************************************************/ static jb_err server_connection(struct client_state *csp, char **header) { - if (!strcmpic(*header, "Connection: keep-alive") + if (connection_header_contains_keep_alive_keyword(*header) #ifdef FEATURE_CONNECTION_KEEP_ALIVE && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED) #endif -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Wed Jun 18 05:47:00 2025 From: git at git.privoxy.org (User Git) Date: Wed, 18 Jun 2025 05:47:00 +0200 Subject: [Privoxy-commits] [privoxy] 03/09: Bump copyright In-Reply-To: <175021841717.92935.6150348737210002002@privoxy-git> References: <175021841717.92935.6150348737210002002@privoxy-git> Message-ID: <20250618034659.3A909C211@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit be5cd2bb6cec600601b54cb7732fc0cba44451be Author: Fabian Keil AuthorDate: Sun Feb 9 15:17:39 2025 +0100 Bump copyright --- parsers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/parsers.c b/parsers.c index 5428a445..944a932f 100644 --- a/parsers.c +++ b/parsers.c @@ -4,7 +4,7 @@ * * Purpose : Declares functions to parse/crunch headers and pages. * - * Copyright : Written by and Copyright (C) 2001-2021 the + * Copyright : Written by and Copyright (C) 2001-2025 the * Privoxy team. https://www.privoxy.org/ * * Based on the Internet Junkbuster originally written -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Wed Jun 18 05:47:01 2025 From: git at git.privoxy.org (User Git) Date: Wed, 18 Jun 2025 05:47:01 +0200 Subject: [Privoxy-commits] [privoxy] 04/09: Don't forward connection options Privoxy doesn't understand In-Reply-To: <175021841717.92935.6150348737210002002@privoxy-git> References: <175021841717.92935.6150348737210002002@privoxy-git> Message-ID: <20250618034659.7AD03C1E5@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 6260031edfde3b3f3129c01097a814e044f2a17e Author: Fabian Keil AuthorDate: Mon Feb 10 12:05:22 2025 +0100 Don't forward connection options Privoxy doesn't understand --- parsers.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/parsers.c b/parsers.c index 944a932f..605f54a0 100644 --- a/parsers.c +++ b/parsers.c @@ -1870,8 +1870,20 @@ static jb_err server_connection(struct client_state *csp, char **header) if ((csp->flags & CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE)) { - log_error(LOG_LEVEL_HEADER, - "Keeping the server header '%s' around.", *header); + if (!strcmpic(*header, "Connection: keep-alive")) + { + log_error(LOG_LEVEL_HEADER, + "Keeping the server header '%s' around.", *header); + } + else + { + char *old_header = *header; + + *header = strdup_or_die("Connection: keep-alive"); + log_error(LOG_LEVEL_HEADER, "Replaced: \'%s\' with \'%s\'", + old_header, *header); + freez(old_header); + } } else #endif /* FEATURE_CONNECTION_KEEP_ALIVE */ -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Wed Jun 18 05:47:02 2025 From: git at git.privoxy.org (User Git) Date: Wed, 18 Jun 2025 05:47:02 +0200 Subject: [Privoxy-commits] [privoxy] 05/09: Add +server-header-tagger{content-type} to all standard settings In-Reply-To: <175021841717.92935.6150348737210002002@privoxy-git> References: <175021841717.92935.6150348737210002002@privoxy-git> Message-ID: <20250618034659.CF530C214@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 44725172fa2b4342dc5b56e502edbe51727c8493 Author: Fabian Keil AuthorDate: Thu Mar 27 14:29:47 2025 +0100 Add +server-header-tagger{content-type} to all standard settings --- default.action.master | 3 +++ match-all.action | 1 + 2 files changed, 4 insertions(+) diff --git a/default.action.master b/default.action.master index ebf953a0..f06391fa 100644 --- a/default.action.master +++ b/default.action.master @@ -546,6 +546,7 @@ allow-ads = -block -filter{banners-by-size} -filter{banners-by-link} +client-header-tagger{image-requests} \ +client-header-tagger{range-requests} \ +hide-from-header{block} \ ++server-header-tagger{content-type} \ +set-image-blocker{pattern} \ } standard.Cautious @@ -567,6 +568,7 @@ standard.Cautious +filter{jumping-windows} \ +hide-from-header{block} \ +hide-referrer{conditional-block} \ ++server-header-tagger{content-type} \ +session-cookies-only \ +set-image-blocker{pattern} \ } @@ -608,6 +610,7 @@ standard.Medium +hide-referrer{conditional-block} \ +limit-connect{,} \ +overwrite-last-modified{randomize} \ ++server-header-tagger{content-type} \ +set-image-blocker{pattern} \ } standard.Advanced diff --git a/match-all.action b/match-all.action index 37520d3e..f365e2f0 100644 --- a/match-all.action +++ b/match-all.action @@ -11,6 +11,7 @@ +client-header-tagger{image-requests} \ +client-header-tagger{range-requests} \ +hide-from-header{block} \ ++server-header-tagger{content-type} \ +set-image-blocker{pattern} \ } / # Match all URLs -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Wed Jun 18 05:47:03 2025 From: git at git.privoxy.org (User Git) Date: Wed, 18 Jun 2025 05:47:03 +0200 Subject: [Privoxy-commits] [privoxy] 06/09: handle_established_connection(): Improve an error message In-Reply-To: <175021841717.92935.6150348737210002002@privoxy-git> References: <175021841717.92935.6150348737210002002@privoxy-git> Message-ID: <20250618034700.94F0EC216@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit ee2c1f82d7542edcb573882c4d12274132bf93ee Author: Fabian Keil AuthorDate: Sat May 3 17:31:09 2025 +0200 handle_established_connection(): Improve an error message --- jcc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/jcc.c b/jcc.c index 55a36f52..99aebf0c 100644 --- a/jcc.c +++ b/jcc.c @@ -3975,7 +3975,8 @@ static void handle_established_connection(struct client_state *csp) if (!csp->headers->first->str) { - log_error(LOG_LEVEL_ERROR, "header search: csp->headers->first->str == NULL, assert will be called"); + log_error(LOG_LEVEL_ERROR, "Header search failed unexpectedly: " + "csp->headers->first->str == NULL."); } assert(csp->headers->first->str); -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Wed Jun 18 05:47:04 2025 From: git at git.privoxy.org (User Git) Date: Wed, 18 Jun 2025 05:47:04 +0200 Subject: [Privoxy-commits] [privoxy] 07/09: Remove ifdef FEATURE_HTTPS_INSPECTION that is always true In-Reply-To: <175021841717.92935.6150348737210002002@privoxy-git> References: <175021841717.92935.6150348737210002002@privoxy-git> Message-ID: <20250618034700.E2DEDC218@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 2d03b12f4f209d9c9cd17c993280fa1d9c21d790 Author: Fabian Keil AuthorDate: Sat May 3 19:05:44 2025 +0200 Remove ifdef FEATURE_HTTPS_INSPECTION that is always true ... as it's in an ifdef FEATURE_HTTPS_INSPECTION block. --- jcc.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/jcc.c b/jcc.c index 99aebf0c..6970eade 100644 --- a/jcc.c +++ b/jcc.c @@ -4137,9 +4137,7 @@ static void handle_established_connection(struct client_state *csp) * to the client... it probably can't hear us anyway. */ mark_server_socket_tainted(csp); -#ifdef FEATURE_HTTPS_INSPECTION close_client_and_server_ssl_connections(csp); -#endif return; } } -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Wed Jun 18 05:47:05 2025 From: git at git.privoxy.org (User Git) Date: Wed, 18 Jun 2025 05:47:05 +0200 Subject: [Privoxy-commits] [privoxy] 08/09: parse_http_url(): Fail if no host is found when we expected one In-Reply-To: <175021841717.92935.6150348737210002002@privoxy-git> References: <175021841717.92935.6150348737210002002@privoxy-git> Message-ID: <20250618034701.289D5C21A@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit b8f5ec4d1a5eee00548fded12aba5b8d229a7bfb Author: Fabian Keil AuthorDate: Sun May 4 15:08:58 2025 +0200 parse_http_url(): Fail if no host is found when we expected one This can happen in case of invalid requests in which case Privoxy priviously would leak a couple of bytes of memory. --- urlmatch.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/urlmatch.c b/urlmatch.c index b6a61d96..b213c3eb 100644 --- a/urlmatch.c +++ b/urlmatch.c @@ -326,6 +326,11 @@ jb_err parse_http_url(const char *url, struct http_request *http, int require_pr if (!host_available) { + if (!require_protocol) + { + log_error(LOG_LEVEL_ERROR, "No host found in request line."); + return JB_ERR_PARSE; + } /* Without host, there is nothing left to do here */ return JB_ERR_OK; } -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Wed Jun 18 05:47:06 2025 From: git at git.privoxy.org (User Git) Date: Wed, 18 Jun 2025 05:47:06 +0200 Subject: [Privoxy-commits] [privoxy] 09/09: init_domain_components(): Assert that the http->dbuffer and http->dvec are NULL In-Reply-To: <175021841717.92935.6150348737210002002@privoxy-git> References: <175021841717.92935.6150348737210002002@privoxy-git> Message-ID: <20250618034701.AC01FC1E6@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 44f9f5cf5846213dacba1821229c97941e1646a3 Author: Fabian Keil AuthorDate: Sun May 4 15:13:06 2025 +0200 init_domain_components(): Assert that the http->dbuffer and http->dvec are NULL To detect memory leaks earlier. --- urlmatch.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/urlmatch.c b/urlmatch.c index b213c3eb..7682c9e0 100644 --- a/urlmatch.c +++ b/urlmatch.c @@ -122,6 +122,7 @@ jb_err init_domain_components(struct http_request *http) size_t size; char *p; + assert(http->dbuffer == NULL); http->dbuffer = strdup_or_die(http->host); /* map to lower case */ @@ -146,6 +147,7 @@ jb_err init_domain_components(struct http_request *http) /* save a copy of the pointers in dvec */ size = (size_t)http->dcount * sizeof(*http->dvec); + assert(http->dvec == NULL); http->dvec = malloc_or_die(size); memcpy(http->dvec, vec, size); -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Sun Jun 22 11:32:36 2025 From: git at git.privoxy.org (User Git) Date: Sun, 22 Jun 2025 11:32:36 +0200 Subject: [Privoxy-commits] [privoxy] branch master updated (44f9f5cf -> 54854c6c) Message-ID: <175058475627.84360.5544348372766262936@privoxy-git> This is an automated email from the git hooks/post-receive script. git pushed a change to branch master in repository privoxy. from 44f9f5cf init_domain_components(): Assert that the http->dbuffer and http->dvec are NULL new 93931583 Prevent a fingerprinting issue with various login pages new eb851e44 Remove an action section without an URL pattern new f7382782 Fix sticky actions for .flickr.com to match the action section new 54854c6c Stop downgrading the HTTP version for port 631 The 4 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: default.action.master | 92 ++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 84 insertions(+), 8 deletions(-) -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Sun Jun 22 11:32:37 2025 From: git at git.privoxy.org (User Git) Date: Sun, 22 Jun 2025 11:32:37 +0200 Subject: [Privoxy-commits] [privoxy] 01/04: Prevent a fingerprinting issue with various login pages In-Reply-To: <175058475627.84360.5544348372766262936@privoxy-git> References: <175058475627.84360.5544348372766262936@privoxy-git> Message-ID: <20250622093237.0F6BECF7B@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 93931583124eb045524d584fdfb964a0fcf32037 Author: Fabian Keil AuthorDate: Fri Jun 20 05:31:06 2025 +0200 Prevent a fingerprinting issue with various login pages ... by not handling the requests as image requests or fast-redirecting them. Without the added section a request to a blocked or redirected login URL could be misdetected by third parties as the user being logged in to the given site, thus making fingerprinting Privoxy users easier. Note that this does not prevent the fingerprinting issue if the client is actually logged in. For details see: https://robinlinus.github.io/socialmedia-leak/ Doing that would probably be too invasive for a default configuration. --- default.action.master | 83 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) diff --git a/default.action.master b/default.action.master index f06391fa..c5e1b539 100644 --- a/default.action.master +++ b/default.action.master @@ -2737,6 +2737,89 @@ config.privoxy.org/ # URL = http://www.flickr.com/ .flickr.com/ +# Without this section a request to a blocked or redirected +# login URL could be misdetected by third parties as the +# user being logged in to the given site, thus making +# fingerprinting Privoxy users easier. +# +# Note that this does not prevent the fingerprinting issue +# if the client is actually logged in. For details see: +# https://robinlinus.github.io/socialmedia-leak/ +{-client-header-tagger{image-requests} \ + -fast-redirects \ + -handle-as-image \ +} +# Sticky Actions = -client-header-tagger{image-requests} -fast-redirects -handle-as-image +# URL = https://squareup.com/login?return_to=%2Ffavicon.ico +squareup.com/login\? +# URL = https://twitter.com/login?redirect_after_login=%2f..%2ffavicon.ico +twitter.com/login\? +# URL = https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp +www.facebook.com/login.php\? +# URL = https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail +# URL = https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube +# URL = https://accounts.google.com/ServiceLogin?service=blogger&hl=de&passive=1209600&continue=https://www.blogger.com/favicon.ico +accounts.google.com/ServiceLogin\? +# URL = https://plus.google.com/up/accounts/upgrade/?continue=https://plus.google.com/favicon.ico +plus.google.com/up/accounts/upgrade/\? +# URL = https://login.skype.com/login?message=signin_continue&redirect_uri=https%3A%2F%2Fsecure.skype.com%2Ffavicon.ico +login.skype.com/login\? +# URL = https://www.spotify.com/en/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico +# URL = http://www.spotify.com/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico +www.spotify.com/[^/]+/login/\? +www.spotify.com/login/\? +# URL = https://www.reddit.com/login?dest=https%3A%2F%2Fwww.reddit.com%2Ffavicon.ico +# URL = https://www.reddit.com/login/?dest=https%3A%2F%2Fwww.reddit.com%2Ffavicon.ico +www.reddit.com/login +# URL = https://www.tumblr.com/login?redirect_to=%2Ffavicon.ico +www.tumblr.com/login\? +# URL = https://www.expedia.de/user/login?ckoflag=0&selc=0&uurl=qscr%3Dreds%26rurl%3D%252Ffavicon.ico +www.expedia.de/user/login\? +# URL = https://www.dropbox.com/login?cont=https%3A%2F%2Fwww.dropbox.com%2Fstatic%2Fimages%2Fabout%2Fdropbox_logo_glyph_2015.svg +www.dropbox.com/login\? +# URL = https://www.amazon.com/ap/signin/178-4417027-1316064?_encoding=UTF8&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=10000000&openid.return_to=https%3A%2F%2Fwww.amazon.com [...] +www.amazon.com/ap/signin/ +# URL = https://www.pinterest.com/login/?next=https%3A%2F%2Fwww.pinterest.com%2Ffavicon.ico +www.pinterest.com/login/ +# URL = https://de.foursquare.com/login?continue=%2Ffavicon.ico +de.foursquare.com/login\? +# URL = https://eu.battle.net/login/de/index?ref=http://eu.battle.net/favicon.ico +eu.battle.net/login/ +# URL = https://store.steampowered.com/login/?redir=favicon.ico +store.steampowered.com/login/ +# URL = https://www.academia.edu/login?cp=/favicon.ico&cs=www +www.academia.edu/login\? +# URL = https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Ffavicon.ico%3Fid%3D1 +github.com/login\? +# URL = https://medium.com/m/signin?redirect=https%3A%2F%2Fmedium.com%2Ffavicon.ico&loginType=default +medium.com/m/signin\? +# URL = https://news.ycombinator.com/login?goto=y18.gif%23 +news.ycombinator.com/login\? +# URL = https://carbonmade.com/signin?returnTo=favicon.ico +carbonmade.com/signin\? +# URL = https://courses.edx.org/login?next=/favicon.ico +courses.edx.org/login\? +# URL = https://slack.com/checkcookie?redir=https%3A%2F%2Fslack.com%2Ffavicon.ico%23 +slack.com/checkcookie\? +# URL = https://www.khanacademy.org/login?continue=https%3A//www.khanacademy.org/favicon.ico +www.khanacademy.org/login\? +# URL = https://www.paypal.com/signin?returnUri=https://t.paypal.com/ts?v=1.0.0 +www.paypal.com/signin\? +# URL = https://500px.com/login?r=%2Ffavicon.ico +500px.com/login\? +# URL = https://www.airbnb.com/login?redirect_params[action]=favicon.ico&redirect_params[controller]=home +www.airbnb.com/login\? +# URL = https://disqus.com/profile/login/?next=https%3A%2F%2Fdisqus.com%2Ffavicon.ico +disqus.com/profile/login/\? +# URL = https://secure.meetup.com/login/?returnUri=https%3A%2F%2Fwww.meetup.com%2Fimg%2Fajax_loader_trans.gif +# URL = https://www.meetup.com/login/?returnUri=https%3A%2F%2Fwww.meetup.com%2Fimg%2Fajax_loader_trans.gif +.meetup.com/login/\? +# URL = https://bitbucket.org/account/signin/?next=/favicon.ico +bitbucket.org/account/signin/\? +# URL = https://secure.indeed.com/account/login?continue=%2ffavicon.ico +secure.indeed.com/account/login\? +# URL = https://vk.com/login?u=2&to=ZmF2aWNvbi5pY28- +vk.com/login\? #---------------------------------------------------------------------------- # Sections that modify the action settings based on tags. -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Sun Jun 22 11:32:38 2025 From: git at git.privoxy.org (User Git) Date: Sun, 22 Jun 2025 11:32:38 +0200 Subject: [Privoxy-commits] [privoxy] 02/04: Remove an action section without an URL pattern In-Reply-To: <175058475627.84360.5544348372766262936@privoxy-git> References: <175058475627.84360.5544348372766262936@privoxy-git> Message-ID: <20250622093237.A2442CF7D@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit eb851e44f72eed1ef9bdf7c5ac30b78f6829bb6b Author: Fabian Keil AuthorDate: Fri Jun 20 08:01:33 2025 +0200 Remove an action section without an URL pattern --- default.action.master | 2 -- 1 file changed, 2 deletions(-) diff --git a/default.action.master b/default.action.master index c5e1b539..60fa7d40 100644 --- a/default.action.master +++ b/default.action.master @@ -2730,8 +2730,6 @@ config.privoxy.org/ # URL = http://l.yimg.com/g/combo/1?event-custom/event-custom-min.js&event/event-min.js&j/.H-.K.A.vNKEa&j/.CP-.U-.DE.A.vKEJz&j/.J_.BR_.CA.A.vKYkg&j/.J_.DB.A.vPpBT&j/popup-login.A.vR53Z&dump/dump-min.js&datatype/datatype-xml-min.js&substitute/substitute-min.js&json/json-min.js&queue-promote/queue-promote-min.js&io/io-min.js&j/.J_.DS.A.vQa28&j/.FW-.FX-.GH.A.vP3XB&j/grease.A.vRktP&j/.CC.A.vNiA6&j/.C-.BL.A.vPPj2&j/.CE-.K.A.vNy32&attribute/attribute-base-min.js&base/base-min.js&anim/anim-min. [...] .yimg.com/g/combo/1\?event-custom/ -{-block -filter{content-cookies}} -#MASTER# PROBLEM-URL: http://www.flickr.com/ {-filter{content-cookies}} # Sticky Actions = -block # URL = http://www.flickr.com/ -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Sun Jun 22 11:32:39 2025 From: git at git.privoxy.org (User Git) Date: Sun, 22 Jun 2025 11:32:39 +0200 Subject: [Privoxy-commits] [privoxy] 03/04: Fix sticky actions for .flickr.com to match the action section In-Reply-To: <175058475627.84360.5544348372766262936@privoxy-git> References: <175058475627.84360.5544348372766262936@privoxy-git> Message-ID: <20250622093238.0BC4BCF7F@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit f73827823fd984239ca3c9e7bb2f576e3243ad83 Author: Fabian Keil AuthorDate: Fri Jun 20 08:02:34 2025 +0200 Fix sticky actions for .flickr.com to match the action section --- default.action.master | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/default.action.master b/default.action.master index 60fa7d40..b9752fbb 100644 --- a/default.action.master +++ b/default.action.master @@ -2731,7 +2731,7 @@ config.privoxy.org/ .yimg.com/g/combo/1\?event-custom/ {-filter{content-cookies}} -# Sticky Actions = -block +# Sticky Actions = -filter{content-cookies} # URL = http://www.flickr.com/ .flickr.com/ -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Sun Jun 22 11:32:40 2025 From: git at git.privoxy.org (User Git) Date: Sun, 22 Jun 2025 11:32:40 +0200 Subject: [Privoxy-commits] [privoxy] 04/04: Stop downgrading the HTTP version for port 631 In-Reply-To: <175058475627.84360.5544348372766262936@privoxy-git> References: <175058475627.84360.5544348372766262936@privoxy-git> Message-ID: <20250622093238.50FFCD000@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 54854c6c5db72600b2ff13e1aaa6e767baa97f9d Author: Fabian Keil AuthorDate: Fri Jun 20 08:04:05 2025 +0200 Stop downgrading the HTTP version for port 631 It was supposed to work around a problem with the CUPS webinterface but about 20 years later we probably don't need it anymore ... --- default.action.master | 5 ----- 1 file changed, 5 deletions(-) diff --git a/default.action.master b/default.action.master index b9752fbb..8bef67ae 100644 --- a/default.action.master +++ b/default.action.master @@ -2672,11 +2672,6 @@ tr.anp.se/ {+filter{tiny-textforms}} .sourceforge.net/tracker -{+downgrade-http-version} -#MASTER# COMMENTS: This section not checked 10/17/06 HB -#MASTER# REMARKS: This is work-around for CUPS http configuration. -:631 - #MASTER# REMARKS: If Privoxy is disabled, requests for config.privoxy.org/ #MASTER# REMARKS: reach privoxy.org and are redirected to privoxy.org/config. #MASTER# REMARKS: The instructions tell the user to reload the page with -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Sun Jun 22 15:53:55 2025 From: git at git.privoxy.org (User Git) Date: Sun, 22 Jun 2025 15:53:55 +0200 Subject: [Privoxy-commits] [privoxy] 02/02: Update 25_standard_medium to changed upstream. In-Reply-To: <175060043348.86619.18005246601211981105@privoxy-git> References: <175060043348.86619.18005246601211981105@privoxy-git> Message-ID: <20250622135354.6EBB7D01F@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 1dee3375dd15ad2a3e88b1bddc857281d5310162 Author: Roland Rosenfeld AuthorDate: Sun Jun 22 15:21:48 2025 +0200 Update 25_standard_medium to changed upstream. --- debian/changelog | 1 + debian/patches/25_standard_medium.patch | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index 4d4c3a73..caba24e9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,7 @@ privoxy (4.1.0~gitsnapshot-1) UNRELEASED; urgency=medium * Unreleased GIT snapshot. + * Update 25_standard_medium to changed upstream. -- Roland Rosenfeld Sun, 22 Jun 2025 15:12:38 +0200 diff --git a/debian/patches/25_standard_medium.patch b/debian/patches/25_standard_medium.patch index d54f32b1..475de28e 100644 --- a/debian/patches/25_standard_medium.patch +++ b/debian/patches/25_standard_medium.patch @@ -1,12 +1,13 @@ From: Roland Rosenfeld Date: Sat, 23 Sep 2006 23:37:03 +0200 +Last-Update: 2025-06-22 Subject: Change the global default from standard.Cautious to standard.Medium, which is similar to the old 3.0.3 behavior and doesn't change too much. Forwarded: not-needed --- a/match-all.action +++ b/match-all.action -@@ -10,7 +10,16 @@ +@@ -10,8 +10,16 @@ +client-header-tagger{css-requests} \ +client-header-tagger{image-requests} \ +client-header-tagger{range-requests} \ @@ -16,9 +17,9 @@ Forwarded: not-needed ++filter{banners-by-size} \ ++filter{webbugs} \ ++filter{jumping-windows} \ -++filter{ie-exploits} \ +hide-from-header{block} \ ++hide-referrer{conditional-block} \ + +server-header-tagger{content-type} \ ++session-cookies-only \ +set-image-blocker{pattern} \ } -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Sun Jun 22 15:53:53 2025 From: git at git.privoxy.org (User Git) Date: Sun, 22 Jun 2025 15:53:53 +0200 Subject: [Privoxy-commits] [privoxy] branch master updated (54854c6c -> 1dee3375) Message-ID: <175060043348.86619.18005246601211981105@privoxy-git> This is an automated email from the git hooks/post-receive script. git pushed a change to branch master in repository privoxy. from 54854c6c Stop downgrading the HTTP version for port 631 new 129651c9 Debian: Update debian/ dir to Debian 4.0.0-2 package. new 1dee3375 Update 25_standard_medium to changed upstream. The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: debian/changelog | 14 +++++++-- debian/patches/25_standard_medium.patch | 5 +-- debian/po/{it.po => ca.po} | 21 +++++++------ debian/tests/check-ssl | 20 +++++++++++- debian/upstream/signing-key.asc | 54 ++++++++++++++++----------------- 5 files changed, 72 insertions(+), 42 deletions(-) copy debian/po/{it.po => ca.po} (52%) -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Sun Jun 22 15:53:54 2025 From: git at git.privoxy.org (User Git) Date: Sun, 22 Jun 2025 15:53:54 +0200 Subject: [Privoxy-commits] [privoxy] 01/02: Debian: Update debian/ dir to Debian 4.0.0-2 package. In-Reply-To: <175060043348.86619.18005246601211981105@privoxy-git> References: <175060043348.86619.18005246601211981105@privoxy-git> Message-ID: <20250622135354.338F7CFD5@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 129651c967634b8ff0e9a8443416b952bc34a96f Author: Roland Rosenfeld AuthorDate: Sun Jun 22 15:13:28 2025 +0200 Debian: Update debian/ dir to Debian 4.0.0-2 package. And change gitsnapshot version to 4.1.0~gitsnapshot-1 --- debian/changelog | 13 ++++++++-- debian/po/ca.po | 34 ++++++++++++++++++++++++++ debian/tests/check-ssl | 20 ++++++++++++++- debian/upstream/signing-key.asc | 54 ++++++++++++++++++++--------------------- 4 files changed, 91 insertions(+), 30 deletions(-) diff --git a/debian/changelog b/debian/changelog index 1a81f523..4d4c3a73 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,17 @@ -privoxy (4.0.1~gitsnapshot-1) UNRELEASED; urgency=medium +privoxy (4.1.0~gitsnapshot-1) UNRELEASED; urgency=medium * Unreleased GIT snapshot. - -- Roland Rosenfeld Fri, 31 Jan 2025 16:05:14 +0100 + -- Roland Rosenfeld Sun, 22 Jun 2025 15:12:38 +0200 + +privoxy (4.0.0-2) unstable; urgency=medium + + * Add ca debconf translation. Thanks to Carles Pina i Estany. + * Update debian/upstream/signing-key.asc. + * d/test/check-ssl : handle http proxy configuration (LP: #2097351). + Thanks to Hector Cao for providing a patch. + + -- Roland Rosenfeld Wed, 05 Feb 2025 17:38:23 +0100 privoxy (4.0.0-1) unstable; urgency=medium diff --git a/debian/po/ca.po b/debian/po/ca.po new file mode 100644 index 00000000..f4b8164b --- /dev/null +++ b/debian/po/ca.po @@ -0,0 +1,34 @@ +# Catalan translation of privoxy's debconf messages +# Copyright ? 2025 Free Software Foundation, Inc. +# This file is distributed under the same license as the privoxy package. +# poc senderi , 2025. +# +msgid "" +msgstr "" +"Project-Id-Version: privoxy\n" +"Report-Msgid-Bugs-To: privoxy at packages.debian.org\n" +"POT-Creation-Date: 2016-04-08 17:17+0200\n" +"PO-Revision-Date: 2025-01-26 23:35+0100\n" +"Language: ca\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Last-Translator: poc senderi \n" +"Language-Team: Catalan \n" +"X-Generator: Poedit 2.4.2\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Adresses on with Privoxy listens:" +msgstr "Adreces on el Privoxy escolta:" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"Please enter a space separated list of address:port combinations on which " +"Privoxy will listen for client requests." +msgstr "" +"Introdu?u una llista separada per espais amb les combinacions adre?a:port " +"en qu? el Privoxy escoltar? les sol?licituds del clients." diff --git a/debian/tests/check-ssl b/debian/tests/check-ssl index 58322143..4140d2e4 100755 --- a/debian/tests/check-ssl +++ b/debian/tests/check-ssl @@ -3,7 +3,7 @@ # Run privoxy-regression-test.pl --check-bad-ssl # and check https://www.howsmyssl.com/ # -# (c) 2024 Roland Rosenfeld +# (c) 2024-2025 Roland Rosenfeld PORT=8119 @@ -59,6 +59,24 @@ sed -e "s/^listen-address.*/listen-address 127.0.0.1:$PORT/" \ < /usr/share/privoxy/config > "$CONFIG" echo "actionsfile $ACTION" >> "$CONFIG" +# some autopkgtest execution environment uses proxy for internet access +# in that case, this makes this test fail because privoxy cannot access +# different internet resources +# we have to configure privoxy to use the proxy configuration if present +# in order to do that, we use the forward primitive in the privoxy configuration +# file +if [ -n "$http_proxy" ]; then + # remove http:// and https:// prefix to be compliant with forward + # directive input format + proxy_url=$(echo "${http_proxy}" | sed -E 's/^\s*.*:\/\///g') + if [ -n "${proxy_url}" ]; then + forward_conf_snippet="forward / ${proxy_url}" + fi +fi +if [ -n "${forward_conf_snippet}" ]; then + echo "${forward_conf_snippet}" >> "$CONFIG" +fi + echo "Starting privoxy on port $PORT" $PRIVOXY --pidfile "$PIDFILE" --no-daemon "$CONFIG" > "$DAEMONOUT" 2>&1 & sleep 1 diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc index e49a9e4c..1149e7f3 100644 --- a/debian/upstream/signing-key.asc +++ b/debian/upstream/signing-key.asc @@ -12,19 +12,19 @@ WNHdHqjgQ0zxT31WxE6lYCCv9cwfLFoY7ZG6YuRhQEeVNazRb+YrcIxpbvkbamBu VmSEvzIhGN9PiWL1yOYJkNogR199f8zVRvuA4NYztg3e6RSOi3D3wyrZ7OIo2DI0 en0AWSt0bpdGoaTiLWLyoZg1WOc5wNTWimDeZZkFrWhKLhE7RKagQXGeBwARAQAB tB5GYWJpYW4gS2VpbCA8ZmtAZmFiaWFua2VpbC5kZT6JAlQEEwEIAD4CGwMFCwkI -BwMFFQoJCAsFFgIDAQACHgECF4AWIQRPNsF/OBaRNlSh6FBpGCKRi6I3HAUCWu2d -0gUJDjvgfAAKCRBpGCKRi6I3HKxTD/95Wq9DwgTHZhJZYRBqlwgujyXYUv3GjaUe -JHIRuTGL5jb4Pyz3mx22N2CtCccN8uWP8fhwr7kln+05AS0wtjqN2uVyVHs0NBz6 -YW/Nrt43IyAdU6G6ZZsKR175POfoJEC36S2PRd3R7Disze+rOLaL8GvVRjRHb3xJ -CIP4r1igyvgEyXXMgZUw5N/e9NvVZcQIaPsssfIK4B4tvdlmJvcaSCybqOyVdVIW -KWseIkW2ngiSlujX9jZdDOnKady8Ft1L10B4mcOqU9C/K7vHvZHtAewTO0yRp8xd -1Vkg7Qf2LxhLv9Q7DvvQJYOrr4qS/6MkzydL3bFKsDHC6H03wBjoyMyFUPikZF+3 -LDeLZ+PWkrbP3VCR3QBmx4G6/7ZoqMga2XQW+2Fr+PW5tmOb8kLJtUQ2EKay6Kw4 -oSRd6DN8rmYMBVw8JyTx+zpltPNJTpOT2c4aIfsgDMsusII3XAHrhvRlBpI387Xv -3A8oe/LtySSficKWVIgHRtu0/8oeJ7JqxqgH+afs3e3+oZ7mw5VVLlZTj3W64a8Z -QE4gGDB3CHv/fo1L3tsd/rys5fRNT/HhwpfCCGvUH3bkWcFmya77mdtrF87f5kf5 -K+TKWBWI1pcRVs1LjXQAlOJnXDPSIHn2J1RCqOKUV13SXVKe3gDKHuXH0pA2opbx -xrh//mnqz7kCDQRQdCRWARAAuEZNwVptQDW4jZSTtsb9xggdDjLECDpVQ0+J0Arm +BwMFFQoJCAsFFgIDAQACHgECF4AWIQRPNsF/OBaRNlSh6FBpGCKRi6I3HAUCZcKF +AQUJGRDHqwAKCRBpGCKRi6I3HLrfEACxuwdsNkqc9krqUJfOiG1SqGvPcJBc8xFW +3wmCxwFK39n0uqUptgqzVCXWDW/+SzR0ZbOsHlcOLl5A3lp1MS1t8n+F+JEamlS3 +gUTBytgJHmCq66zOIjnVd08JotyjzzdL/x/Gst1l2wAFEB5vZkMfJp4zTk8y/kgr +OnCdZ3q7kfiLQyw5pT3sCBeolWUeya2DP8J1YcVk5OqzIds9JxHwky9MfCHxgN2N +z4uEwI7e20IFBfBoJeDSibLiSuElcJ+B089qefvj5Z+14yXdlYGJywjON9pPyECV +GVoDAprZAEJe6bNohfsEuhDC0GtcMfQLOh4f1olmYpVUymRlCtku4LATCIPFBaW/ +caQgHR37TTlUp56rXvPrWB3t7CG+LATuLbUh7+4w8qk60+Zglk3PpBQ5v3jweEoW +zJ/FWgBBJTlf0V24gBdWos2Bp6djvHhSl+e7hpbboyPTmit6wFyUfrjy6ugHsuhB +3R2dj3nZIPasCzDf6g5Z54PXilYPIt3trl2Ixwl14y6kQBgoKvO43M4EeBuiz5T6 +2xlFfMbpDTcdgIVZ2CkUM4Zy+SnzkIK8+JxUi9QBJezOJrlmzt2SFTTOCjj07D5Y +nqnVj0Vggxr6vmT4bfuETae1p9l+uWrYz8ymIt2UssgD9S/hGNhSux8Kbu7JgyoZ +nT+Gm3ccXbkCDQRQdCRWARAAuEZNwVptQDW4jZSTtsb9xggdDjLECDpVQ0+J0Arm k0Ftyr1XpUJXgbJE3SVRitKe/Ez1S9P8x6kbab/c045qBjB8rup4Tq+C0OPqVctZ vt1CfqwUPDJS/p+PoRigG/I0w14xg+VhnwrgL7SKxsoveHnTapXPFmCpMCqrRF3M Y4Ti6sitiFBTS9YbdZd6FrvvrwUqpWSRgf1JgRyzjowYiJb/9Cg0A6dYXFMFbf5M @@ -35,18 +35,18 @@ PfnvFmDa2ycyomZxWmz+/Hr/HsGOrmJNDvmqyR8mOSluptw6I09jN3qEuI++xZvD 9uDNeuAvTkp27zqnSFHGje3zRg50urijf04DHQ6q63HxJA1K4QSICG0Wlhg5Ysoo 2UJ0uUGuCmo+yJXPBC6EazGZ2f08ili8DppPgVoYPv+7mFclTSU1AXcUUu+DTntJ Ea1PkHRmnBlJAzw736aAzJ8wrMq9oU/VR8r0d1RpmZFGDpkbBtZtLSunng/KUl5Q -jv8AEQEAAYkCPAQYAQgAJgIbDBYhBE82wX84FpE2VKHoUGkYIpGLojccBQJa7Z30 -BQkOO+CeAAoJEGkYIpGLojcc5qMP/RlY/uklsNPJu3LeulkCHfi5R4ANTFhspg5b -Dpzujp67YMo7tbuT9IAgvG/rwzYfZyADnE+MzSkv9OBuOWkjeQPF/drHMHFjurJx -yQvZeABlosn+EPUds/FJQleiJRLdfdfKHpRYLa4qMBV0eq542vTCh24v+vYMZEP0 -sb0o7ERHcVOgl18WtP8Gumj/9GiQt9BcGYVlFyRI/5sbaFHYt/IOyb7IK63uGlTq -zSuVpYTQNZs6ByJ44U7W9QPMLHtoEhGESquhbTM+aRPS6wqmXkEP0/TYXRP8iEkR -oaK26qhHMVd3Qx8WA1SdekOXlconhptJd0mzy21lXnmiTAt+vOIk3Dz7Jj9e+zLT -tUknU+ZIt00GJMy7OCqmk7GjRk86U14ZzMEY0s7eHqAzMaNDkl0Avt79z11qODbl -hnwhwqwpoZP5tolssAE8ejux7dkbLp/Lqso8yQpT9EVlLGimpH7/1xFI9vn6irf0 -6alOBFURg/rIuecxy4HLXkCBqH/eAWl4BdjU+8py9MznZtJk/C3eKfiKG5METM5k -ZG+BjI1FXFJCxArHOfoKjuwbWmzgSgJjcWuYgIHdC8e6zpYpkqZLG6xR2//1H9Ax -znY/K1T1Pluo4TEhoro7D+1fymmTRyJRVreEoo4/Hy/Yc/dVuQwIafEtA+FDejKg -zW3qmo5y -=pli6 +jv8AEQEAAYkCPAQYAQgAJgIbDBYhBE82wX84FpE2VKHoUGkYIpGLojccBQJlwoVN +BQkZEMf3AAoJEGkYIpGLojccZDgP/iFnR8WJlz6Jsl00hJ2qzzXN7Ynwn+cSBQvT +4Zc5VNkvs3K/CGDmYeVf0mdSMMZOnCLHDmHrQx65V2Prn1q7QNI7KNZU0NyGVWSS +UyTu1++wC1PQxvgo7vXok2ypZ5sSqWVesKTUeLJ1ZUDhGKmpSpYQhxuE2GKNjxIx +H5F69jXzegVWot4kS99toOUY6Nz3YWUOfBNYHtIrjWRaZOhuSn+9zMDM23FcOr2a +k4bE9NHrpCXF6bKWuLfUU3BcDrLTGAVMrZ/Wmf3WS9AlSIDeUKN8RkGqXttM8hYK +eH86S2N4nrUGfXDuUmQ2iBE3J5UeYukIxVgXCLXZqDxR7Rnq65Ngu58Ay4Kcweac +2odVEg9brrk5H+nGXnaoe2/cfdYp3+HIUqUTfyrV1YZlroOsUuhmS3FSR3OlNlsG +tcy4aOUy5BJfcRRm1piiZ8WHx+uQzApfcqQqumQajc4b+FTTlGucxUZe/PjyNQC9 +e0oqgTGwF8LesqmfQpLoyBnjW5uGxhRHITvOBWvhA342xexCm32pn2gqeyykWzPx +k0NSp6jHkGsbCAGN8MpxCnZJDZJERpUP/6BD1qRAn9sRYbAFJho7HsEyhsqv+M6d +bcSSq//MslWvX3LVYRgia/FMeUEXkCiFyoWjbC8NO/12kt1LM6+MmVHgQFZ3lmVe +OOpXX4XP +=6rFb -----END PGP PUBLIC KEY BLOCK----- -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Tue Jun 24 14:10:19 2025 From: git at git.privoxy.org (User Git) Date: Tue, 24 Jun 2025 14:10:19 +0200 Subject: [Privoxy-commits] [privoxy] branch master updated (1dee3375 -> 7b1b8aa1) Message-ID: <175076701970.7133.10539724428629473343@privoxy-git> This is an automated email from the git hooks/post-receive script. git pushed a change to branch master in repository privoxy. from 1dee3375 Update 25_standard_medium to changed upstream. new 24d0ff83 Remove support for pcre1 new 68a69619 Don't forward unsupported Connection keywords if there are "too many" keywords to parse new 521398d3 Rename connection_header_contains_keep_alive_keyword() new eee40a90 If the server sends multiple Connection headers, only parse and forward the first one new d62a6a3d Add a couple of tests for connection headers with keep-alive-timeout set new b540913f Let the "clean" target remove logs from the cts tests new 7b1b8aa1 Bump copyright The 7 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: GNUmakefile.in | 5 +- configure.in | 48 +-------- parsers.c | 33 +++++- pcrs.c | 79 +-------------- pcrs.h | 14 +-- project.h | 50 +++------- .../data/test1} | 19 ++-- .../data/test10 | 45 +++++++++ .../data/test11} | 22 ++-- .../data/test12} | 21 ++-- .../data/test2} | 27 ++--- .../data/test3} | 21 ++-- .../data/test4} | 21 ++-- .../data/test5 | 21 ++-- .../data/test6} | 21 ++-- .../data/test7} | 21 ++-- .../data/test8} | 21 ++-- .../data/test9} | 27 ++--- .../privoxy.conf | 2 +- urlmatch.c | 111 +-------------------- urlmatch.h | 2 +- 21 files changed, 231 insertions(+), 400 deletions(-) copy tests/cts/{rewrite-behind-client-back/data/test5 => connection-headers-with-keep-alive-timeout-set/data/test1} (57%) create mode 100644 tests/cts/connection-headers-with-keep-alive-timeout-set/data/test10 copy tests/cts/{rewrite-behind-client-back/data/test5 => connection-headers-with-keep-alive-timeout-set/data/test11} (56%) copy tests/cts/{rewrite-behind-client-back/data/test5 => connection-headers-with-keep-alive-timeout-set/data/test12} (57%) copy tests/cts/{client-header-order/data/test334 => connection-headers-with-keep-alive-timeout-set/data/test2} (50%) copy tests/cts/{rewrite-behind-client-back/data/test5 => connection-headers-with-keep-alive-timeout-set/data/test3} (50%) copy tests/cts/{rewrite-behind-client-back/data/test5 => connection-headers-with-keep-alive-timeout-set/data/test4} (54%) copy tests/cts/{rewrite-behind-client-back => connection-headers-with-keep-alive-timeout-set}/data/test5 (50%) copy tests/cts/{rewrite-behind-client-back/data/test5 => connection-headers-with-keep-alive-timeout-set/data/test6} (50%) copy tests/cts/{rewrite-behind-client-back/data/test5 => connection-headers-with-keep-alive-timeout-set/data/test7} (50%) copy tests/cts/{rewrite-behind-client-back/data/test5 => connection-headers-with-keep-alive-timeout-set/data/test8} (54%) copy tests/cts/{client-header-order/data/test334 => connection-headers-with-keep-alive-timeout-set/data/test9} (54%) copy tests/cts/{redirects => connection-headers-with-keep-alive-timeout-set}/privoxy.conf (95%) -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Tue Jun 24 14:10:20 2025 From: git at git.privoxy.org (User Git) Date: Tue, 24 Jun 2025 14:10:20 +0200 Subject: [Privoxy-commits] [privoxy] 01/07: Remove support for pcre1 In-Reply-To: <175076701970.7133.10539724428629473343@privoxy-git> References: <175076701970.7133.10539724428629473343@privoxy-git> Message-ID: <20250624121020.9FDB3D320@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 24d0ff8398fdf97cdd8685478afcf1b73d743a93 Author: Fabian Keil AuthorDate: Sun Feb 7 04:12:14 2021 +0100 Remove support for pcre1 --- configure.in | 48 +------------------------- pcrs.c | 79 +++--------------------------------------- pcrs.h | 14 +------- project.h | 50 +++++++-------------------- urlmatch.c | 111 ++--------------------------------------------------------- urlmatch.h | 2 +- 6 files changed, 22 insertions(+), 282 deletions(-) diff --git a/configure.in b/configure.in index 9aadfafb..51d1b20a 100644 --- a/configure.in +++ b/configure.in @@ -903,29 +903,6 @@ AC_CHECK_LIB(pcre2-posix, regcomp, [ ], [have_pcre2posix=no], -lpcre2-8) fi -if test $have_pcre2 = "no"; then - -AC_CHECK_LIB(pcre, pcre_compile, [ - AC_CHECK_HEADER(pcre.h, [ - AC_EGREP_HEADER(pcre_fullinfo, pcre.h, [have_pcre=yes], [AC_MSG_WARN([[pcre old version installed]]); have_pcre=no]) - ], [ - AC_CHECK_HEADER(pcre/pcre.h, [ - AC_EGREP_HEADER(pcre_fullinfo, pcre/pcre.h, [have_pcre=yes]; [AC_DEFINE(PCRE_H_IN_SUBDIR)], [AC_MSG_WARN([[pcre old version installed]]); have_pcre=no]) - ], [have_pcre=no]) - ]) -], [have_pcre=no]) - -AC_CHECK_LIB(pcreposix, regcomp, [ - AC_CHECK_HEADER(pcreposix.h, [ - AC_EGREP_HEADER(pcreposix_regerror, pcreposix.h, [AC_MSG_WARN([[pcreposix old version installed]]); have_pcreposix=no], [have_pcreposix=yes]) - ], [ - AC_CHECK_HEADER(pcre/pcreposix.h, [ - AC_EGREP_HEADER(pcreposix_regerror, pcre/pcreposix.h, [AC_MSG_WARN([[pcreposix old version installed]]); have_pcreposix=no], [have_pcreposix=yes]; [AC_DEFINE(PCREPOSIX_H_IN_SUBDIR)]) - ], [have_pcreposix=no]) - ]) -], [have_pcreposix=no], -lpcre) - -fi dnl ================================================================ dnl libpcrs is temporarily disabled. dnl @@ -1158,30 +1135,7 @@ if test $have_pcre2 = "yes"; then AC_DEFINE(FEATURE_DYNAMIC_PCRE,1,[Define to dynamically link to pcre.]) fi else - -if test $have_pcre = "yes"; then - echo "using libpcre" - STATIC_PCRE_ONLY=# - LIBS="$LIBS -lpcre -lpcreposix" - if test "$use_static_pcre" = "yes"; then - pcre_dyn=no - AC_DEFINE(PCRE_STATIC,1,[Define to statically link to pcre library on Windows.]) -# see /usr/i686-w64-mingw32/sys-root/mingw/include/pcre.h line 54 -# #if defined(_WIN32) && !defined(PCRE_STATIC) -# # ifndef PCRE_EXP_DECL -# # define PCRE_EXP_DECL extern __declspec(dllimport) -# # endif -# If you want to statically link a program against a PCRE library in the form of -# a non-dll .a file, you must define PCRE_STATIC before including pcre.h or -# pcrecpp.h, otherwise the pcre_malloc() and pcre_free() exported functions will -# be declared __declspec(dllimport), with unwanted results. - else - pcre_dyn=yes - AC_DEFINE(FEATURE_DYNAMIC_PCRE,1,[Define to dynamically link to pcre.]) - fi -else - AC_MSG_ERROR(Detected neither pcre2 nor pcre library.) -fi + AC_MSG_ERROR(Failed to detect pcre2 library.) fi AC_DEFINE(FEATURE_CONNECTION_KEEP_ALIVE) diff --git a/pcrs.c b/pcrs.c index eaeea625..8c04c3a2 100644 --- a/pcrs.c +++ b/pcrs.c @@ -112,13 +112,7 @@ const char *pcrs_strerror(const int error) return "(pcrs:) At least one variable was too big and has been truncated before compilation"; default: -#ifdef HAVE_PCRE2 pcre2_get_error_message(error, (PCRE2_UCHAR8*)buf, sizeof(buf)); -#else - snprintf(buf, sizeof(buf), - "Error code %d. For details, check the pcre documentation.", - error); -#endif return buf; } } @@ -471,22 +465,8 @@ pcrs_job *pcrs_free_job(pcrs_job *job) next = job->next; if (job->pattern != NULL) { -#ifdef HAVE_PCRE2 pcre2_code_free(job->pattern); -#else - free(job->pattern); -#endif } -#ifndef HAVE_PCRE2 - if (job->hints != NULL) - { -#ifdef PCRE_CONFIG_JIT - pcre_free_study(job->hints); -#else - free(job->hints); -#endif - } -#endif if (job->substitute != NULL) { if (job->substitute->text != NULL) free(job->substitute->text); @@ -635,12 +615,7 @@ pcrs_job *pcrs_compile(const char *pattern, const char *substitute, const char * pcrs_job *newjob; unsigned int flags; int capturecount; -#ifdef HAVE_PCRE2 int ret; -#else - int pcre_study_options = 0; - const char *error; -#endif *errptr = 0; @@ -672,27 +647,21 @@ pcrs_job *pcrs_compile(const char *pattern, const char *substitute, const char * /* * Compile the pattern */ -#ifdef HAVE_PCRE2 PCRE2_SIZE error_offset; newjob->pattern = pcre2_compile((const unsigned char *)pattern, PCRE2_ZERO_TERMINATED, (unsigned)newjob->options, errptr, &error_offset, NULL); -#else - newjob->pattern = pcre_compile(pattern, newjob->options, &error, errptr, NULL); -#endif if (newjob->pattern == NULL) { pcrs_free_job(newjob); return NULL; } -#if defined(PCRE_STUDY_JIT_COMPILE) || defined(HAVE_PCRE2) #ifdef DISABLE_PCRE_JIT_COMPILATION #warning PCRE_STUDY_JIT_COMPILE is supported but Privoxy has been configured not to use it #else if (!(flags & PCRS_DYNAMIC)) { -#ifdef HAVE_PCRE2 /* Try to enable JIT compilation but continue if it's unsupported. */ if ((ret = pcre2_jit_compile(newjob->pattern, PCRE2_JIT_COMPLETE)) && (ret != PCRE2_ERROR_JIT_BADOPTION)) @@ -701,36 +670,15 @@ pcrs_job *pcrs_compile(const char *pattern, const char *substitute, const char * pcrs_free_job(newjob); return NULL; } -#else - pcre_study_options = PCRE_STUDY_JIT_COMPILE; -#endif } #endif -#endif -#ifndef HAVE_PCRE2 - /* - * Generate hints. This has little overhead, since the - * hints will be NULL for a boring pattern anyway. - */ - newjob->hints = pcre_study(newjob->pattern, pcre_study_options, &error); - if (error != NULL) - { - *errptr = PCRS_ERR_STUDY; - pcrs_free_job(newjob); - return NULL; - } -#endif /* * Determine the number of capturing subpatterns. * This is needed for handling $+ in the substitute. */ -#ifdef HAVE_PCRE2 if (0 > (*errptr = pcre2_pattern_info(newjob->pattern, PCRE2_INFO_CAPTURECOUNT, &capturecount))) -#else - if (0 > (*errptr = pcre_fullinfo(newjob->pattern, newjob->hints, PCRE_INFO_CAPTURECOUNT, &capturecount))) -#endif { pcrs_free_job(newjob); return NULL; @@ -848,14 +796,9 @@ int pcrs_execute(pcrs_job *job, const char *subject, size_t subject_length, char submatches, max_matches = PCRS_MAX_MATCH_INIT; size_t newsize; -#ifdef HAVE_PCRE2 pcrs_match *matches, *dummy; pcre2_match_data *pcre2_matches; size_t *offsets; -#else - pcrs_match *matches, *dummy; - int offsets[3 * PCRS_MAX_SUBMATCHES]; -#endif char *result_offset; offset = i = 0; @@ -869,13 +812,12 @@ int pcrs_execute(pcrs_job *job, const char *subject, size_t subject_length, char return(PCRS_ERR_BADJOB); } -#ifdef HAVE_PCRE2 if (NULL == (pcre2_matches = pcre2_match_data_create_from_pattern(job->pattern, NULL))) { return(PCRS_ERR_NOMEM); } offsets = pcre2_get_ovector_pointer(pcre2_matches); -#endif + if (NULL == (matches = (pcrs_match *)malloc((size_t)max_matches * sizeof(pcrs_match)))) { return(PCRS_ERR_NOMEM); @@ -888,12 +830,8 @@ int pcrs_execute(pcrs_job *job, const char *subject, size_t subject_length, char */ newsize = subject_length; -#ifdef HAVE_PCRE2 while ((submatches = pcre2_match(job->pattern, (const unsigned char *)subject, subject_length, (size_t)offset, 0, pcre2_matches, NULL)) > 0) -#else - while ((submatches = pcre_exec(job->pattern, job->hints, subject, (int)subject_length, offset, 0, offsets, 3 * PCRS_MAX_SUBMATCHES)) > 0) -#endif { job->flags |= PCRS_SUCCESS; matches[i].submatches = submatches; @@ -947,16 +885,11 @@ int pcrs_execute(pcrs_job *job, const char *subject, size_t subject_length, char offset = (int)offsets[1]; } /* Pass pcre error through if (bad) failure */ -#ifdef HAVE_PCRE2 if (submatches < PCRE2_ERROR_NOMATCH) -#else - if (submatches < PCRE_ERROR_NOMATCH) -#endif { free(matches); -#ifdef HAVE_PCRE2 pcre2_match_data_free(pcre2_matches); -#endif + return submatches; } matches_found = i; @@ -967,18 +900,15 @@ int pcrs_execute(pcrs_job *job, const char *subject, size_t subject_length, char * and append terminating null byte. */ if ((*result = (char *)malloc(newsize + 1 -#ifdef HAVE_PCRE2 /* * Work around to prevent invalid reads in the jit code. */ + 16 -#endif )) == NULL) { free(matches); -#ifdef HAVE_PCRE2 pcre2_match_data_free(pcre2_matches); -#endif + return PCRS_ERR_NOMEM; } else @@ -1031,10 +961,9 @@ int pcrs_execute(pcrs_job *job, const char *subject, size_t subject_length, char memcpy(result_offset, subject + offset, subject_length - (size_t)offset); *result_length = newsize; -#ifdef HAVE_PCRE2 pcre2_match_data_free(pcre2_matches); -#endif free(matches); + return matches_found; } diff --git a/pcrs.h b/pcrs.h index 32cf37c2..8e2fb968 100644 --- a/pcrs.h +++ b/pcrs.h @@ -33,18 +33,11 @@ *********************************************************************/ -#ifdef HAVE_PCRE2 #define PCRE2_CODE_UNIT_WIDTH 8 #define PCREn(x) PCRE2_ ## x #ifndef _PCRE2_H #include #endif -#else -#define PCREn(x) PCRE_ ## x -#ifndef _PCRE_H -#include -#endif -#endif /* * Constants: @@ -117,12 +110,7 @@ typedef struct { /* A PCRS job */ typedef struct PCRS_JOB { -#ifdef HAVE_PCRE2 - pcre2_code *pattern; -#else - pcre *pattern; /* The compiled pcre pattern */ - pcre_extra *hints; /* The pcre hints for the pattern */ -#endif + pcre2_code *pattern; int options; /* The pcre options (numeric) */ unsigned int flags; /* The pcrs and user flags (see "Flags" above) */ pcrs_substitute *substitute; /* The compiled pcrs substitute */ diff --git a/project.h b/project.h index 0a1740a7..e6009046 100644 --- a/project.h +++ b/project.h @@ -103,38 +103,20 @@ */ #ifdef STATIC_PCRE -#ifdef HAVE_PCRE2 # include "pcre2.h" # include "pcre2posix.h" #else -# include "pcre.h" -# include "pcreposix.h" -#endif -#else -# ifdef HAVE_PCRE2 -# ifdef PCRE2_H_IN_SUBDIR -# define PCRE2_CODE_UNIT_WIDTH 8 -# include -# else -# define PCRE2_CODE_UNIT_WIDTH 8 -# include -# endif -# ifdef PCRE2POSIX_H_IN_SUBDIR -# include -# else -# include -# endif +# ifdef PCRE2_H_IN_SUBDIR +# define PCRE2_CODE_UNIT_WIDTH 8 +# include +# else +# define PCRE2_CODE_UNIT_WIDTH 8 +# include +# endif +# ifdef PCRE2POSIX_H_IN_SUBDIR +# include # else -# ifdef PCRE_H_IN_SUBDIR -# include -# else -# include -# endif -# ifdef PCREPOSIX_H_IN_SUBDIR -# include -# else -# include -# endif +# include # endif #endif @@ -440,16 +422,10 @@ struct http_response enum crunch_reason crunch_reason; /**< Why the response was generated in the first place. */ }; -#ifdef HAVE_PCRE2 -#define REGEX_TYPE pcre2_code -#else -#define REGEX_TYPE regex_t -#endif - struct url_spec { #ifdef FEATURE_PCRE_HOST_PATTERNS - REGEX_TYPE *host_regex;/**< Regex for host matching */ + pcre2_code *host_regex;/**< Regex for host matching */ enum host_regex_type { VANILLA_HOST_PATTERN, PCRE_HOST_PATTERN } host_regex_type; #endif /* defined FEATURE_PCRE_HOST_PATTERNS */ int dcount; /**< How many parts to this domain? (length of dvec) */ @@ -459,7 +435,7 @@ struct url_spec char *port_list; /**< List of acceptable ports, or NULL to match all ports */ - REGEX_TYPE *preg; /**< Regex for matching path part */ + pcre2_code *preg; /**< Regex for matching path part */ }; /** @@ -474,7 +450,7 @@ struct pattern_spec union { struct url_spec url_spec; - REGEX_TYPE *tag_regex; + pcre2_code *tag_regex; } pattern; unsigned int flags; /**< Bitmap with various pattern properties. */ diff --git a/urlmatch.c b/urlmatch.c index 7682c9e0..816e08c6 100644 --- a/urlmatch.c +++ b/urlmatch.c @@ -611,7 +611,6 @@ jb_err parse_http_request(const char *req, struct http_request *http) } -#ifdef HAVE_PCRE2 /********************************************************************* * * Function : compile_pattern @@ -707,90 +706,6 @@ static jb_err compile_pattern(const char *pattern, enum regex_anchoring anchorin return JB_ERR_OK; } -#else -/********************************************************************* - * - * Function : compile_pattern - * - * Description : Compiles a host, domain or TAG pattern. - * - * Parameters : - * 1 : pattern = The pattern to compile. - * 2 : anchoring = How the regex should be modified - * before compilation. Can be either - * one of NO_ANCHORING, LEFT_ANCHORED, - * RIGHT_ANCHORED or RIGHT_ANCHORED_HOST. - * 3 : url = In case of failures, the spec member is - * logged and the structure freed. - * 4 : regex = Where the compiled regex should be stored. - * - * Returns : JB_ERR_OK - Success - * JB_ERR_PARSE - Cannot parse regex - * - *********************************************************************/ -static jb_err compile_pattern(const char *pattern, enum regex_anchoring anchoring, - struct pattern_spec *url, regex_t **regex) -{ - int errcode; - const char *fmt = NULL; - char *rebuf; - size_t rebuf_size; - - assert(pattern); - - if (pattern[0] == '\0') - { - *regex = NULL; - return JB_ERR_OK; - } - - switch (anchoring) - { - case NO_ANCHORING: - fmt = "%s"; - break; - case RIGHT_ANCHORED: - fmt = "%s$"; - break; - case RIGHT_ANCHORED_HOST: - fmt = "%s\\.?$"; - break; - case LEFT_ANCHORED: - fmt = "^%s"; - break; - default: - log_error(LOG_LEVEL_FATAL, - "Invalid anchoring in compile_pattern %d", anchoring); - } - rebuf_size = strlen(pattern) + strlen(fmt); - rebuf = malloc_or_die(rebuf_size); - *regex = zalloc_or_die(sizeof(**regex)); - - snprintf(rebuf, rebuf_size, fmt, pattern); - - errcode = regcomp(*regex, rebuf, (REG_EXTENDED|REG_NOSUB|REG_ICASE)); - - if (errcode) - { - size_t errlen = regerror(errcode, *regex, rebuf, rebuf_size); - if (errlen > (rebuf_size - (size_t)1)) - { - errlen = rebuf_size - (size_t)1; - } - rebuf[errlen] = '\0'; - log_error(LOG_LEVEL_ERROR, "error compiling %s from %s: %s", - pattern, url->spec, rebuf); - free_pattern_spec(url); - freez(rebuf); - - return JB_ERR_PARSE; - } - freez(rebuf); - - return JB_ERR_OK; - -} -#endif /********************************************************************* @@ -1156,7 +1071,6 @@ static int simplematch(const char *pattern, const char *text) } -#ifdef HAVE_PCRE2 /********************************************************************* * * Function : pcre2_pattern_matches @@ -1196,15 +1110,13 @@ static int pcre2_pattern_matches(const pcre2_code *pattern, const char *string) return (ret >= 0); } -#endif /********************************************************************* * * Function : regex_matches * - * Description : Checks if a compiled regex pattern matches a string - * using either pcre2 or pcre1 code. + * Description : Checks if a compiled regex pattern matches a string. * * Parameters : * 1 : pattern = The compiled pattern @@ -1213,13 +1125,9 @@ static int pcre2_pattern_matches(const pcre2_code *pattern, const char *string) * Returns : TRUE for yes, FALSE otherwise. * *********************************************************************/ -int regex_matches(const REGEX_TYPE *pattern, const char *string) +int regex_matches(const pcre2_code *pattern, const char *string) { -#ifdef HAVE_PCRE2 return pcre2_pattern_matches(pattern, string); -#else - return (0 == regexec(pattern, string, 0, NULL, 0)); -#endif } /********************************************************************* @@ -1439,12 +1347,7 @@ void free_pattern_spec(struct pattern_spec *pattern) { if (pattern->pattern.tag_regex) { -#ifdef HAVE_PCRE2 pcre2_code_free(pattern->pattern.tag_regex); -#else - regfree(pattern->pattern.tag_regex); - freez(pattern->pattern.tag_regex); -#endif } return; } @@ -1452,12 +1355,7 @@ void free_pattern_spec(struct pattern_spec *pattern) #ifdef FEATURE_PCRE_HOST_PATTERNS if (pattern->pattern.url_spec.host_regex) { -#ifdef HAVE_PCRE2 pcre2_code_free(pattern->pattern.url_spec.host_regex); -#else - regfree(pattern->pattern.url_spec.host_regex); - freez(pattern->pattern.url_spec.host_regex); -#endif } #endif /* def FEATURE_PCRE_HOST_PATTERNS */ freez(pattern->pattern.url_spec.dbuffer); @@ -1466,12 +1364,7 @@ void free_pattern_spec(struct pattern_spec *pattern) freez(pattern->pattern.url_spec.port_list); if (pattern->pattern.url_spec.preg) { -#ifdef HAVE_PCRE2 pcre2_code_free(pattern->pattern.url_spec.preg); -#else - regfree(pattern->pattern.url_spec.preg); - freez(pattern->pattern.url_spec.preg); -#endif } } diff --git a/urlmatch.h b/urlmatch.h index 543f2b88..d00764ec 100644 --- a/urlmatch.h +++ b/urlmatch.h @@ -50,7 +50,7 @@ extern int url_requires_percent_encoding(const char *url); extern int url_match(const struct pattern_spec *pattern, const struct http_request *http); -int regex_matches(const REGEX_TYPE *pattern, const char *string); +int regex_matches(const pcre2_code *pattern, const char *string); extern jb_err create_pattern_spec(struct pattern_spec *url, char *buf); extern void free_pattern_spec(struct pattern_spec *url); -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Tue Jun 24 14:10:21 2025 From: git at git.privoxy.org (User Git) Date: Tue, 24 Jun 2025 14:10:21 +0200 Subject: [Privoxy-commits] [privoxy] 02/07: Don't forward unsupported Connection keywords if there are "too many" keywords to parse In-Reply-To: <175076701970.7133.10539724428629473343@privoxy-git> References: <175076701970.7133.10539724428629473343@privoxy-git> Message-ID: <20250624121020.D829ED321@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 68a6961918d3b9847397ed1ee80f76c1a302f28a Author: Fabian Keil AuthorDate: Thu Jun 19 12:14:07 2025 +0200 Don't forward unsupported Connection keywords if there are "too many" keywords to parse --- parsers.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/parsers.c b/parsers.c index 605f54a0..04e7ee00 100644 --- a/parsers.c +++ b/parsers.c @@ -1895,6 +1895,22 @@ static jb_err server_connection(struct client_state *csp, char **header) freez(old_header); } } + else + { + if (strcmpic(*header, "Connection: close")) + { + /* + * This can happen if there are "too many" keywords + * in the connection header. + */ + char *old_header = *header; + + *header = strdup_or_die("Connection: close"); + log_error(LOG_LEVEL_HEADER, "Replaced: \'%s\' with \'%s\'", + old_header, *header); + freez(old_header); + } + } /* Signal server_connection_adder() to return early. */ csp->flags |= CSP_FLAG_SERVER_CONNECTION_HEADER_SET; -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Tue Jun 24 14:10:22 2025 From: git at git.privoxy.org (User Git) Date: Tue, 24 Jun 2025 14:10:22 +0200 Subject: [Privoxy-commits] [privoxy] 03/07: Rename connection_header_contains_keep_alive_keyword() In-Reply-To: <175076701970.7133.10539724428629473343@privoxy-git> References: <175076701970.7133.10539724428629473343@privoxy-git> Message-ID: <20250624121021.202EDD39A@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 521398d3903cc0478087d0183157e9f70f533381 Author: Fabian Keil AuthorDate: Fri Jun 20 13:40:47 2025 +0200 Rename connection_header_contains_keep_alive_keyword() ... to keep_alive_keyword_detected() as the function may return FALSE if there are "too many" keywords. Document this behaviour explicitly. --- parsers.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/parsers.c b/parsers.c index 04e7ee00..3be2addf 100644 --- a/parsers.c +++ b/parsers.c @@ -1793,7 +1793,7 @@ static jb_err filter_header(struct client_state *csp, char **header) /********************************************************************* * - * Function : connection_header_contains_keep_alive_keyword + * Function : keep_alive_keyword_detected * * Description : Checks wether or not a Connection header contains * the keep-alive keyword. @@ -1801,10 +1801,11 @@ static jb_err filter_header(struct client_state *csp, char **header) * Parameters : * 1 : header = The Connection header to check. * - * Returns : TRUE or FALSE. + * Returns : TRUE or FALSE. FALSE is also returned if "too many" + * keywords are present. * *********************************************************************/ -static int connection_header_contains_keep_alive_keyword(const char *header) +static int keep_alive_keyword_detected(const char *header) { char *header_content; char *keywords[4]; @@ -1856,7 +1857,7 @@ static int connection_header_contains_keep_alive_keyword(const char *header) *********************************************************************/ static jb_err server_connection(struct client_state *csp, char **header) { - if (connection_header_contains_keep_alive_keyword(*header) + if (keep_alive_keyword_detected(*header) #ifdef FEATURE_CONNECTION_KEEP_ALIVE && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED) #endif -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Tue Jun 24 14:10:23 2025 From: git at git.privoxy.org (User Git) Date: Tue, 24 Jun 2025 14:10:23 +0200 Subject: [Privoxy-commits] [privoxy] 04/07: If the server sends multiple Connection headers, only parse and forward the first one In-Reply-To: <175076701970.7133.10539724428629473343@privoxy-git> References: <175076701970.7133.10539724428629473343@privoxy-git> Message-ID: <20250624121021.8C980D39B@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit eee40a90f1132c4c0ae91f6e3c5ab7b8d4cbd2e5 Author: Fabian Keil AuthorDate: Sun Jun 22 10:57:09 2025 +0200 If the server sends multiple Connection headers, only parse and forward the first one --- parsers.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/parsers.c b/parsers.c index 3be2addf..37bbc138 100644 --- a/parsers.c +++ b/parsers.c @@ -1857,6 +1857,14 @@ static int keep_alive_keyword_detected(const char *header) *********************************************************************/ static jb_err server_connection(struct client_state *csp, char **header) { + if ((csp->flags & CSP_FLAG_SERVER_CONNECTION_HEADER_SET) != 0) + { + log_error(LOG_LEVEL_HEADER, + "Removing \'%s\' header to only parse and forward one.", *header); + freez(*header); + + return JB_ERR_OK; + } if (keep_alive_keyword_detected(*header) #ifdef FEATURE_CONNECTION_KEEP_ALIVE && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED) -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Tue Jun 24 14:10:24 2025 From: git at git.privoxy.org (User Git) Date: Tue, 24 Jun 2025 14:10:24 +0200 Subject: [Privoxy-commits] [privoxy] 05/07: Add a couple of tests for connection headers with keep-alive-timeout set In-Reply-To: <175076701970.7133.10539724428629473343@privoxy-git> References: <175076701970.7133.10539724428629473343@privoxy-git> Message-ID: <20250624121021.E1DBAD323@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit d62a6a3de2179b075732cc22810346c5c9b8a8d8 Author: Fabian Keil AuthorDate: Thu Jun 19 12:27:36 2025 +0200 Add a couple of tests for connection headers with keep-alive-timeout set --- .../data/test1 | 45 ++++++++++++++++++++ .../data/test10 | 45 ++++++++++++++++++++ .../data/test11 | 48 ++++++++++++++++++++++ .../data/test12 | 47 +++++++++++++++++++++ .../data/test2 | 45 ++++++++++++++++++++ .../data/test3 | 45 ++++++++++++++++++++ .../data/test4 | 45 ++++++++++++++++++++ .../data/test5 | 45 ++++++++++++++++++++ .../data/test6 | 45 ++++++++++++++++++++ .../data/test7 | 45 ++++++++++++++++++++ .../data/test8 | 45 ++++++++++++++++++++ .../data/test9 | 45 ++++++++++++++++++++ .../privoxy.conf | 16 ++++++++ 13 files changed, 561 insertions(+) diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test1 b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test1 new file mode 100644 index 00000000..5843fe14 --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test1 @@ -0,0 +1,45 @@ + + + +HTTP +HTTP GET + + + + + +HTTP/1.1 200 OK +Connection: close +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +HTTP/1.1 200 OK +Connection: close +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +http + + +Simple "Connection: close" header + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + + + + diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test10 b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test10 new file mode 100644 index 00000000..edd769c9 --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test10 @@ -0,0 +1,45 @@ + + + +HTTP +HTTP GET + + + + + +HTTP/1.1 200 OK +Connection: keep-alive +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +HTTP/1.1 200 OK +Connection: keep-alive +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +http + + +Empty "Connection:" header with "keep-alive" keyword and lots of whitespace + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + + + + diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test11 b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test11 new file mode 100644 index 00000000..95ca532f --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test11 @@ -0,0 +1,48 @@ + + + +HTTP +HTTP GET + + + + + +HTTP/1.1 200 OK +Connection: keep-alive +Connection: close +Connection: close +Connection: keep-alive +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +HTTP/1.1 200 OK +Connection: keep-alive +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +http + + +Multiple conflicting "Connection:" headers. + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + + + + diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test12 b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test12 new file mode 100644 index 00000000..925103a0 --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test12 @@ -0,0 +1,47 @@ + + + +HTTP +HTTP GET + + + + + +HTTP/1.1 200 OK +Connection: close +Connection: keep-alive +Connection: close +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +HTTP/1.1 200 OK +Connection: close +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +http + + +Multiple conflicting "Connection:" headers. + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + + + + diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test2 b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test2 new file mode 100644 index 00000000..1c2b67f2 --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test2 @@ -0,0 +1,45 @@ + + + +HTTP +HTTP GET + + + + + +HTTP/1.1 200 OK +Connection: keep-alive +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +HTTP/1.1 200 OK +Connection: keep-alive +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +http + + +Simple "Connection: keep-alive" header + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + + + + diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test3 b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test3 new file mode 100644 index 00000000..d3607418 --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test3 @@ -0,0 +1,45 @@ + + + +HTTP +HTTP GET + + + + + +HTTP/1.1 200 OK +Connection: keep-alive, Upgrade +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +HTTP/1.1 200 OK +Connection: keep-alive +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +http + + +"Connection:" header with unsupported "upgrade" keyword + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + + + + diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test4 b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test4 new file mode 100644 index 00000000..cb21ad54 --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test4 @@ -0,0 +1,45 @@ + + + +HTTP +HTTP GET + + + + + +HTTP/1.1 200 OK +Connection: keep-alive, blafasel, tralala, yolo, test, hoho +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +HTTP/1.1 200 OK +Connection: close +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +http + + +"Connection:" header with "too many" keywords + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + + + + diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test5 b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test5 new file mode 100644 index 00000000..39e0df13 --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test5 @@ -0,0 +1,45 @@ + + + +HTTP +HTTP GET + + + + + +HTTP/1.1 200 OK +Connection: keep-alive, test1, test2, test3 +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +HTTP/1.1 200 OK +Connection: keep-alive +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +http + + +"Connection:" header with some unsupported keywords + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + + + + diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test6 b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test6 new file mode 100644 index 00000000..45e9d7ae --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test6 @@ -0,0 +1,45 @@ + + + +HTTP +HTTP GET + + + + + +HTTP/1.1 200 OK +Connection: test1, test2, test3, keep-alive +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +HTTP/1.1 200 OK +Connection: keep-alive +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +http + + +"Connection:" header with some unsupported keywords, keep-alive keyword at the end + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + + + + diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test7 b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test7 new file mode 100644 index 00000000..f5071449 --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test7 @@ -0,0 +1,45 @@ + + + +HTTP +HTTP GET + + + + + +HTTP/1.1 200 OK +Connection: KeEp-aLiVe +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +HTTP/1.1 200 OK +Connection: KeEp-aLiVe +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +http + + +"Connection:" header with "KeEp-aLiVe" keyword + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + + + + diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test8 b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test8 new file mode 100644 index 00000000..2b498eba --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test8 @@ -0,0 +1,45 @@ + + + +HTTP +HTTP GET + + + + + +HTTP/1.1 200 OK +Connection: , +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +HTTP/1.1 200 OK +Connection: close +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +http + + +"Connection:" header with single comma instead of actual keywords + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + + + + diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test9 b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test9 new file mode 100644 index 00000000..1f990d54 --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/data/test9 @@ -0,0 +1,45 @@ + + + +HTTP +HTTP GET + + + + + +HTTP/1.1 200 OK +Connection: +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +HTTP/1.1 200 OK +Connection: close +Content-Type: text/plain +Content-Length: 10 + +Blafasel. + + + + + +http + + +Empty "Connection:" header + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER + + + + + + diff --git a/tests/cts/connection-headers-with-keep-alive-timeout-set/privoxy.conf b/tests/cts/connection-headers-with-keep-alive-timeout-set/privoxy.conf new file mode 100644 index 00000000..72c021f4 --- /dev/null +++ b/tests/cts/connection-headers-with-keep-alive-timeout-set/privoxy.conf @@ -0,0 +1,16 @@ +listen-address 127.0.0.1:9119 + +debug 1 # Log the destination for each request Privoxy let through. See also debug 1024. +debug 2 # show each connection status +debug 4 # show tagging-related messages +debug 8 # show header parsing +debug 32 # debug force feature +debug 64 # debug regular expression filters +debug 128 # debug redirects +debug 256 # debug GIF de-animation +debug 512 # Common Log Format +debug 1024 # Log the destination for requests Privoxy didn't let through, and the reason why. +debug 4096 # Startup banner and warnings. +debug 8192 # Non-fatal errors + +keep-alive-timeout 1 -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Tue Jun 24 14:10:25 2025 From: git at git.privoxy.org (User Git) Date: Tue, 24 Jun 2025 14:10:25 +0200 Subject: [Privoxy-commits] [privoxy] 06/07: Let the "clean" target remove logs from the cts tests In-Reply-To: <175076701970.7133.10539724428629473343@privoxy-git> References: <175076701970.7133.10539724428629473343@privoxy-git> Message-ID: <20250624121022.3697CD39E@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit b540913f5b81d9c8e04e878276192393548a6f2c Author: Fabian Keil AuthorDate: Sun Jun 22 11:22:29 2025 +0200 Let the "clean" target remove logs from the cts tests --- GNUmakefile.in | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/GNUmakefile.in b/GNUmakefile.in index 02dd4b00..c6629c8a 100644 --- a/GNUmakefile.in +++ b/GNUmakefile.in @@ -768,7 +768,8 @@ clean: $(RM) a.out $(OBJS) $(W32_FILES) $(W32_INIS) $(PROGRAM) default.action \ config.base config.tmp \ `find . \( -name TAGS -o -name tags \) -a -not -path "./.git/*"` \ - `find . -name "*.orig" -a -not -path "./.git/*"` + `find . -name "*.orig" -a -not -path "./.git/*"` \ + `find ./tests/cts/logs/ -name "*.log"` clean-editor-files: $(RM) `find . -name "*~"` -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Tue Jun 24 14:10:26 2025 From: git at git.privoxy.org (User Git) Date: Tue, 24 Jun 2025 14:10:26 +0200 Subject: [Privoxy-commits] [privoxy] 07/07: Bump copyright In-Reply-To: <175076701970.7133.10539724428629473343@privoxy-git> References: <175076701970.7133.10539724428629473343@privoxy-git> Message-ID: <20250624121022.DA5A7D3A0@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 7b1b8aa1dda6f81a37de1c69f5bf137188341f1a Author: Fabian Keil AuthorDate: Sun Jun 22 11:25:42 2025 +0200 Bump copyright --- GNUmakefile.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/GNUmakefile.in b/GNUmakefile.in index c6629c8a..a5b993af 100644 --- a/GNUmakefile.in +++ b/GNUmakefile.in @@ -1,6 +1,6 @@ # Note: GNUmakefile is built automatically from GNUmakefile.in # -# Written by and Copyright (C) 2001-2024 members of the +# Written by and Copyright (C) 2001-2025 members of the # Privoxy team. https://www.privoxy.org/ # # Based on the Internet Junkbuster originally written -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Thu Jun 26 13:23:17 2025 From: git at git.privoxy.org (User Git) Date: Thu, 26 Jun 2025 13:23:17 +0200 Subject: [Privoxy-commits] [privoxy] branch master updated (7b1b8aa1 -> 3c2c435d) Message-ID: <175093699771.77048.9092701148131687907@privoxy-git> This is an automated email from the git hooks/post-receive script. git pushed a change to branch master in repository privoxy. from 7b1b8aa1 Bump copyright new 15c91bb5 Add Zstandard-decompression support new 3c2c435d Fix detection and use of pcre2.h from a subdirectory The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: cgisimple.c | 10 ++++- configure.in | 26 +++++++++++- filters.c | 6 +++ parsers.c | 114 ++++++++++++++++++++++++++++++++++++++++++++++++++ pcrs.h | 6 ++- project.h | 3 +- templates/show-status | 6 +++ 7 files changed, 166 insertions(+), 5 deletions(-) -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Thu Jun 26 13:23:18 2025 From: git at git.privoxy.org (User Git) Date: Thu, 26 Jun 2025 13:23:18 +0200 Subject: [Privoxy-commits] [privoxy] 01/02: Add Zstandard-decompression support In-Reply-To: <175093699771.77048.9092701148131687907@privoxy-git> References: <175093699771.77048.9092701148131687907@privoxy-git> Message-ID: <20250626112319.E116FD71F@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 15c91bb53616e74ddc33bcf3386611dbea31feeb Author: Fabian Keil AuthorDate: Sun Jan 26 14:12:23 2025 +0100 Add Zstandard-decompression support Using the reference library zstd: https://facebook.github.io/zstd/ --- cgisimple.c | 10 ++++- configure.in | 22 ++++++++++ filters.c | 6 +++ parsers.c | 114 ++++++++++++++++++++++++++++++++++++++++++++++++++ project.h | 3 +- templates/show-status | 6 +++ 6 files changed, 159 insertions(+), 2 deletions(-) diff --git a/cgisimple.c b/cgisimple.c index 961510f2..58e5ae6b 100644 --- a/cgisimple.c +++ b/cgisimple.c @@ -2202,7 +2202,15 @@ static jb_err show_defines(struct map *exports) #else 0, #endif - } + }, + { + "FEATURE_ZSTD", +#ifdef FEATURE_ZSTD + 1, +#else + 0, +#endif + }, }; for (i = 0; i < SZ(features); i++) diff --git a/configure.in b/configure.in index 51d1b20a..094ccaa6 100644 --- a/configure.in +++ b/configure.in @@ -1317,6 +1317,28 @@ if test X"$WITH_BROTLI" != Xno; then fi +dnl ======================================================== +dnl Check for zstd which can be used for decompression +dnl ======================================================== +WITH_ZSTD=no +AC_ARG_WITH(zstd, +AC_HELP_STRING([--with-zstd], [Enable zstd detection]) +AC_HELP_STRING([--without-zstd], [Disable zstd detection]), + WITH_ZSTD=$withval) + +if test X"$WITH_ZSTD" != Xno; then + + LIBS="$LIBS -lzstd" + AC_CHECK_LIB(zstd, ZSTD_decompressStream) + + AC_CHECK_HEADERS(zstd.h, + FEATURE_ZSTD=1 + AC_DEFINE(FEATURE_ZSTD, 1, [If zstd is used for decompression]) + AC_SUBST(FEATURE_ZSTD, [1]) + ) +fi + + dnl ================================================================= dnl Final cleanup and output dnl ================================================================= diff --git a/filters.c b/filters.c index 7f4a3e46..8daa8c54 100644 --- a/filters.c +++ b/filters.c @@ -2485,6 +2485,9 @@ static jb_err prepare_for_filtering(struct client_state *csp) if ((csp->content_type & (CT_GZIP|CT_DEFLATE)) #ifdef FEATURE_BROTLI || (csp->content_type & CT_BROTLI) +#endif +#ifdef FEATURE_ZSTD + || (csp->content_type & CT_ZSTD) #endif ) { @@ -2511,6 +2514,9 @@ static jb_err prepare_for_filtering(struct client_state *csp) csp->content_type &= ~CT_DEFLATE; #ifdef FEATURE_BROTLI csp->content_type &= ~CT_BROTLI; +#endif +#ifdef FEATURE_ZSTD + csp->content_type &= ~CT_ZSTD; #endif } } diff --git a/parsers.c b/parsers.c index 37bbc138..34b4fd02 100644 --- a/parsers.c +++ b/parsers.c @@ -67,6 +67,9 @@ #ifdef FEATURE_BROTLI #include #endif +#ifdef FEATURE_ZSTD +#include +#endif #if !defined(_WIN32) #include @@ -497,6 +500,98 @@ static jb_err decompress_iob_with_brotli(struct client_state *csp) } #endif + +#ifdef FEATURE_ZSTD +/********************************************************************* + * + * Function : decompress_iob_with_zstd + * + * Description : Decompress buffered page using zstd. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * + * Returns : JB_ERR_OK on success, + * JB_ERR_MEMORY if out-of-memory limit reached, and + * JB_ERR_COMPRESS if error decompressing buffer. + * + *********************************************************************/ +static jb_err decompress_iob_with_zstd(struct client_state *csp) +{ + ZSTD_DCtx *dctx; + ZSTD_inBuffer zstd_input; + ZSTD_outBuffer zstd_output; + char *decoded_buffer; + size_t result; + size_t decoded_buffer_size; + size_t encoded_size; + enum { MAX_COMPRESSION_FACTOR = 15 }; + + dctx = ZSTD_createDCtx(); + if (dctx == NULL) + { + log_error(LOG_LEVEL_ERROR, + "Failed to zstd-decompress content. ZSTD_createDCtx() failed!"); + return JB_ERR_COMPRESS; + } + + encoded_size = (size_t)(csp->iob->eod - csp->iob->cur); + decoded_buffer_size = encoded_size * MAX_COMPRESSION_FACTOR; + + if (decoded_buffer_size > csp->config->buffer_limit) + { + log_error(LOG_LEVEL_ERROR, + "Buffer limit reached before decompressing iob with zstd"); + return JB_ERR_MEMORY; + } + + decoded_buffer = malloc(decoded_buffer_size); + if (decoded_buffer == NULL) + { + log_error(LOG_LEVEL_ERROR, + "Failed to allocate %lu bytes for zstd decompression", + decoded_buffer_size); + return JB_ERR_MEMORY; + } + + zstd_input.src = csp->iob->cur; + zstd_input.size = encoded_size; + zstd_input.pos = 0; + + zstd_output.dst = decoded_buffer; + zstd_output.size = decoded_buffer_size; + zstd_output.pos = 0; + + result = ZSTD_decompressStream(dctx, &zstd_output , &zstd_input); + ZSTD_freeDCtx(dctx); + if (result == 0) + { + /* + * Update the iob, since the decompression was successful. + */ + freez(csp->iob->buf); + csp->iob->buf = decoded_buffer; + csp->iob->cur = csp->iob->buf; + csp->iob->eod = csp->iob->cur + zstd_output.pos; + csp->iob->size = decoded_buffer_size; + + log_error(LOG_LEVEL_RE_FILTER, + "Decompression successful. Old size: %lu, new size: %lu.", + encoded_size, zstd_output.pos); + + return JB_ERR_OK; + } + else + { + log_error(LOG_LEVEL_ERROR, "Failed to decompress buffer with zstd"); + freez(decoded_buffer); + + return JB_ERR_COMPRESS; + } +} +#endif + + /********************************************************************* * * Function : decompress_iob @@ -559,6 +654,13 @@ jb_err decompress_iob(struct client_state *csp) } #endif +#ifdef FEATURE_ZSTD + if (csp->content_type & CT_ZSTD) + { + return decompress_iob_with_zstd(csp); + } +#endif + if (csp->content_type & CT_GZIP) { /* @@ -2664,6 +2766,15 @@ static jb_err server_content_encoding(struct client_state *csp, char **header) csp->content_type |= CT_BROTLI; #else csp->content_type |= CT_TABOO; +#endif + } + else if (strstr(*header, "zstd")) + { +#ifdef FEATURE_ZSTD + /* Mark for zstd decompression */ + csp->content_type |= CT_ZSTD; +#else + csp->content_type |= CT_TABOO; #endif } else if (strstr(*header, "compress")) @@ -2735,6 +2846,9 @@ static jb_err server_adjust_content_encoding(struct client_state *csp, char **he && ((csp->content_type & (CT_GZIP | CT_DEFLATE)) #ifdef FEATURE_BROTLI || (csp->content_type & CT_BROTLI) +#endif +#ifdef FEATURE_ZSTD + || (csp->content_type & CT_ZSTD) #endif ) ) diff --git a/project.h b/project.h index e6009046..3c516602 100644 --- a/project.h +++ b/project.h @@ -513,13 +513,14 @@ struct iob #define CT_GZIP 0x0010U /**< gzip-compressed data. */ #define CT_DEFLATE 0x0020U /**< zlib-compressed data. */ #define CT_BROTLI 0x0040U /**< Brotli-compressed data. */ +#define CT_ZSTD 0x0080U /**< Zstandard-compressed data. */ /** * Flag to signal that the server declared the content type, * so we can differentiate between unknown and undeclared * content types. */ -#define CT_DECLARED 0x0080U +#define CT_DECLARED 0x0100U /** * The mask which includes all actions. diff --git a/templates/show-status b/templates/show-status index a6aaf8bf..7da63555 100644 --- a/templates/show-status +++ b/templates/show-status @@ -395,6 +395,12 @@ Allows to decompress gzip and zlib compressed documents for filtering. Requires external zlib library. + + FEATURE_ZSTD + @if-FEATURE_ZSTD-then@ Yes @else-not-FEATURE_ZSTD@ No @endif-FEATURE_ZSTD@ + Allows to decompress Zstandard-compressed content for filtering. + Requires external zstd library. + -- To stop receiving notification emails like this one, please contact the administrator of this repository. From git at git.privoxy.org Thu Jun 26 13:23:19 2025 From: git at git.privoxy.org (User Git) Date: Thu, 26 Jun 2025 13:23:19 +0200 Subject: [Privoxy-commits] [privoxy] 02/02: Fix detection and use of pcre2.h from a subdirectory In-Reply-To: <175093699771.77048.9092701148131687907@privoxy-git> References: <175093699771.77048.9092701148131687907@privoxy-git> Message-ID: <20250626112320.8199CD721@git.privoxy.org> This is an automated email from the git hooks/post-receive script. git pushed a commit to branch master in repository privoxy. commit 3c2c435d6fce92e051fa7ee4a0a784e124660499 Author: Jakub Kulik AuthorDate: Thu Jun 26 12:39:32 2025 +0200 Fix detection and use of pcre2.h from a subdirectory SF bug #946. --- configure.in | 4 ++-- pcrs.h | 6 +++++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/configure.in b/configure.in index 094ccaa6..a363a601 100644 --- a/configure.in +++ b/configure.in @@ -887,8 +887,8 @@ AC_CHECK_LIB(pcre2-8, pcre2_compile_8, [ AC_EGREP_HEADER(pcre2_pattern_info, pcre2.h,[have_pcre2=yes; AC_DEFINE(HAVE_PCRE2)], [AC_MSG_WARN([[pcre2 old version installed]]); have_pcre2=no]) ], [ AC_CHECK_HEADER(pcre2/pcre2.h, [ - AC_EGREP_HEADER(pcre2_pattern_info, pcre2/pcre2.h, [have_pcre2=yes; AC_DEFINE(PCRE2_H_IN_SUBDIR)], [AC_MSG_WARN([[pcre2 old version installed]]); have_pcre2=no]) - ], [have_pcre2=no]) + AC_EGREP_HEADER(pcre2_pattern_info, pcre2/pcre2.h, [have_pcre2=yes; AC_DEFINE(HAVE_PCRE2) AC_DEFINE(PCRE2_H_IN_SUBDIR)], [AC_MSG_WARN([[pcre2 old version installed]]); have_pcre2=no]) + ], [have_pcre2=no], [#define PCRE2_CODE_UNIT_WIDTH 8]) ], [#define PCRE2_CODE_UNIT_WIDTH 8]) ], [have_pcre2=no]) diff --git a/pcrs.h b/pcrs.h index 8e2fb968..507d6970 100644 --- a/pcrs.h +++ b/pcrs.h @@ -36,7 +36,11 @@ #define PCRE2_CODE_UNIT_WIDTH 8 #define PCREn(x) PCRE2_ ## x #ifndef _PCRE2_H -#include +# ifdef PCRE2_H_IN_SUBDIR +# include +# else +# include +# endif #endif /* -- To stop receiving notification emails like this one, please contact the administrator of this repository.