Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Proof-of-concept for generalized TH1 command/webpage hooks. |
|---|---|
| Timelines: | family | ancestors | descendants | both | th1Hooks |
| Files: | files | file ages | folders |
| SHA1: |
caad77934ba74b4542468fb2aeb66b27 |
| User & Date: | mistachkin 2012-11-20 06:26:13.105 |
Context
|
2012-11-20
| ||
| 06:28 | Correct format string typos for TH1 trace statements. check-in: c3e841c745 user: mistachkin tags: th1Hooks | |
| 06:26 | Proof-of-concept for generalized TH1 command/webpage hooks. check-in: caad77934b user: mistachkin tags: th1Hooks | |
| 06:04 | Add 'th1-setup' setting for the optional TH1 script to evaluate after creating and initializing the TH1 interpreter. Revise TH1 integration in preparation for generalized hooks. check-in: b058c8a944 user: mistachkin tags: trunk | |
Changes
Changes to src/main.c.
| ︙ | ︙ | |||
194 195 196 197 198 199 200 201 202 203 204 205 206 207 | /* For defense against Cross-site Request Forgery attacks */ char zCsrfToken[12]; /* Value of the anti-CSRF token */ int okCsrf; /* Anti-CSRF token is present and valid */ int parseCnt[10]; /* Counts of artifacts parsed */ FILE *fDebug; /* Write debug information here, if the file exists */ int thTrace; /* True to enable TH1 debugging output */ Blob thLog; /* Text of the TH1 debugging output */ int isHome; /* True if rendering the "home" page */ /* Storage for the aux() and/or option() SQL function arguments */ int nAux; /* Number of distinct aux() or option() values */ | > | 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 | /* For defense against Cross-site Request Forgery attacks */ char zCsrfToken[12]; /* Value of the anti-CSRF token */ int okCsrf; /* Anti-CSRF token is present and valid */ int parseCnt[10]; /* Counts of artifacts parsed */ FILE *fDebug; /* Write debug information here, if the file exists */ int fNoThHook; /* Disable all TH1 command/webpage hooks */ int thTrace; /* True to enable TH1 debugging output */ Blob thLog; /* Text of the TH1 debugging output */ int isHome; /* True if rendering the "home" page */ /* Storage for the aux() and/or option() SQL function arguments */ int nAux; /* Number of distinct aux() or option() values */ |
| ︙ | ︙ | |||
615 616 617 618 619 620 621 622 623 624 625 626 627 628 |
g.fSqlTrace = find_option("sqltrace", 0, 0)!=0;
g.fSqlStats = find_option("sqlstats", 0, 0)!=0;
g.fSystemTrace = find_option("systemtrace", 0, 0)!=0;
g.fSshTrace = find_option("sshtrace", 0, 0)!=0;
if( g.fSqlTrace ) g.fSqlStats = 1;
g.fSqlPrint = find_option("sqlprint", 0, 0)!=0;
g.fHttpTrace = find_option("httptrace", 0, 0)!=0;
g.zLogin = find_option("user", "U", 1);
g.zSSLIdentity = find_option("ssl-identity", 0, 1);
if( find_option("utc",0,0) ) g.fTimeFormat = 1;
if( find_option("localtime",0,0) ) g.fTimeFormat = 2;
if( zChdir && chdir(zChdir) ){
fossil_fatal("unable to change directories to %s", zChdir);
}
| > | 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 |
g.fSqlTrace = find_option("sqltrace", 0, 0)!=0;
g.fSqlStats = find_option("sqlstats", 0, 0)!=0;
g.fSystemTrace = find_option("systemtrace", 0, 0)!=0;
g.fSshTrace = find_option("sshtrace", 0, 0)!=0;
if( g.fSqlTrace ) g.fSqlStats = 1;
g.fSqlPrint = find_option("sqlprint", 0, 0)!=0;
g.fHttpTrace = find_option("httptrace", 0, 0)!=0;
g.fNoThHook = find_option("no-th-hook", 0, 0)!=0;
g.zLogin = find_option("user", "U", 1);
g.zSSLIdentity = find_option("ssl-identity", 0, 1);
if( find_option("utc",0,0) ) g.fTimeFormat = 1;
if( find_option("localtime",0,0) ) g.fTimeFormat = 2;
if( zChdir && chdir(zChdir) ){
fossil_fatal("unable to change directories to %s", zChdir);
}
|
| ︙ | ︙ | |||
658 659 660 661 662 663 664 |
fossil_print("%s: ambiguous command prefix: %s\n"
"%s: could be any of:%s\n"
"%s: use \"help\" for more information\n",
g.argv[0], zCmdName, g.argv[0], blob_str(&couldbe), g.argv[0]);
fossil_exit(1);
}
atexit( fossil_atexit );
| > > | > > > > | 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 |
fossil_print("%s: ambiguous command prefix: %s\n"
"%s: could be any of:%s\n"
"%s: use \"help\" for more information\n",
g.argv[0], zCmdName, g.argv[0], blob_str(&couldbe), g.argv[0]);
fossil_exit(1);
}
atexit( fossil_atexit );
if( g.isHTTP || g.fNoThHook ||
Th_CommandHook(aCommand[idx].zName, aCommand[idx].cmdFlags)==TH_OK ){
aCommand[idx].xFunc();
if( !g.isHTTP && !g.fNoThHook ){
Th_CommandNotify(aCommand[idx].zName, aCommand[idx].cmdFlags);
}
}
fossil_exit(0);
/*NOT_REACHED*/
return 0;
}
/*
** The following variable becomes true while processing a fatal error
|
| ︙ | ︙ | |||
1579 1580 1581 1582 1583 1584 1585 |
#endif
{
@ <h1>Server Configuration Error</h1>
@ <p>The database schema on the server is out-of-date. Please ask
@ the administrator to run <b>fossil rebuild</b>.</p>
}
}else{
| > > | > > > > | 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 |
#endif
{
@ <h1>Server Configuration Error</h1>
@ <p>The database schema on the server is out-of-date. Please ask
@ the administrator to run <b>fossil rebuild</b>.</p>
}
}else{
if( g.isHTTP || g.fNoThHook ||
Th_WebpageHook(aWebpage[idx].zName, aWebpage[idx].cmdFlags)==TH_OK ){
aWebpage[idx].xFunc();
if( !g.isHTTP && !g.fNoThHook ){
Th_WebpageNotify(aWebpage[idx].zName, aWebpage[idx].cmdFlags);
}
}
}
/* Return the result.
*/
cgi_reply();
}
|
| ︙ | ︙ |
Changes to src/th_main.c.
| ︙ | ︙ | |||
17 18 19 20 21 22 23 24 25 26 27 28 29 30 | ** ** This file contains an interface between the TH scripting language ** (an independent project) and fossil. */ #include "config.h" #include "th_main.h" /* ** Global variable counting the number of outstanding calls to malloc() ** made by the th1 implementation. This is used to catch memory leaks ** in the interpreter. Obviously, it also means th1 is not threadsafe. */ static int nOutstandingMalloc = 0; | > > > > > > > > > | 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 | ** ** This file contains an interface between the TH scripting language ** (an independent project) and fossil. */ #include "config.h" #include "th_main.h" /* ** These are the "well-known" TH1 error messages that occur when no hook is ** registered to be called prior to executing a command or processing a web ** page, respectively. If one of these errors is seen, it will not be sent ** or displayed to the remote user or local interactive user, respectively. */ #define NO_COMMAND_HOOK_ERROR "no such command: command_hook" #define NO_WEBPAGE_HOOK_ERROR "no such command: webpage_hook" /* ** Global variable counting the number of outstanding calls to malloc() ** made by the th1 implementation. This is used to catch memory leaks ** in the interpreter. Obviously, it also means th1 is not threadsafe. */ static int nOutstandingMalloc = 0; |
| ︙ | ︙ | |||
717 718 719 720 721 722 723 724 725 726 727 728 729 730 |
}
if( inBracket ){
if( z[0]!='>' ) return 0;
i += 2;
}
return i;
}
/*
** The z[] input contains text mixed with TH1 scripts.
** The TH1 scripts are contained within <th1>...</th1>.
** TH1 variables are $aaa or $<aaa>. The first form of
** variable is literal. The second is run through htmlize
** before being inserted.
| > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 |
}
if( inBracket ){
if( z[0]!='>' ) return 0;
i += 2;
}
return i;
}
/*
** This function is called by Fossil just prior to dispatching a command.
** Returning a value other than TH_OK from this function (i.e. via an
** evaluated script raising an error or calling [break]/[continue]) will
** cause the actual command execution to be skipped.
*/
int Th_CommandHook(
const char *zName,
char cmdFlags
){
int rc = TH_OK;
Th_FossilInit(1, 1);
Th_Store("cmd_name", zName);
Th_StoreInt("cmd_flags", cmdFlags);
rc = Th_Eval(g.interp, 0, "command_hook", -1);
if( rc==TH_ERROR ){
int nResult = 0;
char *zResult = (char*)Th_GetResult(g.interp, &nResult);
/*
** Make sure that the TH1 script error was not caused by a "missing"
** command hook handler as that is not actually an error condition.
*/
if( memcmp(zResult, NO_COMMAND_HOOK_ERROR, nResult)!=0 ){
sendError(zResult, nResult, 0);
}
}
/*
** If the script returned TH_ERROR (e.g. the "command_hook" TH1 command does
** not exist because commands are not being hooked), return TH_OK because we
** do not want to skip executing essential commands unless the called command
** (i.e. "command_hook") explicitly forbids this by successfully returning
** TH_BREAK or TH_CONTINUE.
*/
if( g.thTrace ){
Th_Trace("[command_hook {%h}] => %d<br />\n", zName,
Th_ReturnCodeName(rc));
}
return (rc != TH_ERROR) ? rc : TH_OK;
}
/*
** This function is called by Fossil just after dispatching a command.
** Returning a value other than TH_OK from this function (i.e. via an
** evaluated script raising an error or calling [break]/[continue]) may
** cause an error message to be displayed to the local interactive user.
** Currently, TH1 error messages generated by this function are ignored.
*/
int Th_CommandNotify(
const char *zName,
char cmdFlags
){
int rc;
Th_FossilInit(1, 1);
Th_Store("cmd_name", zName);
Th_StoreInt("cmd_flags", cmdFlags);
rc = Th_Eval(g.interp, 0, "command_notify", -1);
if( g.thTrace ){
Th_Trace("[command_notify {%h}] => %d<br />\n", zName,
Th_ReturnCodeName(rc));
}
return rc;
}
/*
** This function is called by Fossil just prior to processing a web page.
** Returning a value other than TH_OK from this function (i.e. via an
** evaluated script raising an error or calling [break]/[continue]) will
** cause the actual web page processing to be skipped.
*/
int Th_WebpageHook(
const char *zName,
char cmdFlags
){
int rc = TH_OK;
Th_FossilInit(1, 1);
Th_Store("web_name", zName);
Th_StoreInt("web_flags", cmdFlags);
rc = Th_Eval(g.interp, 0, "webpage_hook", -1);
if( rc==TH_ERROR ){
int nResult = 0;
char *zResult = (char*)Th_GetResult(g.interp, &nResult);
/*
** Make sure that the TH1 script error was not caused by a "missing"
** webpage hook handler as that is not actually an error condition.
*/
if( memcmp(zResult, NO_WEBPAGE_HOOK_ERROR, nResult)!=0 ){
sendError(zResult, nResult, 1);
}
}
/*
** If the script returned TH_ERROR (e.g. the "webpage_hook" TH1 command does
** not exist because commands are not being hooked), return TH_OK because we
** do not want to skip processing essential web pages unless the called
** command (i.e. "webpage_hook") explicitly forbids this by successfully
** returning TH_BREAK or TH_CONTINUE.
*/
if( g.thTrace ){
Th_Trace("[webpage_hook {%h}] => %d<br />\n", zName,
Th_ReturnCodeName(rc));
}
return (rc != TH_ERROR) ? rc : TH_OK;
}
/*
** This function is called by Fossil just after processing a web page.
** Returning a value other than TH_OK from this function (i.e. via an
** evaluated script raising an error or calling [break]/[continue]) may
** cause an error message to be displayed to the remote user.
** Currently, TH1 error messages generated by this function are ignored.
*/
int Th_WebpageNotify(
const char *zName,
char cmdFlags
){
int rc;
Th_FossilInit(1, 1);
Th_Store("web_name", zName);
Th_StoreInt("web_flags", cmdFlags);
rc = Th_Eval(g.interp, 0, "webpage_notify", -1);
if( g.thTrace ){
Th_Trace("[webpage_notify {%h}] => %d<br />\n", zName,
Th_ReturnCodeName(rc));
}
return rc;
}
/*
** The z[] input contains text mixed with TH1 scripts.
** The TH1 scripts are contained within <th1>...</th1>.
** TH1 variables are $aaa or $<aaa>. The first form of
** variable is literal. The second is run through htmlize
** before being inserted.
|
| ︙ | ︙ | |||
790 791 792 793 794 795 796 |
usage("FILE");
}
db_open_config(0); /* Needed for global "tcl" setting. */
blob_zero(&in);
blob_read_from_file(&in, g.argv[2]);
Th_Render(blob_str(&in));
}
| > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 |
usage("FILE");
}
db_open_config(0); /* Needed for global "tcl" setting. */
blob_zero(&in);
blob_read_from_file(&in, g.argv[2]);
Th_Render(blob_str(&in));
}
/*
** COMMAND: test-th-hook
*/
void test_th_hook(void){
int rc = TH_OK;
int nResult = 0;
char *zResult;
if( g.argc<5 ){
usage("TYPE NAME FLAGS");
}
if( fossil_stricmp(g.argv[2], "cmdhook")==0 ){
rc = Th_CommandHook(g.argv[3], (char)atoi(g.argv[4]));
}else if( fossil_stricmp(g.argv[2], "cmdnotify")==0 ){
rc = Th_CommandNotify(g.argv[3], (char)atoi(g.argv[4]));
}else if( fossil_stricmp(g.argv[2], "webhook")==0 ){
rc = Th_WebpageHook(g.argv[3], (char)atoi(g.argv[4]));
}else if( fossil_stricmp(g.argv[2], "webnotify")==0 ){
rc = Th_WebpageNotify(g.argv[3], (char)atoi(g.argv[4]));
}else{
fossil_fatal("Unknown TH1 hook %s\n", g.argv[2]);
}
zResult = (char*)Th_GetResult(g.interp, &nResult);
sendText("RESULT (", -1, 0);
sendText(Th_ReturnCodeName(rc), -1, 0);
sendText("): ", -1, 0);
sendText(zResult, nResult, 0);
sendText("\n", -1, 0);
}
|