NetBSD/external/bsd/mdocml/dist/man.cgi.3

288 lines
7.3 KiB
Groff
Raw Normal View History

Changes in version 1.13.4, released on July 14, 2016 --- MAJOR NEW FEATURES --- * man.conf(5): Design and implement a simpler configuration file format. * man(1): Leverage less(1) -T and :t in a way resembling ctags(1) to jump to the definitions of various terms inside manual pages. * soelim(1): New implementation by Baptiste Daroussin. * privilege limitation: Use OpenBSD pledge(2) or OS X sandbox_init(3) when available. * man.cgi(8): Support short URIs like http://man.openbsd.org/mdoc . * mandoc.css: Use one unified stylesheet rather than three different ones. --- MAJOR FUNCTIONALLY RELEVANT BUGFIXES --- * mdoc(7): Fix multiple aspects of SYNOPSIS .Nm formatting. * man(1): Fix process group handling, avoiding unclean shutdowns. --- PORTABILITY IMPROVEMENTS --- * Correctly use the ohash(3) compatibility implementation even when building without SQLite support. * Add compat glue for building on Solaris 9 and 10. * Let ./configure select a supported RE syntax for word boundaries. * Support LDFLAGS, to be used for example for hardening options. * Avoid mixing putchar(3) and putwchar(3) on the same file descriptor, it resulted in output corruption on some platforms. * Avoid reusing va_lists, use va_copy(3) for better portability. * Do not hardcode the path to the more(1) program. --- MINOR NEW FEATURES --- * roff(7): Implement \n(.$ (number of macro arguments). * roff(7): Fully implement \z (do not advance cursor). * roff(7): Implement the `r' conditional (register exists). * roff(7): Implement \\$* (interpolate all arguments). * roff(7): Parse and ignore \, and \/ (italic corrections). * When there is no -m, no -M, no MANPATH and no /etc/man.conf, fall back to /usr/share/man:/usr/X11R6/man:/usr/local/man. * man(1): Give manuals in purely numerical sections priority over manuals of the same name in sections with an alphabetical suffix. * man.cgi(8): Support "header.html" and "footer.html". * man.cgi(8): Set the "autofocus" attribute on the query text box. * man.cgi(8): Simplify the search form, drop two useless buttons. * man.cgi(8): Delete the pseudo-manpath "mandoc", assume that apropos(1) and man.cgi(8) are installed in the default manpath. --- RELIABILITY BUGFIXES --- * mdoc(7): Avoid a use after free and an assertion failure when nodes are deleted during validation. * mdoc(7): Avoid a NULL pointer access when .Bd has no arguments. * mdoc(7): Avoid a NULL pointer access triggered by mismatching end macros. * mdoc(7): Avoid an assertion when .Fo has no argument. * mdoc(7): Avoid an assertion when .Ta<tab> occurs in .Bl -column. * mdoc(7): Avoid an assertion when a body gets broken and has a tail. * roff(7): Avoid an assertion caused by blanks inside \o. * roff(7): Make .so links to gziped manuals work without mandoc.db(5). * tbl(7): Avoid a use after free when the last line of a layout is empty. * eqn(7): Avoid an infinite loop caused by recursive "define". * makewhatis(8): Avoid a segfault caused by unusual directory structures. * Fix handling of leading, trailing, and double colons in MANPATH and -m. --- MINOR BUGFIXES --- * mdoc(7): Put arguments to end macros of broken partial explicit blocks inside the breaking block. * mdoc(7): Let .Dv force normal font. * mdoc(7): Make trailing whitespace significant in .Bl -tag widths. * mdoc(7): Fix macro interpretation around tabs in .Bl -column. * man(7): Use the default width for .RS without arguments. * man(7): On a new RS nesting level, the saved width starts from the default width, not from the saved width of the previous level. * man(7): Allow .PD in next-line scope. * man(7): Improve handling of empty .HP. * man(7): Improve formatting of .br and .sp inside .HP. * man(7): Do not mistreat empty arguments to font alternating macros as vertical spacing requests. * man(7): Allow fill mode changes in tagged paragraph next-line scope. * man(7): Fix minor bugs in block rewinding and simplify the related code. * man(7): Add missing line breaks before subsection headers. * man(7): Give section and subsection headers hanging indentation. * man(7): Make trailing whitespace significant in .TP widths. * roff(7): Don't allow breaking the output line after hyphens that immediately follow escape sequences. * roff(7): Ignore blank characters at the beginning of conditional blocks. * roff(7): Escape breakable hyphens only after handling input line traps. * roff(7): Reject \[uD800] to \[uDFFF] (surrogates) in the parser. * tbl(7): Allow more than one data field after T} on the same input line. * terminal output: Apply bold and italic to non-ASCII Unicode codepoints. * terminal output: Improve rounding rules for horizontal scaling widths. * HTML output: Render ASCII_NBRSP as "&nbsp;", not "-". * man(1): Do not match the first part of a name if it continues with a dot. * man(1): Keep working even if the current directory is unusable. * man(1): Better error message when $PAGER is invalid. * makewhatis(8): Improve handling of .Va and .Vt macros. * apropos(1): Print "nothing appropriate" to stderr when appropriate. * apropos(1): Abort with a useful error message when elementary database operations like preparing queries or binding variables fail. --- STRUCTURAL CHANGES, no functional change --- * mdoc(7) and man(7): Unified data structures struct roff_node etc. * mdoc(7) and man(7): Unified node handling library in roff.c. * mdoc(7) and man(7): Seperate validation phase from parsing. * roff(7): Major character table cleanup. * Link with libz rather than forking gunzip(1). --- THANKS TO --- * Baptiste Daroussin (FreeBSD) for the new soelim(1) and for release testing. * Anthony Bentley (OpenBSD) for unifying mandoc.css, two nice patches for man.cgi(8), some documentation patches, some bug reports, and various useful discussions. * Todd Miller (OpenBSD) for lots of help with process group and signal handling, a few patches, some bug reports and some useful discussions. * Jonathan Gray (OpenBSD) for yet more testing with afl(1) again resulting in more than half a dozen important bug reports. * Svyatoslav Mishyn (Crux Linux) for some patches, several bug reports, and extensive release testing. * Christian Neukirchen (void Linux) for a number of compatibility patches and suggestions and several bug reports. * Christos Zoulas (NetBSD) for a bug fix patch and some useful suggestions for cleanup. * Florian Obser (OpenBSD) for a bugfix patch and some bug reports. * Sevan Janiyan for help with Solaris compatibility and release testing on many platforms. * Jan Holzhueter and OpenCSW in general for help with Solaris compatibility, and for providing me with a Solaris 9/10/11 testing environment. * Michael McConville (OpenBSD) for some simple cleanup patches. * Thomas Klausner (NetBSD) for some bug reports and release testing. * Christian Weisgerber, Dmitrij Czarkoff, Igor Sobrado, Ken Westerback, Marc Espie, Mike Belopuhov, Rafael Neves, Ted Unangst, Tim van der Molen, Theo Buehler, Theo de Raadt (OpenBSD), Kurt Jaeger, Dag Erling Smoergrav (FreeBSD), Joerg Sonnenberger (NetBSD), Carsten Kunze (Heirloom troff), Daniel Levai, Fabian Raetz, Jan Stary, Jean-Yves Migeon, Lorenzo Beretta, Markus Waldeck, Maxim Belooussov, Michael Reed, Peter Bray, and Serguey Parkhomovsky for bug reports and feature suggestions. * Alexander Hall, Andrew Fresh, Antoine Jacoutot, Doug Hogan, Jason McIntyre, Jasper Lievisse Adriaanse, Kent Spillner, Nicholas Marriott, Peter Hessler, Sebastien Marie, Stefan Sperling, and Theo de Raadt (OpenBSD) for helpful discussions and feedback.
2016-07-15 17:25:55 +03:00
.\" Id: man.cgi.3,v 1.2 2016/07/07 19:19:01 schwarze Exp
.\"
.\" Copyright (c) 2016 Ingo Schwarze <schwarze@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd July 7, 2016
.Dt MAN.CGI 3
.Os
.Sh NAME
.Nm man.cgi
.Nd internals of the CGI program to search and display manual pages
.Sh DESCRIPTION
The source code of
.Xr man.cgi 8
is organized in four levels:
.Pp
.Bl -enum -compact
.It
.Sx Top level
.It
.Sx Page generators
.It
.Sx Result generators
.It
.Sx Utility routines
.El
.Ss Top level
The top level of
.Xr man.cgi 8
consists of the
.Fn main
program and a few parser routines.
.Bl -tag -width 1n
.It Ft int Fn main void
The main program
.Bl -dash -compact
.It
limits execution time;
.It
changes to
.Dv MAN_DIR ,
the data directory containing all the manual trees;
.It
calls
.Fn parse_manpath_conf ;
.It
if
.Ev PATH_INFO
is empty, calls
.Fn parse_query_string ;
otherwise,
calls
.Fn parse_path_info ;
.It
validates the manpath and the architecture;
.It
calls the appropriate one among the
.Sx Page generators .
.El
.It Ft void Fn parse_manpath_conf "struct req *req"
Parses and validates
.Pa manpath.conf
and fills
.Va req->p
and
.Va req->psz .
.It Ft void Fn parse_path_info "struct req *req" "const char *path"
Parses and validates
.Ev PATH_INFO ,
clears
.Va req->isquery ,
and fills
.Va req->q .
.It Ft void Fn parse_query_string "struct req *req" "const char *qs"
Parses and validates
.Ev QUERY_STRING ,
sets
.Va req->isquery ,
and fills
.Va req->q .
This function is the only user of the utility functions
.Fn http_decode
and
.Fn set_query_attr .
.El
.Ss Page generators
The purpose of each page generator is to print a complete HTML page,
starting with the HTTP headers and continuing to the page footer.
Before starting HTML output with
.Fn resp_begin_html ,
some page generators do some preparatory work, for example to decide
which page to show.
Each page generator ends with a call to
.Fn resp_end_html .
.Bl -tag -width 1n
.It Ft void Fn pg_show "struct req *req" "const char *fullpath"
This page generator is used when
.Ev PATH_INFO
contains the complete path to a manual page including manpath,
section directory, optional architecture subdirectory, manual name
and section number suffix.
It validates the manpath, changes into it, validate the filename,
and then calls
.Fn resp_begin_html ,
.Fn resp_searchform ,
.Fn resp_show ,
and
.Fn resp_end_html
in that order.
.It Ft void Fn pg_search "const struct req *req"
This page generator is used when
.Ev PATH_INFO
contains a search query in short format or when
.Ev PATH_INFO
is empty and a
.Ev QUERY_STRING
is provided.
It changes into the manpath and calls
.Xr mansearch 3 .
Depending on the result, it calls either
.Fn pg_noresult
or
.Fn pg_searchres .
.It Ft void Fn pg_noresult "const struct req *req" "const char *msg"
This function calls
.Fn resp_begin_html ,
.Fn resp_searchform ,
prints the
.Fa msg
passed to it, and calls
.Fn resp_end_html .
.It Ft void Fn pg_searchres "const struct req *req" "struct manpage *r"\
"size_t sz"
This function first validates the filenames found.
If
.Ev QUERY_STRING
was used and there is exactly one result,
it writes an HTTP redirect to that result.
Otherwise, it writes an HTML result page beginning with
.Fn resp_begin_html
and
.Fn resp_searchform .
If there is more than one result, it writes a list of links
to all the results.
If it was a
.Xr man 1
rather than an
.Xr apropos 1
query or if there is only one single result, it calls
.Fn resp_show .
Finally, it calls
.Fn resp_end_html .
.It Ft void Fn pg_index "const struct req *req"
This page generator is used when
.Ev PATH_INFO
and
.Ev QUERY_STRING
are both empty.
It calls
.Fn resp_begin_html
and
.Fn resp_searchform ,
writes links to help pages, and calls
.Fn resp_end_html .
.It Ft void Fn pg_error_badrequest "const char *msg"
This page generator is used when
.Fn main
or
.Fn pg_show
detect an invalid URI.
It calls
.Fn resp_begin_html ,
prints the
.Fa msg
provided, and calls
.Fn resp_end_html .
.It Ft void Fn pg_error_internal void
This page generator is used by various functions when errors are
detected in the
.Pa manpath.conf
configuration file, in
.Xr mandoc.db 5
databases, in the
.Xr mandoc 3
parser, in file system permissions, or when setting up timeouts.
It calls
.Fn resp_begin_html ,
prints
.Qq "Internal Server Error" ,
and calls
.Fn resp_end_html .
Before calling
.Fn pg_error_internal ,
call
.Xr warn 3
or
.Xr warnx 3
to log the reason of the error to the
.Xr httpd 8
server log file.
.El
.Ss Result generators
The purpose of result generators is to print a chunk of HTML code.
When they print untrusted strings or characters,
.Fn html_print
and
.Fn html_putchar
are used.
The highest level result generators are:
.Bl -tag -width 1n
.It Ft void Fn resp_begin_html "int code" "const char *msg"
This generator calls
.Fn resp_begin_http
to print the HTTP headers, then prints the HTML header up to the
opening tag of the <body> element, then copies the file
.Pa header.html
to the output, if it exists and is readable.
.It Ft void Fn resp_searchform "const struct req *req" "enum focus focus"
This generator prints a search form, filling it with data
from the provided request object.
If the
.Fa focus
argument is
.Dv FOCUS_QUERY ,
it sets the document's autofocus to the query input box.
.It Ft void Fn resp_show "const struct req *req" "const char *file"
This wrapper dispatches to either
.Fn resp_catman
or
.Fn resp_format ,
depending on whether
.Ar file
starts with
.Pa cat
or
.Pa man ,
respectively.
.It Ft void Fn resp_catman "const struct req *req" "const char *file"
This generator translates a preformatted, backspace-encoded manual
page to HTML and prints it to the output.
.It Ft void Fn resp_format "const struct req *req" "const char *file"
This generator formats a manual page on the standard output,
using the functions documented in
.Xr mchars_alloc 3
and
.Xr mandoc 3 .
.It Ft void Fn resp_end_html void
This generator copies the file
.Pa footer.html
to the output, if it exists and is readable,
and closes the <body> and <html> elements.
.El
.Ss Utility routines
These functions take a string and return 1 if it is valid, or 0 otherwise.
.Bl -tag -width 1n
.It Ft int Fn validate_urifrag "const char *frag"
Checks that the string only contains alphanumeric ASCII characters,
dashes, dots, slashes, and underscores.
.It Ft int Fn validate_manpath "const struct req *req" "const char* manpath"
Checks that the string is either
.Qq mandoc
or one of the manpaths configured in
.Pa manpath.conf .
.It Ft int Fn validate_filename "const char *file"
Checks that the string starts with
.Qq man
or
.Qq cat
and does not ascend to parent directories.
.El
.Sh SEE ALSO
.Xr mandoc 3 ,
.Xr mansearch 3 ,
.Xr mchars_alloc 3 ,
.Xr mandoc.db 5 ,
.Xr man.cgi 8