$Log$
+Revision 526.1 2004/12/07 04:41:02 ajc
+* Finally tracked down the WC->vars heap corruption issue (for real this
+ time). We now call clear_local_substs() at the end of each HTTP
+ transaction, whether we need to or not, instead of calling it whenever
+ we're done with something we wanted session variables for.
+* Finally tracked down the years-long "misplaced '(edit)' link" bug, by
+ copying serv_info->serv_pid to WC->ctdl_pid at the time it's loaded,
+ preventing it from getting clobbered by another session.
+* Bumped internal version number to 5.27
+
Revision 526.0 2004/12/01 21:35:56 ajc
* THIS IS 5.26
1998-12-03 Nathan Bryant <bryant@cs.usm.maine.edu>
* webserver.c: warning fix
-
do_template("login");
- clear_local_substs();
wDumpContent(0); /* No menu here; not logged in yet! */
}
svprintf("STARTPAGE", WCS_STRING, startpage);
do_template("mainframeset");
- clear_local_substs();
}
TheSession->http_sock = sock;
TheSession->lastreq = time(NULL); /* log */
TheSession->outside_frameset_allowed = outside_frameset_allowed;
- session_loop(req); /* do transaction */
+ session_loop(req); /* do transaction */
pthread_mutex_unlock(&TheSession->SessionMutex); /* unbind */
/* Free the request buffer */
free(req);
req = hptr;
}
+
+ /* Free up any session-local substitution variables which
+ * were set during this transaction
+ */
+ clear_local_substs();
}
svcallback("START", offer_start_page);
do_template("roombanner");
- clear_local_substs();
}
switch (a) {
case 0:
serv_info.serv_pid = atoi(buf);
+ WC->ctdl_pid = serv_info.serv_pid;
break;
case 1:
strcpy(serv_info.serv_nodename, buf);
#include <signal.h>
#include "webcit.h"
-struct wcsubst *global_subst = NULL;
-
/*
* Clear out the list of substitution variables local to this session
free(WC->vars);
WC->vars = ptr;
}
+
+ WC->vars = NULL;
}
void svprintf(char *keyname, int keytype, const char *format,...)
{
va_list arg_ptr;
- char wbuf[4096];
+ char wbuf[SIZ];
struct wcsubst *ptr = NULL;
struct wcsubst *scan;
- va_start(arg_ptr, format);
- vsnprintf(wbuf, sizeof wbuf, format, arg_ptr);
- va_end(arg_ptr);
-
/* First scan through to see if we're doing a replacement of
* an existing key
*/
if (ptr == NULL) {
ptr = (struct wcsubst *) malloc(sizeof(struct wcsubst));
ptr->next = WC->vars;
- strcpy(ptr->wcs_key, keyname);
+ safestrncpy(ptr->wcs_key, keyname, sizeof ptr->wcs_key);
WC->vars = ptr;
}
+ /* Format the string and save it */
+
+ va_start(arg_ptr, format);
+ vsnprintf(wbuf, sizeof wbuf, format, arg_ptr);
+ va_end(arg_ptr);
+
ptr->wcs_type = keytype;
ptr->wcs_value = strdup(wbuf);
}
}
if (!strcasecmp(keyname, "SERV_PID")) {
- wprintf("%d", serv_info.serv_pid);
+ wprintf("%d", WC->ctdl_pid);
}
else if (!strcasecmp(keyname, "SERV_NODENAME")) {
suppress_check = ((controlcode & 0x08) >> 3);
cache = ((controlcode & 0x10) >> 4);
+
wprintf("HTTP/1.0 200 OK\n");
httpdate(httpnow, time(NULL));
if (print_standard_html_head > 0) {
wprintf("\n");
- if (refresh30) svprintf("REFRESHTAG", WCS_STRING,
- "<META HTTP-EQUIV=\"refresh\" CONTENT=\"30\">\n");
- else svprintf("REFRESHTAG", WCS_STRING,
- "<META HTTP-EQUIV=\"refresh\" CONTENT=\"500363689;\">\n");
+ if (refresh30) {
+ svprintf("REFRESHTAG", WCS_STRING, "%s",
+ "<META HTTP-EQUIV=\"refresh\" CONTENT=\"30\">\n");
+ }
+ else {
+ svprintf("REFRESHTAG", WCS_STRING, "%s",
+ "<META HTTP-EQUIV=\"refresh\" CONTENT=\"500363689;\">\n");
+ }
+
/* script for checking for pages (not always launched) */
sprintf(onload_fcn, "function onload_fcn() { \n");
);
/* end script */
-
do_template("head");
- clear_local_substs();
svprintf("extrabodyparms", WCS_STRING, "%s",
"onload='onload_fcn();' ");
do_template("background");
- clear_local_substs();
}
if (print_standard_html_head == 1) {
WC->upload_length = 0;
WC->upload = NULL;
+ WC->vars = NULL;
WC->is_wap = 0;
hptr = hptr->next;
if (!strncasecmp(buf, "Cookie: webcit=", 15)) {
- strcpy(cookie, &buf[15]);
+ safestrncpy(cookie, &buf[15], sizeof cookie);
cookie_to_stuff(cookie, NULL,
c_username, c_password, c_roomname);
}
#define SLEEPING 180 /* TCP connection timeout */
#define WEBCIT_TIMEOUT 900 /* WebCit session timeout */
#define PORT_NUM 2000 /* port number to listen on */
-#define SERVER "WebCit v5.26" /* who's in da house */
+#define SERVER "WebCit v5.27" /* who's in da house */
#define DEVELOPER_ID 0
#define CLIENT_ID 4
-#define CLIENT_VERSION 526 /* This version of WebCit */
+#define CLIENT_VERSION 527 /* This version of WebCit */
#define MINIMUM_CIT_VERSION 626 /* min required Citadel vers */
#define DEFAULT_HOST "localhost" /* Default Citadel server */
#define DEFAULT_PORT "504"
int outside_frameset_allowed; /* nonzero if current req is allowed
* outside of the main frameset */
char last_chat_user[SIZ];
+ int ctdl_pid; /* Session ID on the Citadel server */
};
#define extract(dest,source,parmnum) extract_token(dest,source,parmnum,'|')
extern char *server_cookie;
extern int is_https;
-extern struct wcsubst *global_subst;
-
void stuff_to_cookie(char *cookie, int session,
char *user, char *pass, char *room);
wprintf("<TD>%d</TD><TD>", sess);
if ((WC->is_aide) &&
- (sess != serv_info.serv_pid)) {
+ (sess != WC->ctdl_pid)) {
wprintf(" <A HREF=\"/terminate_session&which_session=%d&session_owner=", sess);
urlescputs(user);
wprintf("\" onClick=\"return ConfirmKill();\" "
">(kill)</A>");
}
- if (sess == serv_info.serv_pid) {
+ if (sess == WC->ctdl_pid) {
wprintf(" <A HREF=\"/edit_me\" "
">(edit)</A>");
}