| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
If a file can be opened, mandoc will produce some output;
at worst, the output may be almost empty.
Simplifies error handling and frees a message type for future use.
|
| |
|
|
| |
to q.manpath and dropping the (incomplete) later NULL checks.
|
| |
|
|
|
| |
that contained at least one match in order to not prefer mdoc(1) from
ports over mdoc(7). As a bonus, this results in a speedup.
|
| |
|
|
|
|
|
|
| |
validity of character escape names and warn about unknown ones.
This requires mchars_spec2cp() to report unknown names again.
Fortunately, that doesn't require changing the calling code because
according to groff, invalid character escapes should not produce
output anyway, and now that we warn about them, that's fine.
|
| | |
|
| |
|
|
|
|
|
|
| |
Replace hard-coded widths and alignments with a minimal embedded stylesheet.
Do not use <p> because it cannot appear inside block macros.
Remove the "summary" attribute because it is not HTML5.
Written by kristaps@ some months ago, finished during EuroBSDCon.
|
| |
|
|
|
|
| |
to be more similar to apropos(1) called from the shell.
Missing feature reported by Marcus MERIGHI <mcmer dash openbsd at
tor dot at> on misc@.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
provide a unified set of command line options for mandoc(1), man(1),
apropos(1), and whatis(1), each option doing the same for all four.
Not adding any completely new options, only extending exiting ones
from one tool to the others. New options are:
* apropos & whatis -acfkw (in the past, these were man(1) only)
* apropos & whatis -a -IOTW (in the past, mandoc(1) only)
* mandoc -ac (in the past, man(1) only)
* man -IOTW (in the past, mandoc(1) only)
Before we can decide whether or not we want to replace src/usr.bin/man
with this implementation, considerable bugfixing, testing, and
performance measurements are needed, which i'd rather do in the tree
than outside. Note that these bugs only affect the new man(1) mode,
existing mandoc(1), apropos(1), and whatis(1) is fine.
The new functionality in mandoc(1), apropos(1), and whatis(1)
is fully enabled. To play with the new man(1), you can try:
# mv /usr/bin/man /usr/bin/oman
# ln -s /usr/bin/mandoc /usr/bin/man
Positive feedback about the general direction from sthen@ and jmc@,
and deraadt@ is not against it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
is an attempt to reduce confusion for users switching between media
and between different operating systems.
Not using the groff title for section 4 is intentional,
it is just too awful ("Kernel Interfaces Manual"), and
the difference from sections 2 and 9 would be too hard to see.
Positive feedback from at least deraadt@ millert@ bluhm@ jca@.
Previously also agreed with the general direction: jmc@ Nick@.
The title for 3p was polished by bluhm@.
The existing mismatches were originally noticed by jsg@.
|
| |
|
|
| |
attack surface pointed out by Sebastien Marie
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Printing query strings for URIs *always* needs URI-encoding, and when
embedding the URI into an HTML document, it needs replacement of
the "&" separators by "&" *in addition to that*, not instead.
Delete the function html_primtquery(), it was completely wrong.
You can see the badness by entering "mandoc &sec=2" into the query input
box before this patch and click "Submit". You come to the right page at
first (...man.cgi?query=mandoc+%26sec%3D2&apropos=0&sec=0&...), but now
the link to mandoc(1) is wrong: ...mandoc.1?query=mandoc &sec=2&...
Clicking on that, the "&sec=2" disappears from the query input box and
suddenly you have the first dropdown set to "2 - System Calls". Oops.
|
| |
|
|
|
| |
and leave out the manpath when it is the default.
For building the HTML formatter options, do not use a static buffer.
|
| |
|
|
| |
fixing an oversight introduced in rev. 1.17
|
| |
|
|
|
|
|
|
|
|
|
|
| |
by the search form, it's just the order of the fields in the form.
Actually, that's not too bad; the generated URI resembles the
generating form.
To minimize confusion for people looking at URIs, give the keys
in the same order when generating URIs for search listings and
search redirections, the latter being used instead of search
listings that would have only one single entry. Also, if the
manpath is the default, remove it form the generated URIs.
|
| |
|
|
| |
and avoid empty arch= keys.
|
| |
|
|
| |
of XHTML syntax. Also add some cosmetic newlines to the HTML code.
|
| |
|
|
|
|
| |
QUERY_STRING keys, so rename "expr" to "query".
Also add some missing function prototypes.
No functional change.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
1. Make sure the last occurrence of each key is used, even if
it is empty, in which case it resets the value to the default.
2. When there is an HTTP encoding error, skip the affected
key-value pair only, but not all subsequent key-value pairs.
3. Do not modify a string returned from getenv(3).
4. Do not assume the NULL pointer is all null bits.
|
| |
|
|
|
|
|
|
| |
By moving the sort from cgi.c to mansearch.c, we get two advantages:
Easier access to the data needed for sorting, in particular the section
number, and the apropos(1) command line utility profits as well.
Feature requested by deraadt@.
|
| |
|
|
|
|
|
| |
Still, amd64 remains the default in the following sense:
If a man(1) mode search returns more than one page of the same name,
prefer amd64 over other architectures for immediate display.
ok deraadt@ daniel@
|
| |
|
|
|
|
|
|
| |
Restrict the character set of strings passed into html_alloc(),
in particular architecture names that come from the QUERY_STRING,
but also SCRIPT_NAME and manpath.conf content for additional safety,
and bail out safely on violations.
Issue reported by Sebastien Marie <semarie-openbsd at latrappe dot fr>.
|
| |
|
|
| |
preserve manpath and arch in .Xr links
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2616) requires the Location: response-header field to be an absolute
URI (14.30), and only the most recent proposed standard (RFC 7231),
which is barely a month old, allows a relative Location: (7.1.2).
While most modern browsers appear to support relative Location:
headers, some may not, and it's maybe a bit early to rely on relative
Location: headers.
I'm not going back to the HTTP_HOST or SERVER_NAME CGI variables,
though. While some CGI programs certainly require those, in which
case both the CGI programmer and the web server admin have to be
very careful to keep the system secure and reliable, man.cgi(8)
does not really need them. We always know at compile time which
domain we are running for, and for man.cgi(8), security and reliability
are definitely much more important than flexibility. So make HTTP_HOST
a compile-time definition for now.
|
| |
|
|
|
|
|
|
|
|
|
| |
Validate the manpath up front and report a Bad Request if it is not
listed in manpath.conf, such that clients can't probe which directories
exist on the server. In case of configuration errors, consistently
report Internal Server Error without disclosing any further information.
Partially based on a patch from Sebastien Marie <semarie-openbsd at
latrappe dot fr>, but avoiding a couple of issues with that patch
and approaching the issue in a somewhat more rigorous way.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Validate the name of the file to show before opening it.
Only allow relative filenames starting with "man" or "cat"
and containing neither "/.." nor "../".
While here, correct the condition discarding an initial "./".
Vulnerability found by Sebastien Marie <semarie-openbsd at latrappe dot fr>.
Many thanks for sending a patch; however, i did not use it but made the
checks even stricter.
|
| |
|
|
|
|
|
|
| |
just make the HTTP redirect Location: relative.
Less user input is good, it reduces the attack surface.
Besides, this removes one global variable and 4 lines of code.
Patch from Sebastien Marie <semarie-openbsd at latrappe dot fr>.
|
| |
|
|
|
|
|
|
|
| |
log the problem, hand the pg_error_internal() error page to the client,
and exit(3) in a controlled way instead of stumbling on and segfaulting
later.
Patch from Sebastien Marie <semarie-openbsd at latrappe dot fr>,
messages tweaked by me.
|
| |
|
|
|
| |
unfortunate, more than 400 links needing this are scattered all around
the www.openbsd.org website, and CVSweb needs this as well.
|
| |
|
|
|
|
| |
functions that call resp_begin_html() names starting with "pg_"
and those called after resp_begin_html() names with "resp_".
No functional change, purely renaming functions.
|
| | |
|
| |
|
|
|
|
| |
Even when there are multiple pages with the same name in different
sections, show one of them, using the same priorities as in the
default man.conf(5) file.
|
| |
|
|
|
|
|
|
| |
as manpath.conf, such that we do not need to mix our own documentation
into the documentation we are serving, which may not even be possible
if the latter is updated automatically.
Based on an idea by beck@.
|
| |
|
|
| |
in particular introduce a section dropdown and an architecture dropdown.
|
| |
|
|
|
| |
configuration facilities, just two paths and two HTML strings.
Show the title on all pages, not just the index page.
|
| |
|
|
|
|
| |
global lookup table, two functions, two function arguments, one
struct member, one local variable, and the "search/" and "show/"
part of the URIs, all without losing functionality.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Distinguish between man(1) and apropos(1) mode by adding back the classical
QUERY_STRING variable "apropos=". Change the default back to "apropos=0".
Control it by adding a HTML <SELECT> element for it.
Rename the "expr=" QUERY_STRING variable back to its classical name "query=",
i don't see how the new name is better than the classical one.
While here, drop the concept of a "legacy mode". Simply continue to
support the features, and use what we consider best.
|
| | |
|
| |
|
|
| |
ok schwarze
|
| | |
|
|
|
It will not be enabled in the build nor installed by default.
A comment in the Makefile lists the three simple steps
needed to build, install, and run it on the two machines
worldwide that are going to run it.
deraadt@ agrees with having the code in the tree.
|
schwarze
tedu