diff options
author | Anton Luka Šijanec <anton@sijanec.eu> | 2022-04-24 13:24:41 +0200 |
---|---|---|
committer | Anton Luka Šijanec <anton@sijanec.eu> | 2022-04-24 13:24:41 +0200 |
commit | fc50a7f6c9e45b0c4e2bb03fbfc42b70e23b9aa6 (patch) | |
tree | 06b2206059672a98ce7797e3e7359f5801e2f0b7 | |
parent | separated css and html, removed php-cli dependency (diff) | |
download | sear.c-fc50a7f6c9e45b0c4e2bb03fbfc42b70e23b9aa6.tar sear.c-fc50a7f6c9e45b0c4e2bb03fbfc42b70e23b9aa6.tar.gz sear.c-fc50a7f6c9e45b0c4e2bb03fbfc42b70e23b9aa6.tar.bz2 sear.c-fc50a7f6c9e45b0c4e2bb03fbfc42b70e23b9aa6.tar.lz sear.c-fc50a7f6c9e45b0c4e2bb03fbfc42b70e23b9aa6.tar.xz sear.c-fc50a7f6c9e45b0c4e2bb03fbfc42b70e23b9aa6.tar.zst sear.c-fc50a7f6c9e45b0c4e2bb03fbfc42b70e23b9aa6.zip |
-rw-r--r-- | Makefile | 15 | ||||
-rw-r--r-- | README.md | 73 | ||||
-rw-r--r-- | debian/changelog | 8 | ||||
-rw-r--r-- | misc/files.txt | 132 | ||||
-rw-r--r-- | src/api.c | 2 | ||||
-rw-r--r-- | src/css.css | 13 | ||||
-rw-r--r-- | src/example.conf | 7 | ||||
-rw-r--r-- | src/hp.html | 12 | ||||
-rw-r--r-- | src/i18n.h | 5 | ||||
-rw-r--r-- | src/log.c | 7 | ||||
-rw-r--r-- | src/main.c | 5 | ||||
-rwxr-xr-x | src/openrc.sh | 46 | ||||
-rw-r--r-- | src/structs.c | 2 |
13 files changed, 292 insertions, 35 deletions
@@ -1,21 +1,30 @@ DESTDIR=/ CC = cc +cflags = -O0 -Wall -Wextra -pedantic -Wno-unused-parameter -Wno-trampolines -g -Isrc -Itmp -pthread +SRCFILE = src/main.c +ldflags = $(shell xml2-config --libs --cflags) -lmicrohttpd -lm +BINFILE = sear.c +# cflags and ldflags are used so that users specifying CFLAGS and LDFLAGS do not override my flags +# += is not used, because gcc usually accepts last option, for example -O0 -O2 will use -O2 .NOTPARALLEL: default: mkdir tmp -p sed "s/<!--ver-->/$$PVR/g" < src/hp.html > tmp/hp.html # gentoo ebuild. git overrides it. -VER=`git describe --always` && sed "s/<!--ver-->/$$VER/g" < src/hp.html > tmp/hp.html + sed -i "s/=>/$(shell echo '#include "src/i18n.h"' | $(CC) -dM -E - | grep "SC_I18N_SEARCH " | cut -d' ' -f3)/g" tmp/hp.html + sed -i "s/1\./$(shell echo '#include "src/i18n.h"' | $(CC) -dM -E - | grep "SC_I18N_HORSESHOE " | cut -d' ' -f3)/g" tmp/hp.html + sed -i "s/\[^\]/$(shell echo '#include "src/i18n.h"' | $(CC) -dM -E - | grep "SC_I18N_IMAGES " | cut -d' ' -f3)/g" tmp/hp.html xxd -i < tmp/hp.html > tmp/hp.xxd echo ', 0' >> tmp/hp.xxd xxd -i < src/osdd.xml > tmp/osdd.xxd echo ', 0' >> tmp/osdd.xxd xxd -i < src/css.css > tmp/css.xxd echo ', 0' >> tmp/css.xxd - $(CC) -Wall -Wextra -pedantic -Wno-unused-parameter -g -Isrc -Itmp -pthread src/main.c $$(xml2-config --libs --cflags) -lmicrohttpd -lm -osear.c + $(CC) $(cflags) $(CFLAGS) $(SRCFILE) $(ldflags) $(LDFLAGS) -o$(BINFILE) install: mkdir -p $(DESTDIR)/usr/bin/ - cp sear.c $(DESTDIR)/usr/bin/ + cp $(BINFILE) $(DESTDIR)/usr/bin/ distclean: rm sear.c tmp -rf @@ -24,7 +33,7 @@ clean: rm sear.c tmp -rf prepare: - sudo apt install libmicrohttpd-dev xxd build-essential libxml2-dev php-cli debmake debheler -y + apt install libmicrohttpd-dev xxd build-essential libxml2-dev php-cli debmake debheler -y test-http: mkdir -p tmp @@ -1,54 +1,84 @@ # sear.c -sear.c is used as a lightweight replacement for [SearX](https://en.wikipedia.org/wiki/Searx) that proxies and caches search results +sear.c is used as a lightweight replacement for [SearX](http://en.wikipedia.org/wiki/Searx) that proxies and caches search results from the Google web search engine. The main advantages over SearX are speed and simplicity. -## instructions for debian and ubuntu systems +## packaging -First add my software distribution repository [prog.sijanec.eu](https://prog.sijanec.eu) into your APT sources list. +### debian and ubuntu + +First add my software distribution repository [prog.sijanec.eu](http://prog.sijanec.eu) into your APT sources list. See instructions [there](http://prog.sijanec.eu). ``` apt install sear.c +systemctl enable sear.c service sear.c start ``` +### gentoo + +First add my ebuild overlay repository [sijanec/ebuild](http://git.sijanec.eu/sijanec/ebuild) into your portage repos.conf. See instructions [there](http://git.sijanec.eu/sijanec/ebuild). [Read this note.](#user-content-notes) + +``` +emerge --ask www-apps/searc +rc-update add sear.c +rc-service start sear.c +``` + ## requirements * a POSIX system -* GNU C library (uses `tdestroy(3)` if compiled without `SC_OLD_STORAGE`) -* GNU compiler collection (it's written in GNU C - it uses nested functions) -* GNU Make -* libxml2-dev (for the simple HTML/1.0 client and HTML parser) -* libmicrohttpd-dev (for serving results - use a reverse proxy, such as nginx, for HTTPS) -* xxd (for converting HTML pages into C arrays when compiling from source) +* GNU C library (uses `tdestroy(3)` if compiled without `SC_OLD_STORAGE`). `musl` supports `tdestroy(3)`, though `CC=musl-gcc` does not work. +* GNU compiler collection (it's written in GNU C - it uses nested functions). +* GNU Make. (needs to support `.NOTPARALLEL:`). +* libxml2-dev (for the simple HTML/1.0 client and HTML parser). +* libmicrohttpd-dev (for serving results - use a reverse proxy, such as nginx, for HTTPS). +* xxd (for converting HTML pages into C arrays when compiling from source). + +### supported browsers + +pages that sear.c generates were tested and are usable on the following www clients: <a href=http://github.com/Eloston/ungoogled-chromium>ungoogled-chromium</a>, <a href=//gnu.org/software/gnuzilla>icecat</a>, <a href=//links.twibright.com>links</a> and many more ## compiling from source ``` -make prepare -make +make prepare # debian only, runs apt install (run as root) +make # compiles +./sear.c # runs the server ``` ## instructions -* run the daemon - it starts listening on HTTP port 7327 (remember it by picturing phone keyboard buttons with letters SEAR (; ) - port can be set with the environment variable `SC_PORT` +* run the daemon - it starts listening on HTTP port 7327 (remember it by picturing phone keyboard buttons with letters SEAR (; ) * optional: create a reverse proxy for HTTPS * navigate to [http://localhost:7327](http://localhost:7327) and do a couple of searches to see if everything works * the horseshoe button redirects directly to the first result without wasting time on the results page. use if you feel lucky. (BP) * the painting button performs a search for images. PRIVACY WARNING: images are loaded directly from servers (not from google) -* program writes all logs to standard error (and to `/logs.html` if compiled with `SC_LOGMEM`) +* program writes all logs to standard error * setting the h parameter will rewrite links to HTTP from HTTPS * setting the l parameter with a number will limit number of displayed links to that number. * upstream engines sometimes respond with a CAPTCHA after repediated requests. set the environment variable `SC_FALLBACK` to a URL prefix (`http://fallback.example:7327/search?`) to HTTP redirect clients in case of such upstream errors. -* shipped systemd unit loads environment variables from `/etc/sear.c` if it exists as `VAR=VAL`. +* shipped systemd unit and openrc init file loads environment variables from `/etc/sear.c` if it exists as `VAR=VAL`. + +## configuration + +configuration is done with environment variables and with build time definitions: + +* environment variable `SC_PORT` containing a number defines the port, 7327 by default +* preprocessor definition `SC_LOGMEM` when set, causes the program to store all logs to memory and display them via HTTP HTML UI on /logs.html +* environment variable `SC_FALLBACK` defines a URL prefix of a search engine (possibly another sear.c instance) to which clients will be HTTP redirected when upstream engine responds with a captcha. Example: `http://fallback.example:7327/search?some=param&other=param`. HTTP query parameters are appended. +* environment variable `SC_LOGLEVEL` overrides the build time preprocessor definition `SC_LOGLEVEL`, which is by default `"SC_LOG_ERROR SC_LOG_WARNING SC_LOG_INFO SC_LOG_DEBUG"` (all log levels) and, as the name applies, sets the loglevel to both /logs.html (if enabled) and stderr logging. +* preprocessor definition `SC_OLD_STORAGE` defines whether old query storage mechanism O(n) should be used instead of the new `tsearch(3)` O(log n). This option is deprecated, but I'll leave it in for some time just in case some errors show up with the new implementation (perhaps scary security issues). + +when openrc init script or systemd unit file is used, environment variables in newline separated format `NAME=VALUE` are read from `/etc/sear.c`, should that file exist. ## prebuilt binaries -apart from the usual debian distribution, there are also prebuilt binaries built for amd64, arm64, i386 and armel, as well as debian packages. +apart from the usual debian distribution, there are also prebuilt dynamically linked binaries built for amd64, arm64, i386 and armel, as well as debian packages. before downloading, check that the build passed, indicated below on the badge: -[![Build Status](https://jenkins.sijanec.eu/job/sear.c/badge/icon)](https://jenkins.sijanec.eu/job/sear.c/) +[![Build Status](https://jenkins.sijanec.eu/job/sear.c/badge/icon)](http://jenkins.sijanec.eu/job/sear.c/) * amd64: <https://amd64.sijanec.eu/prog/sear.c> * arm64: <https://arm64.sijanec.eu/prog/sear.c> @@ -63,8 +93,17 @@ before downloading, check that the build passed, indicated below on the badge: ![screenshot in chromium 4](https://cdn.sijanec.eu/img/2021/04/sear.c_prtsc4.png) ![screenshot in chromium 5](https://cdn.sijanec.eu/img/2021/04/sear.c_prtsc5.png) -# additional information +## security + +* please email me if you find any (security) issues in the program. +* always run sear.c as an unprivileged user in a chroot (gentoo and debian distribution services do that) + +## additional information * valgrind reports a memory leak, leak is bigger with every API search query. run `make valgrind` and you'll see it. I was unable to find the bug, but it just bothers me. I wrote a small bug PoC (test/bug) but I could not replicate the bug (`cd tmp/bug; make; make valgrind; less valgrind-out.txt` - process exits with no leaks possible). Example output from sear.c valgrind with one request done is included in test/bug/example-valgrind.txt. Such small memory leak is not a problem, since we store all extracted data from the query indefinetley anyways, but it's still pretty dumb to leak memory. * memory allocations are not checked for failures. This needs to be done to use fanalyzer * __attribute__s such as nonnull are not set in struct members of query types and in functions such as htmlspecialchars but `if (!arg) return NULL` is done instead, which is poor coding style and fanalyzing can't be done in this case. This needs to be fixed to use fanalyzer. + +### notes + +* **gentoo ebuild**: openrc's start-stop-daemon lacks support for easy creation of unprivileged daemons in chrooted environments with logging enabled, which sear.c absolutely requires due to it being in early alpha unstable stage. [a pull request was submitted to openrc that adds such features](//http://github.com/OpenRC/openrc/pull/517); until it's merged and until it's changes are gentoo, sear.c's init script is unusable. diff --git a/debian/changelog b/debian/changelog index 8204a5f..f8caead 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +sear.c (0.0.22-1) stable; urgency=low + + * loglevel environment variable and compile-time option + * openrc init script that depends on github.com/OpenRC/openrc/pull/517 + * with no css support (links), buttons have text instead of emoji + + -- Anton Luka Šijanec <anton@sijanec.eu> Thu, 21 Apr 2022 19:00:00 +0200 + sear.c (0.0.21-1) stable; urgency=low * removed dependency to php-cli - using sed for version substitution diff --git a/misc/files.txt b/misc/files.txt new file mode 100644 index 0000000..3657c83 --- /dev/null +++ b/misc/files.txt @@ -0,0 +1,132 @@ +# grep -oP '"\K[^\n"]+(?=")' /tmp/out > projects/discord.c/misc/files.txt + +/usr/bin/sear.c +, [ +sear.c +/etc/ld.so.nohwcap +/etc/ld.so.preload +/etc/ld.so.cache +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libxml2.so.2 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libmicrohttpd.so.12 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libm.so.6 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libpthread.so.0 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libc.so.6 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libdl.so.2 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libicuuc.so.67 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libz.so.1 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/liblzma.so.5 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libgnutls.so.30 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libicudata.so.67 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libstdc++.so.6 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libgcc_s.so.1 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libp11-kit.so.0 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libidn2.so.0 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libunistring.so.2 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libtasn1.so.6 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libnettle.so.8 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libhogweed.so.6 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libgmp.so.10 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libffi.so.7 +/etc/gnutls/config +/etc/localtime +/etc/nsswitch.conf +/etc/resolv.conf +/etc/host.conf +/etc/resolv.conf +/etc/ld.so.cache +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libnss_files.so.2 +/etc/hosts +/etc/ld.so.cache +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/tls/i686/sse2/libnss_mdns4_minimal.so.2 +/lib/i386-linux-gnu/tls/i686/sse2 +/lib/i386-linux-gnu/tls/i686/libnss_mdns4_minimal.so.2 +/lib/i386-linux-gnu/tls/i686 +/lib/i386-linux-gnu/tls/sse2/libnss_mdns4_minimal.so.2 +/lib/i386-linux-gnu/tls/sse2 +/lib/i386-linux-gnu/tls/libnss_mdns4_minimal.so.2 +/lib/i386-linux-gnu/tls +/lib/i386-linux-gnu/i686/sse2/libnss_mdns4_minimal.so.2 +/lib/i386-linux-gnu/i686/sse2 +/lib/i386-linux-gnu/i686/libnss_mdns4_minimal.so.2 +/lib/i386-linux-gnu/i686 +/lib/i386-linux-gnu/sse2/libnss_mdns4_minimal.so.2 +/lib/i386-linux-gnu/sse2 +/lib/i386-linux-gnu/libnss_mdns4_minimal.so.2 +/lib/i386-linux-gnu +/usr/lib/i386-linux-gnu/tls/i686/sse2/libnss_mdns4_minimal.so.2 +/usr/lib/i386-linux-gnu/tls/i686/sse2 +/usr/lib/i386-linux-gnu/tls/i686/libnss_mdns4_minimal.so.2 +/usr/lib/i386-linux-gnu/tls/i686 +/usr/lib/i386-linux-gnu/tls/sse2/libnss_mdns4_minimal.so.2 +/usr/lib/i386-linux-gnu/tls/sse2 +/usr/lib/i386-linux-gnu/tls/libnss_mdns4_minimal.so.2 +/usr/lib/i386-linux-gnu/tls +/usr/lib/i386-linux-gnu/i686/sse2/libnss_mdns4_minimal.so.2 +/usr/lib/i386-linux-gnu/i686/sse2 +/usr/lib/i386-linux-gnu/i686/libnss_mdns4_minimal.so.2 +/usr/lib/i386-linux-gnu/i686 +/usr/lib/i386-linux-gnu/sse2/libnss_mdns4_minimal.so.2 +/usr/lib/i386-linux-gnu/sse2 +/usr/lib/i386-linux-gnu/libnss_mdns4_minimal.so.2 +/usr/lib/i386-linux-gnu +/lib/tls/i686/sse2/libnss_mdns4_minimal.so.2 +/lib/tls/i686/sse2 +/lib/tls/i686/libnss_mdns4_minimal.so.2 +/lib/tls/i686 +/lib/tls/sse2/libnss_mdns4_minimal.so.2 +/lib/tls/sse2 +/lib/tls/libnss_mdns4_minimal.so.2 +/lib/tls +/lib/i686/sse2/libnss_mdns4_minimal.so.2 +/lib/i686/sse2 +/lib/i686/libnss_mdns4_minimal.so.2 +/lib/i686 +/lib/sse2/libnss_mdns4_minimal.so.2 +/lib/sse2 +/lib/libnss_mdns4_minimal.so.2 +/lib +/usr/lib/tls/i686/sse2/libnss_mdns4_minimal.so.2 +/usr/lib/tls/i686/sse2 +/usr/lib/tls/i686/libnss_mdns4_minimal.so.2 +/usr/lib/tls/i686 +/usr/lib/tls/sse2/libnss_mdns4_minimal.so.2 +/usr/lib/tls/sse2 +/usr/lib/tls/libnss_mdns4_minimal.so.2 +/usr/lib/tls +/usr/lib/i686/sse2/libnss_mdns4_minimal.so.2 +/usr/lib/i686/sse2 +/usr/lib/i686/libnss_mdns4_minimal.so.2 +/usr/lib/i686 +/usr/lib/sse2/libnss_mdns4_minimal.so.2 +/usr/lib/sse2 +/usr/lib/libnss_mdns4_minimal.so.2 +/usr/lib +/etc/ld.so.cache +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libnss_dns.so.2 +/etc/ld.so.nohwcap +/lib/i386-linux-gnu/libresolv.so.2 +/etc/gai.conf @@ -154,11 +154,11 @@ enum sc_return sc_query_google (const char * s, /* breaking change: changed retu char * imageclass = NULL; htmlDocPtr xmldoc = NULL; char * txtdoc = NULL; + int qwasgiven = 0; if (!s || !c) { rs = SC_BADCALL; goto rc; } - int qwasgiven = 0; int sl = strlen(s); if (!q) q = sc_query_init(); diff --git a/src/css.css b/src/css.css index 0293e79..dc78c9f 100644 --- a/src/css.css +++ b/src/css.css @@ -38,7 +38,7 @@ } } -input, textarea { +input, textarea, button { background: var(--bgc2); color: var(--fgc1); } @@ -79,7 +79,7 @@ code { color: var(--fgcodec); background-color: var(--bgcodec); } -input[type=password], input[type=text], input[type=submit], input[type=button] { +input[type=text], button { height: 1cm; font-size: large; } @@ -95,8 +95,9 @@ input[type=password], input[type=text], input[type=submit], input[type=button] { } input[name=q] { flex-grow: 4; + width: 100%; } -input[type=submit] { +button { flex-basis: 12.5%; } .SC_LOG_ERROR { @@ -127,3 +128,9 @@ input[type=submit] { .result img { height: 10em; } +button::after { + content: attr(value); +} +button span { /* rationale: links browser does not support CSS and emojis, therefore it'll show */ + display: none; /* basic default text instead of emojis. */ +} /* if browser does not support ::after, content or attr, but supports other CSS, button is blank */ diff --git a/src/example.conf b/src/example.conf new file mode 100644 index 0000000..fb406db --- /dev/null +++ b/src/example.conf @@ -0,0 +1,7 @@ +# Example config for sear.c. +# Config is read by the service manager, like systemd or openrc, sear.c does not read files. +# All configuration is passed to sear.c process via environment variables. +SC_PORT=7327 +SC_LOGLEVEL=SC_LOG_ERROR,SC_LOG_WARNING,SC_LOG_INFO,SC_LOG_DEBUG +# Enable below option and set to another search provider to fallback to when upstream sends captchas. +# SC_FALLBACK=http://sear.c.fallback:7327/? diff --git a/src/hp.html b/src/hp.html index dcde692..050c8dd 100644 --- a/src/hp.html +++ b/src/hp.html @@ -7,7 +7,7 @@ <title> %s :: sear.c </title> - <meta name=viewport content="width=device-width, initial-scale=1.0"> + <meta name=viewport content="width=device-width, initial-scale=1"> <link rel=stylesheet href=/css.css /> <link rel="shortcut icon" href=data:image/x-icon;, type=image/x-icon> <!-- prevents favicon lookups --> <link rel=icon href="data:;base64,iVBORw0KGgo="> @@ -15,10 +15,10 @@ </head> <body> <form class=container action=.> - <input accesskey=s type=text name=q value="%s" placeholder="sear.c ..." /> - <input type=submit value=🔍 /> <!-- magnifying glass emoji --> - <input accesskey=f type=submit name=f value=Ʊ /> <!-- horseshoe unicode character --> - <input accesskey=i type=submit name=i value=🖼 /> <!-- framed picture emoji - img search --> + <input accesskey=s type=text name=q value="%s" placeholder="sear.c ..." size=128/> + <button type=submit value=🔍 ><span>=></span></button> + <button accesskey=f type=submit name=f value=Ʊ ><span>1.</span></button> + <button accesskey=i type=submit name=i value=🖼 ><span>[^]</span></button> <!-- <input type=submit name=v value=🎬/> --> <!-- that thing they use in movies - vid search N/I --> %s </form> @@ -29,7 +29,7 @@ <hr> <h4 align=center> <a href=//git.sijanec.eu/sijanec/sear.c >sear.c</a> - <!-- the following is replaced by git or gentoo version --> <!--ver--> + <!-- the following is replaced by git or ebuild version --> <!--ver--> </h4> </body> </html> @@ -29,6 +29,9 @@ "katerega naj so ob takih napakah preusmerjena iskanja, dokler niso le-ta spet omogočena." #define SC_I18N_LOGS "dnevniški zapisi" #define SC_I18N_LOGS_ERROR "napaka pri branju dnevnikov" -#define SC_I18N_LOGS_NOT_ENABLED "Zbiranje dnevniških zapisov v delovni pomnilnik ni omogočeno. <code>sear.c</code> prevedite z <code>make -e CC=\"cc -DSC_LOGMEM\"</code>; z nastavitvijo zastavice <code>SC_LOGMEM</code> omogočite pregled dnevniških zapisov znotraj aplikacije. Vselej pa se vsi dnevniški zapisi pišejo tudi na standardni izhod, kar se v primeru uporabe <code>sear.c</code> kot <code>systemd</code> storitve shranjuje v sistemske dnevnike." +#define SC_I18N_LOGS_NOT_ENABLED "Zbiranje dnevniških zapisov v delovni pomnilnik ni omogočeno. <code>sear.c</code> prevedite z <code>CFLAGS=-DSC_LOGMEM make</code>; z nastavitvijo zastavice <code>SC_LOGMEM</code> omogočite pregled dnevniških zapisov znotraj aplikacije. Vselej pa se vsi dnevniški zapisi pišejo tudi na standardni izhod, kar se v primeru uporabe <code>sear.c</code> kot <code>systemd</code> storitve shranjuje v sistemske dnevnike." #define SC_I18N_GIT_URL "//git.sijanec.eu/sijanec/sear.c" #define SC_I18N_HORSESHOE_RESPONSE "Če vidite to besedilo, vaš brskalnik ne podpira preusmeritev. V tem primeru ne uporabljajte argumenta f." +#define SC_I18N_SEARCH "išči" +#define SC_I18N_HORSESHOE "hitro" +#define SC_I18N_IMAGES "slike" @@ -1,3 +1,6 @@ +#ifndef SC_LOGLEVEL +#define SC_LOGLEVEL "SC_LOG_ERROR SC_LOG_WARNING SC_LOG_INFO SC_LOG_DEBUG" +#endif const char * sc_log_str (SC_OPT_TYPE t) { switch (t & SC_LOG_MASK) { case SC_LOG_ERROR: @@ -24,9 +27,11 @@ struct sc_logentry * sc_logentry_init () { return l; } #endif -int sc_push_log (unsigned char t, struct sc_cache * c, const char * ca, char * f, size_t l, unsigned short int isf, char * m, ...) { +int sc_push_log (SC_OPT_TYPE t, struct sc_cache * c, const char * ca, char * f, size_t l, unsigned short int isf, char * m, ...) { #define SC_PLL c->logentries[c->logentries_length-1] char * compiled_message = NULL; + if (!strstr(getenv("SC_LOGLEVEL") ? getenv("SC_LOGLEVEL") : SC_LOGLEVEL, sc_log_str(t))) + return 0; #ifdef SC_LOGMEM if (!c) return -1; @@ -86,7 +86,7 @@ void sc_signalhander (int s) { int main (int argc, char ** argv) { int rs = 0; struct sc_cache * c = sc_cache_init(); - struct MHD_Daemon * d; + struct MHD_Daemon * d = NULL; if (!c) { rs = 1; goto rc; @@ -103,8 +103,9 @@ int main (int argc, char ** argv) { fprintf(stderr, "cleaning up!\n"); fflush(stderr); rc: + if (d) + MHD_stop_daemon(d); /* stop the daemon and then free, threads might still be run */ xmlCleanupParser(); - MHD_stop_daemon(d); /* stop the daemon first and the free, threads might still be running */ sc_cache_free(c); return rs; } diff --git a/src/openrc.sh b/src/openrc.sh new file mode 100755 index 0000000..192c03e --- /dev/null +++ b/src/openrc.sh @@ -0,0 +1,46 @@ +#!/sbin/openrc-run +depend() { + need net +} +# poor man's DynamicUser+TemporaryFileSystem+BindReadOnlyPaths implementation in OpenRC +command=sear.c +command_args="" +chroot=/var/run/sear.c +command_background=true +command_user="searc:searc" +pidfile=/var/run/sear.c/pid +# files read by sear.c as observed on 2022-04-17 on i386 debian: see misc/files.txt +mount_chroot() { + [ -d $1 ] && mkdir -p /var/run/sear.c$1 + [ -f $1 ] && mkdir -p /var/run/sear.c`echo $1 | rev | cut -d/ -f 2- | rev` && touch /var/run/sear.c$1 + [ -e $1 ] && mount -o nosuid,ro --bind $1 /var/run/sear.c$1 +} +start_pre() { + [ -f /etc/sear.c ] && . /etc/sear.c + export SC_PORT SC_FALLBACK SC_LOGLEVEL + checkpath --directory-truncate --directory --mode 0755 --owner root:root /var/run/sear.c + pidfile=/pid # logger runs without chroot as searc user in order to show searc instead of root in syslog. + which logger 2>&1 > /dev/null \ + && start_stop_daemon_args="--stderr-logger-before-chroot \"su searc --shell `which logger`\" --stdout-logger-before-chroot \"su searc --shell `which logger`\"" + mount_chroot /lib # a question for anyone reading this: we have now two processes on the system, one chrooted that runs sear.c and one outside of chroot that runs + mount_chroot /lib64 # logger. could the chrooted process somehow get access to the outside of the chroot by somehow communicating with his logger process? note that + mount_chroot /usr/lib # procfs is not mounted. Could it do that if procfs was to be mounted? + mount_chroot /usr/lib64 + mount_chroot /usr/bin/sear.c + mount_chroot /etc/gai.conf + mount_chroot /etc/host.conf + mount_chroot /etc/hosts + mount_chroot /etc/localtime + mount_chroot /etc/nsswitch.conf + mount_chroot /etc/resolv.conf + mount_chroot /etc/ld.so.conf + mount_chroot /etc/ld.so.conf.d + mount_chroot /etc/ld.so.cache +} +stop_post() { + nodelete=0 + for dir in `grep run/sear.c /proc/mounts | cut -d' ' -f2`; do # /var/run is usually symlink to /run, so we only grep for run/sear.c + umount $dir || nodelete=1 + done + [ $nodelete -eq 0 ] && rm -rf /var/run/sear.c +} diff --git a/src/structs.c b/src/structs.c index 650eb88..6deea3e 100644 --- a/src/structs.c +++ b/src/structs.c @@ -50,7 +50,7 @@ struct sc_cache { pthread_rwlock_t * logentries_lock; #endif }; -int sc_push_log (unsigned char t, struct sc_cache * c, const char * ca, char * f, size_t l, unsigned short int isf, char * m, ...); +int sc_push_log (SC_OPT_TYPE t, struct sc_cache * c, const char * ca, char * f, size_t l, unsigned short int isf, char * m, ...); struct sc_result { struct sc_query * query; /* nofree - free from sc_cache */ char * url; /* yesfree - url of referer page when image searching */ |