1
0
mirror of https://github.com/rkd77/elinks.git synced 2024-11-04 08:17:17 -05:00
elinks/src
Kamil Dudka 5e113362da http_negotiate: do not delegate GSSAPI credentials
CVE-2012-4545.  Reported by Marko Myllynen.
(cherry picked from elinks-0.12 commit da18694ff7)
2012-11-03 23:01:28 +02:00
..
bfu bug 764: Initialize the right member of union option_value 2012-11-03 22:16:32 +02:00
bookmarks bug 764: Initialize the right member of union option_value 2012-11-03 22:16:32 +02:00
cache Call follow-url hook on redirects 2011-11-14 04:34:50 +00:00
config bug 764: Convert sentinel to struct option 2012-11-03 23:01:28 +02:00
cookies bug 764: Initialize the right member of union option_value 2012-11-03 22:16:32 +02:00
dialogs menu_keys(): Do not compare different enums 2011-09-24 02:10:54 +02:00
document bug 764: Initialize the right member of union option_value 2012-11-03 22:16:32 +02:00
dom Remove variables that were set but not used 2011-09-24 02:25:51 +02:00
ecmascript bug 764: Initialize the right member of union option_value 2012-11-03 22:16:32 +02:00
encoding Removed code using pipes for decompression and simplified decompress_data. 2010-09-24 16:12:35 +02:00
formhist bug 764: Initialize the right member of union option_value 2012-11-03 22:16:32 +02:00
globhist bug 764: Initialize the right member of union option_value 2012-11-03 22:16:32 +02:00
intl Pass -Wno-uninitialized for the gettext compilation. 2011-10-08 12:07:02 +02:00
main bug 764: Initialize the right member of union option_value 2012-11-03 22:16:32 +02:00
mime bug 764: Initialize the right member of union option_value 2012-11-03 22:16:32 +02:00
network bug 764: Initialize the right member of union option_value 2012-11-03 22:16:32 +02:00
osdep Do not set FD_SETSIZE too high on Windows. 2012-08-08 22:22:37 +02:00
protocol http_negotiate: do not delegate GSSAPI credentials 2012-11-03 23:01:28 +02:00
scripting bug 764, LUA: option_types[OPT_INT].set needs long * 2012-11-03 23:01:28 +02:00
session exec_later: use mem_calloc instead of calloc 2011-11-15 20:14:14 +00:00
terminal Don't retry get_window_title 2012-11-03 22:14:48 +02:00
util Show fractions of MiBs in download progress dialogs. 2012-05-08 13:29:20 +02:00
viewer draw_space: Check for a non-space only in first 10 chars of the line. 2012-07-11 11:39:26 +02:00
.gitignore Ignore tags file 2007-08-08 14:25:38 +02:00
elinks.h TRE: Check for 32-bit wchar_t at configure time 2009-05-21 17:22:12 +03:00
Makefile Added $(EXEEXT) for executables. 2010-03-22 09:35:15 +01:00
README
setup.h Make copyright info independent from translations. 2007-10-03 11:53:09 +02:00
vernum.c
vernum.h

				  The Big View

The whole dependency tree is supposed (in ideal world) to look somewhat like
the following. Please note that this deals only with the core parts of ELinks,
not extensions like bookmarks, cookies, globhist, mime etc. Those act like
modules and are generally self-contained - the main visible difference is that
they don't have their UI stuff in dialogs/foo.c but in foo/dialogs.c.

Note also that it isn't all that clean-cut as it looks. Some parts of e.g.
lowlevel/ or osdep/ are omnipresent as well and it's meant to be so (at least
for now). Also some other exceptions are possible; the exception to this is
util/, where no exceptions are permitted - it must have no dependencies to the
rest of the code whatsoever, not even compile-time ones. The other way around,
the gettext part of intl/ is generally omnipresent but the charset part is
pretty isolated - it could be probably drawn as connected to document and
terminal (actually, it is used when encoding forms in viewer too, but that
stuff should be probably moved to document).

viewer/ contains code concerning that big rectangle between bars at the top
and bars at the bottom, documents usually being shown inside. Logically, it
is in fact kind of a BFU widget, but in practice it has little in common with
the bfu/ widgets, it is special in many ways and deeply woven to the fabric
of session/ (e.g. session history is basically a chain of viewer widget
descriptors).

dialogs/ is special too. It in fact means to say "global and unique BFU
instances belonging to the ELinks core"/ but that's a rather long and boring
name, besides the nightmares associated with maintaining files and directories
containing spaces in GIT. The "global and unique BFU instances" part can be
represented by exmode, menus and leds (were they there). The "ELinks core"
part can be represented by options, document and downloads. The reason those
aren't in their respective directories (while bookmarks or formhist have their
dialogs.c) is that it's important to keep the dependencies sorted out
reasonably. Had there been e.g. terminal/dialogs.c, it would mean libterminal
has to depend on libbfu.a and so. (There are two 'managerial' exceptions
to this; don't dig into them, please. ;-)

scripting/ (== browser scripting) is also expected to hook all around, perhaps
it should be better in the omnipresent box.

The edges are directed and represent the "using" relation. Therefore,
"bfu -> terminal" means "bfu/ is using terminal/ services (but not
the other way around)".

.---------.
| util/   | <-- This is omnipresent :)
| config/ |
| intl/   |
`---------'

                   .-------.         .---------.
                   |  bfu  |<------- | dialogs |
                   `-------' \       `---------'
                       v      `---.       |
                 .----------.      \ .--------.
                 | terminal | <----- | viewer | <-----------------.
               / `----------'     .> `--------'                   |
           .--'        v         /        v                       v
.-------. /      .----------.   |    .----------.       .----/ecmascript/----.
| osdep |<------ | lowlevel |   |    | document | ----> | document scripting |
`-------' \      `----------'   |    `----------'       `--------------------'
           `---.       ^         \        ^
                \ .---------.     `> .---------.        .----/scripting/----.
                  | network | <----- | session | -----> | browser scripting |
                  `---------'      / `---------'        `-------------------'
                       ^       .--'
                 .----------. <
                 | protocol |
                 `----------'