-const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.81 2014/05/26 10:48:07 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/urlmatch.c,v $
* Purpose : Declares functions to match URLs against URL
* patterns.
*
- * Copyright : Written by and Copyright (C) 2001-2011
- * the Privoxy team. http://www.privoxy.org/
+ * Copyright : Written by and Copyright (C) 2001-2014
+ * the Privoxy team. https://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
* by and Copyright (C) 1997 Anonymous Coders and
#include "miscutil.h"
#include "errlog.h"
-const char urlmatch_h_rcs[] = URLMATCH_H_VERSION;
-
enum regex_anchoring
{
NO_ANCHORING,
freez(http->url);
freez(http->hostport);
freez(http->path);
- freez(http->ver);
+ freez(http->version);
freez(http->host_ip_addr_str);
#ifndef FEATURE_EXTENDED_HOST_PATTERNS
freez(http->dbuffer);
*/
"VERSION-CONTROL", "REPORT", "CHECKOUT", "CHECKIN", "UNCHECKOUT",
"MKWORKSPACE", "UPDATE", "LABEL", "MERGE", "BASELINE-CONTROL", "MKACTIVITY",
+ /*
+ * The PATCH method is defined by RFC5789, the format of the
+ * actual patch in the body depends on the application, but from
+ * Privoxy's point of view it doesn't matter.
+ */
+ "PATCH",
};
int i;
}
+/*********************************************************************
+ *
+ * Function : normalize_http_version
+ *
+ * Description : Take a supported HTTP version string and remove
+ * leading zeroes etc., reject unsupported versions.
+ *
+ * This is an explicit RFC 2616 (3.1) MUST and
+ * RFC 7230 mandates that intermediaries send their
+ * own HTTP-version in forwarded messages.
+ *
+ * Parameters :
+ * 1 : http_version = HTTP version string
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_PARSE if the HTTP version is unsupported
+ *
+ *********************************************************************/
+static jb_err normalize_http_version(char *http_version)
+{
+ unsigned int major_version;
+ unsigned int minor_version;
+
+ if (2 != sscanf(http_version, "HTTP/%u.%u", &major_version, &minor_version))
+ {
+ log_error(LOG_LEVEL_ERROR, "Unsupported HTTP version: %s", http_version);
+ return JB_ERR_PARSE;
+ }
+
+ if (major_version != 1 || (minor_version != 0 && minor_version != 1))
+ {
+ log_error(LOG_LEVEL_ERROR, "The only supported HTTP "
+ "versions are 1.0 and 1.1. This rules out: %s", http_version);
+ return JB_ERR_PARSE;
+ }
+
+ assert(strlen(http_version) >= 8);
+ snprintf(http_version, 9, "HTTP/%u.%u", major_version, minor_version);
+
+ return JB_ERR_OK;
+
+}
+
+
/*********************************************************************
*
* Function : parse_http_request
return JB_ERR_PARSE;
}
- if (strcmpic(v[2], "HTTP/1.1") && strcmpic(v[2], "HTTP/1.0"))
+ if (JB_ERR_OK != normalize_http_version(v[2]))
{
- log_error(LOG_LEVEL_ERROR, "The only supported HTTP "
- "versions are 1.0 and 1.1. This rules out: %s", v[2]);
freez(buf);
return JB_ERR_PARSE;
}
*/
http->cmd = strdup_or_die(req);
http->gpc = strdup_or_die(v[0]);
- http->ver = strdup_or_die(v[2]);
+ http->version = strdup_or_die(v[2]);
http->ocmd = strdup_or_die(http->cmd);
freez(buf);
* 4 : regex = Where the compiled regex should be stored.
*
* Returns : JB_ERR_OK - Success
- * JB_ERR_MEMORY - Out of memory
* JB_ERR_PARSE - Cannot parse regex
*
*********************************************************************/
struct pattern_spec *url, regex_t **regex)
{
int errcode;
- char rebuf[BUFFER_SIZE];
const char *fmt = NULL;
+ char *rebuf;
+ size_t rebuf_size;
assert(pattern);
- assert(strlen(pattern) < sizeof(rebuf) - 2);
if (pattern[0] == '\0')
{
log_error(LOG_LEVEL_FATAL,
"Invalid anchoring in compile_pattern %d", anchoring);
}
+ rebuf_size = strlen(pattern) + strlen(fmt);
+ rebuf = malloc_or_die(rebuf_size);
+ *regex = zalloc_or_die(sizeof(**regex));
- *regex = zalloc(sizeof(**regex));
- if (NULL == *regex)
- {
- free_pattern_spec(url);
- return JB_ERR_MEMORY;
- }
-
- snprintf(rebuf, sizeof(rebuf), fmt, pattern);
+ snprintf(rebuf, rebuf_size, fmt, pattern);
errcode = regcomp(*regex, rebuf, (REG_EXTENDED|REG_NOSUB|REG_ICASE));
if (errcode)
{
- size_t errlen = regerror(errcode, *regex, rebuf, sizeof(rebuf));
- if (errlen > (sizeof(rebuf) - (size_t)1))
+ size_t errlen = regerror(errcode, *regex, rebuf, rebuf_size);
+ if (errlen > (rebuf_size - (size_t)1))
{
- errlen = sizeof(rebuf) - (size_t)1;
+ errlen = rebuf_size - (size_t)1;
}
rebuf[errlen] = '\0';
log_error(LOG_LEVEL_ERROR, "error compiling %s from %s: %s",
pattern, url->spec, rebuf);
free_pattern_spec(url);
+ freez(rebuf);
return JB_ERR_PARSE;
}
+ freez(rebuf);
return JB_ERR_OK;
const unsigned flag;
} tag_pattern[] = {
{ "TAG:", 4, PATTERN_SPEC_TAG_PATTERN},
+ #ifdef FEATURE_CLIENT_TAGS
+ { "CLIENT-TAG:", 11, PATTERN_SPEC_CLIENT_TAG_PATTERN},
+ #endif
{ "NO-REQUEST-TAG:", 15, PATTERN_SPEC_NO_REQUEST_TAG_PATTERN},
{ "NO-RESPONSE-TAG:", 16, PATTERN_SPEC_NO_RESPONSE_TAG_PATTERN}
};
static int host_matches(const struct http_request *http,
const struct pattern_spec *pattern)
{
+ assert(http->host != NULL);
#ifdef FEATURE_EXTENDED_HOST_PATTERNS
return ((NULL == pattern->pattern.url_spec.host_regex)
|| (0 == regexec(pattern->pattern.url_spec.host_regex, http->host, 0, NULL, 0)));
*
* Function : parse_forwarder_address
*
- * Description : Parse out the host and port from a forwarder address.
+ * Description : Parse out the username, password, host and port from
+ * a forwarder address.
*
* Parameters :
* 1 : address = The forwarder address to parse.
* 2 : hostname = Used to return the hostname. NULL on error.
* 3 : port = Used to return the port. Untouched if no port
* is specified.
+ * 4 : username = Used to return the username if any.
+ * 5 : password = Used to return the password if any.
*
* Returns : JB_ERR_OK on success
* JB_ERR_MEMORY on out of memory
* JB_ERR_PARSE on malformed address.
*
*********************************************************************/
-jb_err parse_forwarder_address(char *address, char **hostname, int *port)
+jb_err parse_forwarder_address(char *address, char **hostname, int *port,
+ char **username, char **password)
{
- char *p = address;
+ char *p;
+ char *tmp;
+
+ tmp = *hostname = strdup_or_die(address);
- if ((*address == '[') && (NULL == strchr(address, ']')))
+ /* Parse username and password */
+ if (username && password && (NULL != (p = strchr(*hostname, '@'))))
+ {
+ *p++ = '\0';
+ *username = strdup_or_die(*hostname);
+ *hostname = strdup_or_die(p);
+
+ if (NULL != (p = strchr(*username, ':')))
+ {
+ *p++ = '\0';
+ *password = strdup_or_die(p);
+ }
+ freez(tmp);
+ }
+
+ /* Parse hostname and port */
+ p = *hostname;
+ if ((*p == '[') && (NULL == strchr(p, ']')))
{
/* XXX: Should do some more validity checks here. */
return JB_ERR_PARSE;
}
- *hostname = strdup_or_die(address);
-
if ((**hostname == '[') && (NULL != (p = strchr(*hostname, ']'))))
{
*p++ = '\0';