X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=urlmatch.c;h=2bd5a8f85fbc9c6d65ab9190f6d8ab7a87788e2c;hp=3e807bbd5a7a7edce501ef7eed4f8feb6b0a1bd6;hb=da6d6e7115b36cd4e03460c9c49a212edacb159a;hpb=9b87e59614c7e19ed0b40d9037fbf77ae9871214 diff --git a/urlmatch.c b/urlmatch.c index 3e807bbd..2bd5a8f8 100644 --- a/urlmatch.c +++ b/urlmatch.c @@ -1,4 +1,3 @@ -const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.75 2012/12/07 12:49:47 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/urlmatch.c,v $ @@ -6,8 +5,8 @@ const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.75 2012/12/07 12:49:47 fabianke * Purpose : Declares functions to match URLs against URL * patterns. * - * Copyright : Written by and Copyright (C) 2001-2011 - * the Privoxy team. http://www.privoxy.org/ + * Copyright : Written by and Copyright (C) 2001-2014 + * the Privoxy team. https://www.privoxy.org/ * * Based on the Internet Junkbuster originally written * by and Copyright (C) 1997 Anonymous Coders and @@ -56,8 +55,6 @@ const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.75 2012/12/07 12:49:47 fabianke #include "miscutil.h" #include "errlog.h" -const char urlmatch_h_rcs[] = URLMATCH_H_VERSION; - enum regex_anchoring { NO_ANCHORING, @@ -90,7 +87,7 @@ void free_http_request(struct http_request *http) freez(http->url); freez(http->hostport); freez(http->path); - freez(http->ver); + freez(http->version); freez(http->host_ip_addr_str); #ifndef FEATURE_EXTENDED_HOST_PATTERNS freez(http->dbuffer); @@ -454,6 +451,12 @@ static int unknown_method(const char *method) */ "VERSION-CONTROL", "REPORT", "CHECKOUT", "CHECKIN", "UNCHECKOUT", "MKWORKSPACE", "UPDATE", "LABEL", "MERGE", "BASELINE-CONTROL", "MKACTIVITY", + /* + * The PATCH method is defined by RFC5789, the format of the + * actual patch in the body depends on the application, but from + * Privoxy's point of view it doesn't matter. + */ + "PATCH", }; int i; @@ -470,6 +473,50 @@ static int unknown_method(const char *method) } +/********************************************************************* + * + * Function : normalize_http_version + * + * Description : Take a supported HTTP version string and remove + * leading zeroes etc., reject unsupported versions. + * + * This is an explicit RFC 2616 (3.1) MUST and + * RFC 7230 mandates that intermediaries send their + * own HTTP-version in forwarded messages. + * + * Parameters : + * 1 : http_version = HTTP version string + * + * Returns : JB_ERR_OK on success + * JB_ERR_PARSE if the HTTP version is unsupported + * + *********************************************************************/ +static jb_err normalize_http_version(char *http_version) +{ + unsigned int major_version; + unsigned int minor_version; + + if (2 != sscanf(http_version, "HTTP/%u.%u", &major_version, &minor_version)) + { + log_error(LOG_LEVEL_ERROR, "Unsupported HTTP version: %s", http_version); + return JB_ERR_PARSE; + } + + if (major_version != 1 || (minor_version != 0 && minor_version != 1)) + { + log_error(LOG_LEVEL_ERROR, "The only supported HTTP " + "versions are 1.0 and 1.1. This rules out: %s", http_version); + return JB_ERR_PARSE; + } + + assert(strlen(http_version) >= 8); + snprintf(http_version, 9, "HTTP/%u.%u", major_version, minor_version); + + return JB_ERR_OK; + +} + + /********************************************************************* * * Function : parse_http_request @@ -489,7 +536,7 @@ static int unknown_method(const char *method) jb_err parse_http_request(const char *req, struct http_request *http) { char *buf; - char *v[10]; /* XXX: Why 10? We should only need three. */ + char *v[3]; int n; jb_err err; @@ -520,10 +567,8 @@ jb_err parse_http_request(const char *req, struct http_request *http) return JB_ERR_PARSE; } - if (strcmpic(v[2], "HTTP/1.1") && strcmpic(v[2], "HTTP/1.0")) + if (JB_ERR_OK != normalize_http_version(v[2])) { - log_error(LOG_LEVEL_ERROR, "The only supported HTTP " - "versions are 1.0 and 1.1. This rules out: %s", v[2]); freez(buf); return JB_ERR_PARSE; } @@ -542,7 +587,8 @@ jb_err parse_http_request(const char *req, struct http_request *http) */ http->cmd = strdup_or_die(req); http->gpc = strdup_or_die(v[0]); - http->ver = strdup_or_die(v[2]); + http->version = strdup_or_die(v[2]); + http->ocmd = strdup_or_die(http->cmd); freez(buf); @@ -568,7 +614,6 @@ jb_err parse_http_request(const char *req, struct http_request *http) * 4 : regex = Where the compiled regex should be stored. * * Returns : JB_ERR_OK - Success - * JB_ERR_MEMORY - Out of memory * JB_ERR_PARSE - Cannot parse regex * *********************************************************************/ @@ -576,11 +621,11 @@ static jb_err compile_pattern(const char *pattern, enum regex_anchoring anchorin struct pattern_spec *url, regex_t **regex) { int errcode; - char rebuf[BUFFER_SIZE]; const char *fmt = NULL; + char *rebuf; + size_t rebuf_size; assert(pattern); - assert(strlen(pattern) < sizeof(rebuf) - 2); if (pattern[0] == '\0') { @@ -606,32 +651,30 @@ static jb_err compile_pattern(const char *pattern, enum regex_anchoring anchorin log_error(LOG_LEVEL_FATAL, "Invalid anchoring in compile_pattern %d", anchoring); } + rebuf_size = strlen(pattern) + strlen(fmt); + rebuf = malloc_or_die(rebuf_size); + *regex = zalloc_or_die(sizeof(**regex)); - *regex = zalloc(sizeof(**regex)); - if (NULL == *regex) - { - free_url_spec(url); - return JB_ERR_MEMORY; - } - - snprintf(rebuf, sizeof(rebuf), fmt, pattern); + snprintf(rebuf, rebuf_size, fmt, pattern); errcode = regcomp(*regex, rebuf, (REG_EXTENDED|REG_NOSUB|REG_ICASE)); if (errcode) { - size_t errlen = regerror(errcode, *regex, rebuf, sizeof(rebuf)); - if (errlen > (sizeof(rebuf) - (size_t)1)) + size_t errlen = regerror(errcode, *regex, rebuf, rebuf_size); + if (errlen > (rebuf_size - (size_t)1)) { - errlen = sizeof(rebuf) - (size_t)1; + errlen = rebuf_size - (size_t)1; } rebuf[errlen] = '\0'; log_error(LOG_LEVEL_ERROR, "error compiling %s from %s: %s", pattern, url->spec, rebuf); - free_url_spec(url); + free_pattern_spec(url); + freez(rebuf); return JB_ERR_PARSE; } + freez(rebuf); return JB_ERR_OK; @@ -774,22 +817,22 @@ static jb_err compile_host_pattern(struct pattern_spec *url, const char *host_pa */ if (host_pattern[strlen(host_pattern) - 1] == '.') { - url->unanchored |= ANCHOR_RIGHT; + url->pattern.url_spec.unanchored |= ANCHOR_RIGHT; } if (host_pattern[0] == '.') { - url->unanchored |= ANCHOR_LEFT; + url->pattern.url_spec.unanchored |= ANCHOR_LEFT; } /* * Split domain into components */ - url->dbuffer = strdup_or_die(host_pattern); + url->pattern.url_spec.dbuffer = strdup_or_die(host_pattern); /* * Map to lower case */ - for (p = url->dbuffer; *p ; p++) + for (p = url->pattern.url_spec.dbuffer; *p ; p++) { *p = (char)privoxy_tolower(*p); } @@ -797,23 +840,23 @@ static jb_err compile_host_pattern(struct pattern_spec *url, const char *host_pa /* * Split the domain name into components */ - url->dcount = ssplit(url->dbuffer, ".", v, SZ(v)); + url->pattern.url_spec.dcount = ssplit(url->pattern.url_spec.dbuffer, ".", v, SZ(v)); - if (url->dcount < 0) + if (url->pattern.url_spec.dcount < 0) { - free_url_spec(url); + free_pattern_spec(url); return JB_ERR_PARSE; } - else if (url->dcount != 0) + else if (url->pattern.url_spec.dcount != 0) { /* * Save a copy of the pointers in dvec */ - size = (size_t)url->dcount * sizeof(*url->dvec); + size = (size_t)url->pattern.url_spec.dcount * sizeof(*url->pattern.url_spec.dvec); - url->dvec = malloc_or_die(size); + url->pattern.url_spec.dvec = malloc_or_die(size); - memcpy(url->dvec, v, size); + memcpy(url->pattern.url_spec.dvec, v, size); } /* * else dcount == 0 in which case we needn't do anything, @@ -1003,25 +1046,25 @@ static int simple_domaincmp(char **pv, char **fv, int len) * Function : domain_match * * Description : Domain-wise Compare fqdn's. Governed by the bimap in - * pattern->unachored, the comparison is un-, left-, + * p.pattern->unachored, the comparison is un-, left-, * right-anchored, or both. * The individual domain names are compared with * simplematch(). * * Parameters : - * 1 : pattern = a domain that may contain a '*' as a wildcard. + * 1 : p = a domain that may contain a '*' as a wildcard. * 2 : fqdn = domain name against which the patterns are compared. * * Returns : 0 => domains are equivalent, else no match. * *********************************************************************/ -static int domain_match(const struct pattern_spec *pattern, const struct http_request *fqdn) +static int domain_match(const struct pattern_spec *p, const struct http_request *fqdn) { char **pv, **fv; /* vectors */ int plen, flen; - int unanchored = pattern->unanchored & (ANCHOR_RIGHT | ANCHOR_LEFT); + int unanchored = p->pattern.url_spec.unanchored & (ANCHOR_RIGHT | ANCHOR_LEFT); - plen = pattern->dcount; + plen = p->pattern.url_spec.dcount; flen = fqdn->dcount; if (flen < plen) @@ -1030,7 +1073,7 @@ static int domain_match(const struct pattern_spec *pattern, const struct http_re return 1; } - pv = pattern->dvec; + pv = p->pattern.url_spec.dvec; fv = fqdn->dvec; if (unanchored == ANCHOR_LEFT) @@ -1084,18 +1127,18 @@ static int domain_match(const struct pattern_spec *pattern, const struct http_re /********************************************************************* * - * Function : create_url_spec + * Function : create_pattern_spec * - * Description : Creates a "url_spec" structure from a string. - * When finished, free with free_url_spec(). + * Description : Creates a "pattern_spec" structure from a string. + * When finished, free with free_pattern_spec(). * * Parameters : - * 1 : url = Target url_spec to be filled in. Will be - * zeroed before use. + * 1 : pattern = Target pattern_spec to be filled in. + * Will be zeroed before use. * 2 : buf = Source pattern, null terminated. NOTE: The * contents of this buffer are destroyed by this * function. If this function succeeds, the - * buffer is copied to url->spec. If this + * buffer is copied to pattern->spec. If this * function fails, the contents of the buffer * are lost forever. * @@ -1104,68 +1147,98 @@ static int domain_match(const struct pattern_spec *pattern, const struct http_re * written to system log) * *********************************************************************/ -jb_err create_url_spec(struct pattern_spec *url, char *buf) +jb_err create_pattern_spec(struct pattern_spec *pattern, char *buf) { - assert(url); + static const struct + { + /** The tag pattern prefix to match */ + const char *prefix; + + /** The length of the prefix to match */ + const size_t prefix_length; + + /** The pattern flag */ + const unsigned flag; + } tag_pattern[] = { + { "TAG:", 4, PATTERN_SPEC_TAG_PATTERN}, + #ifdef FEATURE_CLIENT_TAGS + { "CLIENT-TAG:", 11, PATTERN_SPEC_CLIENT_TAG_PATTERN}, + #endif + { "NO-REQUEST-TAG:", 15, PATTERN_SPEC_NO_REQUEST_TAG_PATTERN}, + { "NO-RESPONSE-TAG:", 16, PATTERN_SPEC_NO_RESPONSE_TAG_PATTERN} + }; + int i; + + assert(pattern); assert(buf); - memset(url, '\0', sizeof(*url)); + memset(pattern, '\0', sizeof(*pattern)); /* Remember the original specification for the CGI pages. */ - url->spec = strdup_or_die(buf); + pattern->spec = strdup_or_die(buf); - /* Is it a tag pattern? */ - if (0 == strncmpic(url->spec, "TAG:", 4)) + /* Check if it's a tag pattern */ + for (i = 0; i < SZ(tag_pattern); i++) { - /* The pattern starts with the first character after "TAG:" */ - const char *tag_pattern = buf + 4; - return compile_pattern(tag_pattern, NO_ANCHORING, url, &url->pattern.tag_regex); + if (0 == strncmpic(pattern->spec, tag_pattern[i].prefix, tag_pattern[i].prefix_length)) + { + /* The regex starts after the prefix */ + const char *tag_regex = buf + tag_pattern[i].prefix_length; + + pattern->flags |= tag_pattern[i].flag; + + return compile_pattern(tag_regex, NO_ANCHORING, pattern, + &pattern->pattern.tag_regex); + } } /* If it isn't a tag pattern it must be an URL pattern. */ - return compile_url_pattern(url, buf); + pattern->flags |= PATTERN_SPEC_URL_PATTERN; + + return compile_url_pattern(pattern, buf); + } /********************************************************************* * - * Function : free_url_spec + * Function : free_pattern_spec * - * Description : Called from the "unloaders". Freez the url + * Description : Called from the "unloaders". Freez the pattern * structure elements. * * Parameters : - * 1 : url = pointer to a pattern_spec structure. + * 1 : pattern = pointer to a pattern_spec structure. * * Returns : N/A * *********************************************************************/ -void free_url_spec(struct pattern_spec *url) +void free_pattern_spec(struct pattern_spec *pattern) { - if (url == NULL) return; + if (pattern == NULL) return; - freez(url->spec); + freez(pattern->spec); #ifdef FEATURE_EXTENDED_HOST_PATTERNS - if (url->pattern.url_spec.host_regex) + if (pattern->pattern.url_spec.host_regex) { - regfree(url->pattern.url_spec.host_regex); - freez(url->pattern.url_spec.host_regex); + regfree(pattern->pattern.url_spec.host_regex); + freez(pattern->pattern.url_spec.host_regex); } #else - freez(url->pattern.url_spec.dbuffer); - freez(url->pattern.url_spec.dvec); - url->pattern.url_spec.dcount = 0; + freez(pattern->pattern.url_spec.dbuffer); + freez(pattern->pattern.url_spec.dvec); + pattern->pattern.url_spec.dcount = 0; #endif /* ndef FEATURE_EXTENDED_HOST_PATTERNS */ - freez(url->pattern.url_spec.port_list); - if (url->pattern.url_spec.preg) + freez(pattern->pattern.url_spec.port_list); + if (pattern->pattern.url_spec.preg) { - regfree(url->pattern.url_spec.preg); - freez(url->pattern.url_spec.preg); + regfree(pattern->pattern.url_spec.preg); + freez(pattern->pattern.url_spec.preg); } - if (url->pattern.tag_regex) + if (pattern->pattern.tag_regex) { - regfree(url->pattern.tag_regex); - freez(url->pattern.tag_regex); + regfree(pattern->pattern.tag_regex); + freez(pattern->pattern.tag_regex); } } @@ -1205,6 +1278,7 @@ static int port_matches(const int port, const char *port_list) static int host_matches(const struct http_request *http, const struct pattern_spec *pattern) { + assert(http->host != NULL); #ifdef FEATURE_EXTENDED_HOST_PATTERNS return ((NULL == pattern->pattern.url_spec.host_regex) || (0 == regexec(pattern->pattern.url_spec.host_regex, http->host, 0, NULL, 0))); @@ -1250,9 +1324,9 @@ static int path_matches(const char *path, const struct pattern_spec *pattern) int url_match(const struct pattern_spec *pattern, const struct http_request *http) { - if (pattern->pattern.tag_regex != NULL) + if (!(pattern->flags & PATTERN_SPEC_URL_PATTERN)) { - /* It's a tag pattern and shouldn't be matched against URLs */ + /* It's not an URL pattern and thus shouldn't be matched against URLs */ return 0; } @@ -1346,31 +1420,53 @@ int match_portlist(const char *portlist, int port) * * Function : parse_forwarder_address * - * Description : Parse out the host and port from a forwarder address. + * Description : Parse out the username, password, host and port from + * a forwarder address. * * Parameters : * 1 : address = The forwarder address to parse. * 2 : hostname = Used to return the hostname. NULL on error. * 3 : port = Used to return the port. Untouched if no port * is specified. + * 4 : username = Used to return the username if any. + * 5 : password = Used to return the password if any. * * Returns : JB_ERR_OK on success * JB_ERR_MEMORY on out of memory * JB_ERR_PARSE on malformed address. * *********************************************************************/ -jb_err parse_forwarder_address(char *address, char **hostname, int *port) +jb_err parse_forwarder_address(char *address, char **hostname, int *port, + char **username, char **password) { - char *p = address; + char *p; + char *tmp; + + tmp = *hostname = strdup_or_die(address); + + /* Parse username and password */ + if (username && password && (NULL != (p = strchr(*hostname, '@')))) + { + *p++ = '\0'; + *username = strdup_or_die(*hostname); + *hostname = strdup_or_die(p); - if ((*address == '[') && (NULL == strchr(address, ']'))) + if (NULL != (p = strchr(*username, ':'))) + { + *p++ = '\0'; + *password = strdup_or_die(p); + } + freez(tmp); + } + + /* Parse hostname and port */ + p = *hostname; + if ((*p == '[') && (NULL == strchr(p, ']'))) { /* XXX: Should do some more validity checks here. */ return JB_ERR_PARSE; } - *hostname = strdup_or_die(address); - if ((**hostname == '[') && (NULL != (p = strchr(*hostname, ']')))) { *p++ = '\0';