X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=urlmatch.c;h=65f9ba4f1b63b30885eb8e15e875d86ede18fb02;hp=77c63916141258333f7f709abca7ffea06c63e48;hb=81bc12b6013fb4a4043614934dccd3b2a51065f9;hpb=e54837ffdfd9bc724ad3f96bf8d4cf6bab285ca2

diff --git a/urlmatch.c b/urlmatch.c
index 77c63916..65f9ba4f 100644
--- a/urlmatch.c
+++ b/urlmatch.c
@@ -1,4 +1,4 @@
-const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.39 2008/04/22 16:27:42 fabiankeil Exp $";
+const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.45 2008/06/21 21:19:18 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/urlmatch.c,v $
@@ -6,8 +6,8 @@ const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.39 2008/04/22 16:27:42 fabianke
  * Purpose     :  Declares functions to match URLs against URL
  *                patterns.
  *
- * Copyright   :  Written by and Copyright (C) 2001-2003, 2006-2008 the SourceForge
- *                Privoxy team. http://www.privoxy.org/
+ * Copyright   :  Written by and Copyright (C) 2001-2009
+ *                the Privoxy team. http://www.privoxy.org/
  *
  *                Based on the Internet Junkbuster originally written
  *                by and Copyright (C) 1997 Anonymous Coders and
@@ -33,6 +33,27 @@ const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.39 2008/04/22 16:27:42 fabianke
  *
  * Revisions   :
  *    $Log: urlmatch.c,v $
+ *    Revision 1.45  2008/06/21 21:19:18  fabiankeil
+ *    Silence bogus compiler warning.
+ *
+ *    Revision 1.44  2008/05/04 16:18:32  fabiankeil
+ *    Provide parse_http_url() with a third parameter to specify
+ *    whether or not URLs without protocol are acceptable.
+ *
+ *    Revision 1.43  2008/05/04 13:30:55  fabiankeil
+ *    Streamline parse_http_url()'s prototype.
+ *
+ *    Revision 1.42  2008/05/04 13:24:16  fabiankeil
+ *    If the method isn't CONNECT, reject URLs without protocol.
+ *
+ *    Revision 1.41  2008/05/02 09:51:34  fabiankeil
+ *    In parse_http_url(), don't muck around with values
+ *    that are none of its business: require an initialized
+ *    http structure and never unset http->ssl.
+ *
+ *    Revision 1.40  2008/04/23 16:12:28  fabiankeil
+ *    Free with freez().
+ *
  *    Revision 1.39  2008/04/22 16:27:42  fabiankeil
  *    In parse_http_request(), remove a pointless
  *    temporary variable and free the buffer earlier.
@@ -359,10 +380,9 @@ jb_err init_domain_components(struct http_request *http)
  * Parameters  :
  *          1  :  url = URL (or is it URI?) to break down
  *          2  :  http = pointer to the http structure to hold elements.
- *                       Will be zeroed before use.  Note that this
- *                       function sets the http->gpc and http->ver
- *                       members to NULL.
- *          3  :  csp = Current client state (buffers, headers, etc...)
+ *                       Must be initialized with valid values (like NULLs).
+ *          3  :  require_protocol = Whether or not URLs without
+ *                                   protocol are acceptable.
  *
  * Returns     :  JB_ERR_OK on success
  *                JB_ERR_MEMORY on out of memory
@@ -370,18 +390,10 @@ jb_err init_domain_components(struct http_request *http)
  *                             or >100 domains deep.
  *
  *********************************************************************/
-jb_err parse_http_url(const char * url,
-                      struct http_request *http,
-                      const struct client_state *csp)
+jb_err parse_http_url(const char *url, struct http_request *http, int require_protocol)
 {
    int host_available = 1; /* A proxy can dream. */
 
-   /*
-    * Zero out the results structure
-    */
-   memset(http, '\0', sizeof(*http));
-
-
    /*
     * Save our initial URL
     */
@@ -429,10 +441,12 @@ jb_err parse_http_url(const char * url,
       if (strncmpic(url_noproto, "http://",  7) == 0)
       {
          url_noproto += 7;
-         http->ssl = 0;
       }
       else if (strncmpic(url_noproto, "https://", 8) == 0)
       {
+         /*
+          * Should only happen when called from cgi_show_url_info().
+          */
          url_noproto += 8;
          http->ssl = 1;
       }
@@ -443,13 +457,13 @@ jb_err parse_http_url(const char * url,
          * Most likely because the client's request
          * was intercepted and redirected into Privoxy.
          */
-         http->ssl = 0;
          http->host = NULL;
          host_available = 0;
       }
-      else
+      else if (require_protocol)
       {
-         http->ssl = 0;
+         freez(buf);
+         return JB_ERR_PARSE;
       }
 
       url_path = strchr(url_noproto, '/');
@@ -664,7 +678,17 @@ jb_err parse_http_request(const char *req,
       return JB_ERR_PARSE;
    }
 
-   err = parse_http_url(v[1], http, csp);
+   if (strcmpic(v[2], "HTTP/1.1") && strcmpic(v[2], "HTTP/1.0"))
+   {
+      log_error(LOG_LEVEL_ERROR, "The only supported HTTP "
+         "versions are 1.0 and 1.1. This rules out: %s", v[2]);
+      freez(buf);
+      return JB_ERR_PARSE;
+   }
+
+   http->ssl = !strcmpic(v[0], "CONNECT");
+
+   err = parse_http_url(v[1], http, !http->ssl);
    if (err)
    {
       freez(buf);
@@ -674,7 +698,6 @@ jb_err parse_http_request(const char *req,
    /*
     * Copy the details into the structure
     */
-   http->ssl = !strcmpic(v[0], "CONNECT");
    http->cmd = strdup(req);
    http->gpc = strdup(v[0]);
    http->ver = strdup(v[2]);
@@ -718,7 +741,7 @@ static jb_err compile_pattern(const char *pattern, enum regex_anchoring anchorin
 {
    int errcode;
    char rebuf[BUFFER_SIZE];
-   const char *fmt;
+   const char *fmt = NULL;
 
    assert(pattern);
    assert(strlen(pattern) < sizeof(rebuf) - 2);