Line | Count | Source |
1 | | /*************************************************************************** |
2 | | * _ _ ____ _ |
3 | | * Project ___| | | | _ \| | |
4 | | * / __| | | | |_) | | |
5 | | * | (__| |_| | _ <| |___ |
6 | | * \___|\___/|_| \_\_____| |
7 | | * |
8 | | * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. |
9 | | * |
10 | | * This software is licensed as described in the file COPYING, which |
11 | | * you should have received as part of this distribution. The terms |
12 | | * are also available at https://curl.se/docs/copyright.html. |
13 | | * |
14 | | * You may opt to use, copy, modify, merge, publish, distribute and/or sell |
15 | | * copies of the Software, and permit persons to whom the Software is |
16 | | * furnished to do so, under the terms of the COPYING file. |
17 | | * |
18 | | * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY |
19 | | * KIND, either express or implied. |
20 | | * |
21 | | * SPDX-License-Identifier: curl |
22 | | * |
23 | | ***************************************************************************/ |
24 | | |
25 | | #include "curl_setup.h" |
26 | | |
27 | | #ifndef CURL_DISABLE_HTTP |
28 | | |
29 | | #include "urldata.h" |
30 | | #include <curl/curl.h> |
31 | | #include "http.h" |
32 | | #include "http1.h" |
33 | | #include "urlapi-int.h" |
34 | | |
35 | | |
36 | | #define H1_MAX_URL_LEN (8*1024) |
37 | | |
38 | | void Curl_h1_req_parse_init(struct h1_req_parser *parser, size_t max_line_len) |
39 | 0 | { |
40 | 0 | memset(parser, 0, sizeof(*parser)); |
41 | 0 | parser->max_line_len = max_line_len; |
42 | 0 | curlx_dyn_init(&parser->scratch, max_line_len); |
43 | 0 | } |
44 | | |
45 | | void Curl_h1_req_parse_free(struct h1_req_parser *parser) |
46 | 0 | { |
47 | 0 | if(parser) { |
48 | 0 | Curl_http_req_free(parser->req); |
49 | 0 | curlx_dyn_free(&parser->scratch); |
50 | 0 | parser->req = NULL; |
51 | 0 | parser->done = FALSE; |
52 | 0 | } |
53 | 0 | } |
54 | | |
55 | | static CURLcode trim_line(struct h1_req_parser *parser, int options) |
56 | 0 | { |
57 | 0 | DEBUGASSERT(parser->line); |
58 | 0 | if(parser->line_len) { |
59 | 0 | if(parser->line[parser->line_len - 1] == '\n') |
60 | 0 | --parser->line_len; |
61 | 0 | if(parser->line_len) { |
62 | 0 | if(parser->line[parser->line_len - 1] == '\r') |
63 | 0 | --parser->line_len; |
64 | 0 | else if(options & H1_PARSE_OPT_STRICT) |
65 | 0 | return CURLE_URL_MALFORMAT; |
66 | 0 | } |
67 | 0 | else if(options & H1_PARSE_OPT_STRICT) |
68 | 0 | return CURLE_URL_MALFORMAT; |
69 | 0 | } |
70 | 0 | else if(options & H1_PARSE_OPT_STRICT) |
71 | 0 | return CURLE_URL_MALFORMAT; |
72 | | |
73 | 0 | if(parser->line_len > parser->max_line_len) { |
74 | 0 | return CURLE_URL_MALFORMAT; |
75 | 0 | } |
76 | 0 | return CURLE_OK; |
77 | 0 | } |
78 | | |
79 | | static CURLcode detect_line(struct h1_req_parser *parser, |
80 | | const uint8_t *buf, const size_t buflen, |
81 | | size_t *pnread) |
82 | 0 | { |
83 | 0 | const char *line_end; |
84 | |
|
85 | 0 | DEBUGASSERT(!parser->line); |
86 | 0 | *pnread = 0; |
87 | 0 | line_end = memchr(buf, '\n', buflen); |
88 | 0 | if(!line_end) |
89 | 0 | return CURLE_AGAIN; |
90 | 0 | parser->line = (const char *)buf; |
91 | 0 | parser->line_len = line_end - parser->line + 1; |
92 | 0 | *pnread = parser->line_len; |
93 | 0 | return CURLE_OK; |
94 | 0 | } |
95 | | |
96 | | static CURLcode next_line(struct h1_req_parser *parser, |
97 | | const uint8_t *buf, const size_t buflen, int options, |
98 | | size_t *pnread) |
99 | 0 | { |
100 | 0 | CURLcode result; |
101 | |
|
102 | 0 | *pnread = 0; |
103 | 0 | if(parser->line) { |
104 | 0 | parser->line = NULL; |
105 | 0 | parser->line_len = 0; |
106 | 0 | curlx_dyn_reset(&parser->scratch); |
107 | 0 | } |
108 | |
|
109 | 0 | result = detect_line(parser, buf, buflen, pnread); |
110 | 0 | if(!result) { |
111 | 0 | if(curlx_dyn_len(&parser->scratch)) { |
112 | | /* append detected line to scratch to have the complete line */ |
113 | 0 | result = curlx_dyn_addn(&parser->scratch, parser->line, |
114 | 0 | parser->line_len); |
115 | 0 | if(result) |
116 | 0 | return result; |
117 | 0 | parser->line = curlx_dyn_ptr(&parser->scratch); |
118 | 0 | parser->line_len = curlx_dyn_len(&parser->scratch); |
119 | 0 | } |
120 | 0 | result = trim_line(parser, options); |
121 | 0 | if(result) |
122 | 0 | return result; |
123 | 0 | } |
124 | 0 | else if(result == CURLE_AGAIN) { |
125 | | /* no line end in `buf`, add it to our scratch */ |
126 | 0 | result = curlx_dyn_addn(&parser->scratch, (const unsigned char *)buf, |
127 | 0 | buflen); |
128 | 0 | *pnread = buflen; |
129 | 0 | } |
130 | 0 | return result; |
131 | 0 | } |
132 | | |
133 | | static CURLcode start_req(struct h1_req_parser *parser, |
134 | | const char *scheme_default, |
135 | | const char *custom_method, |
136 | | int options) |
137 | 0 | { |
138 | 0 | const char *p, *m, *target, *hv, *scheme, *authority, *path; |
139 | 0 | size_t m_len, target_len, hv_len, scheme_len, authority_len, path_len; |
140 | 0 | size_t i; |
141 | 0 | CURLU *url = NULL; |
142 | 0 | CURLcode result = CURLE_URL_MALFORMAT; /* Use this as default fail */ |
143 | |
|
144 | 0 | DEBUGASSERT(!parser->req); |
145 | | /* line must match: "METHOD TARGET HTTP_VERSION" */ |
146 | 0 | if(custom_method && custom_method[0] && |
147 | 0 | !strncmp(custom_method, parser->line, strlen(custom_method))) { |
148 | 0 | p = parser->line + strlen(custom_method); |
149 | 0 | } |
150 | 0 | else { |
151 | 0 | p = memchr(parser->line, ' ', parser->line_len); |
152 | 0 | if(!p || p == parser->line) |
153 | 0 | goto out; |
154 | 0 | } |
155 | | |
156 | 0 | m = parser->line; |
157 | 0 | m_len = p - parser->line; |
158 | 0 | target = p + 1; |
159 | 0 | target_len = hv_len = 0; |
160 | 0 | hv = NULL; |
161 | | |
162 | | /* URL may contain spaces so scan backwards */ |
163 | 0 | for(i = parser->line_len; i > m_len; --i) { |
164 | 0 | if(parser->line[i] == ' ') { |
165 | 0 | hv = &parser->line[i + 1]; |
166 | 0 | hv_len = parser->line_len - i; |
167 | 0 | target_len = (hv - target) - 1; |
168 | 0 | break; |
169 | 0 | } |
170 | 0 | } |
171 | | /* no SPACE found or empty TARGET or empty HTTP_VERSION */ |
172 | 0 | if(!target_len || !hv_len) |
173 | 0 | goto out; |
174 | | |
175 | 0 | (void)hv; |
176 | | |
177 | | /* The TARGET can be (rfc 9112, ch. 3.2): |
178 | | * origin-form: path + optional query |
179 | | * absolute-form: absolute URI |
180 | | * authority-form: host+port for CONNECT |
181 | | * asterisk-form: '*' for OPTIONS |
182 | | * |
183 | | * from TARGET, we derive `scheme` `authority` `path` |
184 | | * origin-form -- -- TARGET |
185 | | * absolute-form URL* URL* URL* |
186 | | * authority-form -- TARGET -- |
187 | | * asterisk-form -- -- TARGET |
188 | | */ |
189 | 0 | scheme = authority = path = NULL; |
190 | 0 | scheme_len = authority_len = path_len = 0; |
191 | |
|
192 | 0 | if(target_len == 1 && target[0] == '*') { |
193 | | /* asterisk-form */ |
194 | 0 | path = target; |
195 | 0 | path_len = target_len; |
196 | 0 | } |
197 | 0 | else if(!strncmp("CONNECT", m, m_len)) { |
198 | | /* authority-form */ |
199 | 0 | authority = target; |
200 | 0 | authority_len = target_len; |
201 | 0 | } |
202 | 0 | else if(target[0] == '/') { |
203 | | /* origin-form */ |
204 | 0 | path = target; |
205 | 0 | path_len = target_len; |
206 | 0 | } |
207 | 0 | else { |
208 | | /* origin-form OR absolute-form */ |
209 | 0 | CURLUcode uc; |
210 | 0 | char tmp[H1_MAX_URL_LEN]; |
211 | | |
212 | | /* default, unless we see an absolute URL */ |
213 | 0 | path = target; |
214 | 0 | path_len = target_len; |
215 | | |
216 | | /* URL parser wants null-termination */ |
217 | 0 | if(target_len >= sizeof(tmp)) |
218 | 0 | goto out; |
219 | 0 | memcpy(tmp, target, target_len); |
220 | 0 | tmp[target_len] = '\0'; |
221 | | /* See if treating TARGET as an absolute URL makes sense */ |
222 | 0 | if(Curl_is_absolute_url(tmp, NULL, 0, FALSE)) { |
223 | 0 | unsigned int url_options; |
224 | |
|
225 | 0 | url = curl_url(); |
226 | 0 | if(!url) { |
227 | 0 | result = CURLE_OUT_OF_MEMORY; |
228 | 0 | goto out; |
229 | 0 | } |
230 | 0 | url_options = (CURLU_NON_SUPPORT_SCHEME| |
231 | 0 | CURLU_PATH_AS_IS| |
232 | 0 | CURLU_NO_DEFAULT_PORT); |
233 | 0 | if(!(options & H1_PARSE_OPT_STRICT)) |
234 | 0 | url_options |= CURLU_ALLOW_SPACE; |
235 | 0 | uc = curl_url_set(url, CURLUPART_URL, tmp, url_options); |
236 | 0 | if(uc) { |
237 | 0 | goto out; |
238 | 0 | } |
239 | 0 | } |
240 | | |
241 | 0 | if(!url && (options & H1_PARSE_OPT_STRICT)) { |
242 | | /* we should have an absolute URL or have seen `/` earlier */ |
243 | 0 | goto out; |
244 | 0 | } |
245 | 0 | } |
246 | | |
247 | 0 | if(url) { |
248 | 0 | result = Curl_http_req_make2(&parser->req, m, m_len, url, scheme_default); |
249 | 0 | } |
250 | 0 | else { |
251 | 0 | if(!scheme && scheme_default) { |
252 | 0 | scheme = scheme_default; |
253 | 0 | scheme_len = strlen(scheme_default); |
254 | 0 | } |
255 | 0 | result = Curl_http_req_make(&parser->req, m, m_len, scheme, scheme_len, |
256 | 0 | authority, authority_len, path, path_len); |
257 | 0 | } |
258 | |
|
259 | 0 | out: |
260 | 0 | curl_url_cleanup(url); |
261 | 0 | return result; |
262 | 0 | } |
263 | | |
264 | | CURLcode Curl_h1_req_parse_read(struct h1_req_parser *parser, |
265 | | const uint8_t *buf, size_t buflen, |
266 | | const char *scheme_default, |
267 | | const char *custom_method, |
268 | | int options, size_t *pnread) |
269 | 0 | { |
270 | 0 | CURLcode result = CURLE_OK; |
271 | 0 | size_t nread; |
272 | |
|
273 | 0 | *pnread = 0; |
274 | 0 | while(!parser->done) { |
275 | 0 | result = next_line(parser, buf, buflen, options, &nread); |
276 | 0 | if(result) { |
277 | 0 | if(result == CURLE_AGAIN) |
278 | 0 | result = CURLE_OK; |
279 | 0 | goto out; |
280 | 0 | } |
281 | | |
282 | | /* Consume this line */ |
283 | 0 | *pnread += nread; |
284 | 0 | buf += nread; |
285 | 0 | buflen -= nread; |
286 | |
|
287 | 0 | if(!parser->line) { |
288 | | /* consumed bytes, but line not complete */ |
289 | 0 | if(!buflen) |
290 | 0 | goto out; |
291 | 0 | } |
292 | 0 | else if(!parser->req) { |
293 | 0 | result = start_req(parser, scheme_default, custom_method, options); |
294 | 0 | if(result) |
295 | 0 | goto out; |
296 | 0 | } |
297 | 0 | else if(parser->line_len == 0) { |
298 | | /* last, empty line, we are finished */ |
299 | 0 | if(!parser->req) { |
300 | 0 | result = CURLE_URL_MALFORMAT; |
301 | 0 | goto out; |
302 | 0 | } |
303 | 0 | parser->done = TRUE; |
304 | 0 | curlx_dyn_reset(&parser->scratch); |
305 | | /* last chance adjustments */ |
306 | 0 | } |
307 | 0 | else { |
308 | 0 | result = Curl_dynhds_h1_add_line(&parser->req->headers, |
309 | 0 | parser->line, parser->line_len); |
310 | 0 | if(result) |
311 | 0 | goto out; |
312 | 0 | } |
313 | 0 | } |
314 | | |
315 | 0 | out: |
316 | 0 | return result; |
317 | 0 | } |
318 | | |
319 | | CURLcode Curl_h1_req_write_head(struct httpreq *req, int http_minor, |
320 | | struct dynbuf *dbuf) |
321 | 0 | { |
322 | 0 | CURLcode result; |
323 | |
|
324 | 0 | result = curlx_dyn_addf(dbuf, "%s %s%s%s%s HTTP/1.%d\r\n", |
325 | 0 | req->method, |
326 | 0 | req->scheme ? req->scheme : "", |
327 | 0 | req->scheme ? "://" : "", |
328 | 0 | req->authority ? req->authority : "", |
329 | 0 | req->path ? req->path : "", |
330 | 0 | http_minor); |
331 | 0 | if(result) |
332 | 0 | goto out; |
333 | | |
334 | 0 | result = Curl_dynhds_h1_dprint(&req->headers, dbuf); |
335 | 0 | if(result) |
336 | 0 | goto out; |
337 | | |
338 | 0 | result = curlx_dyn_addn(dbuf, STRCONST("\r\n")); |
339 | |
|
340 | 0 | out: |
341 | 0 | return result; |
342 | 0 | } |
343 | | |
344 | | #endif /* !CURL_DISABLE_HTTP */ |