/src/openssl30/crypto/http/http_lib.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2001-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stdio.h> /* for sscanf() */ |
11 | | #include <string.h> |
12 | | #include <openssl/http.h> |
13 | | #include <openssl/httperr.h> |
14 | | #include <openssl/bio.h> /* for BIO_snprintf() */ |
15 | | #include <openssl/err.h> |
16 | | #include "internal/cryptlib.h" /* for ossl_assert() */ |
17 | | |
18 | | static void init_pstring(char **pstr) |
19 | 0 | { |
20 | 0 | if (pstr != NULL) { |
21 | 0 | *pstr = NULL; |
22 | 0 | } |
23 | 0 | } |
24 | | |
25 | | static int copy_substring(char **dest, const char *start, const char *end) |
26 | 0 | { |
27 | 0 | return dest == NULL |
28 | 0 | || (*dest = OPENSSL_strndup(start, end - start)) != NULL; |
29 | 0 | } |
30 | | |
31 | | static void free_pstring(char **pstr) |
32 | 0 | { |
33 | 0 | if (pstr != NULL) { |
34 | 0 | OPENSSL_free(*pstr); |
35 | 0 | *pstr = NULL; |
36 | 0 | } |
37 | 0 | } |
38 | | |
39 | | int OSSL_parse_url(const char *url, char **pscheme, char **puser, char **phost, |
40 | | char **pport, int *pport_num, |
41 | | char **ppath, char **pquery, char **pfrag) |
42 | 0 | { |
43 | 0 | const char *p, *tmp; |
44 | 0 | const char *scheme, *scheme_end; |
45 | 0 | const char *user, *user_end; |
46 | 0 | const char *host, *host_end; |
47 | 0 | const char *port, *port_end; |
48 | 0 | unsigned int portnum; |
49 | 0 | const char *path, *path_end; |
50 | 0 | const char *query, *query_end; |
51 | 0 | const char *frag, *frag_end; |
52 | |
|
53 | 0 | init_pstring(pscheme); |
54 | 0 | init_pstring(puser); |
55 | 0 | init_pstring(phost); |
56 | 0 | init_pstring(pport); |
57 | 0 | init_pstring(ppath); |
58 | 0 | init_pstring(pfrag); |
59 | 0 | init_pstring(pquery); |
60 | |
|
61 | 0 | if (url == NULL) { |
62 | 0 | ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER); |
63 | 0 | return 0; |
64 | 0 | } |
65 | | |
66 | | /* check for optional prefix "<scheme>://" */ |
67 | 0 | scheme = scheme_end = url; |
68 | 0 | p = strstr(url, "://"); |
69 | 0 | if (p == NULL) { |
70 | 0 | p = url; |
71 | 0 | } else { |
72 | 0 | scheme_end = p; |
73 | 0 | if (scheme_end == scheme) |
74 | 0 | goto parse_err; |
75 | 0 | p += strlen("://"); |
76 | 0 | } |
77 | | |
78 | | /* parse optional "userinfo@" */ |
79 | 0 | user = user_end = host = p; |
80 | 0 | host = strchr(p, '@'); |
81 | 0 | if (host != NULL) |
82 | 0 | user_end = host++; |
83 | 0 | else |
84 | 0 | host = p; |
85 | | |
86 | | /* parse host name/address as far as needed here */ |
87 | 0 | if (host[0] == '[') { |
88 | | /* ipv6 literal, which may include ':' */ |
89 | 0 | host_end = strchr(host + 1, ']'); |
90 | 0 | if (host_end == NULL) |
91 | 0 | goto parse_err; |
92 | 0 | p = ++host_end; |
93 | 0 | } else { |
94 | | /* look for start of optional port, path, query, or fragment */ |
95 | 0 | host_end = strchr(host, ':'); |
96 | 0 | if (host_end == NULL) |
97 | 0 | host_end = strchr(host, '/'); |
98 | 0 | if (host_end == NULL) |
99 | 0 | host_end = strchr(host, '?'); |
100 | 0 | if (host_end == NULL) |
101 | 0 | host_end = strchr(host, '#'); |
102 | 0 | if (host_end == NULL) /* the remaining string is just the hostname */ |
103 | 0 | host_end = host + strlen(host); |
104 | 0 | p = host_end; |
105 | 0 | } |
106 | | |
107 | | /* parse optional port specification starting with ':' */ |
108 | 0 | port = "0"; /* default */ |
109 | 0 | if (*p == ':') |
110 | 0 | port = ++p; |
111 | | /* remaining port spec handling is also done for the default values */ |
112 | | /* make sure a decimal port number is given */ |
113 | 0 | if (!sscanf(port, "%u", &portnum) || portnum > 65535) { |
114 | 0 | ERR_raise_data(ERR_LIB_HTTP, HTTP_R_INVALID_PORT_NUMBER, "%s", port); |
115 | 0 | goto err; |
116 | 0 | } |
117 | 0 | for (port_end = port; '0' <= *port_end && *port_end <= '9'; port_end++) |
118 | 0 | ; |
119 | 0 | if (port == p) /* port was given explicitly */ |
120 | 0 | p += port_end - port; |
121 | | |
122 | | /* check for optional path starting with '/' or '?'. Else must start '#' */ |
123 | 0 | path = p; |
124 | 0 | if (*path != '\0' && *path != '/' && *path != '?' && *path != '#') { |
125 | 0 | ERR_raise(ERR_LIB_HTTP, HTTP_R_INVALID_URL_PATH); |
126 | 0 | goto parse_err; |
127 | 0 | } |
128 | 0 | path_end = query = query_end = frag = frag_end = path + strlen(path); |
129 | | |
130 | | /* parse optional "?query" */ |
131 | 0 | tmp = strchr(p, '?'); |
132 | 0 | if (tmp != NULL) { |
133 | 0 | p = tmp; |
134 | 0 | if (pquery != NULL) { |
135 | 0 | path_end = p; |
136 | 0 | query = p + 1; |
137 | 0 | } |
138 | 0 | } |
139 | | |
140 | | /* parse optional "#fragment" */ |
141 | 0 | tmp = strchr(p, '#'); |
142 | 0 | if (tmp != NULL) { |
143 | 0 | if (query == path_end) /* we did not record a query component */ |
144 | 0 | path_end = tmp; |
145 | 0 | query_end = tmp; |
146 | 0 | frag = tmp + 1; |
147 | 0 | } |
148 | |
|
149 | 0 | if (!copy_substring(pscheme, scheme, scheme_end) |
150 | 0 | || !copy_substring(phost, host, host_end) |
151 | 0 | || !copy_substring(pport, port, port_end) |
152 | 0 | || !copy_substring(puser, user, user_end) |
153 | 0 | || !copy_substring(pquery, query, query_end) |
154 | 0 | || !copy_substring(pfrag, frag, frag_end)) |
155 | 0 | goto err; |
156 | 0 | if (pport_num != NULL) |
157 | 0 | *pport_num = (int)portnum; |
158 | 0 | if (*path == '/') { |
159 | 0 | if (!copy_substring(ppath, path, path_end)) |
160 | 0 | goto err; |
161 | 0 | } else if (ppath != NULL) { /* must prepend '/' */ |
162 | 0 | size_t buflen = 1 + path_end - path + 1; |
163 | |
|
164 | 0 | if ((*ppath = OPENSSL_malloc(buflen)) == NULL) |
165 | 0 | goto err; |
166 | 0 | BIO_snprintf(*ppath, buflen, "/%s", path); |
167 | 0 | } |
168 | 0 | return 1; |
169 | | |
170 | 0 | parse_err: |
171 | 0 | ERR_raise(ERR_LIB_HTTP, HTTP_R_ERROR_PARSING_URL); |
172 | |
|
173 | 0 | err: |
174 | 0 | free_pstring(pscheme); |
175 | 0 | free_pstring(puser); |
176 | 0 | free_pstring(phost); |
177 | 0 | free_pstring(pport); |
178 | 0 | free_pstring(ppath); |
179 | 0 | free_pstring(pquery); |
180 | 0 | free_pstring(pfrag); |
181 | 0 | return 0; |
182 | 0 | } |
183 | | |
184 | | int OSSL_HTTP_parse_url(const char *url, int *pssl, char **puser, char **phost, |
185 | | char **pport, int *pport_num, |
186 | | char **ppath, char **pquery, char **pfrag) |
187 | 0 | { |
188 | 0 | char *scheme, *port; |
189 | 0 | int ssl = 0, portnum; |
190 | |
|
191 | 0 | init_pstring(pport); |
192 | 0 | if (pssl != NULL) |
193 | 0 | *pssl = 0; |
194 | 0 | if (!OSSL_parse_url(url, &scheme, puser, phost, &port, pport_num, |
195 | 0 | ppath, pquery, pfrag)) |
196 | 0 | return 0; |
197 | | |
198 | | /* check for optional HTTP scheme "http[s]" */ |
199 | 0 | if (strcmp(scheme, OSSL_HTTPS_NAME) == 0) { |
200 | 0 | ssl = 1; |
201 | 0 | if (pssl != NULL) |
202 | 0 | *pssl = ssl; |
203 | 0 | } else if (*scheme != '\0' && strcmp(scheme, OSSL_HTTP_NAME) != 0) { |
204 | 0 | ERR_raise(ERR_LIB_HTTP, HTTP_R_INVALID_URL_SCHEME); |
205 | 0 | OPENSSL_free(scheme); |
206 | 0 | OPENSSL_free(port); |
207 | 0 | goto err; |
208 | 0 | } |
209 | 0 | OPENSSL_free(scheme); |
210 | |
|
211 | 0 | if (strcmp(port, "0") == 0) { |
212 | | /* set default port */ |
213 | 0 | OPENSSL_free(port); |
214 | 0 | port = ssl ? OSSL_HTTPS_PORT : OSSL_HTTP_PORT; |
215 | 0 | if (!ossl_assert(sscanf(port, "%d", &portnum) == 1)) |
216 | 0 | goto err; |
217 | 0 | if (pport_num != NULL) |
218 | 0 | *pport_num = portnum; |
219 | 0 | if (pport != NULL) { |
220 | 0 | *pport = OPENSSL_strdup(port); |
221 | 0 | if (*pport == NULL) |
222 | 0 | goto err; |
223 | 0 | } |
224 | 0 | } else { |
225 | 0 | if (pport != NULL) |
226 | 0 | *pport = port; |
227 | 0 | else |
228 | 0 | OPENSSL_free(port); |
229 | 0 | } |
230 | 0 | return 1; |
231 | | |
232 | 0 | err: |
233 | 0 | free_pstring(puser); |
234 | 0 | free_pstring(phost); |
235 | 0 | free_pstring(ppath); |
236 | 0 | free_pstring(pquery); |
237 | 0 | free_pstring(pfrag); |
238 | 0 | return 0; |
239 | 0 | } |
240 | | |
241 | | /* Respect no_proxy, taking default value from environment variable(s) */ |
242 | | static int use_proxy(const char *no_proxy, const char *server) |
243 | 0 | { |
244 | 0 | size_t sl; |
245 | 0 | const char *found = NULL; |
246 | |
|
247 | 0 | if (!ossl_assert(server != NULL)) |
248 | 0 | return 0; |
249 | 0 | sl = strlen(server); |
250 | | |
251 | | /* |
252 | | * using environment variable names, both lowercase and uppercase variants, |
253 | | * compatible with other HTTP client implementations like wget, curl and git |
254 | | */ |
255 | 0 | if (no_proxy == NULL) |
256 | 0 | no_proxy = ossl_safe_getenv("no_proxy"); |
257 | 0 | if (no_proxy == NULL) |
258 | 0 | no_proxy = ossl_safe_getenv(OPENSSL_NO_PROXY); |
259 | |
|
260 | 0 | if (no_proxy != NULL) |
261 | 0 | found = strstr(no_proxy, server); |
262 | 0 | while (found != NULL |
263 | 0 | && ((found != no_proxy && found[-1] != ' ' && found[-1] != ',') |
264 | 0 | || (found[sl] != '\0' && found[sl] != ' ' && found[sl] != ','))) |
265 | 0 | found = strstr(found + 1, server); |
266 | 0 | return found == NULL; |
267 | 0 | } |
268 | | |
269 | | /* Take default value from environment variable(s), respect no_proxy */ |
270 | | const char *OSSL_HTTP_adapt_proxy(const char *proxy, const char *no_proxy, |
271 | | const char *server, int use_ssl) |
272 | 0 | { |
273 | | /* |
274 | | * using environment variable names, both lowercase and uppercase variants, |
275 | | * compatible with other HTTP client implementations like wget, curl and git |
276 | | */ |
277 | 0 | if (proxy == NULL) |
278 | 0 | proxy = ossl_safe_getenv(use_ssl ? "https_proxy" : "http_proxy"); |
279 | 0 | if (proxy == NULL) |
280 | 0 | proxy = ossl_safe_getenv(use_ssl ? OPENSSL_HTTP_PROXY : OPENSSL_HTTPS_PROXY); |
281 | |
|
282 | 0 | if (proxy == NULL || *proxy == '\0' || !use_proxy(no_proxy, server)) |
283 | 0 | return NULL; |
284 | 0 | return proxy; |
285 | 0 | } |