thac0/gmnisrv
1
0
Fork 0
forked from aniani/gmnisrv
Code Pull Requests Activity
0d6eca2c79
gmnisrv/src/url.c
Drew DeVault ccae8ffd28 Vendor in some support code
2020-09-23 10:40:14 -04:00

1436 lines
35 KiB
C
Raw Blame History

/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at https://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#define MAX_SCHEME_LEN 8
#include <assert.h>
#include <ctype.h>
#include <stdarg.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <strings.h>
#include "escape.h"
#include "url.h"
/* Provided by gmni */
static char *
aprintf(const char *fmt, ...)
{
va_list ap;
va_start(ap, fmt);
int n = vsnprintf(NULL, 0, fmt, ap);
va_end(ap);
char *strp = calloc(n + 1, 1);
assert(strp);
va_start(ap, fmt);
n = vsnprintf(strp, n + 1, fmt, ap);
va_end(ap);
return strp;
}
/* via lib/dotdot.c */
char *Curl_dedotdotify(const char *input)
{
size_t inlen = strlen(input);
char *clone;
size_t clen = inlen; /* the length of the cloned input */
char *out = malloc(inlen + 1);
char *outptr;
char *orgclone;
char *queryp;
if(!out)
return NULL; /* out of memory */
*out = 0; /* zero terminates, for inputs like "./" */
/* get a cloned copy of the input */
clone = strdup(input);
if(!clone) {
free(out);
return NULL;
}
orgclone = clone;
outptr = out;
if(!*clone) {
/* zero length string, return that */
free(out);
return clone;
}
/*
* To handle query-parts properly, we must find it and remove it during the
* dotdot-operation and then append it again at the end to the output
* string.
*/
queryp = strchr(clone, '?');
if(queryp)
*queryp = 0;
do {
/* A. If the input buffer begins with a prefix of "../" or "./", then
remove that prefix from the input buffer; otherwise, */
if(!strncmp("./", clone, 2)) {
clone += 2;
clen -= 2;
}
else if(!strncmp("../", clone, 3)) {
clone += 3;
clen -= 3;
}
/* B. if the input buffer begins with a prefix of "/./" or "/.", where
"." is a complete path segment, then replace that prefix with "/" in
the input buffer; otherwise, */
else if(!strncmp("/./", clone, 3)) {
clone += 2;
clen -= 2;
}
else if(!strcmp("/.", clone)) {
clone[1]='/';
clone++;
clen -= 1;
}
/* C. if the input buffer begins with a prefix of "/../" or "/..", where
".." is a complete path segment, then replace that prefix with "/" in
the input buffer and remove the last segment and its preceding "/" (if
any) from the output buffer; otherwise, */
else if(!strncmp("/../", clone, 4)) {
clone += 3;
clen -= 3;
/* remove the last segment from the output buffer */
while(outptr > out) {
outptr--;
if(*outptr == '/')
break;
}
*outptr = 0; /* zero-terminate where it stops */
}
else if(!strcmp("/..", clone)) {
clone[2]='/';
clone += 2;
clen -= 2;
/* remove the last segment from the output buffer */
while(outptr > out) {
outptr--;
if(*outptr == '/')
break;
}
*outptr = 0; /* zero-terminate where it stops */
}
/* D. if the input buffer consists only of "." or "..", then remove
that from the input buffer; otherwise, */
else if(!strcmp(".", clone) || !strcmp("..", clone)) {
*clone = 0;
*out = 0;
}
else {
/* E. move the first path segment in the input buffer to the end of
the output buffer, including the initial "/" character (if any) and
any subsequent characters up to, but not including, the next "/"
character or the end of the input buffer. */
do {
*outptr++ = *clone++;
clen--;
} while(*clone && (*clone != '/'));
*outptr = 0;
}
} while(*clone);
if(queryp) {
size_t qlen;
/* There was a query part, append that to the output. The 'clone' string
may now have been altered so we copy from the original input string
from the correct index. */
size_t oindex = queryp - orgclone;
qlen = strlen(&input[oindex]);
memcpy(outptr, &input[oindex], qlen + 1); /* include the end zero byte */
}
free(orgclone);
return out;
}
/* via lib/url.c */
CURLcode Curl_parse_login_details(const char *login, const size_t len,
char **userp, char **passwdp,
char **optionsp)
{
CURLcode result = CURLE_OK;
char *ubuf = NULL;
char *pbuf = NULL;
char *obuf = NULL;
const char *psep = NULL;
const char *osep = NULL;
size_t ulen;
size_t plen;
size_t olen;
/* Attempt to find the password separator */
if(passwdp) {
psep = strchr(login, ':');
/* Within the constraint of the login string */
if(psep >= login + len)
psep = NULL;
}
/* Attempt to find the options separator */
if(optionsp) {
osep = strchr(login, ';');
/* Within the constraint of the login string */
if(osep >= login + len)
osep = NULL;
}
/* Calculate the portion lengths */
ulen = (psep ?
(size_t)(osep && psep > osep ? osep - login : psep - login) :
(osep ? (size_t)(osep - login) : len));
plen = (psep ?
(osep && osep > psep ? (size_t)(osep - psep) :
(size_t)(login + len - psep)) - 1 : 0);
olen = (osep ?
(psep && psep > osep ? (size_t)(psep - osep) :
(size_t)(login + len - osep)) - 1 : 0);
/* Allocate the user portion buffer */
if(userp && ulen) {
ubuf = malloc(ulen + 1);
if(!ubuf)
result = CURLE_OUT_OF_MEMORY;
}
/* Allocate the password portion buffer */
if(!result && passwdp && plen) {
pbuf = malloc(plen + 1);
if(!pbuf) {
free(ubuf);
result = CURLE_OUT_OF_MEMORY;
}
}
/* Allocate the options portion buffer */
if(!result && optionsp && olen) {
obuf = malloc(olen + 1);
if(!obuf) {
free(pbuf);
free(ubuf);
result = CURLE_OUT_OF_MEMORY;
}
}
if(!result) {
/* Store the user portion if necessary */
if(ubuf) {
memcpy(ubuf, login, ulen);
ubuf[ulen] = '\0';
free(*userp);
*userp = ubuf;
}
/* Store the password portion if necessary */
if(pbuf) {
memcpy(pbuf, psep + 1, plen);
pbuf[plen] = '\0';
free(*passwdp);
*passwdp = pbuf;
}
/* Store the options portion if necessary */
if(obuf) {
memcpy(obuf, osep + 1, olen);
obuf[olen] = '\0';
free(*optionsp);
*optionsp = obuf;
}
}
return result;
}
/* Internal representation of CURLU. Point to URL-encoded strings. */
struct Curl_URL {
char *scheme;
char *user;
char *password;
char *options; /* IMAP only? */
char *host;
char *port;
char *path;
char *query;
char *fragment;
char *scratch; /* temporary scratch area */
long portnum; /* the numerical version */
};
#define DEFAULT_SCHEME "https"
static void free_urlhandle(struct Curl_URL *u)
{
free(u->scheme);
free(u->user);
free(u->password);
free(u->options);
free(u->host);
free(u->port);
free(u->path);
free(u->query);
free(u->fragment);
free(u->scratch);
}
/* move the full contents of one handle onto another and
free the original */
static void mv_urlhandle(struct Curl_URL *from,
struct Curl_URL *to)
{
free_urlhandle(to);
*to = *from;
free(from);
}
/*
* Find the separator at the end of the host name, or the '?' in cases like
* http://www.url.com?id=2380
*/
static const char *find_host_sep(const char *url)
{
const char *sep;
const char *query;
/* Find the start of the hostname */
sep = strstr(url, "//");
if(!sep)
sep = url;
else
sep += 2;
query = strchr(sep, '?');
sep = strchr(sep, '/');
if(!sep)
sep = url + strlen(url);
if(!query)
query = url + strlen(url);
return sep < query ? sep : query;
}
/*
* Decide in an encoding-independent manner whether a character in an
* URL must be escaped. The same criterion must be used in strlen_url()
* and strcpy_url().
*/
static bool urlchar_needs_escaping(int c)
{
return !(iscntrl(c) || isspace(c) || isgraph(c));
}
/*
* strlen_url() returns the length of the given URL if the spaces within the
* URL were properly URL encoded.
* URL encoding should be skipped for host names, otherwise IDN resolution
* will fail.
*/
size_t Curl_strlen_url(const char *url, bool relative)
{
const unsigned char *ptr;
size_t newlen = 0;
bool left = true; /* left side of the ? */
const unsigned char *host_sep = (const unsigned char *) url;
if(!relative)
host_sep = (const unsigned char *) find_host_sep(url);
for(ptr = (unsigned char *)url; *ptr; ptr++) {
if(ptr < host_sep) {
++newlen;
continue;
}
switch(*ptr) {
case '?':
left = false;
/* FALLTHROUGH */
default:
if(urlchar_needs_escaping(*ptr))
newlen += 2;
newlen++;
break;
case ' ':
if(left)
newlen += 3;
else
newlen++;
break;
}
}
return newlen;
}
/* strcpy_url() copies a url to a output buffer and URL-encodes the spaces in
* the source URL accordingly.
* URL encoding should be skipped for host names, otherwise IDN resolution
* will fail.
*/
void Curl_strcpy_url(char *output, const char *url, bool relative)
{
/* we must add this with whitespace-replacing */
bool left = true;
const unsigned char *iptr;
char *optr = output;
const unsigned char *host_sep = (const unsigned char *) url;
if(!relative)
host_sep = (const unsigned char *) find_host_sep(url);
for(iptr = (unsigned char *)url; /* read from here */
*iptr; /* until zero byte */
iptr++) {
if(iptr < host_sep) {
*optr++ = *iptr;
continue;
}
switch(*iptr) {
case '?':
left = false;
/* FALLTHROUGH */
default:
if(urlchar_needs_escaping(*iptr)) {
snprintf(optr, 4, "%%%02x", *iptr);
optr += 3;
}
else
*optr++=*iptr;
break;
case ' ':
if(left) {
*optr++='%'; /* add a '%' */
*optr++='2'; /* add a '2' */
*optr++='0'; /* add a '0' */
}
else
*optr++='+'; /* add a '+' here */
break;
}
}
*optr = 0; /* zero terminate output buffer */
}
/*
* Returns true if the given URL is absolute (as opposed to relative) within
* the buffer size. Returns the scheme in the buffer if true and 'buf' is
* non-NULL.
*/
bool Curl_is_absolute_url(const char *url, char *buf, size_t buflen)
{
size_t i;
for(i = 0; i < buflen && url[i]; ++i) {
char s = url[i];
if((s == ':') && (url[i + 1] == '/')) {
if(buf)
buf[i] = 0;
return true;
}
/* RFC 3986 3.1 explains:
scheme = ALPHA *( ALPHA / DIGIT / "+" / "-" / "." )
*/
else if(isalnum(s) || (s == '+') || (s == '-') || (s == '.') ) {
if(buf)
buf[i] = (char)tolower(s);
}
else
break;
}
return false;
}
/*
* Concatenate a relative URL to a base URL making it absolute.
* URL-encodes any spaces.
* The returned pointer must be freed by the caller unless NULL
* (returns NULL on out of memory).
*/
char *Curl_concat_url(const char *base, const char *relurl)
{
/***
TRY to append this new path to the old URL
to the right of the host part. Oh crap, this is doomed to cause
problems in the future...
*/
char *newest;
char *protsep;
char *pathsep;
size_t newlen;
bool host_changed = false;
const char *useurl = relurl;
size_t urllen;
/* we must make our own copy of the URL to play with, as it may
point to read-only data */
char *url_clone = strdup(base);
if(!url_clone)
return NULL; /* skip out of this NOW */
/* protsep points to the start of the host name */
protsep = strstr(url_clone, "//");
if(!protsep)
protsep = url_clone;
else
protsep += 2; /* pass the slashes */
if('/' != relurl[0]) {
int level = 0;
/* First we need to find out if there's a ?-letter in the URL,
and cut it and the right-side of that off */
pathsep = strchr(protsep, '?');
if(pathsep)
*pathsep = 0;
/* we have a relative path to append to the last slash if there's one
available, or if the new URL is just a query string (starts with a
'?') we append the new one at the end of the entire currently worked
out URL */
if(useurl[0] != '?') {
pathsep = strrchr(protsep, '/');
if(pathsep)
*pathsep = 0;
}
/* Check if there's any slash after the host name, and if so, remember
that position instead */
pathsep = strchr(protsep, '/');
if(pathsep)
protsep = pathsep + 1;
else
protsep = NULL;
/* now deal with one "./" or any amount of "../" in the newurl
and act accordingly */
if((useurl[0] == '.') && (useurl[1] == '/'))
useurl += 2; /* just skip the "./" */
while((useurl[0] == '.') &&
(useurl[1] == '.') &&
(useurl[2] == '/')) {
level++;
useurl += 3; /* pass the "../" */
}
if(protsep) {
while(level--) {
/* cut off one more level from the right of the original URL */
pathsep = strrchr(protsep, '/');
if(pathsep)
*pathsep = 0;
else {
*protsep = 0;
break;
}
}
}
}
else {
/* We got a new absolute path for this server */
if((relurl[0] == '/') && (relurl[1] == '/')) {
/* the new URL starts with //, just keep the protocol part from the
original one */
*protsep = 0;
useurl = &relurl[2]; /* we keep the slashes from the original, so we
skip the new ones */
host_changed = true;
}
else {
/* cut off the original URL from the first slash, or deal with URLs
without slash */
pathsep = strchr(protsep, '/');
if(pathsep) {
/* When people use badly formatted URLs, such as
"http://www.url.com?dir=/home/daniel" we must not use the first
slash, if there's a ?-letter before it! */
char *sep = strchr(protsep, '?');
if(sep && (sep < pathsep))
pathsep = sep;
*pathsep = 0;
}
else {
/* There was no slash. Now, since we might be operating on a badly
formatted URL, such as "http://www.url.com?id=2380" which doesn't
use a slash separator as it is supposed to, we need to check for a
?-letter as well! */
pathsep = strchr(protsep, '?');
if(pathsep)
*pathsep = 0;
}
}
}
/* If the new part contains a space, this is a mighty stupid redirect
but we still make an effort to do "right". To the left of a '?'
letter we replace each space with %20 while it is replaced with '+'
on the right side of the '?' letter.
*/
newlen = Curl_strlen_url(useurl, !host_changed);
urllen = strlen(url_clone);
newest = malloc(urllen + 1 + /* possible slash */
newlen + 1 /* zero byte */);
if(!newest) {
free(url_clone); /* don't leak this */
return NULL;
}
/* copy over the root url part */
memcpy(newest, url_clone, urllen);
/* check if we need to append a slash */
if(('/' == useurl[0]) || (protsep && !*protsep) || ('?' == useurl[0]))
;
else
newest[urllen++]='/';
/* then append the new piece on the right side */
Curl_strcpy_url(&newest[urllen], useurl, !host_changed);
free(url_clone);
return newest;
}
/*
* parse_hostname_login()
*
* Parse the login details (user name, password and options) from the URL and
* strip them out of the host name
*
*/
static CURLUcode parse_hostname_login(struct Curl_URL *u,
char **hostname,
unsigned int flags)
{
CURLUcode result = CURLUE_OK;
CURLcode ccode;
char *userp = NULL;
char *passwdp = NULL;
char *optionsp = NULL;
/* At this point, we're hoping all the other special cases have
* been taken care of, so conn->host.name is at most
* [user[:password][;options]]@]hostname
*
* We need somewhere to put the embedded details, so do that first.
*/
char *ptr = strchr(*hostname, '@');
char *login = *hostname;
if(!ptr)
goto out;
/* We will now try to extract the
* possible login information in a string like:
* ftp://user:password@ftp.my.site:8021/README */
*hostname = ++ptr;
/* We could use the login information in the URL so extract it. Only parse
options if the handler says we should. Note that 'h' might be NULL! */
ccode = Curl_parse_login_details(login, ptr - login - 1,
&userp, &passwdp, NULL);
if(ccode) {
result = CURLUE_MALFORMED_INPUT;
goto out;
}
if(userp) {
if(flags & CURLU_DISALLOW_USER) {
/* Option DISALLOW_USER is set and url contains username. */
result = CURLUE_USER_NOT_ALLOWED;
goto out;
}
u->user = userp;
}
if(passwdp)
u->password = passwdp;
if(optionsp)
u->options = optionsp;
return CURLUE_OK;
out:
free(userp);
free(passwdp);
free(optionsp);
return result;
}
static CURLUcode parse_port(struct Curl_URL *u, char *hostname)
{
char *portptr;
char endbracket;
int len;
if((1 == sscanf(hostname, "[%*45[0123456789abcdefABCDEF:.%%]%c%n",
&endbracket, &len)) &&
(']' == endbracket)) {
/* this is a RFC2732-style specified IP-address */
portptr = &hostname[len];
if(*portptr) {
if(*portptr != ':')
return CURLUE_MALFORMED_INPUT;
}
else
portptr = NULL;
}
else
portptr = strchr(hostname, ':');
if(portptr) {
char *rest;
long port;
char portbuf[7];
if(!isdigit(portptr[1]))
return CURLUE_BAD_PORT_NUMBER;
port = strtol(portptr + 1, &rest, 10); /* Port number must be decimal */
if((port <= 0) || (port > 0xffff))
/* Single unix standard says port numbers are 16 bits long, but we don't
treat port zero as OK. */
return CURLUE_BAD_PORT_NUMBER;
if(rest[0])
return CURLUE_BAD_PORT_NUMBER;
if(rest != &portptr[1]) {
*portptr++ = '\0'; /* cut off the name there */
*rest = 0;
/* generate a new to get rid of leading zeroes etc */
snprintf(portbuf, sizeof(portbuf), "%ld", port);
u->portnum = port;
u->port = strdup(portbuf);
if(!u->port)
return CURLUE_OUT_OF_MEMORY;
}
else {
/* Browser behavior adaptation. If there's a colon with no digits after,
just cut off the name there which makes us ignore the colon and just
use the default port. Firefox and Chrome both do that. */
*portptr = '\0';
}
}
return CURLUE_OK;
}
/* scan for byte values < 31 or 127 */
static CURLUcode junkscan(char *part)
{
char badbytes[]={
/* */ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
0x7f,
0x00 /* zero terminate */
};
if(part) {
size_t n = strlen(part);
size_t nfine = strcspn(part, badbytes);
if(nfine != n)
/* since we don't know which part is scanned, return a generic error
code */
return CURLUE_MALFORMED_INPUT;
}
return CURLUE_OK;
}
static CURLUcode hostname_check(char *hostname, unsigned int flags)
{
const char *l = NULL; /* accepted characters */
size_t len;
size_t hlen = strlen(hostname);
(void)flags;
if(hostname[0] == '[') {
hostname++;
l = "0123456789abcdefABCDEF::.%";
hlen -= 2;
}
if(l) {
/* only valid letters are ok */
len = strspn(hostname, l);
if(hlen != len)
/* hostname with bad content */
return CURLUE_MALFORMED_INPUT;
}
else {
/* letters from the second string is not ok */
len = strcspn(hostname, " ");
if(hlen != len)
/* hostname with bad content */
return CURLUE_MALFORMED_INPUT;
}
return CURLUE_OK;
}
#define HOSTNAME_END(x) (((x) == '/') || ((x) == '?') || ((x) == '#'))
static CURLUcode seturl(const char *url, struct Curl_URL *u, unsigned int flags)
{
char *path;
bool path_alloced = false;
char *hostname;
char *query = NULL;
char *fragment = NULL;
CURLUcode result;
bool url_has_scheme = false;
char schemebuf[MAX_SCHEME_LEN];
char *schemep = NULL;
size_t schemelen = 0;
size_t urllen;
if(!url)
return CURLUE_MALFORMED_INPUT;
/*************************************************************
* Parse the URL.
************************************************************/
/* allocate scratch area */
urllen = strlen(url);
path = u->scratch = malloc(urllen * 2 + 2);
if(!path)
return CURLUE_OUT_OF_MEMORY;
hostname = &path[urllen + 1];
hostname[0] = 0;
if(Curl_is_absolute_url(url, schemebuf, sizeof(schemebuf))) {
url_has_scheme = true;
schemelen = strlen(schemebuf);
}
/* handle the file: scheme */
if(url_has_scheme && strcasecmp(schemebuf, "file") == 0) {
/* path has been allocated large enough to hold this */
strcpy(path, &url[5]);
hostname = NULL; /* no host for file: URLs */
u->scheme = strdup("file");
if(!u->scheme)
return CURLUE_OUT_OF_MEMORY;
/* Extra handling URLs with an authority component (i.e. that start with
* "file://")
*
* We allow omitted hostname (e.g. file:/<path>) -- valid according to
* RFC 8089, but not the (current) WHAT-WG URL spec.
*/
if(path[0] == '/' && path[1] == '/') {
/* swallow the two slashes */
char *ptr = &path[2];
path = ptr;
}
}
else {
/* clear path */
const char *p;
const char *hostp;
size_t len;
path[0] = 0;
if(url_has_scheme) {
int i = 0;
p = &url[schemelen + 1];
while(p && (*p == '/') && (i < 4)) {
p++;
i++;
}
if((i < 1) || (i>3))
/* less than one or more than three slashes */
return CURLUE_MALFORMED_INPUT;
schemep = schemebuf;
if(junkscan(schemep))
return CURLUE_MALFORMED_INPUT;
}
else {
/* no scheme! */
return CURLUE_MALFORMED_INPUT;
}
hostp = p; /* host name starts here */
while(*p && !HOSTNAME_END(*p)) /* find end of host name */
p++;
len = p - hostp;
if(!len)
return CURLUE_MALFORMED_INPUT;
memcpy(hostname, hostp, len);
hostname[len] = 0;
len = strlen(p);
memcpy(path, p, len);
path[len] = 0;
u->scheme = strdup(schemep);
if(!u->scheme)
return CURLUE_OUT_OF_MEMORY;
}
if(junkscan(path))
return CURLUE_MALFORMED_INPUT;
query = strchr(path, '?');
if(query)
*query++ = 0;
fragment = strchr(query?query:path, '#');
if(fragment)
*fragment++ = 0;
if(!path[0])
/* if there's no path set, unset */
path = NULL;
else if(!(flags & CURLU_PATH_AS_IS)) {
/* sanitise paths and remove ../ and ./ sequences according to RFC3986 */
char *newp = Curl_dedotdotify(path);
if(!newp)
return CURLUE_OUT_OF_MEMORY;
if(strcmp(newp, path)) {
/* if we got a new version */
path = newp;
path_alloced = true;
}
else
free(newp);
}
if(path) {
u->path = path_alloced?path:strdup(path);
if(!u->path)
return CURLUE_OUT_OF_MEMORY;
}
if(hostname) {
/*
* Parse the login details and strip them out of the host name.
*/
if(junkscan(hostname))
return CURLUE_MALFORMED_INPUT;
result = parse_hostname_login(u, &hostname, flags);
if(result)
return result;
result = parse_port(u, hostname);
if(result)
return result;
result = hostname_check(hostname, flags);
if(result)
return result;
u->host = strdup(hostname);
if(!u->host)
return CURLUE_OUT_OF_MEMORY;
}
if(query && query[0]) {
u->query = strdup(query);
if(!u->query)
return CURLUE_OUT_OF_MEMORY;
}
if(fragment && fragment[0]) {
u->fragment = strdup(fragment);
if(!u->fragment)
return CURLUE_OUT_OF_MEMORY;
}
free(u->scratch);
u->scratch = NULL;
return CURLUE_OK;
}
/*
* Parse the URL and set the relevant members of the Curl_URL struct.
*/
static CURLUcode parseurl(const char *url, struct Curl_URL *u, unsigned int flags)
{
CURLUcode result = seturl(url, u, flags);
if(result) {
free_urlhandle(u);
memset(u, 0, sizeof(struct Curl_URL));
}
return result;
}
/*
*/
struct Curl_URL *curl_url(void)
{
return calloc(sizeof(struct Curl_URL), 1);
}
void curl_url_cleanup(struct Curl_URL *u)
{
if(u) {
free_urlhandle(u);
free(u);
}
}
#define DUP(dest, src, name) \
if(src->name) { \
dest->name = strdup(src->name); \
if(!dest->name) \
goto fail; \
}
struct Curl_URL *curl_url_dup(struct Curl_URL *in)
{
struct Curl_URL *u = calloc(sizeof(struct Curl_URL), 1);
if(u) {
DUP(u, in, scheme);
DUP(u, in, user);
DUP(u, in, password);
DUP(u, in, options);
DUP(u, in, host);
DUP(u, in, port);
DUP(u, in, path);
DUP(u, in, query);
DUP(u, in, fragment);
u->portnum = in->portnum;
}
return u;
fail:
curl_url_cleanup(u);
return NULL;
}
CURLUcode curl_url_get(struct Curl_URL *u, CURLUPart what,
char **part, unsigned int flags)
{
char *ptr;
CURLUcode ifmissing = CURLUE_UNKNOWN_PART;
bool urldecode = (flags & CURLU_URLDECODE)?1:0;
bool plusdecode = false;
(void)flags;
if(!u)
return CURLUE_BAD_HANDLE;
if(!part)
return CURLUE_BAD_PARTPOINTER;
*part = NULL;
switch(what) {
case CURLUPART_SCHEME:
ptr = u->scheme;
ifmissing = CURLUE_NO_SCHEME;
urldecode = false; /* never for schemes */
break;
case CURLUPART_USER:
ptr = u->user;
ifmissing = CURLUE_NO_USER;
break;
case CURLUPART_PASSWORD:
ptr = u->password;
ifmissing = CURLUE_NO_PASSWORD;
break;
case CURLUPART_OPTIONS:
ptr = u->options;
ifmissing = CURLUE_NO_OPTIONS;
break;
case CURLUPART_HOST:
ptr = u->host;
ifmissing = CURLUE_NO_HOST;
break;
case CURLUPART_PORT:
ptr = u->port;
ifmissing = CURLUE_NO_PORT;
urldecode = false; /* never for port */
break;
case CURLUPART_PATH:
ptr = u->path;
if(!ptr) {
ptr = u->path = strdup("/");
if(!u->path)
return CURLUE_OUT_OF_MEMORY;
}
break;
case CURLUPART_QUERY:
ptr = u->query;
ifmissing = CURLUE_NO_QUERY;
plusdecode = urldecode;
break;
case CURLUPART_FRAGMENT:
ptr = u->fragment;
ifmissing = CURLUE_NO_FRAGMENT;
break;
case CURLUPART_URL: {
char *url;
char *scheme;
char *options = u->options;
char *port = u->port;
if(u->scheme && strcasecmp("file", u->scheme) == 0) {
url = aprintf("file://%s%s%s",
u->path,
u->fragment? "#": "",
u->fragment? u->fragment : "");
}
else if(!u->host)
return CURLUE_NO_HOST;
else {
if(u->scheme)
scheme = u->scheme;
else
return CURLUE_NO_SCHEME;
options = NULL;
url = aprintf("%s://%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
scheme,
u->user ? u->user : "",
u->password ? ":": "",
u->password ? u->password : "",
options ? ";" : "",
options ? options : "",
(u->user || u->password || options) ? "@": "",
u->host,
port ? ":": "",
port ? port : "",
(u->path && (u->path[0] != '/')) ? "/": "",
u->path ? u->path : "/",
u->query? "?": "",
u->query? u->query : "",
u->fragment? "#": "",
u->fragment? u->fragment : "");
}
if(!url)
return CURLUE_OUT_OF_MEMORY;
*part = url;
return CURLUE_OK;
break;
}
default:
ptr = NULL;
}
if(ptr) {
*part = strdup(ptr);
if(!*part)
return CURLUE_OUT_OF_MEMORY;
if(plusdecode) {
/* convert + to space */
char *plus;
for(plus = *part; *plus; ++plus) {
if(*plus == '+')
*plus = ' ';
}
}
if(urldecode) {
char *decoded;
size_t dlen;
CURLcode res = Curl_urldecode(*part, 0, &decoded, &dlen, true);
free(*part);
if(res) {
*part = NULL;
return CURLUE_URLDECODE;
}
*part = decoded;
}
return CURLUE_OK;
}
else
return ifmissing;
}
CURLUcode curl_url_set(struct Curl_URL *u, CURLUPart what,
const char *part, unsigned int flags)
{
char **storep = NULL;
long port = 0;
bool urlencode = (flags & CURLU_URLENCODE)? 1 : 0;
bool plusencode = false;
bool urlskipslash = false;
bool appendquery = false;
bool equalsencode = false;
if(!u)
return CURLUE_BAD_HANDLE;
if(!part) {
/* setting a part to NULL clears it */
switch(what) {
case CURLUPART_URL:
break;
case CURLUPART_SCHEME:
storep = &u->scheme;
break;
case CURLUPART_USER:
storep = &u->user;
break;
case CURLUPART_PASSWORD:
storep = &u->password;
break;
case CURLUPART_OPTIONS:
storep = &u->options;
break;
case CURLUPART_HOST:
storep = &u->host;
break;
case CURLUPART_PORT:
storep = &u->port;
break;
case CURLUPART_PATH:
storep = &u->path;
break;
case CURLUPART_QUERY:
storep = &u->query;
break;
case CURLUPART_FRAGMENT:
storep = &u->fragment;
break;
default:
return CURLUE_UNKNOWN_PART;
}
if(storep && *storep) {
free(*storep);
*storep = NULL;
}
return CURLUE_OK;
}
switch(what) {
case CURLUPART_SCHEME:
storep = &u->scheme;
urlencode = false; /* never */
break;
case CURLUPART_USER:
storep = &u->user;
break;
case CURLUPART_PASSWORD:
storep = &u->password;
break;
case CURLUPART_OPTIONS:
storep = &u->options;
break;
case CURLUPART_HOST:
storep = &u->host;
break;
case CURLUPART_PORT:
urlencode = false; /* never */
port = strtol(part, NULL, 10); /* Port number must be decimal */
if((port <= 0) || (port > 0xffff))
return CURLUE_BAD_PORT_NUMBER;
storep = &u->port;
break;
case CURLUPART_PATH:
urlskipslash = true;
storep = &u->path;
break;
case CURLUPART_QUERY:
plusencode = urlencode;
appendquery = (flags & CURLU_APPENDQUERY)?1:0;
equalsencode = appendquery;
storep = &u->query;
break;
case CURLUPART_FRAGMENT:
storep = &u->fragment;
break;
case CURLUPART_URL: {
/*
* Allow a new URL to replace the existing (if any) contents.
*
* If the existing contents is enough for a URL, allow a relative URL to
* replace it.
*/
CURLUcode result;
char *oldurl;
char *redired_url;
struct Curl_URL *handle2;
if(Curl_is_absolute_url(part, NULL, MAX_SCHEME_LEN)) {
handle2 = curl_url();
if(!handle2)
return CURLUE_OUT_OF_MEMORY;
result = parseurl(part, handle2, flags);
if(!result)
mv_urlhandle(handle2, u);
else
curl_url_cleanup(handle2);
return result;
}
/* extract the full "old" URL to do the redirect on */
result = curl_url_get(u, CURLUPART_URL, &oldurl, flags);
if(result) {
/* couldn't get the old URL, just use the new! */
handle2 = curl_url();
if(!handle2)
return CURLUE_OUT_OF_MEMORY;
result = parseurl(part, handle2, flags);
if(!result)
mv_urlhandle(handle2, u);
else
curl_url_cleanup(handle2);
return result;
}
/* apply the relative part to create a new URL */
redired_url = Curl_concat_url(oldurl, part);
free(oldurl);
if(!redired_url)
return CURLUE_OUT_OF_MEMORY;
/* now parse the new URL */
handle2 = curl_url();
if(!handle2) {
free(redired_url);
return CURLUE_OUT_OF_MEMORY;
}
result = parseurl(redired_url, handle2, flags);
free(redired_url);
if(!result)
mv_urlhandle(handle2, u);
else
curl_url_cleanup(handle2);
return result;
}
default:
return CURLUE_UNKNOWN_PART;
}
if(storep) {
const char *newp = part;
size_t nalloc = strlen(part);
if(urlencode) {
const char *i;
char *o;
bool free_part = false;
char *enc = malloc(nalloc * 3 + 1); /* for worst case! */
if(!enc)
return CURLUE_OUT_OF_MEMORY;
for(i = part, o = enc; *i; i++) {
if(Curl_isunreserved(*i) ||
((*i == '/') && urlskipslash) ||
((*i == '=') && equalsencode) ||
((*i == '+') && plusencode)) {
if((*i == '=') && equalsencode)
/* only skip the first equals sign */
equalsencode = false;
*o = *i;
o++;
}
else {
snprintf(o, 4, "%%%02x", *i);
o += 3;
}
}
*o = 0; /* zero terminate */
newp = enc;
if(free_part)
free((char *)part);
}
else {
char *p;
newp = strdup(part);
if(!newp)
return CURLUE_OUT_OF_MEMORY;
p = (char *)newp;
while(*p) {
/* make sure percent encoded are lower case */
if((*p == '%') && isxdigit(p[1]) && isxdigit(p[2]) &&
(isupper(p[1]) || isupper(p[2]))) {
p[1] = (char)tolower(p[1]);
p[2] = (char)tolower(p[2]);
p += 3;
}
else
p++;
}
}
if(appendquery) {
/* Append the string onto the old query. Add a '&' separator if none is
present at the end of the exsting query already */
size_t querylen = u->query ? strlen(u->query) : 0;
bool addamperand = querylen && (u->query[querylen -1] != '&');
if(querylen) {
size_t newplen = strlen(newp);
char *p = malloc(querylen + addamperand + newplen + 1);
if(!p) {
free((char *)newp);
return CURLUE_OUT_OF_MEMORY;
}
strcpy(p, u->query); /* original query */
if(addamperand)
p[querylen] = '&'; /* ampersand */
strcpy(&p[querylen + addamperand], newp); /* new suffix */
free((char *)newp);
free(*storep);
*storep = p;
return CURLUE_OK;
}
}
free(*storep);
*storep = (char *)newp;
}
/* set after the string, to make it not assigned if the allocation above
fails */
if(port)
u->portnum = port;
return CURLUE_OK;
}
View Git Blame Copy Permalink