mirror of
https://github.com/openssl/openssl.git
synced 2024-12-15 06:01:37 +08:00
bde4aa8dc1
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12894)
202 lines
5.9 KiB
C
202 lines
5.9 KiB
C
/*
|
|
* Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
* in the file LICENSE in the source distribution or at
|
|
* https://www.openssl.org/source/license.html
|
|
*/
|
|
|
|
#include <openssl/http.h>
|
|
#include <openssl/httperr.h>
|
|
#include <openssl/err.h>
|
|
#include <string.h>
|
|
#include "internal/cryptlib.h" /* for ossl_assert() */
|
|
|
|
#include "http_local.h"
|
|
|
|
/*
|
|
* Parse a URL and split it up into host, port and path components and
|
|
* whether it indicates SSL/TLS. Return 1 on success, 0 on error.
|
|
*/
|
|
|
|
int OSSL_HTTP_parse_url(const char *url, char **phost, char **pport,
|
|
int *pport_num, char **ppath, int *pssl)
|
|
{
|
|
char *p, *buf;
|
|
char *host, *host_end;
|
|
const char *path, *port = OSSL_HTTP_PORT;
|
|
long portnum = 80;
|
|
|
|
if (phost != NULL)
|
|
*phost = NULL;
|
|
if (pport != NULL)
|
|
*pport = NULL;
|
|
if (ppath != NULL)
|
|
*ppath = NULL;
|
|
if (pssl != NULL)
|
|
*pssl = 0;
|
|
|
|
if (url == NULL) {
|
|
HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
|
|
return 0;
|
|
}
|
|
|
|
/* dup the buffer since we are going to mess with it */
|
|
if ((buf = OPENSSL_strdup(url)) == NULL)
|
|
goto err;
|
|
|
|
/* check for optional prefix "http[s]://" */
|
|
p = strstr(buf, "://");
|
|
if (p == NULL) {
|
|
p = buf;
|
|
} else {
|
|
*p = '\0'; /* p points to end of scheme name */
|
|
if (strcmp(buf, OSSL_HTTPS_NAME) == 0) {
|
|
if (pssl != NULL)
|
|
*pssl = 1;
|
|
port = OSSL_HTTPS_PORT;
|
|
portnum = 443;
|
|
} else if (strcmp(buf, OSSL_HTTP_NAME) != 0) {
|
|
HTTPerr(0, HTTP_R_INVALID_URL_PREFIX);
|
|
goto err;
|
|
}
|
|
p += 3;
|
|
}
|
|
host = p;
|
|
|
|
/* parse host name/address as far as needed here */
|
|
if (host[0] == '[') {
|
|
/* ipv6 literal, which may include ':' */
|
|
host++;
|
|
host_end = strchr(host, ']');
|
|
if (host_end == NULL)
|
|
goto parse_err;
|
|
*host_end++ = '\0';
|
|
} else {
|
|
host_end = strchr(host, ':'); /* look for start of optional port */
|
|
if (host_end == NULL)
|
|
host_end = strchr(host, '/'); /* look for start of optional path */
|
|
if (host_end == NULL)
|
|
/* the remaining string is just the hostname */
|
|
host_end = host + strlen(host);
|
|
}
|
|
|
|
/* parse optional port specification starting with ':' */
|
|
p = host_end;
|
|
if (*p == ':') {
|
|
port = ++p;
|
|
if (pport_num == NULL) {
|
|
p = strchr(port, '/');
|
|
if (p == NULL)
|
|
p = host_end + 1 + strlen(port);
|
|
} else { /* make sure a numerical port value is given */
|
|
portnum = strtol(port, &p, 10);
|
|
if (p == port || (*p != '\0' && *p != '/'))
|
|
goto parse_err;
|
|
if (portnum <= 0 || portnum >= 65536) {
|
|
HTTPerr(0, HTTP_R_INVALID_PORT_NUMBER);
|
|
goto err;
|
|
}
|
|
}
|
|
}
|
|
*host_end = '\0';
|
|
*p = '\0'; /* terminate port string */
|
|
|
|
/* check for optional path at end of url starting with '/' */
|
|
path = url + (p - buf);
|
|
/* cannot use p + 1 because *p is '\0' and path must start with '/' */
|
|
if (*path == '\0') {
|
|
path = "/";
|
|
} else if (*path != '/') {
|
|
HTTPerr(0, HTTP_R_INVALID_URL_PATH);
|
|
goto parse_err;
|
|
}
|
|
|
|
if (phost != NULL && (*phost = OPENSSL_strdup(host)) == NULL)
|
|
goto err;
|
|
if (pport != NULL && (*pport = OPENSSL_strdup(port)) == NULL)
|
|
goto err;
|
|
if (pport_num != NULL)
|
|
*pport_num = (int)portnum;
|
|
if (ppath != NULL && (*ppath = OPENSSL_strdup(path)) == NULL)
|
|
goto err;
|
|
|
|
OPENSSL_free(buf);
|
|
return 1;
|
|
|
|
parse_err:
|
|
HTTPerr(0, HTTP_R_ERROR_PARSING_URL);
|
|
|
|
err:
|
|
if (ppath != NULL) {
|
|
OPENSSL_free(*ppath);
|
|
*ppath = NULL;
|
|
}
|
|
if (pport != NULL) {
|
|
OPENSSL_free(*pport);
|
|
*pport = NULL;
|
|
}
|
|
if (phost != NULL) {
|
|
OPENSSL_free(*phost);
|
|
*phost = NULL;
|
|
}
|
|
OPENSSL_free(buf);
|
|
return 0;
|
|
}
|
|
|
|
int http_use_proxy(const char *no_proxy, const char *server)
|
|
{
|
|
size_t sl;
|
|
const char *found = NULL;
|
|
|
|
if (!ossl_assert(server != NULL))
|
|
return 0;
|
|
sl = strlen(server);
|
|
|
|
/*
|
|
* using environment variable names, both lowercase and uppercase variants,
|
|
* compatible with other HTTP client implementations like wget, curl and git
|
|
*/
|
|
if (no_proxy == NULL)
|
|
no_proxy = getenv("no_proxy");
|
|
if (no_proxy == NULL)
|
|
no_proxy = getenv(OPENSSL_NO_PROXY);
|
|
if (no_proxy != NULL)
|
|
found = strstr(no_proxy, server);
|
|
while (found != NULL
|
|
&& ((found != no_proxy && found[-1] != ' ' && found[-1] != ',')
|
|
|| (found[sl] != '\0' && found[sl] != ' ' && found[sl] != ',')))
|
|
found = strstr(found + 1, server);
|
|
return found == NULL;
|
|
}
|
|
|
|
const char *http_adapt_proxy(const char *proxy, const char *no_proxy,
|
|
const char *server, int use_ssl)
|
|
{
|
|
const int http_len = strlen(OSSL_HTTP_PREFIX);
|
|
const int https_len = strlen(OSSL_HTTPS_PREFIX);
|
|
|
|
/*
|
|
* using environment variable names, both lowercase and uppercase variants,
|
|
* compatible with other HTTP client implementations like wget, curl and git
|
|
*/
|
|
if (proxy == NULL)
|
|
proxy = getenv(use_ssl ? "https_proxy" : "http_proxy");
|
|
if (proxy == NULL)
|
|
proxy = getenv(use_ssl ? OPENSSL_HTTP_PROXY :
|
|
OPENSSL_HTTPS_PROXY);
|
|
if (proxy == NULL)
|
|
return NULL;
|
|
|
|
/* skip any leading "http://" or "https://" */
|
|
if (strncmp(proxy, OSSL_HTTP_PREFIX, http_len) == 0)
|
|
proxy += http_len;
|
|
else if (strncmp(proxy, OSSL_HTTPS_PREFIX, https_len) == 0)
|
|
proxy += https_len;
|
|
|
|
if (*proxy == '\0' || !http_use_proxy(no_proxy, server))
|
|
return NULL;
|
|
return proxy;
|
|
}
|