crypto/http/http_lib.c

   1 /*
   2  * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <openssl/http.h>
  11 #include <openssl/httperr.h>
  12 #include <openssl/err.h>
  13 #include <string.h>
  14 #include "internal/cryptlib.h" /* for ossl_assert() */
  15
  16 #include "http_local.h"
  17
  18 static void init_pstring(char **pstr)
  19 {
  20     if (pstr != NULL) {
  21         *pstr = NULL;
  22     }
  23 }
  24
  25 static int copy_substring(char **dest, const char *start, const char *end)
  26 {
  27     return dest == NULL
  28         || (*dest = OPENSSL_strndup(start, end - start)) != NULL;
  29 }
  30
  31 static void free_pstring(char **pstr)
  32 {
  33     if (pstr != NULL) {
  34         OPENSSL_free(*pstr);
  35         *pstr = NULL;
  36     }
  37 }
  38
  39 int OSSL_parse_url(const char *url, char **pscheme, char **puser, char **phost,
  40                    char **pport, int *pport_num,
  41                    char **ppath, char **pquery, char **pfrag)
  42 {
  43     const char *p, *tmp;
  44     const char *scheme, *scheme_end;
  45     const char *user, *user_end;
  46     const char *host, *host_end;
  47     const char *port, *port_end;
  48     unsigned int portnum;
  49     const char *path, *path_end;
  50     const char *query, *query_end;
  51     const char *frag, *frag_end;
  52
  53     init_pstring(pscheme);
  54     init_pstring(puser);
  55     init_pstring(phost);
  56     init_pstring(pport);
  57     init_pstring(ppath);
  58     init_pstring(pfrag);
  59     init_pstring(pquery);
  60
  61     if (url == NULL) {
  62         ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_NULL_PARAMETER);
  63         return 0;
  64     }
  65
  66     /* check for optional prefix "<scheme>://" */
  67     scheme = scheme_end = url;
  68     p = strstr(url, "://");
  69     if (p == NULL) {
  70         p = url;
  71     } else {
  72         scheme_end = p;
  73         if (scheme_end == scheme)
  74             goto parse_err;
  75         p += strlen("://");
  76     }
  77
  78     /* parse optional "userinfo@" */
  79     user = user_end = host = p;
  80     host = strchr(p, '@');
  81     if (host != NULL)
  82         user_end = host++;
  83     else
  84         host = p;
  85
  86     /* parse host name/address as far as needed here */
  87     if (host[0] == '[') {
  88         /* ipv6 literal, which may include ':' */
  89         host++;
  90         host_end = strchr(host, ']');
  91         if (host_end == NULL)
  92             goto parse_err;
  93         p = host_end + 1;
  94     } else {
  95         /* look for start of optional port, path, query, or fragment */
  96         host_end = strchr(host, ':');
  97         if (host_end == NULL)
  98             host_end = strchr(host, '/');
  99         if (host_end == NULL)
 100             host_end = strchr(host, '?');
 101         if (host_end == NULL)
 102             host_end = strchr(host, '#');
 103         if (host_end == NULL) /* the remaining string is just the hostname */
 104             host_end = host + strlen(host);
 105         p = host_end;
 106     }
 107
 108     /* parse optional port specification starting with ':' */
 109     port = "0"; /* default */
 110     if (*p == ':')
 111         port = ++p;
 112     /* remaining port spec handling is also done for the default values */
 113     /* make sure a decimal port number is given */
 114     if (!sscanf(port, "%u", &portnum) || portnum > 65535) {
 115         ERR_raise(ERR_LIB_HTTP, HTTP_R_INVALID_PORT_NUMBER);
 116         goto err;
 117     }
 118     for (port_end = port; '0' <= *port_end && *port_end <= '9'; port_end++)
 119         ;
 120     if (port == p) /* port was given explicitly */
 121         p += port_end - port;
 122
 123     /* check for optional path starting with '/' or '?'. Else must start '#' */
 124     path = p;
 125     if (*path != '\0' && *path != '/' && *path != '?' && *path != '#') {
 126         ERR_raise(ERR_LIB_HTTP, HTTP_R_INVALID_URL_PATH);
 127         goto parse_err;
 128     }
 129     path_end = query = query_end = frag = frag_end = path + strlen(path);
 130
 131     /* parse optional "?query" */
 132     tmp = strchr(p, '?');
 133     if (tmp != NULL) {
 134         p = tmp;
 135         if (pquery != NULL) {
 136             path_end = p;
 137             query = p + 1;
 138         }
 139     }
 140
 141     /* parse optional "#fragment" */
 142     tmp = strchr(p, '#');
 143     if (tmp != NULL) {
 144         if (query == path_end) /* we did not record a query component */
 145             path_end = tmp;
 146         query_end = tmp;
 147         frag = tmp + 1;
 148     }
 149
 150     if (!copy_substring(pscheme, scheme, scheme_end)
 151             || !copy_substring(phost, host, host_end)
 152             || !copy_substring(pport, port, port_end)
 153             || !copy_substring(puser, user, user_end)
 154             || !copy_substring(pquery, query, query_end)
 155             || !copy_substring(pfrag, frag, frag_end))
 156         goto err;
 157     if (pport_num != NULL)
 158         *pport_num = (int)portnum;
 159     if (*path == '/') {
 160         if (!copy_substring(ppath, path, path_end))
 161             goto err;
 162     } else if (ppath != NULL) { /* must prepend '/' */
 163         size_t buflen = 1 + path_end - path + 1;
 164
 165         if ((*ppath = OPENSSL_malloc(buflen)) == NULL)
 166             goto err;
 167         snprintf(*ppath, buflen, "/%s", path);
 168     }
 169     return 1;
 170
 171  parse_err:
 172     ERR_raise(ERR_LIB_HTTP, HTTP_R_ERROR_PARSING_URL);
 173
 174  err:
 175     free_pstring(pscheme);
 176     free_pstring(puser);
 177     free_pstring(phost);
 178     free_pstring(pport);
 179     free_pstring(ppath);
 180     free_pstring(pquery);
 181     free_pstring(pfrag);
 182     return 0;
 183 }
 184
 185 int OSSL_HTTP_parse_url(const char *url, int *pssl, char **puser, char **phost,
 186                         char **pport, int *pport_num,
 187                         char **ppath, char **pquery, char **pfrag)
 188 {
 189     char *scheme, *port;
 190     int ssl = 0, portnum;
 191
 192     init_pstring(pport);
 193     if (pssl != NULL)
 194         *pssl = 0;
 195     if (!OSSL_parse_url(url, &scheme, puser, phost, &port, pport_num,
 196                         ppath, pquery, pfrag))
 197         return 0;
 198
 199     /* check for optional HTTP scheme "http[s]" */
 200     if (strcmp(scheme, OSSL_HTTPS_NAME) == 0) {
 201         ssl = 1;
 202         if (pssl != NULL)
 203             *pssl = ssl;
 204     } else if (*scheme != '\0' && strcmp(scheme, OSSL_HTTP_NAME) != 0) {
 205         ERR_raise(ERR_LIB_HTTP, HTTP_R_INVALID_URL_SCHEME);
 206         OPENSSL_free(scheme);
 207         OPENSSL_free(port);
 208         goto err;
 209     }
 210     OPENSSL_free(scheme);
 211
 212     if (strcmp(port, "0") == 0) {
 213         /* set default port */
 214         OPENSSL_free(port);
 215         port = ssl ? OSSL_HTTPS_PORT : OSSL_HTTP_PORT;
 216         if (!ossl_assert(sscanf(port, "%d", &portnum) == 1))
 217             goto err;
 218         if (pport_num != NULL)
 219             *pport_num = portnum;
 220         if (pport != NULL) {
 221             *pport = OPENSSL_strdup(port);
 222             if (*pport == NULL)
 223                 goto err;
 224         }
 225     } else {
 226         if (pport != NULL)
 227             *pport = port;
 228         else
 229             OPENSSL_free(port);
 230     }
 231     return 1;
 232
 233  err:
 234     free_pstring(puser);
 235     free_pstring(phost);
 236     free_pstring(ppath);
 237     free_pstring(pquery);
 238     free_pstring(pfrag);
 239     return 0;
 240 }
 241
 242 int http_use_proxy(const char *no_proxy, const char *server)
 243 {
 244     size_t sl;
 245     const char *found = NULL;
 246
 247     if (!ossl_assert(server != NULL))
 248         return 0;
 249     sl = strlen(server);
 250
 251     /*
 252      * using environment variable names, both lowercase and uppercase variants,
 253      * compatible with other HTTP client implementations like wget, curl and git
 254      */
 255     if (no_proxy == NULL)
 256         no_proxy = getenv("no_proxy");
 257     if (no_proxy == NULL)
 258         no_proxy = getenv(OPENSSL_NO_PROXY);
 259     if (no_proxy != NULL)
 260         found = strstr(no_proxy, server);
 261     while (found != NULL
 262            && ((found != no_proxy && found[-1] != ' ' && found[-1] != ',')
 263                || (found[sl] != '\0' && found[sl] != ' ' && found[sl] != ',')))
 264         found = strstr(found + 1, server);
 265     return found == NULL;
 266 }
 267
 268 const char *http_adapt_proxy(const char *proxy, const char *no_proxy,
 269                              const char *server, int use_ssl)
 270 {
 271     const int http_len = strlen(OSSL_HTTP_PREFIX);
 272     const int https_len = strlen(OSSL_HTTPS_PREFIX);
 273
 274     /*
 275      * using environment variable names, both lowercase and uppercase variants,
 276      * compatible with other HTTP client implementations like wget, curl and git
 277      */
 278     if (proxy == NULL)
 279         proxy = getenv(use_ssl ? "https_proxy" : "http_proxy");
 280     if (proxy == NULL)
 281         proxy = getenv(use_ssl ? OPENSSL_HTTP_PROXY :
 282                        OPENSSL_HTTPS_PROXY);
 283     if (proxy == NULL)
 284         return NULL;
 285
 286     /* skip any leading "http://" or "https://" */
 287     if (strncmp(proxy, OSSL_HTTP_PREFIX, http_len) == 0)
 288         proxy += http_len;
 289     else if (strncmp(proxy, OSSL_HTTPS_PREFIX, https_len) == 0)
 290         proxy += https_len;
 291
 292     if (*proxy == '\0' || !http_use_proxy(no_proxy, server))
 293         return NULL;
 294     return proxy;
 295 }