From: pcarana <pc.moreno2099@gmail.com>
Date: Thu, 23 Jan 2020 23:56:17 +0000 (-0600)
Subject: Fix bug: publish/withdraw URIs weren't validated as RSYNC URIs.
X-Git-Tag: v1.2.0~11
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=8d9670b044767bb8faa1642d39a96644522a403f;p=thirdparty%2FFORT-validator.git

Fix bug: publish/withdraw URIs weren't validated as RSYNC URIs.
---

diff --git a/src/rrdp/rrdp_parser.c b/src/rrdp/rrdp_parser.c
index e831f178..82ba91c9 100644
--- a/src/rrdp/rrdp_parser.c
+++ b/src/rrdp/rrdp_parser.c
@@ -565,7 +565,7 @@ parse_withdraw(xmlTextReaderPtr reader, struct withdraw **withdraw)
 		goto release_tmp;
 
 	/* rfc8181#section-2.2, get the file from the uri */
-	error = uri_create_mixed_str(&uri, tmp->doc_data.uri,
+	error = uri_create_rsync_str(&uri, tmp->doc_data.uri,
 	    strlen(tmp->doc_data.uri));
 	if (error)
 		goto release_tmp;
@@ -595,7 +595,8 @@ write_from_uri(char const *location, unsigned char *content, size_t content_len,
 	size_t written;
 	int error;
 
-	error = uri_create_mixed_str(&uri, location, strlen(location));
+	/* rfc8181#section-2.2 must be an rsync URI */
+	error = uri_create_rsync_str(&uri, location, strlen(location));
 	if (error)
 		return error;
 
@@ -653,7 +654,8 @@ __delete_from_uri(char const *location, struct visited_uris *visited_uris)
 	struct rpki_uri *uri;
 	int error;
 
-	error = uri_create_mixed_str(&uri, location, strlen(location));
+	/* rfc8181#section-2.2 must be an rsync URI */
+	error = uri_create_rsync_str(&uri, location, strlen(location));
 	if (error)
 		return error;
 
diff --git a/src/uri.c b/src/uri.c
index 605da499..bf96af34 100644
--- a/src/uri.c
+++ b/src/uri.c
@@ -237,8 +237,11 @@ validate_gprefix(char const *global, size_t global_len, uint8_t flags,
 	}
 	error = validate_uri_begin(PFX_HTTPS, PFX_HTTPS_LEN, global, global_len,
 	    size, 0);
-	if (error)
+	if (error) {
+		pr_warn("URI '%s' does not begin with '%s' nor '%s'.",
+		    global, PFX_RSYNC, PFX_HTTPS);
 		return ENOTSUPPORTED;
+	}
 
 	/* @size was already set */
 	(*type) = URI_HTTPS;
@@ -345,7 +348,11 @@ uri_create_https_str(struct rpki_uri **uri, char const *guri, size_t guri_len)
 	return uri_create(uri, URI_VALID_HTTPS, guri, guri_len);
 }
 
-/* A URI that can be rsync or https */
+/*
+ * A URI that can be rsync or https.
+ *
+ * Return ENOTSUPPORTED if not an rsync or https URI.
+ */
 int
 uri_create_mixed_str(struct rpki_uri **uri, char const *guri, size_t guri_len)
 {
@@ -416,7 +423,7 @@ uri_create_ad(struct rpki_uri **uri, ACCESS_DESCRIPTION *ad, int flags)
 	 */
 	if (type != GEN_URI) {
 		pr_err("Unknown GENERAL_NAME type: %d", type);
-		return -ENOTSUPPORTED;
+		return ENOTSUPPORTED;
 	}
 
 	/*