1#include "cache.h" 2#include "urlmatch.h" 3 4#define URL_ALPHA "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" 5#define URL_DIGIT "0123456789" 6#define URL_ALPHADIGIT URL_ALPHA URL_DIGIT 7#define URL_SCHEME_CHARS URL_ALPHADIGIT "+.-" 8#define URL_HOST_CHARS URL_ALPHADIGIT ".-[:]" /* IPv6 literals need [:] */ 9#define URL_UNSAFE_CHARS " <>\"%{}|\\^`" /* plus 0x00-0x1F,0x7F-0xFF */ 10#define URL_GEN_RESERVED ":/?#[]@" 11#define URL_SUB_RESERVED "!$&'()*+,;=" 12#define URL_RESERVED URL_GEN_RESERVED URL_SUB_RESERVED /* only allowed delims */ 13 14static int append_normalized_escapes(struct strbuf *buf, 15 const char *from, 16 size_t from_len, 17 const char *esc_extra, 18 const char *esc_ok) 19{ 20 /* 21 * Append to strbuf 'buf' characters from string 'from' with length 22 * 'from_len' while unescaping characters that do not need to be escaped 23 * and escaping characters that do. The set of characters to escape 24 * (the complement of which is unescaped) starts out as the RFC 3986 25 * unsafe characters (0x00-0x1F,0x7F-0xFF," <>\"#%{}|\\^`"). If 26 * 'esc_extra' is not NULL, those additional characters will also always 27 * be escaped. If 'esc_ok' is not NULL, those characters will be left 28 * escaped if found that way, but will not be unescaped otherwise (used 29 * for delimiters). If a %-escape sequence is encountered that is not 30 * followed by 2 hexadecimal digits, the sequence is invalid and 31 * false (0) will be returned. Otherwise true (1) will be returned for 32 * success. 33 * 34 * Note that all %-escape sequences will be normalized to UPPERCASE 35 * as indicated in RFC 3986. Unless included in esc_extra or esc_ok 36 * alphanumerics and "-._~" will always be unescaped as per RFC 3986. 37 */ 38 39 while (from_len) { 40 int ch = *from++; 41 int was_esc = 0; 42 43 from_len--; 44 if (ch == '%') { 45 if (from_len < 2 || 46 !isxdigit(from[0]) || 47 !isxdigit(from[1])) 48 return 0; 49 ch = hexval(*from++) << 4; 50 ch |= hexval(*from++); 51 from_len -= 2; 52 was_esc = 1; 53 } 54 if ((unsigned char)ch <= 0x1F || (unsigned char)ch >= 0x7F || 55 strchr(URL_UNSAFE_CHARS, ch) || 56 (esc_extra && strchr(esc_extra, ch)) || 57 (was_esc && strchr(esc_ok, ch))) 58 strbuf_addf(buf, "%%%02X", (unsigned char)ch); 59 else 60 strbuf_addch(buf, ch); 61 } 62 63 return 1; 64} 65 66static char *url_normalize_1(const char *url, struct url_info *out_info, char allow_globs) 67{ 68 /* 69 * Normalize NUL-terminated url using the following rules: 70 * 71 * 1. Case-insensitive parts of url will be converted to lower case 72 * 2. %-encoded characters that do not need to be will be unencoded 73 * 3. Characters that are not %-encoded and must be will be encoded 74 * 4. All %-encodings will be converted to upper case hexadecimal 75 * 5. Leading 0s are removed from port numbers 76 * 6. If the default port for the scheme is given it will be removed 77 * 7. A path part (including empty) not starting with '/' has one added 78 * 8. Any dot segments (. or ..) in the path are resolved and removed 79 * 9. IPv6 host literals are allowed (but not normalized or validated) 80 * 81 * The rules are based on information in RFC 3986. 82 * 83 * Please note this function requires a full URL including a scheme 84 * and host part (except for file: URLs which may have an empty host). 85 * 86 * The return value is a newly allocated string that must be freed 87 * or NULL if the url is not valid. 88 * 89 * If out_info is non-NULL, the url and err fields therein will always 90 * be set. If a non-NULL value is returned, it will be stored in 91 * out_info->url as well, out_info->err will be set to NULL and the 92 * other fields of *out_info will also be filled in. If a NULL value 93 * is returned, NULL will be stored in out_info->url and out_info->err 94 * will be set to a brief, translated, error message, but no other 95 * fields will be filled in. 96 * 97 * This is NOT a URL validation function. Full URL validation is NOT 98 * performed. Some invalid host names are passed through this function 99 * undetected. However, most all other problems that make a URL invalid 100 * will be detected (including a missing host for non file: URLs). 101 */ 102 103 size_t url_len = strlen(url); 104 struct strbuf norm; 105 size_t spanned; 106 size_t scheme_len, user_off=0, user_len=0, passwd_off=0, passwd_len=0; 107 size_t host_off=0, host_len=0, port_off=0, port_len=0, path_off, path_len, result_len; 108 const char *slash_ptr, *at_ptr, *colon_ptr, *path_start; 109 char *result; 110 111 /* 112 * Copy lowercased scheme and :// suffix, %-escapes are not allowed 113 * First character of scheme must be URL_ALPHA 114 */ 115 spanned = strspn(url, URL_SCHEME_CHARS); 116 if (!spanned || !isalpha(url[0]) || spanned + 3 > url_len || 117 url[spanned] != ':' || url[spanned+1] != '/' || url[spanned+2] != '/') { 118 if (out_info) { 119 out_info->url = NULL; 120 out_info->err = _("invalid URL scheme name or missing '://' suffix"); 121 } 122 return NULL; /* Bad scheme and/or missing "://" part */ 123 } 124 strbuf_init(&norm, url_len); 125 scheme_len = spanned; 126 spanned += 3; 127 url_len -= spanned; 128 while (spanned--) 129 strbuf_addch(&norm, tolower(*url++)); 130 131 132 /* 133 * Copy any username:password if present normalizing %-escapes 134 */ 135 at_ptr = strchr(url, '@'); 136 slash_ptr = url + strcspn(url, "/?#"); 137 if (at_ptr && at_ptr < slash_ptr) { 138 user_off = norm.len; 139 if (at_ptr > url) { 140 if (!append_normalized_escapes(&norm, url, at_ptr - url, 141 "", URL_RESERVED)) { 142 if (out_info) { 143 out_info->url = NULL; 144 out_info->err = _("invalid %XX escape sequence"); 145 } 146 strbuf_release(&norm); 147 return NULL; 148 } 149 colon_ptr = strchr(norm.buf + scheme_len + 3, ':'); 150 if (colon_ptr) { 151 passwd_off = (colon_ptr + 1) - norm.buf; 152 passwd_len = norm.len - passwd_off; 153 user_len = (passwd_off - 1) - (scheme_len + 3); 154 } else { 155 user_len = norm.len - (scheme_len + 3); 156 } 157 } 158 strbuf_addch(&norm, '@'); 159 url_len -= (++at_ptr - url); 160 url = at_ptr; 161 } 162 163 164 /* 165 * Copy the host part excluding any port part, no %-escapes allowed 166 */ 167 if (!url_len || strchr(":/?#", *url)) { 168 /* Missing host invalid for all URL schemes except file */ 169 if (strncmp(norm.buf, "file:", 5)) { 170 if (out_info) { 171 out_info->url = NULL; 172 out_info->err = _("missing host and scheme is not 'file:'"); 173 } 174 strbuf_release(&norm); 175 return NULL; 176 } 177 } else { 178 host_off = norm.len; 179 } 180 colon_ptr = slash_ptr - 1; 181 while (colon_ptr > url && *colon_ptr != ':' && *colon_ptr != ']') 182 colon_ptr--; 183 if (*colon_ptr != ':') { 184 colon_ptr = slash_ptr; 185 } else if (!host_off && colon_ptr < slash_ptr && colon_ptr + 1 != slash_ptr) { 186 /* file: URLs may not have a port number */ 187 if (out_info) { 188 out_info->url = NULL; 189 out_info->err = _("a 'file:' URL may not have a port number"); 190 } 191 strbuf_release(&norm); 192 return NULL; 193 } 194 195 if (allow_globs) 196 spanned = strspn(url, URL_HOST_CHARS "*"); 197 else 198 spanned = strspn(url, URL_HOST_CHARS); 199 200 if (spanned < colon_ptr - url) { 201 /* Host name has invalid characters */ 202 if (out_info) { 203 out_info->url = NULL; 204 out_info->err = _("invalid characters in host name"); 205 } 206 strbuf_release(&norm); 207 return NULL; 208 } 209 while (url < colon_ptr) { 210 strbuf_addch(&norm, tolower(*url++)); 211 url_len--; 212 } 213 214 215 /* 216 * Check the port part and copy if not the default (after removing any 217 * leading 0s); no %-escapes allowed 218 */ 219 if (colon_ptr < slash_ptr) { 220 /* skip the ':' and leading 0s but not the last one if all 0s */ 221 url++; 222 url += strspn(url, "0"); 223 if (url == slash_ptr && url[-1] == '0') 224 url--; 225 if (url == slash_ptr) { 226 /* Skip ":" port with no number, it's same as default */ 227 } else if (slash_ptr - url == 2 && 228 !strncmp(norm.buf, "http:", 5) && 229 !strncmp(url, "80", 2)) { 230 /* Skip http :80 as it's the default */ 231 } else if (slash_ptr - url == 3 && 232 !strncmp(norm.buf, "https:", 6) && 233 !strncmp(url, "443", 3)) { 234 /* Skip https :443 as it's the default */ 235 } else { 236 /* 237 * Port number must be all digits with leading 0s removed 238 * and since all the protocols we deal with have a 16-bit 239 * port number it must also be in the range 1..65535 240 * 0 is not allowed because that means "next available" 241 * on just about every system and therefore cannot be used 242 */ 243 unsigned long pnum = 0; 244 spanned = strspn(url, URL_DIGIT); 245 if (spanned < slash_ptr - url) { 246 /* port number has invalid characters */ 247 if (out_info) { 248 out_info->url = NULL; 249 out_info->err = _("invalid port number"); 250 } 251 strbuf_release(&norm); 252 return NULL; 253 } 254 if (slash_ptr - url <= 5) 255 pnum = strtoul(url, NULL, 10); 256 if (pnum == 0 || pnum > 65535) { 257 /* port number not in range 1..65535 */ 258 if (out_info) { 259 out_info->url = NULL; 260 out_info->err = _("invalid port number"); 261 } 262 strbuf_release(&norm); 263 return NULL; 264 } 265 strbuf_addch(&norm, ':'); 266 port_off = norm.len; 267 strbuf_add(&norm, url, slash_ptr - url); 268 port_len = slash_ptr - url; 269 } 270 url_len -= slash_ptr - colon_ptr; 271 url = slash_ptr; 272 } 273 if (host_off) 274 host_len = norm.len - host_off - (port_len ? port_len + 1 : 0); 275 276 277 /* 278 * Now copy the path resolving any . and .. segments being careful not 279 * to corrupt the URL by unescaping any delimiters, but do add an 280 * initial '/' if it's missing and do normalize any %-escape sequences. 281 */ 282 path_off = norm.len; 283 path_start = norm.buf + path_off; 284 strbuf_addch(&norm, '/'); 285 if (*url == '/') { 286 url++; 287 url_len--; 288 } 289 for (;;) { 290 const char *seg_start; 291 size_t seg_start_off = norm.len; 292 const char *next_slash = url + strcspn(url, "/?#"); 293 int skip_add_slash = 0; 294 295 /* 296 * RFC 3689 indicates that any . or .. segments should be 297 * unescaped before being checked for. 298 */ 299 if (!append_normalized_escapes(&norm, url, next_slash - url, "", 300 URL_RESERVED)) { 301 if (out_info) { 302 out_info->url = NULL; 303 out_info->err = _("invalid %XX escape sequence"); 304 } 305 strbuf_release(&norm); 306 return NULL; 307 } 308 309 seg_start = norm.buf + seg_start_off; 310 if (!strcmp(seg_start, ".")) { 311 /* ignore a . segment; be careful not to remove initial '/' */ 312 if (seg_start == path_start + 1) { 313 strbuf_setlen(&norm, norm.len - 1); 314 skip_add_slash = 1; 315 } else { 316 strbuf_setlen(&norm, norm.len - 2); 317 } 318 } else if (!strcmp(seg_start, "..")) { 319 /* 320 * ignore a .. segment and remove the previous segment; 321 * be careful not to remove initial '/' from path 322 */ 323 const char *prev_slash = norm.buf + norm.len - 3; 324 if (prev_slash == path_start) { 325 /* invalid .. because no previous segment to remove */ 326 if (out_info) { 327 out_info->url = NULL; 328 out_info->err = _("invalid '..' path segment"); 329 } 330 strbuf_release(&norm); 331 return NULL; 332 } 333 while (*--prev_slash != '/') {} 334 if (prev_slash == path_start) { 335 strbuf_setlen(&norm, prev_slash - norm.buf + 1); 336 skip_add_slash = 1; 337 } else { 338 strbuf_setlen(&norm, prev_slash - norm.buf); 339 } 340 } 341 url_len -= next_slash - url; 342 url = next_slash; 343 /* if the next char is not '/' done with the path */ 344 if (*url != '/') 345 break; 346 url++; 347 url_len--; 348 if (!skip_add_slash) 349 strbuf_addch(&norm, '/'); 350 } 351 path_len = norm.len - path_off; 352 353 354 /* 355 * Now simply copy the rest, if any, only normalizing %-escapes and 356 * being careful not to corrupt the URL by unescaping any delimiters. 357 */ 358 if (*url) { 359 if (!append_normalized_escapes(&norm, url, url_len, "", URL_RESERVED)) { 360 if (out_info) { 361 out_info->url = NULL; 362 out_info->err = _("invalid %XX escape sequence"); 363 } 364 strbuf_release(&norm); 365 return NULL; 366 } 367 } 368 369 370 result = strbuf_detach(&norm, &result_len); 371 if (out_info) { 372 out_info->url = result; 373 out_info->err = NULL; 374 out_info->url_len = result_len; 375 out_info->scheme_len = scheme_len; 376 out_info->user_off = user_off; 377 out_info->user_len = user_len; 378 out_info->passwd_off = passwd_off; 379 out_info->passwd_len = passwd_len; 380 out_info->host_off = host_off; 381 out_info->host_len = host_len; 382 out_info->port_off = port_off; 383 out_info->port_len = port_len; 384 out_info->path_off = path_off; 385 out_info->path_len = path_len; 386 } 387 return result; 388} 389 390char *url_normalize(const char *url, struct url_info *out_info) 391{ 392 return url_normalize_1(url, out_info, 0); 393} 394 395static size_t url_match_prefix(const char *url, 396 const char *url_prefix, 397 size_t url_prefix_len) 398{ 399 /* 400 * url_prefix matches url if url_prefix is an exact match for url or it 401 * is a prefix of url and the match ends on a path component boundary. 402 * Both url and url_prefix are considered to have an implicit '/' on the 403 * end for matching purposes if they do not already. 404 * 405 * url must be NUL terminated. url_prefix_len is the length of 406 * url_prefix which need not be NUL terminated. 407 * 408 * The return value is the length of the match in characters (including 409 * the final '/' even if it's implicit) or 0 for no match. 410 * 411 * Passing NULL as url and/or url_prefix will always cause 0 to be 412 * returned without causing any faults. 413 */ 414 if (!url || !url_prefix) 415 return 0; 416 if (!url_prefix_len || (url_prefix_len == 1 && *url_prefix == '/')) 417 return (!*url || *url == '/') ? 1 : 0; 418 if (url_prefix[url_prefix_len - 1] == '/') 419 url_prefix_len--; 420 if (strncmp(url, url_prefix, url_prefix_len)) 421 return 0; 422 if ((strlen(url) == url_prefix_len) || (url[url_prefix_len] == '/')) 423 return url_prefix_len + 1; 424 return 0; 425} 426 427static int match_urls(const struct url_info *url, 428 const struct url_info *url_prefix, 429 int *exactusermatch) 430{ 431 /* 432 * url_prefix matches url if the scheme, host and port of url_prefix 433 * are the same as those of url and the path portion of url_prefix 434 * is the same as the path portion of url or it is a prefix that 435 * matches at a '/' boundary. If url_prefix contains a user name, 436 * that must also exactly match the user name in url. 437 * 438 * If the user, host, port and path match in this fashion, the returned 439 * value is the length of the path match including any implicit 440 * final '/'. For example, "http://me@example.com/path" is matched by 441 * "http://example.com" with a path length of 1. 442 * 443 * If there is a match and exactusermatch is not NULL, then 444 * *exactusermatch will be set to true if both url and url_prefix 445 * contained a user name or false if url_prefix did not have a 446 * user name. If there is no match *exactusermatch is left untouched. 447 */ 448 int usermatched = 0; 449 int pathmatchlen; 450 451 if (!url || !url_prefix || !url->url || !url_prefix->url) 452 return 0; 453 454 /* check the scheme */ 455 if (url_prefix->scheme_len != url->scheme_len || 456 strncmp(url->url, url_prefix->url, url->scheme_len)) 457 return 0; /* schemes do not match */ 458 459 /* check the user name if url_prefix has one */ 460 if (url_prefix->user_off) { 461 if (!url->user_off || url->user_len != url_prefix->user_len || 462 strncmp(url->url + url->user_off, 463 url_prefix->url + url_prefix->user_off, 464 url->user_len)) 465 return 0; /* url_prefix has a user but it's not a match */ 466 usermatched = 1; 467 } 468 469 /* check the host */ 470 if (url_prefix->host_len != url->host_len || 471 strncmp(url->url + url->host_off, 472 url_prefix->url + url_prefix->host_off, url->host_len)) 473 return 0; /* host names do not match */ 474 475 /* check the port */ 476 if (url_prefix->port_len != url->port_len || 477 strncmp(url->url + url->port_off, 478 url_prefix->url + url_prefix->port_off, url->port_len)) 479 return 0; /* ports do not match */ 480 481 /* check the path */ 482 pathmatchlen = url_match_prefix( 483 url->url + url->path_off, 484 url_prefix->url + url_prefix->path_off, 485 url_prefix->url_len - url_prefix->path_off); 486 487 if (pathmatchlen && exactusermatch) 488 *exactusermatch = usermatched; 489 return pathmatchlen; 490} 491 492int urlmatch_config_entry(const char *var, const char *value, void *cb) 493{ 494 struct string_list_item *item; 495 struct urlmatch_config *collect = cb; 496 struct urlmatch_item *matched; 497 struct url_info *url = &collect->url; 498 const char *key, *dot; 499 struct strbuf synthkey = STRBUF_INIT; 500 size_t matched_len = 0; 501 int user_matched = 0; 502 int retval; 503 504 if (!skip_prefix(var, collect->section, &key) || *(key++) != '.') { 505 if (collect->cascade_fn) 506 return collect->cascade_fn(var, value, cb); 507 return 0; /* not interested */ 508 } 509 dot = strrchr(key, '.'); 510 if (dot) { 511 char *config_url, *norm_url; 512 struct url_info norm_info; 513 514 config_url = xmemdupz(key, dot - key); 515 norm_url = url_normalize(config_url, &norm_info); 516 free(config_url); 517 if (!norm_url) 518 return 0; 519 matched_len = match_urls(url, &norm_info, &user_matched); 520 free(norm_url); 521 if (!matched_len) 522 return 0; 523 key = dot + 1; 524 } 525 526 if (collect->key && strcmp(key, collect->key)) 527 return 0; 528 529 item = string_list_insert(&collect->vars, key); 530 if (!item->util) { 531 matched = xcalloc(1, sizeof(*matched)); 532 item->util = matched; 533 } else { 534 matched = item->util; 535 /* 536 * Is our match shorter? Is our match the same 537 * length, and without user while the current 538 * candidate is with user? Then we cannot use it. 539 */ 540 if (matched_len < matched->matched_len || 541 ((matched_len == matched->matched_len) && 542 (!user_matched && matched->user_matched))) 543 return 0; 544 /* Otherwise, replace it with this one. */ 545 } 546 547 matched->matched_len = matched_len; 548 matched->user_matched = user_matched; 549 strbuf_addstr(&synthkey, collect->section); 550 strbuf_addch(&synthkey, '.'); 551 strbuf_addstr(&synthkey, key); 552 retval = collect->collect_fn(synthkey.buf, value, collect->cb); 553 554 strbuf_release(&synthkey); 555 return retval; 556}