1 const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.2 2002/01/21 00:14:09 jongfoster Exp $";
2 /*********************************************************************
4 * File : $Source: /cvsroot/ijbswa/current/urlmatch.c,v $
6 * Purpose : Declares functions to match URLs against URL
9 * Copyright : Written by and Copyright (C) 2001 the SourceForge
10 * IJBSWA team. http://ijbswa.sourceforge.net
12 * Based on the Internet Junkbuster originally written
13 * by and Copyright (C) 1997 Anonymous Coders and
14 * Junkbusters Corporation. http://www.junkbusters.com
16 * This program is free software; you can redistribute it
17 * and/or modify it under the terms of the GNU General
18 * Public License as published by the Free Software
19 * Foundation; either version 2 of the License, or (at
20 * your option) any later version.
22 * This program is distributed in the hope that it will
23 * be useful, but WITHOUT ANY WARRANTY; without even the
24 * implied warranty of MERCHANTABILITY or FITNESS FOR A
25 * PARTICULAR PURPOSE. See the GNU General Public
26 * License for more details.
28 * The GNU General Public License should be included with
29 * this file. If not, you can view it at
30 * http://www.gnu.org/copyleft/gpl.html
31 * or write to the Free Software Foundation, Inc., 59
32 * Temple Place - Suite 330, Boston, MA 02111-1307, USA.
35 * $Log: urlmatch.c,v $
36 * Revision 1.2 2002/01/21 00:14:09 jongfoster
37 * Correcting comment style
38 * Fixing an uninitialized memory bug in create_url_spec()
40 * Revision 1.1 2002/01/17 20:53:46 jongfoster
41 * Moving all our URL and URL pattern parsing code to the same file - it
42 * was scattered around in filters.c, loaders.c and parsers.c.
44 * Providing a single, simple url_match(pattern,url) function - rather than
45 * the 3-line match routine which was repeated all over the place.
47 * Renaming free_url to free_url_spec, since it frees a struct url_spec.
49 * Providing parse_http_url() so that URLs can be parsed without faking a
50 * HTTP request line for parse_http_request() or repeating the parsing
51 * code (both of which were techniques that were actually in use).
53 * Standardizing that struct http_request is used to represent a URL, and
54 * struct url_spec is used to represent a URL pattern. (Before, URLs were
55 * represented as seperate variables and a partially-filled-in url_spec).
58 *********************************************************************/
65 #include <sys/types.h>
73 #if !defined(_WIN32) && !defined(__OS2__)
83 const char urlmatch_h_rcs[] = URLMATCH_H_VERSION;
85 /* Fix a problem with Solaris. There should be no effect on other
87 * Solaris's isspace() is a macro which uses it's argument directly
88 * as an array index. Therefore we need to make sure that high-bit
89 * characters generate +ve values, and ideally we also want to make
90 * the argument match the declared parameter type of "int".
92 * Why did they write a character function that can't take a simple
93 * "char" argument? Doh!
95 #define ijb_isupper(__X) isupper((int)(unsigned char)(__X))
96 #define ijb_tolower(__X) tolower((int)(unsigned char)(__X))
99 /*********************************************************************
101 * Function : free_http_request
103 * Description : Freez a http_request structure
106 * 1 : http = points to a http_request structure to free
110 *********************************************************************/
111 void free_http_request(struct http_request *http)
120 freez(http->hostport);
123 freez(http->host_ip_addr_str);
124 freez(http->dbuffer);
130 /*********************************************************************
132 * Function : parse_http_url
134 * Description : Parse out the host and port from the URL. Find the
135 * hostname & path, port (if ':'), and/or password (if '@')
138 * 1 : url = URL (or is it URI?) to break down
139 * 2 : http = pointer to the http structure to hold elements.
140 * Will be zeroed before use. Note that this
141 * function sets the http->gpc and http->ver
143 * 3 : csp = Current client state (buffers, headers, etc...)
145 * Returns : JB_ERR_OK on success
146 * JB_ERR_MEMORY on out of memory
147 * JB_ERR_CGI_PARAMS on malformed command/URL
148 * or >100 domains deep.
150 *********************************************************************/
151 jb_err parse_http_url(const char * url,
152 struct http_request *http,
153 struct client_state *csp)
156 * Zero out the results structure
158 memset(http, '\0', sizeof(*http));
162 * Save our initial URL
164 http->url = strdup(url);
165 if (http->url == NULL)
167 return JB_ERR_MEMORY;
172 * Split URL into protocol,hostport,path.
182 return JB_ERR_MEMORY;
185 /* Find the start of the URL in our scratch space */
187 if (strncmpic(url_noproto, "http://", 7) == 0)
192 else if (strncmpic(url_noproto, "https://", 8) == 0)
202 url_path = strchr(url_noproto, '/');
203 if (url_path != NULL)
208 * NOTE: The following line ignores the path for HTTPS URLS.
209 * This means that you get consistent behaviour if you type a
210 * https URL in and it's parsed by the function. (When the
211 * URL is actually retrieved, SSL hides the path part).
213 http->path = strdup(http->ssl ? "/" : url_path);
215 http->hostport = strdup(url_noproto);
220 * Repair broken HTTP requests that don't contain a path,
221 * or CONNECT requests
223 http->path = strdup("/");
224 http->hostport = strdup(url_noproto);
229 if ( (http->path == NULL)
230 || (http->hostport == NULL))
233 free_http_request(http);
234 return JB_ERR_MEMORY;
240 * Split hostport into user/password (ignored), host, port.
247 buf = strdup(http->hostport);
250 free_http_request(http);
251 return JB_ERR_MEMORY;
254 /* check if url contains username and/or password */
255 host = strchr(buf, '@');
258 /* Contains username/password, skip it and the @ sign. */
263 /* No username or password. */
267 /* check if url contains port */
268 port = strchr(host, ':');
272 /* Terminate hostname and point to start of port string */
274 http->port = atoi(port);
278 /* No port specified. */
279 http->port = (http->ssl ? 143 : 80);
282 http->host = strdup(host);
286 if (http->host == NULL)
288 free_http_request(http);
289 return JB_ERR_MEMORY;
295 * Split domain name so we can compare it against wildcards
298 char *vec[BUFFER_SIZE];
302 http->dbuffer = strdup(http->host);
303 if (NULL == http->dbuffer)
305 free_http_request(http);
306 return JB_ERR_MEMORY;
309 /* map to lower case */
310 for (p = http->dbuffer; *p ; p++)
312 *p = tolower((int)(unsigned char)*p);
315 /* split the domain name into components */
316 http->dcount = ssplit(http->dbuffer, ".", vec, SZ(vec), 1, 1);
318 if (http->dcount <= 0)
321 * Error: More than SZ(vec) components in domain
322 * or: no components in domain
324 free_http_request(http);
328 /* save a copy of the pointers in dvec */
329 size = http->dcount * sizeof(*http->dvec);
331 http->dvec = (char **)malloc(size);
332 if (NULL == http->dvec)
334 free_http_request(http);
335 return JB_ERR_MEMORY;
338 memcpy(http->dvec, vec, size);
346 /*********************************************************************
348 * Function : parse_http_request
350 * Description : Parse out the host and port from the URL. Find the
351 * hostname & path, port (if ':'), and/or password (if '@')
354 * 1 : req = HTTP request line to break down
355 * 2 : http = pointer to the http structure to hold elements
356 * 3 : csp = Current client state (buffers, headers, etc...)
358 * Returns : JB_ERR_OK on success
359 * JB_ERR_MEMORY on out of memory
360 * JB_ERR_CGI_PARAMS on malformed command/URL
361 * or >100 domains deep.
363 *********************************************************************/
364 jb_err parse_http_request(const char *req,
365 struct http_request *http,
366 struct client_state *csp)
374 memset(http, '\0', sizeof(*http));
379 return JB_ERR_MEMORY;
382 n = ssplit(buf, " \r\n", v, SZ(v), 1, 1);
389 /* this could be a CONNECT request */
390 if (strcmpic(v[0], "connect") == 0)
395 /* or it could be any other basic HTTP request type */
396 else if ((0 == strcmpic(v[0], "get"))
397 || (0 == strcmpic(v[0], "head"))
398 || (0 == strcmpic(v[0], "post"))
399 || (0 == strcmpic(v[0], "put"))
400 || (0 == strcmpic(v[0], "delete"))
402 /* or a webDAV extension (RFC2518) */
403 || (0 == strcmpic(v[0], "propfind"))
404 || (0 == strcmpic(v[0], "proppatch"))
405 || (0 == strcmpic(v[0], "move"))
406 || (0 == strcmpic(v[0], "copy"))
407 || (0 == strcmpic(v[0], "mkcol"))
408 || (0 == strcmpic(v[0], "lock"))
409 || (0 == strcmpic(v[0], "unlock"))
417 /* Unknown HTTP method */
422 err = parse_http_url(v[1], http, csp);
430 * Copy the details into the structure
432 http->ssl = is_connect;
433 http->cmd = strdup(req);
434 http->gpc = strdup(v[0]);
435 http->ver = strdup(v[2]);
437 if ( (http->cmd == NULL)
438 || (http->gpc == NULL)
439 || (http->ver == NULL) )
442 free_http_request(http);
443 return JB_ERR_MEMORY;
450 /*********************************************************************
452 * Function : simple_domaincmp
454 * Description : Domain-wise Compare fqdn's. The comparison is
455 * both left- and right-anchored. The individual
456 * domain names are compared with simplematch().
457 * This is only used by domain_match.
460 * 1 : pv = array of patterns to compare
461 * 2 : fv = array of domain components to compare
462 * 3 : len = length of the arrays (both arrays are the
463 * same length - if they weren't, it couldn't
464 * possibly be a match).
466 * Returns : 0 => domains are equivalent, else no match.
468 *********************************************************************/
469 static int simple_domaincmp(char **pv, char **fv, int len)
473 for (n = 0; n < len; n++)
475 if (simplematch(pv[n], fv[n]))
486 /*********************************************************************
488 * Function : domain_match
490 * Description : Domain-wise Compare fqdn's. Governed by the bimap in
491 * pattern->unachored, the comparison is un-, left-,
492 * right-anchored, or both.
493 * The individual domain names are compared with
497 * 1 : pattern = a domain that may contain a '*' as a wildcard.
498 * 2 : fqdn = domain name against which the patterns are compared.
500 * Returns : 0 => domains are equivalent, else no match.
502 *********************************************************************/
503 static int domain_match(const struct url_spec *pattern, const struct http_request *fqdn)
505 char **pv, **fv; /* vectors */
507 int unanchored = pattern->unanchored & (ANCHOR_RIGHT | ANCHOR_LEFT);
509 plen = pattern->dcount;
514 /* fqdn is too short to match this pattern */
521 if (unanchored == ANCHOR_LEFT)
526 * Convert this into a fully anchored pattern with
527 * the fqdn and pattern the same length
529 fv += (flen - plen); /* flen - plen >= 0 due to check above */
530 return simple_domaincmp(pv, fv, plen);
532 else if (unanchored == 0)
534 /* Fully anchored, check length */
539 return simple_domaincmp(pv, fv, plen);
541 else if (unanchored == ANCHOR_RIGHT)
543 /* Left anchored, ignore all extra in fqdn */
544 return simple_domaincmp(pv, fv, plen);
550 int maxn = flen - plen;
551 for (n = 0; n <= maxn; n++)
553 if (!simple_domaincmp(pv, fv, plen))
558 * Doesn't match from start of fqdn
559 * Try skipping first part of fqdn
569 /*********************************************************************
571 * Function : create_url_spec
573 * Description : Creates a "url_spec" structure from a string.
574 * When finished, free with unload_url().
577 * 1 : url = Target url_spec to be filled in. Will be
579 * 2 : buf = Source pattern, null terminated. NOTE: The
580 * contents of this buffer are destroyed by this
581 * function. If this function succeeds, the
582 * buffer is copied to url->spec. If this
583 * function fails, the contents of the buffer
586 * Returns : JB_ERR_OK - Success
587 * JB_ERR_MEMORY - Out of memory
588 * JB_ERR_PARSE - Cannot parse regex (Detailed message
589 * written to system log)
591 *********************************************************************/
592 jb_err create_url_spec(struct url_spec * url, const char * buf)
600 memset(url, '\0', sizeof(*url));
602 /* save a copy of the orignal specification */
603 if ((url->spec = strdup(buf)) == NULL)
605 return JB_ERR_MEMORY;
608 if ((p = strchr(buf, '/')))
610 if (NULL == (url->path = strdup(p)))
613 return JB_ERR_MEMORY;
615 url->pathlen = strlen(url->path);
627 char rebuf[BUFFER_SIZE];
629 if (NULL == (url->preg = zalloc(sizeof(*url->preg))))
633 return JB_ERR_MEMORY;
636 sprintf(rebuf, "^(%s)", url->path);
638 errcode = regcomp(url->preg, rebuf,
639 (REG_EXTENDED|REG_NOSUB|REG_ICASE));
642 size_t errlen = regerror(errcode,
643 url->preg, rebuf, sizeof(rebuf));
645 if (errlen > (sizeof(rebuf) - (size_t)1))
647 errlen = sizeof(rebuf) - (size_t)1;
649 rebuf[errlen] = '\0';
651 log_error(LOG_LEVEL_ERROR, "error compiling %s: %s",
662 if ((p = strchr(buf, ':')) == NULL)
677 /* Parse domain part */
678 if (buf[strlen(buf) - 1] == '.')
680 url->unanchored |= ANCHOR_RIGHT;
684 url->unanchored |= ANCHOR_LEFT;
687 /* split domain into components */
689 url->dbuffer = strdup(buf);
690 if (NULL == url->dbuffer)
696 #endif /* def REGEX */
697 return JB_ERR_MEMORY;
700 /* map to lower case */
701 for (p = url->dbuffer; *p ; p++)
703 *p = tolower((int)(unsigned char)*p);
706 /* split the domain name into components */
707 url->dcount = ssplit(url->dbuffer, ".", v, SZ(v), 1, 1);
715 #endif /* def REGEX */
718 return JB_ERR_MEMORY;
720 else if (url->dcount != 0)
723 /* save a copy of the pointers in dvec */
724 size = url->dcount * sizeof(*url->dvec);
726 url->dvec = (char **)malloc(size);
727 if (NULL == url->dvec)
733 #endif /* def REGEX */
736 return JB_ERR_MEMORY;
739 memcpy(url->dvec, v, size);
748 /*********************************************************************
750 * Function : free_url_spec
752 * Description : Called from the "unloaders". Freez the url
753 * structure elements.
756 * 1 : url = pointer to a url_spec structure.
760 *********************************************************************/
761 void free_url_spec(struct url_spec *url)
763 if (url == NULL) return;
780 /*********************************************************************
782 * Function : url_match
784 * Description : Compare a URL against a URL pattern.
787 * 1 : pattern = a URL pattern
788 * 2 : url = URL to match
790 * Returns : 0 iff the URL matches the pattern, else nonzero.
792 *********************************************************************/
793 int url_match(const struct url_spec *pattern,
794 const struct http_request *url)
796 return ((pattern->port == 0) || (pattern->port == url->port))
797 && ((pattern->dbuffer == NULL) || (domain_match(pattern, url) == 0))
798 && ((pattern->path == NULL) ||
800 (regexec(pattern->preg, url->path, 0, NULL, 0) == 0)
802 (strncmp(pattern->path, url->path, pattern->pathlen) == 0)