http_lib.c 4.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177
  1. /*
  2. * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <openssl/http.h>
  10. #include <openssl/httperr.h>
  11. #include <openssl/err.h>
  12. #include <string.h>
  13. #include "internal/cryptlib.h" /* for ossl_assert() */
  14. #include "http_local.h"
  15. /*
  16. * Parse a URL and split it up into host, port and path components and
  17. * whether it indicates SSL/TLS. Return 1 on success, 0 on error.
  18. */
  19. int OSSL_HTTP_parse_url(const char *url, char **phost, char **pport,
  20. char **ppath, int *pssl)
  21. {
  22. char *p, *buf;
  23. char *host;
  24. const char *port = OSSL_HTTP_PORT;
  25. size_t https_len = strlen(OSSL_HTTPS_NAME);
  26. if (!ossl_assert(https_len >= strlen(OSSL_HTTP_NAME)))
  27. return 0;
  28. if (url == NULL) {
  29. HTTPerr(0, ERR_R_PASSED_NULL_PARAMETER);
  30. return 0;
  31. }
  32. if (phost != NULL)
  33. *phost = NULL;
  34. if (pport != NULL)
  35. *pport = NULL;
  36. if (ppath != NULL)
  37. *ppath = NULL;
  38. if (pssl != NULL)
  39. *pssl = 0;
  40. /* dup the buffer since we are going to mess with it */
  41. if ((buf = OPENSSL_strdup(url)) == NULL)
  42. goto err;
  43. /* Check for initial colon */
  44. p = strchr(buf, ':');
  45. if (p == NULL || (size_t)(p - buf) > https_len) {
  46. p = buf;
  47. } else {
  48. *(p++) = '\0';
  49. if (strcmp(buf, OSSL_HTTPS_NAME) == 0) {
  50. if (pssl != NULL)
  51. *pssl = 1;
  52. port = OSSL_HTTPS_PORT;
  53. } else if (strcmp(buf, OSSL_HTTP_NAME) != 0) {
  54. goto parse_err;
  55. }
  56. /* Check for double slash */
  57. if ((p[0] != '/') || (p[1] != '/'))
  58. goto parse_err;
  59. p += 2;
  60. }
  61. host = p;
  62. /* Check for trailing part of path */
  63. p = strchr(p, '/');
  64. if (ppath != NULL && (*ppath = OPENSSL_strdup(p == NULL ? "/" : p)) == NULL)
  65. goto err;
  66. if (p != NULL)
  67. *p = '\0'; /* Set start of path to 0 so hostname[:port] is valid */
  68. p = host;
  69. if (host[0] == '[') {
  70. /* ipv6 literal */
  71. host++;
  72. p = strchr(host, ']');
  73. if (p == NULL)
  74. goto parse_err;
  75. *p = '\0';
  76. p++;
  77. }
  78. /* Look for optional ':' for port number */
  79. if ((p = strchr(p, ':'))) {
  80. *p = '\0';
  81. port = p + 1;
  82. }
  83. if (phost != NULL && (*phost = OPENSSL_strdup(host)) == NULL)
  84. goto err;
  85. if (pport != NULL && (*pport = OPENSSL_strdup(port)) == NULL)
  86. goto err;
  87. OPENSSL_free(buf);
  88. return 1;
  89. parse_err:
  90. HTTPerr(0, HTTP_R_ERROR_PARSING_URL);
  91. err:
  92. if (ppath != NULL) {
  93. OPENSSL_free(*ppath);
  94. *ppath = NULL;
  95. }
  96. if (pport != NULL) {
  97. OPENSSL_free(*pport);
  98. *pport = NULL;
  99. }
  100. if (phost != NULL) {
  101. OPENSSL_free(*phost);
  102. *phost = NULL;
  103. }
  104. OPENSSL_free(buf);
  105. return 0;
  106. }
  107. int http_use_proxy(const char *no_proxy, const char *server)
  108. {
  109. size_t sl;
  110. const char *found = NULL;
  111. if (!ossl_assert(server != NULL))
  112. return 0;
  113. sl = strlen(server);
  114. /*
  115. * using environment variable names, both lowercase and uppercase variants,
  116. * compatible with other HTTP client implementations like wget, curl and git
  117. */
  118. if (no_proxy == NULL)
  119. no_proxy = getenv("no_proxy");
  120. if (no_proxy == NULL)
  121. no_proxy = getenv(OPENSSL_NO_PROXY);
  122. if (no_proxy != NULL)
  123. found = strstr(no_proxy, server);
  124. while (found != NULL
  125. && ((found != no_proxy && found[-1] != ' ' && found[-1] != ',')
  126. || (found[sl] != '\0' && found[sl] != ' ' && found[sl] != ',')))
  127. found = strstr(found + 1, server);
  128. return found == NULL;
  129. }
  130. const char *http_adapt_proxy(const char *proxy, const char *no_proxy,
  131. const char *server, int use_ssl)
  132. {
  133. const int http_len = strlen(OSSL_HTTP_PREFIX);
  134. const int https_len = strlen(OSSL_HTTPS_PREFIX);
  135. /*
  136. * using environment variable names, both lowercase and uppercase variants,
  137. * compatible with other HTTP client implementations like wget, curl and git
  138. */
  139. if (proxy == NULL)
  140. proxy = getenv(use_ssl ? "https_proxy" : "http_proxy");
  141. if (proxy == NULL)
  142. proxy = getenv(use_ssl ? OPENSSL_HTTP_PROXY :
  143. OPENSSL_HTTPS_PROXY);
  144. if (proxy == NULL)
  145. return NULL;
  146. /* skip any leading "http://" or "https://" */
  147. if (strncmp(proxy, OSSL_HTTP_PREFIX, http_len) == 0)
  148. proxy += http_len;
  149. else if (strncmp(proxy, OSSL_HTTPS_PREFIX, https_len) == 0)
  150. proxy += https_len;
  151. if (*proxy == '\0' || !http_use_proxy(no_proxy, server))
  152. return NULL;
  153. return proxy;
  154. }