2009-10-11 14:31:42 +00:00
|
|
|
#include "request.h"
|
|
|
|
|
#include "keyvalue.h"
|
|
|
|
|
#include "log.h"
|
|
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
#include <sys/stat.h>
|
|
|
|
|
|
|
|
|
|
#include <limits.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <ctype.h>
|
|
|
|
|
|
|
|
|
|
static int request_check_hostname(server *srv, connection *con, buffer *host) {
|
|
|
|
|
enum { DOMAINLABEL, TOPLABEL } stage = TOPLABEL;
|
|
|
|
|
size_t i;
|
|
|
|
|
int label_len = 0;
|
|
|
|
|
size_t host_len;
|
|
|
|
|
char *colon;
|
2006-10-04 13:26:23 +00:00
|
|
|
int is_ip = -1; /* -1 don't know yet, 0 no, 1 yes */
|
2005-02-20 14:27:00 +00:00
|
|
|
int level = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
UNUSED(srv);
|
|
|
|
|
UNUSED(con);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* hostport = host [ ":" port ]
|
|
|
|
|
* host = hostname | IPv4address | IPv6address
|
|
|
|
|
* hostname = *( domainlabel "." ) toplabel [ "." ]
|
|
|
|
|
* domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum
|
|
|
|
|
* toplabel = alpha | alpha *( alphanum | "-" ) alphanum
|
|
|
|
|
* IPv4address = 1*digit "." 1*digit "." 1*digit "." 1*digit
|
|
|
|
|
* IPv6address = "[" ... "]"
|
|
|
|
|
* port = *digit
|
|
|
|
|
*/
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* no Host: */
|
|
|
|
|
if (!host || host->used == 0) return 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
host_len = host->used - 1;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* IPv6 adress */
|
|
|
|
|
if (host->ptr[0] == '[') {
|
|
|
|
|
char *c = host->ptr + 1;
|
|
|
|
|
int colon_cnt = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2014-03-12 12:03:55 +00:00
|
|
|
/* check the address inside [...] */
|
2005-02-20 14:27:00 +00:00
|
|
|
for (; *c && *c != ']'; c++) {
|
|
|
|
|
if (*c == ':') {
|
|
|
|
|
if (++colon_cnt > 7) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2011-11-30 20:46:49 +00:00
|
|
|
} else if (!light_isxdigit(*c) && '.' != *c) {
|
2005-02-20 14:27:00 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* missing ] */
|
|
|
|
|
if (!*c) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* check port */
|
|
|
|
|
if (*(c+1) == ':') {
|
|
|
|
|
for (c += 2; *c; c++) {
|
|
|
|
|
if (!light_isdigit(*c)) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-03-12 12:03:55 +00:00
|
|
|
else if ('\0' != *(c+1)) {
|
|
|
|
|
/* only a port is allowed to follow [...] */
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2005-02-20 14:27:00 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
if (NULL != (colon = memchr(host->ptr, ':', host_len))) {
|
|
|
|
|
char *c = colon + 1;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* check portnumber */
|
|
|
|
|
for (; *c; c++) {
|
|
|
|
|
if (!light_isdigit(*c)) return -1;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* remove the port from the host-len */
|
|
|
|
|
host_len = colon - host->ptr;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* Host is empty */
|
|
|
|
|
if (host_len == 0) return -1;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2006-11-10 17:37:19 +00:00
|
|
|
/* if the hostname ends in a "." strip it */
|
2009-04-09 16:51:36 +00:00
|
|
|
if (host->ptr[host_len-1] == '.') {
|
|
|
|
|
/* shift port info one left */
|
|
|
|
|
if (NULL != colon) memmove(colon-1, colon, host->used - host_len);
|
|
|
|
|
else host->ptr[host_len-1] = '\0';
|
|
|
|
|
host_len -= 1;
|
|
|
|
|
host->used -= 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (host_len == 0) return -1;
|
2006-11-10 17:37:19 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* scan from the right and skip the \0 */
|
2009-04-09 16:51:36 +00:00
|
|
|
for (i = host_len; i-- > 0; ) {
|
2005-02-28 08:40:00 +00:00
|
|
|
const char c = host->ptr[i];
|
2005-02-20 14:27:00 +00:00
|
|
|
|
|
|
|
|
switch (stage) {
|
2006-10-04 13:26:23 +00:00
|
|
|
case TOPLABEL:
|
2005-02-20 14:27:00 +00:00
|
|
|
if (c == '.') {
|
|
|
|
|
/* only switch stage, if this is not the last character */
|
|
|
|
|
if (i != host_len - 1) {
|
|
|
|
|
if (label_len == 0) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* check the first character at right of the dot */
|
|
|
|
|
if (is_ip == 0) {
|
2009-07-14 12:57:27 +00:00
|
|
|
if (!light_isalnum(host->ptr[i+1])) {
|
2006-10-04 13:26:23 +00:00
|
|
|
return -1;
|
2005-02-20 14:27:00 +00:00
|
|
|
}
|
|
|
|
|
} else if (!light_isdigit(host->ptr[i+1])) {
|
|
|
|
|
is_ip = 0;
|
|
|
|
|
} else if ('-' == host->ptr[i+1]) {
|
|
|
|
|
return -1;
|
|
|
|
|
} else {
|
|
|
|
|
/* just digits */
|
|
|
|
|
is_ip = 1;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
stage = DOMAINLABEL;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
label_len = 0;
|
|
|
|
|
level++;
|
|
|
|
|
} else if (i == 0) {
|
|
|
|
|
/* just a dot and nothing else is evil */
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
} else if (i == 0) {
|
|
|
|
|
/* the first character of the hostname */
|
2009-07-14 12:57:27 +00:00
|
|
|
if (!light_isalnum(c)) {
|
2005-02-20 14:27:00 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
label_len++;
|
|
|
|
|
} else {
|
|
|
|
|
if (c != '-' && !light_isalnum(c)) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if (is_ip == -1) {
|
|
|
|
|
if (!light_isdigit(c)) is_ip = 0;
|
|
|
|
|
}
|
|
|
|
|
label_len++;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
break;
|
|
|
|
|
case DOMAINLABEL:
|
|
|
|
|
if (is_ip == 1) {
|
|
|
|
|
if (c == '.') {
|
|
|
|
|
if (label_len == 0) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
label_len = 0;
|
|
|
|
|
level++;
|
|
|
|
|
} else if (!light_isdigit(c)) {
|
|
|
|
|
return -1;
|
|
|
|
|
} else {
|
|
|
|
|
label_len++;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (c == '.') {
|
|
|
|
|
if (label_len == 0) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* c is either - or alphanum here */
|
|
|
|
|
if ('-' == host->ptr[i+1]) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
label_len = 0;
|
|
|
|
|
level++;
|
|
|
|
|
} else if (i == 0) {
|
|
|
|
|
if (!light_isalnum(c)) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
label_len++;
|
|
|
|
|
} else {
|
|
|
|
|
if (c != '-' && !light_isalnum(c)) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
label_len++;
|
|
|
|
|
}
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* a IP has to consist of 4 parts */
|
|
|
|
|
if (is_ip == 1 && level != 3) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
if (label_len == 0) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#if 0
|
|
|
|
|
#define DUMP_HEADER
|
|
|
|
|
#endif
|
|
|
|
|
|
2009-03-07 21:05:37 +00:00
|
|
|
static int http_request_split_value(array *vals, buffer *b) {
|
2005-02-20 14:27:00 +00:00
|
|
|
size_t i;
|
|
|
|
|
int state = 0;
|
2012-11-21 12:01:44 +00:00
|
|
|
|
|
|
|
|
const char *current;
|
|
|
|
|
const char *token_start = NULL, *token_end = NULL;
|
2006-10-04 13:26:23 +00:00
|
|
|
/*
|
|
|
|
|
* parse
|
|
|
|
|
*
|
2005-02-20 14:27:00 +00:00
|
|
|
* val1, val2, val3, val4
|
2006-10-04 13:26:23 +00:00
|
|
|
*
|
2005-02-20 14:27:00 +00:00
|
|
|
* into a array (more or less a explode() incl. striping of whitespaces
|
|
|
|
|
*/
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
if (b->used == 0) return 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2012-11-21 12:01:44 +00:00
|
|
|
current = b->ptr;
|
|
|
|
|
for (i = 0; i < b->used; ++i, ++current) {
|
2005-02-20 14:27:00 +00:00
|
|
|
data_string *ds;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
switch (state) {
|
2012-11-21 12:01:44 +00:00
|
|
|
case 0: /* find start of a token */
|
|
|
|
|
switch (*current) {
|
|
|
|
|
case ' ':
|
|
|
|
|
case '\t': /* skip white space */
|
|
|
|
|
case ',': /* skip empty token */
|
|
|
|
|
break;
|
|
|
|
|
case '\0': /* end of string */
|
|
|
|
|
return 0;
|
|
|
|
|
default:
|
|
|
|
|
/* found real data, switch to state 1 to find the end of the token */
|
|
|
|
|
token_start = token_end = current;
|
|
|
|
|
state = 1;
|
|
|
|
|
break;
|
2005-02-20 14:27:00 +00:00
|
|
|
}
|
2012-11-21 12:01:44 +00:00
|
|
|
break;
|
|
|
|
|
case 1: /* find end of token and last non white space character */
|
|
|
|
|
switch (*current) {
|
|
|
|
|
case ' ':
|
|
|
|
|
case '\t':
|
|
|
|
|
/* space - don't update token_end */
|
|
|
|
|
break;
|
|
|
|
|
case ',':
|
|
|
|
|
case '\0': /* end of string also marks the end of a token */
|
|
|
|
|
if (NULL == (ds = (data_string *)array_get_unused_element(vals, TYPE_STRING))) {
|
|
|
|
|
ds = data_string_init();
|
|
|
|
|
}
|
2005-02-20 14:27:00 +00:00
|
|
|
|
2012-11-21 12:01:44 +00:00
|
|
|
buffer_copy_string_len(ds->value, token_start, token_end-token_start+1);
|
|
|
|
|
array_insert_unique(vals, (data_unset *)ds);
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
state = 0;
|
2012-11-21 12:01:44 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
/* no white space, update token_end to include current character */
|
|
|
|
|
token_end = current;
|
|
|
|
|
break;
|
2005-02-20 14:27:00 +00:00
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2012-11-21 12:01:44 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2009-03-07 21:05:37 +00:00
|
|
|
static int request_uri_is_valid_char(unsigned char c) {
|
2005-07-09 20:17:40 +00:00
|
|
|
if (c <= 32) return 0;
|
|
|
|
|
if (c == 127) return 0;
|
|
|
|
|
if (c == 255) return 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-07-09 20:17:40 +00:00
|
|
|
return 1;
|
2005-02-20 14:27:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int http_request_parse(server *srv, connection *con) {
|
|
|
|
|
char *uri = NULL, *proto = NULL, *method = NULL, con_length_set;
|
|
|
|
|
int is_key = 1, key_len = 0, is_ws_after_key = 0, in_folding;
|
|
|
|
|
char *value = NULL, *key = NULL;
|
2009-10-11 18:31:25 +00:00
|
|
|
char *reqline_host = NULL;
|
|
|
|
|
int reqline_hostlen = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
enum { HTTP_CONNECTION_UNSET, HTTP_CONNECTION_KEEPALIVE, HTTP_CONNECTION_CLOSE } keep_alive_set = HTTP_CONNECTION_UNSET;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
int line = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
int request_line_stage = 0;
|
|
|
|
|
size_t i, first;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
int done = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Request: "^(GET|POST|HEAD) ([^ ]+(\\?[^ ]+|)) (HTTP/1\\.[01])$"
|
|
|
|
|
* Option : "^([-a-zA-Z]+): (.+)$"
|
2005-02-20 14:27:00 +00:00
|
|
|
* End : "^$"
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
if (con->conf.log_request_header) {
|
2006-10-04 13:26:23 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sdsdSb",
|
|
|
|
|
"fd:", con->fd,
|
|
|
|
|
"request-len:", con->request.request->used,
|
2005-02-20 14:27:00 +00:00
|
|
|
"\n", con->request.request);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (con->request_count > 1 &&
|
|
|
|
|
con->request.request->ptr[0] == '\r' &&
|
|
|
|
|
con->request.request->ptr[1] == '\n') {
|
|
|
|
|
/* we are in keep-alive and might get \r\n after a previous POST request.*/
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
buffer_copy_string_len(con->parse_request, con->request.request->ptr + 2, con->request.request->used - 1 - 2);
|
|
|
|
|
} else {
|
|
|
|
|
/* fill the local request buffer */
|
2015-02-08 12:37:10 +00:00
|
|
|
buffer_copy_buffer(con->parse_request, con->request.request);
|
2005-02-20 14:27:00 +00:00
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
keep_alive_set = 0;
|
|
|
|
|
con_length_set = 0;
|
|
|
|
|
|
|
|
|
|
/* parse the first line of the request
|
|
|
|
|
*
|
|
|
|
|
* should be:
|
|
|
|
|
*
|
|
|
|
|
* <method> <uri> <protocol>\r\n
|
|
|
|
|
* */
|
|
|
|
|
for (i = 0, first = 0; i < con->parse_request->used && line == 0; i++) {
|
|
|
|
|
char *cur = con->parse_request->ptr + i;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
switch(*cur) {
|
2006-10-04 13:26:23 +00:00
|
|
|
case '\r':
|
2005-02-20 14:27:00 +00:00
|
|
|
if (con->parse_request->ptr[i+1] == '\n') {
|
|
|
|
|
http_method_t r;
|
|
|
|
|
char *nuri = NULL;
|
|
|
|
|
size_t j;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* \r\n -> \0\0 */
|
|
|
|
|
con->parse_request->ptr[i] = '\0';
|
|
|
|
|
con->parse_request->ptr[i+1] = '\0';
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
buffer_copy_string_len(con->request.request_line, con->parse_request->ptr, i);
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
if (request_line_stage != 2) {
|
|
|
|
|
con->http_status = 400;
|
|
|
|
|
con->response.keep_alive = 0;
|
|
|
|
|
con->keep_alive = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
2006-02-02 11:51:10 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "s", "incomplete request line -> 400");
|
2005-02-20 14:27:00 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
proto = con->parse_request->ptr + first;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
*(uri - 1) = '\0';
|
|
|
|
|
*(proto - 1) = '\0';
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* we got the first one :) */
|
2013-06-29 10:53:22 +00:00
|
|
|
if (HTTP_METHOD_UNSET == (r = get_http_method_key(method))) {
|
2005-02-20 14:27:00 +00:00
|
|
|
con->http_status = 501;
|
|
|
|
|
con->response.keep_alive = 0;
|
|
|
|
|
con->keep_alive = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
2006-02-02 11:51:10 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "s", "unknown http-method -> 501");
|
2006-02-01 11:33:54 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
con->request.http_method = r;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
|
|
|
|
/*
|
2006-03-04 17:10:47 +00:00
|
|
|
* RFC2616 says:
|
|
|
|
|
*
|
|
|
|
|
* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT
|
|
|
|
|
*
|
2006-10-04 13:26:23 +00:00
|
|
|
* */
|
2006-03-04 17:10:47 +00:00
|
|
|
if (0 == strncmp(proto, "HTTP/", sizeof("HTTP/") - 1)) {
|
|
|
|
|
char * major = proto + sizeof("HTTP/") - 1;
|
|
|
|
|
char * minor = strchr(major, '.');
|
|
|
|
|
char *err = NULL;
|
|
|
|
|
int major_num = 0, minor_num = 0;
|
|
|
|
|
|
|
|
|
|
int invalid_version = 0;
|
|
|
|
|
|
|
|
|
|
if (NULL == minor || /* no dot */
|
|
|
|
|
minor == major || /* no major */
|
|
|
|
|
*(minor + 1) == '\0' /* no minor */) {
|
|
|
|
|
invalid_version = 1;
|
|
|
|
|
} else {
|
|
|
|
|
*minor = '\0';
|
|
|
|
|
major_num = strtol(major, &err, 10);
|
|
|
|
|
|
|
|
|
|
if (*err != '\0') invalid_version = 1;
|
|
|
|
|
|
|
|
|
|
*minor++ = '.';
|
|
|
|
|
minor_num = strtol(minor, &err, 10);
|
|
|
|
|
|
|
|
|
|
if (*err != '\0') invalid_version = 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (invalid_version) {
|
|
|
|
|
con->http_status = 400;
|
|
|
|
|
con->keep_alive = 0;
|
|
|
|
|
|
|
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "s", "unknown protocol -> 400");
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (major_num == 1 && minor_num == 1) {
|
2005-02-20 14:27:00 +00:00
|
|
|
con->request.http_version = con->conf.allow_http11 ? HTTP_VERSION_1_1 : HTTP_VERSION_1_0;
|
2006-03-04 17:10:47 +00:00
|
|
|
} else if (major_num == 1 && minor_num == 0) {
|
2005-02-20 14:27:00 +00:00
|
|
|
con->request.http_version = HTTP_VERSION_1_0;
|
2006-10-04 13:26:23 +00:00
|
|
|
} else {
|
2005-02-20 14:27:00 +00:00
|
|
|
con->http_status = 505;
|
|
|
|
|
|
|
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
2006-02-02 11:51:10 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "s", "unknown HTTP version -> 505");
|
2005-02-20 14:27:00 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
con->http_status = 400;
|
|
|
|
|
con->keep_alive = 0;
|
|
|
|
|
|
|
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
2006-02-02 11:51:10 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "s", "unknown protocol -> 400");
|
2006-02-01 11:33:54 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
2005-02-20 14:27:00 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
if (0 == strncmp(uri, "http://", 7) &&
|
|
|
|
|
NULL != (nuri = strchr(uri + 7, '/'))) {
|
2009-10-11 18:31:25 +00:00
|
|
|
reqline_host = uri + 7;
|
|
|
|
|
reqline_hostlen = nuri - reqline_host;
|
|
|
|
|
|
|
|
|
|
buffer_copy_string_len(con->request.uri, nuri, proto - nuri - 1);
|
|
|
|
|
} else if (0 == strncmp(uri, "https://", 8) &&
|
|
|
|
|
NULL != (nuri = strchr(uri + 8, '/'))) {
|
|
|
|
|
reqline_host = uri + 8;
|
|
|
|
|
reqline_hostlen = nuri - reqline_host;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
buffer_copy_string_len(con->request.uri, nuri, proto - nuri - 1);
|
|
|
|
|
} else {
|
|
|
|
|
/* everything looks good so far */
|
|
|
|
|
buffer_copy_string_len(con->request.uri, uri, proto - uri - 1);
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* check uri for invalid characters */
|
|
|
|
|
for (j = 0; j < con->request.uri->used - 1; j++) {
|
|
|
|
|
if (!request_uri_is_valid_char(con->request.uri->ptr[j])) {
|
2005-06-12 09:26:19 +00:00
|
|
|
unsigned char buf[2];
|
2005-02-20 14:27:00 +00:00
|
|
|
con->http_status = 400;
|
|
|
|
|
con->keep_alive = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2006-02-02 11:51:10 +00:00
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
|
|
|
|
buf[0] = con->request.uri->ptr[j];
|
|
|
|
|
buf[1] = '\0';
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2006-02-02 11:51:10 +00:00
|
|
|
if (con->request.uri->ptr[j] > 32 &&
|
2006-10-04 13:26:23 +00:00
|
|
|
con->request.uri->ptr[j] != 127) {
|
2006-02-02 11:51:10 +00:00
|
|
|
/* the character is printable -> print it */
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "ss",
|
|
|
|
|
"invalid character in URI -> 400",
|
|
|
|
|
buf);
|
|
|
|
|
} else {
|
|
|
|
|
/* a control-character, print ascii-code */
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sd",
|
|
|
|
|
"invalid character in URI -> 400",
|
|
|
|
|
con->request.uri->ptr[j]);
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2015-02-08 12:37:10 +00:00
|
|
|
buffer_copy_buffer(con->request.orig_uri, con->request.uri);
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
con->http_status = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
i++;
|
|
|
|
|
line++;
|
|
|
|
|
first = i+1;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case ' ':
|
|
|
|
|
switch(request_line_stage) {
|
2006-10-04 13:26:23 +00:00
|
|
|
case 0:
|
2005-02-20 14:27:00 +00:00
|
|
|
/* GET|POST|... */
|
2006-10-04 13:26:23 +00:00
|
|
|
method = con->parse_request->ptr + first;
|
2005-02-20 14:27:00 +00:00
|
|
|
first = i + 1;
|
|
|
|
|
break;
|
|
|
|
|
case 1:
|
|
|
|
|
/* /foobar/... */
|
2006-10-04 13:26:23 +00:00
|
|
|
uri = con->parse_request->ptr + first;
|
2005-02-20 14:27:00 +00:00
|
|
|
first = i + 1;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
/* ERROR, one space to much */
|
|
|
|
|
con->http_status = 400;
|
|
|
|
|
con->response.keep_alive = 0;
|
|
|
|
|
con->keep_alive = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
2006-02-02 11:51:10 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "s", "overlong request line -> 400");
|
2005-02-20 14:27:00 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
request_line_stage++;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
in_folding = 0;
|
2005-10-02 21:50:51 +00:00
|
|
|
|
|
|
|
|
if (con->request.uri->used == 1) {
|
|
|
|
|
con->http_status = 400;
|
|
|
|
|
con->response.keep_alive = 0;
|
|
|
|
|
con->keep_alive = 0;
|
|
|
|
|
|
|
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
2009-07-13 13:48:29 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "s", "no uri specified -> 400");
|
2005-10-02 21:50:51 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2009-10-11 18:31:25 +00:00
|
|
|
if (reqline_host) {
|
|
|
|
|
/* Insert as host header */
|
|
|
|
|
data_string *ds;
|
|
|
|
|
|
|
|
|
|
if (NULL == (ds = (data_string *)array_get_unused_element(con->request.headers, TYPE_STRING))) {
|
|
|
|
|
ds = data_string_init();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
buffer_copy_string_len(ds->key, CONST_STR_LEN("Host"));
|
|
|
|
|
buffer_copy_string_len(ds->value, reqline_host, reqline_hostlen);
|
|
|
|
|
array_insert_unique(con->request.headers, (data_unset *)ds);
|
|
|
|
|
con->request.http_host = ds->value;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
for (; i < con->parse_request->used && !done; i++) {
|
|
|
|
|
char *cur = con->parse_request->ptr + i;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
if (is_key) {
|
|
|
|
|
size_t j;
|
|
|
|
|
int got_colon = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/**
|
|
|
|
|
* 1*<any CHAR except CTLs or separators>
|
2013-03-25 17:22:36 +00:00
|
|
|
* CTLs == 0-31 + 127, CHAR = 7-bit ascii (0..127)
|
2006-10-04 13:26:23 +00:00
|
|
|
*
|
2005-02-20 14:27:00 +00:00
|
|
|
*/
|
|
|
|
|
switch(*cur) {
|
|
|
|
|
case ':':
|
|
|
|
|
is_key = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
value = cur + 1;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
if (is_ws_after_key == 0) {
|
|
|
|
|
key_len = i - first;
|
|
|
|
|
}
|
|
|
|
|
is_ws_after_key = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
break;
|
|
|
|
|
case '(':
|
|
|
|
|
case ')':
|
|
|
|
|
case '<':
|
|
|
|
|
case '>':
|
|
|
|
|
case '@':
|
|
|
|
|
case ',':
|
|
|
|
|
case ';':
|
|
|
|
|
case '\\':
|
|
|
|
|
case '\"':
|
|
|
|
|
case '/':
|
|
|
|
|
case '[':
|
|
|
|
|
case ']':
|
|
|
|
|
case '?':
|
|
|
|
|
case '=':
|
|
|
|
|
case '{':
|
|
|
|
|
case '}':
|
|
|
|
|
con->http_status = 400;
|
|
|
|
|
con->keep_alive = 0;
|
|
|
|
|
con->response.keep_alive = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2013-03-25 17:22:36 +00:00
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sbsds",
|
2005-02-20 14:27:00 +00:00
|
|
|
"invalid character in key", con->request.request, cur, *cur, "-> 400");
|
2013-03-25 17:22:36 +00:00
|
|
|
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
2005-02-20 14:27:00 +00:00
|
|
|
return 0;
|
|
|
|
|
case ' ':
|
|
|
|
|
case '\t':
|
|
|
|
|
if (i == first) {
|
|
|
|
|
is_key = 0;
|
|
|
|
|
in_folding = 1;
|
|
|
|
|
value = cur;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
|
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
key_len = i - first;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* skip every thing up to the : */
|
|
|
|
|
for (j = 1; !got_colon; j++) {
|
|
|
|
|
switch(con->parse_request->ptr[j + i]) {
|
|
|
|
|
case ' ':
|
|
|
|
|
case '\t':
|
|
|
|
|
/* skip WS */
|
|
|
|
|
continue;
|
|
|
|
|
case ':':
|
2012-11-21 12:01:46 +00:00
|
|
|
/* ok, done; handle the colon the usual way */
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
i += j - 1;
|
|
|
|
|
got_colon = 1;
|
2012-11-21 12:01:46 +00:00
|
|
|
is_ws_after_key = 1; /* we already know the key length */
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
/* error */
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2006-02-02 11:51:10 +00:00
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "s", "WS character in key -> 400");
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
con->http_status = 400;
|
|
|
|
|
con->response.keep_alive = 0;
|
|
|
|
|
con->keep_alive = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
break;
|
|
|
|
|
case '\r':
|
|
|
|
|
if (con->parse_request->ptr[i+1] == '\n' && i == first) {
|
|
|
|
|
/* End of Header */
|
|
|
|
|
con->parse_request->ptr[i] = '\0';
|
|
|
|
|
con->parse_request->ptr[i+1] = '\0';
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
i++;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
done = 1;
|
|
|
|
|
} else {
|
2006-02-02 11:51:10 +00:00
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "s", "CR without LF -> 400");
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
con->http_status = 400;
|
|
|
|
|
con->keep_alive = 0;
|
|
|
|
|
con->response.keep_alive = 0;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2013-03-25 17:22:36 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
if (*cur < 32 || ((unsigned char)*cur) >= 127) {
|
|
|
|
|
con->http_status = 400;
|
|
|
|
|
con->keep_alive = 0;
|
|
|
|
|
con->response.keep_alive = 0;
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2013-03-25 17:22:36 +00:00
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "sbsds",
|
|
|
|
|
"invalid character in key", con->request.request, cur, *cur, "-> 400");
|
2006-02-02 11:51:10 +00:00
|
|
|
|
2013-03-25 17:22:36 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2013-03-25 17:22:36 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
2005-02-20 14:27:00 +00:00
|
|
|
/* ok */
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
switch(*cur) {
|
2006-10-04 13:26:23 +00:00
|
|
|
case '\r':
|
2005-02-20 14:27:00 +00:00
|
|
|
if (con->parse_request->ptr[i+1] == '\n') {
|
2007-06-15 14:08:32 +00:00
|
|
|
data_string *ds = NULL;
|
|
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
/* End of Headerline */
|
|
|
|
|
con->parse_request->ptr[i] = '\0';
|
|
|
|
|
con->parse_request->ptr[i+1] = '\0';
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
if (in_folding) {
|
2007-06-15 14:08:32 +00:00
|
|
|
buffer *key_b;
|
|
|
|
|
/**
|
|
|
|
|
* we use a evil hack to handle the line-folding
|
|
|
|
|
*
|
|
|
|
|
* As array_insert_unique() deletes 'ds' in the case of a duplicate
|
|
|
|
|
* ds points somewhere and we get a evil crash. As a solution we keep the old
|
|
|
|
|
* "key" and get the current value from the hash and append us
|
|
|
|
|
*
|
|
|
|
|
* */
|
|
|
|
|
|
|
|
|
|
if (!key || !key_len) {
|
2005-02-20 14:27:00 +00:00
|
|
|
/* 400 */
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2006-02-02 11:51:10 +00:00
|
|
|
if (srv->srvconf.log_request_header_on_error) {
|
|
|
|
|
log_error_write(srv, __FILE__, __LINE__, "s", "WS at the start of first line -> 400");
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2006-02-02 11:51:10 +00:00
|
|
|
log_error_write(srv, __FILE__, __LINE__, "Sb",
|
|
|
|
|
"request-header:\n",
|
|
|
|
|
con->request.request);
|
|
|
|
|
}
|
|
|
|
|
|
2006-10-04 13:26:23 +00:00
|
|
|
|
2005-02-20 14:27:00 +00:00
|
|
|
con->http_status = 400;
|
|
|
|
|
con->keep_alive = 0;
|
|
|
|
|
con->response.keep_alive = 0;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2007-06-15 14:08:32 +00:00
|
|
|
|
|
|
|
|
key_b = buffer_init();
|
|
|
