| blob | d476e54dbb18da635b81e1176a67f173c6e5b755 |
1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
17 /*
18 * util.c: string utility things
19 *
20 * 3/21/93 Rob McCool
21 * 1995-96 Many changes by the Apache Software Foundation
22 *
23 */
25 /* Debugging aid:
26 * #define DEBUG to trace all cfg_open*()/cfg_closefile() calls
27 * #define DEBUG_CFG_LINES to trace every line read from the config files
28 */
34 #define APR_WANT_STDIO
35 #define APR_WANT_STRFUNC
38 #if APR_HAVE_UNISTD_H
39 #include <unistd.h>
40 #endif
41 #if APR_HAVE_NETDB_H
43 #endif
54 #ifdef HAVE_PWD_H
55 #include <pwd.h>
56 #endif
57 #ifdef HAVE_GRP_H
58 #include <grp.h>
59 #endif
61 /* A bunch of functions in util.c scan strings looking for certain characters.
62 * To make that more efficient we encode a lookup table. The test_char_table
63 * is generated automatically by gen_test_char.c.
64 */
67 /* we assume the folks using this ensure 0 <= c < 256... which means
68 * you need a cast to (unsigned char) first, you can't just plug a
69 * char in here and get it to work, because if char is signed then it
70 * will first be sign extended.
71 */
72 #define TEST_CHAR(c, f) (test_char_table[(unsigned)(c)] & (f))
74 /* Win32/NetWare/OS2 need to check for both forward and back slashes
75 * in ap_getparents() and ap_escape_url.
76 */
77 #ifdef CASE_BLIND_FILESYSTEM
79 #else
81 #endif
84 /*
85 * Examine a field value (such as a media-/content-type) string and return
86 * it sans any parameters; e.g., strip off any ';charset=foo' and the like.
87 */
89 {
97 }
100 semi--;
101 }
103 }
104 }
108 {
109 apr_size_t retcode;
112 apr_time_exp_t xt;
119 /* Convert %Z to "GMT" and %z to "+0000";
120 * on hosts that do not have a time zone string in struct tm,
121 * strftime must assume its argument is local time.
122 */
134 f++;
142 f++;
144 }
145 }
148 }
151 }
153 /* check return code? */
157 }
159 /* Roy owes Rob beer. */
160 /* Rob owes Roy dinner. */
162 /* These legacy comments would make a lot more sense if Roy hadn't
163 * replaced the old later_than() routine with util_date.c.
164 *
165 * Well, okay, they still wouldn't make any sense.
166 */
168 /* Match = 0, NoMatch = 1, Abort = -1
169 * Based loosely on sections of wildmat.c by Rich Salz
170 * Hmmm... shouldn't this really go component by component?
171 */
173 {
187 }
189 }
192 }
194 }
197 {
211 }
213 }
217 }
219 }
221 /* We actually compare the canonical root to this root, (but we don't
222 * waste time checking the case), since every use of this function in
223 * httpd-2.1 tests if the path is 'proper', meaning we've already passed
224 * it through apr_filepath_merge, or we haven't.
225 */
227 {
233 }
235 }
238 {
245 }
247 /*
248 * Here's a pool-based interface to the POSIX-esque ap_regcomp().
249 * Note that we return ap_regex_t instead of being passed one.
250 * The reason is that if you use an already-used ap_regex_t structure,
251 * the memory that you've already allocated gets forgotten, and
252 * regfree() doesn't clear it. So we don't allow it.
253 */
256 {
259 }
263 {
268 }
271 apr_pool_cleanup_null);
274 }
277 {
280 }
282 /*
283 * Similar to standard strstr() but we ignore case in this version.
284 * Based on the strstr() implementation further below.
285 */
287 {
290 /* an empty s2 */
292 }
297 }
298 /* found first character of s2, see if the rest matches */
303 /* both strings ended together */
305 }
306 }
308 /* second string ended, a match */
310 }
311 /* didn't find a match here, try starting at next character in s1 */
312 s1++;
313 }
315 }
317 /*
318 * Returns an offsetted pointer in bigstring immediately after
319 * prefix. Returns bigstring if bigstring doesn't start with
320 * prefix or if prefix is longer than bigstring while still matching.
321 * NOTE: pointer returned is relative to bigstring, so we
322 * can use standard pointer comparisons in the calling function
323 * (eg: test if ap_stripprefix(a,b) == a)
324 */
327 {
337 }
341 /* hit the end of bigstring! */
343 }
345 /* This function substitutes for $0-$9, filling in regular expression
346 * submatches. Pass it the same nmatch and pmatch arguments that you
347 * passed ap_regexec(). pmatch should not be greater than the maximum number
348 * of subexpressions - i.e. one more than the re_nsub member of ap_regex_t.
349 *
350 * input should be the string with the $-expressions, source should be the
351 * string that was matched against.
352 *
353 * It returns the substituted string, or NULL on error.
354 *
355 * Parts of this code are based on Henry Spencer's regsub(), from his
356 * AT&T V8 regexp package.
357 */
361 ap_regmatch_t pmatch[])
362 {
374 /* First pass, find the size */
383 else
389 len++;
390 }
393 }
395 }
399 /* Now actually fill in the string */
408 else
415 }
420 }
422 }
426 }
428 /*
429 * Parse .. so we don't compromise security
430 */
432 {
436 /* Four paseses, as per RFC 1808 */
437 /* a) remove ./ path segments */
439 }
446 else
448 }
450 /* b) remove trailing . path, segment */
452 w--;
454 w--;
457 /* c) remove all xx/../ segments. (including leading ../ and /../) */
468 l--;
469 l++;
470 }
471 else
476 }
477 else
479 }
481 /* d) remove trailing xx/.. segment. */
489 l--;
490 l++;
491 }
492 else
495 }
496 }
499 {
504 #ifdef HAVE_UNC_PATHS
505 /* Check for UNC names. Leave leading two slashes. */
508 #endif
515 }
518 }
519 }
521 }
524 /*
525 * copy at most n leading directories of s into d
526 * d should be at least as large as s plus 1 extra byte
527 * assumes n > 0
528 * the return value is the ever useful pointer to the trailing \0 of d
529 *
530 * MODIFIED FOR HAVE_DRIVE_LETTERS and NETWARE environments,
531 * so that if n == 0, "/" is returned in d with n == 1
532 * and s == "e:/test.html", "e:/" is returned in d
533 * *** See also directory_walk in modules/http/http_request.c
535 * examples:
536 * /a/b, 0 ==> / (true for all platforms)
537 * /a/b, 1 ==> /
538 * /a/b, 2 ==> /a/
539 * /a/b, 3 ==> /a/b/
540 * /a/b, 4 ==> /a/b/
541 *
542 * c:/a/b 0 ==> /
543 * c:/a/b 1 ==> c:/
544 * c:/a/b 2 ==> c:/a/
545 * c:/a/b 3 ==> c:/a/b
546 * c:/a/b 4 ==> c:/a/b
547 */
549 {
554 }
560 }
562 }
565 }
568 /*
569 * return the parent directory name including trailing / of the file s
570 */
572 {
579 }
584 }
588 {
593 n++;
595 }
598 {
600 }
603 {
610 }
618 }
619 }
623 }
626 {
628 }
631 {
638 }
645 }
650 }
654 {
656 }
660 {
668 }
677 }
679 /* Get a word, (new) config-file style --- quoted strings and backslashes
680 * all honored
681 */
685 {
694 else
696 }
699 #if RESOLVE_ENV_PER_TOKEN
701 #else
703 #endif
704 }
707 {
709 }
712 {
723 }
731 }
734 }
735 }
740 }
747 }
753 }
755 /* Check a string for any ${ENV} environment variable
756 * construct and replace each them by the value of
757 * that environment variable, if it exists. If the
758 * environment value does not exist, leave the ${ENV}
759 * construct alone; it means something else.
760 */
762 {
763 # define SMALL_EXPANSION 5
767 apr_size_t len;
772 apr_size_t outlen;
777 }
779 /* well, actually something to do */
789 /* prepare next entry */
798 }
807 }
812 }
814 }
819 }
820 }
827 }
830 /* assemble result */
836 }
842 }
845 {
846 #ifdef DEBUG
849 #endif
851 }
854 {
857 }
860 {
866 }
869 {
871 apr_status_t rv;
875 }
877 }
879 /* Open a ap_configfile_t as FILE, return open ap_configfile_t struct pointer */
882 {
885 apr_finfo_t finfo;
886 apr_status_t status;
887 #ifdef DEBUG
889 #endif
895 }
899 #ifdef DEBUG
904 #endif
913 #if defined(WIN32) || defined(OS2) || defined(NETWARE)
915 #else
920 name);
923 }
925 #ifdef WIN32
926 /* Some twisted character [no pun intended] at MS decided that a
927 * zero width joiner as the lead wide character would be ideal for
928 * describing Unicode text files. This was further convoluted to
929 * another MSism that the same character mapped into utf-8, EF BB BF
930 * would signify utf-8 text files.
931 *
932 * Since MS configuration files are all protecting utf-8 encoded
933 * Unicode path, file and resource names, we already have the correct
934 * WinNT encoding. But at least eat the stupid three bytes up front.
935 */
936 {
944 }
945 }
946 #endif
957 }
960 /* Allocate a ap_configfile_t handle with user defined functions and params */
967 {
969 #ifdef DEBUG
972 #endif
980 }
982 /* Read one character from a configfile_t */
984 {
989 }
991 /* Read one line from open ap_configfile_t, strip LF, increase line number */
992 /* If custom handler does not define a getstr() function, read char by char */
994 {
995 /* If a "get string" function is defined, use it */
1007 /*
1008 * check for line continuation,
1009 * i.e. match [^\\]\\[\r]\n only
1010 */
1013 cp++;
1015 cp--;
1017 cp--;
1019 cp--;
1021 /*
1022 * line continuation requested -
1023 * then remove backslash and continue
1024 */
1028 }
1030 /*
1031 * no real continuation because escaped -
1032 * then just remove escape character
1033 */
1036 }
1037 }
1038 }
1040 }
1042 /*
1043 * Leading and trailing white space is eliminated completely
1044 */
1048 /* blast trailing whitespace */
1052 /* Zap leading whitespace by shifting */
1055 ;
1057 #ifdef DEBUG_CFG_LINES
1059 #endif
1062 /* No "get string" function defined; read character by character */
1067 /* skip leading whitespace */
1076 /* too small, assume caller is crazy */
1078 }
1085 }
1087 /* silently ignore CR (_assume_ that a LF follows) */
1089 }
1091 /* increase line number and return on LF */
1093 }
1095 /*
1096 * check for line continuation
1097 */
1099 i--;
1101 /* line is continued */
1104 }
1105 /* else nothing needs be done because
1106 * then the backslash is escaped and
1107 * we just strip to a single one
1108 */
1109 }
1110 /* blast trailing whitespace */
1114 #ifdef DEBUG_CFG_LINES
1117 #endif
1119 }
1123 }
1124 }
1125 }
1127 /* Size an HTTP header field list item, as separated by a comma.
1128 * The return value is a pointer to the beginning of the non-empty list item
1129 * within the original string (or NULL if there is none) and the address
1130 * of field is shifted to the next non-comma, non-whitespace character.
1131 * len is the length of the item excluding any beginning whitespace.
1132 */
1134 {
1139 /* Find first non-comma, non-whitespace byte */
1146 /* Find the end of this item, skipping over dead bits */
1154 }
1169 }
1170 }
1171 }
1176 }
1178 /* Advance field pointer to the next non-comma, non-white byte */
1185 }
1187 /* Retrieve an HTTP header field list item, as separated by a comma,
1188 * while stripping insignificant whitespace and lowercasing anything not in
1189 * a quoted string or comment. The return value is a new string containing
1190 * the converted list item (or NULL if none) and the address pointed to by
1191 * field is shifted to the next non-comma, non-whitespace.
1192 */
1194 {
1201 /* Find the beginning and maximum length of the list item so that
1202 * we can allocate a buffer for the new string and reset the field.
1203 */
1206 }
1209 /* Scan the token again, but this time copy only the good bytes.
1210 * We skip extra whitespace and any whitespace around a '=', '/',
1211 * or ';' and lowercase normal characters not within a comment,
1212 * quoted-string or quoted-pair.
1213 */
1221 }
1254 else
1269 }
1270 }
1271 }
1275 }
1277 /* Find an item in canonical form (lowercase, no extra spaces) within
1278 * an HTTP field value list. Returns 1 if found, 0 if not found.
1279 * This would be much more efficient if we stored header fields as
1280 * an array of list items as they are received instead of a plain string.
1281 */
1284 {
1294 /* Find first non-comma, non-whitespace byte */
1301 else
1304 /* We skip extra whitespace and any whitespace around a '=', '/',
1305 * or ';' and lowercase normal characters not within a comment,
1306 * quoted-string or quoted-pair.
1307 */
1316 }
1349 else
1364 else
1368 }
1369 }
1370 }
1377 }
1380 /* Retrieve a token, spacing over it and returning a pointer to
1381 * the first non-white byte afterwards. Note that these tokens
1382 * are delimited by semis and commas; and can also be delimited
1383 * by whitespace at the caller's option.
1384 */
1388 {
1394 /* Find first non-white byte */
1401 /* find token end, skipping over quoted strings.
1402 * (comments are already gone).
1403 */
1411 }
1416 /* Advance accept_line pointer to the next non-white byte */
1423 }
1426 /* find http tokens, see the definition of token from RFC2068 */
1428 {
1437 /* find start of token, skip all stop characters, note NUL
1438 * isn't a token stop, so we don't need to test for it
1439 */
1442 }
1445 }
1447 /* find end of the token */
1450 }
1454 }
1457 }
1458 }
1459 }
1464 {
1479 }
1482 {
1492 #if defined(OS2) || defined(WIN32)
1493 /*
1494 * Newlines to Win32/OS2 CreateProcess() are ill advised.
1495 * Convert them to spaces since they are effectively white
1496 * space to most applications
1497 */
1501 }
1502 #endif
1506 }
1508 }
1512 }
1515 {
1518 #if !APR_CHARSET_EBCDIC
1535 }
1537 /*
1538 * Unescapes a URL, leaving reserved characters intact.
1539 * Returns 0 on success, non-zero on error
1540 * Failure is due to
1541 * bad % escape returns HTTP_BAD_REQUEST
1542 *
1543 * decoding %00 or a forbidden character returns HTTP_NOT_FOUND
1544 */
1547 {
1553 /* Initial scan for first '%'. Don't bother writing values before
1554 * seeing a '%' */
1558 }
1562 }
1567 }
1576 }
1581 }
1585 }
1586 }
1587 }
1588 }
1592 }
1595 }
1598 }
1599 }
1601 {
1602 /* Traditional */
1603 #ifdef CASE_BLIND_FILESYSTEM
1605 #else
1607 #endif
1608 }
1610 {
1611 /* AllowEncodedSlashes (corrected) */
1613 }
1614 #ifdef NEW_APIS
1615 /* IFDEF these out until they've been thought through.
1616 * Just a germ of an API extension for now
1617 */
1619 {
1620 /* leave RFC1738 reserved characters intact, * so proxied URLs
1621 * don't get mangled. Where does that leave encoded '&' ?
1622 */
1624 }
1626 {
1628 }
1629 #endif
1633 {
1636 }
1639 }
1640 }
1643 {
1645 }
1647 /* c2x takes an unsigned, and expects the caller has guaranteed that
1648 * 0 <= what < 256... which usually means that you have to cast to
1649 * unsigned char first, because (unsigned)(char)(x) first goes through
1650 * signed extension to an int before the unsigned cast.
1651 *
1652 * The reason for this assumption is to assist gcc code generation --
1653 * the unsigned char -> unsigned extension is already done earlier in
1654 * both uses of this code, so there's no need to waste time doing it
1655 * again.
1656 */
1661 {
1662 #if APR_CHARSET_EBCDIC
1669 }
1671 /*
1672 * escape_path_segment() escapes a path segment, as defined in RFC 1808. This
1673 * routine is (should be) OS independent.
1674 *
1675 * os_escape_path() converts an OS path to a URL, in an OS dependent way. In all
1676 * cases if a ':' occurs before the first '/' in the URL, the URL should be
1677 * prefixed with "./" (or the ':' escaped). In the case of Unix, this means
1678 * leaving '/' alone, but otherwise doing what escape_path_segment() does. For
1679 * efficiency reasons, we don't use escape_path_segment(), which is provided for
1680 * reference. Again, RFC 1808 is where this stuff is defined.
1681 *
1682 * If partial is set, os_escape_path() assumes that the path will be appended to
1683 * something with a '/' in it (and thus does not prefix "./").
1684 */
1687 {
1695 }
1698 }
1700 }
1703 }
1706 {
1708 }
1711 {
1724 }
1725 }
1729 }
1732 }
1734 }
1737 }
1739 /* ap_escape_uri is now a macro for os_escape_path */
1742 {
1746 /* first, count the number of extra characters */
1765 }
1769 }
1773 }
1777 }
1782 }
1783 else
1788 }
1790 {
1797 }
1829 }
1830 }
1833 }
1834 }
1838 }
1841 apr_size_t buflen)
1842 {
1848 }
1861 }
1889 }
1892 }
1893 }
1896 }
1897 }
1901 }
1904 {
1905 apr_finfo_t finfo;
1911 }
1914 {
1915 apr_finfo_t finfo;
1921 }
1925 {
1931 /* allocate +3 for '/' delimiter, trailing NULL and overallocate
1932 * one extra byte to allow the caller to add a trailing '/'
1933 */
1938 }
1945 }
1947 }
1949 }
1951 /*
1952 * Check for an absoluteURI syntax (see section 3.2 in RFC2068).
1953 */
1955 {
1963 }
1964 }
1967 }
1970 {
1976 }
1979 {
1985 }
1988 {
1992 }
1993 }
1995 /*
1996 * We must return a FQDN
1997 */
1999 {
2000 #ifndef MAXHOSTNAMELEN
2001 #define MAXHOSTNAMELEN 256
2002 #endif
2011 ap_server_argv0);
2024 }
2029 }
2030 }
2036 "%s: Could not reliably determine the server's fully qualified "
2041 }
2043 /* simple 'pool' alloc()ing glue to apr_base64.c
2044 */
2046 {
2055 }
2058 {
2067 }
2069 /* we want to downcase the type/subtype for comparison purposes
2070 * but nothing else because ;parameter=foo values are case sensitive.
2071 * XXX: in truth we want to downcase parameter names... but really,
2072 * apache has never handled parameters and such correctly. You
2073 * also need to compress spaces and such to be able to compare
2074 * properly. -djg
2075 */
2077 {
2083 }
2089 }
2090 }
2092 /*
2093 * Given a string, replace any bare " with \" .
2094 */
2096 {
2101 /*
2102 * Look through the input string, jogging the length of the output
2103 * string up by an extra byte each time we find an unescaped ".
2104 */
2106 newlen++;
2108 newlen++;
2109 }
2110 /*
2111 * If we find a slosh, and it's not the last byte in the string,
2112 * it's escaping something - advance past both bytes.
2113 */
2115 inchr++;
2116 newlen++;
2117 }
2118 inchr++;
2119 }
2123 /*
2124 * Now copy the input string to the output string, inserting a slosh
2125 * in front of every " that doesn't already have one.
2126 */
2131 }
2134 }
2137 }
2138 }
2141 }
2143 /*
2144 * Given a string, append the PID deliminated by delim.
2145 * Usually used to create a pid-appended filepath name
2146 * (eg: /a/b/foo -> /a/b/foo.6726). A function, and not
2147 * a macro, to avoid unistd.h dependency
2148 */
2151 {
2155 }
2157 /**
2158 * Parse a given timeout parameter string into an apr_interval_time_t value.
2159 * The unit of the time interval is given as postfix string to the numeric
2160 * string. Currently the following units are understood:
2161 *
2162 * ms : milliseconds
2163 * s : seconds
2164 * mi[n] : minutes
2165 * h : hours
2166 *
2167 * If no unit is contained in the given timeout parameter the default_time_unit
2168 * will be used instead.
2169 * @param timeout_parameter The string containing the timeout parameter.
2170 * @param timeout The timeout value to be returned.
2171 * @param default_time_unit The default time unit to use if none is specified
2172 * in timeout_parameter.
2173 * @return Status value indicating whether the parsing was successful or not.
2174 */
2179 {
2182 apr_int64_t tout;
2187 }
2190 }
2193 }
2196 /* Time is in seconds */
2201 /* Time is in hours */
2206 /* Time is in miliseconds */
2210 /* Time is in minutes */
2216 }
2220 }
2222 }