diff options
Diffstat (limited to 'modules/md/md_util.c')
| -rw-r--r-- | modules/md/md_util.c | 107 |
1 files changed, 71 insertions, 36 deletions
diff --git a/modules/md/md_util.c b/modules/md/md_util.c index 756aaef382..875cef61fc 100644 --- a/modules/md/md_util.c +++ b/modules/md/md_util.c @@ -647,52 +647,54 @@ const char *md_util_schemify(apr_pool_t *p, const char *s, const char *def_schem return apr_psprintf(p, "%s:%s", def_scheme, s); } -apr_status_t md_util_abs_uri_check(apr_pool_t *p, const char *uri, const char **perr) +static apr_status_t uri_check(apr_uri_t *uri_parsed, apr_pool_t *p, + const char *uri, const char **perr) { const char *s, *err = NULL; - apr_uri_t uri_parsed; apr_status_t rv; - if (APR_SUCCESS != (rv = apr_uri_parse(p, uri, &uri_parsed))) { + if (APR_SUCCESS != (rv = apr_uri_parse(p, uri, uri_parsed))) { err = "not an uri"; } - else if (!uri_parsed.scheme) { - err = "missing uri scheme"; - } - else if (strlen(uri_parsed.scheme) + 1 >= strlen(uri)) { - err = "missing uri identifier"; - } - else if (strchr(uri, ' ') || strchr(uri, '\t') ) { - err = "whitespace in uri"; - } - else if (!strncmp("http", uri_parsed.scheme, 4)) { - if (!uri_parsed.hostname) { - err = "missing hostname"; + else if (uri_parsed->scheme) { + if (strlen(uri_parsed->scheme) + 1 >= strlen(uri)) { + err = "missing uri identifier"; } - else if (!md_util_is_dns_name(p, uri_parsed.hostname, 0)) { - err = "invalid hostname"; + else if (!strncmp("http", uri_parsed->scheme, 4)) { + if (!uri_parsed->hostname) { + err = "missing hostname"; + } + else if (!md_util_is_dns_name(p, uri_parsed->hostname, 0)) { + err = "invalid hostname"; + } + if (uri_parsed->port_str + && (!apr_isdigit(uri_parsed->port_str[0]) + || uri_parsed->port == 0 + || uri_parsed->port > 65353)) { + err = "invalid port"; + } } - if (uri_parsed.port_str && (uri_parsed.port == 0 || uri_parsed.port > 65353)) { - err = "invalid port"; + else if (!strcmp("mailto", uri_parsed->scheme)) { + s = strchr(uri, '@'); + if (!s) { + err = "missing @"; + } + else if (strchr(s+1, '@')) { + err = "duplicate @"; + } + else if (s == uri + strlen(uri_parsed->scheme) + 1) { + err = "missing local part"; + } + else if (s == (uri + strlen(uri)-1)) { + err = "missing hostname"; + } + else if (strstr(uri, "..")) { + err = "double period"; + } } } - else if (!strcmp("mailto", uri_parsed.scheme)) { - s = strchr(uri, '@'); - if (!s) { - err = "missing @"; - } - else if (strchr(s+1, '@')) { - err = "duplicate @"; - } - else if (s == uri + strlen(uri_parsed.scheme) + 1) { - err = "missing local part"; - } - else if (s == (uri + strlen(uri)-1)) { - err = "missing hostname"; - } - else if (strstr(uri, "..")) { - err = "double period"; - } + if (strchr(uri, ' ') || strchr(uri, '\t') ) { + err = "whitespace in uri"; } if (err) { @@ -702,6 +704,39 @@ apr_status_t md_util_abs_uri_check(apr_pool_t *p, const char *uri, const char ** return rv; } +apr_status_t md_util_abs_uri_check(apr_pool_t *p, const char *uri, const char **perr) +{ + apr_uri_t uri_parsed; + apr_status_t rv; + + if (APR_SUCCESS == (rv = uri_check(&uri_parsed, p, uri, perr))) { + if (!uri_parsed.scheme) { + *perr = "missing uri scheme"; + return APR_EINVAL; + } + } + return rv; +} + +apr_status_t md_util_abs_http_uri_check(apr_pool_t *p, const char *uri, const char **perr) +{ + apr_uri_t uri_parsed; + apr_status_t rv; + + if (APR_SUCCESS == (rv = uri_check(&uri_parsed, p, uri, perr))) { + if (!uri_parsed.scheme) { + *perr = "missing uri scheme"; + return APR_EINVAL; + } + if (apr_strnatcasecmp("http", uri_parsed.scheme) + && apr_strnatcasecmp("https", uri_parsed.scheme)) { + *perr = "uri scheme must be http or https"; + return APR_EINVAL; + } + } + return rv; +} + /* retry login ************************************************************************************/ apr_status_t md_util_try(md_util_try_fn *fn, void *baton, int ignore_errs, |