author | Michael Krelin <hacker@klever.net> | 2009-09-01 19:59:38 (UTC) |
---|---|---|
committer | Michael Krelin <hacker@klever.net> | 2009-09-01 19:59:38 (UTC) |
commit | da3fe98e5c75940135fcd9bb45b36eed62d8b4dc (patch) (unidiff) | |
tree | eda546a705a667dd1b62f7eee481b3087fbfdf27 | |
parent | 34d57b6b55b51e4b489a4cafce8874dec558b600 (diff) | |
download | libopkele-da3fe98e5c75940135fcd9bb45b36eed62d8b4dc.zip libopkele-da3fe98e5c75940135fcd9bb45b36eed62d8b4dc.tar.gz libopkele-da3fe98e5c75940135fcd9bb45b36eed62d8b4dc.tar.bz2 |
fixed normalization for the single-character trailing component
Thanks Hiroyuki ARAKI for spotting the bug and providing the fix
Signed-off-by: Michael Krelin <hacker@klever.net>
-rw-r--r-- | lib/util.cc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/util.cc b/lib/util.cc index 249eeed..4028697 100644 --- a/lib/util.cc +++ b/lib/util.cc | |||
@@ -1,540 +1,540 @@ | |||
1 | #include <errno.h> | 1 | #include <errno.h> |
2 | #include <cassert> | 2 | #include <cassert> |
3 | #include <cctype> | 3 | #include <cctype> |
4 | #include <cstring> | 4 | #include <cstring> |
5 | #include <vector> | 5 | #include <vector> |
6 | #include <string> | 6 | #include <string> |
7 | #include <stack> | 7 | #include <stack> |
8 | #include <algorithm> | 8 | #include <algorithm> |
9 | #include <openssl/bio.h> | 9 | #include <openssl/bio.h> |
10 | #include <openssl/evp.h> | 10 | #include <openssl/evp.h> |
11 | #include <openssl/sha.h> | 11 | #include <openssl/sha.h> |
12 | #include <openssl/hmac.h> | 12 | #include <openssl/hmac.h> |
13 | #include <opkele/util.h> | 13 | #include <opkele/util.h> |
14 | #include <opkele/exception.h> | 14 | #include <opkele/exception.h> |
15 | #include <opkele/data.h> | 15 | #include <opkele/data.h> |
16 | #include <opkele/debug.h> | 16 | #include <opkele/debug.h> |
17 | 17 | ||
18 | #include <config.h> | 18 | #include <config.h> |
19 | #ifdef HAVE_DEMANGLE | 19 | #ifdef HAVE_DEMANGLE |
20 | # include <cxxabi.h> | 20 | # include <cxxabi.h> |
21 | #endif | 21 | #endif |
22 | 22 | ||
23 | namespace opkele { | 23 | namespace opkele { |
24 | using namespace std; | 24 | using namespace std; |
25 | 25 | ||
26 | namespace util { | 26 | namespace util { |
27 | 27 | ||
28 | /* | 28 | /* |
29 | * base64 | 29 | * base64 |
30 | */ | 30 | */ |
31 | string encode_base64(const void *data,size_t length) { | 31 | string encode_base64(const void *data,size_t length) { |
32 | BIO *b64 = 0, *bmem = 0; | 32 | BIO *b64 = 0, *bmem = 0; |
33 | try { | 33 | try { |
34 | b64 = BIO_new(BIO_f_base64()); | 34 | b64 = BIO_new(BIO_f_base64()); |
35 | if(!b64) | 35 | if(!b64) |
36 | throw exception_openssl(OPKELE_CP_ "failed to BIO_new() base64 encoder"); | 36 | throw exception_openssl(OPKELE_CP_ "failed to BIO_new() base64 encoder"); |
37 | BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL); | 37 | BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL); |
38 | bmem = BIO_new(BIO_s_mem()); | 38 | bmem = BIO_new(BIO_s_mem()); |
39 | BIO_set_flags(b64,BIO_CLOSE); | 39 | BIO_set_flags(b64,BIO_CLOSE); |
40 | if(!bmem) | 40 | if(!bmem) |
41 | throw exception_openssl(OPKELE_CP_ "failed to BIO_new() memory buffer"); | 41 | throw exception_openssl(OPKELE_CP_ "failed to BIO_new() memory buffer"); |
42 | BIO_push(b64,bmem); | 42 | BIO_push(b64,bmem); |
43 | if(((size_t)BIO_write(b64,data,length))!=length) | 43 | if(((size_t)BIO_write(b64,data,length))!=length) |
44 | throw exception_openssl(OPKELE_CP_ "failed to BIO_write()"); | 44 | throw exception_openssl(OPKELE_CP_ "failed to BIO_write()"); |
45 | if(BIO_flush(b64)!=1) | 45 | if(BIO_flush(b64)!=1) |
46 | throw exception_openssl(OPKELE_CP_ "failed to BIO_flush()"); | 46 | throw exception_openssl(OPKELE_CP_ "failed to BIO_flush()"); |
47 | char *rvd; | 47 | char *rvd; |
48 | long rvl = BIO_get_mem_data(bmem,&rvd); | 48 | long rvl = BIO_get_mem_data(bmem,&rvd); |
49 | string rv(rvd,rvl); | 49 | string rv(rvd,rvl); |
50 | BIO_free_all(b64); | 50 | BIO_free_all(b64); |
51 | return rv; | 51 | return rv; |
52 | }catch(...) { | 52 | }catch(...) { |
53 | if(b64) BIO_free_all(b64); | 53 | if(b64) BIO_free_all(b64); |
54 | throw; | 54 | throw; |
55 | } | 55 | } |
56 | } | 56 | } |
57 | 57 | ||
58 | void decode_base64(const string& data,vector<unsigned char>& rv) { | 58 | void decode_base64(const string& data,vector<unsigned char>& rv) { |
59 | BIO *b64 = 0, *bmem = 0; | 59 | BIO *b64 = 0, *bmem = 0; |
60 | rv.clear(); | 60 | rv.clear(); |
61 | try { | 61 | try { |
62 | bmem = BIO_new_mem_buf((void*)data.data(),data.size()); | 62 | bmem = BIO_new_mem_buf((void*)data.data(),data.size()); |
63 | if(!bmem) | 63 | if(!bmem) |
64 | throw exception_openssl(OPKELE_CP_ "failed to BIO_new_mem_buf()"); | 64 | throw exception_openssl(OPKELE_CP_ "failed to BIO_new_mem_buf()"); |
65 | b64 = BIO_new(BIO_f_base64()); | 65 | b64 = BIO_new(BIO_f_base64()); |
66 | if(!b64) | 66 | if(!b64) |
67 | throw exception_openssl(OPKELE_CP_ "failed to BIO_new() base64 decoder"); | 67 | throw exception_openssl(OPKELE_CP_ "failed to BIO_new() base64 decoder"); |
68 | BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL); | 68 | BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL); |
69 | BIO_push(b64,bmem); | 69 | BIO_push(b64,bmem); |
70 | unsigned char tmp[512]; | 70 | unsigned char tmp[512]; |
71 | size_t rb = 0; | 71 | size_t rb = 0; |
72 | while((rb=BIO_read(b64,tmp,sizeof(tmp)))>0) | 72 | while((rb=BIO_read(b64,tmp,sizeof(tmp)))>0) |
73 | rv.insert(rv.end(),tmp,&tmp[rb]); | 73 | rv.insert(rv.end(),tmp,&tmp[rb]); |
74 | BIO_free_all(b64); | 74 | BIO_free_all(b64); |
75 | }catch(...) { | 75 | }catch(...) { |
76 | if(b64) BIO_free_all(b64); | 76 | if(b64) BIO_free_all(b64); |
77 | throw; | 77 | throw; |
78 | } | 78 | } |
79 | } | 79 | } |
80 | 80 | ||
81 | /* | 81 | /* |
82 | * big numerics | 82 | * big numerics |
83 | */ | 83 | */ |
84 | 84 | ||
85 | BIGNUM *base64_to_bignum(const string& b64) { | 85 | BIGNUM *base64_to_bignum(const string& b64) { |
86 | vector<unsigned char> bin; | 86 | vector<unsigned char> bin; |
87 | decode_base64(b64,bin); | 87 | decode_base64(b64,bin); |
88 | BIGNUM *rv = BN_bin2bn(&(bin.front()),bin.size(),0); | 88 | BIGNUM *rv = BN_bin2bn(&(bin.front()),bin.size(),0); |
89 | if(!rv) | 89 | if(!rv) |
90 | throw failed_conversion(OPKELE_CP_ "failed to BN_bin2bn()"); | 90 | throw failed_conversion(OPKELE_CP_ "failed to BN_bin2bn()"); |
91 | return rv; | 91 | return rv; |
92 | } | 92 | } |
93 | 93 | ||
94 | BIGNUM *dec_to_bignum(const string& dec) { | 94 | BIGNUM *dec_to_bignum(const string& dec) { |
95 | BIGNUM *rv = 0; | 95 | BIGNUM *rv = 0; |
96 | if(!BN_dec2bn(&rv,dec.c_str())) | 96 | if(!BN_dec2bn(&rv,dec.c_str())) |
97 | throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()"); | 97 | throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()"); |
98 | return rv; | 98 | return rv; |
99 | } | 99 | } |
100 | 100 | ||
101 | string bignum_to_base64(const BIGNUM *bn) { | 101 | string bignum_to_base64(const BIGNUM *bn) { |
102 | vector<unsigned char> bin(BN_num_bytes(bn)+1); | 102 | vector<unsigned char> bin(BN_num_bytes(bn)+1); |
103 | unsigned char *binptr = &(bin.front())+1; | 103 | unsigned char *binptr = &(bin.front())+1; |
104 | int l = BN_bn2bin(bn,binptr); | 104 | int l = BN_bn2bin(bn,binptr); |
105 | if(l && (*binptr)&0x80){ | 105 | if(l && (*binptr)&0x80){ |
106 | (*(--binptr)) = 0; ++l; | 106 | (*(--binptr)) = 0; ++l; |
107 | } | 107 | } |
108 | return encode_base64(binptr,l); | 108 | return encode_base64(binptr,l); |
109 | } | 109 | } |
110 | 110 | ||
111 | /* | 111 | /* |
112 | * w3c times | 112 | * w3c times |
113 | */ | 113 | */ |
114 | 114 | ||
115 | string time_to_w3c(time_t t) { | 115 | string time_to_w3c(time_t t) { |
116 | struct tm tm_t; | 116 | struct tm tm_t; |
117 | if(!gmtime_r(&t,&tm_t)) | 117 | if(!gmtime_r(&t,&tm_t)) |
118 | throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()"); | 118 | throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()"); |
119 | char rv[25]; | 119 | char rv[25]; |
120 | if(!strftime(rv,sizeof(rv)-1,"%Y-%m-%dT%H:%M:%SZ",&tm_t)) | 120 | if(!strftime(rv,sizeof(rv)-1,"%Y-%m-%dT%H:%M:%SZ",&tm_t)) |
121 | throw failed_conversion(OPKELE_CP_ "failed to strftime()"); | 121 | throw failed_conversion(OPKELE_CP_ "failed to strftime()"); |
122 | return rv; | 122 | return rv; |
123 | } | 123 | } |
124 | 124 | ||
125 | #ifndef HAVE_TIMEGM | 125 | #ifndef HAVE_TIMEGM |
126 | static time_t timegm(struct tm *t) { | 126 | static time_t timegm(struct tm *t) { |
127 | char *tz = getenv("TZ"); | 127 | char *tz = getenv("TZ"); |
128 | setenv("TZ","",1); tzset(); | 128 | setenv("TZ","",1); tzset(); |
129 | time_t rv = mktime(t); | 129 | time_t rv = mktime(t); |
130 | if(tz) | 130 | if(tz) |
131 | setenv("TZ",tz,1); | 131 | setenv("TZ",tz,1); |
132 | else | 132 | else |
133 | unsetenv("TZ"); | 133 | unsetenv("TZ"); |
134 | tzset(); | 134 | tzset(); |
135 | return rv; | 135 | return rv; |
136 | } | 136 | } |
137 | #define timegm opkele::util::timegm | 137 | #define timegm opkele::util::timegm |
138 | #endif /* HAVE_TIMEGM */ | 138 | #endif /* HAVE_TIMEGM */ |
139 | 139 | ||
140 | time_t w3c_to_time(const string& w) { | 140 | time_t w3c_to_time(const string& w) { |
141 | int fraction; | 141 | int fraction; |
142 | struct tm tm_t; | 142 | struct tm tm_t; |
143 | memset(&tm_t,0,sizeof(tm_t)); | 143 | memset(&tm_t,0,sizeof(tm_t)); |
144 | if( ( | 144 | if( ( |
145 | sscanf( | 145 | sscanf( |
146 | w.c_str(), | 146 | w.c_str(), |
147 | "%04d-%02d-%02dT%02d:%02d:%02dZ", | 147 | "%04d-%02d-%02dT%02d:%02d:%02dZ", |
148 | &tm_t.tm_year,&tm_t.tm_mon,&tm_t.tm_mday, | 148 | &tm_t.tm_year,&tm_t.tm_mon,&tm_t.tm_mday, |
149 | &tm_t.tm_hour,&tm_t.tm_min,&tm_t.tm_sec | 149 | &tm_t.tm_hour,&tm_t.tm_min,&tm_t.tm_sec |
150 | ) != 6 | 150 | ) != 6 |
151 | ) && ( | 151 | ) && ( |
152 | sscanf( | 152 | sscanf( |
153 | w.c_str(), | 153 | w.c_str(), |
154 | "%04d-%02d-%02dT%02d:%02d:%02d.%03dZ", | 154 | "%04d-%02d-%02dT%02d:%02d:%02d.%03dZ", |
155 | &tm_t.tm_year,&tm_t.tm_mon,&tm_t.tm_mday, | 155 | &tm_t.tm_year,&tm_t.tm_mon,&tm_t.tm_mday, |
156 | &tm_t.tm_hour,&tm_t.tm_min,&tm_t.tm_sec, | 156 | &tm_t.tm_hour,&tm_t.tm_min,&tm_t.tm_sec, |
157 | &fraction | 157 | &fraction |
158 | ) != 7 | 158 | ) != 7 |
159 | ) ) | 159 | ) ) |
160 | throw failed_conversion(OPKELE_CP_ "failed to sscanf()"); | 160 | throw failed_conversion(OPKELE_CP_ "failed to sscanf()"); |
161 | tm_t.tm_mon--; | 161 | tm_t.tm_mon--; |
162 | tm_t.tm_year-=1900; | 162 | tm_t.tm_year-=1900; |
163 | time_t rv = timegm(&tm_t); | 163 | time_t rv = timegm(&tm_t); |
164 | if(rv==(time_t)-1) | 164 | if(rv==(time_t)-1) |
165 | throw failed_conversion(OPKELE_CP_ "failed to gmtime()"); | 165 | throw failed_conversion(OPKELE_CP_ "failed to gmtime()"); |
166 | return rv; | 166 | return rv; |
167 | } | 167 | } |
168 | 168 | ||
169 | /* | 169 | /* |
170 | * | 170 | * |
171 | */ | 171 | */ |
172 | 172 | ||
173 | static inline bool isrfc3986unreserved(int c) { | 173 | static inline bool isrfc3986unreserved(int c) { |
174 | if(c<'-') return false; | 174 | if(c<'-') return false; |
175 | if(c<='.') return true; | 175 | if(c<='.') return true; |
176 | if(c<'0') return false; if(c<='9') return true; | 176 | if(c<'0') return false; if(c<='9') return true; |
177 | if(c<'A') return false; if(c<='Z') return true; | 177 | if(c<'A') return false; if(c<='Z') return true; |
178 | if(c<'_') return false; | 178 | if(c<'_') return false; |
179 | if(c=='_') return true; | 179 | if(c=='_') return true; |
180 | if(c<'a') return false; if(c<='z') return true; | 180 | if(c<'a') return false; if(c<='z') return true; |
181 | if(c=='~') return true; | 181 | if(c=='~') return true; |
182 | return false; | 182 | return false; |
183 | } | 183 | } |
184 | 184 | ||
185 | struct __url_encoder : public unary_function<char,void> { | 185 | struct __url_encoder : public unary_function<char,void> { |
186 | public: | 186 | public: |
187 | string& rv; | 187 | string& rv; |
188 | 188 | ||
189 | __url_encoder(string& r) : rv(r) { } | 189 | __url_encoder(string& r) : rv(r) { } |
190 | 190 | ||
191 | result_type operator()(argument_type c) { | 191 | result_type operator()(argument_type c) { |
192 | if(isrfc3986unreserved(c)) | 192 | if(isrfc3986unreserved(c)) |
193 | rv += c; | 193 | rv += c; |
194 | else{ | 194 | else{ |
195 | char tmp[4]; | 195 | char tmp[4]; |
196 | snprintf(tmp,sizeof(tmp),"%%%02X", | 196 | snprintf(tmp,sizeof(tmp),"%%%02X", |
197 | (c&0xff)); | 197 | (c&0xff)); |
198 | rv += tmp; | 198 | rv += tmp; |
199 | } | 199 | } |
200 | } | 200 | } |
201 | }; | 201 | }; |
202 | 202 | ||
203 | string url_encode(const string& str) { | 203 | string url_encode(const string& str) { |
204 | string rv; | 204 | string rv; |
205 | for_each(str.begin(),str.end(), | 205 | for_each(str.begin(),str.end(), |
206 | __url_encoder(rv)); | 206 | __url_encoder(rv)); |
207 | return rv; | 207 | return rv; |
208 | } | 208 | } |
209 | 209 | ||
210 | string url_decode(const string& str) { | 210 | string url_decode(const string& str) { |
211 | string rv; | 211 | string rv; |
212 | back_insert_iterator<string> ii(rv); | 212 | back_insert_iterator<string> ii(rv); |
213 | char tmp[3]; tmp[2] = 0; | 213 | char tmp[3]; tmp[2] = 0; |
214 | for(string::const_iterator i=str.begin(),ie=str.end(); | 214 | for(string::const_iterator i=str.begin(),ie=str.end(); |
215 | i!=ie;++i) { | 215 | i!=ie;++i) { |
216 | switch(*i) { | 216 | switch(*i) { |
217 | case '+': | 217 | case '+': |
218 | *(ii++) = ' '; break; | 218 | *(ii++) = ' '; break; |
219 | case '%': | 219 | case '%': |
220 | ++i; | 220 | ++i; |
221 | if(i==ie) | 221 | if(i==ie) |
222 | throw failed_conversion(OPKELE_CP_ "trailing percent in the url-encoded string"); | 222 | throw failed_conversion(OPKELE_CP_ "trailing percent in the url-encoded string"); |
223 | tmp[0] = *(i++); | 223 | tmp[0] = *(i++); |
224 | if(i==ie) | 224 | if(i==ie) |
225 | throw failed_conversion(OPKELE_CP_ "not enough hexadecimals after the percent sign in url-encoded string"); | 225 | throw failed_conversion(OPKELE_CP_ "not enough hexadecimals after the percent sign in url-encoded string"); |
226 | tmp[1] = *i; | 226 | tmp[1] = *i; |
227 | if(!(isxdigit(tmp[0]) && isxdigit(tmp[1]))) | 227 | if(!(isxdigit(tmp[0]) && isxdigit(tmp[1]))) |
228 | throw failed_conversion(OPKELE_CP_ "non-hex follows percent in url-encoded string"); | 228 | throw failed_conversion(OPKELE_CP_ "non-hex follows percent in url-encoded string"); |
229 | *(ii++) = (char)strtol(tmp,0,16); | 229 | *(ii++) = (char)strtol(tmp,0,16); |
230 | break; | 230 | break; |
231 | default: | 231 | default: |
232 | *(ii++) = *i; break; | 232 | *(ii++) = *i; break; |
233 | } | 233 | } |
234 | } | 234 | } |
235 | return rv; | 235 | return rv; |
236 | } | 236 | } |
237 | 237 | ||
238 | string attr_escape(const string& str) { | 238 | string attr_escape(const string& str) { |
239 | static const char *unsafechars = "<>&\n\"'"; | 239 | static const char *unsafechars = "<>&\n\"'"; |
240 | string rv; | 240 | string rv; |
241 | string::size_type p=0; | 241 | string::size_type p=0; |
242 | while(true) { | 242 | while(true) { |
243 | string::size_type us = str.find_first_of(unsafechars,p); | 243 | string::size_type us = str.find_first_of(unsafechars,p); |
244 | if(us==string::npos) { | 244 | if(us==string::npos) { |
245 | if(p!=str.length()) | 245 | if(p!=str.length()) |
246 | rv.append(str,p,str.length()-p); | 246 | rv.append(str,p,str.length()-p); |
247 | return rv; | 247 | return rv; |
248 | } | 248 | } |
249 | rv.append(str,p,us-p); | 249 | rv.append(str,p,us-p); |
250 | rv += "&#"; | 250 | rv += "&#"; |
251 | rv += long_to_string((long)str[us]); | 251 | rv += long_to_string((long)str[us]); |
252 | rv += ';'; | 252 | rv += ';'; |
253 | p = us+1; | 253 | p = us+1; |
254 | } | 254 | } |
255 | } | 255 | } |
256 | 256 | ||
257 | string long_to_string(long l) { | 257 | string long_to_string(long l) { |
258 | char rv[32]; | 258 | char rv[32]; |
259 | int r=snprintf(rv,sizeof(rv),"%ld",l); | 259 | int r=snprintf(rv,sizeof(rv),"%ld",l); |
260 | if(r<0 || r>=(int)sizeof(rv)) | 260 | if(r<0 || r>=(int)sizeof(rv)) |
261 | throw failed_conversion(OPKELE_CP_ "failed to snprintf()"); | 261 | throw failed_conversion(OPKELE_CP_ "failed to snprintf()"); |
262 | return rv; | 262 | return rv; |
263 | } | 263 | } |
264 | 264 | ||
265 | long string_to_long(const string& s) { | 265 | long string_to_long(const string& s) { |
266 | char *endptr = 0; | 266 | char *endptr = 0; |
267 | long rv = strtol(s.c_str(),&endptr,10); | 267 | long rv = strtol(s.c_str(),&endptr,10); |
268 | if((!endptr) || endptr==s.c_str()) | 268 | if((!endptr) || endptr==s.c_str()) |
269 | throw failed_conversion(OPKELE_CP_ "failed to strtol()"); | 269 | throw failed_conversion(OPKELE_CP_ "failed to strtol()"); |
270 | return rv; | 270 | return rv; |
271 | } | 271 | } |
272 | 272 | ||
273 | /* | 273 | /* |
274 | * Normalize URL according to the rules, described in rfc 3986, section 6 | 274 | * Normalize URL according to the rules, described in rfc 3986, section 6 |
275 | * | 275 | * |
276 | * - uppercase hex triplets (e.g. %ab -> %AB) | 276 | * - uppercase hex triplets (e.g. %ab -> %AB) |
277 | * - lowercase scheme and host | 277 | * - lowercase scheme and host |
278 | * - decode %-encoded characters, specified as unreserved in rfc 3986, section 2.3, | 278 | * - decode %-encoded characters, specified as unreserved in rfc 3986, section 2.3, |
279 | * that is - [:alpha:][:digit:]._~- | 279 | * that is - [:alpha:][:digit:]._~- |
280 | * - remove dot segments | 280 | * - remove dot segments |
281 | * - remove empty and default ports | 281 | * - remove empty and default ports |
282 | * - if there's no path component, add '/' | 282 | * - if there's no path component, add '/' |
283 | */ | 283 | */ |
284 | string rfc_3986_normalize_uri(const string& uri) { | 284 | string rfc_3986_normalize_uri(const string& uri) { |
285 | string rv; | 285 | string rv; |
286 | string::size_type ns = uri.find_first_not_of(data::_whitespace_chars); | 286 | string::size_type ns = uri.find_first_not_of(data::_whitespace_chars); |
287 | if(ns==string::npos) | 287 | if(ns==string::npos) |
288 | throw bad_input(OPKELE_CP_ "Can't normalize empty URI"); | 288 | throw bad_input(OPKELE_CP_ "Can't normalize empty URI"); |
289 | string::size_type colon = uri.find(':',ns); | 289 | string::size_type colon = uri.find(':',ns); |
290 | if(colon==string::npos) | 290 | if(colon==string::npos) |
291 | throw bad_input(OPKELE_CP_ "No scheme specified in URI"); | 291 | throw bad_input(OPKELE_CP_ "No scheme specified in URI"); |
292 | transform( | 292 | transform( |
293 | uri.begin()+ns, uri.begin()+colon+1, | 293 | uri.begin()+ns, uri.begin()+colon+1, |
294 | back_inserter(rv), ::tolower ); | 294 | back_inserter(rv), ::tolower ); |
295 | bool s; | 295 | bool s; |
296 | string::size_type ul = uri.find_last_not_of(data::_whitespace_chars)+1; | 296 | string::size_type ul = uri.find_last_not_of(data::_whitespace_chars)+1; |
297 | if(ul <= (colon+3)) | 297 | if(ul <= (colon+3)) |
298 | throw bad_input(OPKELE_CP_ "Unexpected end of URI being normalized encountered"); | 298 | throw bad_input(OPKELE_CP_ "Unexpected end of URI being normalized encountered"); |
299 | if(uri[colon+1]!='/' || uri[colon+2]!='/') | 299 | if(uri[colon+1]!='/' || uri[colon+2]!='/') |
300 | throw bad_input(OPKELE_CP_ "Unexpected input in URI being normalized after scheme component"); | 300 | throw bad_input(OPKELE_CP_ "Unexpected input in URI being normalized after scheme component"); |
301 | if(rv=="http:") | 301 | if(rv=="http:") |
302 | s = false; | 302 | s = false; |
303 | else if(rv=="https:") | 303 | else if(rv=="https:") |
304 | s = true; | 304 | s = true; |
305 | else{ | 305 | else{ |
306 | /* TODO: support more schemes. e.g. xri. How do we normalize | 306 | /* TODO: support more schemes. e.g. xri. How do we normalize |
307 | * xri? | 307 | * xri? |
308 | */ | 308 | */ |
309 | rv.append(uri,colon+1,ul-colon-1); | 309 | rv.append(uri,colon+1,ul-colon-1); |
310 | return rv; | 310 | return rv; |
311 | } | 311 | } |
312 | rv += "//"; | 312 | rv += "//"; |
313 | string::size_type interesting = uri.find_first_of(":/#?",colon+3); | 313 | string::size_type interesting = uri.find_first_of(":/#?",colon+3); |
314 | if(interesting==string::npos) { | 314 | if(interesting==string::npos) { |
315 | transform( | 315 | transform( |
316 | uri.begin()+colon+3,uri.begin()+ul, | 316 | uri.begin()+colon+3,uri.begin()+ul, |
317 | back_inserter(rv), ::tolower ); | 317 | back_inserter(rv), ::tolower ); |
318 | rv += '/'; return rv; | 318 | rv += '/'; return rv; |
319 | } | 319 | } |
320 | transform( | 320 | transform( |
321 | uri.begin()+colon+3,uri.begin()+interesting, | 321 | uri.begin()+colon+3,uri.begin()+interesting, |
322 | back_inserter(rv), ::tolower ); | 322 | back_inserter(rv), ::tolower ); |
323 | bool qf = false; | 323 | bool qf = false; |
324 | char ic = uri[interesting]; | 324 | char ic = uri[interesting]; |
325 | if(ic==':') { | 325 | if(ic==':') { |
326 | string::size_type ni = uri.find_first_of("/#?%",interesting+1); | 326 | string::size_type ni = uri.find_first_of("/#?%",interesting+1); |
327 | const char *nptr = uri.data()+interesting+1; | 327 | const char *nptr = uri.data()+interesting+1; |
328 | char *eptr = 0; | 328 | char *eptr = 0; |
329 | long port = strtol(nptr,&eptr,10); | 329 | long port = strtol(nptr,&eptr,10); |
330 | if( (port>0) && (port<65535) && port!=(s?443:80) ) { | 330 | if( (port>0) && (port<65535) && port!=(s?443:80) ) { |
331 | char tmp[8]; | 331 | char tmp[8]; |
332 | snprintf(tmp,sizeof(tmp),":%ld",port); | 332 | snprintf(tmp,sizeof(tmp),":%ld",port); |
333 | rv += tmp; | 333 | rv += tmp; |
334 | } | 334 | } |
335 | if(ni==string::npos) { | 335 | if(ni==string::npos) { |
336 | rv += '/'; return rv; | 336 | rv += '/'; return rv; |
337 | } | 337 | } |
338 | interesting = ni; | 338 | interesting = ni; |
339 | }else if(ic!='/') { | 339 | }else if(ic!='/') { |
340 | rv += '/'; rv += ic; | 340 | rv += '/'; rv += ic; |
341 | qf = true; | 341 | qf = true; |
342 | ++interesting; | 342 | ++interesting; |
343 | } | 343 | } |
344 | string::size_type n = interesting; | 344 | string::size_type n = interesting; |
345 | char tmp[3] = { 0,0,0 }; | 345 | char tmp[3] = { 0,0,0 }; |
346 | stack<string::size_type> psegs; psegs.push(rv.length()); | 346 | stack<string::size_type> psegs; psegs.push(rv.length()); |
347 | string pseg; | 347 | string pseg; |
348 | for(;n<ul;) { | 348 | for(;n<ul;) { |
349 | string::size_type unsafe = uri.find_first_of(qf?"%":"%/?#",n); | 349 | string::size_type unsafe = uri.find_first_of(qf?"%":"%/?#",n); |
350 | if(unsafe==string::npos) { | 350 | if(unsafe==string::npos) { |
351 | pseg.append(uri,n,ul-n-1); n = ul-1; | 351 | pseg.append(uri,n,ul-n-1); n = ul-1; |
352 | }else{ | 352 | }else{ |
353 | pseg.append(uri,n,unsafe-n); | 353 | pseg.append(uri,n,unsafe-n); |
354 | n = unsafe; | 354 | n = unsafe; |
355 | } | 355 | } |
356 | char c = uri[n++]; | 356 | char c = uri[n++]; |
357 | if(c=='%') { | 357 | if(c=='%') { |
358 | if((n+1)>=ul) | 358 | if((n+1)>=ul) |
359 | throw bad_input(OPKELE_CP_ "Unexpected end of URI encountered while parsing percent-encoded character"); | 359 | throw bad_input(OPKELE_CP_ "Unexpected end of URI encountered while parsing percent-encoded character"); |
360 | tmp[0] = uri[n++]; | 360 | tmp[0] = uri[n++]; |
361 | tmp[1] = uri[n++]; | 361 | tmp[1] = uri[n++]; |
362 | if(!( isxdigit(tmp[0]) && isxdigit(tmp[1]) )) | 362 | if(!( isxdigit(tmp[0]) && isxdigit(tmp[1]) )) |
363 | throw bad_input(OPKELE_CP_ "Invalid percent-encoded character in URI being normalized"); | 363 | throw bad_input(OPKELE_CP_ "Invalid percent-encoded character in URI being normalized"); |
364 | int cc = strtol(tmp,0,16); | 364 | int cc = strtol(tmp,0,16); |
365 | if( isalpha(cc) || isdigit(cc) || strchr("._~-",cc) ) | 365 | if( isalpha(cc) || isdigit(cc) || strchr("._~-",cc) ) |
366 | pseg += (char)cc; | 366 | pseg += (char)cc; |
367 | else{ | 367 | else{ |
368 | pseg += '%'; | 368 | pseg += '%'; |
369 | pseg += (char)toupper(tmp[0]); pseg += (char)toupper(tmp[1]); | 369 | pseg += (char)toupper(tmp[0]); pseg += (char)toupper(tmp[1]); |
370 | } | 370 | } |
371 | }else if(qf) { | 371 | }else if(qf) { |
372 | rv += pseg; rv += c; | 372 | rv += pseg; rv += c; |
373 | pseg.clear(); | 373 | pseg.clear(); |
374 | }else if(n>=ul || strchr("?/#",c)) { | 374 | }else if(n>=ul || strchr("?/#",c)) { |
375 | if(pseg.empty() || pseg==".") { | 375 | if( (unsafe!=string::npos && pseg.empty()) || pseg==".") { |
376 | }else if(pseg=="..") { | 376 | }else if(pseg=="..") { |
377 | if(psegs.size()>1) { | 377 | if(psegs.size()>1) { |
378 | rv.resize(psegs.top()); psegs.pop(); | 378 | rv.resize(psegs.top()); psegs.pop(); |
379 | } | 379 | } |
380 | }else{ | 380 | }else{ |
381 | psegs.push(rv.length()); | 381 | psegs.push(rv.length()); |
382 | if(c!='/') { | 382 | if(c!='/') { |
383 | pseg += c; | 383 | pseg += c; |
384 | qf = true; | 384 | qf = true; |
385 | } | 385 | } |
386 | rv += '/'; rv += pseg; | 386 | rv += '/'; rv += pseg; |
387 | } | 387 | } |
388 | if(c=='/' && (n>=ul || strchr("?#",uri[n])) ) { | 388 | if(c=='/' && (n>=ul || strchr("?#",uri[n])) ) { |
389 | rv += '/'; | 389 | rv += '/'; |
390 | if(n<ul) | 390 | if(n<ul) |
391 | qf = true; | 391 | qf = true; |
392 | }else if(strchr("?#",c)) { | 392 | }else if(strchr("?#",c)) { |
393 | if(psegs.size()==1 && psegs.top()==rv.length()) | 393 | if(psegs.size()==1 && psegs.top()==rv.length()) |
394 | rv += '/'; | 394 | rv += '/'; |
395 | if(pseg.empty()) | 395 | if(pseg.empty()) |
396 | rv += c; | 396 | rv += c; |
397 | qf = true; | 397 | qf = true; |
398 | } | 398 | } |
399 | pseg.clear(); | 399 | pseg.clear(); |
400 | }else{ | 400 | }else{ |
401 | pseg += c; | 401 | pseg += c; |
402 | } | 402 | } |
403 | } | 403 | } |
404 | if(!pseg.empty()) { | 404 | if(!pseg.empty()) { |
405 | if(!qf) rv += '/'; | 405 | if(!qf) rv += '/'; |
406 | rv += pseg; | 406 | rv += pseg; |
407 | } | 407 | } |
408 | return rv; | 408 | return rv; |
409 | } | 409 | } |
410 | 410 | ||
411 | string& strip_uri_fragment_part(string& u) { | 411 | string& strip_uri_fragment_part(string& u) { |
412 | string::size_type q = u.find('?'), f = u.find('#'); | 412 | string::size_type q = u.find('?'), f = u.find('#'); |
413 | if(q==string::npos) { | 413 | if(q==string::npos) { |
414 | if(f!=string::npos) | 414 | if(f!=string::npos) |
415 | u.erase(f); | 415 | u.erase(f); |
416 | }else{ | 416 | }else{ |
417 | if(f!=string::npos) { | 417 | if(f!=string::npos) { |
418 | if(f<q) | 418 | if(f<q) |
419 | u.erase(f,q-f); | 419 | u.erase(f,q-f); |
420 | else | 420 | else |
421 | u.erase(f); | 421 | u.erase(f); |
422 | } | 422 | } |
423 | } | 423 | } |
424 | return u; | 424 | return u; |
425 | } | 425 | } |
426 | 426 | ||
427 | bool uri_matches_realm(const string& uri,const string& realm) { | 427 | bool uri_matches_realm(const string& uri,const string& realm) { |
428 | string nrealm = opkele::util::rfc_3986_normalize_uri(realm); | 428 | string nrealm = opkele::util::rfc_3986_normalize_uri(realm); |
429 | string nu = opkele::util::rfc_3986_normalize_uri(uri); | 429 | string nu = opkele::util::rfc_3986_normalize_uri(uri); |
430 | string::size_type pr = nrealm.find("://"); | 430 | string::size_type pr = nrealm.find("://"); |
431 | string::size_type pu = nu.find("://"); | 431 | string::size_type pu = nu.find("://"); |
432 | assert(!(pr==string::npos || pu==string::npos)); | 432 | assert(!(pr==string::npos || pu==string::npos)); |
433 | pr += sizeof("://")-1; | 433 | pr += sizeof("://")-1; |
434 | pu += sizeof("://")-1; | 434 | pu += sizeof("://")-1; |
435 | if(!strncmp(nrealm.c_str()+pr,"*.",2)) { | 435 | if(!strncmp(nrealm.c_str()+pr,"*.",2)) { |
436 | pr = nrealm.find('.',pr); | 436 | pr = nrealm.find('.',pr); |
437 | pu = nu.find('.',pu); | 437 | pu = nu.find('.',pu); |
438 | assert(pr!=string::npos); | 438 | assert(pr!=string::npos); |
439 | if(pu==string::npos) | 439 | if(pu==string::npos) |
440 | return false; | 440 | return false; |
441 | // TODO: check for overgeneralized realm | 441 | // TODO: check for overgeneralized realm |
442 | } | 442 | } |
443 | string::size_type lr = nrealm.length(); | 443 | string::size_type lr = nrealm.length(); |
444 | string::size_type lu = nu.length(); | 444 | string::size_type lu = nu.length(); |
445 | if( (lu-pu) < (lr-pr) ) | 445 | if( (lu-pu) < (lr-pr) ) |
446 | return false; | 446 | return false; |
447 | pair<const char*,const char*> mp = mismatch( | 447 | pair<const char*,const char*> mp = mismatch( |
448 | nrealm.c_str()+pr,nrealm.c_str()+lr, | 448 | nrealm.c_str()+pr,nrealm.c_str()+lr, |
449 | nu.c_str()+pu); | 449 | nu.c_str()+pu); |
450 | if( (*(mp.first-1))!='/' | 450 | if( (*(mp.first-1))!='/' |
451 | && !strchr("/?#",*mp.second) ) | 451 | && !strchr("/?#",*mp.second) ) |
452 | return false; | 452 | return false; |
453 | return true; | 453 | return true; |
454 | } | 454 | } |
455 | 455 | ||
456 | string abi_demangle(const char *mn) { | 456 | string abi_demangle(const char *mn) { |
457 | #ifndef HAVE_DEMANGLE | 457 | #ifndef HAVE_DEMANGLE |
458 | return mn; | 458 | return mn; |
459 | #else /* !HAVE_DEMANGLE */ | 459 | #else /* !HAVE_DEMANGLE */ |
460 | int dstat; | 460 | int dstat; |
461 | char *demangled = abi::__cxa_demangle(mn,0,0,&dstat); | 461 | char *demangled = abi::__cxa_demangle(mn,0,0,&dstat); |
462 | if(dstat) | 462 | if(dstat) |
463 | return mn; | 463 | return mn; |
464 | string rv = demangled; | 464 | string rv = demangled; |
465 | free(demangled); | 465 | free(demangled); |
466 | return rv; | 466 | return rv; |
467 | #endif /* !HAVE_DEMANGLE */ | 467 | #endif /* !HAVE_DEMANGLE */ |
468 | } | 468 | } |
469 | 469 | ||
470 | string base64_signature(const assoc_t& assoc,const basic_openid_message& om) { | 470 | string base64_signature(const assoc_t& assoc,const basic_openid_message& om) { |
471 | const string& slist = om.get_field("signed"); | 471 | const string& slist = om.get_field("signed"); |
472 | string kv; | 472 | string kv; |
473 | string::size_type p=0; | 473 | string::size_type p=0; |
474 | while(true) { | 474 | while(true) { |
475 | string::size_type co = slist.find(',',p); | 475 | string::size_type co = slist.find(',',p); |
476 | string f = (co==string::npos) | 476 | string f = (co==string::npos) |
477 | ?slist.substr(p):slist.substr(p,co-p); | 477 | ?slist.substr(p):slist.substr(p,co-p); |
478 | kv += f; | 478 | kv += f; |
479 | kv += ':'; | 479 | kv += ':'; |
480 | kv += om.get_field(f); | 480 | kv += om.get_field(f); |
481 | kv += '\n'; | 481 | kv += '\n'; |
482 | if(co==string::npos) break; | 482 | if(co==string::npos) break; |
483 | p = co+1; | 483 | p = co+1; |
484 | } | 484 | } |
485 | const secret_t& secret = assoc->secret(); | 485 | const secret_t& secret = assoc->secret(); |
486 | const EVP_MD *evpmd; | 486 | const EVP_MD *evpmd; |
487 | const string& at = assoc->assoc_type(); | 487 | const string& at = assoc->assoc_type(); |
488 | if(at=="HMAC-SHA256") | 488 | if(at=="HMAC-SHA256") |
489 | evpmd = EVP_sha256(); | 489 | evpmd = EVP_sha256(); |
490 | else if(at=="HMAC-SHA1") | 490 | else if(at=="HMAC-SHA1") |
491 | evpmd = EVP_sha1(); | 491 | evpmd = EVP_sha1(); |
492 | else | 492 | else |
493 | throw unsupported(OPKELE_CP_ "unknown association type"); | 493 | throw unsupported(OPKELE_CP_ "unknown association type"); |
494 | unsigned int md_len = 0; | 494 | unsigned int md_len = 0; |
495 | unsigned char md[SHA256_DIGEST_LENGTH]; | 495 | unsigned char md[SHA256_DIGEST_LENGTH]; |
496 | HMAC(evpmd, | 496 | HMAC(evpmd, |
497 | &(secret.front()),secret.size(), | 497 | &(secret.front()),secret.size(), |
498 | (const unsigned char*)kv.data(),kv.length(), | 498 | (const unsigned char*)kv.data(),kv.length(), |
499 | md,&md_len); | 499 | md,&md_len); |
500 | return encode_base64(md,md_len); | 500 | return encode_base64(md,md_len); |
501 | } | 501 | } |
502 | 502 | ||
503 | string normalize_identifier(const string& usi,bool strip_fragment) { | 503 | string normalize_identifier(const string& usi,bool strip_fragment) { |
504 | if(usi.empty()) | 504 | if(usi.empty()) |
505 | return usi; | 505 | return usi; |
506 | string rv; | 506 | string rv; |
507 | string::size_type fsc = usi.find_first_not_of(data::_whitespace_chars); | 507 | string::size_type fsc = usi.find_first_not_of(data::_whitespace_chars); |
508 | if(fsc==string::npos) | 508 | if(fsc==string::npos) |
509 | return rv; | 509 | return rv; |
510 | string::size_type lsc = usi.find_last_not_of(data::_whitespace_chars); | 510 | string::size_type lsc = usi.find_last_not_of(data::_whitespace_chars); |
511 | assert(lsc!=string::npos); | 511 | assert(lsc!=string::npos); |
512 | if(!strncasecmp(usi.c_str()+fsc,"xri://",sizeof("xri://")-1)) | 512 | if(!strncasecmp(usi.c_str()+fsc,"xri://",sizeof("xri://")-1)) |
513 | fsc += sizeof("xri://")-1; | 513 | fsc += sizeof("xri://")-1; |
514 | if( (fsc+1) >= lsc ) | 514 | if( (fsc+1) >= lsc ) |
515 | return rv; | 515 | return rv; |
516 | rv.assign(usi,fsc,lsc-fsc+1); | 516 | rv.assign(usi,fsc,lsc-fsc+1); |
517 | if(strchr(data::_iname_leaders,rv[0])) { | 517 | if(strchr(data::_iname_leaders,rv[0])) { |
518 | /* TODO: further normalize xri identity, fold case or | 518 | /* TODO: further normalize xri identity, fold case or |
519 | * whatever... */ | 519 | * whatever... */ |
520 | }else{ | 520 | }else{ |
521 | if(rv.find("://")==string::npos) | 521 | if(rv.find("://")==string::npos) |
522 | rv.insert(0,"http://"); | 522 | rv.insert(0,"http://"); |
523 | if(strip_fragment) { | 523 | if(strip_fragment) { |
524 | string::size_type fp = rv.find('#'); | 524 | string::size_type fp = rv.find('#'); |
525 | if(fp!=string::npos) { | 525 | if(fp!=string::npos) { |
526 | string::size_type qp = rv.find('?'); | 526 | string::size_type qp = rv.find('?'); |
527 | if(qp==string::npos || qp<fp) | 527 | if(qp==string::npos || qp<fp) |
528 | rv.erase(fp); | 528 | rv.erase(fp); |
529 | else if(qp>fp) | 529 | else if(qp>fp) |
530 | rv.erase(fp,qp-fp); | 530 | rv.erase(fp,qp-fp); |
531 | } | 531 | } |
532 | } | 532 | } |
533 | rv = rfc_3986_normalize_uri(rv); | 533 | rv = rfc_3986_normalize_uri(rv); |
534 | } | 534 | } |
535 | return rv; | 535 | return rv; |
536 | } | 536 | } |
537 | 537 | ||
538 | } | 538 | } |
539 | 539 | ||
540 | } | 540 | } |