1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * util.c: string utility things
21 * 1995-96 Many changes by the Apache Software Foundation
26 * #define DEBUG to trace all cfg_open*()/cfg_closefile() calls
27 * #define DEBUG_CFG_LINES to trace every line read from the config files
31 #include "apr_strings.h"
33 #include "apr_md5.h" /* for apr_password_validate */
35 #define APR_WANT_STDIO
36 #define APR_WANT_STRFUNC
42 #if APR_HAVE_PROCESS_H
43 #include <process.h> /* for getpid() on Win32 */
46 #include <netdb.h> /* for gethostbyname() */
49 #include "ap_config.h"
50 #include "apr_base64.h"
52 #include "http_main.h"
54 #include "http_protocol.h"
55 #include "http_config.h"
56 #include "http_core.h"
57 #include "util_ebcdic.h"
58 #include "util_varbuf.h"
66 #ifdef HAVE_SYS_LOADAVG_H
67 #include <sys/loadavg.h>
72 /* A bunch of functions in util.c scan strings looking for certain characters.
73 * To make that more efficient we encode a lookup table. The test_char_table
74 * is generated automatically by gen_test_char.c.
76 #include "test_char.h"
78 /* we assume the folks using this ensure 0 <= c < 256... which means
79 * you need a cast to (unsigned char) first, you can't just plug a
80 * char in here and get it to work, because if char is signed then it
81 * will first be sign extended.
83 #define TEST_CHAR(c, f) (test_char_table[(unsigned)(c)] & (f))
85 /* Win32/NetWare/OS2 need to check for both forward and back slashes
86 * in ap_getparents() and ap_escape_url.
88 #ifdef CASE_BLIND_FILESYSTEM
89 #define IS_SLASH(s) ((s == '/') || (s == '\\'))
92 #define IS_SLASH(s) (s == '/')
96 /* we know core's module_index is 0 */
97 #undef APLOG_MODULE_INDEX
98 #define APLOG_MODULE_INDEX AP_CORE_MODULE_INDEX
102 * Examine a field value (such as a media-/content-type) string and return
103 * it sans any parameters; e.g., strip off any ';charset=foo' and the like.
105 AP_DECLARE(char *) ap_field_noparam(apr_pool_t *p, const char *intype)
109 if (intype == NULL) return NULL;
111 semi = ap_strchr_c(intype, ';');
113 return apr_pstrdup(p, intype);
116 while ((semi > intype) && apr_isspace(semi[-1])) {
119 return apr_pstrmemdup(p, intype, semi - intype);
123 AP_DECLARE(char *) ap_ht_time(apr_pool_t *p, apr_time_t t, const char *fmt,
127 char ts[MAX_STRING_LEN];
128 char tf[MAX_STRING_LEN];
135 apr_time_exp_gmt(&xt, t);
136 /* Convert %Z to "GMT" and %z to "+0000";
137 * on hosts that do not have a time zone string in struct tm,
138 * strftime must assume its argument is local time.
140 for(strp = tf, f = fmt; strp < tf + sizeof(tf) - 6 && (*strp = *f)
142 if (*f != '%') continue;
153 case 'z': /* common extension */
167 apr_time_exp_lt(&xt, t);
170 /* check return code? */
171 apr_strftime(ts, &retcode, MAX_STRING_LEN, fmt, &xt);
172 ts[MAX_STRING_LEN - 1] = '\0';
173 return apr_pstrdup(p, ts);
176 /* Roy owes Rob beer. */
177 /* Rob owes Roy dinner. */
179 /* These legacy comments would make a lot more sense if Roy hadn't
180 * replaced the old later_than() routine with util_date.c.
182 * Well, okay, they still wouldn't make any sense.
185 /* Match = 0, NoMatch = 1, Abort = -1
186 * Based loosely on sections of wildmat.c by Rich Salz
187 * Hmmm... shouldn't this really go component by component?
189 AP_DECLARE(int) ap_strcmp_match(const char *str, const char *expected)
193 for (x = 0, y = 0; expected[y]; ++y, ++x) {
194 if ((!str[x]) && (expected[y] != '*'))
196 if (expected[y] == '*') {
197 while (expected[++y] == '*');
202 if ((ret = ap_strcmp_match(&str[x++], &expected[y])) != 1)
207 else if ((expected[y] != '?') && (str[x] != expected[y]))
210 return (str[x] != '\0');
213 AP_DECLARE(int) ap_strcasecmp_match(const char *str, const char *expected)
217 for (x = 0, y = 0; expected[y]; ++y, ++x) {
218 if (!str[x] && expected[y] != '*')
220 if (expected[y] == '*') {
221 while (expected[++y] == '*');
226 if ((ret = ap_strcasecmp_match(&str[x++], &expected[y])) != 1)
231 else if (expected[y] != '?'
232 && apr_tolower(str[x]) != apr_tolower(expected[y]))
235 return (str[x] != '\0');
238 /* We actually compare the canonical root to this root, (but we don't
239 * waste time checking the case), since every use of this function in
240 * httpd-2.1 tests if the path is 'proper', meaning we've already passed
241 * it through apr_filepath_merge, or we haven't.
243 AP_DECLARE(int) ap_os_is_path_absolute(apr_pool_t *p, const char *dir)
246 const char *ourdir = dir;
247 if (apr_filepath_root(&newpath, &dir, 0, p) != APR_SUCCESS
248 || strncmp(newpath, ourdir, strlen(newpath)) != 0) {
254 AP_DECLARE(int) ap_is_matchexp(const char *str)
258 for (x = 0; str[x]; x++)
259 if ((str[x] == '*') || (str[x] == '?'))
265 * Here's a pool-based interface to the POSIX-esque ap_regcomp().
266 * Note that we return ap_regex_t instead of being passed one.
267 * The reason is that if you use an already-used ap_regex_t structure,
268 * the memory that you've already allocated gets forgotten, and
269 * regfree() doesn't clear it. So we don't allow it.
272 static apr_status_t regex_cleanup(void *preg)
274 ap_regfree((ap_regex_t *) preg);
278 AP_DECLARE(ap_regex_t *) ap_pregcomp(apr_pool_t *p, const char *pattern,
281 ap_regex_t *preg = apr_palloc(p, sizeof *preg);
282 int err = ap_regcomp(preg, pattern, cflags);
284 if (err == AP_REG_ESPACE)
289 apr_pool_cleanup_register(p, (void *) preg, regex_cleanup,
290 apr_pool_cleanup_null);
295 AP_DECLARE(void) ap_pregfree(apr_pool_t *p, ap_regex_t *reg)
298 apr_pool_cleanup_kill(p, (void *) reg, regex_cleanup);
302 * Similar to standard strstr() but we ignore case in this version.
303 * Based on the strstr() implementation further below.
305 AP_DECLARE(char *) ap_strcasestr(const char *s1, const char *s2)
313 for ( ; (*s1 != '\0') && (apr_tolower(*s1) != apr_tolower(*s2)); s1++);
317 /* found first character of s2, see if the rest matches */
320 for (++p1, ++p2; apr_tolower(*p1) == apr_tolower(*p2); ++p1, ++p2) {
322 /* both strings ended together */
327 /* second string ended, a match */
330 /* didn't find a match here, try starting at next character in s1 */
337 * Returns an offsetted pointer in bigstring immediately after
338 * prefix. Returns bigstring if bigstring doesn't start with
339 * prefix or if prefix is longer than bigstring while still matching.
340 * NOTE: pointer returned is relative to bigstring, so we
341 * can use standard pointer comparisons in the calling function
342 * (eg: test if ap_stripprefix(a,b) == a)
344 AP_DECLARE(const char *) ap_stripprefix(const char *bigstring,
353 while (*p1 && *prefix) {
354 if (*p1++ != *prefix++)
360 /* hit the end of bigstring! */
364 /* This function substitutes for $0-$9, filling in regular expression
365 * submatches. Pass it the same nmatch and pmatch arguments that you
366 * passed ap_regexec(). pmatch should not be greater than the maximum number
367 * of subexpressions - i.e. one more than the re_nsub member of ap_regex_t.
369 * nmatch must be <=AP_MAX_REG_MATCH (10).
371 * input should be the string with the $-expressions, source should be the
372 * string that was matched against.
374 * It returns the substituted string, or NULL if a vbuf is used.
375 * On errors, returns the orig string.
377 * Parts of this code are based on Henry Spencer's regsub(), from his
378 * AT&T V8 regexp package.
381 static apr_status_t regsub_core(apr_pool_t *p, char **result,
382 struct ap_varbuf *vb, const char *input,
383 const char *source, apr_size_t nmatch,
384 ap_regmatch_t pmatch[], apr_size_t maxlen)
386 const char *src = input;
392 AP_DEBUG_ASSERT((result && p && !vb) || (vb && !p && !result));
393 if (!source || nmatch>AP_MAX_REG_MATCH)
397 if (maxlen > 0 && len >= maxlen)
400 *result = apr_pstrmemdup(p, src, len);
404 ap_varbuf_strmemcat(vb, src, len);
409 /* First pass, find the size */
410 while ((c = *src++) != '\0') {
411 if (c == '$' && apr_isdigit(*src))
414 no = AP_MAX_REG_MATCH;
416 if (no >= AP_MAX_REG_MATCH) { /* Ordinary character. */
417 if (c == '\\' && *src)
421 else if (no < nmatch && pmatch[no].rm_so < pmatch[no].rm_eo) {
422 if (APR_SIZE_MAX - len <= pmatch[no].rm_eo - pmatch[no].rm_so)
424 len += pmatch[no].rm_eo - pmatch[no].rm_so;
429 if (len >= maxlen && maxlen > 0)
433 *result = dst = apr_palloc(p, len + 1);
436 if (vb->strlen == AP_VARBUF_UNKNOWN)
437 vb->strlen = strlen(vb->buf);
438 ap_varbuf_grow(vb, vb->strlen + len);
439 dst = vb->buf + vb->strlen;
443 /* Now actually fill in the string */
447 while ((c = *src++) != '\0') {
448 if (c == '$' && apr_isdigit(*src))
451 no = AP_MAX_REG_MATCH;
453 if (no >= AP_MAX_REG_MATCH) { /* Ordinary character. */
454 if (c == '\\' && *src)
458 else if (no < nmatch && pmatch[no].rm_so < pmatch[no].rm_eo) {
459 len = pmatch[no].rm_eo - pmatch[no].rm_so;
460 memcpy(dst, source + pmatch[no].rm_so, len);
470 #ifndef AP_PREGSUB_MAXLEN
471 #define AP_PREGSUB_MAXLEN (HUGE_STRING_LEN * 8)
473 AP_DECLARE(char *) ap_pregsub(apr_pool_t *p, const char *input,
474 const char *source, apr_size_t nmatch,
475 ap_regmatch_t pmatch[])
478 apr_status_t rc = regsub_core(p, &result, NULL, input, source, nmatch,
479 pmatch, AP_PREGSUB_MAXLEN);
480 if (rc != APR_SUCCESS)
485 AP_DECLARE(apr_status_t) ap_pregsub_ex(apr_pool_t *p, char **result,
486 const char *input, const char *source,
487 apr_size_t nmatch, ap_regmatch_t pmatch[],
490 apr_status_t rc = regsub_core(p, result, NULL, input, source, nmatch,
492 if (rc != APR_SUCCESS)
498 * Parse .. so we don't compromise security
500 AP_DECLARE(void) ap_getparents(char *name)
505 /* Four paseses, as per RFC 1808 */
506 /* a) remove ./ path segments */
507 for (next = name; *next && (*next != '.'); next++) {
510 l = w = first_dot = next - name;
511 while (name[l] != '\0') {
512 if (name[l] == '.' && IS_SLASH(name[l + 1])
513 && (l == 0 || IS_SLASH(name[l - 1])))
516 name[w++] = name[l++];
519 /* b) remove trailing . path, segment */
520 if (w == 1 && name[0] == '.')
522 else if (w > 1 && name[w - 1] == '.' && IS_SLASH(name[w - 2]))
526 /* c) remove all xx/../ segments. (including leading ../ and /../) */
529 while (name[l] != '\0') {
530 if (name[l] == '.' && name[l + 1] == '.' && IS_SLASH(name[l + 2])
531 && (l == 0 || IS_SLASH(name[l - 1]))) {
536 while (l >= 0 && !IS_SLASH(name[l]))
543 while ((name[n] = name[m]))
550 /* d) remove trailing xx/.. segment. */
551 if (l == 2 && name[0] == '.' && name[1] == '.')
553 else if (l > 2 && name[l - 1] == '.' && name[l - 2] == '.'
554 && IS_SLASH(name[l - 3])) {
557 while (l >= 0 && !IS_SLASH(name[l]))
567 AP_DECLARE(void) ap_no2slash(char *name)
573 #ifdef HAVE_UNC_PATHS
574 /* Check for UNC names. Leave leading two slashes. */
575 if (s[0] == '/' && s[1] == '/')
580 if ((*d++ = *s) == '/') {
594 * copy at most n leading directories of s into d
595 * d should be at least as large as s plus 1 extra byte
597 * the return value is the ever useful pointer to the trailing \0 of d
599 * MODIFIED FOR HAVE_DRIVE_LETTERS and NETWARE environments,
600 * so that if n == 0, "/" is returned in d with n == 1
601 * and s == "e:/test.html", "e:/" is returned in d
602 * *** See also directory_walk in modules/http/http_request.c
605 * /a/b, 0 ==> / (true for all platforms)
614 * c:/a/b 3 ==> c:/a/b
615 * c:/a/b 4 ==> c:/a/b
617 AP_DECLARE(char *) ap_make_dirstr_prefix(char *d, const char *s, int n)
626 if (*s == '\0' || (*s == '/' && (--n) == 0)) {
638 * return the parent directory name including trailing / of the file s
640 AP_DECLARE(char *) ap_make_dirstr_parent(apr_pool_t *p, const char *s)
642 const char *last_slash = ap_strrchr_c(s, '/');
646 if (last_slash == NULL) {
647 return apr_pstrdup(p, "");
649 l = (last_slash - s) + 1;
650 d = apr_pstrmemdup(p, s, l);
656 AP_DECLARE(int) ap_count_dirs(const char *path)
660 for (x = 0, n = 0; path[x]; x++)
666 AP_DECLARE(char *) ap_getword_nc(apr_pool_t *atrans, char **line, char stop)
668 return ap_getword(atrans, (const char **) line, stop);
671 AP_DECLARE(char *) ap_getword(apr_pool_t *atrans, const char **line, char stop)
673 const char *pos = *line;
677 while ((*pos != stop) && *pos) {
682 res = apr_pstrmemdup(atrans, *line, len);
685 while (*pos == stop) {
694 AP_DECLARE(char *) ap_getword_white_nc(apr_pool_t *atrans, char **line)
696 return ap_getword_white(atrans, (const char **) line);
699 AP_DECLARE(char *) ap_getword_white(apr_pool_t *atrans, const char **line)
701 const char *pos = *line;
705 while (!apr_isspace(*pos) && *pos) {
710 res = apr_pstrmemdup(atrans, *line, len);
712 while (apr_isspace(*pos)) {
721 AP_DECLARE(char *) ap_getword_nulls_nc(apr_pool_t *atrans, char **line,
724 return ap_getword_nulls(atrans, (const char **) line, stop);
727 AP_DECLARE(char *) ap_getword_nulls(apr_pool_t *atrans, const char **line,
730 const char *pos = ap_strchr_c(*line, stop);
734 apr_size_t len = strlen(*line);
735 res = apr_pstrmemdup(atrans, *line, len);
740 res = apr_pstrmemdup(atrans, *line, pos - *line);
749 /* Get a word, (new) config-file style --- quoted strings and backslashes
753 static char *substring_conf(apr_pool_t *p, const char *start, int len,
756 char *result = apr_palloc(p, len + 1);
760 for (i = 0; i < len; ++i) {
761 if (start[i] == '\\' && (start[i + 1] == '\\'
762 || (quote && start[i + 1] == quote)))
763 *resp++ = start[++i];
769 #if RESOLVE_ENV_PER_TOKEN
770 return (char *)ap_resolve_env(p,result);
776 AP_DECLARE(char *) ap_getword_conf_nc(apr_pool_t *p, char **line)
778 return ap_getword_conf(p, (const char **) line);
781 AP_DECLARE(char *) ap_getword_conf(apr_pool_t *p, const char **line)
783 const char *str = *line, *strend;
787 while (apr_isspace(*str))
795 if ((quote = *str) == '"' || quote == '\'') {
797 while (*strend && *strend != quote) {
798 if (*strend == '\\' && strend[1] &&
799 (strend[1] == quote || strend[1] == '\\')) {
806 res = substring_conf(p, str + 1, strend - str - 1, quote);
808 if (*strend == quote)
813 while (*strend && !apr_isspace(*strend))
816 res = substring_conf(p, str, strend - str, 0);
819 while (apr_isspace(*strend))
825 AP_DECLARE(int) ap_cfg_closefile(ap_configfile_t *cfp)
828 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, NULL, APLOGNO(00551)
829 "Done with config file %s", cfp->name);
831 return (cfp->close == NULL) ? 0 : cfp->close(cfp->param);
834 /* we can't use apr_file_* directly because of linking issues on Windows */
835 static apr_status_t cfg_close(void *param)
837 return apr_file_close(param);
840 static apr_status_t cfg_getch(char *ch, void *param)
842 return apr_file_getc(ch, param);
845 static apr_status_t cfg_getstr(void *buf, apr_size_t bufsiz, void *param)
847 return apr_file_gets(buf, bufsiz, param);
850 /* Open a ap_configfile_t as FILE, return open ap_configfile_t struct pointer */
851 AP_DECLARE(apr_status_t) ap_pcfg_openfile(ap_configfile_t **ret_cfg,
852 apr_pool_t *p, const char *name)
854 ap_configfile_t *new_cfg;
855 apr_file_t *file = NULL;
863 ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, APLOGNO(00552)
864 "Internal error: pcfg_openfile() called with NULL filename");
868 status = apr_file_open(&file, name, APR_READ | APR_BUFFERED,
871 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, NULL, APLOGNO(00553)
872 "Opening config file %s (%s)",
873 name, (status != APR_SUCCESS) ?
874 apr_strerror(status, buf, sizeof(buf)) : "successful");
876 if (status != APR_SUCCESS)
879 status = apr_file_info_get(&finfo, APR_FINFO_TYPE, file);
880 if (status != APR_SUCCESS)
883 if (finfo.filetype != APR_REG &&
884 #if defined(WIN32) || defined(OS2) || defined(NETWARE)
885 strcasecmp(apr_filepath_name_get(name), "nul") != 0) {
887 strcmp(name, "/dev/null") != 0) {
888 #endif /* WIN32 || OS2 */
889 ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, APLOGNO(00554)
890 "Access to file %s denied by server: not a regular file",
892 apr_file_close(file);
897 /* Some twisted character [no pun intended] at MS decided that a
898 * zero width joiner as the lead wide character would be ideal for
899 * describing Unicode text files. This was further convoluted to
900 * another MSism that the same character mapped into utf-8, EF BB BF
901 * would signify utf-8 text files.
903 * Since MS configuration files are all protecting utf-8 encoded
904 * Unicode path, file and resource names, we already have the correct
905 * WinNT encoding. But at least eat the stupid three bytes up front.
908 unsigned char buf[4];
910 status = apr_file_read(file, buf, &len);
911 if ((status != APR_SUCCESS) || (len < 3)
912 || memcmp(buf, "\xEF\xBB\xBF", 3) != 0) {
914 apr_file_seek(file, APR_SET, &zero);
919 new_cfg = apr_palloc(p, sizeof(*new_cfg));
920 new_cfg->param = file;
921 new_cfg->name = apr_pstrdup(p, name);
922 new_cfg->getch = cfg_getch;
923 new_cfg->getstr = cfg_getstr;
924 new_cfg->close = cfg_close;
925 new_cfg->line_number = 0;
931 /* Allocate a ap_configfile_t handle with user defined functions and params */
932 AP_DECLARE(ap_configfile_t *) ap_pcfg_open_custom(
933 apr_pool_t *p, const char *descr, void *param,
934 apr_status_t (*getc_func) (char *ch, void *param),
935 apr_status_t (*gets_func) (void *buf, apr_size_t bufsize, void *param),
936 apr_status_t (*close_func) (void *param))
938 ap_configfile_t *new_cfg = apr_palloc(p, sizeof(*new_cfg));
939 new_cfg->param = param;
940 new_cfg->name = descr;
941 new_cfg->getch = getc_func;
942 new_cfg->getstr = gets_func;
943 new_cfg->close = close_func;
944 new_cfg->line_number = 0;
948 /* Read one character from a configfile_t */
949 AP_DECLARE(apr_status_t) ap_cfg_getc(char *ch, ap_configfile_t *cfp)
951 apr_status_t rc = cfp->getch(ch, cfp->param);
952 if (rc == APR_SUCCESS && *ch == LF)
957 AP_DECLARE(const char *) ap_pcfg_strerror(apr_pool_t *p, ap_configfile_t *cfp,
960 if (rc == APR_SUCCESS)
963 if (rc == APR_ENOSPC)
964 return apr_psprintf(p, "Error reading %s at line %d: Line too long",
965 cfp->name, cfp->line_number);
967 return apr_psprintf(p, "Error reading %s at line %d: %pm",
968 cfp->name, cfp->line_number, &rc);
971 /* Read one line from open ap_configfile_t, strip LF, increase line number */
972 /* If custom handler does not define a getstr() function, read char by char */
973 static apr_status_t ap_cfg_getline_core(char *buf, apr_size_t bufsize,
974 apr_size_t offset, ap_configfile_t *cfp)
977 /* If a "get string" function is defined, use it */
978 if (cfp->getstr != NULL) {
980 char *cbuf = buf + offset;
981 apr_size_t cbufsize = bufsize - offset;
985 rc = cfp->getstr(cbuf, cbufsize, cfp->param);
987 if (cbuf != buf + offset) {
995 if (rc != APR_SUCCESS) {
1000 * check for line continuation,
1001 * i.e. match [^\\]\\[\r]\n only
1005 if (cp > buf && cp[-1] == LF) {
1007 if (cp > buf && cp[-1] == CR)
1009 if (cp > buf && cp[-1] == '\\') {
1012 * line continuation requested -
1013 * then remove backslash and continue
1015 cbufsize -= (cp-cbuf);
1020 else if (cp - buf >= bufsize - 1) {
1026 /* No "get string" function defined; read character by character */
1027 apr_size_t i = offset;
1030 /* too small, assume caller is crazy */
1037 rc = cfp->getch(&c, cfp->param);
1038 if (rc == APR_EOF) {
1044 if (rc != APR_SUCCESS)
1048 /* check for line continuation */
1049 if (i > 0 && buf[i-1] == '\\') {
1059 if (i >= bufsize - 1) {
1068 static int cfg_trim_line(char *buf)
1072 * Leading and trailing white space is eliminated completely
1075 while (apr_isspace(*start))
1077 /* blast trailing whitespace */
1078 end = &start[strlen(start)];
1079 while (--end >= start && apr_isspace(*end))
1081 /* Zap leading whitespace by shifting */
1083 memmove(buf, start, end - start + 2);
1084 #ifdef DEBUG_CFG_LINES
1085 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, APLOGNO(00555) "Read config: '%s'", buf);
1087 return end - start + 1;
1090 /* Read one line from open ap_configfile_t, strip LF, increase line number */
1091 /* If custom handler does not define a getstr() function, read char by char */
1092 AP_DECLARE(apr_status_t) ap_cfg_getline(char *buf, apr_size_t bufsize,
1093 ap_configfile_t *cfp)
1095 apr_status_t rc = ap_cfg_getline_core(buf, bufsize, 0, cfp);
1096 if (rc == APR_SUCCESS)
1101 AP_DECLARE(apr_status_t) ap_varbuf_cfg_getline(struct ap_varbuf *vb,
1102 ap_configfile_t *cfp,
1110 if (vb->strlen == AP_VARBUF_UNKNOWN)
1111 vb->strlen = strlen(vb->buf);
1112 if (vb->avail - vb->strlen < 3) {
1113 new_len = vb->avail * 2;
1114 if (new_len > max_len)
1116 else if (new_len < 3)
1118 ap_varbuf_grow(vb, new_len);
1122 rc = ap_cfg_getline_core(vb->buf, vb->avail, vb->strlen, cfp);
1123 if (rc == APR_ENOSPC || rc == APR_SUCCESS)
1124 vb->strlen += strlen(vb->buf + vb->strlen);
1125 if (rc != APR_ENOSPC)
1127 if (vb->avail >= max_len)
1129 new_len = vb->avail * 2;
1130 if (new_len > max_len)
1132 ap_varbuf_grow(vb, new_len);
1135 if (vb->strlen > max_len)
1137 if (rc == APR_SUCCESS)
1138 vb->strlen = cfg_trim_line(vb->buf);
1142 /* Size an HTTP header field list item, as separated by a comma.
1143 * The return value is a pointer to the beginning of the non-empty list item
1144 * within the original string (or NULL if there is none) and the address
1145 * of field is shifted to the next non-comma, non-whitespace character.
1146 * len is the length of the item excluding any beginning whitespace.
1148 AP_DECLARE(const char *) ap_size_list_item(const char **field, int *len)
1150 const unsigned char *ptr = (const unsigned char *)*field;
1151 const unsigned char *token;
1152 int in_qpair, in_qstr, in_com;
1154 /* Find first non-comma, non-whitespace byte */
1156 while (*ptr == ',' || apr_isspace(*ptr))
1161 /* Find the end of this item, skipping over dead bits */
1163 for (in_qpair = in_qstr = in_com = 0;
1164 *ptr && (in_qpair || in_qstr || in_com || *ptr != ',');
1172 case '\\': in_qpair = 1; /* quoted-pair */
1174 case '"' : if (!in_com) /* quoted string delim */
1177 case '(' : if (!in_qstr) /* comment (may nest) */
1180 case ')' : if (in_com) /* end comment */
1188 if ((*len = (ptr - token)) == 0) {
1189 *field = (const char *)ptr;
1193 /* Advance field pointer to the next non-comma, non-white byte */
1195 while (*ptr == ',' || apr_isspace(*ptr))
1198 *field = (const char *)ptr;
1199 return (const char *)token;
1202 /* Retrieve an HTTP header field list item, as separated by a comma,
1203 * while stripping insignificant whitespace and lowercasing anything not in
1204 * a quoted string or comment. The return value is a new string containing
1205 * the converted list item (or NULL if none) and the address pointed to by
1206 * field is shifted to the next non-comma, non-whitespace.
1208 AP_DECLARE(char *) ap_get_list_item(apr_pool_t *p, const char **field)
1210 const char *tok_start;
1211 const unsigned char *ptr;
1214 int addspace = 0, in_qpair = 0, in_qstr = 0, in_com = 0, tok_len = 0;
1216 /* Find the beginning and maximum length of the list item so that
1217 * we can allocate a buffer for the new string and reset the field.
1219 if ((tok_start = ap_size_list_item(field, &tok_len)) == NULL) {
1222 token = apr_palloc(p, tok_len + 1);
1224 /* Scan the token again, but this time copy only the good bytes.
1225 * We skip extra whitespace and any whitespace around a '=', '/',
1226 * or ';' and lowercase normal characters not within a comment,
1227 * quoted-string or quoted-pair.
1229 for (ptr = (const unsigned char *)tok_start, pos = (unsigned char *)token;
1230 *ptr && (in_qpair || in_qstr || in_com || *ptr != ',');
1239 case '\\': in_qpair = 1;
1245 case '"' : if (!in_com)
1252 case '(' : if (!in_qstr)
1259 case ')' : if (in_com)
1265 case '\t': if (addspace)
1267 if (in_com || in_qstr)
1274 case ';' : if (!(in_com || in_qstr))
1278 default : if (addspace == 1)
1280 *pos++ = (in_com || in_qstr) ? *ptr
1281 : apr_tolower(*ptr);
1292 typedef enum ap_etag_e {
1298 /* Find an item in canonical form (lowercase, no extra spaces) within
1299 * an HTTP field value list. Returns 1 if found, 0 if not found.
1300 * This would be much more efficient if we stored header fields as
1301 * an array of list items as they are received instead of a plain string.
1303 static int find_list_item(apr_pool_t *p, const char *line,
1304 const char *tok, ap_etag_e type)
1306 const unsigned char *pos;
1307 const unsigned char *ptr = (const unsigned char *)line;
1308 int good = 0, addspace = 0, in_qpair = 0, in_qstr = 0, in_com = 0;
1310 if (!line || !tok) {
1313 if (type == AP_ETAG_STRONG && *tok != '\"') {
1316 if (type == AP_ETAG_WEAK) {
1317 if (*tok == 'W' && (*(tok+1)) == '/' && (*(tok+2)) == '\"') {
1320 else if (*tok != '\"') {
1325 do { /* loop for each item in line's list */
1327 /* Find first non-comma, non-whitespace byte */
1328 while (*ptr == ',' || apr_isspace(*ptr)) {
1332 /* Account for strong or weak Etags, depending on our search */
1333 if (type == AP_ETAG_STRONG && *ptr != '\"') {
1336 if (type == AP_ETAG_WEAK) {
1337 if (*ptr == 'W' && (*(ptr+1)) == '/' && (*(ptr+2)) == '\"') {
1340 else if (*ptr != '\"') {
1346 good = 1; /* until proven otherwise for this item */
1348 break; /* no items left and nothing good found */
1350 /* We skip extra whitespace and any whitespace around a '=', '/',
1351 * or ';' and lowercase normal characters not within a comment,
1352 * quoted-string or quoted-pair.
1354 for (pos = (const unsigned char *)tok;
1355 *ptr && (in_qpair || in_qstr || in_com || *ptr != ',');
1361 good = (*pos++ == *ptr);
1365 case '\\': in_qpair = 1;
1367 good = good && (*pos++ == ' ');
1368 good = good && (*pos++ == *ptr);
1371 case '"' : if (!in_com)
1374 good = good && (*pos++ == ' ');
1375 good = good && (*pos++ == *ptr);
1378 case '(' : if (!in_qstr)
1381 good = good && (*pos++ == ' ');
1382 good = good && (*pos++ == *ptr);
1385 case ')' : if (in_com)
1387 good = good && (*pos++ == *ptr);
1391 case '\t': if (addspace || !good)
1393 if (in_com || in_qstr)
1394 good = (*pos++ == *ptr);
1400 case ';' : if (!(in_com || in_qstr))
1402 good = good && (*pos++ == *ptr);
1404 default : if (!good)
1407 good = (*pos++ == ' ');
1408 if (in_com || in_qstr)
1409 good = good && (*pos++ == *ptr);
1412 && (apr_tolower(*pos++) == apr_tolower(*ptr));
1419 good = 0; /* not good if only a prefix was matched */
1421 } while (*ptr && !good);
1426 /* Find an item in canonical form (lowercase, no extra spaces) within
1427 * an HTTP field value list. Returns 1 if found, 0 if not found.
1428 * This would be much more efficient if we stored header fields as
1429 * an array of list items as they are received instead of a plain string.
1431 AP_DECLARE(int) ap_find_list_item(apr_pool_t *p, const char *line,
1434 return find_list_item(p, line, tok, AP_ETAG_NONE);
1437 /* Find a strong Etag in canonical form (lowercase, no extra spaces) within
1438 * an HTTP field value list. Returns 1 if found, 0 if not found.
1440 AP_DECLARE(int) ap_find_etag_strong(apr_pool_t *p, const char *line,
1443 return find_list_item(p, line, tok, AP_ETAG_STRONG);
1446 /* Find a weak ETag in canonical form (lowercase, no extra spaces) within
1447 * an HTTP field value list. Returns 1 if found, 0 if not found.
1449 AP_DECLARE(int) ap_find_etag_weak(apr_pool_t *p, const char *line,
1452 return find_list_item(p, line, tok, AP_ETAG_WEAK);
1455 /* Grab a list of tokens of the format 1#token (from RFC7230) */
1456 AP_DECLARE(const char *) ap_parse_token_list_strict(apr_pool_t *p,
1458 apr_array_header_t **tokens,
1461 int in_leading_space = 1;
1462 int in_trailing_space = 0;
1464 const char *tok_begin;
1471 tok_begin = cur = str_in;
1473 while (!string_end) {
1474 const unsigned char c = (unsigned char)*cur;
1476 if (!TEST_CHAR(c, T_HTTP_TOKEN_STOP) && c != '\0') {
1477 /* Non-separator character; we are finished with leading
1478 * whitespace. We must never have encountered any trailing
1479 * whitespace before the delimiter (comma) */
1480 in_leading_space = 0;
1481 if (in_trailing_space) {
1482 return "Encountered illegal whitespace in token";
1485 else if (c == ' ' || c == '\t') {
1486 /* "Linear whitespace" only includes ASCII CRLF, space, and tab;
1487 * we can't get a CRLF since headers are split on them already,
1488 * so only look for a space or a tab */
1489 if (in_leading_space) {
1490 /* We're still in leading whitespace */
1494 /* We must be in trailing whitespace */
1495 ++in_trailing_space;
1498 else if (c == ',' || c == '\0') {
1499 if (!in_leading_space) {
1500 /* If we're out of the leading space, we know we've read some
1501 * characters of a token */
1502 if (*tokens == NULL) {
1503 *tokens = apr_array_make(p, 4, sizeof(char *));
1505 APR_ARRAY_PUSH(*tokens, char *) =
1506 apr_pstrmemdup((*tokens)->pool, tok_begin,
1507 (cur - tok_begin) - in_trailing_space);
1509 /* We're allowed to have null elements, just don't add them to the
1512 tok_begin = cur + 1;
1513 in_leading_space = 1;
1514 in_trailing_space = 0;
1515 string_end = (c == '\0');
1518 /* Encountered illegal separator char */
1520 /* Skip to the next separator */
1522 temp = ap_strchr_c(cur, ',');
1524 temp = ap_strchr_c(cur, '\0');
1527 /* Act like we haven't seen a token so we reset */
1529 in_leading_space = 1;
1530 in_trailing_space = 0;
1533 return apr_psprintf(p, "Encountered illegal separator "
1534 "'\\x%.2x'", (unsigned int)c);
1544 /* Retrieve a token, spacing over it and returning a pointer to
1545 * the first non-white byte afterwards. Note that these tokens
1546 * are delimited by semis and commas; and can also be delimited
1547 * by whitespace at the caller's option.
1550 AP_DECLARE(char *) ap_get_token(apr_pool_t *p, const char **accept_line,
1553 const char *ptr = *accept_line;
1554 const char *tok_start;
1557 /* Find first non-white byte */
1559 while (apr_isspace(*ptr))
1564 /* find token end, skipping over quoted strings.
1565 * (comments are already gone).
1568 while (*ptr && (accept_white || !apr_isspace(*ptr))
1569 && *ptr != ';' && *ptr != ',') {
1576 token = apr_pstrmemdup(p, tok_start, ptr - tok_start);
1578 /* Advance accept_line pointer to the next non-white byte */
1580 while (apr_isspace(*ptr))
1588 /* find http tokens, see the definition of token from RFC2068 */
1589 AP_DECLARE(int) ap_find_token(apr_pool_t *p, const char *line, const char *tok)
1591 const unsigned char *start_token;
1592 const unsigned char *s;
1597 s = (const unsigned char *)line;
1599 /* find start of token, skip all stop characters, note NUL
1600 * isn't a token stop, so we don't need to test for it
1602 while (TEST_CHAR(*s, T_HTTP_TOKEN_STOP)) {
1609 /* find end of the token */
1610 while (*s && !TEST_CHAR(*s, T_HTTP_TOKEN_STOP)) {
1613 if (!strncasecmp((const char *)start_token, (const char *)tok,
1624 AP_DECLARE(int) ap_find_last_token(apr_pool_t *p, const char *line,
1627 int llen, tlen, lidx;
1632 llen = strlen(line);
1637 (lidx > 0 && !(apr_isspace(line[lidx - 1]) || line[lidx - 1] == ',')))
1640 return (strncasecmp(&line[lidx], tok, tlen) == 0);
1643 AP_DECLARE(char *) ap_escape_shell_cmd(apr_pool_t *p, const char *str)
1647 const unsigned char *s;
1649 cmd = apr_palloc(p, 2 * strlen(str) + 1); /* Be safe */
1650 d = (unsigned char *)cmd;
1651 s = (const unsigned char *)str;
1654 #if defined(OS2) || defined(WIN32)
1656 * Newlines to Win32/OS2 CreateProcess() are ill advised.
1657 * Convert them to spaces since they are effectively white
1658 * space to most applications
1660 if (*s == '\r' || *s == '\n') {
1666 if (TEST_CHAR(*s, T_ESCAPE_SHELL_CMD)) {
1676 static char x2c(const char *what)
1680 #if !APR_CHARSET_EBCDIC
1681 digit = ((what[0] >= 'A') ? ((what[0] & 0xdf) - 'A') + 10
1684 digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A') + 10
1686 #else /*APR_CHARSET_EBCDIC*/
1693 digit = apr_xlate_conv_byte(ap_hdrs_from_ascii,
1694 0xFF & strtol(xstr, NULL, 16));
1695 #endif /*APR_CHARSET_EBCDIC*/
1700 * Unescapes a URL, leaving reserved characters intact.
1701 * Returns 0 on success, non-zero on error
1703 * bad % escape returns HTTP_BAD_REQUEST
1705 * decoding %00 or a forbidden character returns HTTP_NOT_FOUND
1708 static int unescape_url(char *url, const char *forbid, const char *reserved)
1710 int badesc, badpath;
1715 /* Initial scan for first '%'. Don't bother writing values before
1717 y = strchr(url, '%');
1721 for (x = y; *y; ++x, ++y) {
1726 if (!apr_isxdigit(*(y + 1)) || !apr_isxdigit(*(y + 2))) {
1732 decoded = x2c(y + 1);
1733 if ((decoded == '\0')
1734 || (forbid && ap_strchr_c(forbid, decoded))) {
1739 else if (reserved && ap_strchr_c(reserved, decoded)) {
1753 return HTTP_BAD_REQUEST;
1756 return HTTP_NOT_FOUND;
1762 AP_DECLARE(int) ap_unescape_url(char *url)
1765 return unescape_url(url, SLASHES, NULL);
1767 AP_DECLARE(int) ap_unescape_url_keep2f(char *url, int decode_slashes)
1769 /* AllowEncodedSlashes (corrected) */
1770 if (decode_slashes) {
1771 /* no chars reserved */
1772 return unescape_url(url, NULL, NULL);
1774 /* reserve (do not decode) encoded slashes */
1775 return unescape_url(url, NULL, SLASHES);
1779 /* IFDEF these out until they've been thought through.
1780 * Just a germ of an API extension for now
1782 AP_DECLARE(int) ap_unescape_url_proxy(char *url)
1784 /* leave RFC1738 reserved characters intact, * so proxied URLs
1785 * don't get mangled. Where does that leave encoded '&' ?
1787 return unescape_url(url, NULL, "/;?");
1789 AP_DECLARE(int) ap_unescape_url_reserved(char *url, const char *reserved)
1791 return unescape_url(url, NULL, reserved);
1795 AP_DECLARE(int) ap_unescape_urlencoded(char *query)
1799 /* replace plus with a space */
1801 for (slider = query; *slider; slider++) {
1802 if (*slider == '+') {
1808 /* unescape everything else */
1809 return unescape_url(query, NULL, NULL);
1812 AP_DECLARE(char *) ap_construct_server(apr_pool_t *p, const char *hostname,
1813 apr_port_t port, const request_rec *r)
1815 if (ap_is_default_port(port, r)) {
1816 return apr_pstrdup(p, hostname);
1819 return apr_psprintf(p, "%s:%u", hostname, port);
1823 AP_DECLARE(int) ap_unescape_all(char *url)
1825 return unescape_url(url, NULL, NULL);
1828 /* c2x takes an unsigned, and expects the caller has guaranteed that
1829 * 0 <= what < 256... which usually means that you have to cast to
1830 * unsigned char first, because (unsigned)(char)(x) first goes through
1831 * signed extension to an int before the unsigned cast.
1833 * The reason for this assumption is to assist gcc code generation --
1834 * the unsigned char -> unsigned extension is already done earlier in
1835 * both uses of this code, so there's no need to waste time doing it
1838 static const char c2x_table[] = "0123456789abcdef";
1840 static APR_INLINE unsigned char *c2x(unsigned what, unsigned char prefix,
1841 unsigned char *where)
1843 #if APR_CHARSET_EBCDIC
1844 what = apr_xlate_conv_byte(ap_hdrs_to_ascii, (unsigned char)what);
1845 #endif /*APR_CHARSET_EBCDIC*/
1847 *where++ = c2x_table[what >> 4];
1848 *where++ = c2x_table[what & 0xf];
1853 * escape_path_segment() escapes a path segment, as defined in RFC 1808. This
1854 * routine is (should be) OS independent.
1856 * os_escape_path() converts an OS path to a URL, in an OS dependent way. In all
1857 * cases if a ':' occurs before the first '/' in the URL, the URL should be
1858 * prefixed with "./" (or the ':' escaped). In the case of Unix, this means
1859 * leaving '/' alone, but otherwise doing what escape_path_segment() does. For
1860 * efficiency reasons, we don't use escape_path_segment(), which is provided for
1861 * reference. Again, RFC 1808 is where this stuff is defined.
1863 * If partial is set, os_escape_path() assumes that the path will be appended to
1864 * something with a '/' in it (and thus does not prefix "./").
1867 AP_DECLARE(char *) ap_escape_path_segment_buffer(char *copy, const char *segment)
1869 const unsigned char *s = (const unsigned char *)segment;
1870 unsigned char *d = (unsigned char *)copy;
1874 if (TEST_CHAR(c, T_ESCAPE_PATH_SEGMENT)) {
1886 AP_DECLARE(char *) ap_escape_path_segment(apr_pool_t *p, const char *segment)
1888 return ap_escape_path_segment_buffer(apr_palloc(p, 3 * strlen(segment) + 1), segment);
1891 AP_DECLARE(char *) ap_os_escape_path(apr_pool_t *p, const char *path, int partial)
1893 /* Allocate +3 for potential "./" and trailing NULL.
1894 * Allocate another +1 to allow the caller to add a trailing '/' (see
1895 * comment in 'ap_sub_req_lookup_dirent')
1897 char *copy = apr_palloc(p, 3 * strlen(path) + 3 + 1);
1898 const unsigned char *s = (const unsigned char *)path;
1899 unsigned char *d = (unsigned char *)copy;
1903 const char *colon = ap_strchr_c(path, ':');
1904 const char *slash = ap_strchr_c(path, '/');
1906 if (colon && (!slash || colon < slash)) {
1912 if (TEST_CHAR(c, T_OS_ESCAPE_PATH)) {
1924 AP_DECLARE(char *) ap_escape_urlencoded_buffer(char *copy, const char *buffer)
1926 const unsigned char *s = (const unsigned char *)buffer;
1927 unsigned char *d = (unsigned char *)copy;
1931 if (TEST_CHAR(c, T_ESCAPE_URLENCODED)) {
1934 else if (c == ' ') {
1946 AP_DECLARE(char *) ap_escape_urlencoded(apr_pool_t *p, const char *buffer)
1948 return ap_escape_urlencoded_buffer(apr_palloc(p, 3 * strlen(buffer) + 1), buffer);
1951 /* ap_escape_uri is now a macro for os_escape_path */
1953 AP_DECLARE(char *) ap_escape_html2(apr_pool_t *p, const char *s, int toasc)
1958 /* first, count the number of extra characters */
1959 for (i = 0, j = 0; s[i] != '\0'; i++)
1960 if (s[i] == '<' || s[i] == '>')
1962 else if (s[i] == '&')
1964 else if (s[i] == '"')
1966 else if (toasc && !apr_isascii(s[i]))
1970 return apr_pstrmemdup(p, s, i);
1972 x = apr_palloc(p, i + j + 1);
1973 for (i = 0, j = 0; s[i] != '\0'; i++, j++)
1975 memcpy(&x[j], "<", 4);
1978 else if (s[i] == '>') {
1979 memcpy(&x[j], ">", 4);
1982 else if (s[i] == '&') {
1983 memcpy(&x[j], "&", 5);
1986 else if (s[i] == '"') {
1987 memcpy(&x[j], """, 6);
1990 else if (toasc && !apr_isascii(s[i])) {
1991 char *esc = apr_psprintf(p, "&#%3.3d;", (unsigned char)s[i]);
1992 memcpy(&x[j], esc, 6);
2001 AP_DECLARE(char *) ap_escape_logitem(apr_pool_t *p, const char *str)
2005 const unsigned char *s;
2006 apr_size_t length, escapes = 0;
2012 /* Compute how many characters need to be escaped */
2013 s = (const unsigned char *)str;
2015 if (TEST_CHAR(*s, T_ESCAPE_LOGITEM)) {
2020 /* Compute the length of the input string, including NULL */
2021 length = s - (const unsigned char *)str + 1;
2023 /* Fast path: nothing to escape */
2025 return apr_pmemdup(p, str, length);
2028 /* Each escaped character needs up to 3 extra bytes (0 --> \x00) */
2029 ret = apr_palloc(p, length + 3 * escapes);
2030 d = (unsigned char *)ret;
2031 s = (const unsigned char *)str;
2033 if (TEST_CHAR(*s, T_ESCAPE_LOGITEM)) {
2069 AP_DECLARE(apr_size_t) ap_escape_errorlog_item(char *dest, const char *source,
2072 unsigned char *d, *ep;
2073 const unsigned char *s;
2075 if (!source || !buflen) { /* be safe */
2079 d = (unsigned char *)dest;
2080 s = (const unsigned char *)source;
2081 ep = d + buflen - 1;
2083 for (; d < ep && *s; ++s) {
2085 if (TEST_CHAR(*s, T_ESCAPE_LOGITEM)) {
2111 case '"': /* no need for this in error log */
2116 ep = --d; /* break the for loop as well */
2129 return (d - (unsigned char *)dest);
2132 AP_DECLARE(void) ap_bin2hex(const void *src, apr_size_t srclen, char *dest)
2134 const unsigned char *in = src;
2137 for (i = 0; i < srclen; i++) {
2138 *dest++ = c2x_table[in[i] >> 4];
2139 *dest++ = c2x_table[in[i] & 0xf];
2144 AP_DECLARE(int) ap_has_cntrl(const char *str)
2147 if (apr_iscntrl(*str))
2154 AP_DECLARE(int) ap_is_directory(apr_pool_t *p, const char *path)
2158 if (apr_stat(&finfo, path, APR_FINFO_TYPE, p) != APR_SUCCESS)
2159 return 0; /* in error condition, just return no */
2161 return (finfo.filetype == APR_DIR);
2164 AP_DECLARE(int) ap_is_rdirectory(apr_pool_t *p, const char *path)
2168 if (apr_stat(&finfo, path, APR_FINFO_LINK | APR_FINFO_TYPE, p) != APR_SUCCESS)
2169 return 0; /* in error condition, just return no */
2171 return (finfo.filetype == APR_DIR);
2174 AP_DECLARE(char *) ap_make_full_path(apr_pool_t *a, const char *src1,
2177 apr_size_t len1, len2;
2180 len1 = strlen(src1);
2181 len2 = strlen(src2);
2182 /* allocate +3 for '/' delimiter, trailing NULL and overallocate
2183 * one extra byte to allow the caller to add a trailing '/'
2185 path = (char *)apr_palloc(a, len1 + len2 + 3);
2188 memcpy(path + 1, src2, len2 + 1);
2192 memcpy(path, src1, len1);
2194 if (next[-1] != '/') {
2197 memcpy(next, src2, len2 + 1);
2203 * Check for an absoluteURI syntax (see section 3.2 in RFC2068).
2205 AP_DECLARE(int) ap_is_url(const char *u)
2209 for (x = 0; u[x] != ':'; x++) {
2211 ((!apr_isalnum(u[x])) &&
2212 (u[x] != '+') && (u[x] != '-') && (u[x] != '.'))) {
2217 return (x ? 1 : 0); /* If the first character is ':', it's broken, too */
2220 AP_DECLARE(int) ap_ind(const char *s, char c)
2222 const char *p = ap_strchr_c(s, c);
2229 AP_DECLARE(int) ap_rind(const char *s, char c)
2231 const char *p = ap_strrchr_c(s, c);
2238 AP_DECLARE(void) ap_str_tolower(char *str)
2241 *str = apr_tolower(*str);
2246 AP_DECLARE(void) ap_str_toupper(char *str)
2249 *str = apr_toupper(*str);
2255 * We must return a FQDN
2257 char *ap_get_local_host(apr_pool_t *a)
2259 #ifndef MAXHOSTNAMELEN
2260 #define MAXHOSTNAMELEN 256
2262 char str[MAXHOSTNAMELEN + 1];
2263 char *server_hostname = NULL;
2264 apr_sockaddr_t *sockaddr;
2267 if (apr_gethostname(str, sizeof(str) - 1, a) != APR_SUCCESS) {
2268 ap_log_perror(APLOG_MARK, APLOG_STARTUP | APLOG_WARNING, 0, a, APLOGNO(00556)
2269 "%s: apr_gethostname() failed to determine ServerName",
2272 str[sizeof(str) - 1] = '\0';
2273 if (apr_sockaddr_info_get(&sockaddr, str, APR_UNSPEC, 0, 0, a) == APR_SUCCESS) {
2274 if ( (apr_getnameinfo(&hostname, sockaddr, 0) == APR_SUCCESS) &&
2275 (ap_strchr_c(hostname, '.')) ) {
2276 server_hostname = apr_pstrdup(a, hostname);
2277 return server_hostname;
2278 } else if (ap_strchr_c(str, '.')) {
2279 server_hostname = apr_pstrdup(a, str);
2281 apr_sockaddr_ip_get(&hostname, sockaddr);
2282 server_hostname = apr_pstrdup(a, hostname);
2285 ap_log_perror(APLOG_MARK, APLOG_STARTUP | APLOG_WARNING, 0, a, APLOGNO(00557)
2286 "%s: apr_sockaddr_info_get() failed for %s",
2287 ap_server_argv0, str);
2291 if (!server_hostname)
2292 server_hostname = apr_pstrdup(a, "127.0.0.1");
2294 ap_log_perror(APLOG_MARK, APLOG_ALERT|APLOG_STARTUP, 0, a, APLOGNO(00558)
2295 "%s: Could not reliably determine the server's fully qualified "
2296 "domain name, using %s. Set the 'ServerName' directive globally "
2297 "to suppress this message",
2298 ap_server_argv0, server_hostname);
2300 return server_hostname;
2303 /* simple 'pool' alloc()ing glue to apr_base64.c
2305 AP_DECLARE(char *) ap_pbase64decode(apr_pool_t *p, const char *bufcoded)
2310 decoded = (char *) apr_palloc(p, 1 + apr_base64_decode_len(bufcoded));
2311 l = apr_base64_decode(decoded, bufcoded);
2312 decoded[l] = '\0'; /* make binary sequence into string */
2317 AP_DECLARE(char *) ap_pbase64encode(apr_pool_t *p, char *string)
2320 int l = strlen(string);
2322 encoded = (char *) apr_palloc(p, 1 + apr_base64_encode_len(l));
2323 l = apr_base64_encode(encoded, string, l);
2324 encoded[l] = '\0'; /* make binary sequence into string */
2329 /* we want to downcase the type/subtype for comparison purposes
2330 * but nothing else because ;parameter=foo values are case sensitive.
2331 * XXX: in truth we want to downcase parameter names... but really,
2332 * apache has never handled parameters and such correctly. You
2333 * also need to compress spaces and such to be able to compare
2336 AP_DECLARE(void) ap_content_type_tolower(char *str)
2340 semi = strchr(str, ';');
2345 ap_str_tolower(str);
2353 * Given a string, replace any bare " with \" .
2355 AP_DECLARE(char *) ap_escape_quotes(apr_pool_t *p, const char *instring)
2358 const char *inchr = instring;
2359 char *outchr, *outstring;
2362 * Look through the input string, jogging the length of the output
2363 * string up by an extra byte each time we find an unescaped ".
2365 while (*inchr != '\0') {
2367 if (*inchr == '"') {
2371 * If we find a slosh, and it's not the last byte in the string,
2372 * it's escaping something - advance past both bytes.
2374 if ((*inchr == '\\') && (inchr[1] != '\0')) {
2380 outstring = apr_palloc(p, newlen + 1);
2384 * Now copy the input string to the output string, inserting a slosh
2385 * in front of every " that doesn't already have one.
2387 while (*inchr != '\0') {
2388 if ((*inchr == '\\') && (inchr[1] != '\0')) {
2389 *outchr++ = *inchr++;
2390 *outchr++ = *inchr++;
2392 if (*inchr == '"') {
2395 if (*inchr != '\0') {
2396 *outchr++ = *inchr++;
2404 * Given a string, append the PID deliminated by delim.
2405 * Usually used to create a pid-appended filepath name
2406 * (eg: /a/b/foo -> /a/b/foo.6726). A function, and not
2407 * a macro, to avoid unistd.h dependency
2409 AP_DECLARE(char *) ap_append_pid(apr_pool_t *p, const char *string,
2412 return apr_psprintf(p, "%s%s%" APR_PID_T_FMT, string,
2418 * Parse a given timeout parameter string into an apr_interval_time_t value.
2419 * The unit of the time interval is given as postfix string to the numeric
2420 * string. Currently the following units are understood:
2427 * If no unit is contained in the given timeout parameter the default_time_unit
2428 * will be used instead.
2429 * @param timeout_parameter The string containing the timeout parameter.
2430 * @param timeout The timeout value to be returned.
2431 * @param default_time_unit The default time unit to use if none is specified
2432 * in timeout_parameter.
2433 * @return Status value indicating whether the parsing was successful or not.
2435 AP_DECLARE(apr_status_t) ap_timeout_parameter_parse(
2436 const char *timeout_parameter,
2437 apr_interval_time_t *timeout,
2438 const char *default_time_unit)
2441 const char *time_str;
2444 tout = apr_strtoi64(timeout_parameter, &endp, 10);
2448 if (!endp || !*endp) {
2449 time_str = default_time_unit;
2455 switch (*time_str) {
2456 /* Time is in seconds */
2458 *timeout = (apr_interval_time_t) apr_time_from_sec(tout);
2461 /* Time is in hours */
2462 *timeout = (apr_interval_time_t) apr_time_from_sec(tout * 3600);
2465 switch (*(++time_str)) {
2466 /* Time is in milliseconds */
2468 *timeout = (apr_interval_time_t) tout * 1000;
2470 /* Time is in minutes */
2472 *timeout = (apr_interval_time_t) apr_time_from_sec(tout * 60);
2475 return APR_EGENERAL;
2479 return APR_EGENERAL;
2485 * Determine if a request has a request body or not.
2487 * @param r the request_rec of the request
2488 * @return truth value
2490 AP_DECLARE(int) ap_request_has_body(request_rec *r)
2497 has_body = (!r->header_only
2499 || apr_table_get(r->headers_in, "Transfer-Encoding")
2500 || ( (cls = apr_table_get(r->headers_in, "Content-Length"))
2501 && (apr_strtoff(&cl, cls, &estr, 10) == APR_SUCCESS)
2509 AP_DECLARE_NONSTD(apr_status_t) ap_pool_cleanup_set_null(void *data_)
2511 void **ptr = (void **)data_;
2516 AP_DECLARE(apr_status_t) ap_str2_alnum(const char *src, char *dest) {
2518 for ( ; *src; src++, dest++)
2520 if (!apr_isprint(*src))
2522 else if (!apr_isalnum(*src))
2532 AP_DECLARE(apr_status_t) ap_pstr2_alnum(apr_pool_t *p, const char *src,
2535 char *new = apr_palloc(p, strlen(src)+1);
2539 return ap_str2_alnum(src, new);
2543 * Read the body and parse any form found, which must be of the
2544 * type application/x-www-form-urlencoded.
2546 * Name/value pairs are returned in an array, with the names as
2547 * strings with a maximum length of HUGE_STRING_LEN, and the
2548 * values as bucket brigades. This allows values to be arbitrarily
2551 * All url-encoding is removed from both the names and the values
2552 * on the fly. The names are interpreted as strings, while the
2553 * values are interpreted as blocks of binary data, that may
2554 * contain the 0 character.
2556 * In order to ensure that resource limits are not exceeded, a
2557 * maximum size must be provided. If the sum of the lengths of
2558 * the names and the values exceed this size, this function
2559 * will return HTTP_REQUEST_ENTITY_TOO_LARGE.
2561 * An optional number of parameters can be provided, if the number
2562 * of parameters provided exceeds this amount, this function will
2563 * return HTTP_REQUEST_ENTITY_TOO_LARGE. If this value is negative,
2564 * no limit is imposed, and the number of parameters is in turn
2565 * constrained by the size parameter above.
2567 * This function honours any kept_body configuration, and the
2568 * original raw request body will be saved to the kept_body brigade
2569 * if so configured, just as ap_discard_request_body does.
2571 * NOTE: File upload is not yet supported, but can be without change
2572 * to the function call.
2575 /* form parsing stuff */
2586 AP_DECLARE(int) ap_parse_form_data(request_rec *r, ap_filter_t *f,
2587 apr_array_header_t **ptr,
2588 apr_size_t num, apr_size_t usize)
2590 apr_bucket_brigade *bb = NULL;
2592 char buffer[HUGE_STRING_LEN + 1];
2594 apr_size_t offset = 0;
2596 ap_form_type_t state = FORM_NAME, percent = FORM_NORMAL;
2597 ap_form_pair_t *pair = NULL;
2598 apr_array_header_t *pairs = apr_array_make(r->pool, 4, sizeof(ap_form_pair_t));
2605 /* sanity check - we only support forms for now */
2606 ct = apr_table_get(r->headers_in, "Content-Type");
2607 if (!ct || strncasecmp("application/x-www-form-urlencoded", ct, 33)) {
2608 return ap_discard_request_body(r);
2611 if (usize > APR_SIZE_MAX >> 1)
2612 size = APR_SIZE_MAX >> 1;
2617 f = r->input_filters;
2620 bb = apr_brigade_create(r->pool, r->connection->bucket_alloc);
2622 apr_bucket *bucket = NULL, *last = NULL;
2624 int rv = ap_get_brigade(f, bb, AP_MODE_READBYTES,
2625 APR_BLOCK_READ, HUGE_STRING_LEN);
2626 if (rv != APR_SUCCESS) {
2627 apr_brigade_destroy(bb);
2628 return ap_map_http_request_error(rv, HTTP_BAD_REQUEST);
2631 for (bucket = APR_BRIGADE_FIRST(bb);
2632 bucket != APR_BRIGADE_SENTINEL(bb);
2633 last = bucket, bucket = APR_BUCKET_NEXT(bucket)) {
2635 apr_size_t len, slide;
2638 apr_bucket_delete(last);
2640 if (APR_BUCKET_IS_EOS(bucket)) {
2644 if (bucket->length == 0) {
2648 rv = apr_bucket_read(bucket, &data, &len, APR_BLOCK_READ);
2649 if (rv != APR_SUCCESS) {
2650 apr_brigade_destroy(bb);
2651 return HTTP_BAD_REQUEST;
2655 while (state != FORM_ABORT && slide-- > 0 && size >= 0 && num != 0) {
2660 else if ('&' == c) {
2664 percent = FORM_PERCENTA;
2667 if (FORM_PERCENTA == percent) {
2671 else if (c >= 'A') {
2674 else if (c >= '0') {
2678 percent = FORM_PERCENTB;
2681 if (FORM_PERCENTB == percent) {
2685 else if (c >= 'A') {
2688 else if (c >= '0') {
2692 percent = FORM_NORMAL;
2697 const char *tmp = apr_pmemdup(r->pool, buffer, offset);
2698 apr_bucket *b = apr_bucket_pool_create(tmp, offset, r->pool, r->connection->bucket_alloc);
2699 APR_BRIGADE_INSERT_TAIL(pair->value, b);
2707 if (offset < HUGE_STRING_LEN) {
2711 pair = (ap_form_pair_t *) apr_array_push(pairs);
2712 pair->name = apr_pstrdup(r->pool, buffer);
2713 pair->value = apr_brigade_create(r->pool, r->connection->bucket_alloc);
2717 buffer[offset++] = c;
2726 if (offset >= HUGE_STRING_LEN) {
2727 const char *tmp = apr_pmemdup(r->pool, buffer, offset);
2728 apr_bucket *b = apr_bucket_pool_create(tmp, offset, r->pool, r->connection->bucket_alloc);
2729 APR_BRIGADE_INSERT_TAIL(pair->value, b);
2732 buffer[offset++] = c;
2742 apr_brigade_cleanup(bb);
2743 } while (!seen_eos);
2745 if (FORM_ABORT == state || size < 0 || num == 0) {
2746 return HTTP_REQUEST_ENTITY_TOO_LARGE;
2748 else if (FORM_VALUE == state && pair && offset > 0) {
2749 const char *tmp = apr_pmemdup(r->pool, buffer, offset);
2750 apr_bucket *b = apr_bucket_pool_create(tmp, offset, r->pool, r->connection->bucket_alloc);
2751 APR_BRIGADE_INSERT_TAIL(pair->value, b);
2758 #define VARBUF_SMALL_SIZE 2048
2759 #define VARBUF_MAX_SIZE (APR_SIZE_MAX - 1 - \
2760 APR_ALIGN_DEFAULT(sizeof(struct ap_varbuf_info)))
2762 struct ap_varbuf_info {
2763 struct apr_memnode_t *node;
2764 apr_allocator_t *allocator;
2767 static apr_status_t varbuf_cleanup(void *info_)
2769 struct ap_varbuf_info *info = info_;
2770 info->node->next = NULL;
2771 apr_allocator_free(info->allocator, info->node);
2775 const char nul = '\0';
2776 static char * const varbuf_empty = (char *)&nul;
2778 AP_DECLARE(void) ap_varbuf_init(apr_pool_t *p, struct ap_varbuf *vb,
2779 apr_size_t init_size)
2781 vb->buf = varbuf_empty;
2783 vb->strlen = AP_VARBUF_UNKNOWN;
2787 ap_varbuf_grow(vb, init_size);
2790 AP_DECLARE(void) ap_varbuf_grow(struct ap_varbuf *vb, apr_size_t new_len)
2792 apr_memnode_t *new_node = NULL;
2793 apr_allocator_t *allocator;
2794 struct ap_varbuf_info *new_info;
2797 AP_DEBUG_ASSERT(vb->strlen == AP_VARBUF_UNKNOWN || vb->avail >= vb->strlen);
2799 if (new_len <= vb->avail)
2802 if (new_len < 2 * vb->avail && vb->avail < VARBUF_MAX_SIZE/2) {
2803 /* at least double the size, to avoid repeated reallocations */
2804 new_len = 2 * vb->avail;
2806 else if (new_len > VARBUF_MAX_SIZE) {
2807 apr_abortfunc_t abort_fn = apr_pool_abort_get(vb->pool);
2808 ap_assert(abort_fn != NULL);
2809 abort_fn(APR_ENOMEM);
2813 new_len++; /* add space for trailing \0 */
2814 if (new_len <= VARBUF_SMALL_SIZE) {
2815 new_len = APR_ALIGN_DEFAULT(new_len);
2816 new = apr_palloc(vb->pool, new_len);
2817 if (vb->avail && vb->strlen != 0) {
2818 AP_DEBUG_ASSERT(vb->buf != NULL);
2819 AP_DEBUG_ASSERT(vb->buf != varbuf_empty);
2820 if (new == vb->buf + vb->avail + 1) {
2821 /* We are lucky: the new memory lies directly after our old
2822 * buffer, we can now use both.
2824 vb->avail += new_len;
2828 /* copy up to vb->strlen + 1 bytes */
2829 memcpy(new, vb->buf, vb->strlen == AP_VARBUF_UNKNOWN ?
2830 vb->avail + 1 : vb->strlen + 1);
2836 vb->avail = new_len - 1;
2841 /* The required block is rather larger. Use allocator directly so that
2842 * the memory can be freed independently from the pool. */
2843 allocator = apr_pool_allocator_get(vb->pool);
2844 if (new_len <= VARBUF_MAX_SIZE)
2845 new_node = apr_allocator_alloc(allocator,
2846 new_len + APR_ALIGN_DEFAULT(sizeof(*new_info)));
2848 apr_abortfunc_t abort_fn = apr_pool_abort_get(vb->pool);
2849 ap_assert(abort_fn != NULL);
2850 abort_fn(APR_ENOMEM);
2853 new_info = (struct ap_varbuf_info *)new_node->first_avail;
2854 new_node->first_avail += APR_ALIGN_DEFAULT(sizeof(*new_info));
2855 new_info->node = new_node;
2856 new_info->allocator = allocator;
2857 new = new_node->first_avail;
2858 AP_DEBUG_ASSERT(new_node->endp - new_node->first_avail >= new_len);
2859 new_len = new_node->endp - new_node->first_avail;
2861 if (vb->avail && vb->strlen != 0)
2862 memcpy(new, vb->buf, vb->strlen == AP_VARBUF_UNKNOWN ?
2863 vb->avail + 1 : vb->strlen + 1);
2867 apr_pool_cleanup_run(vb->pool, vb->info, varbuf_cleanup);
2868 apr_pool_cleanup_register(vb->pool, new_info, varbuf_cleanup,
2869 apr_pool_cleanup_null);
2870 vb->info = new_info;
2872 vb->avail = new_len - 1;
2875 AP_DECLARE(void) ap_varbuf_strmemcat(struct ap_varbuf *vb, const char *str,
2881 ap_varbuf_grow(vb, len);
2882 memcpy(vb->buf, str, len);
2883 vb->buf[len] = '\0';
2887 if (vb->strlen == AP_VARBUF_UNKNOWN)
2888 vb->strlen = strlen(vb->buf);
2889 ap_varbuf_grow(vb, vb->strlen + len);
2890 memcpy(vb->buf + vb->strlen, str, len);
2892 vb->buf[vb->strlen] = '\0';
2895 AP_DECLARE(void) ap_varbuf_free(struct ap_varbuf *vb)
2898 apr_pool_cleanup_run(vb->pool, vb->info, varbuf_cleanup);
2904 AP_DECLARE(char *) ap_varbuf_pdup(apr_pool_t *p, struct ap_varbuf *buf,
2905 const char *prepend, apr_size_t prepend_len,
2906 const char *append, apr_size_t append_len,
2907 apr_size_t *new_len)
2910 struct iovec vec[3];
2913 vec[i].iov_base = (void *)prepend;
2914 vec[i].iov_len = prepend_len;
2917 if (buf->avail && buf->strlen) {
2918 if (buf->strlen == AP_VARBUF_UNKNOWN)
2919 buf->strlen = strlen(buf->buf);
2920 vec[i].iov_base = (void *)buf->buf;
2921 vec[i].iov_len = buf->strlen;
2925 vec[i].iov_base = (void *)append;
2926 vec[i].iov_len = append_len;
2930 return apr_pstrcatv(p, vec, i, new_len);
2937 AP_DECLARE(apr_status_t) ap_varbuf_regsub(struct ap_varbuf *vb,
2941 ap_regmatch_t pmatch[],
2944 return regsub_core(NULL, NULL, vb, input, source, nmatch, pmatch, maxlen);
2947 static const char * const oom_message = "[crit] Memory allocation failed, "
2948 "aborting process." APR_EOL_STR;
2950 AP_DECLARE(void) ap_abort_on_oom()
2952 int written, count = strlen(oom_message);
2953 const char *buf = oom_message;
2955 written = write(STDERR_FILENO, buf, count);
2956 if (written == count)
2962 } while (written >= 0 || errno == EINTR);
2966 AP_DECLARE(void *) ap_malloc(size_t size)
2968 void *p = malloc(size);
2969 if (p == NULL && size != 0)
2974 AP_DECLARE(void *) ap_calloc(size_t nelem, size_t size)
2976 void *p = calloc(nelem, size);
2977 if (p == NULL && nelem != 0 && size != 0)
2982 AP_DECLARE(void *) ap_realloc(void *ptr, size_t size)
2984 void *p = realloc(ptr, size);
2985 if (p == NULL && size != 0)
2990 AP_DECLARE(void) ap_get_sload(ap_sload_t *ld)
2992 int i, j, server_limit, thread_limit;
2996 ap_generation_t mpm_generation;
2998 /* preload errored fields, we overwrite */
3001 ld->bytes_served = 0;
3002 ld->access_count = 0;
3004 ap_mpm_query(AP_MPMQ_GENERATION, &mpm_generation);
3005 ap_mpm_query(AP_MPMQ_HARD_LIMIT_THREADS, &thread_limit);
3006 ap_mpm_query(AP_MPMQ_HARD_LIMIT_DAEMONS, &server_limit);
3008 for (i = 0; i < server_limit; i++) {
3010 ps = ap_get_scoreboard_process(i);
3012 for (j = 0; j < thread_limit; j++) {
3014 worker_score *ws = NULL;
3015 ws = &ap_scoreboard_image->servers[i][j];
3018 if (!ps->quiescing && ps->pid) {
3019 if (res == SERVER_READY && ps->generation == mpm_generation) {
3022 else if (res != SERVER_DEAD &&
3023 res != SERVER_STARTING && res != SERVER_IDLE_KILL &&
3024 ps->generation == mpm_generation) {
3029 if (ap_extended_status && !ps->quiescing && ps->pid) {
3030 if (ws->access_count != 0
3031 || (res != SERVER_READY && res != SERVER_DEAD)) {
3032 ld->access_count += ws->access_count;
3033 ld->bytes_served += ws->bytes_served;
3038 total = busy + ready;
3040 ld->idle = ready * 100 / total;
3041 ld->busy = busy * 100 / total;
3045 AP_DECLARE(void) ap_get_loadavg(ap_loadavg_t *ld)
3047 /* preload errored fields, we overwrite */
3049 ld->loadavg5 = -1.0;
3050 ld->loadavg15 = -1.0;
3057 num = getloadavg(la, 3);
3059 ld->loadavg = (float)la[0];
3062 ld->loadavg5 = (float)la[1];
3065 ld->loadavg15 = (float)la[2];
3071 static const char * const pw_cache_note_name = "conn_cache_note";
3073 /* varbuf contains concatenated password and hash */
3074 struct ap_varbuf vb;
3076 apr_status_t result;
3079 AP_DECLARE(apr_status_t) ap_password_validate(request_rec *r,
3080 const char *username,
3084 struct pw_cache *cache;
3087 cache = (struct pw_cache *)apr_table_get(r->connection->notes, pw_cache_note_name);
3088 if (cache != NULL) {
3089 if (strncmp(passwd, cache->vb.buf, cache->pwlen) == 0
3090 && strcmp(hash, cache->vb.buf + cache->pwlen) == 0) {
3091 return cache->result;
3093 /* make ap_varbuf_grow below not copy the old data */
3094 cache->vb.strlen = 0;
3097 cache = apr_palloc(r->connection->pool, sizeof(struct pw_cache));
3098 ap_varbuf_init(r->connection->pool, &cache->vb, 0);
3099 apr_table_setn(r->connection->notes, pw_cache_note_name, (void *)cache);
3101 cache->pwlen = strlen(passwd);
3102 hashlen = strlen(hash);
3103 ap_varbuf_grow(&cache->vb, cache->pwlen + hashlen + 1);
3104 memcpy(cache->vb.buf, passwd, cache->pwlen);
3105 memcpy(cache->vb.buf + cache->pwlen, hash, hashlen + 1);
3106 cache->result = apr_password_validate(passwd, hash);
3107 return cache->result;
3110 AP_DECLARE(char *) ap_get_exec_line(apr_pool_t *p,
3112 const char * const * argv)
3114 char buf[MAX_STRING_LEN];
3115 apr_procattr_t *procattr;
3118 apr_size_t nbytes = 1;
3122 if (apr_procattr_create(&procattr, p) != APR_SUCCESS)
3124 if (apr_procattr_io_set(procattr, APR_FULL_BLOCK, APR_FULL_BLOCK,
3125 APR_FULL_BLOCK) != APR_SUCCESS)
3127 if (apr_procattr_dir_set(procattr,
3128 ap_make_dirstr_parent(p, cmd)) != APR_SUCCESS)
3130 if (apr_procattr_cmdtype_set(procattr, APR_PROGRAM) != APR_SUCCESS)
3132 proc = apr_pcalloc(p, sizeof(apr_proc_t));
3133 if (apr_proc_create(proc, cmd, argv, NULL, procattr, p) != APR_SUCCESS)
3139 /* XXX: we are reading 1 byte at a time here */
3140 for (k = 0; apr_file_read(fp, &c, &nbytes) == APR_SUCCESS
3141 && nbytes == 1 && (k < MAX_STRING_LEN-1) ; ) {
3142 if (c == '\n' || c == '\r')
3149 return apr_pstrndup(p, buf, k);