/[Apache-SVN]/httpd/httpd/trunk/modules/mappers/mod_alias.c
ViewVC logotype

Contents of /httpd/httpd/trunk/modules/mappers/mod_alias.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 778942 - (hide annotations)
Wed May 27 00:58:41 2009 UTC (6 months ago) by niq
File MIME type: text/plain
File size: 16836 byte(s) 
mod_alias: Enforce sanity in args to Redirect
PR 44729
1 fielding 420983 /* Licensed to the Apache Software Foundation (ASF) under one or more
2     * contributor license agreements. See the NOTICE file distributed with
3     * this work for additional information regarding copyright ownership.
4     * The ASF licenses this file to You under the Apache License, Version 2.0
5     * (the "License"); you may not use this file except in compliance with
6     * the License. You may obtain a copy of the License at
7 fielding 83751 *
8 nd 102525 * http://www.apache.org/licenses/LICENSE-2.0
9 fielding 83751 *
10 nd 102525 * Unless required by applicable law or agreed to in writing, software
11     * distributed under the License is distributed on an "AS IS" BASIS,
12     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13     * See the License for the specific language governing permissions and
14     * limitations under the License.
15 fielding 83751 */
16    
17     /*
18     * http_alias.c: Stuff for dealing with directory aliases
19 jim 332306 *
20 fielding 83751 * Original by Rob McCool, rewritten in succession by David Robinson
21     * and rst.
22 jim 332306 *
23 fielding 83751 */
24    
25 rbb 85867 #include "apr_strings.h"
26 gstein 88060 #include "apr_lib.h"
27    
28     #define APR_WANT_STRFUNC
29     #include "apr_want.h"
30    
31 rbb 84531 #include "ap_config.h"
32 fielding 83751 #include "httpd.h"
33 coar 93143 #include "http_core.h"
34 fielding 83751 #include "http_config.h"
35 fielding 83770 #include "http_request.h"
36 coar 93137 #include "http_log.h"
37 fielding 83751
38 gstein 88060
39 fielding 83751 typedef struct {
40 ben 85644 const char *real;
41     const char *fake;
42 fielding 83751 char *handler;
43 jorton 153384 ap_regex_t *regexp;
44 jerenkrantz 95503 int redir_status; /* 301, 302, 303, 410, etc */
45 fielding 83751 } alias_entry;
46    
47     typedef struct {
48 dougm 85976 apr_array_header_t *aliases;
49     apr_array_header_t *redirects;
50 fielding 83751 } alias_server_conf;
51    
52     typedef struct {
53 dougm 85976 apr_array_header_t *redirects;
54 fielding 83751 } alias_dir_conf;
55    
56 wrowe 86609 module AP_MODULE_DECLARE_DATA alias_module;
57 fielding 83751
58 dougm 85976 static void *create_alias_config(apr_pool_t *p, server_rec *s)
59 fielding 83751 {
60     alias_server_conf *a =
61 dougm 85976 (alias_server_conf *) apr_pcalloc(p, sizeof(alias_server_conf));
62 fielding 83751
63 dougm 88019 a->aliases = apr_array_make(p, 20, sizeof(alias_entry));
64     a->redirects = apr_array_make(p, 20, sizeof(alias_entry));
65 fielding 83751 return a;
66     }
67    
68 dougm 85976 static void *create_alias_dir_config(apr_pool_t *p, char *d)
69 fielding 83751 {
70     alias_dir_conf *a =
71 dougm 85976 (alias_dir_conf *) apr_pcalloc(p, sizeof(alias_dir_conf));
72 dougm 88019 a->redirects = apr_array_make(p, 2, sizeof(alias_entry));
73 fielding 83751 return a;
74     }
75    
76 dougm 85976 static void *merge_alias_config(apr_pool_t *p, void *basev, void *overridesv)
77 fielding 83751 {
78     alias_server_conf *a =
79 dougm 85976 (alias_server_conf *) apr_pcalloc(p, sizeof(alias_server_conf));
80 jerenkrantz 95503 alias_server_conf *base = (alias_server_conf *) basev;
81     alias_server_conf *overrides = (alias_server_conf *) overridesv;
82 fielding 83751
83 dougm 88019 a->aliases = apr_array_append(p, overrides->aliases, base->aliases);
84     a->redirects = apr_array_append(p, overrides->redirects, base->redirects);
85 fielding 83751 return a;
86     }
87    
88 dougm 85976 static void *merge_alias_dir_config(apr_pool_t *p, void *basev, void *overridesv)
89 fielding 83751 {
90     alias_dir_conf *a =
91 dougm 85976 (alias_dir_conf *) apr_pcalloc(p, sizeof(alias_dir_conf));
92 jerenkrantz 95503 alias_dir_conf *base = (alias_dir_conf *) basev;
93     alias_dir_conf *overrides = (alias_dir_conf *) overridesv;
94 dougm 88019 a->redirects = apr_array_append(p, overrides->redirects, base->redirects);
95 fielding 83751 return a;
96     }
97    
98 nd 98647 /* need prototype for overlap check */
99     static int alias_matches(const char *uri, const char *alias_fakename);
100    
101 ben 85644 static const char *add_alias_internal(cmd_parms *cmd, void *dummy,
102 jerenkrantz 95503 const char *f, const char *r,
103     int use_regex)
104 fielding 83751 {
105     server_rec *s = cmd->server;
106 gstein 88225 alias_server_conf *conf = ap_get_module_config(s->module_config,
107     &alias_module);
108 dougm 88019 alias_entry *new = apr_array_push(conf->aliases);
109 nd 98647 alias_entry *entries = (alias_entry *)conf->aliases->elts;
110     int i;
111 fielding 83751
112     /* XX r can NOT be relative to DocumentRoot here... compat bug. */
113    
114     if (use_regex) {
115 jorton 153384 new->regexp = ap_pregcomp(cmd->pool, f, AP_REG_EXTENDED);
116 jerenkrantz 95503 if (new->regexp == NULL)
117     return "Regular expression could not be compiled.";
118 rbb 88010 new->real = r;
119 fielding 83751 }
120 wrowe 90562 else {
121     /* XXX This may be optimized, but we must know that new->real
122     * exists. If so, we can dir merge later, trusing new->real
123     * and just canonicalizing the remainder. Not till I finish
124     * cleaning out the old ap_canonical stuff first.
125     */
126     new->real = r;
127     }
128 fielding 83751 new->fake = f;
129     new->handler = cmd->info;
130    
131 nd 98647 /* check for overlapping (Script)Alias directives
132     * and throw a warning if found one
133     */
134     if (!use_regex) {
135     for (i = 0; i < conf->aliases->nelts - 1; ++i) {
136     alias_entry *p = &entries[i];
137    
138 trawick 98741 if ( (!p->regexp && alias_matches(f, p->fake) > 0)
139     || (p->regexp && !ap_regexec(p->regexp, f, 0, NULL, 0))) {
140 nd 98647 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server,
141 nd 102949 "The %s directive in %s at line %d will probably "
142     "never match because it overlaps an earlier "
143     "%sAlias%s.",
144     cmd->cmd->name, cmd->directive->filename,
145     cmd->directive->line_num,
146 nd 98657 p->handler ? "Script" : "",
147     p->regexp ? "Match" : "");
148 nd 98647
149     break; /* one warning per alias should be sufficient */
150     }
151     }
152     }
153    
154 fielding 83751 return NULL;
155     }
156    
157 ben 85644 static const char *add_alias(cmd_parms *cmd, void *dummy, const char *f,
158 jerenkrantz 95503 const char *r)
159 fielding 83751 {
160     return add_alias_internal(cmd, dummy, f, r, 0);
161     }
162    
163 ben 85644 static const char *add_alias_regex(cmd_parms *cmd, void *dummy, const char *f,
164 jerenkrantz 95503 const char *r)
165 fielding 83751 {
166     return add_alias_internal(cmd, dummy, f, r, 1);
167     }
168    
169 ben 85644 static const char *add_redirect_internal(cmd_parms *cmd,
170 jerenkrantz 95503 alias_dir_conf *dirconf,
171 jim 332306 const char *arg1, const char *arg2,
172 trawick 85627 const char *arg3, int use_regex)
173 fielding 83751 {
174     alias_entry *new;
175     server_rec *s = cmd->server;
176 gstein 88225 alias_server_conf *serverconf = ap_get_module_config(s->module_config,
177     &alias_module);
178 fielding 83751 int status = (int) (long) cmd->info;
179 jorton 153384 ap_regex_t *r = NULL;
180 ben 85644 const char *f = arg2;
181     const char *url = arg3;
182 fielding 83751
183 niq 778942 if (arg3 != NULL) {
184     if (!strcasecmp(arg1, "gone"))
185     status = HTTP_GONE;
186     else if (!strcasecmp(arg1, "permanent"))
187     status = HTTP_MOVED_PERMANENTLY;
188     else if (!strcasecmp(arg1, "temp"))
189     status = HTTP_MOVED_TEMPORARILY;
190     else if (!strcasecmp(arg1, "seeother"))
191     status = HTTP_SEE_OTHER;
192     else if (apr_isdigit(*arg1))
193     status = atoi(arg1);
194     else {
195     return "Redirect: invalid first argument (of three)";
196     }
197     }
198 fielding 83751 else {
199 jerenkrantz 95503 f = arg1;
200     url = arg2;
201 fielding 83751 }
202    
203     if (use_regex) {
204 jorton 153384 r = ap_pregcomp(cmd->pool, f, AP_REG_EXTENDED);
205 jerenkrantz 95503 if (r == NULL)
206     return "Regular expression could not be compiled.";
207 fielding 83751 }
208    
209     if (ap_is_HTTP_REDIRECT(status)) {
210 jerenkrantz 95503 if (!url)
211     return "URL to redirect to is missing";
212 niq 490142 /* PR#35314: we can allow path components here;
213     * they get correctly resolved to full URLs.
214     */
215     if (!use_regex && !ap_is_url(url) && (url[0] != '/'))
216 jerenkrantz 95503 return "Redirect to non-URL";
217 fielding 83751 }
218     else {
219 jerenkrantz 95503 if (url)
220     return "Redirect URL not valid for this status";
221 fielding 83751 }
222    
223     if (cmd->path)
224 jerenkrantz 95503 new = apr_array_push(dirconf->redirects);
225 fielding 83751 else
226 jerenkrantz 95503 new = apr_array_push(serverconf->redirects);
227 fielding 83751
228     new->fake = f;
229     new->real = url;
230     new->regexp = r;
231     new->redir_status = status;
232     return NULL;
233     }
234    
235 ben 85644 static const char *add_redirect(cmd_parms *cmd, void *dirconf,
236     const char *arg1, const char *arg2,
237 jerenkrantz 95503 const char *arg3)
238 fielding 83751 {
239     return add_redirect_internal(cmd, dirconf, arg1, arg2, arg3, 0);
240     }
241    
242 ben 85644 static const char *add_redirect2(cmd_parms *cmd, void *dirconf,
243 jerenkrantz 95503 const char *arg1, const char *arg2)
244 fielding 83751 {
245 ben 85644 return add_redirect_internal(cmd, dirconf, arg1, arg2, NULL, 0);
246     }
247    
248     static const char *add_redirect_regex(cmd_parms *cmd, void *dirconf,
249 jerenkrantz 95503 const char *arg1, const char *arg2,
250     const char *arg3)
251 ben 85644 {
252 fielding 83751 return add_redirect_internal(cmd, dirconf, arg1, arg2, arg3, 1);
253     }
254    
255     static const command_rec alias_cmds[] =
256     {
257 trawick 85627 AP_INIT_TAKE2("Alias", add_alias, NULL, RSRC_CONF,
258     "a fakename and a realname"),
259     AP_INIT_TAKE2("ScriptAlias", add_alias, "cgi-script", RSRC_CONF,
260     "a fakename and a realname"),
261     AP_INIT_TAKE23("Redirect", add_redirect, (void *) HTTP_MOVED_TEMPORARILY,
262     OR_FILEINFO,
263     "an optional status, then document to be redirected and "
264     "destination URL"),
265     AP_INIT_TAKE2("AliasMatch", add_alias_regex, NULL, RSRC_CONF,
266     "a regular expression and a filename"),
267     AP_INIT_TAKE2("ScriptAliasMatch", add_alias_regex, "cgi-script", RSRC_CONF,
268     "a regular expression and a filename"),
269 jim 332306 AP_INIT_TAKE23("RedirectMatch", add_redirect_regex,
270 trawick 85627 (void *) HTTP_MOVED_TEMPORARILY, OR_FILEINFO,
271     "an optional status, then a regular expression and "
272     "destination URL"),
273 ben 85644 AP_INIT_TAKE2("RedirectTemp", add_redirect2,
274 jerenkrantz 95503 (void *) HTTP_MOVED_TEMPORARILY, OR_FILEINFO,
275 trawick 85627 "a document to be redirected, then the destination URL"),
276 jim 332306 AP_INIT_TAKE2("RedirectPermanent", add_redirect2,
277 trawick 85627 (void *) HTTP_MOVED_PERMANENTLY, OR_FILEINFO,
278     "a document to be redirected, then the destination URL"),
279 fielding 83751 {NULL}
280     };
281    
282     static int alias_matches(const char *uri, const char *alias_fakename)
283     {
284     const char *aliasp = alias_fakename, *urip = uri;
285    
286 brianp 92138 while (*aliasp) {
287 jerenkrantz 95503 if (*aliasp == '/') {
288     /* any number of '/' in the alias matches any number in
289     * the supplied URI, but there must be at least one...
290     */
291     if (*urip != '/')
292     return 0;
293 fielding 83751
294 brianp 95584 do {
295 jerenkrantz 95503 ++aliasp;
296 brianp 95584 } while (*aliasp == '/');
297     do {
298 jerenkrantz 95503 ++urip;
299 brianp 95584 } while (*urip == '/');
300 jerenkrantz 95503 }
301     else {
302     /* Other characters are compared literally */
303     if (*urip++ != *aliasp++)
304     return 0;
305     }
306 fielding 83751 }
307    
308     /* Check last alias path component matched all the way */
309    
310     if (aliasp[-1] != '/' && *urip != '\0' && *urip != '/')
311 jerenkrantz 95503 return 0;
312 fielding 83751
313     /* Return number of characters from URI which matched (may be
314     * greater than length of alias, since we may have matched
315     * doubled slashes)
316     */
317    
318     return urip - uri;
319     }
320    
321 jerenkrantz 95503 static char *try_alias_list(request_rec *r, apr_array_header_t *aliases,
322     int doesc, int *status)
323 fielding 83751 {
324     alias_entry *entries = (alias_entry *) aliases->elts;
325 jorton 153384 ap_regmatch_t regm[AP_MAX_REG_MATCH];
326 fielding 83751 char *found = NULL;
327     int i;
328    
329     for (i = 0; i < aliases->nelts; ++i) {
330 jerenkrantz 95503 alias_entry *p = &entries[i];
331     int l;
332 fielding 83751
333 jerenkrantz 95503 if (p->regexp) {
334 striker 101556 if (!ap_regexec(p->regexp, r->uri, AP_MAX_REG_MATCH, regm, 0)) {
335 jerenkrantz 95503 if (p->real) {
336     found = ap_pregsub(r->pool, p->real, r->uri,
337 striker 101556 AP_MAX_REG_MATCH, regm);
338 jerenkrantz 95503 if (found && doesc) {
339 dougm 90361 apr_uri_t uri;
340     apr_uri_parse(r->pool, found, &uri);
341 jerenkrantz 91672 /* Do not escape the query string or fragment. */
342 jim 332306 found = apr_uri_unparse(r->pool, &uri,
343 jerenkrantz 91672 APR_URI_UNP_OMITQUERY);
344     found = ap_escape_uri(r->pool, found);
345 rbb 89041 if (uri.query) {
346 jim 332306 found = apr_pstrcat(r->pool, found, "?",
347 jerenkrantz 91672 uri.query, NULL);
348 rbb 89041 }
349 jerenkrantz 91672 if (uri.fragment) {
350 jim 332306 found = apr_pstrcat(r->pool, found, "#",
351 jerenkrantz 91672 uri.fragment, NULL);
352 rbb 89041 }
353 jerenkrantz 95503 }
354     }
355     else {
356     /* need something non-null */
357     found = apr_pstrdup(r->pool, "");
358     }
359     }
360     }
361     else {
362     l = alias_matches(r->uri, p->fake);
363 fielding 83751
364 jerenkrantz 95503 if (l > 0) {
365     if (doesc) {
366     char *escurl;
367     escurl = ap_os_escape_path(r->pool, r->uri + l, 1);
368 fielding 83751
369 jerenkrantz 95503 found = apr_pstrcat(r->pool, p->real, escurl, NULL);
370     }
371     else
372     found = apr_pstrcat(r->pool, p->real, r->uri + l, NULL);
373     }
374     }
375 fielding 83751
376 jerenkrantz 95503 if (found) {
377     if (p->handler) { /* Set handler, and leave a note for mod_cgi */
378     r->handler = p->handler;
379     apr_table_setn(r->notes, "alias-forced-type", r->handler);
380     }
381 wrowe 90562 /* XXX This is as SLOW as can be, next step, we optimize
382     * and merge to whatever part of the found path was already
383     * canonicalized. After I finish eliminating os canonical.
384 wrowe 93965 * Better fail test for ap_server_root_relative needed here.
385 wrowe 90562 */
386 wrowe 93965 if (!doesc) {
387 wrowe 90562 found = ap_server_root_relative(r->pool, found);
388 wrowe 93965 }
389     if (found) {
390 jerenkrantz 95503 *status = p->redir_status;
391 wrowe 93965 }
392 jerenkrantz 95503 return found;
393     }
394 fielding 83751
395     }
396    
397     return NULL;
398     }
399    
400     static int translate_alias_redir(request_rec *r)
401     {
402 gstein 88225 ap_conf_vector_t *sconf = r->server->module_config;
403     alias_server_conf *serverconf = ap_get_module_config(sconf, &alias_module);
404 fielding 83751 char *ret;
405     int status;
406    
407 jerenkrantz 95503 if (r->uri[0] != '/' && r->uri[0] != '\0') {
408     return DECLINED;
409     }
410 fielding 83751
411     if ((ret = try_alias_list(r, serverconf->redirects, 1, &status)) != NULL) {
412 jerenkrantz 95503 if (ap_is_HTTP_REDIRECT(status)) {
413     /* include QUERY_STRING if any */
414     if (r->args) {
415     ret = apr_pstrcat(r->pool, ret, "?", r->args, NULL);
416     }
417     apr_table_setn(r->headers_out, "Location", ret);
418     }
419     return status;
420 fielding 83751 }
421    
422     if ((ret = try_alias_list(r, serverconf->aliases, 0, &status)) != NULL) {
423 jerenkrantz 95503 r->filename = ret;
424     return OK;
425 fielding 83751 }
426    
427     return DECLINED;
428     }
429    
430     static int fixup_redir(request_rec *r)
431     {
432     void *dconf = r->per_dir_config;
433     alias_dir_conf *dirconf =
434     (alias_dir_conf *) ap_get_module_config(dconf, &alias_module);
435     char *ret;
436     int status;
437    
438     /* It may have changed since last time, so try again */
439    
440     if ((ret = try_alias_list(r, dirconf->redirects, 1, &status)) != NULL) {
441 coar 93137 if (ap_is_HTTP_REDIRECT(status)) {
442 coar 93143 if (ret[0] == '/') {
443     char *orig_target = ret;
444    
445     ret = ap_construct_url(r->pool, ret, r);
446 trawick 95150 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
447 coar 93143 "incomplete redirection target of '%s' for "
448     "URI '%s' modified to '%s'",
449     orig_target, r->uri, ret);
450     }
451 coar 93137 if (!ap_is_url(ret)) {
452     status = HTTP_INTERNAL_SERVER_ERROR;
453 trawick 95150 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
454 coar 93137 "cannot redirect '%s' to '%s'; "
455 coar 93143 "target is not a valid absoluteURI or abs_path",
456 coar 93137 r->uri, ret);
457     }
458     else {
459 nd 98796 /* append requested query only, if the config didn't
460     * supply its own.
461     */
462     if (r->args && !ap_strchr(ret, '?')) {
463     ret = apr_pstrcat(r->pool, ret, "?", r->args, NULL);
464     }
465 coar 93137 apr_table_setn(r->headers_out, "Location", ret);
466     }
467     }
468 jerenkrantz 95503 return status;
469 fielding 83751 }
470    
471     return DECLINED;
472     }
473    
474 wrowe 87697 static void register_hooks(apr_pool_t *p)
475 fielding 83770 {
476 slive 96137 static const char * const aszSucc[]={ "mod_userdir.c",
477     "mod_vhost_alias.c",NULL };
478 fielding 83770
479 slive 94985 ap_hook_translate_name(translate_alias_redir,NULL,aszSucc,APR_HOOK_MIDDLE);
480 wrowe 87731 ap_hook_fixups(fixup_redir,NULL,NULL,APR_HOOK_MIDDLE);
481 fielding 83770 }
482    
483 wrowe 86609 module AP_MODULE_DECLARE_DATA alias_module =
484 fielding 83751 {
485 fielding 83770 STANDARD20_MODULE_STUFF,
486 jerenkrantz 95503 create_alias_dir_config, /* dir config creater */
487     merge_alias_dir_config, /* dir merger --- default is to override */
488     create_alias_config, /* server config */
489     merge_alias_config, /* merge server configs */
490     alias_cmds, /* command apr_table_t */
491     register_hooks /* register hooks */
492 fielding 83751 };

Properties

Name Value
svn:eol-style native
apache@apache.org
 ViewVC Help
Powered by ViewVC 1.1.2