* Canonicalise ftp URLs. */
| 284 | * Canonicalise ftp URLs. |
| 285 | */ |
| 286 | static int proxy_ftp_canon(request_rec *r, char *url) |
| 287 | { |
| 288 | char *user, *password, *host, *path, *parms, *strp, sport[7]; |
| 289 | apr_pool_t *p = r->pool; |
| 290 | const char *err; |
| 291 | apr_port_t port, def_port; |
| 292 | core_dir_config *d = ap_get_core_module_config(r->per_dir_config); |
| 293 | int flags = d->allow_encoded_slashes && !d->decode_encoded_slashes ? PROXY_CANONENC_NOENCODEDSLASHENCODING : 0; |
| 294 | |
| 295 | /* */ |
| 296 | if (ap_cstr_casecmpn(url, "ftp:", 4) == 0) { |
| 297 | url += 4; |
| 298 | } |
| 299 | else { |
| 300 | return DECLINED; |
| 301 | } |
| 302 | def_port = apr_uri_port_of_scheme("ftp"); |
| 303 | |
| 304 | ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r, "canonicalising URL %s", url); |
| 305 | |
| 306 | port = def_port; |
| 307 | err = ap_proxy_canon_netloc(p, &url, &user, &password, &host, &port); |
| 308 | if (err) |
| 309 | return HTTP_BAD_REQUEST; |
| 310 | if (user != NULL && !ftp_check_string(user)) |
| 311 | return HTTP_BAD_REQUEST; |
| 312 | if (password != NULL && !ftp_check_string(password)) |
| 313 | return HTTP_BAD_REQUEST; |
| 314 | |
| 315 | /* now parse path/parameters args, according to rfc1738 */ |
| 316 | /* |
| 317 | * N.B. if this isn't a true proxy request, then the URL path (but not |
| 318 | * query args) has already been decoded. This gives rise to the problem |
| 319 | * of a ; being decoded into the path. |
| 320 | */ |
| 321 | strp = strchr(url, ';'); |
| 322 | if (strp != NULL) { |
| 323 | *(strp++) = '\0'; |
| 324 | parms = ap_proxy_canonenc(p, strp, strlen(strp), enc_parm, 0, |
| 325 | r->proxyreq); |
| 326 | if (parms == NULL) |
| 327 | return HTTP_BAD_REQUEST; |
| 328 | } |
| 329 | else |
| 330 | parms = ""; |
| 331 | |
| 332 | path = ap_proxy_canonenc_ex(p, url, strlen(url), enc_path, flags, |
| 333 | r->proxyreq); |
| 334 | if (path == NULL) |
| 335 | return HTTP_BAD_REQUEST; |
| 336 | if (!ftp_check_string(path)) |
| 337 | return HTTP_BAD_REQUEST; |
| 338 | |
| 339 | if (r->proxyreq && r->args != NULL) { |
| 340 | if (strp != NULL) { |
| 341 | strp = ap_proxy_canonenc(p, r->args, strlen(r->args), enc_parm, 1, r->proxyreq); |
| 342 | if (strp == NULL) |
| 343 | return HTTP_BAD_REQUEST; |
nothing calls this directly
no test coverage detected