luna - curl/lib/urlapi.c

   1/***************************************************************************
   2 *                                  _   _ ____  _
   3 *  Project                     ___| | | |  _ \| |
   4 *                             / __| | | | |_) | |
   5 *                            | (__| |_| |  _ <| |___
   6 *                             \___|\___/|_| \_\_____|
   7 *
   8 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
   9 *
  10 * This software is licensed as described in the file COPYING, which
  11 * you should have received as part of this distribution. The terms
  12 * are also available at https://curl.se/docs/copyright.html.
  13 *
  14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  15 * copies of the Software, and permit persons to whom the Software is
  16 * furnished to do so, under the terms of the COPYING file.
  17 *
  18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  19 * KIND, either express or implied.
  20 *
  21 * SPDX-License-Identifier: curl
  22 *
  23 ***************************************************************************/
  24#include "curl_setup.h"
  25
  26#include "urldata.h"
  27#include "urlapi-int.h"
  28#include "strcase.h"
  29#include "url.h"
  30#include "escape.h"
  31#include "curlx/inet_pton.h"
  32#include "curlx/inet_ntop.h"
  33#include "curlx/strdup.h"
  34#include "idn.h"
  35#include "curlx/strparse.h"
  36#include "curl_memrchr.h"
  37
  38#ifdef _WIN32
  39/* MS-DOS/Windows style drive prefix, eg c: in c:foo */
  40#define STARTS_WITH_DRIVE_PREFIX(str)        \
  41  ((('a' <= (str)[0] && (str)[0] <= 'z') ||  \
  42    ('A' <= (str)[0] && (str)[0] <= 'Z')) && \
  43   ((str)[1] == ':'))
  44#endif
  45
  46/* MS-DOS/Windows style drive prefix, optionally with
  47 * a '|' instead of ':', followed by a slash or NUL */
  48#define STARTS_WITH_URL_DRIVE_PREFIX(str)                  \
  49  ((('a' <= (str)[0] && (str)[0] <= 'z') ||                \
  50    ('A' <= (str)[0] && (str)[0] <= 'Z')) &&               \
  51   ((str)[1] == ':' || (str)[1] == '|') &&                 \
  52   ((str)[2] == '/' || (str)[2] == '\\' || (str)[2] == 0))
  53
  54/* scheme is not URL encoded, the longest libcurl supported ones are... */
  55#define MAX_SCHEME_LEN 40
  56
  57/*
  58 * If USE_IPV6 is disabled, we still want to parse IPv6 addresses, so make
  59 * sure we have _some_ value for AF_INET6 without polluting our fake value
  60 * everywhere.
  61 */
  62#if !defined(USE_IPV6) && !defined(AF_INET6)
  63#define AF_INET6 (AF_INET + 1)
  64#endif
  65
  66#define DEFAULT_SCHEME "https"
  67
  68static void free_urlhandle(struct Curl_URL *u)
  69{
  70  curlx_free(u->scheme);
  71  curlx_free(u->user);
  72  curlx_free(u->password);
  73  curlx_free(u->options);
  74  curlx_free(u->host);
  75  curlx_free(u->zoneid);
  76  curlx_free(u->port);
  77  curlx_free(u->path);
  78  curlx_free(u->query);
  79  curlx_free(u->fragment);
  80}
  81
  82/*
  83 * Find the separator at the end of the hostname, or the '?' in cases like
  84 * http://www.example.com?id=2380
  85 */
  86static const char *find_host_sep(const char *url)
  87{
  88  /* Find the start of the hostname */
  89  const char *sep = strstr(url, "//");
  90  if(!sep)
  91    sep = url;
  92  else
  93    sep += 2;
  94
  95  /* Find first / or ? */
  96  while(*sep && *sep != '/' && *sep != '?')
  97    sep++;
  98
  99  return sep;
 100}
 101
 102/* convert CURLcode to CURLUcode */
 103#define cc2cu(x) \
 104  ((x) == CURLE_TOO_LARGE ? CURLUE_TOO_LARGE : CURLUE_OUT_OF_MEMORY)
 105
 106/* urlencode_str() writes data into an output dynbuf and URL-encodes the
 107 * spaces in the source URL accordingly.
 108 *
 109 * This function re-encodes the string, meaning that it leaves already encoded
 110 * bytes as-is and works by encoding only what *has* to be encoded - unless it
 111 * has to uppercase the hex to normalize.
 112 *
 113 * Illegal percent-encoding sequences are left as-is.
 114 *
 115 * URL encoding should be skipped for hostnames, otherwise IDN resolution
 116 * will fail.
 117 *
 118 * 'query' tells if it is a query part or not, or if it is allowed to
 119 * "transition" into a query part with a question mark.
 120 *
 121 * @unittest 1675
 122 */
 123UNITTEST CURLUcode urlencode_str(struct dynbuf *o, const char *url,
 124                                 size_t len, bool relative,
 125                                 unsigned int query);
 126UNITTEST CURLUcode urlencode_str(struct dynbuf *o, const char *url,
 127                                 size_t len, bool relative,
 128                                 unsigned int query)
 129{
 130  /* we must add this with whitespace-replacing */
 131  const unsigned char *iptr;
 132  const unsigned char *host_sep = (const unsigned char *)url;
 133  CURLcode result = CURLE_OK;
 134
 135  DEBUGASSERT((query >= QUERY_NO) && (query <= QUERY_YES));
 136
 137  if(!relative) {
 138    size_t n;
 139    host_sep = (const unsigned char *)find_host_sep(url);
 140
 141    /* output the first piece as-is */
 142    n = (const char *)host_sep - url;
 143    result = curlx_dyn_addn(o, url, n);
 144    len -= n;
 145  }
 146
 147  for(iptr = host_sep; len && !result; iptr++, len--) {
 148    if(*iptr == ' ') {
 149      if(query != QUERY_YES)
 150        result = curlx_dyn_addn(o, "%20", 3);
 151      else
 152        result = curlx_dyn_addn(o, "+", 1);
 153    }
 154    else if((*iptr < ' ') || (*iptr >= 0x7f)) {
 155      unsigned char out[3] = { '%' };
 156      Curl_hexbyte(&out[1], *iptr);
 157      result = curlx_dyn_addn(o, out, 3);
 158    }
 159    else if(*iptr == '%' && (len >= 3) &&
 160            ISXDIGIT(iptr[1]) && ISXDIGIT(iptr[2]) &&
 161            (ISLOWER(iptr[1]) || ISLOWER(iptr[2]))) {
 162      /* uppercase it */
 163      unsigned char hex = (unsigned char)((curlx_hexval(iptr[1]) << 4) |
 164                                          curlx_hexval(iptr[2]));
 165      unsigned char out[3] = { '%' };
 166      Curl_hexbyte(&out[1], hex);
 167      result = curlx_dyn_addn(o, out, 3);
 168      iptr += 2;
 169      len -= 2;
 170    }
 171    else {
 172      result = curlx_dyn_addn(o, iptr, 1);
 173      if(*iptr == '?' && (query == QUERY_NOT_YET))
 174        query = QUERY_YES;
 175    }
 176  }
 177
 178  if(result)
 179    return cc2cu(result);
 180  return CURLUE_OK;
 181}
 182
 183/*
 184 * Returns the length of the scheme if the given URL is absolute (as opposed
 185 * to relative). Stores the scheme in the buffer if TRUE and 'buf' is
 186 * non-NULL. The buflen must be larger than MAX_SCHEME_LEN if buf is set.
 187 *
 188 * If 'guess_scheme' is TRUE, it means the URL might be provided without
 189 * scheme.
 190 */
 191size_t Curl_is_absolute_url(const char *url, char *buf, size_t buflen,
 192                            bool guess_scheme)
 193{
 194  size_t i = 0;
 195  DEBUGASSERT(!buf || (buflen > MAX_SCHEME_LEN));
 196  (void)buflen; /* only used in debug-builds */
 197  if(buf)
 198    buf[0] = 0; /* always leave a defined value in buf */
 199#ifdef _WIN32
 200  if(guess_scheme && STARTS_WITH_DRIVE_PREFIX(url))
 201    return 0;
 202#endif
 203  if(ISALPHA(url[0]))
 204    for(i = 1; i < MAX_SCHEME_LEN; ++i) {
 205      char s = url[i];
 206      if(s && (ISALNUM(s) || (s == '+') || (s == '-') || (s == '.'))) {
 207        /* RFC 3986 3.1 explains:
 208           scheme      = ALPHA *( ALPHA / DIGIT / "+" / "-" / "." )
 209        */
 210      }
 211      else {
 212        break;
 213      }
 214    }
 215  if(i && (url[i] == ':') && ((url[i + 1] == '/') || !guess_scheme)) {
 216    /* If this does not guess scheme, the scheme always ends with the colon so
 217       that this also detects data: URLs etc. In guessing mode, data: could
 218       be the hostname "data" with a specified port number. */
 219
 220    /* the length of the scheme is the name part only */
 221    size_t len = i;
 222    if(buf) {
 223      Curl_strntolower(buf, url, i);
 224      buf[i] = 0;
 225    }
 226    return len;
 227  }
 228  return 0;
 229}
 230
 231/* scan for byte values <= 31, 127 and sometimes space */
 232CURLUcode Curl_junkscan(const char *url, size_t *urllen, bool allowspace)
 233{
 234  size_t n = strlen(url);
 235  size_t i;
 236  unsigned char control;
 237  const unsigned char *p = (const unsigned char *)url;
 238  if(n > CURL_MAX_INPUT_LENGTH)
 239    return CURLUE_MALFORMED_INPUT;
 240
 241  control = allowspace ? 0x1f : 0x20;
 242  for(i = 0; i < n; i++) {
 243    if(p[i] <= control || p[i] == 127)
 244      return CURLUE_MALFORMED_INPUT;
 245  }
 246  *urllen = n;
 247  return CURLUE_OK;
 248}
 249
 250/*
 251 * parse_hostname_login()
 252 *
 253 * Parse the login details (username, password and options) from the URL and
 254 * strip them out of the hostname
 255 *
 256 */
 257static CURLUcode parse_hostname_login(struct Curl_URL *u,
 258                                      const char *login,
 259                                      size_t len,
 260                                      unsigned int flags,
 261                                      size_t *offset) /* to the hostname */
 262{
 263  CURLUcode ures = CURLUE_OK;
 264  CURLcode result;
 265  char *userp = NULL;
 266  char *passwdp = NULL;
 267  char *optionsp = NULL;
 268  const struct Curl_scheme *h = NULL;
 269
 270  /* At this point, we assume all the other special cases have been taken
 271   * care of, so the host is at most
 272   *
 273   *   [user[:password][;options]]@]hostname
 274   *
 275   * We need somewhere to put the embedded details, so do that first.
 276   */
 277  const char *ptr;
 278
 279  DEBUGASSERT(login);
 280
 281  *offset = 0;
 282  ptr = memchr(login, '@', len);
 283  if(!ptr)
 284    goto out;
 285
 286  /* We will now try to extract the
 287   * possible login information in a string like:
 288   * ftp://user:password@ftp.site.example:8021/README */
 289  ptr++;
 290
 291  /* if this is a known scheme, get some details */
 292  if(u->scheme)
 293    h = Curl_get_scheme(u->scheme);
 294
 295  /* We could use the login information in the URL so extract it. Only parse
 296     options if the handler says we should. Note that 'h' might be NULL! */
 297  result = Curl_parse_login_details(login, ptr - login - 1,
 298                                    &userp, &passwdp,
 299                                    (h && (h->flags & PROTOPT_URLOPTIONS)) ?
 300                                    &optionsp : NULL);
 301  if(result) {
 302    /* the only possible error from Curl_parse_login_details is out of
 303       memory: */
 304    ures = CURLUE_OUT_OF_MEMORY;
 305    goto out;
 306  }
 307
 308  if(userp) {
 309    if(flags & CURLU_DISALLOW_USER) {
 310      /* Option DISALLOW_USER is set and URL contains username. */
 311      ures = CURLUE_USER_NOT_ALLOWED;
 312      goto out;
 313    }
 314    curlx_free(u->user);
 315    u->user = userp;
 316  }
 317
 318  if(passwdp) {
 319    curlx_free(u->password);
 320    u->password = passwdp;
 321  }
 322
 323  if(optionsp) {
 324    curlx_free(u->options);
 325    u->options = optionsp;
 326  }
 327
 328  /* the hostname starts at this offset */
 329  *offset = ptr - login;
 330  return CURLUE_OK;
 331
 332out:
 333
 334  curlx_free(userp);
 335  curlx_free(passwdp);
 336  curlx_free(optionsp);
 337  u->user = NULL;
 338  u->password = NULL;
 339  u->options = NULL;
 340
 341  return ures;
 342}
 343
 344/* @unittest 1653 */
 345UNITTEST CURLUcode parse_port(struct Curl_URL *u, struct dynbuf *host,
 346                              bool has_scheme);
 347UNITTEST CURLUcode parse_port(struct Curl_URL *u, struct dynbuf *host,
 348                              bool has_scheme)
 349{
 350  const char *portptr;
 351  const char *hostname = curlx_dyn_ptr(host);
 352  /*
 353   * Find the end of an IPv6 address on the ']' ending bracket.
 354   */
 355  if(hostname[0] == '[') {
 356    portptr = strchr(hostname, ']');
 357    if(!portptr)
 358      return CURLUE_BAD_IPV6;
 359    portptr++;
 360    /* this is a RFC2732-style specified IP-address */
 361    if(*portptr) {
 362      if(*portptr != ':')
 363        return CURLUE_BAD_PORT_NUMBER;
 364    }
 365    else
 366      portptr = NULL;
 367  }
 368  else
 369    portptr = strchr(hostname, ':');
 370
 371  if(portptr) {
 372    curl_off_t port;
 373    size_t keep = portptr - hostname;
 374
 375    /* Browser behavior adaptation. If there is a colon with no digits after,
 376       cut off the name there which makes us ignore the colon and use the
 377       default port. Firefox, Chrome and Safari all do that.
 378
 379       Do not do it if the URL has no scheme, to make something that looks like
 380       a scheme not work!
 381    */
 382    curlx_dyn_setlen(host, keep);
 383    portptr++;
 384    if(!*portptr)
 385      return has_scheme ? CURLUE_OK : CURLUE_BAD_PORT_NUMBER;
 386
 387    if(curlx_str_number(&portptr, &port, 0xffff) || *portptr)
 388      return CURLUE_BAD_PORT_NUMBER;
 389
 390    u->portnum = (unsigned short)port;
 391    /* generate a new port number string to get rid of leading zeroes etc */
 392    curlx_free(u->port);
 393    u->port = curl_maprintf("%" CURL_FORMAT_CURL_OFF_T, port);
 394    if(!u->port)
 395      return CURLUE_OUT_OF_MEMORY;
 396  }
 397
 398  return CURLUE_OK;
 399}
 400
 401/* This function assumes 'hostname' now starts with [. It trims 'hostname' in
 402 * place and it sets u->zoneid if present.
 403 *
 404 * @unittest 1675
 405 */
 406UNITTEST CURLUcode ipv6_parse(struct Curl_URL *u, char *hostname,
 407                              size_t hlen);
 408UNITTEST CURLUcode ipv6_parse(struct Curl_URL *u, char *hostname,
 409                              size_t hlen) /* length of hostname */
 410{
 411  size_t len;
 412  DEBUGASSERT(*hostname == '[');
 413  if(hlen < 4) /* '[::]' is the shortest possible valid string */
 414    return CURLUE_BAD_IPV6;
 415  hostname++;
 416  hlen -= 2;
 417
 418  /* only valid IPv6 letters are ok */
 419  len = strspn(hostname, "0123456789abcdefABCDEF:.");
 420
 421  if(hlen != len) {
 422    hlen = len;
 423    if(hostname[len] == '%') {
 424      /* this could now be '%[zone id]' */
 425      char zoneid[16];
 426      int i = 0;
 427      char *h = &hostname[len + 1];
 428      /* pass '25' if present and is a URL encoded percent sign */
 429      if(!strncmp(h, "25", 2) && h[2] && (h[2] != ']'))
 430        h += 2;
 431      while(*h && (*h != ']') && (i < 15))
 432        zoneid[i++] = *h++;
 433      if(!i || (']' != *h))
 434        return CURLUE_BAD_IPV6;
 435      zoneid[i] = 0;
 436      u->zoneid = curlx_strdup(zoneid);
 437      if(!u->zoneid)
 438        return CURLUE_OUT_OF_MEMORY;
 439      hostname[len] = ']'; /* insert end bracket */
 440      hostname[len + 1] = 0; /* terminate the hostname */
 441    }
 442    else
 443      return CURLUE_BAD_IPV6;
 444    /* hostname is fine */
 445  }
 446
 447  /* Normalize the IPv6 address */
 448  {
 449    char dest[16]; /* fits a binary IPv6 address */
 450    hostname[hlen] = 0; /* end the address there */
 451    if(curlx_inet_pton(AF_INET6, hostname, dest) != 1)
 452      return CURLUE_BAD_IPV6;
 453    if(curlx_inet_ntop(AF_INET6, dest, hostname, hlen + 1)) {
 454      hlen = strlen(hostname); /* might be shorter now */
 455      hostname[hlen + 1] = 0;
 456    }
 457    hostname[hlen] = ']'; /* restore ending bracket */
 458  }
 459  return CURLUE_OK;
 460}
 461
 462static CURLUcode hostname_check(struct Curl_URL *u, char *hostname,
 463                                size_t hlen) /* length of hostname */
 464{
 465  size_t len;
 466  DEBUGASSERT(hostname);
 467
 468  if(!hlen)
 469    return CURLUE_NO_HOST;
 470  else if(hostname[0] == '[')
 471    return ipv6_parse(u, hostname, hlen);
 472  else {
 473    /* letters from the second string are not ok */
 474    len = strcspn(hostname, " \r\n\t/:#?!@{}[]\\$\'\"^`*<>=;,+&()%");
 475    if(hlen != len)
 476      /* hostname with bad content */
 477      return CURLUE_BAD_HOSTNAME;
 478    else if((hlen >= 2) &&
 479            (hostname[hlen - 1] == '.') && (hostname[hlen - 2] == '.'))
 480      /* more than one trailing dot is not allowed */
 481      return CURLUE_BAD_HOSTNAME;
 482    else if((hlen == 1) && (hostname[0] == '.'))
 483      /* just a single dot is not allowed */
 484      return CURLUE_BAD_HOSTNAME;
 485  }
 486  return CURLUE_OK;
 487}
 488
 489/*
 490 * Handle partial IPv4 numerical addresses and different bases, like
 491 * '16843009', '0x7f', '0x7f.1' '0177.1.1.1' etc.
 492 *
 493 * If the given input string is syntactically wrong IPv4 or any part for
 494 * example is too big, this function returns HOST_NAME.
 495 *
 496 * Output the "normalized" version of that input string in plain quad decimal
 497 * integers.
 498 *
 499 * A single dot following the numerical address is accepted and "swallowed" as
 500 * if it was never there.
 501 *
 502 * Returns the host type.
 503 *
 504 * @unittest 1675
 505 */
 506
 507UNITTEST int ipv4_normalize(struct dynbuf *host);
 508UNITTEST int ipv4_normalize(struct dynbuf *host)
 509{
 510  bool done = FALSE;
 511  int n = 0;
 512  const char *c = curlx_dyn_ptr(host);
 513  unsigned int parts[4] = { 0, 0, 0, 0 };
 514  CURLcode result = CURLE_OK;
 515
 516  if(*c == '[')
 517    return HOST_IPV6;
 518
 519  while(!done) {
 520    int rc;
 521    curl_off_t l;
 522    if(*c == '0') {
 523      if(c[1] == 'x') {
 524        c += 2; /* skip the prefix */
 525        rc = curlx_str_hex(&c, &l, UINT_MAX);
 526      }
 527      else
 528        rc = curlx_str_octal(&c, &l, UINT_MAX);
 529    }
 530    else
 531      rc = curlx_str_number(&c, &l, UINT_MAX);
 532
 533    if(rc) {
 534      if(!n || (rc != STRE_NO_NUM) || *c)
 535        return HOST_NAME;
 536      n--;
 537    }
 538    else
 539      parts[n] = (unsigned int)l;
 540
 541    switch(*c) {
 542    case '.':
 543      if(n == 3) {
 544        if(c[1])
 545          /* something follows this dot */
 546          return HOST_NAME;
 547        done = TRUE;
 548      }
 549      else {
 550        n++;
 551        c++;
 552      }
 553      break;
 554
 555    case '\0':
 556      done = TRUE;
 557      break;
 558
 559    default:
 560      return HOST_NAME;
 561    }
 562  }
 563
 564  switch(n) {
 565  case 0: /* a -- 32 bits */
 566    curlx_dyn_reset(host);
 567
 568    result = curlx_dyn_addf(host, "%u.%u.%u.%u",
 569                            (parts[0] >> 24),
 570                            ((parts[0] >> 16) & 0xff),
 571                            ((parts[0] >> 8) & 0xff),
 572                            (parts[0] & 0xff));
 573    break;
 574  case 1: /* a.b -- 8.24 bits */
 575    if((parts[0] > 0xff) || (parts[1] > 0xffffff))
 576      return HOST_NAME;
 577    curlx_dyn_reset(host);
 578    result = curlx_dyn_addf(host, "%u.%u.%u.%u",
 579                            (parts[0]),
 580                            ((parts[1] >> 16) & 0xff),
 581                            ((parts[1] >> 8) & 0xff),
 582                            (parts[1] & 0xff));
 583    break;
 584  case 2: /* a.b.c -- 8.8.16 bits */
 585    if((parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xffff))
 586      return HOST_NAME;
 587    curlx_dyn_reset(host);
 588    result = curlx_dyn_addf(host, "%u.%u.%u.%u",
 589                            (parts[0]),
 590                            (parts[1]),
 591                            ((parts[2] >> 8) & 0xff),
 592                            (parts[2] & 0xff));
 593    break;
 594  case 3: /* a.b.c.d -- 8.8.8.8 bits */
 595    if((parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xff) ||
 596       (parts[3] > 0xff))
 597      return HOST_NAME;
 598    curlx_dyn_reset(host);
 599    result = curlx_dyn_addf(host, "%u.%u.%u.%u",
 600                            (parts[0]),
 601                            (parts[1]),
 602                            (parts[2]),
 603                            (parts[3]));
 604    break;
 605  }
 606  if(result)
 607    return HOST_ERROR;
 608  return HOST_IPV4;
 609}
 610
 611/* if necessary, replace the host content with a URL decoded version */
 612static CURLUcode urldecode_host(struct dynbuf *host)
 613{
 614  const char *per;
 615  const char *hostname = curlx_dyn_ptr(host);
 616  per = strchr(hostname, '%');
 617  if(!per)
 618    /* nothing to decode */
 619    return CURLUE_OK;
 620  else {
 621    /* encoded */
 622    size_t dlen;
 623    char *decoded;
 624    CURLcode result = Curl_urldecode(hostname, 0, &decoded, &dlen,
 625                                     REJECT_CTRL);
 626    if(result)
 627      return CURLUE_BAD_HOSTNAME;
 628    curlx_dyn_reset(host);
 629    result = curlx_dyn_addn(host, decoded, dlen);
 630    curlx_free(decoded);
 631    if(result)
 632      return cc2cu(result);
 633  }
 634
 635  return CURLUE_OK;
 636}
 637
 638static CURLUcode parse_authority(struct Curl_URL *u,
 639                                 const char *auth, size_t authlen,
 640                                 unsigned int flags,
 641                                 struct dynbuf *host,
 642                                 bool has_scheme)
 643{
 644  size_t offset;
 645  CURLUcode uc;
 646  CURLcode result;
 647
 648  /*
 649   * Parse the login details and strip them out of the hostname.
 650   */
 651  uc = parse_hostname_login(u, auth, authlen, flags, &offset);
 652  if(uc)
 653    goto out;
 654
 655  result = curlx_dyn_addn(host, auth + offset, authlen - offset);
 656  if(result) {
 657    uc = cc2cu(result);
 658    goto out;
 659  }
 660
 661  uc = parse_port(u, host, has_scheme);
 662  if(uc)
 663    goto out;
 664
 665  if(!curlx_dyn_len(host))
 666    return CURLUE_NO_HOST;
 667
 668  switch(ipv4_normalize(host)) {
 669  case HOST_IPV4:
 670    break;
 671  case HOST_IPV6:
 672    uc = ipv6_parse(u, curlx_dyn_ptr(host), curlx_dyn_len(host));
 673    break;
 674  case HOST_NAME:
 675    uc = urldecode_host(host);
 676    if(!uc)
 677      uc = hostname_check(u, curlx_dyn_ptr(host), curlx_dyn_len(host));
 678    break;
 679  case HOST_ERROR:
 680    uc = CURLUE_OUT_OF_MEMORY;
 681    break;
 682  default:
 683    uc = CURLUE_BAD_HOSTNAME; /* Bad IPv4 address even */
 684    break;
 685  }
 686
 687out:
 688  return uc;
 689}
 690
 691/* used for HTTP/2 server push */
 692CURLUcode Curl_url_set_authority(CURLU *u, const char *authority)
 693{
 694  CURLUcode ures;
 695  struct dynbuf host;
 696
 697  DEBUGASSERT(authority);
 698  curlx_dyn_init(&host, CURL_MAX_INPUT_LENGTH);
 699
 700  ures = parse_authority(u, authority, strlen(authority),
 701                         CURLU_DISALLOW_USER, &host, !!u->scheme);
 702  if(ures)
 703    curlx_dyn_free(&host);
 704  else {
 705    curlx_free(u->host);
 706    u->host = curlx_dyn_ptr(&host);
 707  }
 708  return ures;
 709}
 710
 711/*
 712 * "Remove Dot Segments"
 713 * https://datatracker.ietf.org/doc/html/rfc3986#section-5.2.4
 714 */
 715
 716static bool is_dot(const char **str, size_t *clen)
 717{
 718  const char *p = *str;
 719  if(*p == '.') {
 720    (*str)++;
 721    (*clen)--;
 722    return TRUE;
 723  }
 724  else if((*clen >= 3) &&
 725          (p[0] == '%') && (p[1] == '2') && ((p[2] | 0x20) == 'e')) {
 726    *str += 3;
 727    *clen -= 3;
 728    return TRUE;
 729  }
 730  return FALSE;
 731}
 732
 733#define ISSLASH(x) ((x) == '/')
 734
 735/*
 736 * dedotdotify()
 737 *
 738 * This function gets a null-terminated path with dot and dotdot sequences
 739 * passed in and strips them off according to the rules in RFC 3986 section
 740 * 5.2.4.
 741 *
 742 * The function handles a path. It should not contain the query nor fragment.
 743 *
 744 * RETURNS
 745 *
 746 * Zero for success and 'out' set to an allocated dedotdotified string.
 747 *
 748 * @unittest 1395
 749 */
 750UNITTEST int dedotdotify(const char *input, size_t clen, char **outp);
 751UNITTEST int dedotdotify(const char *input, size_t clen, char **outp)
 752{
 753  struct dynbuf out;
 754  CURLcode result = CURLE_OK;
 755
 756  /* variables for leading dot checks */
 757  const char *dinput = input;
 758  size_t dlen = clen;
 759
 760  *outp = NULL;
 761  /* a single byte path cannot be cleaned up */
 762  if(clen < 2)
 763    return 0;
 764
 765  curlx_dyn_init(&out, clen + 1);
 766
 767  /* if the input buffer begins with a prefix of "../" or "./", then remove
 768     that prefix from the input buffer; otherwise, */
 769  if(is_dot(&dinput, &dlen)) {
 770    if(ISSLASH(*dinput)) {
 771      /* one dot followed by a slash */
 772      input = dinput + 1;
 773      clen = dlen - 1;
 774    }
 775
 776    /* if the input buffer consists only of "." or "..", then remove
 777       that from the input buffer; otherwise, */
 778    else if(is_dot(&dinput, &dlen)) {
 779      if(!dlen)
 780        /* .. [end] */
 781        goto end;
 782      else if(ISSLASH(*dinput)) {
 783        /* ../ */
 784        input = dinput + 1;
 785        clen = dlen - 1;
 786      }
 787    }
 788  }
 789
 790  while(clen && !result) { /* until end of path content */
 791    if(ISSLASH(*input)) {
 792      const char *p = &input[1];
 793      size_t blen = clen - 1;
 794      /* if the input buffer begins with a prefix of "/./" or "/.", where "."
 795         is a complete path segment, then replace that prefix with "/" in the
 796         input buffer; otherwise, */
 797      if(is_dot(&p, &blen)) {
 798        if(!blen) { /* /. */
 799          result = curlx_dyn_addn(&out, "/", 1);
 800          break;
 801        }
 802        else if(ISSLASH(*p)) { /* /./ */
 803          input = p;
 804          clen = blen;
 805          continue;
 806        }
 807
 808        /* if the input buffer begins with a prefix of "/../" or "/..", where
 809           ".." is a complete path segment, then replace that prefix with "/"
 810           in the input buffer and remove the last segment and its preceding
 811           "/" (if any) from the output buffer; otherwise, */
 812        else if(is_dot(&p, &blen) && (ISSLASH(*p) || !blen)) {
 813          /* remove the last segment from the output buffer */
 814          size_t len = curlx_dyn_len(&out);
 815          if(len) {
 816            const char *ptr = curlx_dyn_ptr(&out);
 817            const char *last = memrchr(ptr, '/', len);
 818            if(last)
 819              /* trim the output at the slash */
 820              curlx_dyn_setlen(&out, last - ptr);
 821          }
 822
 823          if(blen) { /* /../ */
 824            input = p;
 825            clen = blen;
 826            continue;
 827          }
 828          result = curlx_dyn_addn(&out, "/", 1);
 829          break;
 830        }
 831      }
 832    }
 833
 834    /* move the first path segment in the input buffer to the end of the
 835       output buffer, including the initial "/" character (if any) and any
 836       subsequent characters up to, but not including, the next "/" character
 837       or the end of the input buffer. */
 838
 839    result = curlx_dyn_addn(&out, input, 1);
 840    input++;
 841    clen--;
 842  }
 843end:
 844  if(!result) {
 845    if(curlx_dyn_len(&out))
 846      *outp = curlx_dyn_ptr(&out);
 847    else {
 848      *outp = curlx_strdup("");
 849      if(!*outp)
 850        return 1;
 851    }
 852  }
 853  return result ? 1 : 0; /* success */
 854}
 855
 856/*
 857 * @unittest 1675
 858 */
 859UNITTEST CURLUcode parse_file(const char *url, size_t urllen, CURLU *u,
 860                              const char **pathp, size_t *pathlenp);
 861UNITTEST CURLUcode parse_file(const char *url, size_t urllen, CURLU *u,
 862                              const char **pathp, size_t *pathlenp)
 863{
 864  const char *path;
 865  size_t pathlen;
 866
 867  *pathp = NULL;
 868  *pathlenp = 0;
 869  if(urllen <= 6)
 870    /* file:/ is not enough to actually be a complete file: URL */
 871    return CURLUE_BAD_FILE_URL;
 872
 873  /* path has been allocated large enough to hold this */
 874  path = &url[5];
 875  pathlen = urllen - 5;
 876
 877  /* Extra handling URLs with an authority component (i.e. that start with
 878   * "file://")
 879   *
 880   * We allow omitted hostname (e.g. file:/<path>) -- valid according to
 881   * RFC 8089, but not the (current) WHAT-WG URL spec.
 882   */
 883  if(path[0] == '/' && path[1] == '/') {
 884    /* swallow the two slashes */
 885    const char *ptr = &path[2];
 886
 887    /*
 888     * According to RFC 8089, a file: URL can be reliably dereferenced if:
 889     *
 890     *  o it has no/blank hostname, or
 891     *
 892     *  o the hostname matches "localhost" (case-insensitively), or
 893     *
 894     *  o the hostname is a FQDN that resolves to this machine, or
 895     *
 896     * For brevity, we only consider URLs with empty, "localhost", or
 897     * "127.0.0.1" hostnames as local, otherwise as an UNC String.
 898     *
 899     * Additionally, there is an exception for URLs with a Windows drive
 900     * letter in the authority (which was accidentally omitted from RFC 8089
 901     * Appendix E, but believe me, it was meant to be there. --MK)
 902     */
 903    if(ptr[0] != '/' && !STARTS_WITH_URL_DRIVE_PREFIX(ptr)) {
 904      /* the URL includes a hostname, it must match "localhost" or
 905         "127.0.0.1" to be valid */
 906      if(checkprefix("localhost/", ptr) ||
 907         checkprefix("127.0.0.1/", ptr)) {
 908        ptr += 9; /* now points to the slash after the host */
 909      }
 910      else
 911        /* Invalid file://hostname/, expected localhost or 127.0.0.1 or
 912           none */
 913        return CURLUE_BAD_FILE_URL;
 914    }
 915
 916    path = ptr;
 917    pathlen = urllen - (ptr - url);
 918  }
 919
 920#if !defined(_WIN32) && !defined(MSDOS) && !defined(__CYGWIN__)
 921  /* Do not allow Windows drive letters when not in Windows.
 922   * This catches both "file:/c:" and "file:c:" */
 923  if(('/' == path[0] && STARTS_WITH_URL_DRIVE_PREFIX(&path[1])) ||
 924     STARTS_WITH_URL_DRIVE_PREFIX(path)) {
 925    /* File drive letters are only accepted in MS-DOS/Windows */
 926    return CURLUE_BAD_FILE_URL;
 927  }
 928#else
 929  /* If the path starts with a slash and a drive letter, ditch the slash */
 930  if('/' == path[0] && STARTS_WITH_URL_DRIVE_PREFIX(&path[1])) {
 931    /* This cannot be done with strcpy, as the memory chunks overlap! */
 932    path++;
 933    pathlen--;
 934  }
 935#endif
 936  u->scheme = curlx_strdup("file");
 937  if(!u->scheme)
 938    return CURLUE_OUT_OF_MEMORY;
 939
 940  *pathp = path;
 941  *pathlenp = pathlen;
 942  return CURLUE_OK;
 943}
 944
 945static CURLUcode parse_scheme(const char *url, CURLU *u, char *schemebuf,
 946                              size_t schemelen, unsigned int flags,
 947                              const char **hostpp)
 948{
 949  /* clear path */
 950  const char *schemep = NULL;
 951
 952  if(schemelen) {
 953    int i = 0;
 954    const char *p = &url[schemelen + 1];
 955    while((*p == '/') && (i < 4)) {
 956      p++;
 957      i++;
 958    }
 959
 960    schemep = schemebuf;
 961    if(!Curl_get_scheme(schemep) &&
 962       !(flags & CURLU_NON_SUPPORT_SCHEME))
 963      return CURLUE_UNSUPPORTED_SCHEME;
 964
 965    if((i < 1) || (i > 3))
 966      /* less than one or more than three slashes */
 967      return CURLUE_BAD_SLASHES;
 968
 969    *hostpp = p; /* hostname starts here */
 970  }
 971  else {
 972    /* no scheme! */
 973
 974    if(!(flags & (CURLU_DEFAULT_SCHEME | CURLU_GUESS_SCHEME)))
 975      return CURLUE_BAD_SCHEME;
 976
 977    if(flags & CURLU_DEFAULT_SCHEME)
 978      schemep = DEFAULT_SCHEME;
 979
 980    /*
 981     * The URL was badly formatted, let's try without scheme specified.
 982     */
 983    *hostpp = url;
 984  }
 985
 986  if(schemep) {
 987    u->scheme = curlx_strdup(schemep);
 988    if(!u->scheme)
 989      return CURLUE_OUT_OF_MEMORY;
 990  }
 991  return CURLUE_OK;
 992}
 993
 994static CURLUcode guess_scheme(CURLU *u, struct dynbuf *host)
 995{
 996  const char *hostname = curlx_dyn_ptr(host);
 997  const char *schemep = NULL;
 998  /* legacy curl-style guess based on hostname */
 999  if(checkprefix("ftp.", hostname))
1000    schemep = "ftp";
1001  else if(checkprefix("dict.", hostname))
1002    schemep = "dict";
1003  else if(checkprefix("ldap.", hostname))
1004    schemep = "ldap";
1005  else if(checkprefix("imap.", hostname))
1006    schemep = "imap";
1007  else if(checkprefix("smtp.", hostname))
1008    schemep = "smtp";
1009  else if(checkprefix("pop3.", hostname))
1010    schemep = "pop3";
1011  else
1012    schemep = "http";
1013
1014  u->scheme = curlx_strdup(schemep);
1015  if(!u->scheme)
1016    return CURLUE_OUT_OF_MEMORY;
1017
1018  u->guessed_scheme = TRUE;
1019  return CURLUE_OK;
1020}
1021
1022static CURLUcode handle_fragment(CURLU *u, const char *fragment,
1023                                 size_t fraglen, unsigned int flags)
1024{
1025  CURLUcode ures;
1026  u->fragment_present = TRUE;
1027  if(fraglen > 1) {
1028    /* skip the leading '#' in the copy but include the terminating null */
1029    if(flags & CURLU_URLENCODE) {
1030      struct dynbuf enc;
1031      curlx_dyn_init(&enc, CURL_MAX_INPUT_LENGTH);
1032      ures = urlencode_str(&enc, fragment + 1, fraglen - 1, TRUE, QUERY_NO);
1033      if(ures)
1034        return ures;
1035      u->fragment = curlx_dyn_ptr(&enc);
1036    }
1037    else {
1038      u->fragment = curlx_memdup0(fragment + 1, fraglen - 1);
1039      if(!u->fragment)
1040        return CURLUE_OUT_OF_MEMORY;
1041    }
1042  }
1043  return CURLUE_OK;
1044}
1045
1046static CURLUcode handle_query(CURLU *u, const char *query,
1047                              size_t qlen, unsigned int flags)
1048{
1049  u->query_present = TRUE;
1050  if(qlen > 1) {
1051    if(flags & CURLU_URLENCODE) {
1052      struct dynbuf enc;
1053      CURLUcode ures;
1054      curlx_dyn_init(&enc, CURL_MAX_INPUT_LENGTH);
1055      /* skip the leading question mark */
1056      ures = urlencode_str(&enc, query + 1, qlen - 1, TRUE, QUERY_YES);
1057      if(ures)
1058        return ures;
1059      u->query = curlx_dyn_ptr(&enc);
1060    }
1061    else {
1062      u->query = curlx_memdup0(query + 1, qlen - 1);
1063      if(!u->query)
1064        return CURLUE_OUT_OF_MEMORY;
1065    }
1066  }
1067  else {
1068    /* single byte query */
1069    u->query = curlx_strdup("");
1070    if(!u->query)
1071      return CURLUE_OUT_OF_MEMORY;
1072  }
1073  return CURLUE_OK;
1074}
1075
1076static CURLUcode handle_path(CURLU *u, const char *path,
1077                             size_t pathlen, unsigned int flags,
1078                             bool is_file)
1079{
1080  CURLUcode ures;
1081  if(pathlen && (flags & CURLU_URLENCODE)) {
1082    struct dynbuf enc;
1083    curlx_dyn_init(&enc, CURL_MAX_INPUT_LENGTH);
1084    ures = urlencode_str(&enc, path, pathlen, TRUE, QUERY_NO);
1085    if(ures)
1086      return ures;
1087    pathlen = curlx_dyn_len(&enc);
1088    path = u->path = curlx_dyn_ptr(&enc);
1089  }
1090
1091  if(pathlen >= (size_t)(1 + !is_file)) {
1092    /* paths for file:// scheme can be one byte, others need to be two */
1093    if(!u->path) {
1094      u->path = curlx_memdup0(path, pathlen);
1095      if(!u->path)
1096        return CURLUE_OUT_OF_MEMORY;
1097      path = u->path;
1098    }
1099    else if(flags & CURLU_URLENCODE)
1100      /* it might have encoded more than the path so cut it */
1101      u->path[pathlen] = 0;
1102
1103    if(!(flags & CURLU_PATH_AS_IS)) {
1104      /* remove ../ and ./ sequences according to RFC3986 */
1105      char *dedot;
1106      int err = dedotdotify(path, pathlen, &dedot);
1107      if(err)
1108        return CURLUE_OUT_OF_MEMORY;
1109      if(dedot) {
1110        curlx_free(u->path);
1111        u->path = dedot;
1112      }
1113    }
1114  }
1115  return CURLUE_OK;
1116}
1117
1118static CURLUcode parseurl(const char *url, CURLU *u, unsigned int flags)
1119{
1120  const char *path;
1121  size_t pathlen;
1122  char schemebuf[MAX_SCHEME_LEN + 1];
1123  size_t schemelen = 0;
1124  size_t urllen;
1125  CURLUcode ures = CURLUE_OK;
1126  struct dynbuf host;
1127  bool is_file = FALSE;
1128
1129  DEBUGASSERT(url);
1130
1131  curlx_dyn_init(&host, CURL_MAX_INPUT_LENGTH);
1132
1133  ures = Curl_junkscan(url, &urllen, !!(flags & CURLU_ALLOW_SPACE));
1134  if(ures)
1135    goto fail;
1136
1137  schemelen = Curl_is_absolute_url(url, schemebuf, sizeof(schemebuf),
1138                                   flags & (CURLU_GUESS_SCHEME |
1139                                            CURLU_DEFAULT_SCHEME));
1140
1141  /* handle the file: scheme */
1142  if(schemelen && !strcmp(schemebuf, "file")) {
1143    is_file = TRUE;
1144    ures = parse_file(url, urllen, u, &path, &pathlen);
1145  }
1146  else {
1147    const char *hostp = NULL;
1148    size_t hostlen;
1149    ures = parse_scheme(url, u, schemebuf, schemelen, flags, &hostp);
1150    if(ures)
1151      goto fail;
1152
1153    /* find the end of the hostname + port number */
1154    hostlen = strcspn(hostp, "/?#");
1155    path = &hostp[hostlen];
1156
1157    /* this pathlen also contains the query and the fragment */
1158    pathlen = urllen - (path - url);
1159    if(hostlen) {
1160      ures = parse_authority(u, hostp, hostlen, flags, &host,
1161                             u->scheme != NULL);
1162      if(!ures && (flags & CURLU_GUESS_SCHEME) && !u->scheme)
1163        ures = guess_scheme(u, &host);
1164    }
1165    else if(flags & CURLU_NO_AUTHORITY) {
1166      /* allowed to be empty. */
1167      if(curlx_dyn_add(&host, ""))
1168        ures = CURLUE_OUT_OF_MEMORY;
1169    }
1170    else
1171      ures = CURLUE_NO_HOST;
1172  }
1173  if(!ures) {
1174    /* The path might at this point contain a fragment and/or a query to
1175       handle */
1176    const char *fragment = strchr(path, '#');
1177    if(fragment) {
1178      size_t fraglen = pathlen - (fragment - path);
1179      ures = handle_fragment(u, fragment, fraglen, flags);
1180      /* after this, pathlen still contains the query */
1181      pathlen -= fraglen;
1182    }
1183  }
1184  if(!ures) {
1185    const char *query = memchr(path, '?', pathlen);
1186    if(query) {
1187      size_t qlen = pathlen - (query - path);
1188      ures = handle_query(u, query, qlen, flags);
1189      pathlen -= qlen;
1190    }
1191  }
1192  if(!ures)
1193    /* the fragment and query parts are trimmed off from the path */
1194    ures = handle_path(u, path, pathlen, flags, is_file);
1195  if(!ures) {
1196    u->host = curlx_dyn_ptr(&host);
1197    return CURLUE_OK;
1198  }
1199fail:
1200  curlx_dyn_free(&host);
1201  free_urlhandle(u);
1202  return ures;
1203}
1204
1205/*
1206 * Parse the URL and, if successful, replace everything in the Curl_URL struct.
1207 */
1208static CURLUcode parseurl_and_replace(const char *url, CURLU *u,
1209                                      unsigned int flags)
1210{
1211  CURLUcode ures;
1212  CURLU tmpurl;
1213  memset(&tmpurl, 0, sizeof(tmpurl));
1214  ures = parseurl(url, &tmpurl, flags);
1215  if(!ures) {
1216    free_urlhandle(u);
1217    *u = tmpurl;
1218  }
1219  return ures;
1220}
1221
1222/*
1223 * Concatenate a relative URL onto a base URL making it absolute.
1224 */
1225static CURLUcode redirect_url(const char *base, const char *relurl,
1226                              CURLU *u, unsigned int flags)
1227{
1228  struct dynbuf urlbuf;
1229  bool host_changed = FALSE;
1230  const char *useurl = relurl;
1231  const char *cutoff = NULL;
1232  size_t prelen;
1233  CURLUcode uc;
1234  /* this can get here with a NULL u->scheme only if asked to use the default
1235     scheme, so allow fallback to that */
1236  const char *scheme = u->scheme ? u->scheme : DEFAULT_SCHEME;
1237
1238  /* protsep points to the start of the hostname, after [scheme]:// */
1239  const char *protsep = base + strlen(scheme) + 3;
1240  DEBUGASSERT(base && relurl && u); /* all set here */
1241  if(!base)
1242    return CURLUE_MALFORMED_INPUT; /* should never happen */
1243
1244  /* handle different relative URL types */
1245  switch(relurl[0]) {
1246  case '/':
1247    if(relurl[1] == '/') {
1248      /* protocol-relative URL: //example.com/path */
1249      cutoff = protsep;
1250      useurl = &relurl[2];
1251      host_changed = TRUE;
1252    }
1253    else
1254      /* absolute /path */
1255      cutoff = strchr(protsep, '/');
1256    break;
1257
1258  case '#':
1259    /* fragment-only change */
1260    if(u->fragment)
1261      cutoff = strchr(protsep, '#');
1262    break;
1263
1264  default:
1265    /* path or query-only change */
1266    if(u->query && u->query[0])
1267      /* remove existing query */
1268      cutoff = strchr(protsep, '?');
1269    else if(u->fragment && u->fragment[0])
1270      /* Remove existing fragment */
1271      cutoff = strchr(protsep, '#');
1272
1273    if(relurl[0] != '?') {
1274      /* append a relative path after the last slash */
1275      cutoff = memrchr(protsep, '/',
1276                       cutoff ? (size_t)(cutoff - protsep) : strlen(protsep));
1277      if(cutoff)
1278        cutoff++; /* truncate after last slash */
1279    }
1280    break;
1281  }
1282
1283  prelen = cutoff ? (size_t)(cutoff - base) : strlen(base);
1284
1285  /* build new URL */
1286  curlx_dyn_init(&urlbuf, CURL_MAX_INPUT_LENGTH);
1287
1288  if(!curlx_dyn_addn(&urlbuf, base, prelen) &&
1289     !urlencode_str(&urlbuf, useurl, strlen(useurl), !host_changed,
1290                    QUERY_NOT_YET)) {
1291    uc = parseurl_and_replace(curlx_dyn_ptr(&urlbuf), u,
1292                              flags & ~U_CURLU_PATH_AS_IS);
1293  }
1294  else
1295    uc = CURLUE_OUT_OF_MEMORY;
1296
1297  curlx_dyn_free(&urlbuf);
1298  return uc;
1299}
1300
1301/*
1302 */
1303CURLU *curl_url(void)
1304{
1305  return curlx_calloc(1, sizeof(struct Curl_URL));
1306}
1307
1308void curl_url_cleanup(CURLU *u)
1309{
1310  if(u) {
1311    free_urlhandle(u);
1312    curlx_free(u);
1313  }
1314}
1315
1316#define DUP(dest, src, name)                    \
1317  do {                                          \
1318    if((src)->name) {                           \
1319      (dest)->name = curlx_strdup((src)->name); \
1320      if(!(dest)->name)                         \
1321        goto fail;                              \
1322    }                                           \
1323  } while(0)
1324
1325CURLU *curl_url_dup(const CURLU *in)
1326{
1327  struct Curl_URL *u = curlx_calloc(1, sizeof(struct Curl_URL));
1328  if(u) {
1329    DUP(u, in, scheme);
1330    DUP(u, in, user);
1331    DUP(u, in, password);
1332    DUP(u, in, options);
1333    DUP(u, in, host);
1334    DUP(u, in, port);
1335    DUP(u, in, path);
1336    DUP(u, in, query);
1337    DUP(u, in, fragment);
1338    DUP(u, in, zoneid);
1339    u->portnum = in->portnum;
1340    u->fragment_present = in->fragment_present;
1341    u->query_present = in->query_present;
1342  }
1343  return u;
1344fail:
1345  curl_url_cleanup(u);
1346  return NULL;
1347}
1348
1349#ifndef USE_IDN
1350#define host_decode(x, y) CURLUE_LACKS_IDN
1351#define host_encode(x, y) CURLUE_LACKS_IDN
1352#else
1353static CURLUcode host_decode(const char *host, char **allochost)
1354{
1355  CURLcode result = Curl_idn_decode(host, allochost);
1356  if(result)
1357    return (result == CURLE_OUT_OF_MEMORY) ?
1358      CURLUE_OUT_OF_MEMORY : CURLUE_BAD_HOSTNAME;
1359  return CURLUE_OK;
1360}
1361
1362static CURLUcode host_encode(const char *host, char **allochost)
1363{
1364  CURLcode result = Curl_idn_encode(host, allochost);
1365  if(result)
1366    return (result == CURLE_OUT_OF_MEMORY) ?
1367      CURLUE_OUT_OF_MEMORY : CURLUE_BAD_HOSTNAME;
1368  return CURLUE_OK;
1369}
1370#endif
1371
1372static CURLUcode urlget_format(const CURLU *u, CURLUPart what,
1373                               const char *ptr, char **partp,
1374                               bool plusdecode, unsigned int flags)
1375{
1376  CURLUcode uc = CURLUE_OK;
1377  size_t partlen = strlen(ptr);
1378  bool urldecode = (flags & CURLU_URLDECODE) ? 1 : 0;
1379  bool urlencode = (flags & CURLU_URLENCODE) ? 1 : 0;
1380  bool punycode = (flags & CURLU_PUNYCODE) && (what == CURLUPART_HOST);
1381  bool depunyfy = (flags & CURLU_PUNY2IDN) && (what == CURLUPART_HOST);
1382  char *part = curlx_memdup0(ptr, partlen);
1383  *partp = NULL;
1384  if(!part)
1385    return CURLUE_OUT_OF_MEMORY;
1386  if(plusdecode) {
1387    /* convert + to space */
1388    char *plus = part;
1389    size_t i = 0;
1390    for(i = 0; i < partlen; ++plus, i++) {
1391      if(*plus == '+')
1392        *plus = ' ';
1393    }
1394  }
1395  if(urldecode) {
1396    char *decoded;
1397    size_t dlen;
1398    /* this unconditional rejection of control bytes is documented API
1399       behavior */
1400    CURLcode result = Curl_urldecode(part, partlen, &decoded, &dlen,
1401                                     REJECT_CTRL);
1402    curlx_free(part);
1403    if(result)
1404      return CURLUE_URLDECODE;
1405    part = decoded;
1406    partlen = dlen;
1407  }
1408  if(urlencode) {
1409    struct dynbuf enc;
1410    curlx_dyn_init(&enc, CURL_MAX_INPUT_LENGTH);
1411    uc = urlencode_str(&enc, part, partlen, TRUE, what == CURLUPART_QUERY ?
1412                       QUERY_YES : QUERY_NO);
1413    curlx_free(part);
1414    if(uc)
1415      return uc;
1416    part = curlx_dyn_ptr(&enc);
1417  }
1418  else if(punycode) {
1419    if(!Curl_is_ASCII_name(u->host)) {
1420      char *punyversion = NULL;
1421      uc = host_decode(part, &punyversion);
1422      curlx_free(part);
1423      if(uc)
1424        return uc;
1425      part = punyversion;
1426    }
1427  }
1428  else if(depunyfy) {
1429    if(Curl_is_ASCII_name(u->host)) {
1430      char *unpunified = NULL;
1431      uc = host_encode(part, &unpunified);
1432      curlx_free(part);
1433      if(uc)
1434        return uc;
1435      part = unpunified;
1436    }
1437  }
1438  *partp = part;
1439  return CURLUE_OK;
1440}
1441
1442static CURLUcode urlget_url(const CURLU *u, char **part, unsigned int flags)
1443{
1444  char *url;
1445  char *allochost = NULL;
1446  const char *fragmentsep =
1447    (u->fragment || (u->fragment_present && flags & CURLU_GET_EMPTY)) ?
1448    "#" : "";
1449  const char *querysep = ((u->query && u->query[0]) ||
1450                          (u->query_present && flags & CURLU_GET_EMPTY)) ?
1451    "?" : "";
1452  char portbuf[7];
1453  if(u->scheme && curl_strequal("file", u->scheme)) {
1454    url = curl_maprintf("file://%s%s%s%s%s",
1455                        u->path, querysep, u->query ? u->query : "",
1456                        fragmentsep, u->fragment ? u->fragment : "");
1457  }
1458  else if(!u->host)
1459    return CURLUE_NO_HOST;
1460  else {
1461    const char *scheme;
1462    char *options = u->options;
1463    char *port = u->port;
1464    const struct Curl_scheme *h = NULL;
1465    char schemebuf[MAX_SCHEME_LEN + 5];
1466    if(u->scheme)
1467      scheme = u->scheme;
1468    else if(flags & CURLU_DEFAULT_SCHEME)
1469      scheme = DEFAULT_SCHEME;
1470    else
1471      return CURLUE_NO_SCHEME;
1472
1473    h = Curl_get_scheme(scheme);
1474    if(!port && (flags & CURLU_DEFAULT_PORT)) {
1475      /* there is no stored port number, but asked to deliver
1476         a default one for the scheme */
1477      if(h) {
1478        curl_msnprintf(portbuf, sizeof(portbuf), "%u", h->defport);
1479        port = portbuf;
1480      }
1481    }
1482    else if(port) {
1483      /* there is a stored port number, but asked to inhibit if it matches
1484         the default one for the scheme */
1485      if(h && (h->defport == u->portnum) &&
1486         (flags & CURLU_NO_DEFAULT_PORT))
1487        port = NULL;
1488    }
1489
1490    if(h && !(h->flags & PROTOPT_URLOPTIONS))
1491      options = NULL;
1492
1493    if(u->host[0] == '[') {
1494      if(u->zoneid) {
1495        /* make it '[ host %25 zoneid ]' */
1496        struct dynbuf enc;
1497        size_t hostlen = strlen(u->host);
1498        curlx_dyn_init(&enc, CURL_MAX_INPUT_LENGTH);
1499        if(curlx_dyn_addf(&enc, "%.*s%%25%s]", (int)hostlen - 1, u->host,
1500                          u->zoneid))
1501          return CURLUE_OUT_OF_MEMORY;
1502        allochost = curlx_dyn_ptr(&enc);
1503      }
1504    }
1505    else if(flags & CURLU_URLENCODE) {
1506      allochost = curl_easy_escape(NULL, u->host, 0);
1507      if(!allochost)
1508        return CURLUE_OUT_OF_MEMORY;
1509    }
1510    else if(flags & CURLU_PUNYCODE) {
1511      if(!Curl_is_ASCII_name(u->host)) {
1512        CURLUcode ret = host_decode(u->host, &allochost);
1513        if(ret)
1514          return ret;
1515      }
1516    }
1517    else if(flags & CURLU_PUNY2IDN) {
1518      if(Curl_is_ASCII_name(u->host)) {
1519        CURLUcode ret = host_encode(u->host, &allochost);
1520        if(ret)
1521          return ret;
1522      }
1523    }
1524
1525    if(!(flags & CURLU_NO_GUESS_SCHEME) || !u->guessed_scheme)
1526      curl_msnprintf(schemebuf, sizeof(schemebuf), "%s://", scheme);
1527    else
1528      schemebuf[0] = 0;
1529
1530    url = curl_maprintf("%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
1531                        schemebuf,
1532                        u->user ? u->user : "",
1533                        u->password ? ":" : "",
1534                        u->password ? u->password : "",
1535                        options ? ";" : "",
1536                        options ? options : "",
1537                        (u->user || u->password || options) ? "@" : "",
1538                        allochost ? allochost : u->host,
1539                        port ? ":" : "",
1540                        port ? port : "",
1541                        u->path ? u->path : "/",
1542                        querysep,
1543                        u->query ? u->query : "",
1544                        fragmentsep,
1545                        u->fragment ? u->fragment : "");
1546    curlx_free(allochost);
1547  }
1548  if(!url)
1549    return CURLUE_OUT_OF_MEMORY;
1550  *part = url;
1551  return CURLUE_OK;
1552}
1553
1554CURLUcode curl_url_get(const CURLU *u, CURLUPart what,
1555                       char **part, unsigned int flags)
1556{
1557  const char *ptr;
1558  CURLUcode ifmissing = CURLUE_UNKNOWN_PART;
1559  char portbuf[7];
1560  bool plusdecode = FALSE;
1561  if(!u)
1562    return CURLUE_BAD_HANDLE;
1563  if(!part)
1564    return CURLUE_BAD_PARTPOINTER;
1565  *part = NULL;
1566
1567  switch(what) {
1568  case CURLUPART_SCHEME:
1569    ptr = u->scheme;
1570    ifmissing = CURLUE_NO_SCHEME;
1571    flags &= ~U_CURLU_URLDECODE; /* never for schemes */
1572    if((flags & CURLU_NO_GUESS_SCHEME) && u->guessed_scheme)
1573      return CURLUE_NO_SCHEME;
1574    break;
1575  case CURLUPART_USER:
1576    ptr = u->user;
1577    ifmissing = CURLUE_NO_USER;
1578    break;
1579  case CURLUPART_PASSWORD:
1580    ptr = u->password;
1581    ifmissing = CURLUE_NO_PASSWORD;
1582    break;
1583  case CURLUPART_OPTIONS:
1584    ptr = u->options;
1585    ifmissing = CURLUE_NO_OPTIONS;
1586    break;
1587  case CURLUPART_HOST:
1588    ptr = u->host;
1589    ifmissing = CURLUE_NO_HOST;
1590    break;
1591  case CURLUPART_ZONEID:
1592    ptr = u->zoneid;
1593    ifmissing = CURLUE_NO_ZONEID;
1594    break;
1595  case CURLUPART_PORT:
1596    ptr = u->port;
1597    ifmissing = CURLUE_NO_PORT;
1598    flags &= ~U_CURLU_URLDECODE; /* never for port */
1599    if(!ptr && (flags & CURLU_DEFAULT_PORT) && u->scheme) {
1600      /* there is no stored port number, but asked to deliver
1601         a default one for the scheme */
1602      const struct Curl_scheme *h = Curl_get_scheme(u->scheme);
1603      if(h) {
1604        curl_msnprintf(portbuf, sizeof(portbuf), "%u", h->defport);
1605        ptr = portbuf;
1606      }
1607    }
1608    else if(ptr && u->scheme) {
1609      /* there is a stored port number, but ask to inhibit if
1610         it matches the default one for the scheme */
1611      const struct Curl_scheme *h = Curl_get_scheme(u->scheme);
1612      if(h && (h->defport == u->portnum) &&
1613         (flags & CURLU_NO_DEFAULT_PORT))
1614        ptr = NULL;
1615    }
1616    break;
1617  case CURLUPART_PATH:
1618    ptr = u->path;
1619    if(!ptr)
1620      ptr = "/";
1621    break;
1622  case CURLUPART_QUERY:
1623    ptr = u->query;
1624    ifmissing = CURLUE_NO_QUERY;
1625    plusdecode = flags & CURLU_URLDECODE;
1626    if(ptr && !ptr[0] && !(flags & CURLU_GET_EMPTY))
1627      /* there was a blank query and the user do not ask for it */
1628      ptr = NULL;
1629    break;
1630  case CURLUPART_FRAGMENT:
1631    ptr = u->fragment;
1632    ifmissing = CURLUE_NO_FRAGMENT;
1633    if(!ptr && u->fragment_present && flags & CURLU_GET_EMPTY)
1634      /* there was a blank fragment and the user asks for it */
1635      ptr = "";
1636    break;
1637  case CURLUPART_URL:
1638    return urlget_url(u, part, flags);
1639  default:
1640    ptr = NULL;
1641    break;
1642  }
1643  if(ptr)
1644    return urlget_format(u, what, ptr, part, plusdecode, flags);
1645
1646  return ifmissing;
1647}
1648
1649static CURLUcode set_url_scheme(CURLU *u, const char *scheme,
1650                                unsigned int flags)
1651{
1652  size_t plen = strlen(scheme);
1653  const struct Curl_scheme *h = NULL;
1654  if((plen > MAX_SCHEME_LEN) || (plen < 1))
1655    /* too long or too short */
1656    return CURLUE_BAD_SCHEME;
1657  /* verify that it is a fine scheme */
1658  h = Curl_get_scheme(scheme);
1659  if(!(flags & CURLU_NON_SUPPORT_SCHEME) && (!h || !h->run))
1660    return CURLUE_UNSUPPORTED_SCHEME;
1661  if(!h) {
1662    const char *s = scheme;
1663    if(ISALPHA(*s)) {
1664      /* ALPHA *( ALPHA / DIGIT / "+" / "-" / "." ) */
1665      s++;
1666      while(--plen) {
1667        if(ISALNUM(*s) || (*s == '+') || (*s == '-') || (*s == '.'))
1668          s++; /* fine */
1669        else
1670          return CURLUE_BAD_SCHEME;
1671      }
1672    }
1673    else
1674      return CURLUE_BAD_SCHEME;
1675  }
1676  u->guessed_scheme = FALSE;
1677  return CURLUE_OK;
1678}
1679
1680static CURLUcode set_url_port(CURLU *u, const char *provided_port)
1681{
1682  char *tmp;
1683  curl_off_t port;
1684  if(!ISDIGIT(provided_port[0]))
1685    /* not a number */
1686    return CURLUE_BAD_PORT_NUMBER;
1687  if(curlx_str_number(&provided_port, &port, 0xffff) || *provided_port)
1688    /* weirdly provided number, not good! */
1689    return CURLUE_BAD_PORT_NUMBER;
1690  tmp = curl_maprintf("%" CURL_FORMAT_CURL_OFF_T, port);
1691  if(!tmp)
1692    return CURLUE_OUT_OF_MEMORY;
1693  curlx_free(u->port);
1694  u->port = tmp;
1695  u->portnum = (unsigned short)port;
1696  return CURLUE_OK;
1697}
1698
1699static CURLUcode set_url(CURLU *u, const char *url, size_t part_size,
1700                         unsigned int flags)
1701{
1702  /*
1703   * Allow a new URL to replace the existing (if any) contents.
1704   *
1705   * If the existing contents is enough for a URL, allow a relative URL to
1706   * replace it.
1707   */
1708  CURLUcode uc;
1709  char *oldurl = NULL;
1710
1711  if(!part_size) {
1712    /* a blank URL is not a valid URL unless we already have a complete one
1713       and this is a redirect */
1714    uc = curl_url_get(u, CURLUPART_URL, &oldurl, flags);
1715    if(!uc) {
1716      /* success, meaning the "" is a fine relative URL, but nothing
1717         changes */
1718      curlx_free(oldurl);
1719      return CURLUE_OK;
1720    }
1721    if(uc == CURLUE_OUT_OF_MEMORY)
1722      return uc;
1723    return CURLUE_MALFORMED_INPUT;
1724  }
1725
1726  /* if the new URL is absolute replace the existing with the new. */
1727  if(Curl_is_absolute_url(url, NULL, 0,
1728                          flags & (CURLU_GUESS_SCHEME | CURLU_DEFAULT_SCHEME)))
1729    return parseurl_and_replace(url, u, flags);
1730
1731  /* if the old URL is incomplete (we cannot get an absolute URL in
1732     'oldurl'), replace the existing with the new */
1733  uc = curl_url_get(u, CURLUPART_URL, &oldurl, flags);
1734  if(uc == CURLUE_OUT_OF_MEMORY)
1735    return uc;
1736  else if(uc)
1737    return parseurl_and_replace(url, u, flags);
1738
1739  DEBUGASSERT(oldurl); /* it is set here */
1740  /* apply the relative part to create a new URL */
1741  uc = redirect_url(oldurl, url, u, flags);
1742  curlx_free(oldurl);
1743  return uc;
1744}
1745
1746static CURLUcode urlset_clear(CURLU *u, CURLUPart what)
1747{
1748  switch(what) {
1749  case CURLUPART_URL:
1750    free_urlhandle(u);
1751    memset(u, 0, sizeof(struct Curl_URL));
1752    break;
1753  case CURLUPART_SCHEME:
1754    curlx_safefree(u->scheme);
1755    u->guessed_scheme = FALSE;
1756    break;
1757  case CURLUPART_USER:
1758    curlx_safefree(u->user);
1759    break;
1760  case CURLUPART_PASSWORD:
1761    curlx_safefree(u->password);
1762    break;
1763  case CURLUPART_OPTIONS:
1764    curlx_safefree(u->options);
1765    break;
1766  case CURLUPART_HOST:
1767    curlx_safefree(u->host);
1768    break;
1769  case CURLUPART_ZONEID:
1770    curlx_safefree(u->zoneid);
1771    break;
1772  case CURLUPART_PORT:
1773    u->portnum = 0;
1774    curlx_safefree(u->port);
1775    break;
1776  case CURLUPART_PATH:
1777    curlx_safefree(u->path);
1778    break;
1779  case CURLUPART_QUERY:
1780    curlx_safefree(u->query);
1781    u->query_present = FALSE;
1782    break;
1783  case CURLUPART_FRAGMENT:
1784    curlx_safefree(u->fragment);
1785    u->fragment_present = FALSE;
1786    break;
1787  default:
1788    return CURLUE_UNKNOWN_PART;
1789  }
1790  return CURLUE_OK;
1791}
1792
1793static bool allowed_in_path(unsigned char x)
1794{
1795  switch(x) {
1796  case '!':
1797  case '$':
1798  case '&':
1799  case '\'':
1800  case '(':
1801  case ')':
1802  case '{':
1803  case '}':
1804  case '[':
1805  case ']':
1806  case '*':
1807  case '+':
1808  case ',':
1809  case ';':
1810  case '=':
1811  case ':':
1812  case '@':
1813  case '/':
1814    return TRUE;
1815  }
1816  return FALSE;
1817}
1818
1819CURLUcode curl_url_set(CURLU *u, CURLUPart what,
1820                       const char *part, unsigned int flags)
1821{
1822  char **storep = NULL;
1823  bool urlencode = (flags & CURLU_URLENCODE) ? 1 : 0;
1824  bool plusencode = FALSE;
1825  bool pathmode = FALSE;
1826  bool leadingslash = FALSE;
1827  bool appendquery = FALSE;
1828  bool equalsencode = FALSE;
1829  size_t nalloc;
1830
1831  if(!u)
1832    return CURLUE_BAD_HANDLE;
1833  if(!part)
1834    /* setting a part to NULL clears it */
1835    return urlset_clear(u, what);
1836
1837  nalloc = strlen(part);
1838  if(nalloc > CURL_MAX_INPUT_LENGTH)
1839    /* excessive input length */
1840    return CURLUE_MALFORMED_INPUT;
1841
1842  switch(what) {
1843  case CURLUPART_SCHEME: {
1844    CURLUcode status = set_url_scheme(u, part, flags);
1845    if(status)
1846      return status;
1847    storep = &u->scheme;
1848    urlencode = FALSE; /* never */
1849    break;
1850  }
1851  case CURLUPART_USER:
1852    storep = &u->user;
1853    break;
1854  case CURLUPART_PASSWORD:
1855    storep = &u->password;
1856    break;
1857  case CURLUPART_OPTIONS:
1858    storep = &u->options;
1859    break;
1860  case CURLUPART_HOST:
1861    storep = &u->host;
1862    curlx_safefree(u->zoneid);
1863    break;
1864  case CURLUPART_ZONEID:
1865    storep = &u->zoneid;
1866    break;
1867  case CURLUPART_PORT:
1868    return set_url_port(u, part);
1869  case CURLUPART_PATH:
1870    pathmode = TRUE;
1871    leadingslash = TRUE; /* enforce */
1872    storep = &u->path;
1873    break;
1874  case CURLUPART_QUERY:
1875    plusencode = urlencode;
1876    appendquery = (flags & CURLU_APPENDQUERY) ? 1 : 0;
1877    equalsencode = appendquery;
1878    storep = &u->query;
1879    u->query_present = TRUE;
1880    break;
1881  case CURLUPART_FRAGMENT:
1882    storep = &u->fragment;
1883    u->fragment_present = TRUE;
1884    break;
1885  case CURLUPART_URL:
1886    return set_url(u, part, nalloc, flags);
1887  default:
1888    return CURLUE_UNKNOWN_PART;
1889  }
1890  DEBUGASSERT(storep);
1891  {
1892    const char *newp;
1893    struct dynbuf enc;
1894    curlx_dyn_init(&enc, (nalloc * 3) + 1 + leadingslash);
1895
1896    if(leadingslash && (part[0] != '/')) {
1897      CURLcode result = curlx_dyn_addn(&enc, "/", 1);
1898      if(result)
1899        return cc2cu(result);
1900    }
1901    if(urlencode) {
1902      const unsigned char *i;
1903
1904      for(i = (const unsigned char *)part; *i; i++) {
1905        CURLcode result;
1906        if((*i == ' ') && plusencode) {
1907          result = curlx_dyn_addn(&enc, "+", 1);
1908          if(result)
1909            return CURLUE_OUT_OF_MEMORY;
1910        }
1911        else if(ISUNRESERVED(*i) ||
1912                (pathmode && allowed_in_path(*i)) ||
1913                ((*i == '=') && equalsencode)) {
1914          if((*i == '=') && equalsencode)
1915            /* only skip the first equals sign */
1916            equalsencode = FALSE;
1917          result = curlx_dyn_addn(&enc, i, 1);
1918          if(result)
1919            return cc2cu(result);
1920        }
1921        else {
1922          unsigned char out[3] = { '%' };
1923          Curl_hexbyte(&out[1], *i);
1924          result = curlx_dyn_addn(&enc, out, 3);
1925          if(result)
1926            return cc2cu(result);
1927        }
1928      }
1929    }
1930    else {
1931      char *p;
1932      CURLcode result = curlx_dyn_add(&enc, part);
1933      if(result)
1934        return cc2cu(result);
1935      p = curlx_dyn_ptr(&enc);
1936      while(*p) {
1937        /* make sure percent encoded are upper case */
1938        if((*p == '%') && ISXDIGIT(p[1]) && ISXDIGIT(p[2]) &&
1939           (ISLOWER(p[1]) || ISLOWER(p[2]))) {
1940          p[1] = Curl_raw_toupper(p[1]);
1941          p[2] = Curl_raw_toupper(p[2]);
1942          p += 3;
1943        }
1944        else
1945          p++;
1946      }
1947    }
1948    newp = curlx_dyn_ptr(&enc);
1949
1950    if(appendquery && newp) {
1951      /* Append the 'newp' string onto the old query. Add a '&' separator if
1952         none is present at the end of the existing query already */
1953
1954      size_t querylen = u->query ? strlen(u->query) : 0;
1955      bool addamperand = querylen && (u->query[querylen - 1] != '&');
1956      if(querylen) {
1957        struct dynbuf qbuf;
1958        curlx_dyn_init(&qbuf, CURL_MAX_INPUT_LENGTH);
1959
1960        if(curlx_dyn_addn(&qbuf, u->query, querylen)) /* add original query */
1961          goto nomem;
1962
1963        if(addamperand) {
1964          if(curlx_dyn_addn(&qbuf, "&", 1))
1965            goto nomem;
1966        }
1967        if(curlx_dyn_add(&qbuf, newp))
1968          goto nomem;
1969        curlx_dyn_free(&enc);
1970        curlx_free(*storep);
1971        *storep = curlx_dyn_ptr(&qbuf);
1972        return CURLUE_OK;
1973nomem:
1974        curlx_dyn_free(&enc);
1975        return CURLUE_OUT_OF_MEMORY;
1976      }
1977    }
1978    else if(what == CURLUPART_HOST) {
1979      size_t n = curlx_dyn_len(&enc);
1980      if(!n && (flags & CURLU_NO_AUTHORITY)) {
1981        /* Skip hostname check, it is allowed to be empty. */
1982      }
1983      else {
1984        bool bad = FALSE;
1985        if(!n)
1986          bad = TRUE; /* empty hostname is not okay */
1987        else if(!urlencode) {
1988          /* if the hostname part was not URL encoded here, it was set ready
1989             URL encoded so we need to decode it to check */
1990          size_t dlen;
1991          char *decoded = NULL;
1992          CURLcode result =
1993            Curl_urldecode(newp, n, &decoded, &dlen, REJECT_CTRL);
1994          if(result || hostname_check(u, decoded, dlen))
1995            bad = TRUE;
1996          curlx_free(decoded);
1997        }
1998        else if(hostname_check(u, (char *)CURL_UNCONST(newp), n))
1999          bad = TRUE;
2000        if(bad) {
2001          curlx_dyn_free(&enc);
2002          return CURLUE_BAD_HOSTNAME;
2003        }
2004      }
2005    }
2006
2007    curlx_free(*storep);
2008    *storep = (char *)CURL_UNCONST(newp);
2009  }
2010  return CURLUE_OK;
2011}
2012
2013bool Curl_url_same_origin(CURLU *base, CURLU *href)
2014{
2015  const struct Curl_scheme *s = NULL;
2016
2017  /* base must be an absolute URL */
2018  if(!base->scheme || !base->host)
2019    return FALSE;
2020  if(href->scheme && !curl_strequal(base->scheme, href->scheme))
2021    return FALSE;
2022  if(href->host) {
2023    if(!curl_strequal(base->host, href->host))
2024      return FALSE;
2025    if(!curl_strequal(base->port, href->port)) {
2026      /* This may still match if only one has an explicit port
2027       * and it is the default for the scheme. */
2028      if(base->port && href->port)
2029        return FALSE;
2030
2031      s = Curl_get_scheme(base->scheme);
2032      if(!s) /* Cannot match default port for unknown scheme */
2033        return FALSE;
2034
2035      /* The port which is set must be the default one */
2036      if((base->port && (base->portnum != s->defport)) ||
2037         (href->port && (href->portnum != s->defport)))
2038        return FALSE;
2039    }
2040  }
2041  else if(href->port) /* no host in href, then there must be no port */
2042    return FALSE;
2043  return TRUE;
2044}