1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 2019 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
21 ***************************************************************************/
23 * The Alt-Svc: header is defined in RFC 7838:
24 * https://datatracker.ietf.org/doc/html/rfc7838
26 #include "curl_setup.h"
28 #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_ALTSVC)
29 #include <curl/curl.h>
32 #include "curl_get_line.h"
34 #include "parsedate.h"
40 /* The last 3 #include files should be in this order */
41 #include "curl_printf.h"
42 #include "curl_memory.h"
45 #define MAX_ALTSVC_LINE 4095
46 #define MAX_ALTSVC_DATELENSTR "64"
47 #define MAX_ALTSVC_DATELEN 64
48 #define MAX_ALTSVC_HOSTLENSTR "512"
49 #define MAX_ALTSVC_HOSTLEN 512
50 #define MAX_ALTSVC_ALPNLENSTR "10"
51 #define MAX_ALTSVC_ALPNLEN 10
53 #if defined(USE_QUICHE) && !defined(UNITTESTS)
54 #define H3VERSION "h3-29"
55 #elif defined(USE_NGTCP2) && !defined(UNITTESTS)
56 #define H3VERSION "h3-29"
57 #elif defined(USE_MSH3) && !defined(UNITTESTS)
58 #define H3VERSION "h3-29"
60 #define H3VERSION "h3"
63 static enum alpnid alpn2alpnid(char *name)
65 if(strcasecompare(name, "h1"))
67 if(strcasecompare(name, "h2"))
69 if(strcasecompare(name, H3VERSION))
71 return ALPN_none; /* unknown, probably rubbish input */
74 /* Given the ALPN ID, return the name */
75 const char *Curl_alpnid2str(enum alpnid id)
90 static void altsvc_free(struct altsvc *as)
97 static struct altsvc *altsvc_createid(const char *srchost,
99 enum alpnid srcalpnid,
100 enum alpnid dstalpnid,
101 unsigned int srcport,
102 unsigned int dstport)
104 struct altsvc *as = calloc(sizeof(struct altsvc), 1);
108 hlen = strlen(srchost);
110 as->src.host = strdup(srchost);
113 if(hlen && (srchost[hlen - 1] == '.'))
114 /* strip off trailing any dot */
115 as->src.host[--hlen] = 0;
116 as->dst.host = strdup(dsthost);
120 as->src.alpnid = srcalpnid;
121 as->dst.alpnid = dstalpnid;
122 as->src.port = curlx_ultous(srcport);
123 as->dst.port = curlx_ultous(dstport);
131 static struct altsvc *altsvc_create(char *srchost,
135 unsigned int srcport,
136 unsigned int dstport)
138 enum alpnid dstalpnid = alpn2alpnid(dstalpn);
139 enum alpnid srcalpnid = alpn2alpnid(srcalpn);
140 if(!srcalpnid || !dstalpnid)
142 return altsvc_createid(srchost, dsthost, srcalpnid, dstalpnid,
146 /* only returns SERIOUS errors */
147 static CURLcode altsvc_add(struct altsvcinfo *asi, char *line)
150 h2 example.com 443 h3 shiny.example.com 8443 "20191231 10:00:00" 1
152 char srchost[MAX_ALTSVC_HOSTLEN + 1];
153 char dsthost[MAX_ALTSVC_HOSTLEN + 1];
154 char srcalpn[MAX_ALTSVC_ALPNLEN + 1];
155 char dstalpn[MAX_ALTSVC_ALPNLEN + 1];
156 char date[MAX_ALTSVC_DATELEN + 1];
157 unsigned int srcport;
158 unsigned int dstport;
160 unsigned int persist;
164 "%" MAX_ALTSVC_ALPNLENSTR "s %" MAX_ALTSVC_HOSTLENSTR "s %u "
165 "%" MAX_ALTSVC_ALPNLENSTR "s %" MAX_ALTSVC_HOSTLENSTR "s %u "
166 "\"%" MAX_ALTSVC_DATELENSTR "[^\"]\" %u %u",
167 srcalpn, srchost, &srcport,
168 dstalpn, dsthost, &dstport,
169 date, &persist, &prio);
172 time_t expires = Curl_getdate_capped(date);
173 as = altsvc_create(srchost, dsthost, srcalpn, dstalpn, srcport, dstport);
175 as->expires = expires;
177 as->persist = persist ? 1 : 0;
178 Curl_llist_insert_next(&asi->list, asi->list.tail, as, &as->node);
186 * Load alt-svc entries from the given file. The text based line-oriented file
187 * format is documented here:
188 * https://github.com/curl/curl/wiki/QUIC-implementation
190 * This function only returns error on major problems that prevents alt-svc
191 * handling to work completely. It will ignore individual syntactical errors
194 static CURLcode altsvc_load(struct altsvcinfo *asi, const char *file)
196 CURLcode result = CURLE_OK;
200 /* we need a private copy of the file name so that the altsvc cache file
201 name survives an easy handle reset */
203 asi->filename = strdup(file);
205 return CURLE_OUT_OF_MEMORY;
207 fp = fopen(file, FOPEN_READTEXT);
209 line = malloc(MAX_ALTSVC_LINE);
212 while(Curl_get_line(line, MAX_ALTSVC_LINE, fp)) {
213 char *lineptr = line;
214 while(*lineptr && ISBLANK(*lineptr))
217 /* skip commented lines */
220 altsvc_add(asi, lineptr);
222 free(line); /* free the line buffer */
228 Curl_safefree(asi->filename);
231 return CURLE_OUT_OF_MEMORY;
235 * Write this single altsvc entry to a single output line
238 static CURLcode altsvc_out(struct altsvc *as, FILE *fp)
241 CURLcode result = Curl_gmtime(as->expires, &stamp);
251 Curl_alpnid2str(as->src.alpnid), as->src.host, as->src.port,
252 Curl_alpnid2str(as->dst.alpnid), as->dst.host, as->dst.port,
253 stamp.tm_year + 1900, stamp.tm_mon + 1, stamp.tm_mday,
254 stamp.tm_hour, stamp.tm_min, stamp.tm_sec,
255 as->persist, as->prio);
259 /* ---- library-wide functions below ---- */
262 * Curl_altsvc_init() creates a new altsvc cache.
263 * It returns the new instance or NULL if something goes wrong.
265 struct altsvcinfo *Curl_altsvc_init(void)
267 struct altsvcinfo *asi = calloc(sizeof(struct altsvcinfo), 1);
270 Curl_llist_init(&asi->list, NULL);
272 /* set default behavior */
273 asi->flags = CURLALTSVC_H1
285 * Curl_altsvc_load() loads alt-svc from file.
287 CURLcode Curl_altsvc_load(struct altsvcinfo *asi, const char *file)
291 result = altsvc_load(asi, file);
296 * Curl_altsvc_ctrl() passes on the external bitmask.
298 CURLcode Curl_altsvc_ctrl(struct altsvcinfo *asi, const long ctrl)
303 return CURLE_BAD_FUNCTION_ARGUMENT;
309 * Curl_altsvc_cleanup() frees an altsvc cache instance and all associated
312 void Curl_altsvc_cleanup(struct altsvcinfo **altsvcp)
314 struct Curl_llist_element *e;
315 struct Curl_llist_element *n;
317 struct altsvcinfo *altsvc = *altsvcp;
318 for(e = altsvc->list.head; e; e = n) {
319 struct altsvc *as = e->ptr;
323 free(altsvc->filename);
325 *altsvcp = NULL; /* clear the pointer */
330 * Curl_altsvc_save() writes the altsvc cache to a file.
332 CURLcode Curl_altsvc_save(struct Curl_easy *data,
333 struct altsvcinfo *altsvc, const char *file)
335 struct Curl_llist_element *e;
336 struct Curl_llist_element *n;
337 CURLcode result = CURLE_OK;
340 unsigned char randsuffix[9];
343 /* no cache activated */
346 /* if not new name is given, use the one we stored from the load */
347 if(!file && altsvc->filename)
348 file = altsvc->filename;
350 if((altsvc->flags & CURLALTSVC_READONLYFILE) || !file || !file[0])
351 /* marked as read-only, no file or zero length file name */
354 if(Curl_rand_hex(data, randsuffix, sizeof(randsuffix)))
355 return CURLE_FAILED_INIT;
357 tempstore = aprintf("%s.%s.tmp", file, randsuffix);
359 return CURLE_OUT_OF_MEMORY;
361 out = fopen(tempstore, FOPEN_WRITETEXT);
363 result = CURLE_WRITE_ERROR;
365 fputs("# Your alt-svc cache. https://curl.se/docs/alt-svc.html\n"
366 "# This file was generated by libcurl! Edit at your own risk.\n",
368 for(e = altsvc->list.head; e; e = n) {
369 struct altsvc *as = e->ptr;
371 result = altsvc_out(as, out);
376 if(!result && Curl_rename(tempstore, file))
377 result = CURLE_WRITE_ERROR;
386 static CURLcode getalnum(const char **ptr, char *alpnbuf, size_t buflen)
390 const char *p = *ptr;
391 while(*p && ISBLANK(*p))
394 while(*p && !ISBLANK(*p) && (*p != ';') && (*p != '='))
399 if(!len || (len >= buflen))
400 return CURLE_BAD_FUNCTION_ARGUMENT;
401 memcpy(alpnbuf, protop, len);
406 /* hostcompare() returns true if 'host' matches 'check'. The first host
407 * argument may have a trailing dot present that will be ignored.
409 static bool hostcompare(const char *host, const char *check)
411 size_t hlen = strlen(host);
412 size_t clen = strlen(check);
414 if(hlen && (host[hlen - 1] == '.'))
417 /* they can't match if they have different lengths */
419 return strncasecompare(host, check, hlen);
422 /* altsvc_flush() removes all alternatives for this source origin from the
424 static void altsvc_flush(struct altsvcinfo *asi, enum alpnid srcalpnid,
425 const char *srchost, unsigned short srcport)
427 struct Curl_llist_element *e;
428 struct Curl_llist_element *n;
429 for(e = asi->list.head; e; e = n) {
430 struct altsvc *as = e->ptr;
432 if((srcalpnid == as->src.alpnid) &&
433 (srcport == as->src.port) &&
434 hostcompare(srchost, as->src.host)) {
435 Curl_llist_remove(&asi->list, e, NULL);
442 /* to play well with debug builds, we can *set* a fixed time this will
444 static time_t debugtime(void *unused)
446 char *timestr = getenv("CURL_TIME");
449 unsigned long val = strtol(timestr, NULL, 10);
454 #define time(x) debugtime(x)
457 #define ISNEWLINE(x) (((x) == '\n') || (x) == '\r')
460 * Curl_altsvc_parse() takes an incoming alt-svc response header and stores
461 * the data correctly in the cache.
463 * 'value' points to the header *value*. That's contents to the right of the
466 * Currently this function rejects invalid data without returning an error.
467 * Invalid host name, port number will result in the specific alternative
468 * being rejected. Unknown protocols are skipped.
470 CURLcode Curl_altsvc_parse(struct Curl_easy *data,
471 struct altsvcinfo *asi, const char *value,
472 enum alpnid srcalpnid, const char *srchost,
473 unsigned short srcport)
475 const char *p = value;
477 char namebuf[MAX_ALTSVC_HOSTLEN] = "";
478 char alpnbuf[MAX_ALTSVC_ALPNLEN] = "";
480 unsigned short dstport = srcport; /* the same by default */
481 CURLcode result = getalnum(&p, alpnbuf, sizeof(alpnbuf));
482 #ifdef CURL_DISABLE_VERBOSE_STRINGS
486 infof(data, "Excessive alt-svc header, ignoring.");
492 /* Flush all cached alternatives for this source origin, if any */
493 altsvc_flush(asi, srcalpnid, srchost, srcport);
495 /* "clear" is a magic keyword */
496 if(strcasecompare(alpnbuf, "clear")) {
502 /* [protocol]="[host][:port]" */
503 enum alpnid dstalpnid = alpn2alpnid(alpnbuf); /* the same by default */
506 const char *dsthost = "";
507 const char *value_ptr;
512 time_t maxage = 24 * 3600; /* default is 24 hours */
513 bool persist = FALSE;
516 /* host name starts here */
517 const char *hostp = p;
518 while(*p && (ISALNUM(*p) || (*p == '.') || (*p == '-')))
521 if(!len || (len >= MAX_ALTSVC_HOSTLEN)) {
522 infof(data, "Excessive alt-svc host name, ignoring.");
523 dstalpnid = ALPN_none;
526 memcpy(namebuf, hostp, len);
532 /* no destination name, use source host */
537 unsigned long port = strtoul(++p, &end_ptr, 10);
538 if(port > USHRT_MAX || end_ptr == p || *end_ptr != '\"') {
539 infof(data, "Unknown alt-svc port number, ignoring.");
540 dstalpnid = ALPN_none;
543 dstport = curlx_ultous(port);
547 /* Handle the optional 'ma' and 'persist' flags. Unknown flags
554 p++; /* pass the semicolon */
555 if(!*p || ISNEWLINE(*p))
557 result = getalnum(&p, option, sizeof(option));
559 /* skip option if name is too long */
562 while(*p && ISBLANK(*p))
567 while(*p && ISBLANK(*p))
578 while(*p && *p != '\"')
584 while(*p && !ISBLANK(*p) && *p!= ';' && *p != ',')
587 num = strtoul(value_ptr, &end_ptr, 10);
588 if((end_ptr != value_ptr) && (num < ULONG_MAX)) {
589 if(strcasecompare("ma", option))
591 else if(strcasecompare("persist", option) && (num == 1))
596 as = altsvc_createid(srchost, dsthost,
597 srcalpnid, dstalpnid,
600 /* The expires time also needs to take the Age: value (if any) into
601 account. [See RFC 7838 section 3.1] */
602 as->expires = maxage + time(NULL);
603 as->persist = persist;
604 Curl_llist_insert_next(&asi->list, asi->list.tail, as, &as->node);
605 infof(data, "Added alt-svc: %s:%d over %s", dsthost, dstport,
606 Curl_alpnid2str(dstalpnid));
610 infof(data, "Unknown alt-svc protocol \"%s\", skipping.",
616 /* after the double quote there can be a comma if there's another
617 string or a semicolon if no more */
619 /* comma means another alternative is presented */
621 result = getalnum(&p, alpnbuf, sizeof(alpnbuf));
628 } while(*p && (*p != ';') && (*p != '\n') && (*p != '\r'));
634 * Return TRUE on a match
636 bool Curl_altsvc_lookup(struct altsvcinfo *asi,
637 enum alpnid srcalpnid, const char *srchost,
639 struct altsvc **dstentry,
640 const int versions) /* one or more bits */
642 struct Curl_llist_element *e;
643 struct Curl_llist_element *n;
644 time_t now = time(NULL);
646 DEBUGASSERT(srchost);
647 DEBUGASSERT(dstentry);
649 for(e = asi->list.head; e; e = n) {
650 struct altsvc *as = e->ptr;
652 if(as->expires < now) {
653 /* an expired entry, remove */
654 Curl_llist_remove(&asi->list, e, NULL);
658 if((as->src.alpnid == srcalpnid) &&
659 hostcompare(srchost, as->src.host) &&
660 (as->src.port == srcport) &&
661 (versions & as->dst.alpnid)) {
670 #endif /* !CURL_DISABLE_HTTP && !CURL_DISABLE_ALTSVC */