blob: 812b3c3e8e60c1f038980772d84a3cc0f37ac408 [file] [log] [blame]
Jerome Forissier359d4ed2024-10-16 12:04:09 +02001// SPDX-License-Identifier: GPL-2.0+
2/* Copyright (C) 2024 Linaro Ltd. */
3
4#include <command.h>
5#include <console.h>
6#include <display_options.h>
7#include <efi_loader.h>
8#include <image.h>
9#include <lwip/apps/http_client.h>
Ilias Apalodimas99618ca2024-11-10 10:28:40 +020010#include "lwip/altcp_tls.h"
Jerome Forissier95b10352025-04-17 15:26:58 +020011#include <lwip/errno.h>
Jerome Forissier359d4ed2024-10-16 12:04:09 +020012#include <lwip/timeouts.h>
Ilias Apalodimas99618ca2024-11-10 10:28:40 +020013#include <rng.h>
Jerome Forissier359d4ed2024-10-16 12:04:09 +020014#include <mapmem.h>
15#include <net.h>
16#include <time.h>
Ilias Apalodimas99618ca2024-11-10 10:28:40 +020017#include <dm/uclass.h>
Jerome Forissier359d4ed2024-10-16 12:04:09 +020018
Heinrich Schuchardtd064fc92024-11-08 18:45:26 +010019#define SERVER_NAME_SIZE 254
Jerome Forissier359d4ed2024-10-16 12:04:09 +020020#define HTTP_PORT_DEFAULT 80
Ilias Apalodimas99618ca2024-11-10 10:28:40 +020021#define HTTPS_PORT_DEFAULT 443
Jerome Forissier359d4ed2024-10-16 12:04:09 +020022#define PROGRESS_PRINT_STEP_BYTES (100 * 1024)
23
24enum done_state {
Jerome Forissier97083502024-11-07 12:27:57 +010025 NOT_DONE = 0,
26 SUCCESS = 1,
27 FAILURE = 2
Jerome Forissier359d4ed2024-10-16 12:04:09 +020028};
29
30struct wget_ctx {
Adriano Cordovaa8a8d5c62024-11-11 18:09:00 -030031 char server_name[SERVER_NAME_SIZE];
32 u16 port;
Jerome Forissier359d4ed2024-10-16 12:04:09 +020033 char *path;
34 ulong daddr;
35 ulong saved_daddr;
36 ulong size;
37 ulong prevsize;
38 ulong start_time;
39 enum done_state done;
40};
41
Adriano Cordova25e88412024-11-11 18:09:01 -030042static void wget_lwip_fill_info(struct pbuf *hdr, u16_t hdr_len, u32_t hdr_cont_len)
43{
Adriano Cordova50a2a0b2024-11-26 13:19:21 -030044 if (wget_info->headers) {
45 if (hdr_len < MAX_HTTP_HEADERS_SIZE)
46 pbuf_copy_partial(hdr, (void *)wget_info->headers, hdr_len, 0);
47 else
48 hdr_len = 0;
49 wget_info->headers[hdr_len] = 0;
50 }
Adriano Cordova25e88412024-11-11 18:09:01 -030051 wget_info->hdr_cont_len = (u32)hdr_cont_len;
52}
53
54static void wget_lwip_set_file_size(u32_t rx_content_len)
55{
56 wget_info->file_size = (ulong)rx_content_len;
57}
58
Ilias Apalodimas99618ca2024-11-10 10:28:40 +020059bool wget_validate_uri(char *uri);
60
61int mbedtls_hardware_poll(void *data, unsigned char *output, size_t len,
62 size_t *olen)
63{
64 struct udevice *dev;
Ilias Apalodimas99618ca2024-11-10 10:28:40 +020065 int ret;
66
67 *olen = 0;
68
69 ret = uclass_get_device(UCLASS_RNG, 0, &dev);
70 if (ret) {
71 log_err("Failed to get an rng: %d\n", ret);
72 return ret;
73 }
Ilias Apalodimas4276a3c2024-11-14 16:29:15 +020074 ret = dm_rng_read(dev, output, len);
Ilias Apalodimas99618ca2024-11-10 10:28:40 +020075 if (ret)
76 return ret;
77
Ilias Apalodimas4276a3c2024-11-14 16:29:15 +020078 *olen = len;
Ilias Apalodimas99618ca2024-11-10 10:28:40 +020079
80 return 0;
81}
82
83static int parse_url(char *url, char *host, u16 *port, char **path,
84 bool *is_https)
Jerome Forissier359d4ed2024-10-16 12:04:09 +020085{
86 char *p, *pp;
87 long lport;
Ilias Apalodimas99618ca2024-11-10 10:28:40 +020088 size_t prefix_len = 0;
Jerome Forissier359d4ed2024-10-16 12:04:09 +020089
Ilias Apalodimas99618ca2024-11-10 10:28:40 +020090 if (!wget_validate_uri(url)) {
91 log_err("Invalid URL. Use http(s)://\n");
92 return -EINVAL;
93 }
94
95 *is_https = false;
96 *port = HTTP_PORT_DEFAULT;
97 prefix_len = strlen("http://");
Jerome Forissier359d4ed2024-10-16 12:04:09 +020098 p = strstr(url, "http://");
99 if (!p) {
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200100 p = strstr(url, "https://");
101 prefix_len = strlen("https://");
102 *port = HTTPS_PORT_DEFAULT;
103 *is_https = true;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200104 }
105
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200106 p += prefix_len;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200107
108 /* Parse hostname */
109 pp = strchr(p, ':');
110 if (!pp)
111 pp = strchr(p, '/');
112 if (!pp)
113 return -EINVAL;
114
115 if (p + SERVER_NAME_SIZE <= pp)
116 return -EINVAL;
117
118 memcpy(host, p, pp - p);
119 host[pp - p] = '\0';
120
121 if (*pp == ':') {
122 /* Parse port number */
123 p = pp + 1;
124 lport = simple_strtol(p, &pp, 10);
125 if (pp && *pp != '/')
126 return -EINVAL;
127 if (lport > 65535)
128 return -EINVAL;
129 *port = (u16)lport;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200130 }
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200131
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200132 if (*pp != '/')
133 return -EINVAL;
134 *path = pp;
135
136 return 0;
137}
138
139/*
140 * Legacy syntax support
141 * Convert [<server_name_or_ip>:]filename into a URL if needed
142 */
143static int parse_legacy_arg(char *arg, char *nurl, size_t rem)
144{
145 char *p = nurl;
146 size_t n;
147 char *col = strchr(arg, ':');
148 char *env;
149 char *server;
150 char *path;
151
152 if (strstr(arg, "http") == arg) {
153 n = snprintf(nurl, rem, "%s", arg);
154 if (n < 0 || n > rem)
155 return -1;
156 return 0;
157 }
158
159 n = snprintf(p, rem, "%s", "http://");
160 if (n < 0 || n > rem)
161 return -1;
162 p += n;
163 rem -= n;
164
165 if (col) {
166 n = col - arg;
167 server = arg;
168 path = col + 1;
169 } else {
170 env = env_get("httpserverip");
171 if (!env)
172 env = env_get("serverip");
173 if (!env) {
174 log_err("error: httpserver/serverip has to be set\n");
175 return -1;
176 }
177 n = strlen(env);
178 server = env;
179 path = arg;
180 }
181
182 if (rem < n)
183 return -1;
Jerome Forissierc7157322024-11-26 15:45:06 +0100184 strncpy(p, server, n);
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200185 p += n;
186 rem -= n;
187 if (rem < 1)
188 return -1;
189 *p = '/';
190 p++;
191 rem--;
192 n = strlen(path);
193 if (rem < n)
194 return -1;
Jerome Forissierc7157322024-11-26 15:45:06 +0100195 strncpy(p, path, n);
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200196 p += n;
197 rem -= n;
198 if (rem < 1)
199 return -1;
200 *p = '\0';
201
202 return 0;
203}
204
205static err_t httpc_recv_cb(void *arg, struct altcp_pcb *pcb, struct pbuf *pbuf,
206 err_t err)
207{
208 struct wget_ctx *ctx = arg;
209 struct pbuf *buf;
210
211 if (!pbuf)
212 return ERR_BUF;
213
214 if (!ctx->start_time)
215 ctx->start_time = get_timer(0);
216
217 for (buf = pbuf; buf; buf = buf->next) {
218 memcpy((void *)ctx->daddr, buf->payload, buf->len);
219 ctx->daddr += buf->len;
220 ctx->size += buf->len;
Jerome Forissier95b10352025-04-17 15:26:58 +0200221 if (!wget_info->silent &&
222 ctx->size - ctx->prevsize > PROGRESS_PRINT_STEP_BYTES) {
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200223 printf("#");
224 ctx->prevsize = ctx->size;
225 }
226 }
227
228 altcp_recved(pcb, pbuf->tot_len);
229 pbuf_free(pbuf);
230 return ERR_OK;
231}
232
233static void httpc_result_cb(void *arg, httpc_result_t httpc_result,
234 u32_t rx_content_len, u32_t srv_res, err_t err)
235{
236 struct wget_ctx *ctx = arg;
237 ulong elapsed;
238
Adriano Cordova25e88412024-11-11 18:09:01 -0300239 wget_info->status_code = (u32)srv_res;
240
241 if (err == ERR_BUF) {
242 ctx->done = FAILURE;
243 return;
244 }
245
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200246 if (httpc_result != HTTPC_RESULT_OK) {
247 log_err("\nHTTP client error %d\n", httpc_result);
248 ctx->done = FAILURE;
249 return;
250 }
251 if (srv_res != 200) {
252 log_err("\nHTTP server error %d\n", srv_res);
253 ctx->done = FAILURE;
254 return;
255 }
256
257 elapsed = get_timer(ctx->start_time);
258 if (!elapsed)
259 elapsed = 1;
Jerome Forissier95b10352025-04-17 15:26:58 +0200260 if (!wget_info->silent) {
261 if (rx_content_len > PROGRESS_PRINT_STEP_BYTES)
262 printf("\n");
263 printf("%u bytes transferred in %lu ms (", rx_content_len,
264 elapsed);
265 print_size(rx_content_len / elapsed * 1000, "/s)\n");
266 printf("Bytes transferred = %lu (%lx hex)\n", ctx->size,
267 ctx->size);
268 }
Adriano Cordova93cba0f2024-12-04 00:05:23 -0300269 if (wget_info->set_bootdev)
270 efi_set_bootdev("Http", ctx->server_name, ctx->path, map_sysmem(ctx->saved_daddr, 0),
Adriano Cordova25e88412024-11-11 18:09:01 -0300271 rx_content_len);
Adriano Cordova25e88412024-11-11 18:09:01 -0300272 wget_lwip_set_file_size(rx_content_len);
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200273 if (env_set_hex("filesize", rx_content_len) ||
274 env_set_hex("fileaddr", ctx->saved_daddr)) {
275 log_err("Could not set filesize or fileaddr\n");
276 ctx->done = FAILURE;
277 return;
278 }
279
280 ctx->done = SUCCESS;
281}
282
Adriano Cordova25e88412024-11-11 18:09:01 -0300283static err_t httpc_headers_done_cb(httpc_state_t *connection, void *arg, struct pbuf *hdr,
284 u16_t hdr_len, u32_t content_len)
285{
286 wget_lwip_fill_info(hdr, hdr_len, content_len);
287
288 if (wget_info->check_buffer_size && (ulong)content_len > wget_info->buffer_size)
289 return ERR_BUF;
290
291 return ERR_OK;
292}
293
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100294#if CONFIG_IS_ENABLED(WGET_HTTPS)
295enum auth_mode {
296 AUTH_NONE,
297 AUTH_OPTIONAL,
298 AUTH_REQUIRED,
299};
300
301static char *cacert;
302static size_t cacert_size;
303static enum auth_mode cacert_auth_mode = AUTH_OPTIONAL;
304#endif
305
306#if CONFIG_IS_ENABLED(WGET_CACERT)
307static int set_auth(enum auth_mode auth)
308{
309 cacert_auth_mode = auth;
310
311 return CMD_RET_SUCCESS;
312}
Jerome Forissier7231a692025-03-05 15:26:45 +0100313#endif
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100314
Jerome Forissier7231a692025-03-05 15:26:45 +0100315#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
316extern const char builtin_cacert[];
317extern const size_t builtin_cacert_size;
318static bool cacert_initialized;
319#endif
320
321#if CONFIG_IS_ENABLED(WGET_CACERT) || CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
322static int _set_cacert(const void *addr, size_t sz)
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100323{
324 mbedtls_x509_crt crt;
Jerome Forissier7231a692025-03-05 15:26:45 +0100325 void *p;
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100326 int ret;
327
328 if (cacert)
329 free(cacert);
330
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100331 if (!addr) {
332 cacert = NULL;
333 cacert_size = 0;
334 return CMD_RET_SUCCESS;
335 }
336
Jerome Forissier7231a692025-03-05 15:26:45 +0100337 p = malloc(sz);
338 if (!p)
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100339 return CMD_RET_FAILURE;
Jerome Forissier7231a692025-03-05 15:26:45 +0100340 cacert = p;
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100341 cacert_size = sz;
342
343 memcpy(cacert, (void *)addr, sz);
344
345 mbedtls_x509_crt_init(&crt);
346 ret = mbedtls_x509_crt_parse(&crt, cacert, cacert_size);
347 if (ret) {
Jerome Forissier95b10352025-04-17 15:26:58 +0200348 if (!wget_info->silent)
349 printf("Could not parse certificates (%d)\n", ret);
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100350 free(cacert);
351 cacert = NULL;
352 cacert_size = 0;
353 return CMD_RET_FAILURE;
354 }
355
Jerome Forissier7231a692025-03-05 15:26:45 +0100356#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
357 cacert_initialized = true;
358#endif
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100359 return CMD_RET_SUCCESS;
360}
Jerome Forissier7231a692025-03-05 15:26:45 +0100361
362#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
363static int set_cacert_builtin(void)
364{
365 return _set_cacert(builtin_cacert, builtin_cacert_size);
366}
367#endif
368
369#if CONFIG_IS_ENABLED(WGET_CACERT)
370static int set_cacert(char * const saddr, char * const ssz)
371{
372 ulong addr, sz;
373
374 addr = hextoul(saddr, NULL);
375 sz = hextoul(ssz, NULL);
376
377 return _set_cacert((void *)addr, sz);
378}
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100379#endif
Jerome Forissier7231a692025-03-05 15:26:45 +0100380#endif /* CONFIG_WGET_CACERT || CONFIG_WGET_BUILTIN_CACERT */
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100381
Jerome Forissier1187b4e2025-04-17 15:26:57 +0200382int wget_do_request(ulong dst_addr, char *uri)
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200383{
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100384#if CONFIG_IS_ENABLED(WGET_HTTPS)
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200385 altcp_allocator_t tls_allocator;
386#endif
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200387 httpc_connection_t conn;
388 httpc_state_t *state;
Jerome Forissier1187b4e2025-04-17 15:26:57 +0200389 struct udevice *udev;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200390 struct netif *netif;
391 struct wget_ctx ctx;
392 char *path;
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200393 bool is_https;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200394
395 ctx.daddr = dst_addr;
396 ctx.saved_daddr = dst_addr;
397 ctx.done = NOT_DONE;
398 ctx.size = 0;
399 ctx.prevsize = 0;
400 ctx.start_time = 0;
401
Adriano Cordova484ade32024-12-03 09:55:34 -0300402 if (parse_url(uri, ctx.server_name, &ctx.port, &path, &is_https))
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200403 return CMD_RET_USAGE;
404
Jerome Forissier1187b4e2025-04-17 15:26:57 +0200405 if (net_lwip_eth_start() < 0)
406 return CMD_RET_FAILURE;
407
408 if (!wget_info)
409 wget_info = &default_wget_info;
410
411 udev = eth_get_dev();
412
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200413 netif = net_lwip_new_netif(udev);
414 if (!netif)
415 return -1;
416
417 memset(&conn, 0, sizeof(conn));
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100418#if CONFIG_IS_ENABLED(WGET_HTTPS)
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200419 if (is_https) {
Jerome Forissier7231a692025-03-05 15:26:45 +0100420 char *ca;
421 size_t ca_sz;
422
423#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
424 if (!cacert_initialized)
425 set_cacert_builtin();
426#endif
427 ca = cacert;
428 ca_sz = cacert_size;
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100429
430 if (cacert_auth_mode == AUTH_REQUIRED) {
431 if (!ca || !ca_sz) {
Jerome Forissier95b10352025-04-17 15:26:58 +0200432 if (!wget_info->silent)
433 printf("Error: cacert authentication "
434 "mode is 'required' but no CA "
435 "certificates given\n");
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100436 return CMD_RET_FAILURE;
437 }
438 } else if (cacert_auth_mode == AUTH_NONE) {
439 ca = NULL;
440 ca_sz = 0;
441 } else if (cacert_auth_mode == AUTH_OPTIONAL) {
442 /*
443 * Nothing to do, this is the default behavior of
444 * altcp_tls to check server certificates against CA
445 * certificates when the latter are provided and proceed
446 * with no verification if not.
447 */
448 }
449
Jerome Forissier95b10352025-04-17 15:26:58 +0200450 if (!ca && !wget_info->silent) {
451 printf("WARNING: no CA certificates, ");
452 printf("HTTPS connections not authenticated\n");
453 }
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200454 tls_allocator.alloc = &altcp_tls_alloc;
455 tls_allocator.arg =
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100456 altcp_tls_create_config_client(ca, ca_sz,
457 ctx.server_name);
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200458
459 if (!tls_allocator.arg) {
460 log_err("error: Cannot create a TLS connection\n");
461 net_lwip_remove_netif(netif);
462 return -1;
463 }
464
465 conn.altcp_allocator = &tls_allocator;
466 }
467#endif
468
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200469 conn.result_fn = httpc_result_cb;
Adriano Cordova25e88412024-11-11 18:09:01 -0300470 conn.headers_done_fn = httpc_headers_done_cb;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200471 ctx.path = path;
Adriano Cordovaa8a8d5c62024-11-11 18:09:00 -0300472 if (httpc_get_file_dns(ctx.server_name, ctx.port, path, &conn, httpc_recv_cb,
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200473 &ctx, &state)) {
474 net_lwip_remove_netif(netif);
475 return CMD_RET_FAILURE;
476 }
477
Jerome Forissier95b10352025-04-17 15:26:58 +0200478 errno = 0;
479
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200480 while (!ctx.done) {
481 net_lwip_rx(udev, netif);
482 sys_check_timeouts();
483 if (ctrlc())
484 break;
485 }
486
487 net_lwip_remove_netif(netif);
488
489 if (ctx.done == SUCCESS)
490 return 0;
491
Jerome Forissier95b10352025-04-17 15:26:58 +0200492 if (errno == EPERM && !wget_info->silent)
493 printf("Certificate verification failed\n");
494
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200495 return -1;
496}
497
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200498int do_wget(struct cmd_tbl *cmdtp, int flag, int argc, char * const argv[])
499{
500 char *end;
501 char *url;
502 ulong dst_addr;
503 char nurl[1024];
504
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100505#if CONFIG_IS_ENABLED(WGET_CACERT)
506 if (argc == 4 && !strncmp(argv[1], "cacert", strlen("cacert")))
507 return set_cacert(argv[2], argv[3]);
508 if (argc == 3 && !strncmp(argv[1], "cacert", strlen("cacert"))) {
Jerome Forissier7231a692025-03-05 15:26:45 +0100509#if CONFIG_IS_ENABLED(WGET_BUILTIN_CACERT)
510 if (!strncmp(argv[2], "builtin", strlen("builtin")))
511 return set_cacert_builtin();
512#endif
Jerome Forissier8fa383d2025-03-05 15:26:42 +0100513 if (!strncmp(argv[2], "none", strlen("none")))
514 return set_auth(AUTH_NONE);
515 if (!strncmp(argv[2], "optional", strlen("optional")))
516 return set_auth(AUTH_OPTIONAL);
517 if (!strncmp(argv[2], "required", strlen("required")))
518 return set_auth(AUTH_REQUIRED);
519 return CMD_RET_USAGE;
520 }
521#endif
522
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200523 if (argc < 2 || argc > 3)
524 return CMD_RET_USAGE;
525
526 dst_addr = hextoul(argv[1], &end);
Jerome Forissier97083502024-11-07 12:27:57 +0100527 if (end == (argv[1] + strlen(argv[1]))) {
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200528 if (argc < 3)
529 return CMD_RET_USAGE;
530 url = argv[2];
531 } else {
532 dst_addr = image_load_addr;
533 url = argv[1];
534 }
535
536 if (parse_legacy_arg(url, nurl, sizeof(nurl)))
Jerome Forissier97083502024-11-07 12:27:57 +0100537 return CMD_RET_FAILURE;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200538
Adriano Cordova25e88412024-11-11 18:09:01 -0300539 wget_info = &default_wget_info;
Adriano Cordovab479fc42024-12-04 00:05:16 -0300540 if (wget_do_request(dst_addr, nurl))
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200541 return CMD_RET_FAILURE;
542
543 return CMD_RET_SUCCESS;
544}
545
546/**
547 * wget_validate_uri() - validate the uri for wget
548 *
549 * @uri: uri string
550 *
551 * This function follows the current U-Boot wget implementation.
552 * scheme: only "http:" is supported
553 * authority:
554 * - user information: not supported
555 * - host: supported
556 * - port: not supported(always use the default port)
557 *
558 * Uri is expected to be correctly percent encoded.
559 * This is the minimum check, control codes(0x1-0x19, 0x7F, except '\0')
560 * and space character(0x20) are not allowed.
561 *
562 * TODO: stricter uri conformance check
563 *
564 * Return: true on success, false on failure
565 */
566bool wget_validate_uri(char *uri)
567{
568 char c;
569 bool ret = true;
570 char *str_copy, *s, *authority;
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200571 size_t prefix_len = 0;
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200572
573 for (c = 0x1; c < 0x21; c++) {
574 if (strchr(uri, c)) {
575 log_err("invalid character is used\n");
576 return false;
577 }
578 }
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200579
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200580 if (strchr(uri, 0x7f)) {
581 log_err("invalid character is used\n");
582 return false;
583 }
584
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200585 if (!strncmp(uri, "http://", strlen("http://"))) {
586 prefix_len = strlen("http://");
Jerome Forissier42129542025-02-04 17:00:49 +0100587 } else if (CONFIG_IS_ENABLED(WGET_HTTPS)) {
588 if (!strncmp(uri, "https://", strlen("https://"))) {
589 prefix_len = strlen("https://");
590 } else {
591 log_err("only http(s):// is supported\n");
592 return false;
593 }
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200594 } else {
Jerome Forissier42129542025-02-04 17:00:49 +0100595 log_err("only http:// is supported\n");
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200596 return false;
597 }
Ilias Apalodimas99618ca2024-11-10 10:28:40 +0200598
Jerome Forissier359d4ed2024-10-16 12:04:09 +0200599 str_copy = strdup(uri);
600 if (!str_copy)
601 return false;
602
603 s = str_copy + strlen("http://");
604 authority = strsep(&s, "/");
605 if (!s) {
606 log_err("invalid uri, no file path\n");
607 ret = false;
608 goto out;
609 }
610 s = strchr(authority, '@');
611 if (s) {
612 log_err("user information is not supported\n");
613 ret = false;
614 goto out;
615 }
616
617out:
618 free(str_copy);
619
620 return ret;
621}