1 /* ====================================================================
2 * The Apache Software License, Version 1.1
3 *
4 * Copyright (c) 2000-2003 The Apache Software Foundation. All rights
5 * reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 *
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * 3. The end-user documentation included with the redistribution,
20 * if any, must include the following acknowledgment:
21 * "This product includes software developed by the
22 * Apache Software Foundation (http://www.apache.org/)."
23 * Alternately, this acknowledgment may appear in the software itself,
24 * if and wherever such third-party acknowledgments normally appear.
25 *
26 * 4. The names "Apache" and "Apache Software Foundation" must
27 * not be used to endorse or promote products derived from this
28 * software without prior written permission. For written
29 * permission, please contact apache@apache.org.
30 *
31 * 5. Products derived from this software may not be called "Apache",
32 * nor may "Apache" appear in their name, without prior written
33 * permission of the Apache Software Foundation.
34 *
35 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
36 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
37 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
38 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
41 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
42 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
43 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
44 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
45 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
46 * SUCH DAMAGE.
47 * ====================================================================
48 *
49 * This software consists of voluntary contributions made by many
50 * individuals on behalf of the Apache Software Foundation. For more
51 * information on the Apache Software Foundation, please see
52 * <http://www.apache.org/>.
53 *
54 * Portions of this software are based upon public domain software
55 * originally written at the National Center for Supercomputing Applications,
56 * University of Illinois, Urbana-Champaign.
57 */
58
59 /*
60 * util_date.c: date parsing utility routines
61 * These routines are (hopefully) platform-independent.
62 *
63 * 27 Oct 1996 Roy Fielding
64 * Extracted (with many modifications) from mod_proxy.c and
65 * tested with over 50,000 randomly chosen valid date strings
66 * and several hundred variations of invalid date strings.
67 *
68 */
69
70 #include "ap_config.h"
71 #include "util_date.h"
72 #include <ctype.h>
73 #include <string.h>
74
75 /*
76 * Compare a string to a mask
77 * Mask characters (arbitrary maximum is 256 characters, just in case):
78 * @ - uppercase letter
79 * $ - lowercase letter
80 * & - hex digit
81 * # - digit
82 * ~ - digit or space
83 * * - swallow remaining characters
84 * <x> - exact match for any other character
85 */
ap_checkmask(const char * data,const char * mask)86 API_EXPORT(int) ap_checkmask(const char *data, const char *mask)
87 {
88 int i;
89 char d;
90
91 for (i = 0; i < 256; i++) {
92 d = data[i];
93 switch (mask[i]) {
94 case '\0':
95 return (d == '\0');
96
97 case '*':
98 return 1;
99
100 case '@':
101 if (!ap_isupper(d))
102 return 0;
103 break;
104 case '$':
105 if (!ap_islower(d))
106 return 0;
107 break;
108 case '#':
109 if (!isdigit((unsigned char)d))
110 return 0;
111 break;
112 case '&':
113 if (!ap_isxdigit(d))
114 return 0;
115 break;
116 case '~':
117 if ((d != ' ') && !isdigit((unsigned char)d))
118 return 0;
119 break;
120 default:
121 if (mask[i] != d)
122 return 0;
123 break;
124 }
125 }
126 return 0; /* We only get here if mask is corrupted (exceeds 256) */
127 }
128
129 /*
130 * tm2sec converts a GMT tm structure into the number of seconds since
131 * 1st January 1970 UT. Note that we ignore tm_wday, tm_yday, and tm_dst.
132 *
133 * The return value is always a valid time_t value -- (time_t)0 is returned
134 * if the input date is outside that capable of being represented by time(),
135 * i.e., before Thu, 01 Jan 1970 00:00:00 for all systems and
136 * beyond 2038 for 32bit systems.
137 *
138 * This routine is intended to be very fast, much faster than mktime().
139 */
ap_tm2sec(const struct tm * t)140 API_EXPORT(time_t) ap_tm2sec(const struct tm * t)
141 {
142 int year;
143 time_t days;
144 static const int dayoffset[12] =
145 {306, 337, 0, 31, 61, 92, 122, 153, 184, 214, 245, 275};
146
147 year = t->tm_year;
148
149 if (year < 70 || ((sizeof(time_t) <= 4) && (year >= 138)))
150 return BAD_DATE;
151
152 /* shift new year to 1st March in order to make leap year calc easy */
153
154 if (t->tm_mon < 2)
155 year--;
156
157 /* Find number of days since 1st March 1900 (in the Gregorian calendar). */
158
159 days = year * 365 + year / 4 - year / 100 + (year / 100 + 3) / 4;
160 days += dayoffset[t->tm_mon] + t->tm_mday - 1;
161 days -= 25508; /* 1 jan 1970 is 25508 days since 1 mar 1900 */
162
163 days = ((days * 24 + t->tm_hour) * 60 + t->tm_min) * 60 + t->tm_sec;
164
165 if (days < 0)
166 return BAD_DATE; /* must have overflowed */
167 else
168 return days; /* must be a valid time */
169 }
170
171 /*
172 * Parses an HTTP date in one of three standard forms:
173 *
174 * Sun, 06 Nov 1994 08:49:37 GMT ; RFC 822, updated by RFC 1123
175 * Sunday, 06-Nov-94 08:49:37 GMT ; RFC 850, obsoleted by RFC 1036
176 * Sun Nov 6 08:49:37 1994 ; ANSI C's asctime() format
177 *
178 * and returns the time_t number of seconds since 1 Jan 1970 GMT, or
179 * 0 if this would be out of range or if the date is invalid.
180 *
181 * The restricted HTTP syntax is
182 *
183 * HTTP-date = rfc1123-date | rfc850-date | asctime-date
184 *
185 * rfc1123-date = wkday "," SP date1 SP time SP "GMT"
186 * rfc850-date = weekday "," SP date2 SP time SP "GMT"
187 * asctime-date = wkday SP date3 SP time SP 4DIGIT
188 *
189 * date1 = 2DIGIT SP month SP 4DIGIT
190 * ; day month year (e.g., 02 Jun 1982)
191 * date2 = 2DIGIT "-" month "-" 2DIGIT
192 * ; day-month-year (e.g., 02-Jun-82)
193 * date3 = month SP ( 2DIGIT | ( SP 1DIGIT ))
194 * ; month day (e.g., Jun 2)
195 *
196 * time = 2DIGIT ":" 2DIGIT ":" 2DIGIT
197 * ; 00:00:00 - 23:59:59
198 *
199 * wkday = "Mon" | "Tue" | "Wed"
200 * | "Thu" | "Fri" | "Sat" | "Sun"
201 *
202 * weekday = "Monday" | "Tuesday" | "Wednesday"
203 * | "Thursday" | "Friday" | "Saturday" | "Sunday"
204 *
205 * month = "Jan" | "Feb" | "Mar" | "Apr"
206 * | "May" | "Jun" | "Jul" | "Aug"
207 * | "Sep" | "Oct" | "Nov" | "Dec"
208 *
209 * However, for the sake of robustness (and Netscapeness), we ignore the
210 * weekday and anything after the time field (including the timezone).
211 *
212 * This routine is intended to be very fast; 10x faster than using sscanf.
213 *
214 * Originally from Andrew Daviel <andrew@vancouver-webpages.com>, 29 Jul 96
215 * but many changes since then.
216 *
217 */
ap_parseHTTPdate(const char * date)218 API_EXPORT(time_t) ap_parseHTTPdate(const char *date)
219 {
220 struct tm ds;
221 int mint, mon;
222 const char *monstr, *timstr;
223 static const int months[12] =
224 {
225 ('J' << 16) | ('a' << 8) | 'n', ('F' << 16) | ('e' << 8) | 'b',
226 ('M' << 16) | ('a' << 8) | 'r', ('A' << 16) | ('p' << 8) | 'r',
227 ('M' << 16) | ('a' << 8) | 'y', ('J' << 16) | ('u' << 8) | 'n',
228 ('J' << 16) | ('u' << 8) | 'l', ('A' << 16) | ('u' << 8) | 'g',
229 ('S' << 16) | ('e' << 8) | 'p', ('O' << 16) | ('c' << 8) | 't',
230 ('N' << 16) | ('o' << 8) | 'v', ('D' << 16) | ('e' << 8) | 'c'};
231
232 if (!date)
233 return BAD_DATE;
234
235 while (ap_isspace(*date)) /* Find first non-whitespace char */
236 ++date;
237
238 if (*date == '\0')
239 return BAD_DATE;
240
241 if ((date = strchr(date, ' ')) == NULL) /* Find space after weekday */
242 return BAD_DATE;
243
244 ++date; /* Now pointing to first char after space, which should be */
245 /* start of the actual date information for all 3 formats. */
246
247 if (ap_checkmask(date, "## @$$ #### ##:##:## *")) { /* RFC 1123 format */
248 ds.tm_year = ((date[7] - '0') * 10 + (date[8] - '0') - 19) * 100;
249 if (ds.tm_year < 0)
250 return BAD_DATE;
251
252 ds.tm_year += ((date[9] - '0') * 10) + (date[10] - '0');
253
254 ds.tm_mday = ((date[0] - '0') * 10) + (date[1] - '0');
255
256 monstr = date + 3;
257 timstr = date + 12;
258 }
259 else if (ap_checkmask(date, "##-@$$-## ##:##:## *")) { /* RFC 850 format */
260 ds.tm_year = ((date[7] - '0') * 10) + (date[8] - '0');
261 if (ds.tm_year < 70)
262 ds.tm_year += 100;
263
264 ds.tm_mday = ((date[0] - '0') * 10) + (date[1] - '0');
265
266 monstr = date + 3;
267 timstr = date + 10;
268 }
269 else if (ap_checkmask(date, "@$$ ~# ##:##:## ####*")) { /* asctime format */
270 ds.tm_year = ((date[16] - '0') * 10 + (date[17] - '0') - 19) * 100;
271 if (ds.tm_year < 0)
272 return BAD_DATE;
273
274 ds.tm_year += ((date[18] - '0') * 10) + (date[19] - '0');
275
276 if (date[4] == ' ')
277 ds.tm_mday = 0;
278 else
279 ds.tm_mday = (date[4] - '0') * 10;
280
281 ds.tm_mday += (date[5] - '0');
282
283 monstr = date;
284 timstr = date + 7;
285 }
286 else
287 return BAD_DATE;
288
289 if (ds.tm_mday <= 0 || ds.tm_mday > 31)
290 return BAD_DATE;
291
292 ds.tm_hour = ((timstr[0] - '0') * 10) + (timstr[1] - '0');
293 ds.tm_min = ((timstr[3] - '0') * 10) + (timstr[4] - '0');
294 ds.tm_sec = ((timstr[6] - '0') * 10) + (timstr[7] - '0');
295
296 if ((ds.tm_hour > 23) || (ds.tm_min > 59) || (ds.tm_sec > 61))
297 return BAD_DATE;
298
299 mint = (monstr[0] << 16) | (monstr[1] << 8) | monstr[2];
300 for (mon = 0; mon < 12; mon++)
301 if (mint == months[mon])
302 break;
303 if (mon == 12)
304 return BAD_DATE;
305
306 if ((ds.tm_mday == 31) && (mon == 3 || mon == 5 || mon == 8 || mon == 10))
307 return BAD_DATE;
308
309 /* February gets special check for leapyear */
310
311 if ((mon == 1) &&
312 ((ds.tm_mday > 29)
313 || ((ds.tm_mday == 29)
314 && ((ds.tm_year & 3)
315 || (((ds.tm_year % 100) == 0)
316 && (((ds.tm_year % 400) != 100)))))))
317 return BAD_DATE;
318
319 ds.tm_mon = mon;
320
321 return ap_tm2sec(&ds);
322 }
323