diff -urN squid-2.5.STABLE1/src/cache_cf.c squid-patched/src/cache_cf.c --- squid-2.5.STABLE1/src/cache_cf.c Sat Sep 7 16:13:59 2002 +++ squid-patched/src/cache_cf.c Mon Sep 30 09:06:17 2002 @@ -2150,6 +2150,33 @@ storeAppendPrintf(entry, "%s %s\n", name, s); } +#define free_uri_utf free_int + +static void +parse_uri_utf(int *var) +{ + char *token = strtok(NULL, w_space); + if (token == NULL) + self_destruct(); + if (!strcasecmp(token, "deny")) + *var = URI_UTF_DENY; + else if (!strcasecmp(token, "allow")) + *var = URI_UTF_ALLOW; + else + self_destruct(); +} + +static void +dump_uri_utf(StoreEntry * entry, const char *name, int var) +{ + char *s; + if (var == URI_UTF_ALLOW) + s = "allow"; + else + s = "deny"; + storeAppendPrintf(entry, "%s %s\n", name, s); +} + static void free_removalpolicy(RemovalPolicySettings ** settings) { diff -urN squid-2.5.STABLE1/src/cf.data.pre squid-patched/src/cf.data.pre --- squid-2.5.STABLE1/src/cf.data.pre Wed Sep 4 14:35:01 2002 +++ squid-patched/src/cf.data.pre Mon Sep 30 09:06:17 2002 @@ -3459,6 +3459,22 @@ violation. DOC_END +NAME: uri_utf +TYPE: uri_utf +LOC: Config.uri_utf +DEFAULT: deny +DOC_START + What to do with requests that have UTF8 or other non-ASCII + encoded characters in the URI. Options: + + deny: The request is denied. The user receives an "Invalid + Request" message. + allow: The request is allowed and the URI is not changed. The + encoded characters remain in the URI. Note the + encoding is passed to redirector processes if they are + in use. +DOC_END + NAME: broken_posts TYPE: acl_access DEFAULT: none diff -urN squid-2.5.STABLE1/src/defines.h squid-patched/src/defines.h --- squid-2.5.STABLE1/src/defines.h Thu Aug 8 21:17:39 2002 +++ squid-patched/src/defines.h Mon Sep 30 09:06:17 2002 @@ -279,6 +279,9 @@ #define URI_WHITESPACE_CHOP 3 #define URI_WHITESPACE_DENY 4 +#define URI_UTF_ALLOW 0 +#define URI_UTF_DENY 1 + #ifndef _PATH_DEVNULL #define _PATH_DEVNULL "/dev/null" #endif diff -urN squid-2.5.STABLE1/src/protos.h squid-patched/src/protos.h --- squid-2.5.STABLE1/src/protos.h Sat Sep 7 16:13:05 2002 +++ squid-patched/src/protos.h Mon Sep 30 09:06:17 2002 @@ -1162,6 +1162,7 @@ extern const char *gb_to_str(const gb_t *); extern void gb_flush(gb_t *); /* internal, do not use this */ extern int stringHasWhitespace(const char *); +extern int stringHasUTF(const char *); extern int stringHasCntl(const char *); extern void linklistPush(link_list **, void *); extern void *linklistShift(link_list **); diff -urN squid-2.5.STABLE1/src/structs.h squid-patched/src/structs.h --- squid-2.5.STABLE1/src/structs.h Sun Sep 8 00:11:23 2002 +++ squid-patched/src/structs.h Mon Sep 30 09:06:17 2002 @@ -650,6 +650,7 @@ } comm_incoming; int max_open_disk_fds; int uri_whitespace; + int uri_utf; size_t rangeOffsetLimit; #if MULTICAST_MISS_STREAM struct { diff -urN squid-2.5.STABLE1/src/tools.c squid-patched/src/tools.c --- squid-2.5.STABLE1/src/tools.c Sat Sep 7 16:13:05 2002 +++ squid-patched/src/tools.c Mon Sep 30 09:06:17 2002 @@ -890,6 +890,22 @@ return strpbrk(s, w_space) != NULL; } +int +stringHasUTF(const char *s) +{ + char *pc = NULL; + pc = index(s, '%'); + while (1) { + if (pc == NULL) return 0; + pc++; + if (*pc >= '8' || *pc < '0') { + return 1; + } + pc = index(pc, '%'); + } + return 0; +} + void linklistPush(link_list ** L, void *p) { diff -urN squid-2.5.STABLE1/src/url.c squid-patched/src/url.c --- squid-2.5.STABLE1/src/url.c Thu Sep 12 06:21:00 2002 +++ squid-patched/src/url.c Mon Sep 30 09:06:17 2002 @@ -353,6 +353,16 @@ *q = '\0'; } } + if (stringHasUTF(urlpath)) { + debug(23, 2) ("urlParse: URI has UTF: {%s}\n", url); + switch (Config.uri_utf) { + case URI_UTF_ALLOW: + break; + case URI_UTF_DENY: + default: + return NULL; + } + } request = requestCreate(method, protocol, urlpath); xstrncpy(request->host, host, SQUIDHOSTNAMELEN); xstrncpy(request->login, login, MAX_LOGIN_SZ);