998
907
cli_dbgmsg("Phishcheck cleaned up\n");
911
/*ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz*/
912
static const uint8_t URI_alpha[256] = {
913
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
914
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
915
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
916
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
917
0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
918
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0,
919
0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
920
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0,
921
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
922
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
923
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
924
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
925
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
926
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
927
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
928
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
931
/*!"$%&'()*,-0123456789@ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz*/
932
static const uint8_t URI_xalpha_nodot[256] = {
933
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
934
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
935
0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 0,
936
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0,
937
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
938
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1,
939
0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
940
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0,
941
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
942
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
943
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
944
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
945
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
946
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
947
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
948
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
951
/*!"#$%&'()*+,-0123456789@ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz*/
952
static const uint8_t URI_xpalpha_nodot[256] = {
953
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
954
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
955
0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0,
956
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0,
957
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
958
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1,
959
0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
960
1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0,
961
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
962
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
963
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
964
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
965
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
966
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
967
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
968
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
971
static inline int validate_uri_xalphas_nodot(const char *start, const char *end)
973
const unsigned char *p = start;
974
for(p=start;p < (const unsigned char*)end; p++) {
975
if(!URI_xalpha_nodot[*p])
981
static inline int validate_uri_xpalphas_nodot(const char *start, const char *end)
983
const unsigned char *p = start;
984
for(p=start;p < (const unsigned char*)end; p++) {
985
if(!URI_xpalpha_nodot[*p])
988
/* must have at least on char */
989
return p > (const unsigned char*)start;
993
static inline int validate_uri_ialpha(const char *start, const char *end)
995
const unsigned char *p = start;
996
if(start >= end || !URI_alpha[*p])
998
return validate_uri_xalphas_nodot(start + 1, end);
1002
1002
* Only those URLs are identified as URLs for which phishing detection can be performed.
1004
static int isURL(const struct phishcheck* pchk,const char* URL)
1004
static int isURL(const struct phishcheck* pchk,const char* URL, int accept_anyproto)
1006
return URL ? !cli_regexec(&pchk->preg,URL,0,NULL,0) : 0;
1006
const char *start = NULL, *p, *q;
1012
if (strncmp(URL, https, https_len) == 0)
1013
start = URL + https_len;
1014
else if (strncmp(URL, http, http_len) == 0)
1015
start = URL + http_len;
1018
if (strncmp(URL, ftp, ftp_len) == 0)
1019
start = URL + ftp_len;
1022
if (strncmp(URL, mailto_proto, mailto_proto_len) == 0)
1023
start = URL + mailto_proto_len;
1027
if(start[0] == '\0')
1028
return 0;/* empty URL */
1029
/* has a valid protocol, it is a URL */
1032
start = accept_anyproto ? strchr(URL, ':') : NULL;
1034
/* validate URI scheme */
1035
if(validate_uri_ialpha(URL, start)) {
1036
if(start[1] == '/' && start[2] == '/')
1037
start += 3; /* skip :// */
1042
start = URL; /* scheme invalid */
1049
if(!validate_uri_xpalphas_nodot(p, q))
1054
if (p == start) /* must have at least one dot in the URL */
1056
return !!in_tld_set(p, strlen(p));
1010
1060
* Check if this is a real URL, which basically means to check if it has a known URL scheme (http,https,ftp).
1011
1061
* This prevents false positives with outbind:// and blocked:: links.
1013
1064
static int isRealURL(const struct phishcheck* pchk,const char* URL)
1015
1066
return URL ? !cli_regexec(&pchk->preg_realurl,URL,0,NULL,0) : 0;
1018
1070
static int isNumericURL(const struct phishcheck* pchk,const char* URL)