[core] http_request_host_policy w/ http_parseopts

pass http_parseopts arg (instead of con) to http_request_host_policy()
2019-12-08 08:47:42 -05:00 · 2019-12-08 08:47:42 -05:00 · 034d7d6734
parent 4fb26ea3b7
commit 034d7d6734
4 changed files with 13 additions and 9 deletions
--- a/src/mod_extforward.c
+++ b/src/mod_extforward.c
@ -930,8 +930,9 @@ static handler_t mod_extforward_Forwarded (connection *con, plugin_data *p, cons
                buffer_copy_string_len(con->request.http_host, s+v, vlen-v);
            }

-            if (0 != http_request_host_policy(con, con->request.http_host,
-                                              con->uri.scheme)) {
+            if (0 != http_request_host_policy(con->request.http_host,
+                                              con->uri.scheme,
+                                              con->conf.http_parseopts)) {
                /*(reject invalid chars in Host)*/
                log_error(con->conf.errh, __FILE__, __LINE__,
                  "invalid host= value in Forwarded header");
--- a/src/mod_openssl.c
+++ b/src/mod_openssl.c
@ -521,7 +521,8 @@ mod_openssl_SNI (SSL *ssl, handler_ctx *hctx, const char *servername, size_t len
  #if 0
    /*(con->uri.authority used below for configuration before request read;
     * revisit for h2)*/
-    if (0 != http_request_host_policy(con, con->uri.authority, con->uri.scheme))
+    if (0 != http_request_host_policy(con->uri.authority, con->uri.scheme,
+                                      con->conf.http_parseopts))
        return SSL_TLSEXT_ERR_ALERT_FATAL;
  #endif

@ -772,7 +773,8 @@ mod_openssl_acme_tls_1 (SSL *ssl, handler_ctx *hctx)
    if (NULL != strchr(name->ptr, '/')) return rc;
    if (name->ptr[0] == '.')            return rc;
  #if 0
-    if (0 != http_request_host_policy(hctx->con, name, hctx->con->uri.scheme))
+    if (0 != http_request_host_policy(name, hctx->con->uri.scheme,
+                                      hctx->con->conf.http_parseopts))
        return rc;
  #endif
    buffer_append_string_buffer(b, name);
--- a/src/request.c
+++ b/src/request.c
@ -339,10 +339,10 @@ static int scheme_port (const buffer * const scheme)
    return buffer_is_equal_string(scheme, CONST_STR_LEN("https")) ? 443 : 80;
 }

-int http_request_host_policy (connection * const con, buffer * const b, const buffer * const scheme) {
-    return (((con->conf.http_parseopts & HTTP_PARSEOPT_HOST_STRICT)
+int http_request_host_policy (buffer * const b, const buffer * const scheme, const unsigned int http_parseopts) {
+    return (((http_parseopts & HTTP_PARSEOPT_HOST_STRICT)
             && 0 != request_check_hostname(b))
-            || ((con->conf.http_parseopts & HTTP_PARSEOPT_HOST_NORMALIZE)
+            || ((http_parseopts & HTTP_PARSEOPT_HOST_NORMALIZE)
                && 0 != http_request_host_normalize(b, scheme_port(scheme))));
 }

@ -818,7 +818,8 @@ int http_request_parse(connection * const con, char * const hdrs, const unsigned

    /* check hostname field if it is set */
    if (con->request.http_host) {
-        if (0 != http_request_host_policy(con, con->request.http_host, con->proto))
+        if (0 != http_request_host_policy(con->request.http_host, con->proto,
+                                          con->conf.http_parseopts))
            return http_request_header_line_invalid(con, 400, "Invalid Hostname -> 400");
    }
    else {
--- a/src/request.h
+++ b/src/request.h
@ -7,6 +7,6 @@

 int http_request_parse(connection *con, char *hdrs, const unsigned short *hloffsets);
 int http_request_host_normalize(buffer *b, int scheme_port);
-int http_request_host_policy(connection *con, buffer *b, const buffer *scheme);
+int http_request_host_policy(buffer *b, const buffer *scheme, unsigned int http_parseopts);

 #endif