[multiple] con->proto_default_port

personal/stbuehler/ci-build
Glenn Strauss 3 years ago
parent 034d7d6734
commit 1dd58c5ad8
  1. 2
      src/base.h
  2. 6
      src/connections.c
  3. 8
      src/mod_extforward.c
  4. 9
      src/mod_openssl.c
  5. 15
      src/request.c
  6. 2
      src/request.h
  7. 5
      src/response.c
  8. 5
      src/t/test_request.c

@ -224,8 +224,8 @@ struct connection {
void *config_data_base;
const buffer *server_name;
buffer *proto;
buffer *server_name_buf;
uint16_t proto_default_port;
/* error-handler */
int error_handler_saved_status;

@ -561,7 +561,6 @@ static connection *connection_init(server *srv) {
CLEAN(physical.etag);
CLEAN(server_name_buf);
CLEAN(proto);
CLEAN(dst_addr_buf);
#undef CLEAN
@ -627,7 +626,6 @@ void connections_free(server *srv) {
CLEAN(physical.rel_path);
CLEAN(server_name_buf);
CLEAN(proto);
CLEAN(dst_addr_buf);
#undef CLEAN
free(con->plugin_ctx);
@ -671,9 +669,9 @@ static int connection_reset(connection *con) {
#undef CLEAN
buffer_clear(con->uri.scheme);
/*buffer_clear(con->proto);*//* set to default in connection_accepted() */
/*buffer_clear(con->uri.authority);*/
/*buffer_clear(con->server_name_buf);*//* reset when used */
/*con->proto_default_port = 80;*//*set to default in connection_accepted()*/
con->request.http_host = NULL;
con->request.content_length = 0;
@ -1118,12 +1116,12 @@ connection *connection_accepted(server *srv, server_socket *srv_socket, sock_add
buffer_copy_string(con->dst_addr_buf, inet_ntop_cache_get_ip(srv, &(con->dst_addr)));
con->srv_socket = srv_socket;
con->is_ssl_sock = srv_socket->is_ssl;
con->proto_default_port = 80; /* "http" */
config_cond_cache_reset(con);
con->conditional_is_valid |= (1 << COMP_SERVER_SOCKET)
| (1 << COMP_HTTP_REMOTE_IP);
buffer_copy_string_len(con->proto, CONST_STR_LEN("http"));
if (HANDLER_GO_ON != plugins_call_handle_connection_accept(con)) {
connection_reset(con);
connection_close(con);

@ -930,9 +930,11 @@ static handler_t mod_extforward_Forwarded (connection *con, plugin_data *p, cons
buffer_copy_string_len(con->request.http_host, s+v, vlen-v);
}
int scheme_port =
buffer_eq_slen(con->uri.scheme,CONST_STR_LEN("https")) ? 443 : 80;
if (0 != http_request_host_policy(con->request.http_host,
con->uri.scheme,
con->conf.http_parseopts)) {
con->conf.http_parseopts,
scheme_port)) {
/*(reject invalid chars in Host)*/
log_error(con->conf.errh, __FILE__, __LINE__,
"invalid host= value in Forwarded header");
@ -1581,7 +1583,7 @@ static int mod_extforward_hap_PROXY_v2 (connection * const con,
(struct pp2_tlv_ssl *)(void *)((char *)tlv+3);
struct pp2_tlv *subtlv = tlv;
if (tlv_ssl->client & PP2_CLIENT_SSL) {
buffer_copy_string_len(con->proto, CONST_STR_LEN("https"));
con->proto_default_port = 443; /* "https" */
}
if ((tlv_ssl->client & (PP2_CLIENT_CERT_CONN|PP2_CLIENT_CERT_SESS))
&& 0 == memcmp(&tlv_ssl->verify, &zero, 4)) { /* misaligned */

@ -521,8 +521,8 @@ mod_openssl_SNI (SSL *ssl, handler_ctx *hctx, const char *servername, size_t len
#if 0
/*(con->uri.authority used below for configuration before request read;
* revisit for h2)*/
if (0 != http_request_host_policy(con->uri.authority, con->uri.scheme,
con->conf.http_parseopts))
if (0 != http_request_host_policy(con->uri.authority,
con->conf.http_parseopts, 443))
return SSL_TLSEXT_ERR_ALERT_FATAL;
#endif
@ -773,8 +773,7 @@ mod_openssl_acme_tls_1 (SSL *ssl, handler_ctx *hctx)
if (NULL != strchr(name->ptr, '/')) return rc;
if (name->ptr[0] == '.') return rc;
#if 0
if (0 != http_request_host_policy(name, hctx->con->uri.scheme,
hctx->con->conf.http_parseopts))
if (0 != http_request_host_policy(name,hctx->con->conf.http_parseopts,443))
return rc;
#endif
buffer_append_string_buffer(b, name);
@ -2045,7 +2044,7 @@ CONNECTION_FUNC(mod_openssl_handle_con_accept)
SSL_set_accept_state(hctx->ssl);
con->network_read = connection_read_cq_ssl;
con->network_write = connection_write_cq_ssl;
buffer_copy_string_len(con->proto, CONST_STR_LEN("https"));
con->proto_default_port = 443; /* "https" */
mod_openssl_patch_config(con, &hctx->conf);
return HANDLER_GO_ON;
}

@ -333,17 +333,11 @@ int http_request_host_normalize(buffer * const b, const int scheme_port) {
return 0;
}
__attribute_pure__
static int scheme_port (const buffer * const scheme)
{
return buffer_is_equal_string(scheme, CONST_STR_LEN("https")) ? 443 : 80;
}
int http_request_host_policy (buffer * const b, const buffer * const scheme, const unsigned int http_parseopts) {
int http_request_host_policy (buffer * const b, const unsigned int http_parseopts, const int scheme_port) {
return (((http_parseopts & HTTP_PARSEOPT_HOST_STRICT)
&& 0 != request_check_hostname(b))
|| ((http_parseopts & HTTP_PARSEOPT_HOST_NORMALIZE)
&& 0 != http_request_host_normalize(b, scheme_port(scheme))));
&& 0 != http_request_host_normalize(b, scheme_port)));
}
__attribute_pure__ /*(could be even more strict and use __attribute_const__)*/
@ -818,8 +812,9 @@ int http_request_parse(connection * const con, char * const hdrs, const unsigned
/* check hostname field if it is set */
if (con->request.http_host) {
if (0 != http_request_host_policy(con->request.http_host, con->proto,
con->conf.http_parseopts))
if (0 != http_request_host_policy(con->request.http_host,
con->conf.http_parseopts,
con->proto_default_port))
return http_request_header_line_invalid(con, 400, "Invalid Hostname -> 400");
}
else {

@ -7,6 +7,6 @@
int http_request_parse(connection *con, char *hdrs, const unsigned short *hloffsets);
int http_request_host_normalize(buffer *b, int scheme_port);
int http_request_host_policy(buffer *b, const buffer *scheme, unsigned int http_parseopts);
int http_request_host_policy(buffer *b, unsigned int http_parseopts, int scheme_port);
#endif

@ -355,7 +355,10 @@ handler_t http_response_prepare(connection *con) {
/* take initial scheme value from connection-level state
* (request con->uri.scheme can be overwritten for later,
* for example by mod_extforward or mod_magnet) */
buffer_copy_buffer(con->uri.scheme, con->proto);
if (con->proto_default_port == 443)
buffer_copy_string_len(con->uri.scheme, CONST_STR_LEN("https"));
else
buffer_copy_string_len(con->uri.scheme, CONST_STR_LEN("http"));
buffer_copy_buffer(con->uri.authority, con->request.http_host);
buffer_to_lower(con->uri.authority);

@ -20,7 +20,7 @@ static void test_request_connection_reset(connection *con)
con->request.content_length = 0;
con->header_len = 0;
con->http_status = 0;
buffer_reset(con->proto);
con->proto_default_port = 80;
buffer_reset(con->request.request);
buffer_reset(con->request.orig_uri);
buffer_reset(con->request.uri);
@ -586,7 +586,7 @@ int main (void)
memset(&con, 0, sizeof(connection));
con.srv = &srv;
con.proto = buffer_init();
con.proto_default_port = 80;
con.request.request = buffer_init();
con.request.orig_uri = buffer_init();
con.request.uri = buffer_init();
@ -598,7 +598,6 @@ int main (void)
test_request_http_request_parse(&con);
buffer_free(con.proto);
buffer_free(con.request.request);
buffer_free(con.request.orig_uri);
buffer_free(con.request.uri);

Loading…
Cancel
Save