[core] check for continuation in server.tag
check server.tag for newlines (not expected) and ensure proper header continuation. remove buffer_append_string_encoded() ENCODING_HTTP_HEADER (continuations in response headers handled in response_header_*() funcs)
This commit is contained in:
parent
132c1b6019
commit
83cdf28610
32
src/buffer.c
32
src/buffer.c
|
|
@ -598,28 +598,6 @@ static const char encoded_chars_minimal_xml[] = {
|
|||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* F0 - FF */
|
||||
};
|
||||
|
||||
static const char encoded_chars_http_header[] = {
|
||||
/*
|
||||
0 1 2 3 4 5 6 7 8 9 A B C D E F
|
||||
*/
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, /* 00 - 0F */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 10 - 1F */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 20 - 2F */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 30 - 3F */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 40 - 4F */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 50 - 5F */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 60 - 6F */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 70 - 7F */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 80 - 8F */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 90 - 9F */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* A0 - AF */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* B0 - BF */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* C0 - CF */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* D0 - DF */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* E0 - EF */
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* F0 - FF */
|
||||
};
|
||||
|
||||
|
||||
|
||||
void buffer_append_string_encoded(buffer *b, const char *s, size_t s_len, buffer_encoding_t encoding) {
|
||||
|
|
@ -645,9 +623,6 @@ void buffer_append_string_encoded(buffer *b, const char *s, size_t s_len, buffer
|
|||
case ENCODING_MINIMAL_XML:
|
||||
map = encoded_chars_minimal_xml;
|
||||
break;
|
||||
case ENCODING_HTTP_HEADER:
|
||||
map = encoded_chars_http_header;
|
||||
break;
|
||||
}
|
||||
|
||||
force_assert(NULL != map);
|
||||
|
|
@ -664,9 +639,6 @@ void buffer_append_string_encoded(buffer *b, const char *s, size_t s_len, buffer
|
|||
case ENCODING_MINIMAL_XML:
|
||||
d_len += 6;
|
||||
break;
|
||||
case ENCODING_HTTP_HEADER:
|
||||
d_len += 2;
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
d_len++;
|
||||
|
|
@ -695,10 +667,6 @@ void buffer_append_string_encoded(buffer *b, const char *s, size_t s_len, buffer
|
|||
d[d_len++] = hex_chars_uc[(*ds) & 0x0F];
|
||||
d[d_len++] = ';';
|
||||
break;
|
||||
case ENCODING_HTTP_HEADER:
|
||||
d[d_len++] = *ds;
|
||||
d[d_len++] = '\t';
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
d[d_len++] = *ds;
|
||||
|
|
|
|||
|
|
@ -114,8 +114,7 @@ typedef enum {
|
|||
ENCODING_REL_URI, /* for coding a rel-uri (/with space/and%percent) nicely as part of a href */
|
||||
ENCODING_REL_URI_PART, /* same as ENC_REL_URL plus coding / too as %2F */
|
||||
ENCODING_HTML, /* & becomes & and so on */
|
||||
ENCODING_MINIMAL_XML, /* minimal encoding for xml */
|
||||
ENCODING_HTTP_HEADER /* encode \n with \t\n */
|
||||
ENCODING_MINIMAL_XML /* minimal encoding for xml */
|
||||
} buffer_encoding_t;
|
||||
|
||||
void buffer_append_string_encoded(buffer *b, const char *s, size_t s_len, buffer_encoding_t encoding);
|
||||
|
|
|
|||
|
|
@ -347,6 +347,23 @@ static int config_insert(server *srv) {
|
|||
"unexpected value for mimetype.assign; expected list of \"ext\" => \"mimetype\"");
|
||||
}
|
||||
|
||||
if (!buffer_string_is_empty(s->server_tag)) {
|
||||
for (char *t = strchr(s->server_tag->ptr,'\n'); NULL != t; t = strchr(t+2,'\n')) {
|
||||
/* not expecting admin to define multi-line server.tag,
|
||||
* but ensure server_tag has proper header continuation,
|
||||
* if needed */
|
||||
off_t off = t - s->server_tag->ptr;
|
||||
size_t len;
|
||||
if (t[1] == ' ' || t[1] == '\t') continue;
|
||||
len = buffer_string_length(s->server_tag);
|
||||
buffer_string_prepare_append(s->server_tag, 1);
|
||||
t = s->server_tag->ptr+off;
|
||||
memmove(t+2, t+1, len - off - 1);
|
||||
t[1] = ' ';
|
||||
buffer_commit(s->server_tag, 1);
|
||||
}
|
||||
}
|
||||
|
||||
#if !(defined HAVE_LIBSSL && defined HAVE_OPENSSL_SSL_H)
|
||||
if (s->ssl_enabled) {
|
||||
log_error_write(srv, __FILE__, __LINE__, "s",
|
||||
|
|
|
|||
|
|
@ -81,14 +81,7 @@ int http_response_write_header(server *srv, connection *con) {
|
|||
buffer_append_string_len(b, CONST_STR_LEN("\r\n"));
|
||||
buffer_append_string_buffer(b, ds->key);
|
||||
buffer_append_string_len(b, CONST_STR_LEN(": "));
|
||||
#if 0
|
||||
/**
|
||||
* the value might contain newlines, encode them with at least one white-space
|
||||
*/
|
||||
buffer_append_string_encoded(b, CONST_BUF_LEN(ds->value), ENCODING_HTTP_HEADER);
|
||||
#else
|
||||
buffer_append_string_buffer(b, ds->value);
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -111,7 +104,7 @@ int http_response_write_header(server *srv, connection *con) {
|
|||
if (!have_server) {
|
||||
if (!buffer_string_is_empty(con->conf.server_tag)) {
|
||||
buffer_append_string_len(b, CONST_STR_LEN("\r\nServer: "));
|
||||
buffer_append_string_encoded(b, CONST_BUF_LEN(con->conf.server_tag), ENCODING_HTTP_HEADER);
|
||||
buffer_append_string_len(b, CONST_BUF_LEN(con->conf.server_tag));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue