← Back to branch summary

~ubuntu-branches/ubuntu/lucid/lighttpd/lucid

« back to all changes in this revision

Viewing changes to src/request.c

  • Committer: Bazaar Package Importer
  • Author(s): Andres Rodriguez
  • Date: 2010-03-27 15:53:32 UTC
  • mfrom: (6.1.8 sid)
  • Revision ID: james.westby@ubuntu.com-20100327155332-fmp9cpnys8skidbq
Tags: 1.4.26-1.1ubuntu1
https://launchpad.net/bugs/407722
https://launchpad.net/bugs/521659
https://launchpad.net/bugs/523682
* Merge from debian unstable (LP: #407722).  Remaining changes:
  - debian/control: libgamin-dev rather than libfam-dev to fix startup 
    warning.
  - debian/init.d: clean environment; Check syntax during start/reload
    restart/force-reload.
  - debian/index.html: s/Debian/Ubuntu/g branding on the default page.
  - Added a UFW profile set: 
    + debian/lighttpd.dirs: added etc/ufw/applications.d
    + debian/rules: install the ufw profile.
    + debian/control: Suggests on ufw.
  - Add lighttpd-dev package:
    + debian/control: Added lighttpd-dev package; Build-depends on 
      automake, libtool
    + debian/lighttpd-dev.install: Added.
* debian/control: debhelper Build-depends bumped to (>= 7.0.50) for 
  overrides in rules file.
* debian/rules: 
  - Add override_dh_installinit to set "defaults 91 09" to not start 
    before apache2 but in the same runlevel with the same priority.
* debian/patches/build-dev-package.patch: Updated
* Also closes: (LP: #521659, LP: #523682)

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/request.c
 
1
#include "request.h"
 
2
#include "keyvalue.h"
 
3
#include "log.h"
 
4
 
1
5
#include <sys/stat.h>
2
6
 
3
7
#include <limits.h>
6
10
#include <stdio.h>
7
11
#include <ctype.h>
8
12
 
9
 
#include "request.h"
10
 
#include "keyvalue.h"
11
 
#include "log.h"
12
 
 
13
13
static int request_check_hostname(server *srv, connection *con, buffer *host) {
14
14
        enum { DOMAINLABEL, TOPLABEL } stage = TOPLABEL;
15
15
        size_t i;
86
86
        if (host_len == 0) return -1;
87
87
 
88
88
        /* if the hostname ends in a "." strip it */
89
 
        if (host->ptr[host_len-1] == '.') host_len -= 1;
 
89
        if (host->ptr[host_len-1] == '.') {
 
90
                /* shift port info one left */
 
91
                if (NULL != colon) memmove(colon-1, colon, host->used - host_len);
 
92
                else host->ptr[host_len-1] = '\0';
 
93
                host_len -= 1;
 
94
                host->used -= 1;
 
95
        }
 
96
 
 
97
        if (host_len == 0) return -1;
90
98
 
91
99
        /* scan from the right and skip the \0 */
92
 
        for (i = host_len - 1; i + 1 > 0; i--) {
 
100
        for (i = host_len; i-- > 0; ) {
93
101
                const char c = host->ptr[i];
94
102
 
95
103
                switch (stage) {
103
111
 
104
112
                                        /* check the first character at right of the dot */
105
113
                                        if (is_ip == 0) {
106
 
                                                if (!light_isalpha(host->ptr[i+1])) {
 
114
                                                if (!light_isalnum(host->ptr[i+1])) {
107
115
                                                        return -1;
108
116
                                                }
109
117
                                        } else if (!light_isdigit(host->ptr[i+1])) {
125
133
                                }
126
134
                        } else if (i == 0) {
127
135
                                /* the first character of the hostname */
128
 
                                if (!light_isalpha(c)) {
 
136
                                if (!light_isalnum(c)) {
129
137
                                        return -1;
130
138
                                }
131
139
                                label_len++;
200
208
#define DUMP_HEADER
201
209
#endif
202
210
 
203
 
int http_request_split_value(array *vals, buffer *b) {
 
211
static int http_request_split_value(array *vals, buffer *b) {
204
212
        char *s;
205
213
        size_t i;
206
214
        int state = 0;
262
270
        return 0;
263
271
}
264
272
 
265
 
int request_uri_is_valid_char(unsigned char c) {
 
273
static int request_uri_is_valid_char(unsigned char c) {
266
274
        if (c <= 32) return 0;
267
275
        if (c == 127) return 0;
268
276
        if (c == 255) return 0;
274
282
        char *uri = NULL, *proto = NULL, *method = NULL, con_length_set;
275
283
        int is_key = 1, key_len = 0, is_ws_after_key = 0, in_folding;
276
284
        char *value = NULL, *key = NULL;
 
285
        char *reqline_host = NULL;
 
286
        int reqline_hostlen = 0;
277
287
 
278
288
        enum { HTTP_CONNECTION_UNSET, HTTP_CONNECTION_KEEPALIVE, HTTP_CONNECTION_CLOSE } keep_alive_set = HTTP_CONNECTION_UNSET;
279
289
 
443
453
 
444
454
                                if (0 == strncmp(uri, "http://", 7) &&
445
455
                                    NULL != (nuri = strchr(uri + 7, '/'))) {
446
 
                                        /* ignore the host-part */
 
456
                                        reqline_host = uri + 7;
 
457
                                        reqline_hostlen = nuri - reqline_host;
 
458
 
 
459
                                        buffer_copy_string_len(con->request.uri, nuri, proto - nuri - 1);
 
460
                                } else if (0 == strncmp(uri, "https://", 8) &&
 
461
                                    NULL != (nuri = strchr(uri + 8, '/'))) {
 
462
                                        reqline_host = uri + 8;
 
463
                                        reqline_hostlen = nuri - reqline_host;
447
464
 
448
465
                                        buffer_copy_string_len(con->request.uri, nuri, proto - nuri - 1);
449
466
                                } else {
532
549
                con->response.keep_alive = 0;
533
550
                con->keep_alive = 0;
534
551
 
535
 
                log_error_write(srv, __FILE__, __LINE__, "s", "no uri specified -> 400");
536
552
                if (srv->srvconf.log_request_header_on_error) {
 
553
                        log_error_write(srv, __FILE__, __LINE__, "s", "no uri specified -> 400");
537
554
                        log_error_write(srv, __FILE__, __LINE__, "Sb",
538
555
                                                        "request-header:\n",
539
556
                                                        con->request.request);
541
558
                return 0;
542
559
        }
543
560
 
 
561
        if (reqline_host) {
 
562
                /* Insert as host header */
 
563
                data_string *ds;
 
564
 
 
565
                if (NULL == (ds = (data_string *)array_get_unused_element(con->request.headers, TYPE_STRING))) {
 
566
                        ds = data_string_init();
 
567
                }
 
568
 
 
569
                buffer_copy_string_len(ds->key, CONST_STR_LEN("Host"));
 
570
                buffer_copy_string_len(ds->value, reqline_host, reqline_hostlen);
 
571
                array_insert_unique(con->request.headers, (data_unset *)ds);
 
572
                con->request.http_host = ds->value;
 
573
        }
544
574
 
545
575
        for (; i < con->parse_request->used && !done; i++) {
546
576
                char *cur = con->parse_request->ptr + i;
901
931
                                                                        return 0;
902
932
                                                                }
903
933
                                                        } else if (cmp > 0 && 0 == (cmp = buffer_caseless_compare(CONST_BUF_LEN(ds->key), CONST_STR_LEN("Host")))) {
904
 
                                                                if (!con->request.http_host) {
 
934
                                                                if (reqline_host) {
 
935
                                                                        /* ignore all host: headers as we got the host in the request line */
 
936
                                                                        ds->free((data_unset*) ds);
 
937
                                                                        ds = NULL;
 
938
                                                                } else if (!con->request.http_host) {
905
939
                                                                        con->request.http_host = ds->value;
906
940
                                                                } else {
907
941
                                                                        con->http_status = 400;
948
982
                                                                if (!con->request.http_if_none_match) {
949
983
                                                                        con->request.http_if_none_match = ds->value->ptr;
950
984
                                                                } else {
951
 
                                                                        con->http_status = 400;
952
 
                                                                        con->keep_alive = 0;
953
 
 
954
 
                                                                        if (srv->srvconf.log_request_header_on_error) {
955
 
                                                                                log_error_write(srv, __FILE__, __LINE__, "s",
956
 
                                                                                                "duplicate If-None-Match-header -> 400");
957
 
                                                                                log_error_write(srv, __FILE__, __LINE__, "Sb",
958
 
                                                                                                "request-header:\n",
959
 
                                                                                                con->request.request);
960
 
                                                                        }
961
 
                                                                        array_insert_unique(con->request.headers, (data_unset *)ds);
962
 
                                                                        return 0;
 
985
                                                                        ds->free((data_unset*) ds);
 
986
                                                                        ds = NULL;
963
987
                                                                }
964
988
                                                        } else if (cmp > 0 && 0 == (cmp = buffer_caseless_compare(CONST_BUF_LEN(ds->key), CONST_STR_LEN("Range")))) {
965
989
                                                                if (!con->request.http_range) {