From 6a008f7148d5ff51129e1bc0b14e704ac553a207 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20B=C3=BChler?= Date: Thu, 9 May 2013 19:21:10 +0200 Subject: [PATCH] follow upstream fixes --- debian/changelog | 11 +++ ...ng-to-compare-HTTP-header-field-name.patch | 57 ++++++++++++++ ...cted-Host-header-handling-fixes-2477.patch | 76 +++++++++++++++++++ ...ader-no-longer-needs-a-leading-space.patch | 21 +++++ debian/patches/series | 3 + 5 files changed, 168 insertions(+) create mode 100644 debian/patches/0001-Fix-header-parsing-to-compare-HTTP-header-field-name.patch create mode 100644 debian/patches/0002-Corrected-Host-header-handling-fixes-2477.patch create mode 100644 debian/patches/0003-User-Agent-header-no-longer-needs-a-leading-space.patch create mode 100644 debian/patches/series diff --git a/debian/changelog b/debian/changelog index 4e4c372..85ef5ec 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +weighttp (0.3-2) unstable; urgency=low + + [ Jyri J. Virkki ] + * Fix header parsing to compare HTTP header field names case insensitively. This fixes the problem where responses get incorrectly marked as errors if the response header field name case doesn't happen to match to what is in the code. + + [ Ben Brown ] + * Corrected Host header handling (fixes #2477) + * User-Agent header no longer needs a leading space + + -- Stefan Bühler Thu, 09 May 2013 19:17:14 +0200 + weighttp (0.3-1) unstable; urgency=low * New upstream release diff --git a/debian/patches/0001-Fix-header-parsing-to-compare-HTTP-header-field-name.patch b/debian/patches/0001-Fix-header-parsing-to-compare-HTTP-header-field-name.patch new file mode 100644 index 0000000..ce154c9 --- /dev/null +++ b/debian/patches/0001-Fix-header-parsing-to-compare-HTTP-header-field-name.patch @@ -0,0 +1,57 @@ +From: "Jyri J. Virkki" +Date: Sun, 6 Jan 2013 02:21:09 -0800 +Subject: =?UTF-8?q?Fix=20header=20parsing=20to=20compare=20HTTP=20header=20f?= + =?UTF-8?q?ield=20names=20case=0Ainsensitively.=20This=20fixes=20the=20probl?= + =?UTF-8?q?em=20where=20responses=20get=20incorrectly=0Amarked=20as=20errors?= + =?UTF-8?q?=20if=20the=20response=20header=20field=20name=20case=20doesn't=20?= + =?UTF-8?q?happen=0Ato=20match=20to=20what=20is=20in=20the=20code.?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Also compare connection and transfer-encoding tokens case insensitively. + +(Reference: RFC 2616: header field names are not case sensitive.) + +Co-authored-by: Stefan Bühler +--- + src/client.c | 14 ++++++-------- + 1 file changed, 6 insertions(+), 8 deletions(-) + +diff --git a/src/client.c b/src/client.c +index f8875e4..dd48265 100644 +--- a/src/client.c ++++ b/src/client.c +@@ -379,26 +379,24 @@ static uint8_t client_parse(Client *client, int size) { + str = &client->buffer[client->parser_offset]; + //printf("checking header: '%s'\n", str); + +- if (strncmp(str, "Content-Length: ", sizeof("Content-Length: ")-1) == 0) { ++ if (strncasecmp(str, "Content-Length: ", sizeof("Content-Length: ")-1) == 0) { + /* content length header */ + client->content_length = str_to_uint64(str + sizeof("Content-Length: ") - 1); +- } else if (strncmp(str, "Connection: ", sizeof("Connection: ")-1) == 0) { ++ } else if (strncasecmp(str, "Connection: ", sizeof("Connection: ")-1) == 0) { + /* connection header */ + str += sizeof("Connection: ") - 1; + +- if (strncmp(str, "close", sizeof("close")-1) == 0) ++ if (strncasecmp(str, "close", sizeof("close")-1) == 0) + client->keepalive = 0; +- else if (strncmp(str, "Keep-Alive", sizeof("Keep-Alive")-1) == 0) +- client->keepalive = client->worker->config->keep_alive; +- else if (strncmp(str, "keep-alive", sizeof("keep-alive")-1) == 0) ++ else if (strncasecmp(str, "keep-alive", sizeof("keep-alive")-1) == 0) + client->keepalive = client->worker->config->keep_alive; + else + return 0; +- } else if (strncmp(str, "Transfer-Encoding: ", sizeof("Transfer-Encoding: ")-1) == 0) { ++ } else if (strncasecmp(str, "Transfer-Encoding: ", sizeof("Transfer-Encoding: ")-1) == 0) { + /* transfer encoding header */ + str += sizeof("Transfer-Encoding: ") - 1; + +- if (strncmp(str, "chunked", sizeof("chunked")-1) == 0) ++ if (strncasecmp(str, "chunked", sizeof("chunked")-1) == 0) + client->chunked = 1; + else + return 0; diff --git a/debian/patches/0002-Corrected-Host-header-handling-fixes-2477.patch b/debian/patches/0002-Corrected-Host-header-handling-fixes-2477.patch new file mode 100644 index 0000000..35d04b6 --- /dev/null +++ b/debian/patches/0002-Corrected-Host-header-handling-fixes-2477.patch @@ -0,0 +1,76 @@ +From: Ben Brown +Date: Tue, 19 Feb 2013 20:03:57 +0000 +Subject: Corrected Host header handling (fixes #2477) + +--- + src/weighttp.c | 33 ++++++++++++++++++++++++++++++--- + 1 file changed, 30 insertions(+), 3 deletions(-) + +diff --git a/src/weighttp.c b/src/weighttp.c +index 77504f1..a7744b5 100644 +--- a/src/weighttp.c ++++ b/src/weighttp.c +@@ -76,9 +76,11 @@ static char *forge_request(char *url, char keep_alive, char **host, uint16_t *po + uint32_t len; + uint8_t i; + uint8_t have_user_agent; ++ char *header_host; + + *host = NULL; + *port = 0; ++ header_host = NULL; + + if (strncmp(url, "http://", 7) == 0) + url += 7; +@@ -137,6 +139,25 @@ static char *forge_request(char *url, char keep_alive, char **host, uint16_t *po + + have_user_agent = 0; + for (i = 0; i < headers_num; i++) { ++ if (strncmp(headers[i], "Host:", sizeof("Host:")-1) == 0) { ++ if (header_host) { ++ W_ERROR("%s", "Duplicate Host header"); ++ free(*host); ++ return NULL; ++ } ++ header_host = headers[i] + 5; ++ if (*header_host == ' ') ++ header_host++; ++ ++ if (strlen(header_host) == 0) { ++ W_ERROR("%s", "Invalid Host header"); ++ free(*host); ++ return NULL; ++ } ++ ++ len += strlen(header_host); ++ continue; ++ } + len += strlen(headers[i]) + strlen("\r\n"); + if (strncmp(headers[i], "User-Agent: ", sizeof("User-Agent: ")-1) == 0) + have_user_agent = 1; +@@ -150,9 +171,13 @@ static char *forge_request(char *url, char keep_alive, char **host, uint16_t *po + strcpy(req, "GET "); + strcat(req, url); + strcat(req, " HTTP/1.1\r\nHost: "); +- strcat(req, *host); +- if (*port != 80) +- sprintf(req + strlen(req), ":%"PRIu16, *port); ++ if (header_host) { ++ strcat(req, header_host); ++ } else { ++ strcat(req, *host); ++ if (*port != 80) ++ sprintf(req + strlen(req), ":%"PRIu16, *port); ++ } + + strcat(req, "\r\n"); + +@@ -160,6 +185,8 @@ static char *forge_request(char *url, char keep_alive, char **host, uint16_t *po + sprintf(req + strlen(req), "User-Agent: weighttp/" VERSION "\r\n"); + + for (i = 0; i < headers_num; i++) { ++ if (strncmp(headers[i], "Host:", sizeof("Host:")-1) == 0) ++ continue; + strcat(req, headers[i]); + strcat(req, "\r\n"); + } diff --git a/debian/patches/0003-User-Agent-header-no-longer-needs-a-leading-space.patch b/debian/patches/0003-User-Agent-header-no-longer-needs-a-leading-space.patch new file mode 100644 index 0000000..a554b52 --- /dev/null +++ b/debian/patches/0003-User-Agent-header-no-longer-needs-a-leading-space.patch @@ -0,0 +1,21 @@ +From: Ben Brown +Date: Tue, 19 Feb 2013 20:08:13 +0000 +Subject: User-Agent header no longer needs a leading space + +--- + src/weighttp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/weighttp.c b/src/weighttp.c +index a7744b5..fa6af29 100644 +--- a/src/weighttp.c ++++ b/src/weighttp.c +@@ -159,7 +159,7 @@ static char *forge_request(char *url, char keep_alive, char **host, uint16_t *po + continue; + } + len += strlen(headers[i]) + strlen("\r\n"); +- if (strncmp(headers[i], "User-Agent: ", sizeof("User-Agent: ")-1) == 0) ++ if (strncmp(headers[i], "User-Agent:", sizeof("User-Agent:")-1) == 0) + have_user_agent = 1; + } + diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..41771ca --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,3 @@ +0001-Fix-header-parsing-to-compare-HTTP-header-field-name.patch +0002-Corrected-Host-header-handling-fixes-2477.patch +0003-User-Agent-header-no-longer-needs-a-leading-space.patch