[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] 01/05: MHD_queue_response(): detect incorrect "upgrade"
From: |
gnunet |
Subject: |
[libmicrohttpd] 01/05: MHD_queue_response(): detect incorrect "upgrade" responses |
Date: |
Wed, 11 Aug 2021 21:37:03 +0200 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a commit to branch master
in repository libmicrohttpd.
commit dd9c70757633f32dcba2d6eaa46df96c903ed727
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Wed Aug 4 17:21:31 2021 +0300
MHD_queue_response(): detect incorrect "upgrade" responses
---
src/microhttpd/connection.c | 63 +++++++++++++++++++++++++++++++++++----------
1 file changed, 49 insertions(+), 14 deletions(-)
diff --git a/src/microhttpd/connection.c b/src/microhttpd/connection.c
index b2d285e3..6d2a058b 100644
--- a/src/microhttpd/connection.c
+++ b/src/microhttpd/connection.c
@@ -4564,25 +4564,60 @@ MHD_queue_response (struct MHD_Connection *connection,
return MHD_NO;
#ifdef UPGRADE_SUPPORT
- if ( (NULL != response->upgrade_handler) &&
- (0 == (daemon->options & MHD_ALLOW_UPGRADE)) )
+ if (NULL != response->upgrade_handler)
{
+ struct MHD_HTTP_Header *conn_header;
+ if (0 == (daemon->options & MHD_ALLOW_UPGRADE))
+ {
#ifdef HAVE_MESSAGES
- MHD_DLOG (daemon,
- _ (
- "Attempted 'upgrade' connection on daemon without
MHD_ALLOW_UPGRADE option!\n"));
+ MHD_DLOG (daemon,
+ _ ("Attempted 'upgrade' connection on daemon without" \
+ " MHD_ALLOW_UPGRADE option!\n"));
#endif
- return MHD_NO;
- }
- if ( (MHD_HTTP_SWITCHING_PROTOCOLS != status_code) &&
- (NULL != response->upgrade_handler) )
- {
+ return MHD_NO;
+ }
+ if (MHD_HTTP_SWITCHING_PROTOCOLS != status_code)
+ {
#ifdef HAVE_MESSAGES
- MHD_DLOG (daemon,
- _ (
- "Application used invalid status code for 'upgrade'
response!\n"));
+ MHD_DLOG (daemon,
+ _ ("Application used invalid status code for" \
+ " 'upgrade' response!\n"));
#endif
- return MHD_NO;
+ return MHD_NO;
+ }
+ if (0 == (response->flags_auto & MHD_RAF_HAS_CONNECTION_HDR))
+ {
+#ifdef HAVE_MESSAGES
+ MHD_DLOG (daemon,
+ _ ("Application used invalid response" \
+ " without \"Connection\" header!\n"));
+#endif
+ return MHD_NO;
+ }
+ conn_header = response->first_header;
+ mhd_assert (NULL != conn_header);
+ mhd_assert (MHD_str_equal_caseless_ (conn_header->header,
+ MHD_HTTP_HEADER_CONNECTION));
+ if (! MHD_str_has_s_token_caseless_ (conn_header->value,
+ "upgrade"))
+ {
+#ifdef HAVE_MESSAGES
+ MHD_DLOG (daemon,
+ _ ("Application used invalid response" \
+ " without \"upgrade\" token in" \
+ " \"Connection\" header!\n"));
+#endif
+ return MHD_NO;
+ }
+ if (! MHD_IS_HTTP_VER_1_1_COMPAT (connection->http_ver))
+ {
+#ifdef HAVE_MESSAGES
+ MHD_DLOG (daemon,
+ _ ("Connection \"Upgrade\" can be used " \
+ "with HTTP/1.1 connections!\n"));
+#endif
+ return MHD_NO;
+ }
}
#endif /* UPGRADE_SUPPORT */
if ( (100 > (status_code & (~MHD_ICY_FLAG))) ||
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.