Browse Source

allow leading zeros in HTTP/01.01 (fixes #542)

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@1025 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.11
Jan Kneschke 17 years ago
parent
commit
0b8de4b3ec
  1. 50
      src/request.c
  2. 32
      tests/core.t

50
src/request.c

@ -368,11 +368,53 @@ int http_request_parse(server *srv, connection *con) {
}
con->request.http_method = r;
if (0 == strncmp(proto, "HTTP/1.", sizeof("HTTP/1.") - 1)) {
if (proto[7] == '1') {
/*
* RFC2616 says:
*
* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT
*
* */
if (0 == strncmp(proto, "HTTP/", sizeof("HTTP/") - 1)) {
char * major = proto + sizeof("HTTP/") - 1;
char * minor = strchr(major, '.');
char *err = NULL;
int major_num = 0, minor_num = 0;
int invalid_version = 0;
if (NULL == minor || /* no dot */
minor == major || /* no major */
*(minor + 1) == '\0' /* no minor */) {
invalid_version = 1;
} else {
*minor = '\0';
major_num = strtol(major, &err, 10);
if (*err != '\0') invalid_version = 1;
*minor++ = '.';
minor_num = strtol(minor, &err, 10);
if (*err != '\0') invalid_version = 1;
}
if (invalid_version) {
con->http_status = 400;
con->keep_alive = 0;
if (srv->srvconf.log_request_header_on_error) {
log_error_write(srv, __FILE__, __LINE__, "s", "unknown protocol -> 400");
log_error_write(srv, __FILE__, __LINE__, "Sb",
"request-header:\n",
con->request.request);
}
return 0;
}
if (major_num == 1 && minor_num == 1) {
con->request.http_version = con->conf.allow_http11 ? HTTP_VERSION_1_1 : HTTP_VERSION_1_0;
} else if (proto[7] == '0') {
} else if (major_num == 1 && minor_num == 0) {
con->request.http_version = HTTP_VERSION_1_0;
} else {
con->http_status = 505;

32
tests/core.t

@ -9,7 +9,7 @@ BEGIN {
use strict;
use IO::Socket;
use Test::More tests => 17;
use Test::More tests => 21;
use LightyTest;
my $tf = LightyTest->new();
@ -31,6 +31,36 @@ EOF
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 400 } ];
ok($tf->handle_http($t) == 0, 'missing Protocol');
$t->{REQUEST} = ( <<EOF
GET / HTTP/01.01
Host: foo
Connection: close
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.1', 'HTTP-Status' => 200 } ];
ok($tf->handle_http($t) == 0, 'zeros in protocol version');
$t->{REQUEST} = ( <<EOF
GET / HTTP/.01
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 400 } ];
ok($tf->handle_http($t) == 0, 'missing major version');
$t->{REQUEST} = ( <<EOF
GET / HTTP/01.
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 400 } ];
ok($tf->handle_http($t) == 0, 'missing minor version');
$t->{REQUEST} = ( <<EOF
GET / HTTP/a.b
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 400 } ];
ok($tf->handle_http($t) == 0, 'strings as version');
$t->{REQUEST} = ( <<EOF
BC /
EOF

Loading…
Cancel
Save