Переглянути джерело

[http] Ignore unrecognised "Connection" header tokens

Some HTTP/2 servers send the header "Connection: upgrade, close".  This
currently causes iPXE to fail due to the unrecognised "upgrade" token.

Fix by ignoring any unrecognised tokens in the "Connection" header.

Reported-by: Ján ONDREJ (SAL) <ondrejj@salstar.sk>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 8 роки тому
джерело
коміт
f42b2585fe
1 змінених файлів з 11 додано та 13 видалено
  1. 11
    13
      src/net/tcp/httpcore.c

+ 11
- 13
src/net/tcp/httpcore.c Переглянути файл

@@ -189,8 +189,8 @@ char * http_token ( char **line, char **value ) {
189 189
 	if ( value )
190 190
 		*value = NULL;
191 191
 
192
-	/* Skip any initial whitespace */
193
-	while ( isspace ( **line ) )
192
+	/* Skip any initial whitespace or commas */
193
+	while ( ( isspace ( **line ) ) || ( **line == ',' ) )
194 194
 		(*line)++;
195 195
 
196 196
 	/* Check for end of line and record token position */
@@ -201,8 +201,8 @@ char * http_token ( char **line, char **value ) {
201 201
 	/* Scan for end of token */
202 202
 	while ( ( c = **line ) ) {
203 203
 
204
-		/* Terminate if we hit an unquoted whitespace */
205
-		if ( isspace ( c ) && ! quote )
204
+		/* Terminate if we hit an unquoted whitespace or comma */
205
+		if ( ( isspace ( c ) || ( c == ',' ) ) && ! quote )
206 206
 			break;
207 207
 
208 208
 		/* Terminate if we hit a closing quote */
@@ -1315,19 +1315,17 @@ http_response_transfer_encoding __http_response_header = {
1315 1315
  * @ret rc		Return status code
1316 1316
  */
1317 1317
 static int http_parse_connection ( struct http_transaction *http, char *line ) {
1318
+	char *token;
1318 1319
 
1319 1320
 	/* Check for known connection intentions */
1320
-	if ( strcasecmp ( line, "keep-alive" ) == 0 ) {
1321
-		http->response.flags |= HTTP_RESPONSE_KEEPALIVE;
1322
-		return 0;
1323
-	}
1324
-	if ( strcasecmp ( line, "close" ) == 0 ) {
1325
-		http->response.flags &= ~HTTP_RESPONSE_KEEPALIVE;
1326
-		return 0;
1321
+	while ( ( token = http_token ( &line, NULL ) ) ) {
1322
+		if ( strcasecmp ( token, "keep-alive" ) == 0 )
1323
+			http->response.flags |= HTTP_RESPONSE_KEEPALIVE;
1324
+		if ( strcasecmp ( token, "close" ) == 0 )
1325
+			http->response.flags &= ~HTTP_RESPONSE_KEEPALIVE;
1327 1326
 	}
1328 1327
 
1329
-	DBGC ( http, "HTTP %p unrecognised Connection \"%s\"\n", http, line );
1330
-	return -ENOTSUP_CONNECTION;
1328
+	return 0;
1331 1329
 }
1332 1330
 
1333 1331
 /** HTTP "Connection" header */

Завантаження…
Відмінити
Зберегти