Browse Source

[http] Ignore unrecognised "Connection" header tokens

Some HTTP/2 servers send the header "Connection: upgrade, close".  This
currently causes iPXE to fail due to the unrecognised "upgrade" token.

Fix by ignoring any unrecognised tokens in the "Connection" header.

Reported-by: Ján ONDREJ (SAL) <ondrejj@salstar.sk>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 8 years ago
parent
commit
f42b2585fe
1 changed files with 11 additions and 13 deletions
  1. 11
    13
      src/net/tcp/httpcore.c

+ 11
- 13
src/net/tcp/httpcore.c View File

189
 	if ( value )
189
 	if ( value )
190
 		*value = NULL;
190
 		*value = NULL;
191
 
191
 
192
-	/* Skip any initial whitespace */
193
-	while ( isspace ( **line ) )
192
+	/* Skip any initial whitespace or commas */
193
+	while ( ( isspace ( **line ) ) || ( **line == ',' ) )
194
 		(*line)++;
194
 		(*line)++;
195
 
195
 
196
 	/* Check for end of line and record token position */
196
 	/* Check for end of line and record token position */
201
 	/* Scan for end of token */
201
 	/* Scan for end of token */
202
 	while ( ( c = **line ) ) {
202
 	while ( ( c = **line ) ) {
203
 
203
 
204
-		/* Terminate if we hit an unquoted whitespace */
205
-		if ( isspace ( c ) && ! quote )
204
+		/* Terminate if we hit an unquoted whitespace or comma */
205
+		if ( ( isspace ( c ) || ( c == ',' ) ) && ! quote )
206
 			break;
206
 			break;
207
 
207
 
208
 		/* Terminate if we hit a closing quote */
208
 		/* Terminate if we hit a closing quote */
1315
  * @ret rc		Return status code
1315
  * @ret rc		Return status code
1316
  */
1316
  */
1317
 static int http_parse_connection ( struct http_transaction *http, char *line ) {
1317
 static int http_parse_connection ( struct http_transaction *http, char *line ) {
1318
+	char *token;
1318
 
1319
 
1319
 	/* Check for known connection intentions */
1320
 	/* Check for known connection intentions */
1320
-	if ( strcasecmp ( line, "keep-alive" ) == 0 ) {
1321
-		http->response.flags |= HTTP_RESPONSE_KEEPALIVE;
1322
-		return 0;
1323
-	}
1324
-	if ( strcasecmp ( line, "close" ) == 0 ) {
1325
-		http->response.flags &= ~HTTP_RESPONSE_KEEPALIVE;
1326
-		return 0;
1321
+	while ( ( token = http_token ( &line, NULL ) ) ) {
1322
+		if ( strcasecmp ( token, "keep-alive" ) == 0 )
1323
+			http->response.flags |= HTTP_RESPONSE_KEEPALIVE;
1324
+		if ( strcasecmp ( token, "close" ) == 0 )
1325
+			http->response.flags &= ~HTTP_RESPONSE_KEEPALIVE;
1327
 	}
1326
 	}
1328
 
1327
 
1329
-	DBGC ( http, "HTTP %p unrecognised Connection \"%s\"\n", http, line );
1330
-	return -ENOTSUP_CONNECTION;
1328
+	return 0;
1331
 }
1329
 }
1332
 
1330
 
1333
 /** HTTP "Connection" header */
1331
 /** HTTP "Connection" header */

Loading…
Cancel
Save