summaryrefslogtreecommitdiff
path: root/test/interactive-helper/aptwebserver.cc
diff options
context:
space:
mode:
authorMichael Vogt <mvo@debian.org>2013-08-05 22:51:30 +0200
committerMichael Vogt <mvo@debian.org>2013-08-05 22:51:30 +0200
commitafc2891fdac29848826a7f9cdeb22ce0c2409350 (patch)
treef7c5c2ea862eca5d28bbb4d45181d6f21e60d06f /test/interactive-helper/aptwebserver.cc
parent4ccd3b3ce69d6a6598e1773689a44fdec78a85cc (diff)
parent64876cf7963f897efa70c3e424527e2e8651aa29 (diff)
Merge remote-tracking branch 'upstream/debian/sid' into bugfix/coverity
Diffstat (limited to 'test/interactive-helper/aptwebserver.cc')
-rw-r--r--test/interactive-helper/aptwebserver.cc36
1 files changed, 28 insertions, 8 deletions
diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc
index a8d191d0e..fde95fec9 100644
--- a/test/interactive-helper/aptwebserver.cc
+++ b/test/interactive-helper/aptwebserver.cc
@@ -319,6 +319,33 @@ bool parseFirstLine(int const client, std::string const &request, /*{{{*/
sendError(client, 500, request, sendContent, "Filename contains an unencoded space");
return false;
}
+
+ std::string host = LookupTag(request, "Host", "");
+ if (host.empty() == true)
+ {
+ // RFC 2616 §14.23 requires Host
+ sendError(client, 400, request, sendContent, "Host header is required");
+ return false;
+ }
+ host = "http://" + host;
+
+ // Proxies require absolute uris, so this is a simple proxy-fake option
+ std::string const absolute = _config->Find("aptwebserver::request::absolute", "uri,path");
+ if (strncmp(host.c_str(), filename.c_str(), host.length()) == 0)
+ {
+ if (absolute.find("uri") == std::string::npos)
+ {
+ sendError(client, 400, request, sendContent, "Request is absoluteURI, but configured to not accept that");
+ return false;
+ }
+ // strip the host from the request to make it an absolute path
+ filename.erase(0, host.length());
+ }
+ else if (absolute.find("path") == std::string::npos)
+ {
+ sendError(client, 400, request, sendContent, "Request is absolutePath, but configured to not accept that");
+ return false;
+ }
filename = DeQuoteString(filename);
// this is not a secure server, but at least prevent the obvious …
@@ -342,6 +369,7 @@ int main(int const argc, const char * argv[])
{
CommandLine::Args Args[] = {
{0, "port", "aptwebserver::port", CommandLine::HasArg},
+ {0, "request-absolute", "aptwebserver::request::absolute", CommandLine::HasArg},
{'c',"config-file",0,CommandLine::ConfigFile},
{'o',"option",0,CommandLine::ArbItem},
{0,0,0,0}
@@ -447,14 +475,6 @@ int main(int const argc, const char * argv[])
if (parseFirstLine(client, *m, filename, sendContent, closeConnection) == false)
continue;
- std::string host = LookupTag(*m, "Host", "");
- if (host.empty() == true)
- {
- // RFC 2616 §14.23 requires Host
- sendError(client, 400, *m, sendContent, "Host header is required");
- continue;
- }
-
// string replacements in the requested filename
::Configuration::Item const *Replaces = _config->Tree("aptwebserver::redirect::replace");
if (Replaces != NULL)