From: "Daniel P. Berrange" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Denis V. Lunev" <den@openvz.org>,
Anton Nefedov <anton.nefedov@virtuozzo.com>,
"Daniel P. Berrange" <berrange@redhat.com>
Subject: [Qemu-devel] [PATCH] io: ignore case when matching websockets HTTP headers
Date: Mon, 27 Feb 2017 20:14:56 +0000 [thread overview]
Message-ID: <20170227201456.31814-1-berrange@redhat.com> (raw)
According to RFC7230 Section 3.2, header field name is case-insensitive.
Convert the header data into all lowercase before doing string matching
on the headers.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
io/channel-websock.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/io/channel-websock.c b/io/channel-websock.c
index a06a4a8..32b7f37 100644
--- a/io/channel-websock.c
+++ b/io/channel-websock.c
@@ -33,9 +33,9 @@
#define QIO_CHANNEL_WEBSOCK_GUID "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
#define QIO_CHANNEL_WEBSOCK_GUID_LEN strlen(QIO_CHANNEL_WEBSOCK_GUID)
-#define QIO_CHANNEL_WEBSOCK_HEADER_PROTOCOL "Sec-WebSocket-Protocol"
-#define QIO_CHANNEL_WEBSOCK_HEADER_VERSION "Sec-WebSocket-Version"
-#define QIO_CHANNEL_WEBSOCK_HEADER_KEY "Sec-WebSocket-Key"
+#define QIO_CHANNEL_WEBSOCK_HEADER_PROTOCOL "sec-websocket-protocol"
+#define QIO_CHANNEL_WEBSOCK_HEADER_VERSION "sec-websocket-version"
+#define QIO_CHANNEL_WEBSOCK_HEADER_KEY "sec-websocket-key"
#define QIO_CHANNEL_WEBSOCK_PROTOCOL_BINARY "binary"
@@ -223,7 +223,7 @@ static int qio_channel_websock_handshake_process(QIOChannelWebsock *ioc,
static int qio_channel_websock_handshake_read(QIOChannelWebsock *ioc,
Error **errp)
{
- char *handshake_end;
+ char *handshake_end, *tmp;
ssize_t ret;
/* Typical HTTP headers from novnc are 512 bytes, so limiting
* total header size to 4096 is easily enough. */
@@ -249,9 +249,13 @@ static int qio_channel_websock_handshake_read(QIOChannelWebsock *ioc,
}
}
+ for (tmp = (char *)ioc->encinput.buffer; tmp < handshake_end; tmp++) {
+ *tmp = g_ascii_tolower(*tmp);
+ }
+
if (qio_channel_websock_handshake_process(ioc,
(char *)ioc->encinput.buffer,
- ioc->encinput.offset,
+ handshake_end - (char *)ioc->encinput.buffer,
errp) < 0) {
return -1;
}
--
2.9.3
next reply other threads:[~2017-02-27 20:15 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-27 20:14 Daniel P. Berrange [this message]
2017-02-27 21:20 ` [Qemu-devel] [PATCH] io: ignore case when matching websockets HTTP headers Eric Blake
2017-02-28 7:29 ` Denis V. Lunev
2017-02-28 10:09 ` Daniel P. Berrange
2017-02-28 10:12 ` Denis V. Lunev
2017-02-27 21:28 ` no-reply
2017-02-28 10:48 ` Daniel P. Berrange
2017-02-28 10:54 ` Denis V. Lunev
2017-02-28 10:58 ` Denis V. Lunev
2017-02-28 11:56 ` Daniel P. Berrange
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170227201456.31814-1-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=anton.nefedov@virtuozzo.com \
--cc=den@openvz.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).