Try to avoid host header misconfigurations in check_signature().

author: default 2024-01-03 09:22:07 +0100
committer: default 2024-01-03 09:22:07 +0100
commit: 607335aa741d01230bde873adf420b2cf85ce89f (patch)
tree: 494f5ba291ace13d9a7b65f7c652faad8a75c34e /http.c
parent: Made check_signature() a bit clearer. (diff)
download: penes-snac2-607335aa741d01230bde873adf420b2cf85ce89f.tar.gz
penes-snac2-607335aa741d01230bde873adf420b2cf85ce89f.tar.xz
penes-snac2-607335aa741d01230bde873adf420b2cf85ce89f.zip
1 files changed, 13 insertions, 0 deletions
diff --git a/http.c b/http.c
index da613ec..16b15c8 100644
--- a/http.c
+++ b/http.c
@@ -223,6 +223,19 @@ int check_signature(xs_dict *req, xs_str **err)
            if (strcmp(v, "(expires)") == 0) {
                ss = xs_fmt("%s: %s", v, expires);
            }
+            else
+            if (strcmp(v, "host") == 0) {
+                hc = xs_dict_get(req, "host");
+                /* if there is no host header or some garbage like
+                   address:host has arrived here due to misconfiguration,
+                   signature verify will totally fail, so let's Leroy Jenkins
+                   with the global server hostname instead */
+                if (hc == NULL || xs_str_in(hc, ":") != -1)
+                    hc = xs_dict_get(srv_config, "host");
+                ss = xs_fmt("host: %s", hc);
+            }
            else {
                /* add the header */
                if ((hc = xs_dict_get(req, v)) == NULL) {
author	default	2024-01-03 09:22:07 +0100
committer	default	2024-01-03 09:22:07 +0100
commit	607335aa741d01230bde873adf420b2cf85ce89f (patch)
tree	494f5ba291ace13d9a7b65f7c652faad8a75c34e /http.c
parent	Made check_signature() a bit clearer. (diff)
download	penes-snac2-607335aa741d01230bde873adf420b2cf85ce89f.tar.gz penes-snac2-607335aa741d01230bde873adf420b2cf85ce89f.tar.xz penes-snac2-607335aa741d01230bde873adf420b2cf85ce89f.zip

diff --git a/http.c b/http.c index da613ec..16b15c8 100644 --- a/http.c +++ b/http.c
@@ -223,6 +223,19 @@ int check_signature(xs_dict req, xs_str *err)
223	if (strcmp(v, "(expires)") == 0) {	223	if (strcmp(v, "(expires)") == 0) {
224	ss = xs_fmt("%s: %s", v, expires);	224	ss = xs_fmt("%s: %s", v, expires);
225	}	225	}
		226	else
		227	if (strcmp(v, "host") == 0) {
		228	hc = xs_dict_get(req, "host");
		229
		230	/* if there is no host header or some garbage like
		231	address:host has arrived here due to misconfiguration,
		232	signature verify will totally fail, so let's Leroy Jenkins
		233	with the global server hostname instead */
		234	if (hc == NULL \|\| xs_str_in(hc, ":") != -1)
		235	hc = xs_dict_get(srv_config, "host");
		236
		237	ss = xs_fmt("host: %s", hc);
		238	}
226	else {	239	else {
227	/* add the header */	240	/* add the header */
228	if ((hc = xs_dict_get(req, v)) == NULL) {	241	if ((hc = xs_dict_get(req, v)) == NULL) {