From: Nathan Wagner Date: Fri, 24 Apr 2020 09:27:29 +0000 (+0000) Subject: check for headers case insensitively X-Git-Url: https://pd.if.org/git/?p=zpackage;a=commitdiff_plain;h=4fb453f27963ef4a30d0b25a25fc7f419e30dde4 check for headers case insensitively The fetchurl program was looking for http headers with memcmp. That lead to a case sensitive search, the call to memcmp was replaced with strncasecmp. --- diff --git a/src/fetchurl.c b/src/fetchurl.c index f4ae8da..c8e3bec 100644 --- a/src/fetchurl.c +++ b/src/fetchurl.c @@ -16,6 +16,8 @@ #include "tlse.h" +#define DEBUG(lvl, ...) if (debuglevel >= lvl ) { fprintf(stderr, __VA_ARGS__); } + struct tls_uri { char *scheme; char *userinfo; @@ -55,6 +57,8 @@ static void hex(char *dst, uint8_t *src, size_t len) { } } +static int debuglevel = 0; + #if 0 static void hexbin(uint8_t *dst, unsigned char *src, size_t len) { size_t i; @@ -335,18 +339,26 @@ char *find_header(struct io *io, char *header, size_t *len) { *len = 0; hlen = strlen(header); + + /* TODO can't do this, buffer may not be zero terminated */ eoh = strstr(io->response.buffer, "\r\n\r\n"); if (!eoh) { return 0; } + soh = io->response.buffer; do { + /* skip the first line for some reason */ soh = strstr(soh, "\r\n"); if (soh == eoh) { break; } soh += 2; - if (!memcmp(soh, header, hlen)) { + /* done if not enough room */ + if (hlen > (size_t)(eoh - soh)) { + break; + } + if (!strncasecmp(soh, header, hlen)) { break; } } while (soh < eoh); @@ -413,6 +425,7 @@ void parse_header(struct io *io) { case 302: case 303: case 307: + DEBUG(1, "looking for Location header\n"); hval = find_header(io, "Location:", &hlen); if (hval) { io->redirect = strndup(hval, hlen); @@ -727,8 +740,9 @@ int main(int ac, char *av[]) { ltc_mp = tfm_desc; - while ((option = getopt(ac, av, "o:OrIfz:np#RL:SkKU:")) != -1) { + while ((option = getopt(ac, av, "do:OrIfz:np#RL:SkKU:")) != -1) { switch (option) { + case 'd': debuglevel++; break; case 'o': outfile = optarg; break; case 'O': calcoutfile = 1; break; case 'S': printstatus = 1; head = 1; break; @@ -841,6 +855,7 @@ int main(int ac, char *av[]) { if (!strcmp(uri.scheme, "https")) { use_tls = 1; + DEBUG(1, "creating tls context\n"); clientssl = tls_create_context(TLS_CLIENT, TLS_V12); /* optionally, we can set a certificate validation @@ -859,10 +874,14 @@ int main(int ac, char *av[]) { fprintf(stderr, "Error loading root certs\n"); return 1; } + DEBUG(1, "verifying ssl cert via roots\n"); tls_set_verify(clientssl, verify_roots); } else if (verifypolicy == 1) { + DEBUG(1, "verifying ssl cert via first use\n"); tls_set_verify(clientssl, verify_first); + DEBUG(1, "verified ssl cert via first use\n"); } else { + DEBUG(1, "verifying ssl cert via trust\n"); tls_set_verify(clientssl, verify_trust); } @@ -871,9 +890,11 @@ int main(int ac, char *av[]) { return -1; } tls_sni_set(clientssl, uri.host); + DEBUG(1, "set sni to %s\n", uri.host); clientssl->sync = 1; io.tls = clientssl; sockfd = open_tcp_connection(host, port); + DEBUG(1, "opened tcp socket fd %d\n", sockfd); if (sockfd < 0) { perror("can't open connection"); exit(EXIT_FAILURE); @@ -900,6 +921,7 @@ int main(int ac, char *av[]) { exit(EXIT_FAILURE); } + DEBUG(1, "wrote http request\n"); if (ret == -1) { fprintf(stderr, "unable to write http request: %s\n", strerror(errno)); exit(EXIT_FAILURE); @@ -913,12 +935,14 @@ int main(int ac, char *av[]) { eoh = strstr(io.response.buffer, "\r\n\r\n"); } if (!eoh) { + DEBUG(1, "filling buffer\n"); ret = fill_buffer(&io); if (ret <= 0) { break; } } } while (!eoh); + DEBUG(1, "got response\n"); if (!eoh) { /* never got (complete) header */ @@ -929,8 +953,10 @@ int main(int ac, char *av[]) { } header_len = (size_t)(eoh - io.response.buffer) + 4; + fprintf(stderr, "%*s\n", (int)header_len, io.response.buffer); parse_header(&io); + DEBUG(1, "parsed response header, code %d\n", io.status_code); switch (io.status_code) { case 304: @@ -940,8 +966,10 @@ int main(int ac, char *av[]) { case 302: case 303: case 307: + DEBUG(1, "redirecting to %s\n", io.redirect); free(url); url = strdup(io.redirect); + DEBUG(1, "redirecting to %s\n", url); close(io.socket); continue; break;