You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
151 lines
5.5 KiB
151 lines
5.5 KiB
From 5f543b36b2b05cbe52a9861ad7cb15e0a7c78c80 Mon Sep 17 00:00:00 2001 |
|
From: Daniel Stenberg <daniel@haxx.se> |
|
Date: Tue, 21 May 2013 23:28:59 +0200 |
|
Subject: [PATCH] Curl_cookie_add: handle IPv6 hosts |
|
|
|
1 - don't skip host names with a colon in them in an attempt to bail out |
|
on HTTP headers in the cookie file parser. It was only a shortcut anyway |
|
and trying to parse a file with HTTP headers will still be handled, only |
|
slightly slower. |
|
|
|
2 - don't skip domain names based on number of dots. The original |
|
netscape cookie spec had this oddity mentioned and while our code |
|
decreased the check to only check for two, the existing cookie spec has |
|
no such dot counting required. |
|
|
|
Bug: http://curl.haxx.se/bug/view.cgi?id=1221 |
|
Reported-by: Stefan Neis |
|
|
|
Upstream-commit: 85b9dc80232d1d7d48ee4dea6db5a2263ee68efd |
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com> |
|
--- |
|
lib/cookie.c | 93 +++++++++++++++++------------------------------------------- |
|
1 file changed, 26 insertions(+), 67 deletions(-) |
|
|
|
diff --git a/lib/cookie.c b/lib/cookie.c |
|
index 764bbc9..956efd4 100644 |
|
--- a/lib/cookie.c |
|
+++ b/lib/cookie.c |
|
@@ -347,6 +347,9 @@ static bool isip(const char *domain) |
|
* |
|
* Add a single cookie line to the cookie keeping object. |
|
* |
|
+ * Be aware that sometimes we get an IP-only host name, and that might also be |
|
+ * a numerical IPv6 address. |
|
+ * |
|
***************************************************************************/ |
|
|
|
struct Cookie * |
|
@@ -458,73 +461,35 @@ Curl_cookie_add(struct SessionHandle *data, |
|
} |
|
} |
|
else if(Curl_raw_equal("domain", name)) { |
|
- /* note that this name may or may not have a preceding dot, but |
|
- we don't care about that, we treat the names the same anyway */ |
|
- |
|
- const char *domptr=whatptr; |
|
- const char *nextptr; |
|
- int dotcount=1; |
|
+ bool is_ip; |
|
|
|
- /* Count the dots, we need to make sure that there are enough |
|
- of them. */ |
|
+ /* Now, we make sure that our host is within the given domain, |
|
+ or the given domain is not valid and thus cannot be set. */ |
|
|
|
if('.' == whatptr[0]) |
|
- /* don't count the initial dot, assume it */ |
|
- domptr++; |
|
- |
|
- do { |
|
- nextptr = strchr(domptr, '.'); |
|
- if(nextptr) { |
|
- if(domptr != nextptr) |
|
- dotcount++; |
|
- domptr = nextptr+1; |
|
+ whatptr++; /* ignore preceding dot */ |
|
+ |
|
+ is_ip = isip(domain ? domain : whatptr); |
|
+ |
|
+ if(!domain |
|
+ || (is_ip && !strcmp(whatptr, domain)) |
|
+ || (!is_ip && tailmatch(whatptr, domain))) { |
|
+ strstore(&co->domain, whatptr); |
|
+ if(!co->domain) { |
|
+ badcookie = TRUE; |
|
+ break; |
|
} |
|
- } while(nextptr); |
|
- |
|
- /* The original Netscape cookie spec defined that this domain name |
|
- MUST have three dots (or two if one of the seven holy TLDs), |
|
- but it seems that these kinds of cookies are in use "out there" |
|
- so we cannot be that strict. I've therefore lowered the check |
|
- to not allow less than two dots. */ |
|
- |
|
- if(dotcount < 2) { |
|
- /* Received and skipped a cookie with a domain using too few |
|
- dots. */ |
|
- badcookie=TRUE; /* mark this as a bad cookie */ |
|
- infof(data, "skipped cookie with illegal dotcount domain: %s\n", |
|
- whatptr); |
|
+ if(!is_ip) |
|
+ co->tailmatch=TRUE; /* we always do that if the domain name was |
|
+ given */ |
|
} |
|
else { |
|
- bool is_ip; |
|
- |
|
- /* Now, we make sure that our host is within the given domain, |
|
- or the given domain is not valid and thus cannot be set. */ |
|
- |
|
- if('.' == whatptr[0]) |
|
- whatptr++; /* ignore preceding dot */ |
|
- |
|
- is_ip = isip(domain ? domain : whatptr); |
|
- |
|
- if(!domain |
|
- || (is_ip && !strcmp(whatptr, domain)) |
|
- || (!is_ip && tailmatch(whatptr, domain))) { |
|
- strstore(&co->domain, whatptr); |
|
- if(!co->domain) { |
|
- badcookie = TRUE; |
|
- break; |
|
- } |
|
- if(!is_ip) |
|
- co->tailmatch=TRUE; /* we always do that if the domain name was |
|
- given */ |
|
- } |
|
- else { |
|
- /* we did not get a tailmatch and then the attempted set domain |
|
- is not a domain to which the current host belongs. Mark as |
|
- bad. */ |
|
- badcookie=TRUE; |
|
- infof(data, "skipped cookie with bad tailmatch domain: %s\n", |
|
- whatptr); |
|
- } |
|
+ /* we did not get a tailmatch and then the attempted set domain |
|
+ is not a domain to which the current host belongs. Mark as |
|
+ bad. */ |
|
+ badcookie=TRUE; |
|
+ infof(data, "skipped cookie with bad tailmatch domain: %s\n", |
|
+ whatptr); |
|
} |
|
} |
|
else if(Curl_raw_equal("version", name)) { |
|
@@ -696,12 +661,6 @@ Curl_cookie_add(struct SessionHandle *data, |
|
|
|
firstptr=strtok_r(lineptr, "\t", &tok_buf); /* tokenize it on the TAB */ |
|
|
|
- /* Here's a quick check to eliminate normal HTTP-headers from this */ |
|
- if(!firstptr || strchr(firstptr, ':')) { |
|
- free(co); |
|
- return NULL; |
|
- } |
|
- |
|
/* Now loop through the fields and init the struct we already have |
|
allocated */ |
|
for(ptr=firstptr, fields=0; ptr && !badcookie; |
|
-- |
|
2.5.5 |
|
|
|
|