feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fix for processing HTTP responses to accept a list of application strings. Specifically for CRL which has both "application/pkix-crl" and "application/x-pkcs7-crl". Both CRL formats are the same and both parse correctly. Applies to --enable-crl with HAVE_CRL_IO only.

Browse Source
This commit is contained in:
David Garske
2017-12-19 09:54:03 -08:00
parent 9a6a4f6e02
commit 05d0176b84
2 changed files with 28 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/wolfio.c
View File

@ -933,7 +933,7 @@ static int wolfIO_HttpProcessResponseBuf(int sfd, byte **recvBuf, int* recvBufSz
return 0; return 0;
} }
int wolfIO_HttpProcessResponse(int sfd, const char* appStr, int wolfIO_HttpProcessResponse(int sfd, const char** appStrList,
byte** respBuf, byte* httpBuf, int httpBufSz, int dynType, void* heap) byte** respBuf, byte* httpBuf, int httpBufSz, int dynType, void* heap)
{ {
int result = 0; int result = 0;
@ -1016,9 +1016,21 @@ int wolfIO_HttpProcessResponse(int sfd, const char* appStr,
case phr_have_length: case phr_have_length:
case phr_have_type: case phr_have_type:
if (XSTRNCASECMP(start, "Content-Type:", 13) == 0) { if (XSTRNCASECMP(start, "Content-Type:", 13) == 0) {
int i;
start += 13; start += 13;
while (*start == ' ' && *start != '\0') start++; while (*start == ' ' && *start != '\0') start++;
if (XSTRNCASECMP(start, appStr, XSTRLEN(appStr)) != 0) {
/* try and match against appStrList */
i = 0;
while (appStrList[i] != NULL) {
if (XSTRNCASECMP(start, appStrList[i],
XSTRLEN(appStrList[i])) == 0) {
break;
}
i++;
}
if (appStrList[i] == NULL) {
WOLFSSL_MSG("wolfIO_HttpProcessResponse appstr mismatch"); WOLFSSL_MSG("wolfIO_HttpProcessResponse appstr mismatch");
return -1; return -1;
} }
@ -1168,7 +1180,12 @@ int wolfIO_HttpBuildRequestOcsp(const char* domainName, const char* path,
int wolfIO_HttpProcessResponseOcsp(int sfd, byte** respBuf, int wolfIO_HttpProcessResponseOcsp(int sfd, byte** respBuf,
byte* httpBuf, int httpBufSz, void* heap) byte* httpBuf, int httpBufSz, void* heap)
{ {
return wolfIO_HttpProcessResponse(sfd, "application/ocsp-response", const char* appStrList[] = {
"application/ocsp-response",
NULL
};
return wolfIO_HttpProcessResponse(sfd, appStrList,
respBuf, httpBuf, httpBufSz, DYNAMIC_TYPE_OCSP, heap); respBuf, httpBuf, httpBufSz, DYNAMIC_TYPE_OCSP, heap);
} }
@ -1277,7 +1294,13 @@ int wolfIO_HttpProcessResponseCrl(WOLFSSL_CRL* crl, int sfd, byte* httpBuf,
int result; int result;
byte *respBuf = NULL; byte *respBuf = NULL;
result = wolfIO_HttpProcessResponse(sfd, "application/pkix-crl", const char* appStrList[] = {
"application/pkix-crl",
"application/x-pkcs7-crl",
NULL
};
result = wolfIO_HttpProcessResponse(sfd, appStrList,
&respBuf, httpBuf, httpBufSz, DYNAMIC_TYPE_CRL, crl->heap); &respBuf, httpBuf, httpBufSz, DYNAMIC_TYPE_CRL, crl->heap);
if (result >= 0) { if (result >= 0) {
result = BufferLoadCRL(crl, respBuf, result, WOLFSSL_FILETYPE_ASN1, 0); result = BufferLoadCRL(crl, respBuf, result, WOLFSSL_FILETYPE_ASN1, 0);

2
wolfssl/wolfio.h
View File

@ -345,7 +345,7 @@ WOLFSSL_API int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags);
WOLFSSL_API int wolfIO_HttpBuildRequest(const char* reqType, WOLFSSL_API int wolfIO_HttpBuildRequest(const char* reqType,
const char* domainName, const char* path, int pathLen, int reqSz, const char* domainName, const char* path, int pathLen, int reqSz,
const char* contentType, unsigned char* buf, int bufSize); const char* contentType, unsigned char* buf, int bufSize);
WOLFSSL_API int wolfIO_HttpProcessResponse(int sfd, const char* appStr, WOLFSSL_API int wolfIO_HttpProcessResponse(int sfd, const char** appStrList,
unsigned char** respBuf, unsigned char* httpBuf, int httpBufSz, unsigned char** respBuf, unsigned char* httpBuf, int httpBufSz,
int dynType, void* heap); int dynType, void* heap);
#endif /* HAVE_HTTP_CLIENT */ #endif /* HAVE_HTTP_CLIENT */