commit 607335aa741d01230bde873adf420b2cf85ce89f
parent 6bd8aed25d5d544927a404f8e3ce7cd8d4b839ce
Author: default <nobody@localhost>
Date: Wed, 3 Jan 2024 09:22:07 +0100
Try to avoid host header misconfigurations in check_signature().
Diffstat:
1 file changed, 13 insertions(+), 0 deletions(-)
diff --git a/http.c b/http.c
@@ -223,6 +223,19 @@ int check_signature(xs_dict *req, xs_str **err)
if (strcmp(v, "(expires)") == 0) {
ss = xs_fmt("%s: %s", v, expires);
}
+ else
+ if (strcmp(v, "host") == 0) {
+ hc = xs_dict_get(req, "host");
+
+ /* if there is no host header or some garbage like
+ address:host has arrived here due to misconfiguration,
+ signature verify will totally fail, so let's Leroy Jenkins
+ with the global server hostname instead */
+ if (hc == NULL || xs_str_in(hc, ":") != -1)
+ hc = xs_dict_get(srv_config, "host");
+
+ ss = xs_fmt("host: %s", hc);
+ }
else {
/* add the header */
if ((hc = xs_dict_get(req, v)) == NULL) {
