adam/flenser
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Manage a string in HTTP TLS core.

Browse Source
This commit is contained in:
ADAM David Alan Martin
2025-04-12 03:07:10 -04:00
parent 446b12f5f7
commit d1d4653477
1 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
src/hsts.cc
View File

@ -34,6 +34,8 @@
#include "../dlib/dlib.h" #include "../dlib/dlib.h"
#include "IO/tls.hh" #include "IO/tls.hh"
#include <string>
typedef struct { typedef struct {
char *host; char *host;
time_t expires_at; time_t expires_at;
@ -141,9 +143,9 @@ static void Hsts_set_policy(const char *host, long max_age, bool_t subdomains)
/** /**
* Read the next attribute. * Read the next attribute.
*/ */
static char *Hsts_parse_attr(const char **header_str) static std::string Hsts_parse_attr(const char **header_str)
{ {
const char *str; std::string str;
uint_t len; uint_t len;
while (dIsspace(**header_str)) while (dIsspace(**header_str))
@ -151,12 +153,12 @@ static char *Hsts_parse_attr(const char **header_str)
str = *header_str; str = *header_str;
/* find '=' at end of attr, ';' after attr/val pair, '\0' end of string */ /* find '=' at end of attr, ';' after attr/val pair, '\0' end of string */
len = strcspn(str, "=;"); len = strcspn(str.c_str(), "=;");
*header_str += len; *header_str += len;
while (len && (str[len - 1] == ' ' || str[len - 1] == '\t')) while (len && (str[len - 1] == ' ' || str[len - 1] == '\t'))
len--; len--;
return dStrndup(str, len); return str.substr( 0, len );
} }
/** /**
@ -214,14 +216,14 @@ void a_Hsts_set(const char *header, const DilloUrl *url)
/* Iterate until there is nothing left of the string */ /* Iterate until there is nothing left of the string */
while (*header) { while (*header) {
char *attr; std::string attr;
char *value; char *value;
/* Get attribute */ /* Get attribute */
attr = Hsts_parse_attr(&header); attr = Hsts_parse_attr(&header);
/* Get the value for the attribute and store it */ /* Get the value for the attribute and store it */
if (dStrAsciiCasecmp(attr, "max-age") == 0) { if (dStrAsciiCasecmp(attr.c_str(), "max-age") == 0) {
value = Hsts_parse_value(&header); value = Hsts_parse_value(&header);
if (isdigit(*value)) { if (isdigit(*value)) {
errno = 0; errno = 0;
@ -231,21 +233,19 @@ void a_Hsts_set(const char *header, const DilloUrl *url)
max_age_valid = TRUE; max_age_valid = TRUE;
} }
dFree(value); dFree(value);
} else if (dStrAsciiCasecmp(attr, "includeSubDomains") == 0) { } else if (dStrAsciiCasecmp(attr.c_str(), "includeSubDomains") == 0) {
subdomains = TRUE; subdomains = TRUE;
Hsts_eat_value(&header); Hsts_eat_value(&header);
} else if (dStrAsciiCasecmp(attr, "preload") == 0) { } else if (dStrAsciiCasecmp(attr.c_str(), "preload") == 0) {
/* 'preload' is not part of the RFC, but what does google care for /* 'preload' is not part of the RFC, but what does google care for
* standards? They require that 'preload' be specified by a domain * standards? They require that 'preload' be specified by a domain
* in order to be added to their preload list. * in order to be added to their preload list.
*/ */
} else { } else {
MSG("HSTS: header contains unknown attribute: '%s'\n", attr); MSG("HSTS: header contains unknown attribute: '%s'\n", attr.c_str());
Hsts_eat_value(&header); Hsts_eat_value(&header);
} }
dFree(attr);
if (*header == ';') if (*header == ';')
header++; header++;
} }