Commit 1f905a0f authored by Stewart Brodie's avatar Stewart Brodie
Browse files

Cookie header parser tweaked to strip redundant characters.

  Updated version number control to srccommit.
  AcornSSL version mismatch detection code added for safety.
  No longer enables event generation for HTTP sockets.
Detail:
  * Cookie parser was getting confused by a trailing ; character on
  the end of set-cookie headers being sent to it by the Electronics
  Weekly web server.  This meant that it was rejecting the key
  cookie being used to control access to the site thus preventing
  people from accessing the site.
  * AcornHTTP now checks that the AcornSSL module is implementing a
  known SWI interface (the AcornSSL SWI interface changed in 0.03)
  * No longer uses ioctl(..FIOASYNC..) to enable event generation as
  the events aren't required and it wastes system resource to have
  them going off.
  * Makefile contains rules for generating .i files suitable for
  feeding to the McCabe toolset.
Admin:
  Built from clean; tested on Ursula & 3.70; verified access to
  Electronics Weekly (www.electronicsweekly.co.uk) now works.

Version 0.83. Tagged as 'HTTP-0_83'
parent 1298f1cf
......@@ -52,6 +52,7 @@ WIPE = -wipe
CPFLAGS = ~cfr~v
WFLAGS = ~c~v
MCFLAGS = -C -E
CFLAGS = -c -depend !Depend ${INCLUDES} -zM -Wp -ffah -zps1 ${DFLAGS}
DFLAGS = -D${SYSTEM} -DCOMPAT_INET4 -DCOOKIE -DCOMPRESSION -UTML
......@@ -119,6 +120,29 @@ RAM_OBJS =\
o.writedata\
o.HTTPHdr
MCCABE_OBJS =\
i.config\
i.connect\
i.connpool\
i.cookie\
i.dates\
i.decompress\
i.dns\
i.generic\
i.header\
i.hosttrack\
i.module\
i.protocol\
i.readdata\
i.security\
i.ses_ctrl\
i.start\
i.status\
i.stop\
i.URLclient\
i.utils\
i.writedata
DBG_OBJS =\
od.config\
......@@ -149,11 +173,12 @@ MSGSF=o.msgs
#
# Rule patterns
#
.SUFFIXES: .o .od .c
.SUFFIXES: .o .od .i .c
.c.o:; ${CC} ${CFLAGS} ${ROMFLAGS} -o $@ $<
.c.od:; ${CC} ${CFLAGS} ${ROMFLAGS} ${DEBFLAGS} -o $@ $<
.cmhg.o:; ${CMHG} -o $@ $< -d $*.h
.c.i:; ${CC} ${MCFLAGS} ${CFLAGS} ${ROMFLAGS} >$@ $<
.cmhg.o:; ${CMHG} -o $@ $< -p -d $*.h
HTTPHdr.h: HTTPHdr.o
@|
......@@ -171,6 +196,9 @@ ramtrace: ${DBG_MODULE}
rom: ${ROM_MODULE}
@echo ${COMPONENT}: Module built (ROM)
mccabe: ${MCCABE_OBJS}
@echo ${COMPONENT}: McCabe sources build (Disc)
install_rom: ${ROM_MODULE}
${CP} ${ROM_MODULE} ${INSTDIR}.${COMPONENT} ${CPFLAGS}
@echo ${COMPONENT}: Module installed (ROM)
......
E00:Remote host not found. Please check the URL.
E01:Connection timed out. Please retry in a while.
E02:Timeout reading data.
E03:An error occurred whilst fetching an HTTP URL.
E04:Bad session pointer passed to HTTP module.
E05:Unable to connect to remote host.
E06:Method not supported by HTTP.
E00:Remote host not found. Please check the URL
E01:Connection timed out. Please retry in a while
E02:Timeout reading data
E03:An error occurred whilst fetching an HTTP URL
E04:Bad session pointer passed to HTTP module
E05:Unable to connect to remote host
E06:Method not supported by HTTP
E07:Unable to initiate fetch
E08:Unable to parse URL.
E09:Remote proxy not found. Please check the proxy settings.
E0a:Security support not present.
E08:Unable to parse URL
E09:Remote proxy not found. Please check the proxy settings
E0a:Security support module not present
/* (0.82)
/* (0.83)
*
* This file is automatically maintained by srccommit, do not edit manually.
*
*/
#define Module_MajorVersion_CMHG 0.82
#define Module_MajorVersion_CMHG 0.83
#define Module_MinorVersion_CMHG
#define Module_Date_CMHG 07 May 1998
#define Module_Date_CMHG 24 Aug 1998
#define Module_MajorVersion "0.82"
#define Module_Version 82
#define Module_MajorVersion "0.83"
#define Module_Version 83
#define Module_MinorVersion ""
#define Module_Date "07 May 1998"
#define Module_Date "24 Aug 1998"
......@@ -49,7 +49,12 @@ static int make_sock_nonblocking(Session *ses, int fd)
int (*s_ioctl)(int, unsigned long, ...) = ses->op->s_ioctl;
if (s_ioctl(fd, FIONBIO, &one) < 0) return 0;
#if 0
/* sbrodie: We do not use these events - so why waste time enabling
* then in the first place?
*/
if (s_ioctl(fd, FIOASYNC, &one) < 0) return 0; /* Causes Internet events */
#endif
return 1;
}
......
......@@ -1484,7 +1484,7 @@ static int cookie_get_next_arg(char **pcp, char **val, char **pep, char*term)
*--ep = 0;
}
*val = tp; /* tell caller where the value is stored */
#ifdef TRACE
#if 0
cookie_debug("Found an arg: `%s' ==> `%s'\n", *pcp, tp);
#endif
return 1;
......@@ -1548,7 +1548,8 @@ static void act_on_cookie(char *string, Session *s, char *host, char *path)
for (; cookie_get_next_arg(&string, &value, &next, &next_term); string = next, last_term = next_term) {
#ifdef TRACE
cookie_debug("Name = %s, Value = %s\n", string, value ? value : "<NONE>");
cookie_debug("Found an arg: '%s' => `%s'\n", string, value ? value : "<NONE>");
cookie_debug(" next = %p, next_term = %d, last_term = %d\n", next, next_term, last_term);
#endif
/* Now fill the name/value pair into the appropriate structure */
......@@ -1949,6 +1950,14 @@ void cookie_set_cookie(char *start_field, Session *s)
}
#endif
/* Strip spurious trailing data from the header */
{
char *find_end = strchr(start_field, '\0');
if (find_end != start_field) find_end--;
while (find_end != start_field && (isspace(*find_end) || strchr(";, \t", *find_end))) find_end--;
*(find_end+1) = NULL;
}
act_on_cookie(start_field, s, host, path);
if (host) {
......
......@@ -56,6 +56,10 @@ void security_init(void)
int security_ssl_arrived(int ver)
{
if (ver < 3) {
/* We do not support the 'old' interface */
return security_ssl_gone();
}
ssl_module_present = ver;
return ssl_module_present;
}
......
......@@ -16,12 +16,16 @@
; The module HTTP is used to send request to and receive data from an
; HTTP server in a multitasking manner.
;
#include "VersionNum"
; Title string
title-string: AcornHTTP
; Version information
help-string: Acorn_HTTP 0.82
help-string: Acorn_HTTP Module_MajorVersion_CMHG Module_MinorVersion_CMHG
; Build date information
date-string: Module_Date_CMHG
; Initialisation routine.
initialisation-code: module_init
......@@ -34,14 +38,14 @@ swi-chunk-base-number: &83F80
; SWI Names.
swi-decoding-table: HTTP,
GetData, Status, ReadData, Stop, NOP04, NOP05, NOP06, NOP07, NOP08, NOP09,
NOP10, NOP11, NOP12, NOP13, NOP14, NOP15,
GetData, Status, ReadData, Stop,
4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
SecureGetData, SecureStatus, SecureReadData, SecureStop,
NOP20, NOP21, NOP22, NOP23, NOP24, NOP25, NOP26, NOP27, NOP28, NOP29,
NOP30, NOP31, NOP32, NOP33, NOP34, NOP35, NOP36, NOP37, NOP38, NOP39,
NOP40, NOP41, NOP42, NOP43, NOP44, NOP45, NOP46, NOP47, NOP48, NOP49,
NOP50, NOP51, NOP52, NOP53, NOP54, NOP55, NOP56, NOP57, NOP58, NOP59,
NOP60, AddCookie, ConsumeCookie, EnumerateCookies
20, 21, 22, 23, 24, 25, 26, 27, 28, 29,
30, 31, 32, 33, 34, 35, 36, 37, 38, 39,
40, 41, 42, 43, 44, 45, 46, 47, 48, 49,
50, 51, 52, 53, 54, 55, 56, 57, 58, 59,
60, AddCookie, ConsumeCookie, EnumerateCookies
; SWI handler.
swi-handler-code: swi_handler
......@@ -49,10 +53,7 @@ swi-handler-code: swi_handler
; Service calls
service-call-handler: service_handler &83E00 &83E02
; Veneered entries for OS_CallEvery and OS_AddCallback handlers
vector-handlers: callevery_entry/callevery_handler,
callback_entry/callback_handler
date-string: 27 Apr 1998
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment