Commit 74e3399d authored by Julien CROUZET's avatar Julien CROUZET

ePirat review changes

parent 74153ca1
......@@ -2180,7 +2180,7 @@ static void _parse_cors(xmlDocPtr doc,
break;
}
path->base = base;
if (_parse_cors_path(doc, node, path)) {
if (!_parse_cors_path(doc, node, path)) {
base = NULL;
if (!*cors_paths) {
*cors_paths = path;
......@@ -2226,95 +2226,108 @@ static int _parse_cors_path(xmlDocPtr doc,
xmlNodePtr node,
ice_config_cors_path_t *cors_path)
{
int allowed_count = 0;
int forbidden_count = 0;
int exposed_headers_count = 0;
xmlNodePtr tmpNode = node->xmlChildrenNode;
int allowed_count = 0;
int forbidden_count = 0;
int exposed_headers_count = 0;
xmlNodePtr tmpNode = node->xmlChildrenNode;
while ((tmpNode = tmpNode->next)) {
if (tmpNode == NULL)
break;
if (!tmpNode->name)
continue;
if (xmlStrcmp(tmpNode->name, XMLSTR("no-cors")) == 0) {
cors_path->no_cors = 1;
return 1;
while ((tmpNode = tmpNode->next)) {
if (tmpNode == NULL)
break;
if (!tmpNode->name)
continue;
if (xmlStrcmp(tmpNode->name, XMLSTR("no-cors")) == 0) {
cors_path->no_cors = 1;
return 0;
}
if (xmlIsBlankNode(tmpNode))
continue;
if (xmlStrcmp(tmpNode->name, XMLSTR("allowed-origin")) == 0) {
allowed_count++;
continue;
}
if (xmlStrcmp(tmpNode->name, XMLSTR("forbidden-origin")) == 0) {
forbidden_count++;
continue;
}
if (xmlStrcmp(tmpNode->name, XMLSTR("exposed-header")) == 0) {
exposed_headers_count++;
continue;
}
}
if (xmlIsBlankNode(tmpNode))
continue;
if (xmlStrcmp(tmpNode->name, XMLSTR("allowed-origin")) == 0) {
allowed_count++;
continue;
if (!allowed_count && !forbidden_count && !exposed_headers_count) {
return 1;
}
if (xmlStrcmp(tmpNode->name, XMLSTR("forbidden-origin")) == 0) {
forbidden_count++;
continue;
if (allowed_count) {
cors_path->allowed = calloc(allowed_count + 1, sizeof(char *));
if (!cors_path->allowed) {
ICECAST_LOG_ERROR("Out of memory while parsing config file");
return 1;
}
cors_path->allowed[allowed_count] = NULL;
}
if (xmlStrcmp(tmpNode->name, XMLSTR("exposed-header")) == 0) {
exposed_headers_count++;
continue;
if (forbidden_count) {
cors_path->forbidden = calloc(forbidden_count + 1, sizeof(char *));
if (!cors_path->forbidden) {
ICECAST_LOG_ERROR("Out of memory while parsing config file");
if (cors_path->allowed)
free(cors_path->allowed);
return 1;
}
cors_path->forbidden[forbidden_count] = NULL;
}
}
if (!allowed_count && !forbidden_count && !exposed_headers_count) {
return 0;
}
if (allowed_count) {
cors_path->allowed = calloc(allowed_count + 1, sizeof(char *));
cors_path->allowed[allowed_count] = NULL;
}
if (forbidden_count) {
cors_path->forbidden = calloc(forbidden_count + 1, sizeof(char *));
cors_path->forbidden[forbidden_count] = NULL;
}
tmpNode = node->xmlChildrenNode;
allowed_count = forbidden_count = exposed_headers_count = 0;
tmpNode = node->xmlChildrenNode;
allowed_count = forbidden_count = exposed_headers_count = 0;
while ((tmpNode = tmpNode->next)) {
if (tmpNode == NULL)
break;
if (!tmpNode->name)
continue;
if (xmlIsBlankNode(tmpNode))
continue;
if (xmlStrcmp(tmpNode->name, XMLSTR("allowed-origin")) == 0) {
cors_path->allowed[allowed_count++] = (char *)xmlNodeListGetString(doc, tmpNode->xmlChildrenNode, 1);
continue;
}
if (xmlStrcmp(tmpNode->name, XMLSTR("forbidden-origin")) == 0) {
cors_path->forbidden[forbidden_count++] = (char *)xmlNodeListGetString(doc, tmpNode->xmlChildrenNode, 1);
continue;
}
if (xmlStrcmp(tmpNode->name, XMLSTR("exposed-header")) == 0) {
char *orig_value = (char *)xmlNodeListGetString(doc, tmpNode->xmlChildrenNode, 1);
int first_value = 1;
if (!cors_path->exposed_headers) {
cors_path->exposed_headers = calloc(strlen(orig_value) + 1, sizeof(char));
} else {
cors_path->exposed_headers = realloc(
cors_path->exposed_headers,
(strlen(cors_path->exposed_headers) + strlen(orig_value) + 3)
);
first_value = 0;
}
if (!cors_path->exposed_headers) {
ICECAST_LOG_ERROR("Out of memory while parsing config file");
break;
}
if (!first_value) {
cors_path->exposed_headers = strcat(cors_path->exposed_headers, ", ");
}
cors_path->exposed_headers = strcat(cors_path->exposed_headers, orig_value);
xmlFree(orig_value);
continue;
while ((tmpNode = tmpNode->next)) {
if (tmpNode == NULL)
break;
if (!tmpNode->name)
continue;
if (xmlIsBlankNode(tmpNode))
continue;
if (xmlStrcmp(tmpNode->name, XMLSTR("allowed-origin")) == 0) {
cors_path->allowed[allowed_count++] = (char *)xmlNodeListGetString(doc, tmpNode->xmlChildrenNode, 1);
continue;
}
if (xmlStrcmp(tmpNode->name, XMLSTR("forbidden-origin")) == 0) {
cors_path->forbidden[forbidden_count++] = (char *)xmlNodeListGetString(doc, tmpNode->xmlChildrenNode, 1);
continue;
}
if (xmlStrcmp(tmpNode->name, XMLSTR("exposed-header")) == 0) {
char *orig_value = (char *)xmlNodeListGetString(doc, tmpNode->xmlChildrenNode, 1);
int first_value = 1;
if (!cors_path->exposed_headers) {
cors_path->exposed_headers = calloc(strlen(orig_value) + 1, sizeof(char));
} else {
cors_path->exposed_headers = realloc(
cors_path->exposed_headers,
(strlen(cors_path->exposed_headers) + strlen(orig_value) + 3)
);
first_value = 0;
}
if (!cors_path->exposed_headers) {
ICECAST_LOG_ERROR("Out of memory while parsing config file");
if (cors_path->allowed)
free(cors_path->allowed);
if (cors_path->forbidden)
free(cors_path->forbidden);
return 1;
}
if (!first_value)
cors_path->exposed_headers = strcat(cors_path->exposed_headers, ", ");
cors_path->exposed_headers = strcat(cors_path->exposed_headers, orig_value);
xmlFree(orig_value);
continue;
}
}
}
_cors_sort_origins_by_length_desc(cors_path->allowed);
_cors_sort_origins_by_length_desc(cors_path->forbidden);
_cors_sort_origins_by_length_desc(cors_path->allowed);
_cors_sort_origins_by_length_desc(cors_path->forbidden);
return 1;
return 0;
}
void config_clear_cors(ice_config_cors_path_t *cors_paths)
......
......@@ -299,9 +299,16 @@ void client_send_101(client_t *client, reuse_t reuse)
/* Sends an empty 204 response (for OPTIONS) */
void client_send_204(client_t *client)
{
ssize_t ret;
ssize_t ret;
char *message;
message = calloc(PER_CLIENT_REFBUF_SIZE, sizeof(char));
ret = util_http_build_header(client->refbuf->data, // Response buffer
if (!message) {
client_send_500(client, "Unable to allocate memory for response");
return;
}
ret = util_http_build_header(message, // Response buffer
PER_CLIENT_REFBUF_SIZE, // Buffer size
0, // Offset
0, // Prevent cache
......@@ -314,14 +321,15 @@ void client_send_204(client_t *client)
client);
if (ret == -1 || ret >= PER_CLIENT_REFBUF_SIZE) {
ICECAST_LOG_ERROR("Dropping client as we can not build response headers.");
client_send_500(client, "Header generation failed.");
return;
free(message);
ICECAST_LOG_ERROR("Dropping client as we can not build response headers.");
client_send_500(client, "Header generation failed.");
return;
}
client->respcode = 204;
client->refbuf->len = strlen(client->refbuf->data);
fserve_add_client(client, NULL);
client_send_bytes(client, message, strlen(message));
client_destroy(client);
free(message);
}
void client_send_426(client_t *client, reuse_t reuse)
......
......@@ -1156,7 +1156,7 @@ static void _handle_authed_client(client_t *client, void *uri, auth_result resul
// for preflighted request
req_type = client->parser->req_type;
if (strstr(client->parser->uri, "/admin/") != client->parser->uri) {
req_type = httpp_req_get;
req_type = httpp_req_get;
}
if (acl_test_method(client->acl, req_type) != ACL_POLICY_ALLOW) {
ICECAST_LOG_ERROR("Client (role=%s, username=%s) not allowed to use this request method on %H", client->role, client->username, uri);
......@@ -1177,7 +1177,7 @@ static void _handle_authed_client(client_t *client, void *uri, auth_result resul
_handle_get_request(client, uri);
break;
case httpp_req_options:
client_send_204(client);
client_send_204(client);
break;
default:
ICECAST_LOG_ERROR("Wrong request type from client");
......
This diff is collapsed.
......@@ -3,12 +3,7 @@
* This program is distributed under the GNU General Public License, version 2.
* A copy of this license is included with this source.
*
* Copyright 2000-2004, Jack Moffitt <jack@xiph.org,
* Michael Smith <msmith@xiph.org>,
* oddsock <oddsock@xiph.org>,
* Karl Heyes <karl@xiph.org>
* and others (see AUTHORS for details).
* Copyright 2014, Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>,
* Copyright 2017, Julien CROUZET <contact@juliencrouzet.fr>
*/
#ifndef __CORS_H__
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment