You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2010/08/10 21:11:40 UTC
svn commit: r984172 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS
server/vhost.c
Author: jim
Date: Tue Aug 10 19:11:40 2010
New Revision: 984172
URL: http://svn.apache.org/viewvc?rev=984172&view=rev
Log:
Merge r832172 from trunk:
Vhosts: treating a pure-numeric Host header as a port is nonsense.
PR 44979
Submitted by: niq
Reviewed/backported by: jim
Modified:
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/STATUS
httpd/httpd/branches/2.2.x/server/vhost.c
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=984172&r1=984171&r2=984172&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Tue Aug 10 19:11:40 2010
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.2.17
+ *) vhost: A purely-numeric Host: header should not be treated as a port.
+ PR 44979 [Nick Kew]
+
*) core: (re)-introduce -T commandline option to suppress documentroot
check at startup.
PR 41887 [Jan van den Berg <janvdberg gmail.com>]
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=984172&r1=984171&r2=984172&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Tue Aug 10 19:11:40 2010
@@ -87,11 +87,6 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * VHosts: fix parsing of pure-numeric hostname.
- PR 44979
- Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=832172
- 2.2 patch: trunk patch Works with offset.
- +1: niq, rpluem, jim
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
Modified: httpd/httpd/branches/2.2.x/server/vhost.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/server/vhost.c?rev=984172&r1=984171&r2=984172&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/server/vhost.c (original)
+++ httpd/httpd/branches/2.2.x/server/vhost.c Tue Aug 10 19:11:40 2010
@@ -706,25 +706,27 @@ static void fix_hostname(request_rec *r)
char *dst;
apr_port_t port;
apr_status_t rv;
+ const char *c;
/* According to RFC 2616, Host header field CAN be blank. */
if (!*r->hostname) {
return;
}
+ /* apr_parse_addr_port will interpret a bare integer as a port
+ * which is incorrect in this context. So treat it separately.
+ */
+ for (c = r->hostname; apr_isdigit(*c); ++c);
+ if (!*c) { /* pure integer */
+ return;
+ }
+
rv = apr_parse_addr_port(&host, &scope_id, &port, r->hostname, r->pool);
if (rv != APR_SUCCESS || scope_id) {
goto bad;
}
- if (!host && port) {
- /* silly looking host ("Host: 123") but that isn't our job
- * here to judge; apr_parse_addr_port() would think we had a port
- * but no address
- */
- host = apr_itoa(r->pool, (int)port);
- }
- else if (port) {
+ if (port) {
/* Don't throw the Host: header's port number away:
save it in parsed_uri -- ap_get_server_port() needs it! */
/* @@@ XXX there should be a better way to pass the port.