httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roy T. Fielding" <field...@kiwi.ICS.UCI.EDU>
Subject more CGI bug fixes
Date Sun, 24 Nov 1996 03:18:48 GMT
The following is a fix for the bug reported by Charles Orth
(corth@cnri.reston.va.us) on 25 Oct 1996 apache-bugs@mail.apache.org.
It is a critical protocol bug (says the protocol cop).

.....Roy

===================================================================
*** http_protocol.c     Sat Nov 23 18:34:02 1996
--- tt  Sat Nov 23 19:03:50 1996
***************
*** 206,220 ****
  
  int set_keepalive(request_rec *r)
  {
!     char *conn = table_get (r->headers_in, "Connection");
!     char *length = table_get (r->headers_out, "Content-length");
      int ka_sent;
  
      if (r->connection->keepalive == -1)  /* Did we get bad input? */
          r->connection->keepalive = 0;
      else if ((r->server->keep_alive > r->connection->keepalives) &&
        (r->server->keep_alive_timeout > 0) &&
!       (r->header_only || length ||
         ((r->proto_num >= 1001) && (r->byterange > 1 || (r->chunked
= 1)))) &&
        (!find_token(r->pool, conn, "close")) &&
        ((ka_sent = find_token(r->pool, conn, "keep-alive")) ||
--- 206,221 ----
  
  int set_keepalive(request_rec *r)
  {
!     char *conn   = table_get(r->headers_in,  "Connection");
!     char *length = table_get(r->headers_out, "Content-Length");
!     char *tenc   = table_get(r->headers_out, "Transfer-Encoding");
      int ka_sent;
  
      if (r->connection->keepalive == -1)  /* Did we get bad input? */
          r->connection->keepalive = 0;
      else if ((r->server->keep_alive > r->connection->keepalives) &&
        (r->server->keep_alive_timeout > 0) &&
!       (r->header_only || length || tenc ||
         ((r->proto_num >= 1001) && (r->byterange > 1 || (r->chunked
= 1)))) &&
        (!find_token(r->pool, conn, "close")) &&
        ((ka_sent = find_token(r->pool, conn, "keep-alive")) ||
Index: util_script.c
===================================================================
RCS file: /export/home/cvs/apache/src/util_script.c,v
retrieving revision 1.26
diff -c -r1.26 util_script.c
*** util_script.c	1996/11/12 06:02:54	1.26
--- util_script.c	1996/11/24 03:13:33
***************
*** 327,332 ****
--- 327,338 ----
          else if(!strcasecmp(w,"Location")) {
  	    table_set (r->headers_out, w, l);
          }   
+         else if(!strcasecmp(w,"Content-Length")) {
+ 	    table_set (r->headers_out, w, l);
+         }   
+         else if(!strcasecmp(w,"Transfer-Encoding")) {
+ 	    table_set (r->headers_out, w, l);
+         }   
  
  /* The HTTP specification says that it is legal to merge duplicate
   * headers into one.  Some browsers that support Cookies don't like

Mime
View raw message