From: Christopher Faulet <cfaulet@haproxy.com>
Date: Wed, 6 Jul 2022 15:41:31 +0000 (+0200)
Subject: BUG/MINOR: http-htx: Fix scheme based normalization for URIs wih userinfo
X-Git-Tag: v2.7-dev2~90
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0eab050b040d4240d78e0c1eb4db937bcddc834f;p=thirdparty%2Fhaproxy.git

BUG/MINOR: http-htx: Fix scheme based normalization for URIs wih userinfo

The scheme based normalization is not properly handled the URI's userinfo,
if any. First, the authority parser is not called with "no_userinfo"
parameter set. Then it is skipped from the URI normalization.

This patch must be backported as far as 2.4.
---

diff --git a/src/http_htx.c b/src/http_htx.c
index ea4c25f1ac..0eaabe5c3f 100644
--- a/src/http_htx.c
+++ b/src/http_htx.c
@@ -1783,7 +1783,7 @@ int http_scheme_based_normalize(struct htx *htx)
 	if (istlen(port) && uri_is_default_port(scheme, port)) {
 		/* reconstruct the uri with removal of the port */
 		struct buffer *temp = get_trash_chunk();
-		struct ist meth, vsn, path;
+		struct ist meth, vsn;
 
 		/* meth */
 		chunk_memcat(temp, HTX_SL_REQ_MPTR(sl), HTX_SL_REQ_MLEN(sl));
@@ -1794,12 +1794,10 @@ int http_scheme_based_normalize(struct htx *htx)
 		vsn = ist2(temp->area + meth.len, HTX_SL_REQ_VLEN(sl));
 
 		/* reconstruct uri without port */
-		path = http_parse_path(&parser);
-		chunk_istcat(temp, scheme);
+		chunk_memcat(temp, uri.ptr, authority.ptr - uri.ptr);
 		chunk_istcat(temp, host);
-		chunk_istcat(temp, path);
-		uri = ist2(temp->area + meth.len + vsn.len,
-		           scheme.len + host.len + path.len);
+		chunk_memcat(temp, istend(authority), istend(uri) - istend(authority));
+		uri = ist2(temp->area + meth.len + vsn.len, host.len + uri.len - authority.len); /* uri */
 
 		http_replace_stline(htx, meth, uri, vsn);