From: Jacek Tomasiak <jacek.tomasiak@gmail.com>
Date: Sat, 5 Feb 2022 00:03:44 +0000 (+0100)
Subject: httpc: Fix multi-value "Connection" header checks
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d9989cc761c977fa0689c3f0cfccf9913499e0e5;p=thirdparty%2Ftvheadend.git

httpc: Fix multi-value "Connection" header checks

Connection header was checked for exact "close" or "upgrade" values
while it could contain multiple values delimited with commas.
New function was added for checking such cases.

Code is based on kv_find_value() function from:
https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/relayd/relayd.c

This fixes #6090
---

diff --git a/src/httpc.c b/src/httpc.c
index 52ecf6dce..45b96a68f 100644
--- a/src/httpc.c
+++ b/src/httpc.c
@@ -940,6 +940,24 @@ http_client_data_received( http_client_t *hc, char *buf, ssize_t len, int hdr )
   return end ? 1 : 0;
 }
 
+static int
+http_arg_contains(const char *arg, const char *val)
+{
+  char *a, *next, *p;
+  /* copy will be modified by strsep() */
+  a = strdup(arg);
+  for (next = p = a; p != NULL; p = strsep(&next, ",")) {
+    /* skip whitespace */
+    p += strspn(p, " \t\r\n");
+    if (strcasecmp(p, val) == 0) {
+      free(a);
+      return 1;
+    }
+  }
+  free(a);
+  return 0;
+}
+
 static int
 http_client_run0( http_client_t *hc )
 {
@@ -1093,7 +1111,7 @@ header:
   }
   p = http_arg_get(&hc->hc_args, "Connection");
   if (p && ver != RTSP_VERSION_1_0) {
-    if (strcasecmp(p, "close") == 0 || strcasecmp(p, "upgrade") == 0) /* Some servers
+    if (http_arg_contains(p, "close") || http_arg_contains(p, "upgrade")) /* Some servers
       send the upgrade header to switch to http2 even though we did not request this.
       Assume that we can not keep alive the connection in that case */
       hc->hc_keepalive = 0;