From: Jim Jagielski <jim@apache.org>
Date: Tue, 10 Aug 2010 19:11:40 +0000 (+0000)
Subject: Merge r832172 from trunk:
X-Git-Tag: 2.2.17~90
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3a67b169e43c8453b2e53a7915b7a79216f41e65;p=thirdparty%2Fapache%2Fhttpd.git

Merge r832172 from trunk:

Vhosts: treating a pure-numeric Host header as a port is nonsense.
PR 44979

Submitted by: niq
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@984172 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index c2062a20474..246090343dd 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.2.17
 
+  *) vhost: A purely-numeric Host: header should not be treated as a port.
+     PR 44979 [Nick Kew]
+
   *) core: (re)-introduce -T commandline option to suppress documentroot
      check at startup.
      PR 41887 [Jan van den Berg <janvdberg gmail.com>]
diff --git a/STATUS b/STATUS
index bc22ad049dd..47db0ab098d 100644
--- a/STATUS
+++ b/STATUS
@@ -87,11 +87,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-   * VHosts: fix parsing of pure-numeric hostname.
-     PR 44979
-     Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=832172
-     2.2 patch: trunk patch Works with offset.
-     +1: niq, rpluem, jim
 
 
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
diff --git a/server/vhost.c b/server/vhost.c
index 5b79fea598b..b8e9ca7594c 100644
--- a/server/vhost.c
+++ b/server/vhost.c
@@ -706,25 +706,27 @@ static void fix_hostname(request_rec *r)
     char *dst;
     apr_port_t port;
     apr_status_t rv;
+    const char *c;
 
     /* According to RFC 2616, Host header field CAN be blank. */
     if (!*r->hostname) {
         return;
     }
 
+    /* apr_parse_addr_port will interpret a bare integer as a port
+     * which is incorrect in this context.  So treat it separately.
+     */
+    for (c = r->hostname; apr_isdigit(*c); ++c);
+    if (!*c) {  /* pure integer */
+        return;
+    }
+
     rv = apr_parse_addr_port(&host, &scope_id, &port, r->hostname, r->pool);
     if (rv != APR_SUCCESS || scope_id) {
         goto bad;
     }
 
-    if (!host && port) {
-        /* silly looking host ("Host: 123") but that isn't our job
-         * here to judge; apr_parse_addr_port() would think we had a port
-         * but no address
-         */
-        host = apr_itoa(r->pool, (int)port);
-    }
-    else if (port) {
+    if (port) {
         /* Don't throw the Host: header's port number away:
            save it in parsed_uri -- ap_get_server_port() needs it! */
         /* @@@ XXX there should be a better way to pass the port.