From: Dr. David von Oheimb Date: Tue, 28 Jun 2022 15:23:45 +0000 (+0200) Subject: OSSL_HTTP_REQ_CTX_nbio: add support for partial content-type string matching X-Git-Tag: openssl-3.2.0-alpha1~2175 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=52f616990537b22b0ec81475207caef25fdc0886;p=thirdparty%2Fopenssl.git OSSL_HTTP_REQ_CTX_nbio: add support for partial content-type string matching Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale Reviewed-by: David von Oheimb (Merged from https://github.com/openssl/openssl/pull/18675) --- diff --git a/crypto/http/http_client.c b/crypto/http/http_client.c index 5376c20ca25..005cbfc749a 100644 --- a/crypto/http/http_client.c +++ b/crypto/http/http_client.c @@ -714,7 +714,15 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx) if (OPENSSL_strcasecmp(key, "Content-Type") == 0) { if (rctx->state == OHS_HEADERS && rctx->expected_ct != NULL) { - if (OPENSSL_strcasecmp(rctx->expected_ct, value) != 0) { + const char *semicolon; + + if (OPENSSL_strcasecmp(rctx->expected_ct, value) != 0 + /* ignore past ';' unless expected_ct contains ';' */ + && (strchr(rctx->expected_ct, ';') != NULL + || (semicolon = strchr(value, ';')) == NULL + || (size_t)(semicolon - value) != strlen(rctx->expected_ct) + || OPENSSL_strncasecmp(rctx->expected_ct, value, + semicolon - value) != 0)) { ERR_raise_data(ERR_LIB_HTTP, HTTP_R_UNEXPECTED_CONTENT_TYPE, "expected=%s, actual=%s", diff --git a/doc/man3/OSSL_HTTP_REQ_CTX.pod b/doc/man3/OSSL_HTTP_REQ_CTX.pod index ea468a66475..ebf169513e3 100644 --- a/doc/man3/OSSL_HTTP_REQ_CTX.pod +++ b/doc/man3/OSSL_HTTP_REQ_CTX.pod @@ -89,9 +89,17 @@ OSSL_HTTP_REQ_CTX_set_expected() optionally sets in I some expectations of the HTTP client on the response. Due to the structure of an HTTP request, if the I argument is nonzero the function must be used before calling OSSL_HTTP_REQ_CTX_set1_req(). -If the I parameter -is not NULL then the client will check that the given content type string + +If the I argument is not NULL, +the client will check that the specified content-type string is included in the HTTP header of the response and return an error if not. +In the content-type header line the specified string should be present either +as a whole, or in case the specified string does not include a C<;> character, +it is sufficient that the specified string appears as a prefix +in the header line, followed by a C<;> character and any further text. +For instance, if the I argument specifies C, +this is matched by C, C, etc. + If the I parameter is nonzero a structure in ASN.1 encoding will be expected as the response content and input streaming is disabled. This means that an ASN.1 sequence header is required, its length field is checked, and diff --git a/doc/man3/OSSL_HTTP_transfer.pod b/doc/man3/OSSL_HTTP_transfer.pod index 3df2f07d3d2..ee9a2c7f0c4 100644 --- a/doc/man3/OSSL_HTTP_transfer.pod +++ b/doc/man3/OSSL_HTTP_transfer.pod @@ -169,9 +169,17 @@ else HTTP POST with the contents of I and optional I, where the length of the data in I does not need to be determined in advance: the BIO will be read on-the-fly while sending the request, which supports streaming. The optional list I may contain additional custom HTTP header lines. -If the parameter I -is not NULL then the client will check that the given content type string + +If the I argument is not NULL, +the client will check that the specified content-type string is included in the HTTP header of the response and return an error if not. +In the content-type header line the specified string should be present either +as a whole, or in case the specified string does not include a C<;> character, +it is sufficient that the specified string appears as a prefix +in the header line, followed by a C<;> character and any further text. +For instance, if I specifies C, +this is matched by C, C, etc. + If the I parameter is nonzero, a structure in ASN.1 encoding will be expected as response content. The I parameter specifies the maximum allowed