From: Jim Jagielski <jim@apache.org>
Date: Mon, 12 Dec 2016 15:22:49 +0000 (+0000)
Subject: Merge r1773159 from trunk:
X-Git-Tag: 2.4.24~43
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=693838dccc16e467358ff1be2199a64d250f2f35;p=thirdparty%2Fapache%2Fhttpd.git

Merge r1773159 from trunk:

Partial port of proposed r1773158 for httpd-2.x only; this change causes all
illegible protocol args to be rejected, irrespective of the strict toggle as
we expect this to occur with a garbage raw SP embedded in the request URI.

Simplifies the code using the protocol 0.9 sentinal to set up an http/1.0
error response.

String duplication of r1773158 is uninteresting, httpd-2.x has a const protocol
member.

Submitted by: rpluem, wrowe


Submitted by: wrowe
Reviewed/backported by: jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1773802 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/STATUS b/STATUS
index bfb116b135b..fffaa6e5981 100644
--- a/STATUS
+++ b/STATUS
@@ -117,16 +117,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-  *) Propose we apr_pstrdup constant r->protocol assignments, and always fail
-     entirely invalid protocols (expecting these are part two of a URL with
-     embedded raw SP characters), without considering 'strict'-ness.
-     Backports: r1773159 through merge branch commit r1773161
-     Trunk patch:
-       https://svn.apache.org/r1773159
-     2.4.x patch:
-       https://svn.apache.org/r1773161
-     +1: wrowe, jim, ylavic
-
   *) With oddball whitespace now disallowed, strictness makes no difference
      in the two cases of field content handling. Noted by rpluem.
      Backports: r1773162 through merge branch commit r1773163
diff --git a/server/protocol.c b/server/protocol.c
index 7bc292cb162..63b358d4835 100644
--- a/server/protocol.c
+++ b/server/protocol.c
@@ -782,17 +782,14 @@ rrl_done:
             memcpy((char*)r->protocol, "HTTP", 4);
     }
     else if (r->protocol[0]) {
-        r->assbackwards = 0;
-        r->proto_num = HTTP_VERSION(1,0);
+        r->proto_num = HTTP_VERSION(0, 9);
         /* Defer setting the r->protocol string till error msg is composed */
-        if (strict && deferred_error == rrl_none)
+        if (deferred_error == rrl_none)
             deferred_error = rrl_badprotocol;
-        else
-            r->protocol  = "HTTP/1.0";
     }
     else {
         r->assbackwards = 1;
-        r->protocol = "HTTP/0.9";
+        r->protocol  = apr_pstrdup(r->pool, "HTTP/0.9");
         r->proto_num = HTTP_VERSION(0, 9);
     }
 
@@ -906,7 +903,7 @@ rrl_failed:
         r->assbackwards = 0;
         r->connection->keepalive = AP_CONN_CLOSE;
         r->proto_num = HTTP_VERSION(1, 0);
-        r->protocol  = "HTTP/1.0";
+        r->protocol  = apr_pstrdup(r->pool, "HTTP/1.0");
     }
     return 0;
 }