github
/
aria2
mirror of https://github.com/aria2/aria2
1
0
Fork 0
Code Issues Releases Wiki Activity

2009-08-30 Tatsuhiro Tsujikawa <t-tujikawa@users.sourceforge.net> 

Fixed the bug that XML-RPC authorization might be done before HTTP
	request header is fully received.
	* src/HttpServerCommand.cc
pull/1/head
Tatsuhiro Tsujikawa 2009-08-30 13:15:22 +00:00
parent 0c3dc00d68
commit 01af9a5df0
2 changed files with 19 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -1,3 +1,9 @@
2009-08-30 Tatsuhiro Tsujikawa <t-tujikawa@users.sourceforge.net>
Fixed the bug that XML-RPC authorization might be done before HTTP
request header is fully received.
* src/HttpServerCommand.cc
2009-08-30 Tatsuhiro Tsujikawa <t-tujikawa@users.sourceforge.net> 2009-08-30 Tatsuhiro Tsujikawa <t-tujikawa@users.sourceforge.net>
Documented --xml-rpc-listen-all option in man page. Documented --xml-rpc-listen-all option in man page.

25
src/HttpServerCommand.cc
View File

@ -91,6 +91,11 @@ bool HttpServerCommand::execute()
SharedHandle<HttpHeader> header; SharedHandle<HttpHeader> header;
header = _httpServer->receiveRequest(); header = _httpServer->receiveRequest();
if(header.isNull()) {
_e->commands.push_back(this);
return false;
}
if(!_httpServer->authenticate()) { if(!_httpServer->authenticate()) {
_httpServer->disableKeepAlive(); _httpServer->disableKeepAlive();
_httpServer->feedResponse("401 Unauthorized", _httpServer->feedResponse("401 Unauthorized",
@ -102,24 +107,20 @@ bool HttpServerCommand::execute()
_e->setNoWait(true); _e->setNoWait(true);
return true; return true;
} }
if(header.isNull()) { if(static_cast<uint64_t>
_e->commands.push_back(this); (_e->option->getAsInt(PREF_XML_RPC_MAX_REQUEST_SIZE)) <
return false; _httpServer->getContentLength()) {
} else if(static_cast<uint64_t>
(_e->option->getAsInt(PREF_XML_RPC_MAX_REQUEST_SIZE)) <
_httpServer->getContentLength()) {
logger->info("Request too long. ContentLength=%s." logger->info("Request too long. ContentLength=%s."
" See --xml-rpc-max-request-size option to loose" " See --xml-rpc-max-request-size option to loose"
" this limitation.", " this limitation.",
Util::uitos(_httpServer->getContentLength()).c_str()); Util::uitos(_httpServer->getContentLength()).c_str());
return true; return true;
} else {
Command* command = new HttpServerBodyCommand(cuid, _httpServer, _e,
_socket);
_e->commands.push_back(command);
_e->setNoWait(true);
return true;
} }
Command* command = new HttpServerBodyCommand(cuid, _httpServer, _e,
_socket);
_e->commands.push_back(command);
_e->setNoWait(true);
return true;
} else { } else {
if(_timeout.elapsed(30)) { if(_timeout.elapsed(30)) {
logger->info("HTTP request timeout."); logger->info("HTTP request timeout.");