summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/afb-hreq.c24
-rw-r--r--src/afb-hswitch.c5
-rw-r--r--src/afb-ws-client.c20
3 files changed, 26 insertions, 23 deletions
diff --git a/src/afb-hreq.c b/src/afb-hreq.c
index a1c750b4..b1f300db 100644
--- a/src/afb-hreq.c
+++ b/src/afb-hreq.c
@@ -44,13 +44,11 @@
static char empty_string[] = "";
-static const char uuid_header[] = "x-afb-uuid";
-static const char uuid_arg[] = "uuid";
-static const char uuid_cookie[] = "uuid";
+static const char key_for_uuid[] = "x-afb-uuid";
+static const char old_key_for_uuid[] = "uuid";
-static const char token_header[] = "x-afb-token";
-static const char token_arg[] = "token";
-static const char token_cookie[] = "token";
+static const char key_for_token[] = "x-afb-token";
+static const char old_key_for_token[] = "token";
static char *cookie_name = NULL;
static char *cookie_setter = NULL;
@@ -708,17 +706,19 @@ int afb_hreq_init_context(struct afb_hreq *hreq)
if (hreq->context.session != NULL)
return 0;
- uuid = afb_hreq_get_header(hreq, uuid_header);
+ uuid = afb_hreq_get_header(hreq, key_for_uuid);
if (uuid == NULL)
- uuid = afb_hreq_get_argument(hreq, uuid_arg);
+ uuid = afb_hreq_get_argument(hreq, key_for_uuid);
if (uuid == NULL)
uuid = afb_hreq_get_cookie(hreq, cookie_name);
+ if (uuid == NULL)
+ uuid = afb_hreq_get_argument(hreq, old_key_for_uuid);
- token = afb_hreq_get_header(hreq, token_header);
+ token = afb_hreq_get_header(hreq, key_for_token);
if (token == NULL)
- token = afb_hreq_get_argument(hreq, token_arg);
+ token = afb_hreq_get_argument(hreq, key_for_token);
if (token == NULL)
- token = afb_hreq_get_cookie(hreq, token_cookie);
+ token = afb_hreq_get_argument(hreq, old_key_for_token);
return afb_context_connect(&hreq->context, uuid, token);
}
@@ -733,7 +733,7 @@ int afb_hreq_init_cookie(int port, const char *path, int maxage)
cookie_setter = NULL;
path = path ? : "/";
- rc = asprintf(&cookie_name, "x-afb-uuid-%d", port);
+ rc = asprintf(&cookie_name, "%s-%d", key_for_uuid, port);
if (rc < 0)
return 0;
rc = asprintf(&cookie_setter, "%s=%%s; Path=%s; Max-Age=%d; HttpOnly",
diff --git a/src/afb-hswitch.c b/src/afb-hswitch.c
index 8dee80b3..417b773e 100644
--- a/src/afb-hswitch.c
+++ b/src/afb-hswitch.c
@@ -86,6 +86,11 @@ int afb_hswitch_websocket_switch(struct afb_hreq *hreq, void *data)
return 1;
}
+ if (!hreq->context.validated) {
+ afb_hreq_reply_error(hreq, MHD_HTTP_UNAUTHORIZED);
+ return 1;
+ }
+
return afb_websock_check_upgrade(hreq);
}
diff --git a/src/afb-ws-client.c b/src/afb-ws-client.c
index 32f8778e..e9c1a906 100644
--- a/src/afb-ws-client.c
+++ b/src/afb-ws-client.c
@@ -201,15 +201,15 @@ static int receive_response(int fd, const char **protocols, const char *ack)
goto error;
len = strcspn(line, " ");
if (len != 8 || 0 != strncmp(line, "HTTP/1.1", 8))
- goto error;
+ goto abort;
it = line + len;
len = strspn(it, " ");
if (len == 0)
- goto error;
+ goto abort;
it += len;
len = strcspn(it, " ");
if (len != 3 || 0 != strncmp(it, "101", 3))
- goto error;
+ goto abort;
/* reads the rest of the response until empty line */
clen = 0;
@@ -250,15 +250,13 @@ static int receive_response(int fd, const char **protocols, const char *ack)
if (clen > 0) {
while (read(fd, line, len) < 0 && errno == EINTR);
}
- if (haserr != 0)
- result = -1;
- else if (result < 0) {
- result = 0;
- while(protocols[result] != NULL)
- result++;
- }
-error:
+ if (haserr != 0 || result < 0)
+ goto abort;
return result;
+abort:
+ errno = ECONNABORTED;
+error:
+ return -1;
}
static int negociate(int fd, const char **protocols, const char *path, const char *host)