Parse session-id header case-insensitively (#765)

RFC 2616 defines headers as case-insensitive, so if rpc is behind a
reverse proxy that lowers the case of headers, transmission will not
parse them correctly.

A new wrapper function, `tr_strcasestr` is added to
libtransmission/utils.c to allow for comparisons of headers case
insensitively, and checks in cmake and autogen are included.

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 6de8a6139e66f9e029b3afbe1848be0b274fb61c..a0f4048e200bdfab4ef70e167c754bb67fac8bc5 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -466,6 +466,7 @@ set(NEEDED_FUNCTIONS
     pread
     pwrite
     statvfs
+    strcasestr
     strlcpy
     strsep
     syslog

diff --git a/Transmission.xcodeproj/project.pbxproj b/Transmission.xcodeproj/project.pbxproj
index 3a44ecec2a817e435314310eeb7a3e507d22c39d..9f40e412f86eb328cd3a4294c2d109cc33be23db 100644 (file)
--- a/Transmission.xcodeproj/project.pbxproj
+++ b/Transmission.xcodeproj/project.pbxproj
@@ -2949,6 +2949,7 @@
                                        "-DHAVE_ASPRINTF",
                                        "-DHAVE_LIBGEN",
                                        "-DHAVE_STRCASECMP",
+                                       "-DHAVE_STRCASESTR",
                                        "-DHAVE_ZLIB",
                                        "-DHAVE_ICONV",
                                );
@@ -3124,6 +3125,7 @@
                                        "-DHAVE_ASPRINTF",
                                        "-DHAVE_LIBGEN",
                                        "-DHAVE_STRCASECMP",
+                                       "-DHAVE_STRCASESTR",
                                        "-DHAVE_ZLIB",
                                        "-DHAVE_ICONV",
                                );
@@ -3352,6 +3354,7 @@
                                        "-DHAVE_ASPRINTF",
                                        "-DHAVE_LIBGEN",
                                        "-DHAVE_STRCASECMP",
+                                       "-DHAVE_STRCASESTR",
                                        "-DHAVE_ZLIB",
                                        "-DHAVE_ICONV",
                                );

diff --git a/configure.ac b/configure.ac
index b0e053e915c21a7176005c6e84585bb4884e5803..d07b09cab073abc7a1d0ea9f3cd1d49e7ed3d5e2 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -110,7 +110,7 @@ AC_HEADER_STDC
 AC_HEADER_TIME
 
 AC_CHECK_HEADERS([xlocale.h])
-AC_CHECK_FUNCS([iconv pread pwrite lrintf strlcpy daemon dirname basename canonicalize_file_name strcasecmp localtime_r fallocate64 posix_fallocate memmem strsep strtold syslog valloc getpagesize posix_memalign statvfs htonll ntohll mkdtemp uselocale _configthreadlocale])
+AC_CHECK_FUNCS([iconv pread pwrite lrintf strlcpy daemon dirname basename canonicalize_file_name strcasecmp localtime_r fallocate64 posix_fallocate memmem strsep strtold syslog valloc getpagesize posix_memalign statvfs htonll ntohll mkdtemp uselocale _configthreadlocale strcasestr])
 AC_PROG_INSTALL
 AC_PROG_MAKE_SET
 ACX_PTHREAD

diff --git a/libtransmission/CMakeLists.txt b/libtransmission/CMakeLists.txt
index a4ba99ec0b091d3b28874eafd27c9fdf8269aa3c..d0ee87da04c90ac33043a37d63cb5ec95b46dd26 100644 (file)
--- a/libtransmission/CMakeLists.txt
+++ b/libtransmission/CMakeLists.txt
@@ -268,6 +268,10 @@ if(ICONV_FOUND)
     target_link_libraries(${TR_NAME} ${ICONV_LIBRARIES})
 endif()
 
+if(WIN32)
+    target_link_libraries(${TR_NAME} shlwapi)
+endif()
+
 if(ENABLE_TESTS)
     add_library(${TR_NAME}-test STATIC
         libtransmission-test.c

diff --git a/libtransmission/rpc-server.c b/libtransmission/rpc-server.c
index 6a112a6c7b1a64a44923ec4262538228396632a3..6660a8480f7d84a99c7e26247ea13d85315998f8 100644 (file)
--- a/libtransmission/rpc-server.c
+++ b/libtransmission/rpc-server.c
@@ -184,7 +184,7 @@ static void handle_upload(struct evhttp_request* req, struct tr_rpc_server* serv
         {
             struct tr_mimepart* p = tr_ptrArrayNth(&parts, i);
 
-            if (tr_memmem(p->headers, p->headers_len, TR_RPC_SESSION_ID_HEADER, strlen(TR_RPC_SESSION_ID_HEADER)) != NULL)
+            if (tr_strcasestr(p->headers, TR_RPC_SESSION_ID_HEADER) != NULL)
             {
                 char const* ours = get_current_session_id(server);
                 size_t const ourlen = strlen(ours);

diff --git a/libtransmission/utils.c b/libtransmission/utils.c
index 250c06dbb367db5465e6cdcdc0aeaa8599eeb7fc..ab2fc446eecc8d330468c4b7b864ad480b19ae15 100644 (file)
--- a/libtransmission/utils.c
+++ b/libtransmission/utils.c
@@ -29,6 +29,7 @@
 #include <ws2tcpip.h> /* WSAStartup() */
 #include <windows.h> /* Sleep(), GetSystemTimeAsFileTime(), GetEnvironmentVariable() */
 #include <shellapi.h> /* CommandLineToArgv() */
+#include <shlwapi.h> /* StrStrIA() */
 #else
 #include <sys/time.h>
 #include <unistd.h> /* getpagesize() */
@@ -456,6 +457,23 @@ char const* tr_memmem(char const* haystack, size_t haystacklen, char const* need
 #endif
 }
 
+char const* tr_strcasestr(char const* haystack, char const* needle)
+{
+#ifdef HAVE_STRCASESTR
+
+    return strcasestr(haystack, needle);
+
+#elif defined(_WIN32)
+
+    return StrStrIA(haystack, needle);
+
+#else
+
+#error please open a PR to implement tr_strcasestr() for your platform
+
+#endif
+}
+
 char* tr_strdup_printf(char const* fmt, ...)
 {
     va_list ap;

diff --git a/utils/remote.c b/utils/remote.c
index 26fb5e1c693c24d5f8daf992725c65b74185ff6b..1408611d80f4956a9d6e4bf473e15b56b4c0382c 100644 (file)
--- a/utils/remote.c
+++ b/utils/remote.c
@@ -14,6 +14,7 @@
 #include <string.h> /* strcmp */
 
 #include <event2/buffer.h>
+#include <event2/util.h>
 
 #define CURL_DISABLE_TYPECHECK /* otherwise -Wunreachable-code goes insane */
 #include <curl/curl.h>
@@ -792,7 +793,7 @@ static size_t parseResponseHeader(void* ptr, size_t size, size_t nmemb, void* st
     char const* key = TR_RPC_SESSION_ID_HEADER ": ";
     size_t const key_len = strlen(key);
 
-    if (line_len >= key_len && memcmp(line, key, key_len) == 0)
+    if (line_len >= key_len && evutil_ascii_strncasecmp(line, key, key_len) == 0)
     {
         char const* begin = line + key_len;
         char const* end = begin;