Connection Request: Return 503 http error code instead of success in case...

Connection Request: Return 503 http error code instead of success in case method is POST PUT DELETE and not GET

Connection Request: Return 503 http error code instead of success in case...
Connection Request: Return 503 http error code instead of success in case method is POST PUT DELETE and not GET
f145bd04 · Omar Kallel · 2bc6a46a · f145bd04
Commit f145bd04 authored Feb 08, 2021 by Omar Kallel
Hide whitespace changes
Inline Side-by-side

Showing with 21 additions and 18 deletions

http.c http.c +21 -18

No files found.
--- a/http.c
+++ b/http.c
@@ -283,40 +283,44 @@ static void http_cr_new_client(int client, bool service_available)
 {
 	FILE *fp;
 	char buffer[BUFSIZ];
+	char auth_digest_buffer[BUFSIZ];
 	int8_t auth_status = 0;
+	bool auth_digest_checked = false;
+	bool method_is_get = false;

 	pthread_mutex_lock(&mutex_config_load);
 	fp = fdopen(client, "r+");

+	char *username = cwmp_main.conf.cpe_userid;
+	char *password = cwmp_main.conf.cpe_passwd;
+	if (!username || !password) {
+		// if we dont have username or password configured proceed with connecting to ACS
+		service_available = false;
+		goto http_end;
+	}
 	while (fgets(buffer, sizeof(buffer), fp)) {
+		if (!strncasecmp(buffer, "GET ", strlen("GET ")))
+			method_is_get = true;
 		if (!strncasecmp(buffer, "Authorization: Digest ", strlen("Authorization: Digest "))) {
-			char *username = cwmp_main.conf.cpe_userid;
-			char *password = cwmp_main.conf.cpe_passwd;
-
-			if (!username || !password) {
-				// if we dont have username or password configured proceed with connecting to ACS
-				service_available = false;
-				goto http_end;
-			}
-
-			if (http_digest_auth_check("GET", "/", buffer + strlen("Authorization: Digest "), REALM, username, password, 300) == MHD_YES)
-				auth_status = 1;
-			else
-				auth_status = 0;
+			auth_digest_checked = true;
+			strcpy(auth_digest_buffer, buffer);
 		}

 		if (buffer[0] == '\r' || buffer[0] == '\n') {
 			/* end of http request (empty line) */
-			goto http_end;
+			break;
 		}
 	}
-	if (!service_available) {
+	if (!service_available || !method_is_get || !auth_digest_checked) {
 		goto http_end;
 	}
-	goto http_done;
+	if (http_digest_auth_check("GET", "/", auth_digest_buffer + strlen("Authorization: Digest "), REALM, username, password, 300) == MHD_YES)
+		auth_status = 1;
+	else
+		auth_status = 0;

 http_end:
-	if (!service_available) {
+	if (!service_available || !method_is_get || !auth_digest_checked) {
 		CWMP_LOG(INFO, "Receive Connection Request: Return 503 Service Unavailable");
 		fputs("HTTP/1.1 503 Service Unavailable\r\n", fp);
 		fputs("Connection: close\r\n", fp);
@@ -336,7 +340,6 @@ http_end:
 	}
 	fputs("\r\n", fp);

-http_done:
 	fclose(fp);
 	pthread_mutex_unlock(&mutex_config_load);
 }