@@ -2490,6 +2490,16 @@ connectivity_problem() {
24902490 fi
24912491}
24922492
2493+ sanitze_http_header() {
2494+ # sed implementations tested were sometime not fine with header containing x0d x0a (CRLF) which is the usual
2495+ # case. Also we use tr here to remove any crtl chars which the server side offers --> possible security problem
2496+ # Only allowed now is LF + CR. See #2337. awk, see above, doesn't seem to care -- but not under MacOS.
2497+ sed -e '/^$/q' -e '/^[^a-zA-Z_0-9]$/q' $HEADERFILE | tr -d '\000-\011\013\014\016-\037' >$HEADERFILE.tmp
2498+ # Now to be more sure we delete from '<' or '{' maybe with a leading blank until the end
2499+ sed -e '/^ *<.*$/d' -e '/^ *{.*$/d' $HEADERFILE.tmp >$HEADERFILE
2500+ debugme echo -e "---\n $(< $HEADERFILE) \n---"
2501+ }
2502+
24932503
24942504#problems not handled: chunked
24952505run_http_header() {
@@ -2520,16 +2530,14 @@ run_http_header() {
25202530 # Doing it again in the foreground to get an accurate header time
25212531 tm_out "$GET_REQ11" | $OPENSSL s_client $(s_client_options "$OPTIMAL_PROTO $BUGS -quiet -ign_eof -connect $NODEIP:$PORT $PROXY $SNI") >$HEADERFILE 2>$ERRFILE
25222532 NOW_TIME=$(date "+%s")
2523- HTTP_TIME=$(awk -F': ' '/^date:/ { print $2 } /^Date:/ { print $2 }' $HEADERFILE)
2524- HTTP_AGE=$(awk -F': ' '/^[aA][gG][eE]: / { print $2 }' $HEADERFILE)
25252533 HAD_SLEPT=0
2534+ sanitze_http_header
25262535 else
2536+ sanitze_http_header
25272537 # 1st GET request hung and needed to be killed. Check whether it succeeded anyway:
25282538 if grep -Eiaq "XML|HTML|DOCTYPE|HTTP|Connection" $HEADERFILE; then
25292539 # correct by seconds we slept, HAD_SLEPT comes from wait_kill()
25302540 NOW_TIME=$(($(date "+%s") - HAD_SLEPT))
2531- HTTP_TIME=$(awk -F': ' '/^date:/ { print $2 } /^Date:/ { print $2 }' $HEADERFILE)
2532- HTTP_AGE=$(awk -F': ' '/^[aA][gG][eE]: / { print $2 }' $HEADERFILE)
25332541 else
25342542 prln_warning " likely HTTP header requests failed (#lines: $(wc -l $HEADERFILE | awk '{ print $1 }'))"
25352543 [[ "$DEBUG" -lt 1 ]] && outln "Rerun with DEBUG>=1 and inspect $HEADERFILE\n"
@@ -2538,6 +2546,8 @@ run_http_header() {
25382546 ((NR_HEADER_FAIL++))
25392547 fi
25402548 fi
2549+ HTTP_TIME=$(awk -F': ' '/^date:/ { print $2 } /^Date:/ { print $2 }' $HEADERFILE)
2550+ HTTP_AGE=$(awk -F': ' '/^[aA][gG][eE]: / { print $2 }' $HEADERFILE)
25412551 if [[ ! -s $HEADERFILE ]]; then
25422552 ((NR_HEADER_FAIL++))
25432553 if [[ $NR_HEADER_FAIL -ge $MAX_HEADER_FAIL ]]; then
@@ -2565,18 +2575,6 @@ run_http_header() {
25652575 [[ -n "$HTTP_TIME" ]] && HTTP_TIME="$(strip_lf "$HTTP_TIME")"
25662576 debugme echo "NOW_TIME: $NOW_TIME | HTTP_AGE: $HTTP_AGE | HTTP_TIME: $HTTP_TIME"
25672577
2568- # Quit on first empty line to catch 98% of the cases. Next pattern is there because the SEDs tested
2569- # so far seem not to be fine with header containing x0d x0a (CRLF) which is the usual case.
2570- # So we also trigger also on any sign on a single line which is not alphanumeric (plus _)
2571- #
2572- # Also we use tr here to remove any crtl chars which the server side offers --> possible security problem
2573- # Only allowed now is LF + CR. See #2337
2574- # awk, see above, doesn't seem to care
2575- sed -e '/^$/q' -e '/^[^a-zA-Z_0-9]$/q' $HEADERFILE | tr -d '\000-\011\013\014\016-\037' >$HEADERFILE.tmp
2576- # Now to be more sure we delete from '<' or '{' maybe with a leading blank until the end
2577- sed -e '/^ *<.*$/d' -e '/^ *{.*$/d' $HEADERFILE.tmp >$HEADERFILE
2578- debugme echo -e "---\n $(< $HEADERFILE) \n---"
2579-
25802578 HTTP_STATUS_CODE=$(awk '/^HTTP\// { print $2 }' $HEADERFILE 2>>$ERRFILE)
25812579 msg_thereafter=$(awk -F"$HTTP_STATUS_CODE" '/^HTTP\// { print $2 }' $HEADERFILE 2>>$ERRFILE) # dirty trick to use the status code as a
25822580 msg_thereafter=$(strip_lf "$msg_thereafter") # field separator, otherwise we need a loop with awk
0 commit comments