[openssl] master update

dev at ddvo.net dev at ddvo.net
Mon Dec 13 11:14:01 UTC 2021


The branch master has been updated
       via  2490d10d5cca0163cad8045857248b175bdf83e7 (commit)
      from  858d5ac16d256db24f78b8c84e723b7d34c8b1ea (commit)


- Log -----------------------------------------------------------------
commit 2490d10d5cca0163cad8045857248b175bdf83e7
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date:   Sun Nov 21 11:51:09 2021 +0100

    OSSL_HTTP_proxy_connect(): Fix glitch in response HTTP header parsing
    
    Fixes #17247
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/17250)

-----------------------------------------------------------------------

Summary of changes:
 crypto/http/http_client.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/http/http_client.c b/crypto/http/http_client.c
index a85bfcec42..b4d42f2eb0 100644
--- a/crypto/http/http_client.c
+++ b/crypto/http/http_client.c
@@ -1317,7 +1317,7 @@ int OSSL_HTTP_proxy_connect(BIO *bio, const char *server, const char *port,
 
         /* Check for HTTP/1.x */
         mbufp = mbuf;
-        if (!HAS_PREFIX(mbufp, HTTP_PREFIX)) {
+        if (!CHECK_AND_SKIP_PREFIX(mbufp, HTTP_PREFIX)) {
             ERR_raise(ERR_LIB_HTTP, HTTP_R_HEADER_PARSE_ERROR);
             BIO_printf(bio_err, "%s: HTTP CONNECT failed, non-HTTP response\n",
                        prog);
@@ -1335,6 +1335,8 @@ int OSSL_HTTP_proxy_connect(BIO *bio, const char *server, const char *port,
 
         /* RFC 7231 4.3.6: any 2xx status code is valid */
         if (!HAS_PREFIX(mbufp, " 2")) {
+            if (ossl_isspace(*mbufp))
+                mbufp++;
             /* chop any trailing whitespace */
             while (read_len > 0 && ossl_isspace(mbuf[read_len - 1]))
                 read_len--;


More information about the openssl-commits mailing list