Improves how HSTS redirections URLs are generated.

cherokee · Nov 20, 2011 · 5eac693 · 5eac693
1 parent 54bb071
commit 5eac693
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 5 deletions.
diff --git a/cherokee/connection-protected.h b/cherokee/connection-protected.h
@@ -287,6 +287,7 @@ ret_t cherokee_connection_instance_encoder       (cherokee_connection_t *conn);
 ret_t cherokee_connection_sleep                  (cherokee_connection_t *conn, cherokee_msec_t msecs);
 void  cherokee_connection_update_timeout         (cherokee_connection_t *conn);
 void  cherokee_connection_add_expiration_header  (cherokee_connection_t *conn, cherokee_buffer_t *buffer, cherokee_boolean_t use_maxage);
+ret_t cherokee_connection_build_host_string      (cherokee_connection_t *conn, cherokee_buffer_t *buf);
 ret_t cherokee_connection_build_host_port_string (cherokee_connection_t *conn, cherokee_buffer_t *buf);
 
 /* Iteration

diff --git a/cherokee/connection.c b/cherokee/connection.c
@@ -558,15 +558,38 @@ cherokee_connection_setup_error_handler (cherokee_connection_t *conn)
 ret_t
 cherokee_connection_setup_hsts_handler (cherokee_connection_t *conn)
 {
-	ret_t ret;
+	ret_t              ret;
+	cherokee_list_t   *i;
+	int                port = -1;
+	cherokee_server_t *srv  = CONN_SRV(conn);
 
 	/* Redirect to:
 	 * "https://" + host + request + query_string
 	 */
-	cherokee_buffer_clean   (&conn->redirect);
+	cherokee_buffer_clean (&conn->redirect);
+
+	/* 1.- Proto */
 	cherokee_buffer_add_str (&conn->redirect, "https://");
 
-	cherokee_connection_build_host_port_string (conn, &conn->redirect);
+	/* 2.- Host */
+	cherokee_connection_build_host_string (conn, &conn->redirect);
+
+	/* 3.- Port */
+	list_for_each (i, &srv->listeners) {
+		if (BIND_IS_TLS(i)) {
+			port = BIND(i)->port;
+			break;
+		}
+	}
+
+	if ((port != -1) &&
+	    (! http_port_is_standard (port, true)))
+	{
+		cherokee_buffer_add_char    (&conn->redirect, ':');
+		cherokee_buffer_add_ulong10 (&conn->redirect, port);
+	}
+
+	/* 4.- Request */
 	cherokee_buffer_add_buffer (&conn->redirect, &conn->request);
 
 	if (conn->query_string.len > 0) {
@@ -2955,8 +2978,8 @@ cherokee_connection_update_timeout (cherokee_connection_t *conn)
 
 
 ret_t
-cherokee_connection_build_host_port_string (cherokee_connection_t *conn,
-					    cherokee_buffer_t     *buf)
+cherokee_connection_build_host_string (cherokee_connection_t *conn,
+				       cherokee_buffer_t     *buf)
 {
 	/* 1st choice: Request host */
 	if (! cherokee_buffer_is_empty (&conn->host)) {
@@ -2977,6 +3000,22 @@ cherokee_connection_build_host_port_string (cherokee_connection_t *conn,
 		cherokee_buffer_add_buffer (buf, &conn->bind->server_address);
 	}
 
+	return ret_ok;
+}
+
+ret_t
+cherokee_connection_build_host_port_string (cherokee_connection_t *conn,
+					    cherokee_buffer_t     *buf)
+{
+	ret_t ret;
+
+	/* Host
+	 */
+	ret = cherokee_connection_build_host_string (conn, buf);
+	if (unlikely (ret != ret_ok)) {
+		return ret_error;
+	}
+
 	/* Port
 	 */
 	if ((conn->bind != NULL) &&