-#!/usr/bin/perl -w
-
package HTTPServer;
use strict;
+use warnings;
use HTTP::Daemon;
use HTTP::Status;
if (!$initialized) {
$synch_callback->();
$initialized = 1;
- }
+ }
my $con = $self->accept();
print STDERR "Accepted a new connection\n" if $log;
while (my $req = $con->get_request) {
if (exists($urls->{$url_path})) {
print STDERR "Serving requested URL: ", $url_path, "\n" if $log;
next unless ($req->method eq "HEAD" || $req->method eq "GET");
-
+
my $url_rec = $urls->{$url_path};
$self->send_response($req, $url_rec, $con);
} else {
print STDERR "Requested wrong URL: ", $url_path, "\n" if $log;
$con->send_error($HTTP::Status::RC_FORBIDDEN);
last;
- }
+ }
}
print STDERR "Closing connection\n" if $log;
$con->close;
if (exists $url_rec->{'auth_method'}) {
($send_content, $code, $msg, $headers) =
$self->handle_auth($req, $url_rec);
+ } elsif (!$self->verify_request_headers ($req, $url_rec)) {
+ ($send_content, $code, $msg, $headers) =
+ ('', 400, 'Mismatch on expected headers', {});
} else {
($code, $msg) = @{$url_rec}{'code', 'msg'};
$headers = $url_rec->{headers};
next;
}
# fill in content
- $content = $self->_substitute_port($content);
+ $content = $self->_substitute_port($content) if defined $content;
$resp->content($content);
print STDERR "HTTP::Response with content: \n", $resp->as_string if $log;
}
my $authhdr = $req->header('Authorization');
# Have we sent the challenge yet?
- unless (defined $url_rec->{auth_challenged}
- && $url_rec->{auth_challenged}) {
+ unless ($url_rec->{auth_challenged} || $url_rec->{auth_no_challenge}) {
# Since we haven't challenged yet, we'd better not
# have received authentication (for our testing purposes).
if ($authhdr) {
# failed it.
$code = 400;
$msg = "You didn't send auth after I sent challenge";
+ if ($url_rec->{auth_no_challenge}) {
+ $msg = "--auth-no-challenge but no auth sent."
+ }
} else {
my ($sent_method) = ($authhdr =~ /^(\S+)/g);
unless ($sent_method eq $url_rec->{'auth_method'}) {
}
}
+sub verify_request_headers {
+ my ($self, $req, $url_rec) = @_;
+
+ return 1 unless exists $url_rec->{'request_headers'};
+ for my $hdrname (keys %{$url_rec->{'request_headers'}}) {
+ my $rhdr = $req->header ($hdrname);
+ my $ehdr = $url_rec->{'request_headers'}{$hdrname};
+ unless (defined $rhdr && $rhdr =~ $ehdr) {
+ $rhdr = '' unless defined $rhdr;
+ print STDERR "\n*** Mismatch on $hdrname: $rhdr =~ $ehdr\n";
+ return undef;
+ }
+ }
+
+ return 1;
+}
+
sub _substitute_port {
my $self = shift;
my $ret = shift;