* client_getln() now fails if the client attempts to transmit non printable

  characters.   This is for fast bailout if someone tries to do HTTPS to a
  non-SSL webcit.

diff --git a/webcit/ChangeLog b/webcit/ChangeLog
index 7fabeaed4e1402f6a9d680d366a8d617af2f2ed9..da81745bd689db45ae97d8cb073b01d4b038bd93 100644 (file)
--- a/webcit/ChangeLog
+++ b/webcit/ChangeLog
@@ -1,5 +1,10 @@
 $Id$
 
+Tue Jan 24 11:07:04 EST 2006 ajc
+* client_getln() now fails if the client attempts to transmit non printable
+  characters.   This is for fast bailout if someone tries to do HTTPS to a
+  non-SSL webcit.
+
 Mon Jan 23 22:51:11 EST 2006 ajc
 * Got a primitive version of the wiki system in place.  Needs a lot of fine
   tuning but it basically works.

diff --git a/webcit/webserver.c b/webcit/webserver.c
index bebc06417621d7d0a3a1447918a7a086d758053a..c46c79ba301223dd1c01180e4acb278caa3bffd5 100644 (file)
--- a/webcit/webserver.c
+++ b/webcit/webserver.c
@@ -380,8 +380,13 @@ int client_getln(int sock, char *buf, int bufsiz)
                retval = client_read(sock, &buf[i], 1);
                if (retval != 1 || buf[i] == '\n' || i == (bufsiz-1))
                        break;
+               if ( (!isspace(buf[i])) && (!isprint(buf[i])) ) {
+                       lprintf(2, "Non printable character recieved from client\n");
+                       return(-1);
+               }
        }
 
+
        /** If we got a long line, discard characters until the newline.         */
        if (i == (bufsiz-1))
                while (buf[i] != '\n' && retval == 1)