From cc526105b82e0ef5031885a608529f527b337315 Mon Sep 17 00:00:00 2001 From: reyk Date: Fri, 15 Jun 2018 12:36:05 +0000 Subject: Fix 304 Not Modified response: don't send a body, use the correct MIME type. Reported by Hidvegi Gabor gaborca websivision hu Fix found by anton@ OK anton@ --- usr.sbin/httpd/server_file.c | 12 +++++++++--- usr.sbin/httpd/server_http.c | 10 +++++----- 2 files changed, 14 insertions(+), 8 deletions(-) (limited to 'usr.sbin/httpd') diff --git a/usr.sbin/httpd/server_file.c b/usr.sbin/httpd/server_file.c index 4255119e659..7db3431da6f 100644 --- a/usr.sbin/httpd/server_file.c +++ b/usr.sbin/httpd/server_file.c @@ -1,4 +1,4 @@ -/* $OpenBSD: server_file.c,v 1.65 2017/02/02 22:19:59 reyk Exp $ */ +/* $OpenBSD: server_file.c,v 1.66 2018/06/15 12:36:05 reyk Exp $ */ /* * Copyright (c) 2006 - 2017 Reyk Floeter @@ -230,8 +230,14 @@ server_file_request(struct httpd *env, struct client *clt, char *path, goto abort; } - if ((ret = server_file_modified_since(clt->clt_descreq, st)) != -1) - return (ret); + if ((ret = server_file_modified_since(clt->clt_descreq, st)) != -1) { + /* send the header without a body */ + media = media_find_config(env, srv_conf, path); + if ((ret = server_response_http(clt, ret, media, -1, + MINIMUM(time(NULL), st->st_mtim.tv_sec))) == -1) + goto fail; + goto done; + } /* Now open the file, should be readable or we have another problem */ if ((fd = open(path, O_RDONLY)) == -1) diff --git a/usr.sbin/httpd/server_http.c b/usr.sbin/httpd/server_http.c index b8146c3a115..5ee51b1925f 100644 --- a/usr.sbin/httpd/server_http.c +++ b/usr.sbin/httpd/server_http.c @@ -1,4 +1,4 @@ -/* $OpenBSD: server_http.c,v 1.120 2018/06/11 12:12:51 reyk Exp $ */ +/* $OpenBSD: server_http.c,v 1.121 2018/06/15 12:36:05 reyk Exp $ */ /* * Copyright (c) 2006 - 2017 Reyk Floeter @@ -1362,7 +1362,7 @@ server_response_http(struct client *clt, unsigned int code, (error = server_httperror_byid(code)) == NULL) return (-1); - if (server_log_http(clt, code, size) == -1) + if (server_log_http(clt, code, size >= 0 ? size : 0) == -1) return (-1); /* Add error codes */ @@ -1388,9 +1388,9 @@ server_response_http(struct client *clt, unsigned int code, return (-1); /* Set content length, if specified */ - if ((cl = + if (size >= 0 && ((cl = kv_add(&resp->http_headers, "Content-Length", NULL)) == NULL || - kv_set(cl, "%lld", (long long)size) == -1) + kv_set(cl, "%lld", (long long)size) == -1)) return (-1); /* Set last modification time */ @@ -1423,7 +1423,7 @@ server_response_http(struct client *clt, unsigned int code, server_bufferevent_print(clt, "\r\n") == -1) return (-1); - if (size == 0 || resp->http_method == HTTP_METHOD_HEAD) { + if (size <= 0 || resp->http_method == HTTP_METHOD_HEAD) { bufferevent_enable(clt->clt_bev, EV_READ|EV_WRITE); if (clt->clt_persist) clt->clt_toread = TOREAD_HTTP_HEADER; -- cgit v1.2.3-59-g8ed1b