X-Git-Url: http://git.archive.openwrt.org/?p=project%2Fuhttpd.git;a=blobdiff_plain;f=client.c;h=73e0e49c3bf55bbeb40c6018db482d4c91d81950;hp=0d7029bbccfbe0233455fa97123679d38a09ca69;hb=618315bc0729c3064e06af2900a86211354f81c9;hpb=248d682e3b3887a535d4ba81fab65f3463373ac8

diff --git a/client.c b/client.c
index 0d7029b..73e0e49 100644
--- a/client.c
+++ b/client.c
@@ -228,6 +228,52 @@ static bool rfc1918_filter_check(struct client *cl)
 	return false;
 }
 
+static bool tls_redirect_check(struct client *cl)
+{
+	int rem, port;
+	struct blob_attr *cur;
+	char *ptr, *url = NULL, *host = NULL;
+
+	if (cl->tls || !conf.tls_redirect)
+		return true;
+
+	if ((port = uh_first_tls_port(cl->srv_addr.family)) == -1)
+		return true;
+
+	blob_for_each_attr(cur, cl->hdr.head, rem) {
+		if (!strcmp(blobmsg_name(cur), "host"))
+			host = blobmsg_get_string(cur);
+
+		if (!strcmp(blobmsg_name(cur), "URL"))
+			url = blobmsg_get_string(cur);
+
+		if (url && host)
+			break;
+	}
+
+	if (!url || !host)
+		return true;
+
+	if ((ptr = strchr(host, ']')) != NULL)
+		*(ptr+1) = 0;
+	else if ((ptr = strchr(host, ':')) != NULL)
+		*ptr = 0;
+
+	cl->request.disable_chunked = true;
+	cl->request.connection_close = true;
+
+	uh_http_header(cl, 307, "Temporary Redirect");
+
+	if (port != 443)
+		ustream_printf(cl->us, "Location: https://%s:%d%s\r\n\r\n", host, port, url);
+	else
+		ustream_printf(cl->us, "Location: https://%s%s\r\n\r\n", host, url);
+
+	uh_request_done(cl);
+
+	return false;
+}
+
 static void client_header_complete(struct client *cl)
 {
 	struct http_request *r = &cl->request;
@@ -235,6 +281,9 @@ static void client_header_complete(struct client *cl)
 	if (!rfc1918_filter_check(cl))
 		return;
 
+	if (!tls_redirect_check(cl))
+		return;
+
 	if (r->expect_cont)
 		ustream_printf(cl->us, "HTTP/1.1 100 Continue\r\n\r\n");