From 75348c2e8b7779d1b00d849ecb5b8324033210f7 Mon Sep 17 00:00:00 2001
From: Christopher Faulet <cfaulet@haproxy.com>
Date: Tue, 22 Nov 2022 10:27:54 +0100
Subject: [PATCH] MINOR: h1: Consider empty port as invalid in authority for
 CONNECT

For now, this change is useless because http_get_host_port() returns
IST_NULL when the port is empty. But this will change. For other methods,
empty ports are valid. But not for CONNECT method. To still return a
400-Bad-Request if a CONNECT is performed with an empty port, istlen() is
used to test the port, instead of isttest().
---
 src/h1.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/h1.c b/src/h1.c
index cce484ca4..d4c290b9c 100644
--- a/src/h1.c
+++ b/src/h1.c
@@ -169,7 +169,7 @@ static int h1_validate_connect_authority(struct ist authority, struct ist *host_
 		goto invalid_authority;
 	uri_host = authority;
 	uri_port = http_get_host_port(authority);
-	if (!isttest(uri_port))
+	if (!istlen(uri_port))
 		goto invalid_authority;
 	uri_host.len -= (istlen(uri_port) + 1);
 
@@ -179,8 +179,10 @@ static int h1_validate_connect_authority(struct ist authority, struct ist *host_
 	/* Get the port of the host header value, if any */
 	host = *host_hdr;
 	host_port = http_get_host_port(*host_hdr);
-	if (isttest(host_port)) {
+	if (isttest(host_port))
 		host.len -= (istlen(host_port) + 1);
+
+	if (istlen(host_port)) {
 		if (!isteqi(host, uri_host) || !isteq(host_port, uri_port))
 			goto invalid_host;
 		if (http_is_default_port(IST_NULL, uri_port))