fix: Ensure HTTP Host Header format compliance

sfiction · sfiction · commit b001eba5e6d1 · 2025-02-02T15:25:14.000+08:00
- Non-default ports are explicitly included in the Host header
- Default ports (443 for HTTPS) are omitted
- IPv6 addresses are properly enclosed in square brackets (`[ ]`) per
  RFC 3986
diff --git a/src/dns_client.c b/src/dns_client.c
@@ -1135,7 +1135,7 @@ static int _dns_client_server_add(char *server_ip, char *server_host, int port,
 			if (server_host) {
 				safe_strncpy(flag_https->httphost, server_host, DNS_MAX_CNAME_LEN);
 			} else {
-				safe_strncpy(flag_https->httphost, server_ip, DNS_MAX_CNAME_LEN);
+				set_http_host(server_ip, port, DEFAULT_DNS_HTTPS_PORT, flag_https->httphost);
 			}
 		}
 		sock_type = SOCK_STREAM;
diff --git a/src/dns_conf.c b/src/dns_conf.c
@@ -1163,7 +1163,7 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de
 		}
 
 		if (server->httphost[0] == '\0') {
-			safe_strncpy(server->httphost, server->server, DNS_MAX_CNAME_LEN);
+			set_http_host(server->server, server->port, DEFAULT_DNS_HTTPS_PORT, server->httphost);
 		}
 	}
 
diff --git a/src/util.c b/src/util.c
@@ -2225,6 +2225,23 @@ int parser_mac_address(const char *in_mac, uint8_t mac[6])
 	return -1;
 }
 
+int set_http_host(const char *uri_host, int port, int default_port, char *host)
+{
+	int is_ipv6;
+
+	if (uri_host == NULL || port <= 0 || host == NULL) {
+		return -1;
+	}
+
+	is_ipv6 = check_is_ipv6(uri_host);
+	if (port == default_port) {
+		snprintf(host, DNS_MAX_CNAME_LEN, "%s%s%s", is_ipv6 == 0 ? "[" : "", uri_host, is_ipv6 == 0 ? "]" : "");
+	} else  {
+		snprintf(host, DNS_MAX_CNAME_LEN, "%s%s%s:%d", is_ipv6 == 0 ? "[" : "", uri_host, is_ipv6 == 0 ? "]" : "", port);
+	}
+	return 0;
+}
+
 #if defined(DEBUG) || defined(TEST)
 struct _dns_read_packet_info {
 	int data_len;
diff --git a/src/util.h b/src/util.h
@@ -184,6 +184,8 @@ void daemon_close_stdfds(void);
 
 int write_file(const char *filename, void *data, int data_len);
 
+int set_http_host(const char *uri_host, int port, int default_port, char *host);
+
 int dns_packet_save(const char *dir, const char *type, const char *from, const void *packet, int packet_len);
 
 int dns_packet_debug(const char *packet_file);

Original file line number	Diff line number	Diff line change
`@@ -1135,7 +1135,7 @@ static int _dns_client_server_add(char server_ip, char server_host, int port,`
`1135`	`1135`	`if (server_host) {`
`1136`	`1136`	`safe_strncpy(flag_https->httphost, server_host, DNS_MAX_CNAME_LEN);`
`1137`	`1137`	`} else {`
`1138`		`- safe_strncpy(flag_https->httphost, server_ip, DNS_MAX_CNAME_LEN);`
	`1138`	`+ set_http_host(server_ip, port, DEFAULT_DNS_HTTPS_PORT, flag_https->httphost);`
`1139`	`1139`	`}`
`1140`	`1140`	`}`
`1141`	`1141`	`sock_type = SOCK_STREAM;`
Original file line number	Diff line number	Diff line change
`@@ -1163,7 +1163,7 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de`
`1163`	`1163`	`}`
`1164`	`1164`
`1165`	`1165`	`if (server->httphost[0] == '\0') {`
`1166`		`- safe_strncpy(server->httphost, server->server, DNS_MAX_CNAME_LEN);`
	`1166`	`+ set_http_host(server->server, server->port, DEFAULT_DNS_HTTPS_PORT, server->httphost);`
`1167`	`1167`	`}`
`1168`	`1168`	`}`
`1169`	`1169`