Tcl Library Source Code

Ticket Change Details
Login
Overview

Artifact ID: 5548bad0c3ffda29264869cc20b326b4822ce404
Ticket: 5d23e45b0ec5a81e67aa1f492339a31e4c8b4ada
Websocket keys should not be wrapped
User & Date: anonymous 2014-09-22 15:38:26
Changes

  1. assignee changed to: "nobody"
  2. closer changed to: "nobody"
  3. cmimetype changed to: "text/plain"
  4. comment changed to:
    ::base64::encode defaults to line folding. Make sure WebSocket keys are not folded.
    
    -------- >8 --------
    
    commit 4ed0887b50c262df6b1477d92b950d0be16943d6
    Author: Adrián Medraño Calvo <[email protected]>
    Date:   Mon Sep 22 17:35:00 2014 +0200
    
        [ws]: Make sure not to wrap the WebSocket key
    
    diff --git a/src/websocket.tcl b/src/websocket.tcl
    index 6d60537..a9e0624 100644
    --- a/src/websocket.tcl
    +++ b/src/websocket.tcl
    @@ -1434,7 +1434,7 @@ proc ::websocket::open { url handler args } {
         for { set i 0 } { $i < 4 } { incr i } {
             append OPEN(nonce) [binary format Iu [expr {int(rand()*4294967296)}]]
         }
    -    set OPEN(nonce) [::base64::encode $OPEN(nonce)]
    +    set OPEN(nonce) [::base64::encode -maxlen 0 $OPEN(nonce)]
         set HDR(Sec-WebSocket-Key) $OPEN(nonce)
         set HDR(Sec-WebSocket-Protocol) [join $protos ", "]
         set HDR(Sec-WebSocket-Version) $WS(ws_version)
    @@ -1652,7 +1652,7 @@ proc ::websocket::configure { sock args } {
     proc ::websocket::sec-websocket-accept { key } {
         variable WS
         set sec ${key}$WS(ws_magic)
    -    return [::base64::encode [sha1::sha1 -bin $sec]]
    +    return [::base64::encode -maxlen 0 [sha1::sha1 -bin $sec]]
     }
     
     # ::websocket::SplitCommaSeparated -- Extract elements from comma-separated headers
    
  5. is_private changed to: "0"
  6. login: "anonymous"
  7. priority changed to: "5 Medium"
  8. private_contact changed to: "139b1eaf5ce8aad0f86e2ad385566019220aa1cf"
  9. resolution changed to: "None"
  10. severity changed to: "Minor"
  11. status changed to: "Open"
  12. submitter changed to: "anonymous"
  13. subsystem changed to: "websocket"
  14. title changed to: "Websocket keys should not be wrapped"
  15. type changed to: "Bug"