notroj · notroj · Jun 11, 2024 · Jun 9, 2024 · Jun 9, 2024 · Jun 10, 2024
diff --git a/src/ne_request.h b/src/ne_request.h
@@ -167,9 +167,9 @@ void ne_print_request_header(ne_request *req, const char *name,
     ne_attribute((format(printf, 3, 4)));
 
 /* If the response includes a Location header, this function parses
- * and resolves the URI-references relative to the request target URI.
- * If a fragment ("#fragment") is used for the request target, it can
- * be passed as an argument to allow relative resolution. Returns a
+ * and resolves the URI-reference relative to the request target.  If
+ * a fragment ("#fragment") is used for the request target, it can be
+ * passed as an argument to allow relative resolution. Returns a
  * malloc-allocated ne_uri object, or NULL if the URI in the Location
  * header could not be parsed, or the Location header was not
  * present. */

diff --git a/src/ne_session.c b/src/ne_session.c
@@ -137,11 +137,15 @@ int ne_version_pre_http11(ne_session *s)
 /* Stores the "hostname[:port]" segment */
 static void set_hostport(struct host_info *host, unsigned int defaultport)
 {
-    size_t len = strlen(host->hostname);
-    host->hostport = ne_malloc(len + 10);
-    strcpy(host->hostport, host->hostname);
-    if (host->port != defaultport)
-	ne_snprintf(host->hostport + len, 9, ":%u", host->port);
+    if (host->port == defaultport) {
+        host->hostport = ne_strdup(host->hostname);
+    }
+    else {
+        char buf[512];
+
+        ne_snprintf(buf, sizeof buf, "%s:%u", host->hostname, host->port);
+        host->hostport = ne_strdup(buf);
+    }
 }
 
 /* Stores the hostname/port in *info, setting up the "hostport"
@@ -442,13 +446,7 @@ void ne_set_connect_timeout(ne_session *sess, int timeout)
 void ne_set_useragent(ne_session *sess, const char *token)
 {
     if (sess->user_agent) ne_free(sess->user_agent);
-    sess->user_agent = ne_malloc(strlen(UAHDR) + strlen(AGENT) + 
-                                 strlen(token) + 1);
-#ifdef HAVE_STPCPY
-    strcpy(stpcpy(stpcpy(sess->user_agent, UAHDR), token), AGENT);
-#else
-    strcat(strcat(strcpy(sess->user_agent, UAHDR), token), AGENT);
-#endif
+    sess->user_agent = ne_concat(UAHDR, token, AGENT, NULL);
 }
 
 const char *ne_get_server_hostport(ne_session *sess)

diff --git a/test/ssl.c b/test/ssl.c
@@ -194,15 +194,6 @@ static int ssl_server(ne_socket *sock, void *userdata)
     return 0;
 }
 
-/* serve_ssl wrapper which ignores server failure and always succeeds */
-static int fail_serve(ne_socket *sock, void *ud)
-{
-    struct ssl_server_args args = {0};
-    args.cert = ud;
-    ssl_server(sock, &args);
-    return OK;
-}
-
 #define DEFSESS  (ne_session_create("https", "localhost", 7777))
 
 static int make_ssl_session_port(ne_session **sess,
@@ -741,6 +732,7 @@ static int get_failures(void *userdata, int fs, const ne_ssl_certificate *c)
 {
     int *out = userdata;
     *out = fs;
+    NE_DEBUG(NE_DBG_SSL, "test: fail_ssl_request verify callback - %d\n", fs);
     return -1;
 }
 
@@ -781,6 +773,9 @@ static int fail_ssl_request_with_error2(char *cert, char *key, char *cacert,
 
     ret = any_request(sess, "/expect-to-fail");
 
+    NE_DEBUG(NE_DBG_SSL, "test: fail_ssl_request - request code %d, error: %s\n",
+             ret, ne_get_error(sess));
+
     ONV(gotf == 0,
 	("no error in verification callback; request rv %d error string: %s",
 	 ret, ne_get_error(sess)));
@@ -910,18 +905,22 @@ static int fail_self_signed(void)
  * commonName (and no alt names either). */
 static int fail_missing_CN(void)
 {
-    ne_session *sess = DEFSESS;
+    struct ssl_server_args args = {0};
+    ne_session *sess;
+    int ret;
 
-    ONN("accepted server cert with missing commonName",
-        any_ssl_request(sess, fail_serve, "missingcn.cert", SERVER_CERT,
-                        NULL, NULL) == NE_OK);
-
-    ONV(strstr(ne_get_error(sess), "missing commonName") == NULL,
-        ("unexpected session error `%s'", ne_get_error(sess)));
+    args.cert = "missingcn.cert";
 
-    ne_session_destroy(sess);
-    return OK;
-}                            
+    CALL(make_ssl_session(&sess, "localhost", ssl_server, &args));
+
+    ret = any_request(sess, "/fail-missing-cn");
+    ONN("request did not fail", ret != NE_ERROR);
+
+    ONV(strstr(ne_get_error(sess), "missing commonName attribute") == NULL,
+        ("error string unexpected: %s", ne_get_error(sess)));
+
+    return destroy_and_wait(sess);
+}
 
 /* test for a bad ipAddress altname */
 static int fail_bad_ipaltname(void)