Add regress for cross-origin HTTP redirection

2 files changed, 22 insertions, 1 deletions

diff --git a/regress/usr.sbin/rpki-client/libressl/Makefile b/regress/usr.sbin/rpki-client/libressl/Makefile
index bf166cc66ab..5bb2b337fc7 100644
--- a/regress/usr.sbin/rpki-client/libressl/Makefile
+++ b/regress/usr.sbin/rpki-client/libressl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.10 2023/06/13 11:41:36 claudio Exp $
+# $OpenBSD: Makefile,v 1.11 2024/03/12 16:03:56 job Exp $
 
 PROGS +=	test-http
 
@@ -17,6 +17,7 @@ run-regress-test-http: test-http
 	./test-http https://${SERVER}/HTTP/TE/foo.txt foo.txt
 	./test-http https://${SERVER}/HTTP/ChunkedScript chunk.out
 	./test-http https://${SERVER}/HTTP/300/307.html redir.out
+	-./test-http https://tinyurl.com/bd27n56t /dev/zero
 	sha256 -c ${.CURDIR}/test-http.sum
 .else
 	# server ${SERVER} not reachable
diff --git a/regress/usr.sbin/rpki-client/test-http.c b/regress/usr.sbin/rpki-client/test-http.c
index e55037efb7e..830bb9ca6f5 100644
--- a/regress/usr.sbin/rpki-client/test-http.c
+++ b/regress/usr.sbin/rpki-client/test-http.c
@@ -35,6 +35,26 @@ getmonotime(void)
 	return (ts.tv_sec);
 }
 
+int
+valid_origin(const char *uri, const char *proto)
+{
+	const char *to;
+
+	/* extract end of host from proto URI */
+	to = strstr(proto, "://");
+	if (to == NULL)
+		return 0;
+	to += strlen("://");
+	if ((to = strchr(to, '/')) == NULL)
+		return 0;
+
+	/* compare hosts including the / for the start of the path section */
+	if (strncasecmp(uri, proto, to - proto + 1) != 0)
+		return 0;
+
+	return 1;
+}
+
 static void
 http_request(unsigned int id, const char *uri, const char *last_mod, int fd)
 {