Clean up redirection, support non-standard port

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

http.c

@@ -497,8 +497,14 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
 	if (request_body_type)
 		sprintf(buf + strlen(buf), "%s", request_body);
 
-	vpninfo->progress(vpninfo, PRG_INFO, "%s %s/%s\n", method,
-			  vpninfo->hostname, vpninfo->urlpath ?: "");
+	if (vpninfo->port == 443)
+		vpninfo->progress(vpninfo, PRG_INFO, "%s https://%s/%s\n",
+				  method, vpninfo->hostname,
+				  vpninfo->urlpath ?: "");
+	else
+		vpninfo->progress(vpninfo, PRG_INFO, "%s https://%s:%d/%s\n",
+				  method, vpninfo->hostname, vpninfo->port,
+				  vpninfo->urlpath ?: "");
 
 	SSL_write(vpninfo->https_ssl, buf, strlen(buf));
 
@@ -514,6 +520,8 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
 			/* New host. Tear down the existing connection and make a new one */
 			char *host = vpninfo->redirect_url + 8;
 			char *path = strchr(host, '/');
+			int port = 443;
+			char *port_str;
 
 			free(vpninfo->urlpath);
 			if (path) {
@@ -522,9 +530,26 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
 			} else
 				vpninfo->urlpath = NULL;
 
-			if (strcmp(vpninfo->hostname, host)) {
+			port_str = strrchr(host, ':');
+			if (port_str) {
+				char *end;
+
+				port = strtol(port_str + 1, &end, 10);
+				if (!*end)
+					*port_str = 0;
+				else
+					port = 443;
+			}
+			/* Check for IPv6 literal (RFC2732) */
+			if (host[0] == '[' && host[strlen(host)-1] == ']') {
+				host[strlen(host)-1] = 0;
+				host++;
+			}
+			if (strcmp(vpninfo->hostname, host) ||
+			    port != vpninfo->port) {
 				free(vpninfo->hostname);
 				vpninfo->hostname = strdup(host);
+				vpninfo->port = port;
 
 				/* Kill the existing connection, and a new one will happen */
 				free(vpninfo->peer_addr);

openconnect.h

@@ -145,6 +145,7 @@ struct openconnect_info {
 
 	const char *localname;
 	char *hostname;
+	int port;
 	char *urlpath;
 	const char *cert;
 	const char *sslkey;

openconnect.html

@@ -173,7 +173,8 @@ <H2>Release Notes / Changelog</H2>
 <UL>
   <LI><B>OpenConnect HEAD</B><BR>
      <UL>
-       <LI><I>No changelog entries yet</I></LI>
+       <LI>Handle HTTP redirection with port numbers.</LI>
+       <LI>Handle HTTP redirection with IPv6 literal addresses.</LI>
      </UL><BR>
   </LI>
   <LI><B><A HREF="ftp://ftp.infradead.org/pub/openconnect/openconnect-2.12.tar.gz">OpenConnect v2.12</a></B> &mdash; 2009-12-07<BR>
@@ -385,6 +386,6 @@ <H3>FreeBSD</H3>
 <hr>
 <address>David Woodhouse &lt;<A HREF="mailto:dwmw2@infradead.org">dwmw2@infradead.org</A>&gt;</address>
 <!-- hhmts start -->
-Last modified: Mon Dec  7 16:40:34 GMT 2009
+Last modified: Wed Dec 23 22:32:16 GMT 2009
 <!-- hhmts end -->
 </body> </html>

ssl.c

@@ -477,6 +477,9 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
 	int ssl_sock = -1;
 	int err;
 
+	if (!vpninfo->port)
+		vpninfo->port = 443;
+
 	if (vpninfo->peer_addr) {
 		ssl_sock = socket(vpninfo->peer_addr->sa_family, SOCK_STREAM, IPPROTO_IP);
 		if (ssl_sock < 0) {
@@ -491,6 +494,7 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
 
 	} else {
 		struct addrinfo hints, *result, *rp;
+		char port[6];
 
 		memset(&hints, 0, sizeof(struct addrinfo));
 		hints.ai_family = AF_UNSPEC;
@@ -501,7 +505,11 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
 		hints.ai_addr = NULL;
 		hints.ai_next = NULL;
 
-		err = getaddrinfo(vpninfo->hostname, "443", &hints, &result);
+		/* We do this because it's easier than passing NULL as the 
+		   port and then having to fill it in differently for IPv4
+		   and IPv6 destinations later. */
+		snprintf(port, 5, "%d", vpninfo->port);
+		err = getaddrinfo(vpninfo->hostname, port, &hints, &result);
 		if (err) {
 			vpninfo->progress(vpninfo, PRG_ERR, "getaddrinfo failed: %s\n", gai_strerror(err));
 			return -EINVAL;