From 386365d4bb1c20a29982b8a6e008daacea95d718 Mon Sep 17 00:00:00 2001
From: Andy Green <andy@warmcat.com>
Date: Tue, 29 Nov 2016 20:42:29 +0800
Subject: [PATCH] ws-server: restrict returned Sec-Websocket-Protocol to the
 chosen name only

https://libwebsockets.org/pipermail/libwebsockets/2016-November/002948.html
---
 lib/server-handshake.c | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/lib/server-handshake.c b/lib/server-handshake.c
index fd126a75..7328e5e2 100644
--- a/lib/server-handshake.c
+++ b/lib/server-handshake.c
@@ -214,12 +214,9 @@ handshake_0405(struct lws_context *context, struct lws *wsi)
 	strcpy(p, (char *)pt->serv_buf);
 	p += accept_len;
 
-	if (lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL)) {
+	if (wsi->protocol->name && wsi->protocol->name[0]) {
 		LWS_CPYAPP(p, "\x0d\x0aSec-WebSocket-Protocol: ");
-		n = lws_hdr_copy(wsi, p, 128, WSI_TOKEN_PROTOCOL);
-		if (n < 0)
-			goto bail;
-		p += n;
+		p += lws_snprintf(p, 128, "%s", wsi->protocol->name);
 	}
 
 #ifndef LWS_NO_EXTENSIONS