Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
N
nghttp2
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Libraries
nghttp2
Commits
a440bdf1
Commit
a440bdf1
authored
Jan 19, 2015
by
Tatsuhiro Tsujikawa
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
nghttpx: Response 502 if HTTP/2 backend receives invalid Content-Length
parent
8004ea97
Changes
7
Show whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
73 additions
and
24 deletions
+73
-24
src/shrpx_downstream.cc
src/shrpx_downstream.cc
+4
-0
src/shrpx_downstream.h
src/shrpx_downstream.h
+5
-1
src/shrpx_http2_downstream_connection.cc
src/shrpx_http2_downstream_connection.cc
+1
-0
src/shrpx_http2_session.cc
src/shrpx_http2_session.cc
+40
-23
src/shrpx_http2_upstream.cc
src/shrpx_http2_upstream.cc
+7
-0
src/shrpx_https_upstream.cc
src/shrpx_https_upstream.cc
+9
-0
src/shrpx_spdy_upstream.cc
src/shrpx_spdy_upstream.cc
+7
-0
No files found.
src/shrpx_downstream.cc
View file @
a440bdf1
...
...
@@ -664,6 +664,10 @@ int64_t Downstream::get_response_sent_bodylen() const {
return
response_sent_bodylen_
;
}
int64_t
Downstream
::
get_response_content_length
()
const
{
return
response_content_length_
;
}
void
Downstream
::
set_response_content_length
(
int64_t
len
)
{
response_content_length_
=
len
;
}
...
...
src/shrpx_downstream.h
View file @
a440bdf1
...
...
@@ -172,7 +172,10 @@ public:
STREAM_CLOSED
,
CONNECT_FAIL
,
IDLE
,
MSG_RESET
MSG_RESET
,
// header contains invalid header field. We can safely send error
// response (502) to a client.
MSG_BAD_HEADER
,
};
void
set_request_state
(
int
state
);
int
get_request_state
()
const
;
...
...
@@ -223,6 +226,7 @@ public:
int64_t
get_response_bodylen
()
const
;
void
add_response_sent_bodylen
(
size_t
amount
);
int64_t
get_response_sent_bodylen
()
const
;
int64_t
get_response_content_length
()
const
;
void
set_response_content_length
(
int64_t
len
);
// Validates that received response body length and content-length
// matches.
...
...
src/shrpx_http2_downstream_connection.cc
View file @
a440bdf1
...
...
@@ -139,6 +139,7 @@ int Http2DownstreamConnection::submit_rst_stream(Downstream *downstream,
downstream
->
get_downstream_stream_id
()
!=
-
1
)
{
switch
(
downstream
->
get_response_state
())
{
case
Downstream
:
:
MSG_RESET
:
case
Downstream
:
:
MSG_BAD_HEADER
:
case
Downstream
:
:
MSG_COMPLETE
:
break
;
default:
...
...
src/shrpx_http2_session.cc
View file @
a440bdf1
...
...
@@ -654,10 +654,15 @@ int on_stream_close_callback(nghttp2_session *session, int32_t stream_id,
downstream
->
get_upstream
()
->
on_downstream_body_complete
(
downstream
);
downstream
->
set_response_state
(
Downstream
::
MSG_COMPLETE
);
}
else
if
(
error_code
==
NGHTTP2_NO_ERROR
)
{
if
(
downstream
->
get_response_state
()
!=
Downstream
::
MSG_COMPLETE
)
{
switch
(
downstream
->
get_response_state
())
{
case
Downstream
:
:
MSG_COMPLETE
:
case
Downstream
:
:
MSG_BAD_HEADER
:
break
;
default:
downstream
->
set_response_state
(
Downstream
::
MSG_RESET
);
}
}
else
{
}
else
if
(
downstream
->
get_response_state
()
!=
Downstream
::
MSG_BAD_HEADER
)
{
downstream
->
set_response_state
(
Downstream
::
MSG_RESET
);
}
call_downstream_readcb
(
http2session
,
downstream
);
...
...
@@ -727,6 +732,24 @@ int on_header_callback(nghttp2_session *session, const nghttp2_frame *frame,
return
NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE
;
}
if
(
token
==
http2
::
HD_CONTENT_LENGTH
)
{
auto
len
=
util
::
parse_uint
(
value
,
valuelen
);
if
(
len
==
-
1
)
{
http2session
->
submit_rst_stream
(
frame
->
hd
.
stream_id
,
NGHTTP2_PROTOCOL_ERROR
);
downstream
->
set_response_state
(
Downstream
::
MSG_BAD_HEADER
);
return
NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE
;
}
auto
cl
=
downstream
->
get_response_content_length
();
if
(
cl
!=
-
1
&&
cl
!=
len
)
{
http2session
->
submit_rst_stream
(
frame
->
hd
.
stream_id
,
NGHTTP2_PROTOCOL_ERROR
);
downstream
->
set_response_state
(
Downstream
::
MSG_BAD_HEADER
);
return
NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE
;
}
downstream
->
set_response_content_length
(
len
);
}
downstream
->
add_response_header
(
name
,
namelen
,
value
,
valuelen
,
flags
&
NGHTTP2_NV_FLAG_NO_INDEX
,
token
);
return
0
;
...
...
@@ -817,18 +840,13 @@ int on_response_headers(Http2Session *http2session, Downstream *downstream,
return
0
;
}
auto
content_length_hd
=
downstream
->
get_response_header
(
http2
::
HD_CONTENT_LENGTH
);
if
(
content_length_hd
)
{
auto
content_length
=
util
::
parse_uint
(
content_length_hd
->
value
);
if
(
content_length
!=
-
1
)
{
downstream
->
set_response_content_length
(
content_length
);
}
else
if
(
downstream
->
expect_response_body
())
{
if
(
downstream
->
get_response_content_length
()
==
-
1
&&
downstream
->
expect_response_body
())
{
// Here we have response body but Content-Length is not known in
// advance.
if
(
downstream
->
get_request_major
()
<=
0
||
downstream
->
get_request_minor
()
<=
0
)
{
(
downstream
->
get_request_major
()
<=
1
&&
downstream
->
get_request_minor
()
<=
0
))
{
// We simply close connection for pre-HTTP/1.1 in this case.
downstream
->
set_response_connection_close
(
true
);
}
else
if
(
downstream
->
get_request_method
()
!=
"CONNECT"
)
{
...
...
@@ -839,7 +857,6 @@ int on_response_headers(Http2Session *http2session, Downstream *downstream,
downstream
->
set_chunked_response
(
true
);
}
}
}
downstream
->
set_response_state
(
Downstream
::
HEADER_COMPLETE
);
downstream
->
check_upgrade_fulfilled
();
...
...
src/shrpx_http2_upstream.cc
View file @
a440bdf1
...
...
@@ -823,6 +823,13 @@ int Http2Upstream::downstream_read(DownstreamConnection *dconn) {
downstream
->
pop_downstream_connection
();
// dconn was deleted
dconn
=
nullptr
;
}
else
if
(
downstream
->
get_response_state
()
==
Downstream
::
MSG_BAD_HEADER
)
{
if
(
error_reply
(
downstream
,
502
)
!=
0
)
{
return
-
1
;
}
downstream
->
pop_downstream_connection
();
// dconn was deleted
dconn
=
nullptr
;
}
else
{
auto
rv
=
downstream
->
on_read
();
if
(
rv
==
DownstreamConnection
::
ERR_EOF
)
{
...
...
src/shrpx_https_upstream.cc
View file @
a440bdf1
...
...
@@ -460,6 +460,14 @@ int HttpsUpstream::downstream_read(DownstreamConnection *dconn) {
return
-
1
;
}
if
(
downstream
->
get_response_state
()
==
Downstream
::
MSG_BAD_HEADER
)
{
if
(
error_reply
(
502
)
!=
0
)
{
return
-
1
;
}
downstream
->
pop_downstream_connection
();
goto
end
;
}
if
(
rv
==
DownstreamConnection
::
ERR_EOF
)
{
return
downstream_eof
(
dconn
);
}
...
...
@@ -472,6 +480,7 @@ int HttpsUpstream::downstream_read(DownstreamConnection *dconn) {
return
-
1
;
}
end:
handler_
->
signal_write
();
return
0
;
...
...
src/shrpx_spdy_upstream.cc
View file @
a440bdf1
...
...
@@ -531,6 +531,13 @@ int SpdyUpstream::downstream_read(DownstreamConnection *dconn) {
downstream
->
get_response_rst_stream_error_code
()));
downstream
->
pop_downstream_connection
();
dconn
=
nullptr
;
}
else
if
(
downstream
->
get_response_state
()
==
Downstream
::
MSG_BAD_HEADER
)
{
if
(
error_reply
(
downstream
,
502
)
!=
0
)
{
return
-
1
;
}
downstream
->
pop_downstream_connection
();
// dconn was deleted
dconn
=
nullptr
;
}
else
{
auto
rv
=
downstream
->
on_read
();
if
(
rv
==
DownstreamConnection
::
ERR_EOF
)
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment