reporting error if request size is too big

This commit is contained in:
valenok 2010-09-10 23:44:23 +01:00
parent d8c12e449d
commit 3d43451b36

View File

@ -210,11 +210,13 @@ typedef int SOCKET;
#if defined(DEBUG)
#define DEBUG_TRACE(x) do { \
flockfile(stdout); \
printf("*** [%lu] thread %p: %s: ", \
(unsigned long) time(NULL), (void *) pthread_self(), __func__); \
printf x; \
putchar('\n'); \
fflush(stdout); \
funlockfile(stdout); \
} while (0)
#else
#define DEBUG_TRACE(x)
@ -432,6 +434,7 @@ struct mg_context {
};
struct mg_connection {
struct mg_connection *peer; // Remote target in proxy mode
struct mg_request_info request_info;
struct mg_context *ctx;
SSL *ssl; // SSL descriptor
@ -719,9 +722,12 @@ static int match_extension(const char *path, const char *ext_list) {
#endif // !NO_CGI
// HTTP 1.1 assumes keep alive if "Connection:" header is not set
// This function must tolerate situations when connection info is not
// set up, for example if request parsing failed.
static int should_keep_alive(const struct mg_connection *conn) {
const char *http_version = conn->request_info.http_version;
const char *header = mg_get_header(conn, "Connection");
return (header == NULL && !strcmp(conn->request_info.http_version, "1.1")) ||
return (header == NULL && http_version && !strcmp(http_version, "1.1")) ||
(header != NULL && !strcmp(header, "keep-alive"));
}
@ -1584,6 +1590,7 @@ static int get_request_len(const char *buf, int buflen) {
const char *s, *e;
int len = 0;
DEBUG_TRACE(("buf: %p, len: %d", buf, buflen));
for (s = buf, e = s + buflen - 1; len <= 0 && s < e; s++)
// Control characters are not allowed but >=128 is.
if (!isprint(* (unsigned char *) s) && *s != '\r' &&
@ -2533,11 +2540,9 @@ static void parse_http_headers(char **buf, struct mg_request_info *ri) {
}
static int is_valid_http_method(const char *method) {
return !strcmp(method, "GET") ||
!strcmp(method, "POST") ||
!strcmp(method, "HEAD") ||
!strcmp(method, "PUT") ||
!strcmp(method, "DELETE");
return !strcmp(method, "GET") || !strcmp(method, "POST") ||
!strcmp(method, "HEAD") || !strcmp(method, "CONNECT") ||
!strcmp(method, "PUT") || !strcmp(method, "DELETE");
}
// Parse HTTP request, fill in mg_request_info structure.
@ -2554,7 +2559,6 @@ static int parse_http_request(char *buf, struct mg_request_info *ri) {
ri->http_version = skip(&buf, "\r\n");
if (is_valid_http_method(ri->request_method) &&
ri->uri[0] == '/' &&
strncmp(ri->http_version, "HTTP/", 5) == 0) {
ri->http_version += 5; /* Skip "HTTP/" */
parse_http_headers(&buf, ri);
@ -2641,7 +2645,8 @@ static int is_not_modified(const struct mg_connection *conn,
return ims != NULL && stp->mtime <= parse_date_string(ims);
}
static int handle_request_body(struct mg_connection *conn, FILE *fp) {
static int forward_body_data(struct mg_connection *conn, FILE *fp,
SOCKET sock, SSL *ssl) {
const char *expect, *buffered;
char buf[BUFSIZ];
int to_read, nread, buffered_len, success = 0;
@ -2667,7 +2672,7 @@ static int handle_request_body(struct mg_connection *conn, FILE *fp) {
if ((int64_t) buffered_len > conn->content_len) {
buffered_len = (int) conn->content_len;
}
push(fp, INVALID_SOCKET, NULL, buffered, (int64_t) buffered_len);
push(fp, sock, ssl, buffered, (int64_t) buffered_len);
conn->consumed_content += buffered_len;
}
@ -2677,7 +2682,7 @@ static int handle_request_body(struct mg_connection *conn, FILE *fp) {
to_read = (int) (conn->content_len - conn->consumed_content);
}
nread = pull(NULL, conn->client.sock, conn->ssl, buf, to_read);
if (nread <= 0 || push(fp, INVALID_SOCKET, NULL, buf, nread) != nread) {
if (nread <= 0 || push(fp, sock, ssl, buf, nread) != nread) {
break;
}
conn->consumed_content += nread;
@ -2890,7 +2895,7 @@ static void handle_cgi_request(struct mg_connection *conn, const char *prog) {
// Send POST data to the CGI process if needed
if (!strcmp(conn->request_info.request_method, "POST") &&
!handle_request_body(conn, in)) {
!forward_body_data(conn, in, INVALID_SOCKET, NULL)) {
goto done;
}
@ -3010,7 +3015,7 @@ static void put_file(struct mg_connection *conn, const char *path) {
// TODO(lsm): handle seek error
(void) fseeko(fp, (off_t) r1, SEEK_SET);
}
if (handle_request_body(conn, fp))
if (forward_body_data(conn, fp, INVALID_SOCKET, NULL))
(void) mg_printf(conn, "HTTP/1.1 %d OK\r\n\r\n",
conn->request_info.status_code);
(void) fclose(fp);
@ -3242,7 +3247,7 @@ static void close_all_listening_sockets(struct mg_context *ctx) {
}
}
// Valid listening port specification is: [ip_address:]port[s[p]]
// Valid listening port specification is: [ip_address:]port[s|p]
// Examples: 80, 443s, 127.0.0.1:3128p, 1.2.3.4:8080sp
static int parse_port_string(const struct vec *vec, struct socket *so) {
struct usa *usa = &so->lsa;
@ -3260,17 +3265,14 @@ static int parse_port_string(const struct vec *vec, struct socket *so) {
} else {
return 0;
}
assert(len > 0 && len <= (int) vec->len);
so->is_ssl = vec->ptr[len] == 's';
so->is_proxy = vec->ptr[len] == 'p' ||
(vec->ptr[len] == 's' && vec->ptr[len + 1] == 'p');
if (vec->ptr[len + so->is_ssl + so->is_proxy] != '\0' &&
vec->ptr[len + so->is_ssl + so->is_proxy] != ',') {
if (strchr("sp,", vec->ptr[len]) == NULL) {
return 0;
}
so->is_ssl = vec->ptr[len] == 's';
so->is_proxy = vec->ptr[len] == 'p';
usa->len = sizeof(usa->u.sin);
usa->u.sin.sin_family = AF_INET;
usa->u.sin.sin_port = htons((uint16_t) port);
@ -3288,7 +3290,7 @@ static int set_ports_option(struct mg_context *ctx) {
while (success && (list = next_option(list, &vec, NULL)) != NULL) {
if (!parse_port_string(&vec, &so)) {
cry(fc(ctx), "%s: %.*s: invalid port spec. Expecting list of: %s",
__func__, vec.len, vec.ptr, "[IP_ADDRESS:]PORT[s[p]]");
__func__, vec.len, vec.ptr, "[IP_ADDRESS:]PORT[s|p]");
success = 0;
} else if (so.is_ssl && ctx->ssl_ctx == NULL) {
cry(fc(ctx), "Cannot add SSL socket, is -ssl_cert option set?");
@ -3586,11 +3588,16 @@ static int set_acl_option(struct mg_context *ctx) {
}
static void reset_per_request_attributes(struct mg_connection *conn) {
if (conn->request_info.remote_user != NULL) {
free((void *) conn->request_info.remote_user);
conn->request_info.remote_user = NULL;
struct mg_request_info *ri = &conn->request_info;
// Reset request info attributes. DO NOT TOUCH is_ssl, remote_ip, remote_port
if (ri->remote_user != NULL) {
free((void *) ri->remote_user);
}
conn->request_info.status_code = -1;
ri->remote_user = ri->request_method = ri->uri = ri->http_version = NULL;
ri->num_headers = 0;
ri->status_code = -1;
conn->num_bytes_sent = conn->consumed_content = 0;
conn->content_len = -1;
conn->request_len = conn->data_len = 0;
@ -3648,6 +3655,78 @@ static void discard_current_request_from_buffer(struct mg_connection *conn) {
memmove(conn->buf, conn->buf + conn->request_len + body_len, conn->data_len);
}
static int parse_url(const char *url, char *host, int *port) {
int len;
if (url == NULL) {
return 0;
};
if (!strncmp(url, "http://", 7)) {
url += 7;
}
if (sscanf(url, "%1024[^:]:%d/%n", host, port, &len) == 2) {
} else {
sscanf(url, "%1024[^/]/%n", host, &len);
*port = 80;
}
DEBUG_TRACE(("Host:%s, port:%d", host, *port));
return len > 0 && url[len - 1] == '/' ? len - 1 : len;
}
static void handle_proxy_request(struct mg_connection *conn) {
struct mg_request_info *ri = &conn->request_info;
char host[1025], buf[BUFSIZ];
int port, is_ssl, len, i, n;
DEBUG_TRACE(("URL: %s", ri->uri));
if (conn->request_info.uri[0] == '/' ||
(len = parse_url(ri->uri, host, &port)) == 0) {
return;
}
if (conn->peer == NULL) {
is_ssl = !strcmp(ri->request_method, "CONNECT");
if ((conn->peer = mg_connect(conn, host, port, is_ssl)) == NULL) {
return;
}
conn->peer->client.is_ssl = is_ssl;
}
// Forward client's request to the target
mg_printf(conn->peer, "%s %s HTTP/%s\r\n", ri->request_method, ri->uri + len,
ri->http_version);
// And also all headers. TODO(lsm): anonymize!
for (i = 0; i < ri->num_headers; i++) {
mg_printf(conn->peer, "%s: %s\r\n", ri->http_headers[i].name,
ri->http_headers[i].value);
}
// End of headers, final newline
mg_write(conn->peer, "\r\n", 2);
// Read and forward body data if any
if (!strcmp(ri->request_method, "POST")) {
forward_body_data(conn, NULL, conn->peer->client.sock, conn->peer->ssl);
}
// Read data from the target and forward it to the client
while ((n = pull(NULL, conn->peer->client.sock, conn->peer->ssl,
buf, sizeof(buf))) > 0) {
if (mg_write(conn, buf, n) != n) {
break;
}
}
if (!conn->peer->client.is_ssl) {
close_connection(conn->peer);
free(conn->peer);
conn->peer = NULL;
}
}
static void process_new_connection(struct mg_connection *conn) {
struct mg_request_info *ri = &conn->request_info;
int keep_alive_enabled;
@ -3664,13 +3743,17 @@ static void process_new_connection(struct mg_connection *conn) {
conn->buf, sizeof(conn->buf), &conn->data_len);
}
assert(conn->data_len >= conn->request_len);
if (conn->request_len <= 0) {
if (conn->request_len == 0 && conn->data_len == sizeof(conn->buf)) {
send_http_error(conn, 413, "Request Too Large", "");
return;
} if (conn->request_len <= 0) {
return; // Remote end closed the connection
}
// Nul-terminate the request cause parse_http_request() uses sscanf
conn->buf[conn->request_len - 1] = '\0';
if (!parse_http_request(conn->buf, ri)) {
if (!parse_http_request(conn->buf, ri) ||
(!conn->client.is_proxy && ri->uri[0] != '/')) {
// Do not put garbage in the access log, just send it back to the client
send_http_error(conn, 400, "Bad Request",
"Cannot parse HTTP request: [%.*s]", conn->data_len, conn->buf);
@ -3684,11 +3767,16 @@ static void process_new_connection(struct mg_connection *conn) {
cl = get_header(ri, "Content-Length");
conn->content_len = cl == NULL ? -1 : strtoll(cl, NULL, 10);
conn->birth_time = time(NULL);
handle_request(conn);
if (conn->client.is_proxy) {
handle_proxy_request(conn);
} else {
handle_request(conn);
}
log_access(conn);
discard_current_request_from_buffer(conn);
}
} while (keep_alive_enabled && should_keep_alive(conn));
// conn->peer is not NULL only for SSL-ed proxy connections
} while (conn->peer || (keep_alive_enabled && should_keep_alive(conn)));
}
// Worker threads take accepted socket from the queue
@ -3796,6 +3884,7 @@ static void accept_new_connection(const struct socket *listener,
// Put accepted socket structure into the queue
DEBUG_TRACE(("accepted socket %d", accepted.sock));
accepted.is_ssl = listener->is_ssl;
accepted.is_proxy = listener->is_proxy;
produce_socket(ctx, &accepted);
} else {
cry(fc(ctx), "%s: %s is not allowed to connect",