BUG/MINOR: h2: reject extended connect for h2c protocol

This commit prevents forwarding of an HTTP/2 Extended CONNECT when "h2c" or "h2" token is set as targetted protocol. Contrary to the previous commit which deals with HTTP/1 mux, this time the request is rejected and a RESET_STREAM is reported to the client. This must be backported up to 2.4 after a period of observation.
2025-08-06 15:17:01 +02:00 · 2024-08-01 15:52:56 +02:00 · 2024-08-01 15:52:56 +02:00 · 7a5a30d28a
commit 7a5a30d28a
parent 7b89aa5b19
2 changed files with 30 additions and 0 deletions
--- a/reg-tests/http-messaging/protocol_upgrade.vtc
+++ b/reg-tests/http-messaging/protocol_upgrade.vtc
@ -252,4 +252,28 @@ client c7_h2c -connect ${hap_frt_h1_h2c_sock} {

 	rxresp
 	expect resp.status == 200
+}
+
+# extended connect with invalid "h2c" protocol
+client c8_h2c -connect ${hap_frt_h2_h1_sock} {
+	txpri
+	stream 0 {
+		txsettings
+		rxsettings
+		txsettings -ack
+		rxsettings
+		expect settings.ack == true
+	} -run
+
+	stream 1 {
+		txreq \
+		  -req "CONNECT" \
+		  -scheme "http" \
+		  -url "/" \
+		  -hdr ":authority" "127.0.0.1" \
+		  -hdr ":protocol" "h2c"
+
+		rxrst
+		expect rst.err == 1
+	} -run
 } -run
--- a/src/h2.c
+++ b/src/h2.c
@ -460,6 +460,12 @@ int h2_make_htx_request(struct http_hdr *list, struct htx *htx, unsigned int *ms
 	}

 	if (*msgf & H2_MSGF_EXT_CONNECT) {
+		/* Consider "h2c" / "h2" as invalid protocol value for Extended CONNECT. */
+		if (isteqi(phdr_val[H2_PHDR_IDX_PROT], ist("h2c")) ||
+		    isteqi(phdr_val[H2_PHDR_IDX_PROT], ist("h2"))) {
+			goto fail;
+		}
+
 		if (!htx_add_header(htx, ist("upgrade"), phdr_val[H2_PHDR_IDX_PROT]))
 			goto fail;
 		if (!htx_add_header(htx, ist("connection"), ist("upgrade")))