From 7c84ee71f77616f569081060d81455c137fc13f5 Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Mon, 3 Jun 2024 17:46:16 +0200 Subject: [PATCH] BUG/MEDIUM: h1-htx: Don't state interim responses are bodyless Interim responses are by definition bodyless. But we must not set the corresponding HTX start-line flag, beecause the start-line of the final response is still expected. Setting the flag above too early may lead the multiplexer on the sending side to consider the message is finished after the headers of the interim message. It happens with the H2 multiplexer on frontend side if a "100-Continue" is received from the server. The interim response is sent and HTX_SL_F_BODYLESS_RESP flag is evaluated. Then, the headers of the final response are sent with ES flag, because HTX_SL_F_BODYLESS_RESP flag was seen too early, leading to a protocol error if the response has a body. Thanks to grembo for this analysis. This patch should fix the issue #2587. It must be backported as far as 2.9. --- src/h1_htx.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/h1_htx.c b/src/h1_htx.c index f4f13fc12..562c0f2b6 100644 --- a/src/h1_htx.c +++ b/src/h1_htx.c @@ -295,7 +295,8 @@ static int h1_postparse_res_hdrs(struct h1m *h1m, union h1_sl *h1sl, struct htx /* Responses known to have no body. */ h1m->flags |= H1_MF_XFER_LEN; h1m->curr_len = h1m->body_len = 0; - flags |= HTX_SL_F_BODYLESS_RESP; + if (code >= 200) + flags |= HTX_SL_F_BODYLESS_RESP; } else if (h1m->flags & (H1_MF_CLEN|H1_MF_CHNK)) { /* Responses with a known body length. */