From d93a00861d714313faa0395ff9e2acb14b0a2fca Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Tue, 8 Aug 2023 15:38:28 +0200 Subject: [PATCH] MINOR: h2: pass accept-invalid-http-request down the request parser We're adding a new argument "relaxed" to h2_make_htx_request() so that we can control its level of acceptance of certain invalid requests at the proxy level with "option accept-invalid-http-request". The goal will be to add deactivable checks that are still desirable to have by default. For now no test is subject to it. --- include/haproxy/h2.h | 2 +- src/h2.c | 6 +++++- src/mux_h2.c | 3 ++- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/include/haproxy/h2.h b/include/haproxy/h2.h index 84e4c76fc..4082b38a8 100644 --- a/include/haproxy/h2.h +++ b/include/haproxy/h2.h @@ -207,7 +207,7 @@ extern struct h2_frame_definition h2_frame_definition[H2_FT_ENTRIES]; /* various protocol processing functions */ int h2_parse_cont_len_header(unsigned int *msgf, struct ist *value, unsigned long long *body_len); -int h2_make_htx_request(struct http_hdr *list, struct htx *htx, unsigned int *msgf, unsigned long long *body_len); +int h2_make_htx_request(struct http_hdr *list, struct htx *htx, unsigned int *msgf, unsigned long long *body_len, int relaxed); int h2_make_htx_response(struct http_hdr *list, struct htx *htx, unsigned int *msgf, unsigned long long *body_len, char *upgrade_protocol); int h2_make_htx_trailers(struct http_hdr *list, struct htx *htx); diff --git a/src/h2.c b/src/h2.c index 76c936783..cf42b7a56 100644 --- a/src/h2.c +++ b/src/h2.c @@ -296,8 +296,12 @@ static struct htx_sl *h2_prepare_htx_reqline(uint32_t fields, struct ist *phdr, * * The Cookie header will be reassembled at the end, and for this, the * will be used to create a linked list, so its contents may be destroyed. + * + * When is non-nul, some non-dangerous checks will be ignored. This + * is in order to satisfy "option accept-invalid-http-request" for + * interoperability purposes. */ -int h2_make_htx_request(struct http_hdr *list, struct htx *htx, unsigned int *msgf, unsigned long long *body_len) +int h2_make_htx_request(struct http_hdr *list, struct htx *htx, unsigned int *msgf, unsigned long long *body_len, int relaxed) { struct ist phdr_val[H2_PHDR_NUM_ENTRIES]; uint32_t fields; /* bit mask of H2_PHDR_FND_* */ diff --git a/src/mux_h2.c b/src/mux_h2.c index 63b9a805c..39fdf3cea 100644 --- a/src/mux_h2.c +++ b/src/mux_h2.c @@ -4936,7 +4936,8 @@ static int h2c_dec_hdrs(struct h2c *h2c, struct buffer *rxbuf, uint32_t *flags, if (h2c->flags & H2_CF_IS_BACK) outlen = h2_make_htx_response(list, htx, &msgf, body_len, upgrade_protocol); else - outlen = h2_make_htx_request(list, htx, &msgf, body_len); + outlen = h2_make_htx_request(list, htx, &msgf, body_len, + !!(((const struct session *)h2c->conn->owner)->fe->options2 & PR_O2_REQBUG_OK)); if (outlen < 0 || htx_free_space(htx) < global.tune.maxrewrite) { /* too large headers? this is a stream error only */