mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-07 07:37:02 +02:00
Code Issues Projects Releases Wiki Activity
2e97857a84
haproxy/src
History
Willy Tarreau 2e97857a84 BUG/MINOR: h3: reject more chars from the :path pseudo header 
This is the h3 version of this previous fix:

   BUG/MINOR: h2: reject more chars from the :path pseudo header

In addition to the current NUL/CR/LF, this will also reject all other
control chars, the space and '#' from the :path pseudo-header, to avoid
taking the '#' for a part of the path. It's still possible to fall back
to the previous behavior using "option accept-invalid-http-request".

Here the :path header value is scanned a second time to look for
forbidden chars because we don't know upfront if we're dealing with a
path header field or another one. This is no big deal anyway for now.

This should be progressively backported to 2.6, along with the
following commits it relies on (the same as for h2):

   REGTESTS: http-rules: add accept-invalid-http-request for normalize-uri tests
   REORG: http: move has_forbidden_char() from h2.c to http.h
   MINOR: ist: add new function ist_find_range() to find a character range
   MINOR: http: add new function http_path_has_forbidden_char()
2023-08-08 19:56:41 +02:00
..
acl.c MINOR: acl: add acl() sample fetch 2023-08-01 10:49:06 +02:00
action.c
activity.c MINOR: activity: allow "show activity" to restart in the middle of a line 2023-05-03 17:26:11 +02:00
applet.c MEDIUM: stconn/applet: Allow SF_SL_EOS flag alone 2023-05-23 15:52:35 +02:00
arg.c CLEANUP: arg: remove extra check in make_arg_list arg escaping 2022-11-22 16:27:52 +01:00
auth.c MINOR: auth: silence null dereference warning in check_user() 2022-11-24 15:24:02 +01:00
backend.c MEDIUM: clock: replace timeval "now" with integer "now_ns" 2023-04-28 16:08:08 +02:00
base64.c
cache.c BUG/MEDIUM: cache: Don't request more room than the max allowed 2023-05-09 11:53:28 +02:00
calltrace.c BUG/MINOR: calltrace: fix 'now' being used in place of 'date' 2023-04-27 18:14:57 +02:00
cbuf.c
cfgcond.c MINOR: protocol: move the global reuseport flag to the protocols 2023-04-23 09:46:15 +02:00
cfgdiag.c
cfgparse-global.c MINOR: quic: Add "limited-quic" new tuning setting 2023-07-21 19:19:27 +02:00
cfgparse-listen.c REORG: cfgparse: extract curproxy as a global variable 2023-08-01 10:48:28 +02:00
cfgparse-quic.c MINOR: quic: Add a fake congestion control algorithm named "nocc" 2023-03-31 17:09:03 +02:00
cfgparse-ssl.c MINOR: ssl: allow to change the client-sigalgs on server lines 2023-06-29 14:11:46 +02:00
cfgparse-tcp.c BUG/MINOR: cfgparse-tcp: leak when re-declaring interface from bind line 2023-06-06 15:15:17 +02:00
cfgparse-unix.c
cfgparse.c BUILD: cfgparse: keep a single "curproxy" 2023-08-01 11:31:39 +02:00
channel.c MINOR: stconn: Add a flag to report EOS at the stream-connector level 2023-04-17 17:41:28 +02:00
check.c MEDIUM: checks: Stop scheduling healthchecks during stopping stage 2023-05-17 14:57:10 +02:00
chunk.c BUG/MINOR: chunk: fix chunk_appendf() to not write a zero if buffer is full 2023-07-27 22:05:25 +02:00
cli.c MEDIUM: mworker/cli: does not disconnect the master CLI upon error 2023-05-14 18:42:31 +02:00
clock.c MINOR: clock: provide a function to automatically adjust now_offset 2023-05-17 09:33:54 +02:00
compression.c MINOR: compression/slz: add support for a pure flush of pending bytes 2023-06-30 16:12:36 +02:00
connection.c MEDIUM: tree-wide: fetches that may return IPV4+IPV6 now return ADDR 2023-07-03 16:32:01 +02:00
cpuset.c BUG/MINOR: cpuset: remove the bogus "proc" from the cpu_map struct 2023-07-20 11:01:09 +02:00
debug.c BUILD: debug: avoid a build warning related to epoll_wait() in debug code 2023-07-02 11:01:37 +02:00
dgram.c
dict.c
dns.c MEDIUM: tree-wide: Change sc API to specify required free space to progress 2023-05-05 15:44:23 +02:00
dynbuf.c
eb32sctree.c
eb32tree.c
eb64tree.c
ebimtree.c
ebistree.c
ebmbtree.c
ebpttree.c
ebsttree.c
ebtree.c
errors.c BUG/MINOR: errors: handle malloc failure in usermsgs_put() 2023-05-12 09:45:30 +02:00
ev_epoll.c MINOR: pollers: only update the local date during busy polling 2022-09-21 09:06:28 +02:00
ev_evports.c MINOR: pollers: only update the local date during busy polling 2022-09-21 09:06:28 +02:00
ev_kqueue.c MINOR: pollers: only update the local date during busy polling 2022-09-21 09:06:28 +02:00
ev_poll.c BUG/MINOR: signals/poller: ensure wakeup from signals 2022-09-09 11:15:22 +02:00
ev_select.c MEDIUM: fd/poller: turn update_mask to group-local IDs 2022-07-15 20:16:30 +02:00
event_hdl.c MINOR: checks/event_hdl: SERVER_CHECK event 2023-05-05 16:28:32 +02:00
extcheck.c MINOR: checks: use the lighter PRNG for spread checks 2022-10-12 21:49:30 +02:00
fcgi-app.c CLEANUP: fcgi-app; Remove useless assignment to NULL 2023-05-17 09:42:37 +02:00
fcgi.c BUG/MAJOR: fcgi: Fix uninitialized reserved bytes 2022-12-09 12:23:14 +01:00
fd.c BUG/MEDIUM: fd: don't wait for tmask to stabilize if we're not in it. 2023-04-13 18:04:46 +02:00
filters.c MEDIUM: filters/htx: Don't rely on HTX extra field if payload is filtered 2023-06-20 13:34:46 +02:00
fix.c
flt_bwlim.c BUG/MEDIUM: bwlim: Reset analyse expiration date when then channel analyse ends 2023-08-01 11:33:45 +02:00
flt_http_comp.c MINOR: compression: Improve the way Vary header is added 2023-05-25 11:25:31 +02:00
flt_spoe.c BUILD: cfgparse: keep a single "curproxy" 2023-08-01 11:31:39 +02:00
flt_trace.c BUG/MINOR: trace: show wall-clock date, not internal date in show activity 2023-04-27 18:22:34 +02:00
freq_ctr.c BUG/MEDIUM: freq-ctr: Don't compute overshoot value for empty counters 2022-12-14 10:44:17 +01:00
frontend.c CLEANUP: tree-wide: remove strpcy() from constant strings 2023-04-07 18:14:28 +02:00
h1_htx.c BUG/MINOR: htx/mux-h1: Properly handle bodyless responses when splicing is used 2023-08-02 12:05:05 +02:00
h1.c BUG/MINOR: h1: do not accept '#' as part of the URI component 2023-08-08 19:56:11 +02:00
h2.c BUG/MINOR: h2: reject more chars from the :path pseudo header 2023-08-08 19:56:41 +02:00
h3_stats.c
h3.c BUG/MINOR: h3: reject more chars from the :path pseudo header 2023-08-08 19:56:41 +02:00
haproxy.c CLEANUP: cpuset: remove the unused proc_t1 field in cpu_map 2023-07-20 11:01:09 +02:00
hash.c BUILD: hash: use __fallthrough in hash_djb2() 2022-11-14 11:14:02 +01:00
hlua_fcn.c BUG/MEDIUM: hlua_fcn/queue: bad pop_wait sequencing 2023-07-17 07:42:52 +02:00
hlua.c MINOR: lua: Allow reading "proc." scoped vars from LUA core. 2023-07-20 10:55:28 +02:00
hpack-dec.c BUG/CRITICAL: http: properly reject empty http header field names 2023-02-14 08:48:54 +01:00
hpack-enc.c
hpack-huff.c BUG/MEDIUM: hpack: fix incorrect huffman decoding of some control chars 2023-01-26 11:36:39 +01:00
hpack-tbl.c
hq_interop.c CLEANUP: mux-quic: rename internal functions 2023-05-30 15:45:55 +02:00
http_acl.c
http_act.c CLEANUP: http_act: use http_free_redirect_rule() to clean redirect act 2023-05-11 15:37:04 +02:00
http_ana.c BUG/MAJOR: http-ana: Get a fresh trash buffer for each header value replacement 2023-08-04 17:06:31 +02:00
http_client.c BUG/MINOR: http-client: Don't forget to commit changes on HTX message 2023-08-04 14:32:48 +02:00
http_conv.c CLEANUP: assorted typo fixes in the code and comments 2023-04-01 18:33:40 +02:00
http_ext.c BUG/MINOR: http_ext: unhandled ERR_ABORT in proxy_http_parse_7239() 2023-07-06 15:41:17 +02:00
http_fetch.c MEDIUM: tree-wide: fetches that may return IPV4+IPV6 now return ADDR 2023-07-03 16:32:01 +02:00
http_htx.c MINOR: http_htx: add http_prepend_header() to prepend value to header 2023-01-27 15:18:59 +01:00
http_rules.c MINOR: tree-wide: use free_acl_cond() where relevant 2023-05-11 15:37:04 +02:00
http.c BUG/MINOR: http: Return the right reason for 302 2023-07-17 11:14:10 +02:00
htx.c OPTIM: htx: inline the most common memcpy(8) 2023-02-03 13:39:18 +01:00
init.c
jwt.c MINOR: jwt: Add support for RSA-PSS signatures (PS256 algorithm) 2023-03-08 10:43:04 +01:00
lb_chash.c
lb_fas.c
lb_fwlc.c
lb_fwrr.c
lb_map.c
listener.c BUG/MEDIUM: listener: Acquire proxy's lock in relax_listener() if necessary 2023-07-21 15:08:27 +02:00
log.c BUG/MINOR: log: free errmsg on error in cfg_parse_log_forward() 2023-07-10 18:28:08 +02:00
lru.c
mailers.c MINOR: mailers/hlua: disable email sending from lua 2023-05-05 16:28:32 +02:00
map.c MINOR: stconn: Rename SC_FL_SHUTW in SC_FL_SHUT_DONE 2023-04-14 15:01:21 +02:00
mjson.c BUILD: mjson: Fix warning about unused variables 2023-05-11 09:22:46 +02:00
mqtt.c
mux_fcgi.c BUG/MEDIUM: mux-fcgi: Don't request more room if mux is waiting for more data 2023-05-11 15:37:04 +02:00
mux_h1.c BUG/MINOR: htx/mux-h1: Properly handle bodyless responses when splicing is used 2023-08-02 12:05:05 +02:00
mux_h2.c MINOR: h2: pass accept-invalid-http-request down the request parser 2023-08-08 19:10:54 +02:00
mux_pt.c CLEANUP: Stop checking the pointer before calling tasklet_free() 2023-04-23 00:28:25 +02:00
mux_quic.c MINOR: h3: abort request if not completed before full response 2023-08-04 16:17:16 +02:00
mworker-prog.c MEDIUM: clock: replace timeval "now" with integer "now_ns" 2023-04-28 16:08:08 +02:00
mworker.c BUG/MINOR: mworker: leak of a socketpair during startup failure 2023-06-21 09:44:18 +02:00
namespace.c BUG/MINOR: namespace: missing free in netns_sig_stop() 2023-06-14 11:27:29 +02:00
ncbuf.c MINOR: ncbuf: missing malloc checks in standalone code 2023-05-12 09:45:30 +02:00
pattern.c MINOR: pattern: use trim_all_pools() instead of a conditional malloc_trim() 2023-03-22 17:30:28 +01:00
payload.c MEDIUM: tree-wide: fetches that may return IPV4+IPV6 now return ADDR 2023-07-03 16:32:01 +02:00
peers.c MINOR: peers: add peers keyword registration 2023-07-20 18:12:44 +02:00
pipe.c
pool.c MINOR: pools: report a replaced memory allocator instead of just malloc_trim() 2023-03-22 18:05:02 +01:00
proto_quic.c MINOR: protocol: move the global reuseport flag to the protocols 2023-04-23 09:46:15 +02:00
proto_sockpair.c MEDIUM: proto: duplicate receivers marked RX_F_MUST_DUP 2023-04-21 17:41:26 +02:00
proto_tcp.c MINOR: protocol: move the global reuseport flag to the protocols 2023-04-23 09:46:15 +02:00
proto_udp.c MINOR: protocol: move the global reuseport flag to the protocols 2023-04-23 09:46:15 +02:00
proto_uxdg.c MINOR: proto_ux: ability to dump ABNS names in error messages 2023-02-23 15:05:05 +01:00
proto_uxst.c MINOR: proto: skip socket setup for duped FDs 2023-04-21 17:41:26 +02:00
protocol.c MINOR: quic: Warning for OpenSSL wrapper QUIC bindings without "limited-quic" 2023-08-08 14:59:17 +02:00
proxy.c BUG/MINOR: proxy/server: free default-server on deinit 2023-06-06 15:15:17 +02:00
qmux_http.c MINOR: mux-quic: remove dedicated function to handle standalone FIN 2023-05-12 15:50:30 +02:00
qmux_trace.c MINOR: mux-quic: add flow-control info to minimal trace level 2023-03-22 16:08:54 +01:00
qpack-dec.c BUG/MINOR: mux-quic: fix transport VS app CONNECTION_CLOSE 2023-05-09 18:42:34 +02:00
qpack-enc.c
qpack-tbl.c CLEANUP: qpack: properly use the QPACK macros not HPACK ones in debug code 2022-11-24 15:38:26 +01:00
queue.c MEDIUM: clock: replace timeval "now" with integer "now_ns" 2023-04-28 16:08:08 +02:00
quic_ack.c MINOR: quic: Add a new quic_ack.c C module for QUIC acknowledgements 2023-07-27 10:51:03 +02:00
quic_cc_cubic.c BUG/MINOR: quic: SIGFPE in quic_cubic_update() 2023-04-13 19:20:08 +02:00
quic_cc_newreno.c BUG/MINOR: quic: SIGFPE in quic_cubic_update() 2023-04-13 19:20:08 +02:00
quic_cc_nocc.c BUG/MAJOR: quic: Congestion algorithms states shared between the connection 2023-04-02 13:10:13 +02:00
quic_cc.c CLEANUP: quic: fix headers 2022-10-03 16:25:17 +02:00
quic_cli.c MINOR: quic: Export QUIC CLI code from quic_conn.c 2023-07-27 10:51:03 +02:00
quic_conn.c MINOR: quic: Release asap quic_conn memory (application level) 2023-08-08 14:59:17 +02:00
quic_frame.c MINOR: quic; Move the QUIC frame pool to its proper location 2023-07-27 10:51:03 +02:00
quic_loss.c MEDIUM: quic: Dynamic allocations of packet number spaces 2023-06-30 16:20:55 +02:00
quic_openssl_compat.c BUG/MINOR: quic+openssl_compat: Non initialized TLS encryption levels 2023-07-31 15:18:36 +02:00
quic_rx.c MINOR: quic: Use a pool for the connection ID tree. 2023-08-08 10:57:00 +02:00
quic_sock.c BUILD: quic: fix wrong potential NULL dereference 2023-08-04 15:42:34 +02:00
quic_ssl.c MINOR: quic: Add new "QUIC over SSL" C module. 2023-07-27 10:51:03 +02:00
quic_stats.c MINOR: quic: fix stats naming for flow control BLOCKED frames 2023-05-26 17:17:00 +02:00
quic_stream.c BUG/MINOR: mux-quic: differentiate failure on qc_stream_desc alloc 2023-05-12 16:26:20 +02:00
quic_tls.c MINOR: quic: Add a new quic_ack.c C module for QUIC acknowledgements 2023-07-27 10:51:03 +02:00
quic_tp.c BUG/MINOR: quic: Possible crash when dumping version information 2023-05-10 13:26:37 +02:00
quic_trace.c MINOR: quic: Move some counters from [rt]x quic_conn anonymous struct 2023-08-07 18:57:45 +02:00
quic_tx.c MINOR: quic: Use a pool for the connection ID tree. 2023-08-08 10:57:00 +02:00
raw_sock.c MINOR: proxy: factorize send rate measurement 2023-04-28 16:53:44 +02:00
regex.c BUG/MINOR: regex: Properly handle PCRE2 lib compiled without JIT support 2022-09-01 19:34:46 +02:00
resolvers.c MEDIUM: resolvers: Stop scheduling resolution during stopping stage 2023-05-17 16:48:33 +02:00
ring.c MINOR: stconn: Rename SC_FL_SHUTW in SC_FL_SHUT_DONE 2023-04-14 15:01:21 +02:00
sample.c MINOR: sample: implement the T* timer tags from the log-format as fetches 2023-07-26 17:44:38 +02:00
server_state.c BUG/MINOR: server-state: Avoid warning on 'file not found' 2023-07-21 15:08:27 +02:00
server.c BUG/MINOR: server: Don't warn on server resolution failure with init-addr none 2023-07-20 18:12:44 +02:00
session.c BUG/MINOR: ssl: log message non thread safe in SSL Hanshake failure 2023-06-12 16:35:57 +02:00
sha1.c
shctx.c
signal.c BUG/MINOR: signals/poller: ensure wakeup from signals 2022-09-09 11:15:22 +02:00
sink.c BUG/MINOR: sink/log: properly deinit srv in sink_new_from_logsrv() 2023-07-11 10:26:09 +02:00
slz.c IMPORT: slz: implement a synchronous flush() operation 2023-06-30 16:12:36 +02:00
sock_inet.c MINOR: protocol: move the global reuseport flag to the protocols 2023-04-23 09:46:15 +02:00
sock_unix.c MEDIUM: proto: duplicate receivers marked RX_F_MUST_DUP 2023-04-21 17:41:26 +02:00
sock.c MINOR: sock: add a function to check for SO_REUSEPORT support at runtime 2023-04-23 09:46:15 +02:00
ssl_ckch.c MINOR: stconn: Rename SC_FL_SHUTW in SC_FL_SHUT_DONE 2023-04-14 15:01:21 +02:00
ssl_crtlist.c MINOR: ssl: allow to change the signature algorithm for client authentication 2023-05-05 00:05:46 +02:00
ssl_ocsp.c BUG/MINOR: ssl: Fix potential leak in cli_parse_update_ocsp_response 2023-03-31 09:10:36 +02:00
ssl_sample.c MEDIUM: ssl: new sample fetch method to get curve name 2023-07-17 15:45:41 +02:00
ssl_sock.c BUG/MINOR: ssl: OCSP callback only registered for first SSL_CTX 2023-07-24 10:43:20 +02:00
ssl_utils.c BUILD: ssl: ssl_c_r_dn fetches uses functiosn only available since 1.1.1 2023-05-15 12:07:52 +02:00
stats.c BUG/MINOR: stats: Fix Lua's get_stats function 2023-06-02 08:29:25 +02:00
stconn.c MEDIUM: stconn/applet: Allow SF_SL_EOS flag alone 2023-05-23 15:52:35 +02:00
stick_table.c MINOR: stconn: Rename SC_FL_SHUTW in SC_FL_SHUT_DONE 2023-04-14 15:01:21 +02:00
stream.c MEDIUM: stream: Reset response analyse expiration date if there is no analyzer 2023-08-01 11:33:45 +02:00
task.c BUG/MINOR: task: allow to use tasklet_wakeup_after with tid -1 2023-04-18 16:20:47 +02:00
tcp_act.c MINOR: stream: Introduce stream_abort() to abort on both sides in same time 2023-04-14 14:04:59 +02:00
tcp_rules.c BUG/MINOR: tcp-rules: Don't shortened the inspect-delay when EOI is set 2023-05-17 09:21:01 +02:00
tcp_sample.c MINOR: sample: accept_date / request_date return %Ts / %tr timestamp values 2023-07-24 17:12:29 +02:00
tcpcheck.c CLEANUP: fix a few reported typos in code comments 2023-05-07 07:07:44 +02:00
thread.c BUG/MINOR: cpuset: remove the bogus "proc" from the cpu_map struct 2023-07-20 11:01:09 +02:00
time.c
tools.c BUG/MINOR: config: Lenient port configuration parsing 2023-07-11 20:58:28 +02:00
trace.c MINOR: sink/api: pass explicit maxlen parameter to sink_write() 2023-07-10 18:28:08 +02:00
uri_auth.c
uri_normalizer.c
vars.c BUILD: vars: use __fallthrough in var_accounting_{diff,add}() 2022-11-14 11:14:02 +01:00
version.c
wdt.c BUG/MEDIUM: wdt: fix wrong thread being checked for sleeping 2023-02-17 16:01:34 +01:00
xprt_handshake.c
xprt_quic.c MINOR: quic: Release asap quic_conn memory from ->close() xprt callback. 2023-08-08 14:59:17 +02:00