Fijxu
/
nginx-quic
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nginx-quic/src/http/v3/ngx_http_v3_request.c

1719 lines
46 KiB
C
Raw Blame History

/*
* Copyright (C) Roman Arutyunyan
* Copyright (C) Nginx, Inc.
*/
#include <ngx_config.h>
#include <ngx_core.h>
#include <ngx_http.h>
static void ngx_http_v3_init_request_stream(ngx_connection_t *c);
static void ngx_http_v3_wait_request_handler(ngx_event_t *rev);
static void ngx_http_v3_cleanup_connection(void *data);
static void ngx_http_v3_cleanup_request(void *data);
static void ngx_http_v3_process_request(ngx_event_t *rev);
static ngx_int_t ngx_http_v3_process_header(ngx_http_request_t *r,
ngx_str_t *name, ngx_str_t *value);
static ngx_int_t ngx_http_v3_validate_header(ngx_http_request_t *r,
ngx_str_t *name, ngx_str_t *value);
static ngx_int_t ngx_http_v3_process_pseudo_header(ngx_http_request_t *r,
ngx_str_t *name, ngx_str_t *value);
static ngx_int_t ngx_http_v3_init_pseudo_headers(ngx_http_request_t *r);
static ngx_int_t ngx_http_v3_process_request_header(ngx_http_request_t *r);
static ngx_int_t ngx_http_v3_cookie(ngx_http_request_t *r, ngx_str_t *value);
static ngx_int_t ngx_http_v3_construct_cookie_header(ngx_http_request_t *r);
static void ngx_http_v3_read_client_request_body_handler(ngx_http_request_t *r);
static ngx_int_t ngx_http_v3_do_read_client_request_body(ngx_http_request_t *r);
static ngx_int_t ngx_http_v3_request_body_filter(ngx_http_request_t *r,
ngx_chain_t *in);
static const struct {
ngx_str_t name;
ngx_uint_t method;
} ngx_http_v3_methods[] = {
{ ngx_string("GET"), NGX_HTTP_GET },
{ ngx_string("POST"), NGX_HTTP_POST },
{ ngx_string("HEAD"), NGX_HTTP_HEAD },
{ ngx_string("OPTIONS"), NGX_HTTP_OPTIONS },
{ ngx_string("PROPFIND"), NGX_HTTP_PROPFIND },
{ ngx_string("PUT"), NGX_HTTP_PUT },
{ ngx_string("MKCOL"), NGX_HTTP_MKCOL },
{ ngx_string("DELETE"), NGX_HTTP_DELETE },
{ ngx_string("COPY"), NGX_HTTP_COPY },
{ ngx_string("MOVE"), NGX_HTTP_MOVE },
{ ngx_string("PROPPATCH"), NGX_HTTP_PROPPATCH },
{ ngx_string("LOCK"), NGX_HTTP_LOCK },
{ ngx_string("UNLOCK"), NGX_HTTP_UNLOCK },
{ ngx_string("PATCH"), NGX_HTTP_PATCH },
{ ngx_string("TRACE"), NGX_HTTP_TRACE },
{ ngx_string("CONNECT"), NGX_HTTP_CONNECT }
};
void
ngx_http_v3_init_stream(ngx_connection_t *c)
{
ngx_http_v3_session_t *h3c;
ngx_http_connection_t *hc, *phc;
ngx_http_v3_srv_conf_t *h3scf;
ngx_http_core_loc_conf_t *clcf;
ngx_http_core_srv_conf_t *cscf;
hc = c->data;
hc->ssl = 1;
clcf = ngx_http_get_module_loc_conf(hc->conf_ctx, ngx_http_core_module);
cscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_core_module);
h3scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v3_module);
if (c->quic == NULL) {
if (ngx_http_v3_init_session(c) != NGX_OK) {
ngx_http_close_connection(c);
return;
}
h3c = hc->v3_session;
ngx_add_timer(&h3c->keepalive, cscf->client_header_timeout);
h3scf->quic.timeout = clcf->keepalive_timeout;
ngx_quic_run(c, &h3scf->quic);
return;
}
phc = ngx_http_quic_get_connection(c);
if (phc->ssl_servername) {
hc->ssl_servername = phc->ssl_servername;
#if (NGX_PCRE)
hc->ssl_servername_regex = phc->ssl_servername_regex;
#endif
hc->conf_ctx = phc->conf_ctx;
ngx_set_connection_log(c, clcf->error_log);
}
if (c->quic->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) {
ngx_http_v3_init_uni_stream(c);
} else {
ngx_http_v3_init_request_stream(c);
}
}
ngx_int_t
ngx_http_v3_init(ngx_connection_t *c)
{
unsigned int len;
const unsigned char *data;
ngx_http_v3_session_t *h3c;
ngx_http_v3_srv_conf_t *h3scf;
ngx_http_core_loc_conf_t *clcf;
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http3 init");
h3c = ngx_http_v3_get_session(c);
clcf = ngx_http_v3_get_module_loc_conf(c, ngx_http_core_module);
ngx_add_timer(&h3c->keepalive, clcf->keepalive_timeout);
h3scf = ngx_http_v3_get_module_srv_conf(c, ngx_http_v3_module);
if (h3scf->enable_hq) {
if (!h3scf->enable) {
h3c->hq = 1;
return NGX_OK;
}
SSL_get0_alpn_selected(c->ssl->connection, &data, &len);
if (len == sizeof(NGX_HTTP_V3_HQ_PROTO) - 1
&& ngx_strncmp(data, NGX_HTTP_V3_HQ_PROTO, len) == 0)
{
h3c->hq = 1;
return NGX_OK;
}
}
return ngx_http_v3_send_settings(c);
}
void
ngx_http_v3_shutdown(ngx_connection_t *c)
{
ngx_http_v3_session_t *h3c;
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http3 shutdown");
h3c = ngx_http_v3_get_session(c);
if (h3c == NULL) {
ngx_quic_finalize_connection(c, NGX_HTTP_V3_ERR_NO_ERROR,
"connection shutdown");
return;
}
if (!h3c->goaway) {
h3c->goaway = 1;
if (!h3c->hq) {
(void) ngx_http_v3_send_goaway(c, h3c->next_request_id);
}
ngx_http_v3_shutdown_connection(c, NGX_HTTP_V3_ERR_NO_ERROR,
"connection shutdown");
}
}
static void
ngx_http_v3_init_request_stream(ngx_connection_t *c)
{
uint64_t n;
ngx_event_t *rev;
ngx_pool_cleanup_t *cln;
ngx_http_connection_t *hc;
ngx_http_v3_session_t *h3c;
ngx_http_core_loc_conf_t *clcf;
ngx_http_core_srv_conf_t *cscf;
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http3 init request stream");
#if (NGX_STAT_STUB)
(void) ngx_atomic_fetch_add(ngx_stat_active, 1);
#endif
hc = c->data;
clcf = ngx_http_get_module_loc_conf(hc->conf_ctx, ngx_http_core_module);
n = c->quic->id >> 2;
if (n >= clcf->keepalive_requests * 2) {
ngx_http_v3_finalize_connection(c, NGX_HTTP_V3_ERR_EXCESSIVE_LOAD,
"too many requests per connection");
ngx_http_close_connection(c);
return;
}
h3c = ngx_http_v3_get_session(c);
if (h3c->goaway) {
c->close = 1;
ngx_http_close_connection(c);
return;
}
h3c->next_request_id = c->quic->id + 0x04;
if (n + 1 == clcf->keepalive_requests
|| ngx_current_msec - c->start_time > clcf->keepalive_time)
{
h3c->goaway = 1;
if (!h3c->hq) {
if (ngx_http_v3_send_goaway(c, h3c->next_request_id) != NGX_OK) {
ngx_http_close_connection(c);
return;
}
}
ngx_http_v3_shutdown_connection(c, NGX_HTTP_V3_ERR_NO_ERROR,
"reached maximum number of requests");
}
cln = ngx_pool_cleanup_add(c->pool, 0);
if (cln == NULL) {
ngx_http_close_connection(c);
return;
}
cln->handler = ngx_http_v3_cleanup_connection;
cln->data = c;
h3c->nrequests++;
if (h3c->keepalive.timer_set) {
ngx_del_timer(&h3c->keepalive);
}
rev = c->read;
if (!h3c->hq) {
rev->handler = ngx_http_v3_wait_request_handler;
c->write->handler = ngx_http_empty_handler;
}
if (rev->ready) {
rev->handler(rev);
return;
}
cscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_core_module);
ngx_add_timer(rev, cscf->client_header_timeout);
ngx_reusable_connection(c, 1);
if (ngx_handle_read_event(rev, 0) != NGX_OK) {
ngx_http_close_connection(c);
return;
}
}
static void
ngx_http_v3_wait_request_handler(ngx_event_t *rev)
{
size_t size;
ssize_t n;
ngx_buf_t *b;
ngx_connection_t *c;
ngx_pool_cleanup_t *cln;
ngx_http_request_t *r;
ngx_http_connection_t *hc;
ngx_http_core_srv_conf_t *cscf;
c = rev->data;
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http3 wait request handler");
if (rev->timedout) {
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
c->timedout = 1;
ngx_http_close_connection(c);
return;
}
if (c->close) {
ngx_http_close_connection(c);
return;
}
hc = c->data;
cscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_core_module);
size = cscf->client_header_buffer_size;
b = c->buffer;
if (b == NULL) {
b = ngx_create_temp_buf(c->pool, size);
if (b == NULL) {
ngx_http_close_connection(c);
return;
}
c->buffer = b;
} else if (b->start == NULL) {
b->start = ngx_palloc(c->pool, size);
if (b->start == NULL) {
ngx_http_close_connection(c);
return;
}
b->pos = b->start;
b->last = b->start;
b->end = b->last + size;
}
n = c->recv(c, b->last, size);
if (n == NGX_AGAIN) {
if (!rev->timer_set) {
ngx_add_timer(rev, cscf->client_header_timeout);
ngx_reusable_connection(c, 1);
}
if (ngx_handle_read_event(rev, 0) != NGX_OK) {
ngx_http_close_connection(c);
return;
}
/*
* We are trying to not hold c->buffer's memory for an idle connection.
*/
if (ngx_pfree(c->pool, b->start) == NGX_OK) {
b->start = NULL;
}
return;
}
if (n == NGX_ERROR) {
ngx_http_close_connection(c);
return;
}
if (n == 0) {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client closed connection");
ngx_http_close_connection(c);
return;
}
b->last += n;
c->log->action = "reading client request";
ngx_reusable_connection(c, 0);
r = ngx_http_create_request(c);
if (r == NULL) {
ngx_http_close_connection(c);
return;
}
r->http_version = NGX_HTTP_VERSION_30;
r->v3_parse = ngx_pcalloc(r->pool, sizeof(ngx_http_v3_parse_t));
if (r->v3_parse == NULL) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return;
}
r->v3_parse->header_limit = cscf->large_client_header_buffers.size
* cscf->large_client_header_buffers.num;
c->data = r;
c->requests = (c->quic->id >> 2) + 1;
cln = ngx_pool_cleanup_add(r->pool, 0);
if (cln == NULL) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return;
}
cln->handler = ngx_http_v3_cleanup_request;
cln->data = r;
rev->handler = ngx_http_v3_process_request;
ngx_http_v3_process_request(rev);
}
void
ngx_http_v3_reset_stream(ngx_connection_t *c)
{
ngx_http_v3_session_t *h3c;
ngx_http_v3_srv_conf_t *h3scf;
h3scf = ngx_http_v3_get_module_srv_conf(c, ngx_http_v3_module);
h3c = ngx_http_v3_get_session(c);
if (h3scf->max_table_capacity > 0 && !c->read->eof && !h3c->hq
&& (c->quic->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) == 0)
{
(void) ngx_http_v3_send_cancel_stream(c, c->quic->id);
}
if (c->timedout) {
ngx_quic_reset_stream(c, NGX_HTTP_V3_ERR_GENERAL_PROTOCOL_ERROR);
} else if (c->close) {
ngx_quic_reset_stream(c, NGX_HTTP_V3_ERR_REQUEST_REJECTED);
} else if (c->requests == 0 || c->error) {
ngx_quic_reset_stream(c, NGX_HTTP_V3_ERR_INTERNAL_ERROR);
}
}
static void
ngx_http_v3_cleanup_connection(void *data)
{
ngx_connection_t *c = data;
ngx_http_v3_session_t *h3c;
ngx_http_core_loc_conf_t *clcf;
h3c = ngx_http_v3_get_session(c);
if (--h3c->nrequests == 0) {
clcf = ngx_http_v3_get_module_loc_conf(c, ngx_http_core_module);
ngx_add_timer(&h3c->keepalive, clcf->keepalive_timeout);
}
}
static void
ngx_http_v3_cleanup_request(void *data)
{
ngx_http_request_t *r = data;
if (!r->response_sent) {
r->connection->error = 1;
}
}
static void
ngx_http_v3_process_request(ngx_event_t *rev)
{
u_char *p;
ssize_t n;
ngx_buf_t *b;
ngx_int_t rc;
ngx_connection_t *c;
ngx_http_request_t *r;
ngx_http_v3_session_t *h3c;
ngx_http_core_srv_conf_t *cscf;
ngx_http_v3_parse_headers_t *st;
c = rev->data;
r = c->data;
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, rev->log, 0, "http3 process request");
if (rev->timedout) {
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
c->timedout = 1;
ngx_http_close_request(r, NGX_HTTP_REQUEST_TIME_OUT);
return;
}
h3c = ngx_http_v3_get_session(c);
st = &r->v3_parse->headers;
b = r->header_in;
for ( ;; ) {
if (b->pos == b->last) {
if (rev->ready) {
n = c->recv(c, b->start, b->end - b->start);
} else {
n = NGX_AGAIN;
}
if (n == NGX_AGAIN) {
if (!rev->timer_set) {
cscf = ngx_http_get_module_srv_conf(r,
ngx_http_core_module);
ngx_add_timer(rev, cscf->client_header_timeout);
}
if (ngx_handle_read_event(rev, 0) != NGX_OK) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
}
break;
}
if (n == 0) {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client prematurely closed connection");
}
if (n == 0 || n == NGX_ERROR) {
c->error = 1;
c->log->action = "reading client request";
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
break;
}
b->pos = b->start;
b->last = b->start + n;
}
p = b->pos;
rc = ngx_http_v3_parse_headers(c, st, b);
if (rc > 0) {
ngx_quic_reset_stream(c, rc);
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"client sent invalid header");
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
break;
}
if (rc == NGX_ERROR) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
break;
}
r->request_length += b->pos - p;
h3c->total_bytes += b->pos - p;
if (ngx_http_v3_check_flood(c) != NGX_OK) {
ngx_http_close_request(r, NGX_HTTP_CLOSE);
break;
}
if (rc == NGX_BUSY) {
if (rev->error) {
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
break;
}
if (!rev->timer_set) {
cscf = ngx_http_get_module_srv_conf(r,
ngx_http_core_module);
ngx_add_timer(rev, cscf->client_header_timeout);
}
if (ngx_handle_read_event(rev, 0) != NGX_OK) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
}
break;
}
if (rc == NGX_AGAIN) {
continue;
}
/* rc == NGX_OK || rc == NGX_DONE */
h3c->payload_bytes += ngx_http_v3_encode_field_l(NULL,
&st->field_rep.field.name,
&st->field_rep.field.value);
if (ngx_http_v3_process_header(r, &st->field_rep.field.name,
&st->field_rep.field.value)
!= NGX_OK)
{
break;
}
if (rc == NGX_DONE) {
if (ngx_http_v3_process_request_header(r) != NGX_OK) {
break;
}
ngx_http_process_request(r);
break;
}
}
ngx_http_run_posted_requests(c);
return;
}
static ngx_int_t
ngx_http_v3_process_header(ngx_http_request_t *r, ngx_str_t *name,
ngx_str_t *value)
{
size_t len;
ngx_table_elt_t *h;
ngx_http_header_t *hh;
ngx_http_core_srv_conf_t *cscf;
ngx_http_core_main_conf_t *cmcf;
static ngx_str_t cookie = ngx_string("cookie");
len = name->len + value->len;
if (len > r->v3_parse->header_limit) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent too large header");
ngx_http_finalize_request(r, NGX_HTTP_REQUEST_HEADER_TOO_LARGE);
return NGX_ERROR;
}
r->v3_parse->header_limit -= len;
if (ngx_http_v3_validate_header(r, name, value) != NGX_OK) {
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
}
if (r->invalid_header) {
cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
if (cscf->ignore_invalid_headers) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid header: \"%V\"", name);
return NGX_OK;
}
}
if (name->len && name->data[0] == ':') {
return ngx_http_v3_process_pseudo_header(r, name, value);
}
if (ngx_http_v3_init_pseudo_headers(r) != NGX_OK) {
return NGX_ERROR;
}
if (name->len == cookie.len
&& ngx_memcmp(name->data, cookie.data, cookie.len) == 0)
{
if (ngx_http_v3_cookie(r, value) != NGX_OK) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
} else {
h = ngx_list_push(&r->headers_in.headers);
if (h == NULL) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
h->key = *name;
h->value = *value;
h->lowcase_key = h->key.data;
h->hash = ngx_hash_key(h->key.data, h->key.len);
cmcf = ngx_http_get_module_main_conf(r, ngx_http_core_module);
hh = ngx_hash_find(&cmcf->headers_in_hash, h->hash,
h->lowcase_key, h->key.len);
if (hh && hh->handler(r, h, hh->offset) != NGX_OK) {
return NGX_ERROR;
}
}
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http3 header: \"%V: %V\"", name, value);
return NGX_OK;
}
static ngx_int_t
ngx_http_v3_validate_header(ngx_http_request_t *r, ngx_str_t *name,
ngx_str_t *value)
{
u_char ch;
ngx_uint_t i;
ngx_http_core_srv_conf_t *cscf;
r->invalid_header = 0;
cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
for (i = (name->data[0] == ':'); i != name->len; i++) {
ch = name->data[i];
if ((ch >= 'a' && ch <= 'z')
|| (ch == '-')
|| (ch >= '0' && ch <= '9')
|| (ch == '_' && cscf->underscores_in_headers))
{
continue;
}
if (ch <= 0x20 || ch == 0x7f || ch == ':'
|| (ch >= 'A' && ch <= 'Z'))
{
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid header name: \"%V\"", name);
return NGX_ERROR;
}
r->invalid_header = 1;
}
for (i = 0; i != value->len; i++) {
ch = value->data[i];
if (ch == '\0' || ch == LF || ch == CR) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent header \"%V\" with "
"invalid value: \"%V\"", name, value);
return NGX_ERROR;
}
}
return NGX_OK;
}
static ngx_int_t
ngx_http_v3_process_pseudo_header(ngx_http_request_t *r, ngx_str_t *name,
ngx_str_t *value)
{
u_char ch, c;
ngx_uint_t i;
if (r->request_line.len) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent out of order pseudo-headers");
goto failed;
}
if (name->len == 7 && ngx_strncmp(name->data, ":method", 7) == 0) {
if (r->method_name.len) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent duplicate \":method\" header");
goto failed;
}
if (value->len == 0) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent empty \":method\" header");
goto failed;
}
r->method_name = *value;
for (i = 0; i < sizeof(ngx_http_v3_methods)
/ sizeof(ngx_http_v3_methods[0]); i++)
{
if (value->len == ngx_http_v3_methods[i].name.len
&& ngx_strncmp(value->data,
ngx_http_v3_methods[i].name.data, value->len)
== 0)
{
r->method = ngx_http_v3_methods[i].method;
break;
}
}
for (i = 0; i < value->len; i++) {
ch = value->data[i];
if ((ch < 'A' || ch > 'Z') && ch != '_' && ch != '-') {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid method: \"%V\"", value);
goto failed;
}
}
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http3 method \"%V\" %ui", value, r->method);
return NGX_OK;
}
if (name->len == 5 && ngx_strncmp(name->data, ":path", 5) == 0) {
if (r->uri_start) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent duplicate \":path\" header");
goto failed;
}
if (value->len == 0) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent empty \":path\" header");
goto failed;
}
r->uri_start = value->data;
r->uri_end = value->data + value->len;
if (ngx_http_parse_uri(r) != NGX_OK) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid \":path\" header: \"%V\"",
value);
goto failed;
}
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http3 path \"%V\"", value);
return NGX_OK;
}
if (name->len == 7 && ngx_strncmp(name->data, ":scheme", 7) == 0) {
if (r->schema.len) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent duplicate \":scheme\" header");
goto failed;
}
if (value->len == 0) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent empty \":scheme\" header");
goto failed;
}
for (i = 0; i < value->len; i++) {
ch = value->data[i];
c = (u_char) (ch | 0x20);
if (c >= 'a' && c <= 'z') {
continue;
}
if (((ch >= '0' && ch <= '9')
|| ch == '+' || ch == '-' || ch == '.')
&& i > 0)
{
continue;
}
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid \":scheme\" header: \"%V\"",
value);
goto failed;
}
r->schema = *value;
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http3 schema \"%V\"", value);
return NGX_OK;
}
if (name->len == 10 && ngx_strncmp(name->data, ":authority", 10) == 0) {
if (r->host_start) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent duplicate \":authority\" header");
goto failed;
}
r->host_start = value->data;
r->host_end = value->data + value->len;
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http3 authority \"%V\"", value);
return NGX_OK;
}
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent unknown pseudo-header \"%V\"", name);
failed:
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
}
static ngx_int_t
ngx_http_v3_init_pseudo_headers(ngx_http_request_t *r)
{
size_t len;
u_char *p;
ngx_int_t rc;
ngx_str_t host;
if (r->request_line.len) {
return NGX_OK;
}
if (r->method_name.len == 0) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent no \":method\" header");
goto failed;
}
if (r->schema.len == 0) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent no \":scheme\" header");
goto failed;
}
if (r->uri_start == NULL) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent no \":path\" header");
goto failed;
}
len = r->method_name.len + 1
+ (r->uri_end - r->uri_start) + 1
+ sizeof("HTTP/3.0") - 1;
p = ngx_pnalloc(r->pool, len);
if (p == NULL) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
r->request_line.data = p;
p = ngx_cpymem(p, r->method_name.data, r->method_name.len);
*p++ = ' ';
p = ngx_cpymem(p, r->uri_start, r->uri_end - r->uri_start);
*p++ = ' ';
p = ngx_cpymem(p, "HTTP/3.0", sizeof("HTTP/3.0") - 1);
r->request_line.len = p - r->request_line.data;
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http3 request line: \"%V\"", &r->request_line);
ngx_str_set(&r->http_protocol, "HTTP/3.0");
if (ngx_http_process_request_uri(r) != NGX_OK) {
return NGX_ERROR;
}
if (r->host_end) {
host.len = r->host_end - r->host_start;
host.data = r->host_start;
rc = ngx_http_validate_host(&host, r->pool, 0);
if (rc == NGX_DECLINED) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid host in request line");
goto failed;
}
if (rc == NGX_ERROR) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
if (ngx_http_set_virtual_server(r, &host) == NGX_ERROR) {
return NGX_ERROR;
}
r->headers_in.server = host;
}
if (ngx_list_init(&r->headers_in.headers, r->pool, 20,
sizeof(ngx_table_elt_t))
!= NGX_OK)
{
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
return NGX_OK;
failed:
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
}
static ngx_int_t
ngx_http_v3_process_request_header(ngx_http_request_t *r)
{
ssize_t n;
ngx_buf_t *b;
ngx_connection_t *c;
ngx_http_v3_session_t *h3c;
ngx_http_v3_srv_conf_t *h3scf;
c = r->connection;
if (ngx_http_v3_init_pseudo_headers(r) != NGX_OK) {
return NGX_ERROR;
}
h3c = ngx_http_v3_get_session(c);
h3scf = ngx_http_get_module_srv_conf(r, ngx_http_v3_module);
if (!r->http_connection->addr_conf->http3) {
if ((h3c->hq && !h3scf->enable_hq) || (!h3c->hq && !h3scf->enable)) {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client attempted to request the server name "
"for which the negotiated protocol is disabled");
ngx_http_finalize_request(r, NGX_HTTP_MISDIRECTED_REQUEST);
return NGX_ERROR;
}
}
if (ngx_http_v3_construct_cookie_header(r) != NGX_OK) {
return NGX_ERROR;
}
if (r->headers_in.server.len == 0) {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent neither \":authority\" nor \"Host\" header");
goto failed;
}
if (r->headers_in.host) {
if (r->headers_in.host->value.len != r->headers_in.server.len
|| ngx_memcmp(r->headers_in.host->value.data,
r->headers_in.server.data,
r->headers_in.server.len)
!= 0)
{
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent \":authority\" and \"Host\" headers "
"with different values");
goto failed;
}
}
if (r->headers_in.content_length) {
r->headers_in.content_length_n =
ngx_atoof(r->headers_in.content_length->value.data,
r->headers_in.content_length->value.len);
if (r->headers_in.content_length_n == NGX_ERROR) {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent invalid \"Content-Length\" header");
goto failed;
}
} else {
b = r->header_in;
n = b->last - b->pos;
if (n == 0) {
n = c->recv(c, b->start, b->end - b->start);
if (n == NGX_ERROR) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
if (n > 0) {
b->pos = b->start;
b->last = b->start + n;
}
}
if (n != 0) {
r->headers_in.chunked = 1;
}
}
if (r->method == NGX_HTTP_CONNECT) {
ngx_log_error(NGX_LOG_INFO, c->log, 0, "client sent CONNECT method");
ngx_http_finalize_request(r, NGX_HTTP_NOT_ALLOWED);
return NGX_ERROR;
}
if (r->method == NGX_HTTP_TRACE) {
ngx_log_error(NGX_LOG_INFO, c->log, 0, "client sent TRACE method");
ngx_http_finalize_request(r, NGX_HTTP_NOT_ALLOWED);
return NGX_ERROR;
}
return NGX_OK;
failed:
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
}
static ngx_int_t
ngx_http_v3_cookie(ngx_http_request_t *r, ngx_str_t *value)
{
ngx_str_t *val;
ngx_array_t *cookies;
cookies = r->v3_parse->cookies;
if (cookies == NULL) {
cookies = ngx_array_create(r->pool, 2, sizeof(ngx_str_t));
if (cookies == NULL) {
return NGX_ERROR;
}
r->v3_parse->cookies = cookies;
}
val = ngx_array_push(cookies);
if (val == NULL) {
return NGX_ERROR;
}
*val = *value;
return NGX_OK;
}
static ngx_int_t
ngx_http_v3_construct_cookie_header(ngx_http_request_t *r)
{
u_char *buf, *p, *end;
size_t len;
ngx_str_t *vals;
ngx_uint_t i;
ngx_array_t *cookies;
ngx_table_elt_t *h;
ngx_http_header_t *hh;
ngx_http_core_main_conf_t *cmcf;
static ngx_str_t cookie = ngx_string("cookie");
cookies = r->v3_parse->cookies;
if (cookies == NULL) {
return NGX_OK;
}
vals = cookies->elts;
i = 0;
len = 0;
do {
len += vals[i].len + 2;
} while (++i != cookies->nelts);
len -= 2;
buf = ngx_pnalloc(r->pool, len + 1);
if (buf == NULL) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
p = buf;
end = buf + len;
for (i = 0; /* void */ ; i++) {
p = ngx_cpymem(p, vals[i].data, vals[i].len);
if (p == end) {
*p = '\0';
break;
}
*p++ = ';'; *p++ = ' ';
}
h = ngx_list_push(&r->headers_in.headers);
if (h == NULL) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
h->hash = ngx_hash(ngx_hash(ngx_hash(ngx_hash(
ngx_hash('c', 'o'), 'o'), 'k'), 'i'), 'e');
h->key.len = cookie.len;
h->key.data = cookie.data;
h->value.len = len;
h->value.data = buf;
h->lowcase_key = cookie.data;
cmcf = ngx_http_get_module_main_conf(r, ngx_http_core_module);
hh = ngx_hash_find(&cmcf->headers_in_hash, h->hash,
h->lowcase_key, h->key.len);
if (hh == NULL) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
if (hh->handler(r, h, hh->offset) != NGX_OK) {
/*
* request has been finalized already
* in ngx_http_process_multi_header_lines()
*/
return NGX_ERROR;
}
return NGX_OK;
}
ngx_int_t
ngx_http_v3_read_request_body(ngx_http_request_t *r)
{
size_t preread;
ngx_int_t rc;
ngx_chain_t *cl, out;
ngx_http_request_body_t *rb;
ngx_http_core_loc_conf_t *clcf;
rb = r->request_body;
preread = r->header_in->last - r->header_in->pos;
if (preread) {
/* there is the pre-read part of the request body */
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http3 client request body preread %uz", preread);
out.buf = r->header_in;
out.next = NULL;
cl = &out;
} else {
cl = NULL;
}
rc = ngx_http_v3_request_body_filter(r, cl);
if (rc != NGX_OK) {
return rc;
}
if (rb->rest == 0 && rb->last_saved) {
/* the whole request body was pre-read */
r->request_body_no_buffering = 0;
rb->post_handler(r);
return NGX_OK;
}
if (rb->rest < 0) {
ngx_log_error(NGX_LOG_ALERT, r->connection->log, 0,
"negative request body rest");
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
rb->buf = ngx_create_temp_buf(r->pool, clcf->client_body_buffer_size);
if (rb->buf == NULL) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
r->read_event_handler = ngx_http_v3_read_client_request_body_handler;
r->write_event_handler = ngx_http_request_empty_handler;
return ngx_http_v3_do_read_client_request_body(r);
}
static void
ngx_http_v3_read_client_request_body_handler(ngx_http_request_t *r)
{
ngx_int_t rc;
if (r->connection->read->timedout) {
r->connection->timedout = 1;
ngx_http_finalize_request(r, NGX_HTTP_REQUEST_TIME_OUT);
return;
}
rc = ngx_http_v3_do_read_client_request_body(r);
if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
ngx_http_finalize_request(r, rc);
}
}
ngx_int_t
ngx_http_v3_read_unbuffered_request_body(ngx_http_request_t *r)
{
ngx_int_t rc;
if (r->connection->read->timedout) {
r->connection->timedout = 1;
return NGX_HTTP_REQUEST_TIME_OUT;
}
rc = ngx_http_v3_do_read_client_request_body(r);
if (rc == NGX_OK) {
r->reading_body = 0;
}
return rc;
}
static ngx_int_t
ngx_http_v3_do_read_client_request_body(ngx_http_request_t *r)
{
off_t rest;
size_t size;
ssize_t n;
ngx_int_t rc;
ngx_uint_t flush;
ngx_chain_t out;
ngx_connection_t *c;
ngx_http_request_body_t *rb;
ngx_http_core_loc_conf_t *clcf;
c = r->connection;
rb = r->request_body;
flush = 1;
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http3 read client request body");
for ( ;; ) {
for ( ;; ) {
if (rb->rest == 0) {
break;
}
if (rb->buf->last == rb->buf->end) {
/* update chains */
rc = ngx_http_v3_request_body_filter(r, NULL);
if (rc != NGX_OK) {
return rc;
}
if (rb->busy != NULL) {
if (r->request_body_no_buffering) {
if (c->read->timer_set) {
ngx_del_timer(c->read);
}
if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
return NGX_AGAIN;
}
if (rb->filter_need_buffering) {
clcf = ngx_http_get_module_loc_conf(r,
ngx_http_core_module);
ngx_add_timer(c->read, clcf->client_body_timeout);
if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
return NGX_AGAIN;
}
ngx_log_error(NGX_LOG_ALERT, c->log, 0,
"busy buffers after request body flush");
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
flush = 0;
rb->buf->pos = rb->buf->start;
rb->buf->last = rb->buf->start;
}
size = rb->buf->end - rb->buf->last;
rest = rb->rest - (rb->buf->last - rb->buf->pos);
if ((off_t) size > rest) {
size = (size_t) rest;
}
if (size == 0) {
break;
}
n = c->recv(c, rb->buf->last, size);
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http3 client request body recv %z", n);
if (n == NGX_AGAIN) {
break;
}
if (n == 0) {
rb->buf->last_buf = 1;
}
if (n == NGX_ERROR) {
c->error = 1;
return NGX_HTTP_BAD_REQUEST;
}
rb->buf->last += n;
/* pass buffer to request body filter chain */
flush = 0;
out.buf = rb->buf;
out.next = NULL;
rc = ngx_http_v3_request_body_filter(r, &out);
if (rc != NGX_OK) {
return rc;
}
if (rb->rest == 0) {
break;
}
if (rb->buf->last < rb->buf->end) {
break;
}
}
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http3 client request body rest %O", rb->rest);
if (flush) {
rc = ngx_http_v3_request_body_filter(r, NULL);
if (rc != NGX_OK) {
return rc;
}
}
if (rb->rest == 0 && rb->last_saved) {
break;
}
if (!c->read->ready || rb->rest == 0) {
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
ngx_add_timer(c->read, clcf->client_body_timeout);
if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
return NGX_AGAIN;
}
}
if (c->read->timer_set) {
ngx_del_timer(c->read);
}
if (!r->request_body_no_buffering) {
r->read_event_handler = ngx_http_block_reading;
rb->post_handler(r);
}
return NGX_OK;
}
static ngx_int_t
ngx_http_v3_request_body_filter(ngx_http_request_t *r, ngx_chain_t *in)
{
off_t max;
size_t size;
u_char *p;
ngx_int_t rc;
ngx_buf_t *b;
ngx_uint_t last;
ngx_chain_t *cl, *out, *tl, **ll;
ngx_http_v3_session_t *h3c;
ngx_http_request_body_t *rb;
ngx_http_core_loc_conf_t *clcf;
ngx_http_core_srv_conf_t *cscf;
ngx_http_v3_parse_data_t *st;
rb = r->request_body;
st = &r->v3_parse->body;
h3c = ngx_http_v3_get_session(r->connection);
if (rb->rest == -1) {
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http3 request body filter");
cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
rb->rest = cscf->large_client_header_buffers.size;
}
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
max = r->headers_in.content_length_n;
if (max == -1 && clcf->client_max_body_size) {
max = clcf->client_max_body_size;
}
out = NULL;
ll = &out;
last = 0;
for (cl = in; cl; cl = cl->next) {
ngx_log_debug7(NGX_LOG_DEBUG_EVENT, r->connection->log, 0,
"http3 body buf "
"t:%d f:%d %p, pos %p, size: %z file: %O, size: %O",
cl->buf->temporary, cl->buf->in_file,
cl->buf->start, cl->buf->pos,
cl->buf->last - cl->buf->pos,
cl->buf->file_pos,
cl->buf->file_last - cl->buf->file_pos);
if (cl->buf->last_buf) {
last = 1;
}
b = NULL;
while (cl->buf->pos < cl->buf->last) {
if (st->length == 0) {
p = cl->buf->pos;
rc = ngx_http_v3_parse_data(r->connection, st, cl->buf);
r->request_length += cl->buf->pos - p;
h3c->total_bytes += cl->buf->pos - p;
if (ngx_http_v3_check_flood(r->connection) != NGX_OK) {
return NGX_HTTP_CLOSE;
}
if (rc == NGX_AGAIN) {
continue;
}
if (rc == NGX_DONE) {
last = 1;
goto done;
}
if (rc > 0) {
ngx_quic_reset_stream(r->connection, rc);
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"client sent invalid body");
return NGX_HTTP_BAD_REQUEST;
}
if (rc == NGX_ERROR) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
/* rc == NGX_OK */
if (max != -1 && (uint64_t) (max - rb->received) < st->length) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"client intended to send too large "
"body: %O+%ui bytes",
rb->received, st->length);
return NGX_HTTP_REQUEST_ENTITY_TOO_LARGE;
}
continue;
}
if (b
&& st->length <= 128
&& (uint64_t) (cl->buf->last - cl->buf->pos) >= st->length)
{
rb->received += st->length;
r->request_length += st->length;
h3c->total_bytes += st->length;
h3c->payload_bytes += st->length;
if (st->length < 8) {
while (st->length) {
*b->last++ = *cl->buf->pos++;
st->length--;
}
} else {
ngx_memmove(b->last, cl->buf->pos, st->length);
b->last += st->length;
cl->buf->pos += st->length;
st->length = 0;
}
continue;
}
tl = ngx_chain_get_free_buf(r->pool, &rb->free);
if (tl == NULL) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
b = tl->buf;
ngx_memzero(b, sizeof(ngx_buf_t));
b->temporary = 1;
b->tag = (ngx_buf_tag_t) &ngx_http_read_client_request_body;
b->start = cl->buf->pos;
b->pos = cl->buf->pos;
b->last = cl->buf->last;
b->end = cl->buf->end;
b->flush = r->request_body_no_buffering;
*ll = tl;
ll = &tl->next;
size = cl->buf->last - cl->buf->pos;
if (size > st->length) {
cl->buf->pos += (size_t) st->length;
rb->received += st->length;
r->request_length += st->length;
h3c->total_bytes += st->length;
h3c->payload_bytes += st->length;
st->length = 0;
} else {
st->length -= size;
rb->received += size;
r->request_length += size;
h3c->total_bytes += size;
h3c->payload_bytes += size;
cl->buf->pos = cl->buf->last;
}
b->last = cl->buf->pos;
}
}
done:
if (last) {
if (st->length > 0) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client prematurely closed stream");
r->connection->error = 1;
return NGX_HTTP_BAD_REQUEST;
}
if (r->headers_in.content_length_n == -1) {
r->headers_in.content_length_n = rb->received;
} else if (r->headers_in.content_length_n != rb->received) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent less body data than expected: "
"%O out of %O bytes of request body received",
rb->received, r->headers_in.content_length_n);
return NGX_HTTP_BAD_REQUEST;
}
rb->rest = 0;
tl = ngx_chain_get_free_buf(r->pool, &rb->free);
if (tl == NULL) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
b = tl->buf;
ngx_memzero(b, sizeof(ngx_buf_t));
b->last_buf = 1;
*ll = tl;
} else {
/* set rb->rest, amount of data we want to see next time */
cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
rb->rest = (off_t) cscf->large_client_header_buffers.size;
}
rc = ngx_http_top_request_body_filter(r, out);
ngx_chain_update_chains(r->pool, &rb->free, &rb->busy, &out,
(ngx_buf_tag_t) &ngx_http_read_client_request_body);
return rc;
}
Reference in New Issue View Git Blame Copy Permalink