From af62a3065abd371876e8df258f19821180603292 Mon Sep 17 00:00:00 2001 From: Lorenz Stechauner Date: Mon, 9 Jan 2023 22:01:50 +0100 Subject: [PATCH] Add http error handling --- src/lib/error.c | 31 ++++++++++++ src/lib/error.h | 8 ++++ src/lib/fastcgi.c | 1 + src/lib/http.c | 92 +++++++++++++++--------------------- src/lib/http.h | 5 ++ src/lib/proxy.c | 7 ++- src/worker/request_handler.c | 21 +++----- 7 files changed, 92 insertions(+), 73 deletions(-) diff --git a/src/lib/error.c b/src/lib/error.c index 4915d55..2455893 100644 --- a/src/lib/error.c +++ b/src/lib/error.c @@ -45,6 +45,17 @@ static const char *error_ssl_strerror(int err) { static const char *error_http_strerror(int err) { switch (err) { + case HTTP_ERROR_TOO_MANY_HEADER_FIELDS: + return "too many header fields"; + case HTTP_ERROR_EOH_NOT_FOUND: + return "end of http header not found"; + case HTTP_ERROR_HEADER_MALFORMED: + return "http header malformed"; + case HTTP_ERROR_INVALID_VERSION: + return "invalid http version"; + case HTTP_ERROR_URI_TOO_LONG: + return "uri too long"; + case HTTP_ERROR_GENERAL: default: return "unknown error"; } @@ -101,3 +112,23 @@ int error_http(int err) { } return -1; } + +static int error_get(unsigned char prefix) { + return (errno >> 24 != prefix) ? 0 : errno & 0x00FFFFFF; +} + +int error_get_sys() { + return error_get(0x00); +} + +int error_get_ssl() { + return error_get(0x01); +} + +int error_get_mmdb() { + return error_get(0x02); +} + +int error_get_http() { + return error_get(0x03); +} diff --git a/src/lib/error.h b/src/lib/error.h index afa5fdf..cd57fab 100644 --- a/src/lib/error.h +++ b/src/lib/error.h @@ -17,4 +17,12 @@ void error_mmdb(int err); int error_http(int err); +int error_get_sys(); + +int error_get_ssl(); + +int error_get_mmdb(); + +int error_get_http(); + #endif //SESIMOS_ERROR_H diff --git a/src/lib/fastcgi.c b/src/lib/fastcgi.c index 29d31e3..d03072c 100644 --- a/src/lib/fastcgi.c +++ b/src/lib/fastcgi.c @@ -383,6 +383,7 @@ int fastcgi_header(fastcgi_cnx_t *conn, http_res *res, char *err_msg) { ret = http_parse_header_field(&res->hdr, ptr, pos0, 0); if (ret != 0) return (int) ret; + if (pos0[2] == '\r' && pos0[3] == '\n') { return 0; } diff --git a/src/lib/http.c b/src/lib/http.c index aa7e0e7..1c23f53 100644 --- a/src/lib/http.c +++ b/src/lib/http.c @@ -6,11 +6,11 @@ * @date 2020-12-09 */ -#include "../logger.h" #include "http.h" #include "utils.h" #include "compress.h" #include "list.h" +#include "error.h" #include @@ -90,23 +90,20 @@ void http_free_res(http_res *res) { int http_init_hdr(http_hdr *hdr) { hdr->fields = list_create(sizeof(http_field), HTTP_INIT_HEADER_FIELD_NUM); if (hdr->fields == NULL) - return -1; + return error_http(HTTP_ERROR_SYSCALL); return 0; } int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr, int flags) { - if (hdr->last_field_num > list_size(hdr->fields)) { - error("Unable to parse header: Invalid state"); - return 3; - } + if (hdr->last_field_num > list_size(hdr->fields)) + return error_http(HTTP_ERROR_GENERAL); char *pos1 = (char *) buf, *pos2 = (char *) end_ptr; if (buf[0] == ' ' || buf[0] == '\t') { - if (hdr->last_field_num == -1) { - error("Unable to parse header"); - return 3; - } + if (hdr->last_field_num == -1) + return error_http(HTTP_ERROR_GENERAL); + http_field *f = &hdr->fields[(int) hdr->last_field_num]; str_trim_lws(&pos1, &pos2); @@ -116,10 +113,9 @@ int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr, } pos1 = memchr(buf, ':', end_ptr - buf); - if (pos1 == NULL) { - error("Unable to parse header"); - return 3; - } + if (pos1 == NULL) + return error_http(HTTP_ERROR_GENERAL); + long len1 = pos1 - buf; pos1++; @@ -129,10 +125,8 @@ int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr, int field_num = list_size(hdr->fields); int found = http_get_header_field_num_len(hdr, buf, len1); if (!(flags & HTTP_MERGE_FIELDS) || found == -1) { - if (http_add_header_field_len(hdr, buf, len1, pos1, len2 < 0 ? 0 : len2) != 0) { - error("Unable to parse header: Too many header fields"); - return 3; - } + if (http_add_header_field_len(hdr, buf, len1, pos1, len2 < 0 ? 0 : len2) != 0) + return error_http(HTTP_ERROR_TOO_MANY_HEADER_FIELDS); } else { field_num = found; http_append_to_header_field(&hdr->fields[found], ", ", 2); @@ -148,62 +142,52 @@ int http_parse_request(char *buf, http_req *req) { long len; unsigned long header_len = strstr(buf, "\r\n\r\n") - buf + 4; - if (header_len <= 0) { - error("Unable to parse http header: End of header not found"); - return -5; - } + if (header_len <= 0) + return error_http(HTTP_ERROR_EOH_NOT_FOUND); for (int i = 0; i < header_len; i++) { - if ((buf[i] >= 0x00 && buf[i] <= 0x1F && buf[i] != '\r' && buf[i] != '\n') || buf[i] == 0x7F) { - error("Unable to parse http header: Header contains illegal characters"); - return -4; - } + if ((buf[i] >= 0x00 && buf[i] <= 0x1F && buf[i] != '\r' && buf[i] != '\n') || buf[i] == 0x7F) + return error_http(HTTP_ERROR_HEADER_MALFORMED); } ptr = buf; while (header_len > (ptr - buf + 2)) { pos0 = strstr(ptr, "\r\n"); - if (pos0 == NULL) { - error("Unable to parse http header: Invalid header format"); - return -1; - } + if (pos0 == NULL) + return error_http(HTTP_ERROR_HEADER_MALFORMED); if (req->version[0] == 0) { pos1 = (char *) strchr(ptr, ' ') + 1; if (pos1 == NULL) goto err_hdr_fmt; - if (pos1 - ptr - 1 >= sizeof(req->method)) { - error("Unable to parse http header: Method name too long"); - return -2; - } + if (pos1 - ptr - 1 >= sizeof(req->method)) + return error_http(HTTP_ERROR_HEADER_MALFORMED); for (int i = 0; i < (pos1 - ptr - 1); i++) { - if (ptr[i] < 'A' || ptr[i] > 'Z') { - error("Unable to parse http header: Invalid method"); - return -2; - } + if (ptr[i] < 'A' || ptr[i] > 'Z') + return error_http(HTTP_ERROR_HEADER_MALFORMED); } snprintf(req->method, sizeof(req->method), "%.*s", (int) (pos1 - ptr - 1), ptr); pos2 = (char *) strchr(pos1, ' ') + 1; if (pos2 == NULL) { err_hdr_fmt: - error("Unable to parse http header: Invalid header format"); - return -1; + return error_http(HTTP_ERROR_HEADER_MALFORMED); } - if (memcmp(pos2, "HTTP/", 5) != 0 || memcmp(pos2 + 8, "\r\n", 2) != 0) { - error("Unable to parse http header: Invalid version"); - return -3; - } + if (memcmp(pos2, "HTTP/", 5) != 0 || memcmp(pos2 + 8, "\r\n", 2) != 0) + return error_http(HTTP_ERROR_INVALID_VERSION); len = pos2 - pos1 - 1; + if (len >= 2048) + return error_http(HTTP_ERROR_URI_TOO_LONG); + req->uri = malloc(len + 1); sprintf(req->uri, "%.*s", (int) len, pos1); sprintf(req->version, "%.3s", pos2 + 5); } else { - int ret = http_parse_header_field(&req->hdr, ptr, pos0, HTTP_MERGE_FIELDS); - if (ret != 0) return -ret; + if (http_parse_header_field(&req->hdr, ptr, pos0, HTTP_MERGE_FIELDS) != 0) + return -1; } ptr = pos0 + 2; } @@ -212,7 +196,7 @@ int http_parse_request(char *buf, http_req *req) { return (int) header_len; } - return -1; + return error_http(HTTP_ERROR_GENERAL); } int http_receive_request(sock *client, http_req *req) { @@ -226,10 +210,9 @@ int http_receive_request(sock *client, http_req *req) { http_init_hdr(&req->hdr); rcv_len = sock_recv(client, buf, CLIENT_MAX_HEADER_SIZE - 1, MSG_PEEK); - if (rcv_len <= 0) { - error("Unable to receive http header"); + if (rcv_len <= 0) return -1; - } + buf[rcv_len] = 0; long header_len = http_parse_request(buf, req); @@ -351,9 +334,9 @@ int http_send_response(sock *client, http_res *res) { off += sprintf(buf + off, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f)); } off += sprintf(buf + off, "\r\n"); - if (sock_send(client, buf, off, 0) < 0) { + if (sock_send(client, buf, off, 0) != off) return -1; - } + return 0; } @@ -365,10 +348,9 @@ int http_send_request(sock *server, http_req *req) { off += sprintf(buf + off, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f)); } off += sprintf(buf + off, "\r\n"); - long ret = sock_send(server, buf, off, 0); - if (ret <= 0) { + if (sock_send(server, buf, off, 0) != off) return -1; - } + return 0; } diff --git a/src/lib/http.h b/src/lib/http.h index d4db0e2..9758b40 100644 --- a/src/lib/http.h +++ b/src/lib/http.h @@ -48,6 +48,11 @@ #define HTTP_ERROR_GENERAL 1 #define HTTP_ERROR_SYSCALL 2 #define HTTP_ERROR_TOO_MANY_HEADER_FIELDS 3 +#define HTTP_ERROR_EOH_NOT_FOUND 4 +#define HTTP_ERROR_HEADER_MALFORMED 5 +#define HTTP_ERROR_INVALID_VERSION 6 +#define HTTP_ERROR_URI_TOO_LONG 7 +#define HTTP_ERROR_ #ifndef SERVER_STR # define SERVER_STR "sesimos" diff --git a/src/lib/proxy.c b/src/lib/proxy.c index 1a5623a..de10ee5 100644 --- a/src/lib/proxy.c +++ b/src/lib/proxy.c @@ -464,8 +464,8 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu ret = sock_recv(&proxy->proxy, buffer, sizeof(buffer), MSG_PEEK); if (ret <= 0) { - int enc_err = errno & 0x00FFFFFFFF; - if (errno == EAGAIN || errno == EINPROGRESS || enc_err == SSL_ERROR_WANT_READ || enc_err == SSL_ERROR_WANT_WRITE) { + int e_sys = error_get_sys(), e_ssl = error_get_ssl(); + if (e_sys == EAGAIN || e_sys == EINPROGRESS || e_ssl == SSL_ERROR_WANT_READ || e_ssl == SSL_ERROR_WANT_WRITE) { res->status = http_get_status(504); ctx->origin = SERVER_RES; } else { @@ -533,8 +533,7 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu goto proxy_err; } } else { - ret = http_parse_header_field(&res->hdr, ptr, pos0, 0); - if (ret != 0) { + if (http_parse_header_field(&res->hdr, ptr, pos0, 0) != 0) { res->status = http_get_status(502); ctx->origin = SERVER_RES; error("Unable to parse header"); diff --git a/src/worker/request_handler.c b/src/worker/request_handler.c index 21f598a..e21f753 100644 --- a/src/worker/request_handler.c +++ b/src/worker/request_handler.c @@ -14,9 +14,11 @@ #include "../lib/utils.h" #include "../server.h" #include "../lib/res.h" +#include "../lib/error.h" #include #include +#include static int request_handler(client_ctx_t *ctx); @@ -97,20 +99,11 @@ static int request_handler(client_ctx_t *ctx) { ret = http_receive_request(client, req); if (ret != 0) { ctx->c_keep_alive = 0; - if (ret < 0) { - return -1; - } else if (ret == 1) { - sprintf(err_msg, "Unable to parse http header: Invalid header format."); - } else if (ret == 2) { - sprintf(err_msg, "Unable to parse http header: Invalid method."); - } else if (ret == 3) { - sprintf(err_msg, "Unable to parse http header: Invalid version."); - } else if (ret == 4) { - sprintf(err_msg, "Unable to parse http header: Header contains illegal characters."); - } else if (ret == 5) { - sprintf(err_msg, "Unable to parse http header: End of header not found."); - } - res->status = http_get_status(400); + error("Unable to receive http header"); + sprintf(err_msg, "Unable to receive http header: %s.", error_str(errno, buf0, sizeof(buf0))); + int err = error_get_http(); + res->status = http_get_status(err == HTTP_ERROR_URI_TOO_LONG ? 414 : (err == HTTP_ERROR_TOO_MANY_HEADER_FIELDS ? 431 : 400)); + errno = 0; return 0; }