Add http error handling
This commit is contained in:
@ -45,6 +45,17 @@ static const char *error_ssl_strerror(int err) {
|
|||||||
|
|
||||||
static const char *error_http_strerror(int err) {
|
static const char *error_http_strerror(int err) {
|
||||||
switch (err) {
|
switch (err) {
|
||||||
|
case HTTP_ERROR_TOO_MANY_HEADER_FIELDS:
|
||||||
|
return "too many header fields";
|
||||||
|
case HTTP_ERROR_EOH_NOT_FOUND:
|
||||||
|
return "end of http header not found";
|
||||||
|
case HTTP_ERROR_HEADER_MALFORMED:
|
||||||
|
return "http header malformed";
|
||||||
|
case HTTP_ERROR_INVALID_VERSION:
|
||||||
|
return "invalid http version";
|
||||||
|
case HTTP_ERROR_URI_TOO_LONG:
|
||||||
|
return "uri too long";
|
||||||
|
case HTTP_ERROR_GENERAL:
|
||||||
default:
|
default:
|
||||||
return "unknown error";
|
return "unknown error";
|
||||||
}
|
}
|
||||||
@ -101,3 +112,23 @@ int error_http(int err) {
|
|||||||
}
|
}
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int error_get(unsigned char prefix) {
|
||||||
|
return (errno >> 24 != prefix) ? 0 : errno & 0x00FFFFFF;
|
||||||
|
}
|
||||||
|
|
||||||
|
int error_get_sys() {
|
||||||
|
return error_get(0x00);
|
||||||
|
}
|
||||||
|
|
||||||
|
int error_get_ssl() {
|
||||||
|
return error_get(0x01);
|
||||||
|
}
|
||||||
|
|
||||||
|
int error_get_mmdb() {
|
||||||
|
return error_get(0x02);
|
||||||
|
}
|
||||||
|
|
||||||
|
int error_get_http() {
|
||||||
|
return error_get(0x03);
|
||||||
|
}
|
||||||
|
|||||||
@ -17,4 +17,12 @@ void error_mmdb(int err);
|
|||||||
|
|
||||||
int error_http(int err);
|
int error_http(int err);
|
||||||
|
|
||||||
|
int error_get_sys();
|
||||||
|
|
||||||
|
int error_get_ssl();
|
||||||
|
|
||||||
|
int error_get_mmdb();
|
||||||
|
|
||||||
|
int error_get_http();
|
||||||
|
|
||||||
#endif //SESIMOS_ERROR_H
|
#endif //SESIMOS_ERROR_H
|
||||||
|
|||||||
@ -383,6 +383,7 @@ int fastcgi_header(fastcgi_cnx_t *conn, http_res *res, char *err_msg) {
|
|||||||
|
|
||||||
ret = http_parse_header_field(&res->hdr, ptr, pos0, 0);
|
ret = http_parse_header_field(&res->hdr, ptr, pos0, 0);
|
||||||
if (ret != 0) return (int) ret;
|
if (ret != 0) return (int) ret;
|
||||||
|
|
||||||
if (pos0[2] == '\r' && pos0[3] == '\n') {
|
if (pos0[2] == '\r' && pos0[3] == '\n') {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -6,11 +6,11 @@
|
|||||||
* @date 2020-12-09
|
* @date 2020-12-09
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "../logger.h"
|
|
||||||
#include "http.h"
|
#include "http.h"
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
#include "compress.h"
|
#include "compress.h"
|
||||||
#include "list.h"
|
#include "list.h"
|
||||||
|
#include "error.h"
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
@ -90,23 +90,20 @@ void http_free_res(http_res *res) {
|
|||||||
int http_init_hdr(http_hdr *hdr) {
|
int http_init_hdr(http_hdr *hdr) {
|
||||||
hdr->fields = list_create(sizeof(http_field), HTTP_INIT_HEADER_FIELD_NUM);
|
hdr->fields = list_create(sizeof(http_field), HTTP_INIT_HEADER_FIELD_NUM);
|
||||||
if (hdr->fields == NULL)
|
if (hdr->fields == NULL)
|
||||||
return -1;
|
return error_http(HTTP_ERROR_SYSCALL);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr, int flags) {
|
int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr, int flags) {
|
||||||
if (hdr->last_field_num > list_size(hdr->fields)) {
|
if (hdr->last_field_num > list_size(hdr->fields))
|
||||||
error("Unable to parse header: Invalid state");
|
return error_http(HTTP_ERROR_GENERAL);
|
||||||
return 3;
|
|
||||||
}
|
|
||||||
|
|
||||||
char *pos1 = (char *) buf, *pos2 = (char *) end_ptr;
|
char *pos1 = (char *) buf, *pos2 = (char *) end_ptr;
|
||||||
if (buf[0] == ' ' || buf[0] == '\t') {
|
if (buf[0] == ' ' || buf[0] == '\t') {
|
||||||
if (hdr->last_field_num == -1) {
|
if (hdr->last_field_num == -1)
|
||||||
error("Unable to parse header");
|
return error_http(HTTP_ERROR_GENERAL);
|
||||||
return 3;
|
|
||||||
}
|
|
||||||
http_field *f = &hdr->fields[(int) hdr->last_field_num];
|
http_field *f = &hdr->fields[(int) hdr->last_field_num];
|
||||||
|
|
||||||
str_trim_lws(&pos1, &pos2);
|
str_trim_lws(&pos1, &pos2);
|
||||||
@ -116,10 +113,9 @@ int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
pos1 = memchr(buf, ':', end_ptr - buf);
|
pos1 = memchr(buf, ':', end_ptr - buf);
|
||||||
if (pos1 == NULL) {
|
if (pos1 == NULL)
|
||||||
error("Unable to parse header");
|
return error_http(HTTP_ERROR_GENERAL);
|
||||||
return 3;
|
|
||||||
}
|
|
||||||
long len1 = pos1 - buf;
|
long len1 = pos1 - buf;
|
||||||
|
|
||||||
pos1++;
|
pos1++;
|
||||||
@ -129,10 +125,8 @@ int http_parse_header_field(http_hdr *hdr, const char *buf, const char *end_ptr,
|
|||||||
int field_num = list_size(hdr->fields);
|
int field_num = list_size(hdr->fields);
|
||||||
int found = http_get_header_field_num_len(hdr, buf, len1);
|
int found = http_get_header_field_num_len(hdr, buf, len1);
|
||||||
if (!(flags & HTTP_MERGE_FIELDS) || found == -1) {
|
if (!(flags & HTTP_MERGE_FIELDS) || found == -1) {
|
||||||
if (http_add_header_field_len(hdr, buf, len1, pos1, len2 < 0 ? 0 : len2) != 0) {
|
if (http_add_header_field_len(hdr, buf, len1, pos1, len2 < 0 ? 0 : len2) != 0)
|
||||||
error("Unable to parse header: Too many header fields");
|
return error_http(HTTP_ERROR_TOO_MANY_HEADER_FIELDS);
|
||||||
return 3;
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
field_num = found;
|
field_num = found;
|
||||||
http_append_to_header_field(&hdr->fields[found], ", ", 2);
|
http_append_to_header_field(&hdr->fields[found], ", ", 2);
|
||||||
@ -148,62 +142,52 @@ int http_parse_request(char *buf, http_req *req) {
|
|||||||
long len;
|
long len;
|
||||||
|
|
||||||
unsigned long header_len = strstr(buf, "\r\n\r\n") - buf + 4;
|
unsigned long header_len = strstr(buf, "\r\n\r\n") - buf + 4;
|
||||||
if (header_len <= 0) {
|
if (header_len <= 0)
|
||||||
error("Unable to parse http header: End of header not found");
|
return error_http(HTTP_ERROR_EOH_NOT_FOUND);
|
||||||
return -5;
|
|
||||||
}
|
|
||||||
|
|
||||||
for (int i = 0; i < header_len; i++) {
|
for (int i = 0; i < header_len; i++) {
|
||||||
if ((buf[i] >= 0x00 && buf[i] <= 0x1F && buf[i] != '\r' && buf[i] != '\n') || buf[i] == 0x7F) {
|
if ((buf[i] >= 0x00 && buf[i] <= 0x1F && buf[i] != '\r' && buf[i] != '\n') || buf[i] == 0x7F)
|
||||||
error("Unable to parse http header: Header contains illegal characters");
|
return error_http(HTTP_ERROR_HEADER_MALFORMED);
|
||||||
return -4;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ptr = buf;
|
ptr = buf;
|
||||||
while (header_len > (ptr - buf + 2)) {
|
while (header_len > (ptr - buf + 2)) {
|
||||||
pos0 = strstr(ptr, "\r\n");
|
pos0 = strstr(ptr, "\r\n");
|
||||||
if (pos0 == NULL) {
|
if (pos0 == NULL)
|
||||||
error("Unable to parse http header: Invalid header format");
|
return error_http(HTTP_ERROR_HEADER_MALFORMED);
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (req->version[0] == 0) {
|
if (req->version[0] == 0) {
|
||||||
pos1 = (char *) strchr(ptr, ' ') + 1;
|
pos1 = (char *) strchr(ptr, ' ') + 1;
|
||||||
if (pos1 == NULL) goto err_hdr_fmt;
|
if (pos1 == NULL) goto err_hdr_fmt;
|
||||||
|
|
||||||
if (pos1 - ptr - 1 >= sizeof(req->method)) {
|
if (pos1 - ptr - 1 >= sizeof(req->method))
|
||||||
error("Unable to parse http header: Method name too long");
|
return error_http(HTTP_ERROR_HEADER_MALFORMED);
|
||||||
return -2;
|
|
||||||
}
|
|
||||||
|
|
||||||
for (int i = 0; i < (pos1 - ptr - 1); i++) {
|
for (int i = 0; i < (pos1 - ptr - 1); i++) {
|
||||||
if (ptr[i] < 'A' || ptr[i] > 'Z') {
|
if (ptr[i] < 'A' || ptr[i] > 'Z')
|
||||||
error("Unable to parse http header: Invalid method");
|
return error_http(HTTP_ERROR_HEADER_MALFORMED);
|
||||||
return -2;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
snprintf(req->method, sizeof(req->method), "%.*s", (int) (pos1 - ptr - 1), ptr);
|
snprintf(req->method, sizeof(req->method), "%.*s", (int) (pos1 - ptr - 1), ptr);
|
||||||
|
|
||||||
pos2 = (char *) strchr(pos1, ' ') + 1;
|
pos2 = (char *) strchr(pos1, ' ') + 1;
|
||||||
if (pos2 == NULL) {
|
if (pos2 == NULL) {
|
||||||
err_hdr_fmt:
|
err_hdr_fmt:
|
||||||
error("Unable to parse http header: Invalid header format");
|
return error_http(HTTP_ERROR_HEADER_MALFORMED);
|
||||||
return -1;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (memcmp(pos2, "HTTP/", 5) != 0 || memcmp(pos2 + 8, "\r\n", 2) != 0) {
|
if (memcmp(pos2, "HTTP/", 5) != 0 || memcmp(pos2 + 8, "\r\n", 2) != 0)
|
||||||
error("Unable to parse http header: Invalid version");
|
return error_http(HTTP_ERROR_INVALID_VERSION);
|
||||||
return -3;
|
|
||||||
}
|
|
||||||
|
|
||||||
len = pos2 - pos1 - 1;
|
len = pos2 - pos1 - 1;
|
||||||
|
if (len >= 2048)
|
||||||
|
return error_http(HTTP_ERROR_URI_TOO_LONG);
|
||||||
|
|
||||||
req->uri = malloc(len + 1);
|
req->uri = malloc(len + 1);
|
||||||
sprintf(req->uri, "%.*s", (int) len, pos1);
|
sprintf(req->uri, "%.*s", (int) len, pos1);
|
||||||
sprintf(req->version, "%.3s", pos2 + 5);
|
sprintf(req->version, "%.3s", pos2 + 5);
|
||||||
} else {
|
} else {
|
||||||
int ret = http_parse_header_field(&req->hdr, ptr, pos0, HTTP_MERGE_FIELDS);
|
if (http_parse_header_field(&req->hdr, ptr, pos0, HTTP_MERGE_FIELDS) != 0)
|
||||||
if (ret != 0) return -ret;
|
return -1;
|
||||||
}
|
}
|
||||||
ptr = pos0 + 2;
|
ptr = pos0 + 2;
|
||||||
}
|
}
|
||||||
@ -212,7 +196,7 @@ int http_parse_request(char *buf, http_req *req) {
|
|||||||
return (int) header_len;
|
return (int) header_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
return -1;
|
return error_http(HTTP_ERROR_GENERAL);
|
||||||
}
|
}
|
||||||
|
|
||||||
int http_receive_request(sock *client, http_req *req) {
|
int http_receive_request(sock *client, http_req *req) {
|
||||||
@ -226,10 +210,9 @@ int http_receive_request(sock *client, http_req *req) {
|
|||||||
http_init_hdr(&req->hdr);
|
http_init_hdr(&req->hdr);
|
||||||
|
|
||||||
rcv_len = sock_recv(client, buf, CLIENT_MAX_HEADER_SIZE - 1, MSG_PEEK);
|
rcv_len = sock_recv(client, buf, CLIENT_MAX_HEADER_SIZE - 1, MSG_PEEK);
|
||||||
if (rcv_len <= 0) {
|
if (rcv_len <= 0)
|
||||||
error("Unable to receive http header");
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
|
||||||
buf[rcv_len] = 0;
|
buf[rcv_len] = 0;
|
||||||
|
|
||||||
long header_len = http_parse_request(buf, req);
|
long header_len = http_parse_request(buf, req);
|
||||||
@ -351,9 +334,9 @@ int http_send_response(sock *client, http_res *res) {
|
|||||||
off += sprintf(buf + off, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f));
|
off += sprintf(buf + off, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f));
|
||||||
}
|
}
|
||||||
off += sprintf(buf + off, "\r\n");
|
off += sprintf(buf + off, "\r\n");
|
||||||
if (sock_send(client, buf, off, 0) < 0) {
|
if (sock_send(client, buf, off, 0) != off)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -365,10 +348,9 @@ int http_send_request(sock *server, http_req *req) {
|
|||||||
off += sprintf(buf + off, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f));
|
off += sprintf(buf + off, "%s: %s\r\n", http_field_get_name(f), http_field_get_value(f));
|
||||||
}
|
}
|
||||||
off += sprintf(buf + off, "\r\n");
|
off += sprintf(buf + off, "\r\n");
|
||||||
long ret = sock_send(server, buf, off, 0);
|
if (sock_send(server, buf, off, 0) != off)
|
||||||
if (ret <= 0) {
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -48,6 +48,11 @@
|
|||||||
#define HTTP_ERROR_GENERAL 1
|
#define HTTP_ERROR_GENERAL 1
|
||||||
#define HTTP_ERROR_SYSCALL 2
|
#define HTTP_ERROR_SYSCALL 2
|
||||||
#define HTTP_ERROR_TOO_MANY_HEADER_FIELDS 3
|
#define HTTP_ERROR_TOO_MANY_HEADER_FIELDS 3
|
||||||
|
#define HTTP_ERROR_EOH_NOT_FOUND 4
|
||||||
|
#define HTTP_ERROR_HEADER_MALFORMED 5
|
||||||
|
#define HTTP_ERROR_INVALID_VERSION 6
|
||||||
|
#define HTTP_ERROR_URI_TOO_LONG 7
|
||||||
|
#define HTTP_ERROR_
|
||||||
|
|
||||||
#ifndef SERVER_STR
|
#ifndef SERVER_STR
|
||||||
# define SERVER_STR "sesimos"
|
# define SERVER_STR "sesimos"
|
||||||
|
|||||||
@ -464,8 +464,8 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
|
|||||||
|
|
||||||
ret = sock_recv(&proxy->proxy, buffer, sizeof(buffer), MSG_PEEK);
|
ret = sock_recv(&proxy->proxy, buffer, sizeof(buffer), MSG_PEEK);
|
||||||
if (ret <= 0) {
|
if (ret <= 0) {
|
||||||
int enc_err = errno & 0x00FFFFFFFF;
|
int e_sys = error_get_sys(), e_ssl = error_get_ssl();
|
||||||
if (errno == EAGAIN || errno == EINPROGRESS || enc_err == SSL_ERROR_WANT_READ || enc_err == SSL_ERROR_WANT_WRITE) {
|
if (e_sys == EAGAIN || e_sys == EINPROGRESS || e_ssl == SSL_ERROR_WANT_READ || e_ssl == SSL_ERROR_WANT_WRITE) {
|
||||||
res->status = http_get_status(504);
|
res->status = http_get_status(504);
|
||||||
ctx->origin = SERVER_RES;
|
ctx->origin = SERVER_RES;
|
||||||
} else {
|
} else {
|
||||||
@ -533,8 +533,7 @@ int proxy_init(proxy_ctx_t **proxy_ptr, http_req *req, http_res *res, http_statu
|
|||||||
goto proxy_err;
|
goto proxy_err;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
ret = http_parse_header_field(&res->hdr, ptr, pos0, 0);
|
if (http_parse_header_field(&res->hdr, ptr, pos0, 0) != 0) {
|
||||||
if (ret != 0) {
|
|
||||||
res->status = http_get_status(502);
|
res->status = http_get_status(502);
|
||||||
ctx->origin = SERVER_RES;
|
ctx->origin = SERVER_RES;
|
||||||
error("Unable to parse header");
|
error("Unable to parse header");
|
||||||
|
|||||||
@ -14,9 +14,11 @@
|
|||||||
#include "../lib/utils.h"
|
#include "../lib/utils.h"
|
||||||
#include "../server.h"
|
#include "../server.h"
|
||||||
#include "../lib/res.h"
|
#include "../lib/res.h"
|
||||||
|
#include "../lib/error.h"
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <arpa/inet.h>
|
#include <arpa/inet.h>
|
||||||
|
#include <errno.h>
|
||||||
|
|
||||||
static int request_handler(client_ctx_t *ctx);
|
static int request_handler(client_ctx_t *ctx);
|
||||||
|
|
||||||
@ -97,20 +99,11 @@ static int request_handler(client_ctx_t *ctx) {
|
|||||||
ret = http_receive_request(client, req);
|
ret = http_receive_request(client, req);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
ctx->c_keep_alive = 0;
|
ctx->c_keep_alive = 0;
|
||||||
if (ret < 0) {
|
error("Unable to receive http header");
|
||||||
return -1;
|
sprintf(err_msg, "Unable to receive http header: %s.", error_str(errno, buf0, sizeof(buf0)));
|
||||||
} else if (ret == 1) {
|
int err = error_get_http();
|
||||||
sprintf(err_msg, "Unable to parse http header: Invalid header format.");
|
res->status = http_get_status(err == HTTP_ERROR_URI_TOO_LONG ? 414 : (err == HTTP_ERROR_TOO_MANY_HEADER_FIELDS ? 431 : 400));
|
||||||
} else if (ret == 2) {
|
errno = 0;
|
||||||
sprintf(err_msg, "Unable to parse http header: Invalid method.");
|
|
||||||
} else if (ret == 3) {
|
|
||||||
sprintf(err_msg, "Unable to parse http header: Invalid version.");
|
|
||||||
} else if (ret == 4) {
|
|
||||||
sprintf(err_msg, "Unable to parse http header: Header contains illegal characters.");
|
|
||||||
} else if (ret == 5) {
|
|
||||||
sprintf(err_msg, "Unable to parse http header: End of header not found.");
|
|
||||||
}
|
|
||||||
res->status = http_get_status(400);
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user