[4.0] 06056e3 Be more consistent about per-hop/end-to-end headers.

Lasse Karstensen lkarsten at varnish-software.com
Thu Jan 22 16:45:34 CET 2015 

commit 06056e3076bd0c14c2e82d8e081871fff9aea66c
Author: Poul-Henning Kamp <phk at FreeBSD.org>
Date:   Tue Jan 20 16:11:17 2015 +0100

    Be more consistent about per-hop/end-to-end headers.
    
    Conflicts:
    	bin/varnishd/cache/cache_http.c
    	bin/varnishd/http1/cache_http1_fsm.c

diff --git a/bin/varnishd/cache/cache.h b/bin/varnishd/cache/cache.h
index 6aca502..660d6b7 100644
--- a/bin/varnishd/cache/cache.h
+++ b/bin/varnishd/cache/cache.h
@@ -1019,7 +1019,7 @@ void http_SetStatus(struct http *to, uint16_t status);
 const char *http_GetReq(const struct http *hp);
 int http_HdrIs(const struct http *hp, const char *hdr, const char *val);
 int http_IsHdr(const txt *hh, const char *hdr);
-enum sess_close http_DoConnection(const struct http *);
+enum sess_close http_DoConnection(struct http *);
 void http_CopyHome(struct http *hp);
 void http_Unset(struct http *hp, const char *hdr);
 void http_CollectHdr(struct http *hp, const char *hdr);
diff --git a/bin/varnishd/cache/cache_http.c b/bin/varnishd/cache/cache_http.c
index 159751b..c00f330 100644
--- a/bin/varnishd/cache/cache_http.c
+++ b/bin/varnishd/cache/cache_http.c
@@ -493,12 +493,13 @@ http_GetHdrField(const struct http *hp, const char *hdr,
  */
 
 enum sess_close
-http_DoConnection(const struct http *hp)
+http_DoConnection(struct http *hp)
 {
 	char *p, *q;
 	enum sess_close ret;
 	unsigned u;
 
+	http_CollectHdr(hp, H_Connection);
 	if (!http_GetHdr(hp, H_Connection, &p)) {
 		if (hp->protover < 11)
 			return (SC_REQ_HTTP10);
@@ -517,6 +518,17 @@ http_DoConnection(const struct http *hp)
 		u = pdiff(p, q);
 		if (u == 5 && !strncasecmp(p, "close", u))
 			ret = SC_REQ_CLOSE;
+
+		/* Refuse removal of well-known-headers if they would pass. */
+/*lint -save -e506 */
+#define HTTPH(a, x, c)						\
+		if (!((c) & HTTPH_R_PASS) &&			\
+		    strlen(a) == u && !strncasecmp(a, p, u))	\
+				return (SC_RX_BAD);
+#include "tbl/http_headers.h"
+#undef HTTPH
+/*lint -restore */
+
 		u = http_findhdr(hp, u, p);
 		if (u != 0)
 			hp->hdf[u] |= HDF_FILTER;
diff --git a/bin/varnishd/cache/cache_http1_fsm.c b/bin/varnishd/cache/cache_http1_fsm.c
index d83d522..2934181 100644
--- a/bin/varnishd/cache/cache_http1_fsm.c
+++ b/bin/varnishd/cache/cache_http1_fsm.c
@@ -376,6 +376,13 @@ http1_dissect(struct worker *wrk, struct req *req)
 	AZ(req->err_code);
 	req->ws_req = WS_Snapshot(req->ws);
 	req->doclose = http_DoConnection(req->http);
+	if (req->doclose == SC_RX_BAD) {
+		r = write(req->sp->fd, r_400, strlen(r_400));
+		if (r > 0)
+			req->acct.resp_hdrbytes += r;
+		SES_Close(req->sp, req->doclose);
+		return (REQ_FSM_DONE);
+	}
 
 	http_Unset(req->http, H_Expect);
 
diff --git a/bin/varnishtest/tests/c00016.vtc b/bin/varnishtest/tests/c00016.vtc
index 83c9527..3e0b2be 100644
--- a/bin/varnishtest/tests/c00016.vtc
+++ b/bin/varnishtest/tests/c00016.vtc
@@ -23,3 +23,9 @@ client c1 {
 	rxresp
 	expect req.http.Bar == <undef>
 } -run
+
+client c1 {
+	txreq -hdr "foo: 1" -hdr "Age: 200" -hdr "Connection: Age"
+	rxresp
+	expect resp.status == 400
+} -run
diff --git a/include/tbl/sess_close.h b/include/tbl/sess_close.h
index 5b77eba..351cc58 100644
--- a/include/tbl/sess_close.h
+++ b/include/tbl/sess_close.h
@@ -29,18 +29,19 @@
 
 /*lint -save -e525 -e539 */
 
-SESS_CLOSE(REM_CLOSE,	"Client Closed")
-SESS_CLOSE(REQ_CLOSE,	"Client requested close")
-SESS_CLOSE(REQ_HTTP10,	"Proto < HTTP/1.1")
-SESS_CLOSE(RX_BODY,	"Failure receiving req.body")
-SESS_CLOSE(RX_JUNK,	"Received junk data")
-SESS_CLOSE(RX_OVERFLOW,	"Received buffer overflow")
-SESS_CLOSE(RX_TIMEOUT,	"Receive timeout")
-SESS_CLOSE(TX_PIPE,	"Piped transaction")
-SESS_CLOSE(TX_ERROR,	"Error transaction")
-SESS_CLOSE(TX_EOF,	"EOF transmission")
-SESS_CLOSE(RESP_CLOSE,	"Backend/VCL requested close")
-SESS_CLOSE(OVERLOAD,	"Out of some resource")
+SESS_CLOSE(REM_CLOSE,		"Client Closed")
+SESS_CLOSE(REQ_CLOSE,		"Client requested close")
+SESS_CLOSE(REQ_HTTP10,		"Proto < HTTP/1.1")
+SESS_CLOSE(RX_BAD,		"Received bad request")
+SESS_CLOSE(RX_BODY,		"Failure receiving req.body")
+SESS_CLOSE(RX_JUNK,		"Received junk data")
+SESS_CLOSE(RX_OVERFLOW,		"Received buffer overflow")
+SESS_CLOSE(RX_TIMEOUT,		"Receive timeout")
+SESS_CLOSE(TX_PIPE,		"Piped transaction")
+SESS_CLOSE(TX_ERROR,		"Error transaction")
+SESS_CLOSE(TX_EOF,		"EOF transmission")
+SESS_CLOSE(RESP_CLOSE,		"Backend/VCL requested close")
+SESS_CLOSE(OVERLOAD,		"Out of some resource")
 SESS_CLOSE(SESS_PIPE_OVERFLOW,	"Session pipe overflow")
 
 /*lint -restore */

More information about the varnish-commit mailing list