[3.0] 3a99613 Be more consistent about per-hop/end-to-end headers.
Martin Blix Grydeland
martin at varnish-software.com
Tue Mar 17 14:40:18 CET 2015
commit 3a99613fffc118e4295184d28c0cc509c2e249b1
Author: Martin Blix Grydeland <martin at varnish-software.com>
Date: Tue Mar 17 14:39:42 2015 +0100
Be more consistent about per-hop/end-to-end headers.
Conflicts:
bin/varnishd/cache/cache_http.c
bin/varnishd/http1/cache_http1_fsm.c
Conflicts:
bin/varnishd/cache/cache.h
bin/varnishd/cache/cache_http.c
bin/varnishd/cache/cache_http1_fsm.c
include/tbl/sess_close.h
diff --git a/bin/varnishd/cache.h b/bin/varnishd/cache.h
index be319df..f580c5a 100644
--- a/bin/varnishd/cache.h
+++ b/bin/varnishd/cache.h
@@ -773,7 +773,7 @@ int http_IsHdr(const txt *hh, const char *hdr);
uint16_t http_DissectRequest(struct sess *sp);
uint16_t http_DissectResponse(struct worker *w, const struct http_conn *htc,
struct http *sp);
-const char *http_DoConnection(const struct http *hp);
+const char *http_DoConnection(struct http *hp, uint16_t *pstatus);
void http_CopyHome(struct worker *w, int fd, const struct http *hp);
void http_Unset(struct http *hp, const char *hdr);
void http_CollectHdr(struct http *hp, const char *hdr);
diff --git a/bin/varnishd/cache_center.c b/bin/varnishd/cache_center.c
index 22edb9b..969bf50 100644
--- a/bin/varnishd/cache_center.c
+++ b/bin/varnishd/cache_center.c
@@ -1517,7 +1517,14 @@ cnt_start(struct sess *sp)
/* Catch original request, before modification */
HTTP_Copy(sp->http0, sp->http);
- sp->doclose = http_DoConnection(sp->http);
+ sp->doclose = http_DoConnection(sp->http, &err_code);
+ if (err_code == 400)
+ (void)write(sp->fd, r_400, strlen(r_400));
+ if (err_code != 0) {
+ sp->step = STP_DONE;
+ vca_close_session(sp, sp->doclose);
+ return (0);
+ }
/* XXX: Handle TRACE & OPTIONS of Max-Forwards = 0 */
diff --git a/bin/varnishd/cache_http.c b/bin/varnishd/cache_http.c
index 3680422..d180e79 100644
--- a/bin/varnishd/cache_http.c
+++ b/bin/varnishd/cache_http.c
@@ -413,12 +413,15 @@ http_GetHdrField(const struct http *hp, const char *hdr,
*/
const char *
-http_DoConnection(const struct http *hp)
+http_DoConnection(struct http *hp, uint16_t *p_err_code)
{
char *p, *q;
const char *ret;
unsigned u;
+ AN(p_err_code);
+
+ http_CollectHdr(hp, H_Connection);
if (!http_GetHdr(hp, H_Connection, &p)) {
if (hp->protover < 11)
return ("not HTTP/1.1");
@@ -437,6 +440,19 @@ http_DoConnection(const struct http *hp)
u = pdiff(p, q);
if (u == 5 && !strncasecmp(p, "close", u))
ret = "Connection: close";
+
+ /* Refuse removal of well-known-headers if they would pass. */
+/*lint -save -e506 */
+#define HTTPH(a,b,c,d,e,f,g) \
+ if (!((e) & HTTPH_R_PASS) && \
+ strlen(a) == u && !strncasecmp(a, p, u)) { \
+ *p_err_code = 400; \
+ return ("Bad request"); \
+ }
+#include "http_headers.h"
+#undef HTTPH
+/*lint -restore */
+
u = http_findhdr(hp, u, p);
if (u != 0)
hp->hdf[u] |= HDF_FILTER;
diff --git a/bin/varnishtest/tests/c00016.vtc b/bin/varnishtest/tests/c00016.vtc
index 99e9c53..85f1b38 100644
--- a/bin/varnishtest/tests/c00016.vtc
+++ b/bin/varnishtest/tests/c00016.vtc
@@ -23,3 +23,9 @@ client c1 {
rxresp
expect req.http.Bar == <undef>
} -run
+
+client c1 {
+ txreq -hdr "foo: 1" -hdr "Age: 200" -hdr "Connection: Age"
+ rxresp
+ expect resp.status == 400
+} -run
More information about the varnish-commit
mailing list