[master] 749a2c3fc params: Add http_req_overflow_status parameter

Nils Goroll nils.goroll at uplex.de
Wed Feb 5 08:43:06 UTC 2025 

commit 749a2c3fcb417563fe3c1e076f6c78349e869aa1
Author: Thibaut Artis <thibaut.artis at varnish-software.com>
Date:   Mon Jul 29 11:36:20 2024 +0200

    params: Add http_req_overflow_status parameter
    
    Adds a Varnish parameter for whether and which HTTP response code should be sent
    in case of a http_req_size overflow. The default value (0) keeps the old
    behavior which silently closes the connection.
    
    Committer comment: This has been significantly edited since the original
    Author's commit.
    
    Resolves #2735

diff --git a/bin/varnishd/common/common_param.h b/bin/varnishd/common/common_param.h
index b26440f45..60c4d2f71 100644
--- a/bin/varnishd/common/common_param.h
+++ b/bin/varnishd/common/common_param.h
@@ -118,6 +118,7 @@ struct params {
 #define ptyp_thread_pool_min	unsigned
 #define ptyp_timeout		vtim_dur
 #define ptyp_uint		unsigned
+#define ptyp_uint_orzero	unsigned
 #define ptyp_vcc_feature	vcc_feature_t
 #define ptyp_vsl_buffer		unsigned
 #define ptyp_vsl_mask		vsl_mask_t
diff --git a/bin/varnishd/http1/cache_http1_fsm.c b/bin/varnishd/http1/cache_http1_fsm.c
index e4fd595f4..976307863 100644
--- a/bin/varnishd/http1/cache_http1_fsm.c
+++ b/bin/varnishd/http1/cache_http1_fsm.c
@@ -327,6 +327,10 @@ HTTP1_Session(struct worker *wrk, struct req *req)
 			    cache_param->http_req_size);
 			assert(!WS_IsReserved(req->htc->ws));
 			if (hs < HTC_S_EMPTY) {
+				if (hs == HTC_S_OVERFLOW && cache_param->http_req_overflow_status != 0) {
+					(void)req->transport->minimal_response(req,
+					    cache_param->http_req_overflow_status);
+				}
 				req->acct.req_hdrbytes +=
 				    req->htc->rxbuf_e - req->htc->rxbuf_b;
 				Req_AcctLogCharge(wrk->stats, req);
diff --git a/bin/varnishtest/tests/c00039.vtc b/bin/varnishtest/tests/c00039.vtc
index c7350219d..1c3b2a9da 100644
--- a/bin/varnishtest/tests/c00039.vtc
+++ b/bin/varnishtest/tests/c00039.vtc
@@ -62,3 +62,20 @@ client c1 {
 	send "1...5: ..0....5....0....5....\r\n\r\n"
 	expect_close
 } -run
+
+varnish v1 -cliok "param.set http_req_overflow_status 414"
+client c1 {
+	# Each line is 32 except last, which is 33. Total: 32 * 7 + 33 == 257
+	send "GET /..... HTTP/1.1\r\nHost: foo\r\n"
+	send "1...5: ..0....5....0....5....0\r\n"
+	send "1...5: ..0....5....0....5....0\r\n"
+	send "1...5: ..0....5....0....5....0\r\n"
+	send "1...5: ..0....5....0....5....0\r\n"
+	send "1...5: ..0....5....0....5....0\r\n"
+	send "1...5: ..0....5....0....5....0\r\n"
+	send "1...5: ..0....5....0....5....\r\n\r\n"
+	rxresp
+	expect resp.status == 414
+} -run
+
+varnish v1 -clierr 106 "param.set http_req_overflow_status 200"
diff --git a/include/tbl/params.h b/include/tbl/params.h
index cf3429921..7b20e86b2 100644
--- a/include/tbl/params.h
+++ b/include/tbl/params.h
@@ -649,6 +649,23 @@ PARAM_SIMPLE(
 	"the initial SETTINGS frame."
 )
 
+PARAM_SIMPLE(
+	/* name */	http_req_overflow_status,
+	/* type */	uint_orzero,
+	/* min */	"400",
+	/* max */	"499",
+	/* def */	"0",
+	/* units */	"HTTP status code or 0 to disable",
+	/* descr */
+	"HTTP status code to be returned if http_req_size is exceeded. "
+	"The default value of 0 closes the connection silently without "
+	"sending a HTTP response.\n"
+	"Note that there is no standard HTTP status which exactly matches "
+	"the implementation of http_req_size. 414 applies to the URL only, "
+	"while 413 applies to the request body. 400 is probably the least "
+	"incorrect alternative value to sending no response at all (0)."
+)
+
 PARAM_SIMPLE(
 	/* name */	http_resp_hdr_len,
 	/* type */	bytes_u,

More information about the varnish-commit mailing list