BUG/MINOR: mux-h2: make sure to produce a log on invalid requests
As reported by Dominik Froehlich in github issue #1968, some H2 request
parsing errors do not result in a log being emitted. This is annoying
for debugging because while an RST_STREAM is correctly emitted to the
client, there's no way without enabling traces to find it on the
haproxy side.
After some testing with various abnormal requests, a few places were
found where logs were missing and could be added. In this case, we
simply use sess_log() so some sample fetch functions might not be
available since the stream is not created. But at least there will
be a BADREQ in the logs. A good eaxmple of this consists in sending
forbidden headers or header syntax (e.g. presence of LF in value).
Some quick tests can be done this way:
- protocol error (LF in value):
curl -iv --http2-prior-knowledge -H "$(printf 'a:b\na')" http://0:8001/
- too large header block after decoding:
curl -v --http2-prior-knowledge -H "a:$(perl -e "print('a'x10000)")" -H "a:$(perl -e "print('a'x10000)")" http://localhost:8001/
This should be backported where needed, most likely 2.7 and 2.6 at
least for a start, and progressively to other versions.
(cherry picked from commit f43f36da5be06da0f08efdb496e36a0edb35206a)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit 5341eee2ffcbc24ea6b903f73e9781d1b074e40e)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit a627d15da26d5493114955b55f831a1033685ead)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit c864cf0e6cbd8358c7b69dc0e73b34050be9dd05)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
1 file changed