BUG/MINOR: h2: don't send GOAWAY on failed response
As part of the detection for intentional closes, we can kill the
connection if a shutw() happens before the headers. But it can also
happen that an invalid response is not properly parsed, preventing
any headers frame from being sent and making the function believe
it was an abort. Now instead we check if any response was received
from the stream, regardless of the fact that it was properly
converted.
diff --git a/src/mux_h2.c b/src/mux_h2.c
index 71d1944..3696521 100644
--- a/src/mux_h2.c
+++ b/src/mux_h2.c
@@ -2233,6 +2233,16 @@
if (h2s->st == H2_SS_HLOC || h2s->st == H2_SS_ERROR || h2s->st == H2_SS_CLOSED)
return;
+ /* if no outgoing data was seen on this stream, it means it was
+ * closed with a "tcp-request content" rule that is normally
+ * used to kill the connection ASAP (eg: limit abuse). In this
+ * case we send a goaway to close the connection.
+ */
+ if (!(h2s->flags & H2_SF_OUTGOING_DATA) &&
+ !(h2s->h2c->flags & (H2_CF_GOAWAY_SENT|H2_CF_GOAWAY_FAILED)) &&
+ h2c_send_goaway_error(h2s->h2c, h2s) <= 0)
+ return;
+
if (h2c_send_rst_stream(h2s->h2c, h2s) <= 0)
return;
@@ -2261,11 +2271,13 @@
else
h2s->st = H2_SS_HLOC;
} else {
- /* let's signal a wish to close the connection if no headers
- * were seen as this usually means it's a tcp-request rule which
- * has aborted the response.
+ /* if no outgoing data was seen on this stream, it means it was
+ * closed with a "tcp-request content" rule that is normally
+ * used to kill the connection ASAP (eg: limit abuse). In this
+ * case we send a goaway to close the connection.
*/
- if (!(h2s->h2c->flags & (H2_CF_GOAWAY_SENT|H2_CF_GOAWAY_FAILED)) &&
+ if (!(h2s->flags & H2_SF_OUTGOING_DATA) &&
+ !(h2s->h2c->flags & (H2_CF_GOAWAY_SENT|H2_CF_GOAWAY_FAILED)) &&
h2c_send_goaway_error(h2s->h2c, h2s) <= 0)
return;