BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach()
With the previous commit 03627245c ("BUG/MEDIUM: mux-h1: Trim excess server data
at the end of a transaction"), we try to avoid to handle junk data coming from a
server as a response. But it only works for data already received. Starting from
the moment a server sends an invalid response, it is safer to close the
connection too, because more data may come after and there is no good reason to
handle them.
So now, when a conn_stream is detached from a server connection, if there are
some unexpected input data, we simply trim them and close the connection
ASAP. We don't close it immediately only if there are still some outgoing data
to deliver to the server.
This patch must be backported to 2.0 and 1.9.
diff --git a/src/mux_h1.c b/src/mux_h1.c
index 6517b61..659a277 100644
--- a/src/mux_h1.c
+++ b/src/mux_h1.c
@@ -2177,10 +2177,17 @@
if (conn_is_back(h1c->conn) && has_keepalive &&
!(h1c->conn->flags & (CO_FL_ERROR | CO_FL_SOCK_RD_SH | CO_FL_SOCK_WR_SH))) {
- /* Release input buffer to trim any excess data received from
- * the server to be sure to block invalid responses.
+ /* If there are any excess server data in the input buffer,
+ * release it and close the connection ASAP (some data may
+ * remain in the output buffer). This happens if a server sends
+ * invalid responses. So in such case, we don't want to reuse
+ * the connection
*/
- h1_release_buf(h1c, &h1c->ibuf);
+ if (b_data(&h1c->ibuf)) {
+ h1_release_buf(h1c, &h1c->ibuf);
+ h1c->flags |= H1C_F_CS_SHUTW_NOW;
+ goto release;
+ }
/* Never ever allow to reuse a connection from a non-reuse backend */
if ((h1c->px->options & PR_O_REUSE_MASK) == PR_O_REUSE_NEVR)
@@ -2227,6 +2234,7 @@
}
}
+ release:
/* We don't want to close right now unless the connection is in error or shut down for writes */
if ((h1c->flags & (H1C_F_CS_ERROR|H1C_F_CS_SHUTDOWN|H1C_F_UPG_H2C)) ||
(h1c->conn->flags & (CO_FL_ERROR|CO_FL_SOCK_WR_SH)) ||