Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 7416274914671c47cdfb7834e551c30d2a6af495 / . / src / h2.c
blob: 9154bd50d3b59bb4a5b2d4ada89d8e6a43d3f01e [file] [log] [blame]
Willy Tarreauf24ea8e2017-11-21 19:55:27 +0100[diff] [blame]1/*
2 * HTTP/2 protocol processing
3 *
4 * Copyright 2017 Willy Tarreau <w@1wt.eu>
5 * Copyright (C) 2017 HAProxy Technologies
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining
8 * a copy of this software and associated documentation files (the
9 * "Software"), to deal in the Software without restriction, including
10 * without limitation the rights to use, copy, modify, merge, publish,
11 * distribute, sublicense, and/or sell copies of the Software, and to
12 * permit persons to whom the Software is furnished to do so, subject to
13 * the following conditions:
14 *
15 * The above copyright notice and this permission notice shall be
16 * included in all copies or substantial portions of the Software.
17 *
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
19 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
20 * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
21 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
22 * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
23 * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
24 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
25 * OTHER DEALINGS IN THE SOFTWARE.
26 */
27
Willy Tarreaua1bd1fa2019-03-29 17:26:33 +0100[diff] [blame]28#include <inttypes.h>
Willy Tarreau4c7e4b72020-05-27 12:58:42 +0200[diff] [blame]29#include <haproxy/api.h>
Willy Tarreaub2551052020-06-09 09:07:15 +0200[diff] [blame]30#include <haproxy/global.h>
Willy Tarreaubf073142020-06-03 12:04:01 +0200[diff] [blame]31#include <haproxy/h2.h>
Willy Tarreau0017be02020-06-02 19:25:28 +0200[diff] [blame]32#include <haproxy/http-hdr-t.h>
Willy Tarreaub2551052020-06-09 09:07:15 +0200[diff] [blame]33#include <haproxy/http.h>
Willy Tarreau16f958c2020-06-03 08:44:35 +0200[diff] [blame]34#include <haproxy/htx.h>
Willy Tarreaueb6f7012020-05-27 16:21:26 +0200[diff] [blame]35#include <import/ist.h>
Willy Tarreaub2551052020-06-09 09:07:15 +0200[diff] [blame]36
Willy Tarreauf24ea8e2017-11-21 19:55:27 +0100[diff] [blame]37
Willy Tarreau9c84d822019-01-30 15:09:21 +0100[diff] [blame]38struct h2_frame_definition h2_frame_definition[H2_FT_ENTRIES] = {
39 [H2_FT_DATA ] = { .dir = 3, .min_id = 1, .max_id = H2_MAX_STREAM_ID, .min_len = 0, .max_len = H2_MAX_FRAME_LEN, },
40 [H2_FT_HEADERS ] = { .dir = 3, .min_id = 1, .max_id = H2_MAX_STREAM_ID, .min_len = 1, .max_len = H2_MAX_FRAME_LEN, },
41 [H2_FT_PRIORITY ] = { .dir = 3, .min_id = 1, .max_id = H2_MAX_STREAM_ID, .min_len = 5, .max_len = 5, },
42 [H2_FT_RST_STREAM ] = { .dir = 3, .min_id = 1, .max_id = H2_MAX_STREAM_ID, .min_len = 4, .max_len = 4, },
43 [H2_FT_SETTINGS ] = { .dir = 3, .min_id = 0, .max_id = 0, .min_len = 0, .max_len = H2_MAX_FRAME_LEN, },
44 [H2_FT_PUSH_PROMISE ] = { .dir = 0, .min_id = 1, .max_id = H2_MAX_STREAM_ID, .min_len = 4, .max_len = H2_MAX_FRAME_LEN, },
45 [H2_FT_PING ] = { .dir = 3, .min_id = 0, .max_id = 0, .min_len = 8, .max_len = 8, },
46 [H2_FT_GOAWAY ] = { .dir = 3, .min_id = 0, .max_id = 0, .min_len = 8, .max_len = H2_MAX_FRAME_LEN, },
47 [H2_FT_WINDOW_UPDATE] = { .dir = 3, .min_id = 0, .max_id = H2_MAX_STREAM_ID, .min_len = 4, .max_len = 4, },
48 [H2_FT_CONTINUATION ] = { .dir = 3, .min_id = 1, .max_id = H2_MAX_STREAM_ID, .min_len = 0, .max_len = H2_MAX_FRAME_LEN, },
49};
Willy Tarreauf24ea8e2017-11-21 19:55:27 +0100[diff] [blame]50
Willy Tarreau54f53ef2019-11-22 16:02:43 +0100[diff] [blame]51/* Looks into <ist> for forbidden characters for header values (0x00, 0x0A,
52 * 0x0D), starting at pointer <start> which must be within <ist>. Returns
53 * non-zero if such a character is found, 0 otherwise. When run on unlikely
54 * header match, it's recommended to first check for the presence of control
55 * chars using ist_find_ctl().
56 */
57static int has_forbidden_char(const struct ist ist, const char *start)
58{
59 do {
60 if ((uint8_t)*start <= 0x0d &&
61 (1U << (uint8_t)*start) & ((1<<13) | (1<<10) | (1<<0)))
62 return 1;
63 start++;
64 } while (start < ist.ptr + ist.len);
65 return 0;
66}
67
Willy Tarreaubeefaee2018-12-19 13:08:08 +0100[diff] [blame]68/* Parse the Content-Length header field of an HTTP/2 request. The function
69 * checks all possible occurrences of a comma-delimited value, and verifies
70 * if any of them doesn't match a previous value. It returns <0 if a value
71 * differs, 0 if the whole header can be dropped (i.e. already known), or >0
72 * if the value can be indexed (first one). In the last case, the value might
73 * be adjusted and the caller must only add the updated value.
74 */
75int h2_parse_cont_len_header(unsigned int *msgf, struct ist *value, unsigned long long *body_len)
76{
77 char *e, *n;
78 unsigned long long cl;
79 int not_first = !!(*msgf & H2_MSGF_BODY_CL);
80 struct ist word;
81
82 word.ptr = value->ptr - 1; // -1 for next loop's pre-increment
83 e = value->ptr + value->len;
84
85 while (++word.ptr < e) {
Ilya Shipitsin6fb0f212020-04-02 15:25:26 +0500[diff] [blame]86 /* skip leading delimiter and blanks */
Willy Tarreaubeefaee2018-12-19 13:08:08 +0100[diff] [blame]87 if (unlikely(HTTP_IS_LWS(*word.ptr)))
88 continue;
89
90 /* digits only now */
91 for (cl = 0, n = word.ptr; n < e; n++) {
92 unsigned int c = *n - '0';
93 if (unlikely(c > 9)) {
94 /* non-digit */
95 if (unlikely(n == word.ptr)) // spaces only
96 goto fail;
97 break;
98 }
99 if (unlikely(cl > ULLONG_MAX / 10ULL))
100 goto fail; /* multiply overflow */
101 cl = cl * 10ULL;
102 if (unlikely(cl + c < cl))
103 goto fail; /* addition overflow */
104 cl = cl + c;
105 }
106
107 /* keep a copy of the exact cleaned value */
108 word.len = n - word.ptr;
109
110 /* skip trailing LWS till next comma or EOL */
111 for (; n < e; n++) {
112 if (!HTTP_IS_LWS(*n)) {
113 if (unlikely(*n != ','))
114 goto fail;
115 break;
116 }
117 }
118
119 /* if duplicate, must be equal */
120 if (*msgf & H2_MSGF_BODY_CL && cl != *body_len)
121 goto fail;
122
123 /* OK, store this result as the one to be indexed */
124 *msgf |= H2_MSGF_BODY_CL;
125 *body_len = cl;
126 *value = word;
127 word.ptr = n;
128 }
129 /* here we've reached the end with a single value or a series of
130 * identical values, all matching previous series if any. The last
131 * parsed value was sent back into <value>. We just have to decide
132 * if this occurrence has to be indexed (it's the first one) or
133 * silently skipped (it's not the first one)
134 */
135 return !not_first;
136 fail:
137 return -1;
138}
139
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]140/* Prepare the request line into <htx> from pseudo headers stored in <phdr[]>.
141 * <fields> indicates what was found so far. This should be called once at the
142 * detection of the first general header field or at the end of the request if
143 * no general header field was found yet. Returns the created start line on
144 * success, or NULL on failure. Upon success, <msgf> is updated with a few
145 * H2_MSGF_* flags indicating what was found while parsing.
Willy Tarreau2be362c2019-10-08 11:59:37 +0200[diff] [blame]146 *
147 * The rules below deserve a bit of explanation. There tends to be some
148 * confusion regarding H2's authority vs the Host header. They are different
149 * though may sometimes be exchanged. In H2, the request line is broken into :
150 * - :method
151 * - :scheme
152 * - :authority
153 * - :path
154 *
155 * An equivalent HTTP/1.x absolute-form request would then look like :
156 * <:method> <:scheme>://<:authority><:path> HTTP/x.y
157 *
158 * Except for CONNECT which doesn't have scheme nor path and looks like :
159 * <:method> <:authority> HTTP/x.y
160 *
161 * It's worth noting that H2 still supports an encoding to map H1 origin-form
162 * and asterisk-form requests. These ones do not specify the authority. However
163 * in H2 they must still specify the scheme, which is not present in H1. Also,
164 * when encoding an absolute-form H1 request without a path, the path
165 * automatically becomes "/" except for the OPTIONS method where it
166 * becomes "*".
167 *
168 * As such it is explicitly permitted for an H2 client to send a request
169 * featuring a Host header and no :authority, though it's not the recommended
170 * way to use H2 for a client. It is however the only permitted way to encode
171 * an origin-form H1 request over H2. Thus we need to respect such differences
172 * as much as possible when re-encoding the H2 request into HTX.
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]173 */
174static struct htx_sl *h2_prepare_htx_reqline(uint32_t fields, struct ist *phdr, struct htx *htx, unsigned int *msgf)
175{
Willy Tarreau92919f72019-10-08 16:53:07 +0200[diff] [blame]176 struct ist uri;
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]177 unsigned int flags = HTX_SL_F_NONE;
178 struct htx_sl *sl;
Willy Tarreau9255e7e2019-03-05 10:47:37 +0100[diff] [blame]179 size_t i;
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]180
181 if ((fields & H2_PHDR_FND_METH) && isteq(phdr[H2_PHDR_IDX_METH], ist("CONNECT"))) {
182 /* RFC 7540 #8.2.6 regarding CONNECT: ":scheme" and ":path"
183 * MUST be omitted ; ":authority" contains the host and port
184 * to connect to.
185 */
186 if (fields & H2_PHDR_FND_SCHM) {
187 /* scheme not allowed */
188 goto fail;
189 }
190 else if (fields & H2_PHDR_FND_PATH) {
191 /* path not allowed */
192 goto fail;
193 }
194 else if (!(fields & H2_PHDR_FND_AUTH)) {
195 /* missing authority */
196 goto fail;
197 }
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]198 *msgf |= H2_MSGF_BODY_TUNNEL;
199 }
200 else if ((fields & (H2_PHDR_FND_METH|H2_PHDR_FND_SCHM|H2_PHDR_FND_PATH)) !=
201 (H2_PHDR_FND_METH|H2_PHDR_FND_SCHM|H2_PHDR_FND_PATH)) {
202 /* RFC 7540 #8.1.2.3 : all requests MUST include exactly one
203 * valid value for the ":method", ":scheme" and ":path" phdr
204 * unless it is a CONNECT request.
205 */
206 if (!(fields & H2_PHDR_FND_METH)) {
207 /* missing method */
208 goto fail;
209 }
210 else if (!(fields & H2_PHDR_FND_SCHM)) {
211 /* missing scheme */
212 goto fail;
213 }
214 else {
215 /* missing path */
216 goto fail;
217 }
218 }
Willy Tarreau2be362c2019-10-08 11:59:37 +0200[diff] [blame]219 else { /* regular methods */
Willy Tarreau92919f72019-10-08 16:53:07 +0200[diff] [blame]220 /* RFC3986#6.2.2.1: scheme is case-insensitive. We need to
221 * classify the scheme as "present/http", "present/https",
222 * "present/other", "absent" so as to decide whether or not
223 * we're facing a normalized URI that will have to be encoded
224 * in origin or absolute form. Indeed, 7540#8.1.2.3 says that
225 * clients should use the absolute form, thus we cannot infer
226 * whether or not the client wanted to use a proxy here.
227 */
228 flags |= HTX_SL_F_HAS_SCHM;
229 if (isteqi(phdr[H2_PHDR_IDX_SCHM], ist("http")))
230 flags |= HTX_SL_F_SCHM_HTTP;
231 else if (isteqi(phdr[H2_PHDR_IDX_SCHM], ist("https")))
232 flags |= HTX_SL_F_SCHM_HTTPS;
233 }
234
235 if (!(flags & HTX_SL_F_HAS_SCHM)) {
236 /* no scheme, use authority only (CONNECT) */
237 uri = phdr[H2_PHDR_IDX_AUTH];
Willy Tarreau1440fe82019-10-08 17:34:50 +0200[diff] [blame]238 flags |= HTX_SL_F_HAS_AUTHORITY;
Willy Tarreau92919f72019-10-08 16:53:07 +0200[diff] [blame]239 }
Willy Tarreau30ee1ef2019-10-08 18:33:19 +0200[diff] [blame]240 else if (fields & H2_PHDR_FND_AUTH) {
241 /* authority is present, let's use the absolute form. We simply
242 * use the trash to concatenate them since all of them MUST fit
243 * in a bufsize since it's where they come from.
Willy Tarreau92919f72019-10-08 16:53:07 +0200[diff] [blame]244 */
Willy Tarreaufd2658c2020-02-26 13:51:38 +0100[diff] [blame]245 if (unlikely(!phdr[H2_PHDR_IDX_PATH].len))
246 goto fail; // 7540#8.1.2.3: :path must not be empty
247
Willy Tarreau92919f72019-10-08 16:53:07 +0200[diff] [blame]248 uri = ist2bin(trash.area, phdr[H2_PHDR_IDX_SCHM]);
249 istcat(&uri, ist("://"), trash.size);
250 istcat(&uri, phdr[H2_PHDR_IDX_AUTH], trash.size);
251 if (!isteq(phdr[H2_PHDR_IDX_PATH], ist("*")))
252 istcat(&uri, phdr[H2_PHDR_IDX_PATH], trash.size);
Willy Tarreau1440fe82019-10-08 17:34:50 +0200[diff] [blame]253 flags |= HTX_SL_F_HAS_AUTHORITY;
Willy Tarreau30ee1ef2019-10-08 18:33:19 +0200[diff] [blame]254
255 if (flags & (HTX_SL_F_SCHM_HTTP|HTX_SL_F_SCHM_HTTPS)) {
256 /* we don't know if it was originally an absolute or a
257 * relative request because newer versions of HTTP use
258 * the absolute URI format by default, which we call
259 * the normalized URI format internally. This is the
260 * strongly recommended way of sending a request for
261 * a regular client, so we cannot distinguish this
262 * from a request intended for a proxy. For other
263 * schemes however there is no doubt.
264 */
265 flags |= HTX_SL_F_NORMALIZED_URI;
266 }
Willy Tarreau92919f72019-10-08 16:53:07 +0200[diff] [blame]267 }
268 else {
269 /* usual schemes with or without authority, use origin form */
270 uri = phdr[H2_PHDR_IDX_PATH];
Willy Tarreau1440fe82019-10-08 17:34:50 +0200[diff] [blame]271 if (fields & H2_PHDR_FND_AUTH)
272 flags |= HTX_SL_F_HAS_AUTHORITY;
Willy Tarreau2be362c2019-10-08 11:59:37 +0200[diff] [blame]273 }
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]274
Willy Tarreau2be362c2019-10-08 11:59:37 +0200[diff] [blame]275 /* make sure the final URI isn't empty. Note that 7540#8.1.2.3 states
276 * that :path must not be empty.
277 */
Willy Tarreau92919f72019-10-08 16:53:07 +0200[diff] [blame]278 if (!uri.len)
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]279 goto fail;
280
Willy Tarreau2be362c2019-10-08 11:59:37 +0200[diff] [blame]281 /* The final URI must not contain LWS nor CTL characters */
Willy Tarreau92919f72019-10-08 16:53:07 +0200[diff] [blame]282 for (i = 0; i < uri.len; i++) {
283 unsigned char c = uri.ptr[i];
Willy Tarreau9255e7e2019-03-05 10:47:37 +0100[diff] [blame]284 if (HTTP_IS_LWS(c) || HTTP_IS_CTL(c))
285 htx->flags |= HTX_FL_PARSING_ERROR;
286 }
287
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]288 /* Set HTX start-line flags */
289 flags |= HTX_SL_F_VER_11; // V2 in fact
290 flags |= HTX_SL_F_XFER_LEN; // xfer len always known with H2
291
Willy Tarreau92919f72019-10-08 16:53:07 +0200[diff] [blame]292 sl = htx_add_stline(htx, HTX_BLK_REQ_SL, flags, phdr[H2_PHDR_IDX_METH], uri, ist("HTTP/2.0"));
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]293 if (!sl)
294 goto fail;
295
296 sl->info.req.meth = find_http_meth(phdr[H2_PHDR_IDX_METH].ptr, phdr[H2_PHDR_IDX_METH].len);
Christopher Faulet7d247f02020-12-02 14:26:36 +0100[diff] [blame]297 if (sl->info.req.meth == HTTP_METH_HEAD)
298 *msgf |= H2_MSGF_BODYLESS_RSP;
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]299 return sl;
300 fail:
301 return NULL;
302}
303
304/* Takes an H2 request present in the headers list <list> terminated by a name
305 * being <NULL,0> and emits the equivalent HTX request according to the rules
306 * documented in RFC7540 #8.1.2. The output contents are emitted in <htx>, and
307 * non-zero is returned if some bytes were emitted. In case of error, a
308 * negative error code is returned.
309 *
310 * Upon success, <msgf> is filled with a few H2_MSGF_* flags indicating what
311 * was found while parsing. The caller must set it to zero in or H2_MSGF_BODY
312 * if a body is detected (!ES).
313 *
314 * The headers list <list> must be composed of :
315 * - n.name != NULL, n.len > 0 : literal header name
316 * - n.name == NULL, n.len > 0 : indexed pseudo header name number <n.len>
317 * among H2_PHDR_IDX_*
318 * - n.name ignored, n.len == 0 : end of list
319 * - in all cases except the end of list, v.name and v.len must designate a
320 * valid value.
321 *
322 * The Cookie header will be reassembled at the end, and for this, the <list>
323 * will be used to create a linked list, so its contents may be destroyed.
324 */
Willy Tarreau4790f7c2019-01-24 11:33:02 +0100[diff] [blame]325int h2_make_htx_request(struct http_hdr *list, struct htx *htx, unsigned int *msgf, unsigned long long *body_len)
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]326{
327 struct ist phdr_val[H2_PHDR_NUM_ENTRIES];
328 uint32_t fields; /* bit mask of H2_PHDR_FND_* */
329 uint32_t idx;
330 int ck, lck; /* cookie index and last cookie index */
331 int phdr;
332 int ret;
333 int i;
Christopher Faulet33543e72019-05-15 15:53:20 +0200[diff] [blame]334 uint32_t used = htx_used_space(htx);
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]335 struct htx_sl *sl = NULL;
336 unsigned int sl_flags = 0;
Willy Tarreau54f53ef2019-11-22 16:02:43 +0100[diff] [blame]337 const char *ctl;
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]338
339 lck = ck = -1; // no cookie for now
340 fields = 0;
341 for (idx = 0; list[idx].n.len != 0; idx++) {
342 if (!list[idx].n.ptr) {
343 /* this is an indexed pseudo-header */
344 phdr = list[idx].n.len;
345 }
346 else {
347 /* this can be any type of header */
Willy Tarreau146f53a2019-11-24 10:34:39 +0100[diff] [blame]348 /* RFC7540#8.1.2: upper case not allowed in header field names.
349 * #10.3: header names must be valid (i.e. match a token).
350 * For pseudo-headers we check from 2nd char and for other ones
351 * from the first char, because HTTP_IS_TOKEN() also excludes
352 * the colon.
353 */
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]354 phdr = h2_str_to_phdr(list[idx].n);
Willy Tarreau146f53a2019-11-24 10:34:39 +0100[diff] [blame]355
356 for (i = !!phdr; i < list[idx].n.len; i++)
357 if ((uint8_t)(list[idx].n.ptr[i] - 'A') < 'Z' - 'A' || !HTTP_IS_TOKEN(list[idx].n.ptr[i]))
358 goto fail;
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]359 }
360
Willy Tarreau54f53ef2019-11-22 16:02:43 +0100[diff] [blame]361 /* RFC7540#10.3: intermediaries forwarding to HTTP/1 must take care of
362 * rejecting NUL, CR and LF characters.
363 */
364 ctl = ist_find_ctl(list[idx].v);
365 if (unlikely(ctl) && has_forbidden_char(list[idx].v, ctl))
366 goto fail;
367
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]368 if (phdr > 0 && phdr < H2_PHDR_NUM_ENTRIES) {
369 /* insert a pseudo header by its index (in phdr) and value (in value) */
370 if (fields & ((1 << phdr) | H2_PHDR_FND_NONE)) {
371 if (fields & H2_PHDR_FND_NONE) {
372 /* pseudo header field after regular headers */
373 goto fail;
374 }
375 else {
376 /* repeated pseudo header field */
377 goto fail;
378 }
379 }
380 fields |= 1 << phdr;
381 phdr_val[phdr] = list[idx].v;
382 continue;
383 }
384 else if (phdr != 0) {
385 /* invalid pseudo header -- should never happen here */
386 goto fail;
387 }
388
389 /* regular header field in (name,value) */
390 if (unlikely(!(fields & H2_PHDR_FND_NONE))) {
391 /* no more pseudo-headers, time to build the request line */
392 sl = h2_prepare_htx_reqline(fields, phdr_val, htx, msgf);
393 if (!sl)
394 goto fail;
395 fields |= H2_PHDR_FND_NONE;
396 }
397
398 if (isteq(list[idx].n, ist("host")))
399 fields |= H2_PHDR_FND_HOST;
400
Willy Tarreaubeefaee2018-12-19 13:08:08 +0100[diff] [blame]401 if (isteq(list[idx].n, ist("content-length"))) {
Willy Tarreau4790f7c2019-01-24 11:33:02 +0100[diff] [blame]402 ret = h2_parse_cont_len_header(msgf, &list[idx].v, body_len);
Willy Tarreaubeefaee2018-12-19 13:08:08 +0100[diff] [blame]403 if (ret < 0)
404 goto fail;
405
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]406 sl_flags |= HTX_SL_F_CLEN;
Willy Tarreaubeefaee2018-12-19 13:08:08 +0100[diff] [blame]407 if (ret == 0)
408 continue; // skip this duplicate
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]409 }
410
411 /* these ones are forbidden in requests (RFC7540#8.1.2.2) */
412 if (isteq(list[idx].n, ist("connection")) ||
413 isteq(list[idx].n, ist("proxy-connection")) ||
414 isteq(list[idx].n, ist("keep-alive")) ||
415 isteq(list[idx].n, ist("upgrade")) ||
416 isteq(list[idx].n, ist("transfer-encoding")))
417 goto fail;
418
419 if (isteq(list[idx].n, ist("te")) && !isteq(list[idx].v, ist("trailers")))
420 goto fail;
421
422 /* cookie requires special processing at the end */
423 if (isteq(list[idx].n, ist("cookie"))) {
424 list[idx].n.len = -1;
425
426 if (ck < 0)
427 ck = idx;
428 else
429 list[lck].n.len = idx;
430
431 lck = idx;
432 continue;
433 }
434
435 if (!htx_add_header(htx, list[idx].n, list[idx].v))
436 goto fail;
437 }
438
439 /* RFC7540#8.1.2.1 mandates to reject response pseudo-headers (:status) */
440 if (fields & H2_PHDR_FND_STAT)
441 goto fail;
442
443 /* Let's dump the request now if not yet emitted. */
444 if (!(fields & H2_PHDR_FND_NONE)) {
445 sl = h2_prepare_htx_reqline(fields, phdr_val, htx, msgf);
446 if (!sl)
447 goto fail;
448 }
449
Christopher Fauletd0db4232021-01-22 11:46:30 +0100[diff] [blame]450 if (*msgf & H2_MSGF_BODY_TUNNEL)
451 *msgf &= ~(H2_MSGF_BODY|H2_MSGF_BODY_CL);
452
Christopher Fauletd1ac2b92020-12-02 19:12:22 +0100[diff] [blame]453 if (!(*msgf & H2_MSGF_BODY) || ((*msgf & H2_MSGF_BODY_CL) && *body_len == 0) ||
454 (*msgf & H2_MSGF_BODY_TUNNEL)) {
455 /* Request without body or tunnel requested */
Christopher Faulet44af3cf2019-02-18 10:12:56 +0100[diff] [blame]456 sl_flags |= HTX_SL_F_BODYLESS;
Christopher Fauletd1ac2b92020-12-02 19:12:22 +0100[diff] [blame]457 htx->flags |= HTX_FL_EOM;
458 }
Christopher Faulet44af3cf2019-02-18 10:12:56 +0100[diff] [blame]459
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]460 /* update the start line with last detected header info */
461 sl->flags |= sl_flags;
462
463 /* complete with missing Host if needed */
464 if ((fields & (H2_PHDR_FND_HOST|H2_PHDR_FND_AUTH)) == H2_PHDR_FND_AUTH) {
465 /* missing Host field, use :authority instead */
466 if (!htx_add_header(htx, ist("host"), phdr_val[H2_PHDR_IDX_AUTH]))
467 goto fail;
468 }
469
470 /* now we may have to build a cookie list. We'll dump the values of all
471 * visited headers.
472 */
473 if (ck >= 0) {
474 uint32_t fs; // free space
475 uint32_t bs; // block size
476 uint32_t vl; // value len
Willy Tarreau164e0612018-12-18 11:00:41 +0100[diff] [blame]477 uint32_t tl; // total length
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]478 struct htx_blk *blk;
479
480 blk = htx_add_header(htx, ist("cookie"), list[ck].v);
481 if (!blk)
482 goto fail;
483
Willy Tarreau164e0612018-12-18 11:00:41 +0100[diff] [blame]484 tl = list[ck].v.len;
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]485 fs = htx_free_data_space(htx);
486 bs = htx_get_blksz(blk);
487
488 /* for each extra cookie, we'll extend the cookie's value and
489 * insert "; " before the new value.
490 */
Willy Tarreau164e0612018-12-18 11:00:41 +0100[diff] [blame]491 fs += tl; // first one is already counted
492 for (; (ck = list[ck].n.len) >= 0 ; ) {
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]493 vl = list[ck].v.len;
Willy Tarreau164e0612018-12-18 11:00:41 +0100[diff] [blame]494 tl += vl + 2;
495 if (tl > fs)
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]496 goto fail;
497
Christopher Faulet3e2638e2019-06-18 09:49:16 +0200[diff] [blame]498 htx_change_blk_value_len(htx, blk, tl);
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]499 *(char *)(htx_get_blk_ptr(htx, blk) + bs + 0) = ';';
500 *(char *)(htx_get_blk_ptr(htx, blk) + bs + 1) = ' ';
501 memcpy(htx_get_blk_ptr(htx, blk) + bs + 2, list[ck].v.ptr, vl);
502 bs += vl + 2;
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]503 }
504
505 }
506
507 /* now send the end of headers marker */
Christopher Faulet5be651d2021-01-22 15:28:03 +0100[diff] [blame]508 if (!htx_add_endof(htx, HTX_BLK_EOH))
509 goto fail;
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]510
Ilya Shipitsin6fb0f212020-04-02 15:25:26 +0500[diff] [blame]511 /* Set bytes used in the HTX message for the headers now */
Christopher Faulet33543e72019-05-15 15:53:20 +0200[diff] [blame]512 sl->hdrs_bytes = htx_used_space(htx) - used;
513
Willy Tarreau6deb4122018-11-27 15:34:18 +0100[diff] [blame]514 ret = 1;
515 return ret;
516
517 fail:
518 return -1;
519}
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]520
521/* Prepare the status line into <htx> from pseudo headers stored in <phdr[]>.
522 * <fields> indicates what was found so far. This should be called once at the
523 * detection of the first general header field or at the end of the message if
524 * no general header field was found yet. Returns the created start line on
525 * success, or NULL on failure. Upon success, <msgf> is updated with a few
526 * H2_MSGF_* flags indicating what was found while parsing.
527 */
528static struct htx_sl *h2_prepare_htx_stsline(uint32_t fields, struct ist *phdr, struct htx *htx, unsigned int *msgf)
529{
Christopher Faulet89899422020-12-07 18:24:43 +0100[diff] [blame]530 unsigned int status, flags = HTX_SL_F_NONE;
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]531 struct htx_sl *sl;
Amaury Denoyelle74162742020-12-11 17:53:05 +0100[diff] [blame^]532 struct ist stat;
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]533
534 /* only :status is allowed as a pseudo header */
535 if (!(fields & H2_PHDR_FND_STAT))
536 goto fail;
537
538 if (phdr[H2_PHDR_IDX_STAT].len != 3)
539 goto fail;
540
Amaury Denoyelle74162742020-12-11 17:53:05 +0100[diff] [blame^]541 /* if Extended CONNECT is used, convert status code from 200 to htx 101
542 * following rfc 8441 */
543 if (unlikely(*msgf & H2_MSGF_EXT_CONNECT) &&
544 isteq(phdr[H2_PHDR_IDX_STAT], ist("200"))) {
545 stat = ist("101");
546 status = 101;
547 }
548 else {
549 unsigned char h, t, u;
550
551 stat = phdr[H2_PHDR_IDX_STAT];
552
553 h = stat.ptr[0] - '0';
554 t = stat.ptr[1] - '0';
555 u = stat.ptr[2] - '0';
556 if (h > 9 || t > 9 || u > 9)
557 goto fail;
558 status = h * 100 + t * 10 + u;
559 }
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]560
Christopher Faulet89899422020-12-07 18:24:43 +0100[diff] [blame]561 /* 101 responses are not supported in H2, so return a error.
562 * On 1xx responses there is no ES on the HEADERS frame but there is no
563 * body. So remove the flag H2_MSGF_BODY and add H2_MSGF_RSP_1XX to
564 * notify the decoder another HEADERS frame is expected.
Christopher Faulet7d247f02020-12-02 14:26:36 +0100[diff] [blame]565 * 204/304 resposne have no body by definition. So remove the flag
566 * H2_MSGF_BODY and set H2_MSGF_BODYLESS_RSP.
Amaury Denoyelle74162742020-12-11 17:53:05 +0100[diff] [blame^]567 *
568 * Note however that there is a special condition for Extended CONNECT.
569 * In this case, we explicitly convert it to HTX 101 to mimic
570 * Get+Upgrade HTTP/1.1 mechanism
Christopher Faulet0b465482019-02-19 15:14:23 +0100[diff] [blame]571 */
Amaury Denoyelle74162742020-12-11 17:53:05 +0100[diff] [blame^]572 if (status == 101) {
573 if (!(*msgf & H2_MSGF_EXT_CONNECT))
574 goto fail;
575 }
Christopher Faulet89899422020-12-07 18:24:43 +0100[diff] [blame]576 else if (status < 200) {
Christopher Faulet0b465482019-02-19 15:14:23 +0100[diff] [blame]577 *msgf |= H2_MSGF_RSP_1XX;
578 *msgf &= ~H2_MSGF_BODY;
579 }
Amaury Denoyelle74162742020-12-11 17:53:05 +0100[diff] [blame^]580 else if (status == 204 || status == 304) {
Christopher Faulet7d247f02020-12-02 14:26:36 +0100[diff] [blame]581 *msgf &= ~H2_MSGF_BODY;
582 *msgf |= H2_MSGF_BODYLESS_RSP;
583 }
Christopher Faulet0b465482019-02-19 15:14:23 +0100[diff] [blame]584
Christopher Faulet89899422020-12-07 18:24:43 +0100[diff] [blame]585 /* Set HTX start-line flags */
586 flags |= HTX_SL_F_VER_11; // V2 in fact
587 flags |= HTX_SL_F_XFER_LEN; // xfer len always known with H2
588
Amaury Denoyelle74162742020-12-11 17:53:05 +0100[diff] [blame^]589 sl = htx_add_stline(htx, HTX_BLK_RES_SL, flags, ist("HTTP/2.0"), stat, ist(""));
Christopher Faulet89899422020-12-07 18:24:43 +0100[diff] [blame]590 if (!sl)
591 goto fail;
592 sl->info.res.status = status;
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]593 return sl;
594 fail:
595 return NULL;
596}
597
598/* Takes an H2 response present in the headers list <list> terminated by a name
599 * being <NULL,0> and emits the equivalent HTX response according to the rules
600 * documented in RFC7540 #8.1.2. The output contents are emitted in <htx>, and
601 * a positive value is returned if some bytes were emitted. In case of error, a
602 * negative error code is returned.
603 *
604 * Upon success, <msgf> is filled with a few H2_MSGF_* flags indicating what
605 * was found while parsing. The caller must set it to zero in or H2_MSGF_BODY
606 * if a body is detected (!ES).
607 *
608 * The headers list <list> must be composed of :
609 * - n.name != NULL, n.len > 0 : literal header name
610 * - n.name == NULL, n.len > 0 : indexed pseudo header name number <n.len>
611 * among H2_PHDR_IDX_*
612 * - n.name ignored, n.len == 0 : end of list
613 * - in all cases except the end of list, v.name and v.len must designate a
614 * valid value.
Amaury Denoyelle74162742020-12-11 17:53:05 +0100[diff] [blame^]615 *
616 * <upgrade_protocol> is only used if the htx status code is 101 indicating a
617 * response to an upgrade or h2-equivalent request.
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]618 */
Amaury Denoyelle74162742020-12-11 17:53:05 +0100[diff] [blame^]619int h2_make_htx_response(struct http_hdr *list, struct htx *htx, unsigned int *msgf, unsigned long long *body_len, char *upgrade_protocol)
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]620{
621 struct ist phdr_val[H2_PHDR_NUM_ENTRIES];
622 uint32_t fields; /* bit mask of H2_PHDR_FND_* */
623 uint32_t idx;
624 int phdr;
625 int ret;
626 int i;
Christopher Faulet33543e72019-05-15 15:53:20 +0200[diff] [blame]627 uint32_t used = htx_used_space(htx);
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]628 struct htx_sl *sl = NULL;
629 unsigned int sl_flags = 0;
Willy Tarreau54f53ef2019-11-22 16:02:43 +0100[diff] [blame]630 const char *ctl;
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]631
632 fields = 0;
633 for (idx = 0; list[idx].n.len != 0; idx++) {
634 if (!list[idx].n.ptr) {
635 /* this is an indexed pseudo-header */
636 phdr = list[idx].n.len;
637 }
638 else {
639 /* this can be any type of header */
Willy Tarreau146f53a2019-11-24 10:34:39 +0100[diff] [blame]640 /* RFC7540#8.1.2: upper case not allowed in header field names.
641 * #10.3: header names must be valid (i.e. match a token).
642 * For pseudo-headers we check from 2nd char and for other ones
643 * from the first char, because HTTP_IS_TOKEN() also excludes
644 * the colon.
645 */
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]646 phdr = h2_str_to_phdr(list[idx].n);
Willy Tarreau146f53a2019-11-24 10:34:39 +0100[diff] [blame]647
648 for (i = !!phdr; i < list[idx].n.len; i++)
649 if ((uint8_t)(list[idx].n.ptr[i] - 'A') < 'Z' - 'A' || !HTTP_IS_TOKEN(list[idx].n.ptr[i]))
650 goto fail;
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]651 }
652
Willy Tarreau54f53ef2019-11-22 16:02:43 +0100[diff] [blame]653 /* RFC7540#10.3: intermediaries forwarding to HTTP/1 must take care of
654 * rejecting NUL, CR and LF characters.
655 */
656 ctl = ist_find_ctl(list[idx].v);
657 if (unlikely(ctl) && has_forbidden_char(list[idx].v, ctl))
658 goto fail;
659
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]660 if (phdr > 0 && phdr < H2_PHDR_NUM_ENTRIES) {
661 /* insert a pseudo header by its index (in phdr) and value (in value) */
662 if (fields & ((1 << phdr) | H2_PHDR_FND_NONE)) {
663 if (fields & H2_PHDR_FND_NONE) {
664 /* pseudo header field after regular headers */
665 goto fail;
666 }
667 else {
668 /* repeated pseudo header field */
669 goto fail;
670 }
671 }
672 fields |= 1 << phdr;
673 phdr_val[phdr] = list[idx].v;
674 continue;
675 }
676 else if (phdr != 0) {
677 /* invalid pseudo header -- should never happen here */
678 goto fail;
679 }
680
681 /* regular header field in (name,value) */
682 if (!(fields & H2_PHDR_FND_NONE)) {
683 /* no more pseudo-headers, time to build the status line */
684 sl = h2_prepare_htx_stsline(fields, phdr_val, htx, msgf);
685 if (!sl)
686 goto fail;
687 fields |= H2_PHDR_FND_NONE;
688 }
689
Willy Tarreaubeefaee2018-12-19 13:08:08 +0100[diff] [blame]690 if (isteq(list[idx].n, ist("content-length"))) {
Willy Tarreau4790f7c2019-01-24 11:33:02 +0100[diff] [blame]691 ret = h2_parse_cont_len_header(msgf, &list[idx].v, body_len);
Willy Tarreaubeefaee2018-12-19 13:08:08 +0100[diff] [blame]692 if (ret < 0)
693 goto fail;
694
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]695 sl_flags |= HTX_SL_F_CLEN;
Willy Tarreaubeefaee2018-12-19 13:08:08 +0100[diff] [blame]696 if (ret == 0)
697 continue; // skip this duplicate
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]698 }
699
700 /* these ones are forbidden in responses (RFC7540#8.1.2.2) */
701 if (isteq(list[idx].n, ist("connection")) ||
702 isteq(list[idx].n, ist("proxy-connection")) ||
703 isteq(list[idx].n, ist("keep-alive")) ||
704 isteq(list[idx].n, ist("upgrade")) ||
705 isteq(list[idx].n, ist("transfer-encoding")))
706 goto fail;
707
708 if (!htx_add_header(htx, list[idx].n, list[idx].v))
709 goto fail;
710 }
711
712 /* RFC7540#8.1.2.1 mandates to reject request pseudo-headers */
713 if (fields & (H2_PHDR_FND_AUTH|H2_PHDR_FND_METH|H2_PHDR_FND_PATH|H2_PHDR_FND_SCHM))
714 goto fail;
715
716 /* Let's dump the request now if not yet emitted. */
717 if (!(fields & H2_PHDR_FND_NONE)) {
718 sl = h2_prepare_htx_stsline(fields, phdr_val, htx, msgf);
719 if (!sl)
720 goto fail;
Amaury Denoyelle74162742020-12-11 17:53:05 +0100[diff] [blame^]721 }
722
723 if (sl->info.res.status == 101 && upgrade_protocol) {
724 if (!htx_add_header(htx, ist("connection"), ist("upgrade")))
725 goto fail;
726 if (!htx_add_header(htx, ist("upgrade"), ist(upgrade_protocol)))
727 goto fail;
728 sl_flags |= HTX_SL_F_CONN_UPG;
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]729 }
730
Amaury Denoyelle74162742020-12-11 17:53:05 +0100[diff] [blame^]731 if ((*msgf & H2_MSGF_BODY_TUNNEL) &&
732 ((sl->info.res.status >= 200 && sl->info.res.status < 300) || sl->info.res.status == 101))
Christopher Fauletd0db4232021-01-22 11:46:30 +0100[diff] [blame]733 *msgf &= ~(H2_MSGF_BODY|H2_MSGF_BODY_CL);
734 else
735 *msgf &= ~H2_MSGF_BODY_TUNNEL;
736
Christopher Fauletd1ac2b92020-12-02 19:12:22 +0100[diff] [blame]737 if (!(*msgf & H2_MSGF_BODY) || ((*msgf & H2_MSGF_BODY_CL) && *body_len == 0) ||
738 (*msgf & H2_MSGF_BODY_TUNNEL)) {
739 /* Response without body or tunnel sucessfully established */
Christopher Faulet44af3cf2019-02-18 10:12:56 +0100[diff] [blame]740 sl_flags |= HTX_SL_F_BODYLESS;
Christopher Fauletd1ac2b92020-12-02 19:12:22 +0100[diff] [blame]741 htx->flags |= HTX_FL_EOM;
742 }
Christopher Faulet44af3cf2019-02-18 10:12:56 +0100[diff] [blame]743
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]744 /* update the start line with last detected header info */
745 sl->flags |= sl_flags;
746
747 if ((*msgf & (H2_MSGF_BODY|H2_MSGF_BODY_TUNNEL|H2_MSGF_BODY_CL)) == H2_MSGF_BODY) {
748 /* FIXME: Do we need to signal anything when we have a body and
749 * no content-length, to have the equivalent of H1's chunked
750 * encoding?
751 */
752 }
753
754 /* now send the end of headers marker */
Christopher Faulet5be651d2021-01-22 15:28:03 +0100[diff] [blame]755 if (!htx_add_endof(htx, HTX_BLK_EOH))
756 goto fail;
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]757
Ilya Shipitsin6fb0f212020-04-02 15:25:26 +0500[diff] [blame]758 /* Set bytes used in the HTX message for the headers now */
Christopher Faulet33543e72019-05-15 15:53:20 +0200[diff] [blame]759 sl->hdrs_bytes = htx_used_space(htx) - used;
760
Willy Tarreau1329b5b2018-10-08 14:49:20 +0200[diff] [blame]761 ret = 1;
762 return ret;
763
764 fail:
765 return -1;
766}
Willy Tarreau1e1f27c2019-01-03 18:39:54 +0100[diff] [blame]767
Christopher Faulet2d7c5392019-06-03 10:41:26 +0200[diff] [blame]768/* Takes an H2 headers list <list> terminated by a name being <NULL,0> and emits
769 * the equivalent HTX trailers blocks. The output contents are emitted in <htx>,
770 * and a positive value is returned if some bytes were emitted. In case of
771 * error, a negative error code is returned. The caller must have verified that
772 * the message in the buffer is compatible with receipt of trailers.
Willy Tarreau1e1f27c2019-01-03 18:39:54 +0100[diff] [blame]773 *
774 * The headers list <list> must be composed of :
775 * - n.name != NULL, n.len > 0 : literal header name
776 * - n.name == NULL, n.len > 0 : indexed pseudo header name number <n.len>
777 * among H2_PHDR_IDX_* (illegal here)
778 * - n.name ignored, n.len == 0 : end of list
779 * - in all cases except the end of list, v.name and v.len must designate a
780 * valid value.
781 */
782int h2_make_htx_trailers(struct http_hdr *list, struct htx *htx)
783{
Willy Tarreau54f53ef2019-11-22 16:02:43 +0100[diff] [blame]784 const char *ctl;
Willy Tarreau1e1f27c2019-01-03 18:39:54 +0100[diff] [blame]785 uint32_t idx;
Willy Tarreau1e1f27c2019-01-03 18:39:54 +0100[diff] [blame]786 int i;
787
Willy Tarreau1e1f27c2019-01-03 18:39:54 +0100[diff] [blame]788 for (idx = 0; list[idx].n.len != 0; idx++) {
789 if (!list[idx].n.ptr) {
790 /* This is an indexed pseudo-header (RFC7540#8.1.2.1) */
791 goto fail;
792 }
793
Willy Tarreau146f53a2019-11-24 10:34:39 +0100[diff] [blame]794 /* RFC7540#8.1.2: upper case not allowed in header field names.
795 * #10.3: header names must be valid (i.e. match a token). This
796 * also catches pseudo-headers which are forbidden in trailers.
797 */
Willy Tarreau1e1f27c2019-01-03 18:39:54 +0100[diff] [blame]798 for (i = 0; i < list[idx].n.len; i++)
Willy Tarreau146f53a2019-11-24 10:34:39 +0100[diff] [blame]799 if ((uint8_t)(list[idx].n.ptr[i] - 'A') < 'Z' - 'A' || !HTTP_IS_TOKEN(list[idx].n.ptr[i]))
Willy Tarreau1e1f27c2019-01-03 18:39:54 +0100[diff] [blame]800 goto fail;
801
Willy Tarreau1e1f27c2019-01-03 18:39:54 +0100[diff] [blame]802 /* these ones are forbidden in trailers (RFC7540#8.1.2.2) */
803 if (isteq(list[idx].n, ist("host")) ||
804 isteq(list[idx].n, ist("content-length")) ||
805 isteq(list[idx].n, ist("connection")) ||
806 isteq(list[idx].n, ist("proxy-connection")) ||
807 isteq(list[idx].n, ist("keep-alive")) ||
808 isteq(list[idx].n, ist("upgrade")) ||
809 isteq(list[idx].n, ist("te")) ||
810 isteq(list[idx].n, ist("transfer-encoding")))
811 goto fail;
812
Willy Tarreau54f53ef2019-11-22 16:02:43 +0100[diff] [blame]813 /* RFC7540#10.3: intermediaries forwarding to HTTP/1 must take care of
814 * rejecting NUL, CR and LF characters.
815 */
816 ctl = ist_find_ctl(list[idx].v);
817 if (unlikely(ctl) && has_forbidden_char(list[idx].v, ctl))
818 goto fail;
819
Christopher Faulet2d7c5392019-06-03 10:41:26 +0200[diff] [blame]820 if (!htx_add_trailer(htx, list[idx].n, list[idx].v))
821 goto fail;
Willy Tarreau1e1f27c2019-01-03 18:39:54 +0100[diff] [blame]822 }
823
Christopher Faulet2d7c5392019-06-03 10:41:26 +0200[diff] [blame]824 if (!htx_add_endof(htx, HTX_BLK_EOT))
Willy Tarreau1e1f27c2019-01-03 18:39:54 +0100[diff] [blame]825 goto fail;
826
Willy Tarreau1e1f27c2019-01-03 18:39:54 +0100[diff] [blame]827 return 1;
828
829 fail:
830 return -1;
831}