Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 1 | /* |
| 2 | * HPACK header table management (RFC7541) |
| 3 | * |
| 4 | * Copyright (C) 2014-2017 Willy Tarreau <willy@haproxy.org> |
| 5 | * Copyright (C) 2017 HAProxy Technologies |
| 6 | * |
| 7 | * Permission is hereby granted, free of charge, to any person obtaining |
| 8 | * a copy of this software and associated documentation files (the |
| 9 | * "Software"), to deal in the Software without restriction, including |
| 10 | * without limitation the rights to use, copy, modify, merge, publish, |
| 11 | * distribute, sublicense, and/or sell copies of the Software, and to |
| 12 | * permit persons to whom the Software is furnished to do so, subject to |
| 13 | * the following conditions: |
| 14 | * |
| 15 | * The above copyright notice and this permission notice shall be |
| 16 | * included in all copies or substantial portions of the Software. |
| 17 | * |
| 18 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, |
| 19 | * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES |
| 20 | * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND |
| 21 | * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT |
| 22 | * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, |
| 23 | * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
| 24 | * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR |
| 25 | * OTHER DEALINGS IN THE SOFTWARE. |
| 26 | */ |
| 27 | |
Willy Tarreau | a1bd1fa | 2019-03-29 17:26:33 +0100 | [diff] [blame] | 28 | #include <inttypes.h> |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 29 | #include <stdio.h> |
| 30 | #include <stdlib.h> |
| 31 | #include <string.h> |
| 32 | |
Willy Tarreau | b255105 | 2020-06-09 09:07:15 +0200 | [diff] [blame] | 33 | #include <import/ist.h> |
Willy Tarreau | be327fa | 2020-06-03 09:09:57 +0200 | [diff] [blame] | 34 | #include <haproxy/hpack-huff.h> |
| 35 | #include <haproxy/hpack-tbl.h> |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 36 | |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 37 | /* static header table as in RFC7541 Appendix A. [0] unused. */ |
| 38 | const struct http_hdr hpack_sht[HPACK_SHT_SIZE] = { |
| 39 | [ 1] = { .n = IST(":authority"), .v = IST("") }, |
| 40 | [ 2] = { .n = IST(":method"), .v = IST("GET") }, |
| 41 | [ 3] = { .n = IST(":method"), .v = IST("POST") }, |
| 42 | [ 4] = { .n = IST(":path"), .v = IST("/") }, |
| 43 | [ 5] = { .n = IST(":path"), .v = IST("/index.html") }, |
| 44 | [ 6] = { .n = IST(":scheme"), .v = IST("http") }, |
| 45 | [ 7] = { .n = IST(":scheme"), .v = IST("https") }, |
| 46 | [ 8] = { .n = IST(":status"), .v = IST("200") }, |
| 47 | [ 9] = { .n = IST(":status"), .v = IST("204") }, |
| 48 | [10] = { .n = IST(":status"), .v = IST("206") }, |
| 49 | [11] = { .n = IST(":status"), .v = IST("304") }, |
| 50 | [12] = { .n = IST(":status"), .v = IST("400") }, |
| 51 | [13] = { .n = IST(":status"), .v = IST("404") }, |
| 52 | [14] = { .n = IST(":status"), .v = IST("500") }, |
| 53 | [15] = { .n = IST("accept-charset"), .v = IST("") }, |
| 54 | [16] = { .n = IST("accept-encoding"), .v = IST("gzip, deflate") }, |
| 55 | [17] = { .n = IST("accept-language"), .v = IST("") }, |
| 56 | [18] = { .n = IST("accept-ranges"), .v = IST("") }, |
| 57 | [19] = { .n = IST("accept"), .v = IST("") }, |
| 58 | [20] = { .n = IST("access-control-allow-origin"), .v = IST("") }, |
| 59 | [21] = { .n = IST("age"), .v = IST("") }, |
| 60 | [22] = { .n = IST("allow"), .v = IST("") }, |
| 61 | [23] = { .n = IST("authorization"), .v = IST("") }, |
| 62 | [24] = { .n = IST("cache-control"), .v = IST("") }, |
| 63 | [25] = { .n = IST("content-disposition"), .v = IST("") }, |
| 64 | [26] = { .n = IST("content-encoding"), .v = IST("") }, |
| 65 | [27] = { .n = IST("content-language"), .v = IST("") }, |
| 66 | [28] = { .n = IST("content-length"), .v = IST("") }, |
| 67 | [29] = { .n = IST("content-location"), .v = IST("") }, |
| 68 | [30] = { .n = IST("content-range"), .v = IST("") }, |
| 69 | [31] = { .n = IST("content-type") , .v = IST("") }, |
| 70 | [32] = { .n = IST("cookie"), .v = IST("") }, |
| 71 | [33] = { .n = IST("date"), .v = IST("") }, |
| 72 | [34] = { .n = IST("etag"), .v = IST("") }, |
| 73 | [35] = { .n = IST("expect"), .v = IST("") }, |
| 74 | [36] = { .n = IST("expires"), .v = IST("") }, |
| 75 | [37] = { .n = IST("from"), .v = IST("") }, |
| 76 | [38] = { .n = IST("host"), .v = IST("") }, |
| 77 | [39] = { .n = IST("if-match"), .v = IST("") }, |
| 78 | [40] = { .n = IST("if-modified-since"), .v = IST("") }, |
| 79 | [41] = { .n = IST("if-none-match"), .v = IST("") }, |
| 80 | [42] = { .n = IST("if-range"), .v = IST("") }, |
| 81 | [43] = { .n = IST("if-unmodified-since"), .v = IST("") }, |
| 82 | [44] = { .n = IST("last-modified"), .v = IST("") }, |
| 83 | [45] = { .n = IST("link"), .v = IST("") }, |
| 84 | [46] = { .n = IST("location"), .v = IST("") }, |
| 85 | [47] = { .n = IST("max-forwards"), .v = IST("") }, |
| 86 | [48] = { .n = IST("proxy-authenticate"), .v = IST("") }, |
| 87 | [49] = { .n = IST("proxy-authorization"), .v = IST("") }, |
| 88 | [50] = { .n = IST("range"), .v = IST("") }, |
| 89 | [51] = { .n = IST("referer"), .v = IST("") }, |
| 90 | [52] = { .n = IST("refresh"), .v = IST("") }, |
| 91 | [53] = { .n = IST("retry-after"), .v = IST("") }, |
| 92 | [54] = { .n = IST("server"), .v = IST("") }, |
| 93 | [55] = { .n = IST("set-cookie"), .v = IST("") }, |
| 94 | [56] = { .n = IST("strict-transport-security"), .v = IST("") }, |
| 95 | [57] = { .n = IST("transfer-encoding"), .v = IST("") }, |
| 96 | [58] = { .n = IST("user-agent"), .v = IST("") }, |
| 97 | [59] = { .n = IST("vary"), .v = IST("") }, |
| 98 | [60] = { .n = IST("via"), .v = IST("") }, |
| 99 | [61] = { .n = IST("www-authenticate"), .v = IST("") }, |
| 100 | }; |
| 101 | |
Willy Tarreau | ff88270 | 2021-04-10 17:23:00 +0200 | [diff] [blame] | 102 | struct pool_head *pool_head_hpack_tbl __read_mostly = NULL; |
Willy Tarreau | 2bdcc70 | 2020-05-19 11:31:11 +0200 | [diff] [blame] | 103 | |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 104 | #ifdef DEBUG_HPACK |
| 105 | /* dump the whole dynamic header table */ |
Willy Tarreau | 4f6535d | 2020-06-05 09:05:31 +0200 | [diff] [blame] | 106 | void hpack_dht_dump(FILE *out, const struct hpack_dht *dht) |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 107 | { |
Willy Tarreau | 7f2a44d | 2018-09-17 14:07:33 +0200 | [diff] [blame] | 108 | unsigned int i; |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 109 | unsigned int slot; |
| 110 | char name[4096], value[4096]; |
| 111 | |
| 112 | for (i = HPACK_SHT_SIZE; i < HPACK_SHT_SIZE + dht->used; i++) { |
| 113 | slot = (hpack_get_dte(dht, i - HPACK_SHT_SIZE + 1) - dht->dte); |
Willy Tarreau | 160e74b | 2022-04-12 08:30:08 +0200 | [diff] [blame] | 114 | fprintf(out, "idx=%u slot=%u name=<%s> value=<%s> addr=%u-%u\n", |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 115 | i, slot, |
| 116 | istpad(name, hpack_idx_to_name(dht, i)).ptr, |
| 117 | istpad(value, hpack_idx_to_value(dht, i)).ptr, |
| 118 | dht->dte[slot].addr, dht->dte[slot].addr+dht->dte[slot].nlen+dht->dte[slot].vlen-1); |
| 119 | } |
| 120 | } |
| 121 | |
| 122 | /* check for the whole dynamic header table consistency, abort on failures */ |
Willy Tarreau | 4f6535d | 2020-06-05 09:05:31 +0200 | [diff] [blame] | 123 | void hpack_dht_check_consistency(const struct hpack_dht *dht) |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 124 | { |
| 125 | unsigned slot = hpack_dht_get_tail(dht); |
| 126 | unsigned used2 = dht->used; |
| 127 | unsigned total = 0; |
| 128 | |
| 129 | if (!dht->used) |
| 130 | return; |
| 131 | |
| 132 | if (dht->front >= dht->wrap) |
| 133 | abort(); |
| 134 | |
| 135 | if (dht->used > dht->wrap) |
| 136 | abort(); |
| 137 | |
| 138 | if (dht->head >= dht->wrap) |
| 139 | abort(); |
| 140 | |
| 141 | while (used2--) { |
| 142 | total += dht->dte[slot].nlen + dht->dte[slot].vlen; |
| 143 | slot++; |
| 144 | if (slot >= dht->wrap) |
| 145 | slot = 0; |
| 146 | } |
| 147 | |
| 148 | if (total != dht->total) { |
| 149 | fprintf(stderr, "%d: total=%u dht=%u\n", __LINE__, total, dht->total); |
| 150 | abort(); |
| 151 | } |
| 152 | } |
| 153 | #endif // DEBUG_HPACK |
| 154 | |
| 155 | /* rebuild a new dynamic header table from <dht> with an unwrapped index and |
| 156 | * contents at the end. The new table is returned, the caller must not use the |
| 157 | * previous one anymore. NULL may be returned if no table could be allocated. |
| 158 | */ |
| 159 | static struct hpack_dht *hpack_dht_defrag(struct hpack_dht *dht) |
| 160 | { |
| 161 | struct hpack_dht *alt_dht; |
| 162 | uint16_t old, new; |
| 163 | uint32_t addr; |
| 164 | |
| 165 | /* Note: for small tables we could use alloca() instead but |
| 166 | * portability especially for large tables can be problematic. |
| 167 | */ |
Willy Tarreau | 2bdcc70 | 2020-05-19 11:31:11 +0200 | [diff] [blame] | 168 | alt_dht = hpack_dht_alloc(); |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 169 | if (!alt_dht) |
| 170 | return NULL; |
| 171 | |
| 172 | alt_dht->total = dht->total; |
| 173 | alt_dht->used = dht->used; |
| 174 | alt_dht->wrap = dht->used; |
| 175 | |
| 176 | new = 0; |
| 177 | addr = alt_dht->size; |
| 178 | |
| 179 | if (dht->used) { |
| 180 | /* start from the tail */ |
| 181 | old = hpack_dht_get_tail(dht); |
| 182 | do { |
| 183 | alt_dht->dte[new].nlen = dht->dte[old].nlen; |
| 184 | alt_dht->dte[new].vlen = dht->dte[old].vlen; |
| 185 | addr -= dht->dte[old].nlen + dht->dte[old].vlen; |
| 186 | alt_dht->dte[new].addr = addr; |
| 187 | |
| 188 | memcpy((void *)alt_dht + alt_dht->dte[new].addr, |
| 189 | (void *)dht + dht->dte[old].addr, |
| 190 | dht->dte[old].nlen + dht->dte[old].vlen); |
| 191 | |
| 192 | old++; |
| 193 | if (old >= dht->wrap) |
| 194 | old = 0; |
| 195 | new++; |
| 196 | } while (new < dht->used); |
| 197 | } |
| 198 | |
| 199 | alt_dht->front = alt_dht->head = new - 1; |
| 200 | |
| 201 | memcpy(dht, alt_dht, dht->size); |
| 202 | hpack_dht_free(alt_dht); |
| 203 | |
| 204 | return dht; |
| 205 | } |
| 206 | |
| 207 | /* Purges table dht until a header field of <needed> bytes fits according to |
| 208 | * the protocol (adding 32 bytes overhead). Returns non-zero on success, zero |
| 209 | * on failure (ie: table empty but still not sufficient). It must only be |
| 210 | * called when the table is not large enough to suit the new entry and there |
| 211 | * are some entries left. In case of doubt, use dht_make_room() instead. |
| 212 | */ |
| 213 | int __hpack_dht_make_room(struct hpack_dht *dht, unsigned int needed) |
| 214 | { |
| 215 | unsigned int used = dht->used; |
| 216 | unsigned int wrap = dht->wrap; |
| 217 | unsigned int tail; |
| 218 | |
| 219 | do { |
| 220 | tail = ((dht->head + 1U < used) ? wrap : 0) + dht->head + 1U - used; |
| 221 | dht->total -= dht->dte[tail].nlen + dht->dte[tail].vlen; |
| 222 | if (tail == dht->front) |
| 223 | dht->front = dht->head; |
| 224 | used--; |
| 225 | } while (used && used * 32 + dht->total + needed + 32 > dht->size); |
| 226 | |
| 227 | dht->used = used; |
| 228 | |
| 229 | /* realign if empty */ |
| 230 | if (!used) |
| 231 | dht->front = dht->head = 0; |
| 232 | |
| 233 | /* pack the table if it doesn't wrap anymore */ |
| 234 | if (dht->head + 1U >= used) |
| 235 | dht->wrap = dht->head + 1; |
| 236 | |
| 237 | /* no need to check for 'used' here as if it doesn't fit, used==0 */ |
| 238 | return needed + 32 <= dht->size; |
| 239 | } |
| 240 | |
| 241 | /* tries to insert a new header <name>:<value> in front of the current head. A |
| 242 | * negative value is returned on error. |
| 243 | */ |
| 244 | int hpack_dht_insert(struct hpack_dht *dht, struct ist name, struct ist value) |
| 245 | { |
| 246 | unsigned int used; |
| 247 | unsigned int head; |
| 248 | unsigned int prev; |
| 249 | unsigned int wrap; |
| 250 | unsigned int tail; |
| 251 | uint32_t headroom, tailroom; |
| 252 | |
| 253 | if (!hpack_dht_make_room(dht, name.len + value.len)) |
Willy Tarreau | 6c71e46 | 2017-12-04 17:58:37 +0100 | [diff] [blame] | 254 | return 0; |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 255 | |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 256 | /* Now there is enough room in the table, that's guaranteed by the |
| 257 | * protocol, but not necessarily where we need it. |
| 258 | */ |
| 259 | |
Willy Tarreau | a7394e1 | 2018-03-27 15:06:02 +0200 | [diff] [blame] | 260 | used = dht->used; |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 261 | if (!used) { |
| 262 | /* easy, the table was empty */ |
| 263 | dht->front = dht->head = 0; |
| 264 | dht->wrap = dht->used = 1; |
| 265 | dht->total = 0; |
| 266 | head = 0; |
| 267 | dht->dte[head].addr = dht->size - (name.len + value.len); |
| 268 | goto copy; |
| 269 | } |
| 270 | |
| 271 | /* compute the new head, used and wrap position */ |
Willy Tarreau | a7394e1 | 2018-03-27 15:06:02 +0200 | [diff] [blame] | 272 | prev = head = dht->head; |
| 273 | wrap = dht->wrap; |
| 274 | tail = hpack_dht_get_tail(dht); |
| 275 | |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 276 | used++; |
| 277 | head++; |
| 278 | |
| 279 | if (head >= wrap) { |
| 280 | /* head is leading the entries, we either need to push the |
| 281 | * table further or to loop back to released entries. We could |
| 282 | * force to loop back when at least half of the allocatable |
| 283 | * entries are free but in practice it never happens. |
| 284 | */ |
| 285 | if ((sizeof(*dht) + (wrap + 1) * sizeof(dht->dte[0]) <= dht->dte[dht->front].addr)) |
| 286 | wrap++; |
| 287 | else if (head >= used) /* there's a hole at the beginning */ |
| 288 | head = 0; |
| 289 | else { |
| 290 | /* no more room, head hits tail and the index cannot be |
| 291 | * extended, we have to realign the whole table. |
| 292 | */ |
| 293 | if (!hpack_dht_defrag(dht)) |
| 294 | return -1; |
| 295 | |
| 296 | wrap = dht->wrap + 1; |
| 297 | head = dht->head + 1; |
| 298 | prev = head - 1; |
| 299 | tail = 0; |
| 300 | } |
| 301 | } |
| 302 | else if (used >= wrap) { |
| 303 | /* we've hit the tail, we need to reorganize the index so that |
| 304 | * the head is at the end (but not necessarily move the data). |
| 305 | */ |
| 306 | if (!hpack_dht_defrag(dht)) |
| 307 | return -1; |
| 308 | |
| 309 | wrap = dht->wrap + 1; |
| 310 | head = dht->head + 1; |
| 311 | prev = head - 1; |
| 312 | tail = 0; |
| 313 | } |
| 314 | |
| 315 | /* Now we have updated head, used and wrap, we know that there is some |
| 316 | * available room at least from the protocol's perspective. This space |
| 317 | * is split in two areas : |
| 318 | * |
| 319 | * 1: if the previous head was the front cell, the space between the |
| 320 | * end of the index table and the front cell's address. |
| 321 | * 2: if the previous head was the front cell, the space between the |
| 322 | * end of the tail and the end of the table ; or if the previous |
| 323 | * head was not the front cell, the space between the end of the |
| 324 | * tail and the head's address. |
| 325 | */ |
| 326 | if (prev == dht->front) { |
| 327 | /* the area was contiguous */ |
| 328 | headroom = dht->dte[dht->front].addr - (sizeof(*dht) + wrap * sizeof(dht->dte[0])); |
| 329 | tailroom = dht->size - dht->dte[tail].addr - dht->dte[tail].nlen - dht->dte[tail].vlen; |
| 330 | } |
| 331 | else { |
| 332 | /* it's already wrapped so we can't store anything in the headroom */ |
| 333 | headroom = 0; |
| 334 | tailroom = dht->dte[prev].addr - dht->dte[tail].addr - dht->dte[tail].nlen - dht->dte[tail].vlen; |
| 335 | } |
| 336 | |
| 337 | /* We can decide to stop filling the headroom as soon as there's enough |
| 338 | * room left in the tail to suit the protocol, but tests show that in |
| 339 | * practice it almost never happens in other situations so the extra |
| 340 | * test is useless and we simply fill the headroom as long as it's |
Willy Tarreau | 5dfc5d5 | 2020-03-29 08:53:31 +0200 | [diff] [blame] | 341 | * available and we don't wrap. |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 342 | */ |
Willy Tarreau | 5dfc5d5 | 2020-03-29 08:53:31 +0200 | [diff] [blame] | 343 | if (prev == dht->front && headroom >= name.len + value.len) { |
Willy Tarreau | ce04094 | 2017-05-30 18:46:58 +0200 | [diff] [blame] | 344 | /* install upfront and update ->front */ |
| 345 | dht->dte[head].addr = dht->dte[dht->front].addr - (name.len + value.len); |
| 346 | dht->front = head; |
| 347 | } |
| 348 | else if (tailroom >= name.len + value.len) { |
| 349 | dht->dte[head].addr = dht->dte[tail].addr + dht->dte[tail].nlen + dht->dte[tail].vlen + tailroom - (name.len + value.len); |
| 350 | } |
| 351 | else { |
| 352 | /* need to defragment the table before inserting upfront */ |
| 353 | dht = hpack_dht_defrag(dht); |
| 354 | wrap = dht->wrap + 1; |
| 355 | head = dht->head + 1; |
| 356 | dht->dte[head].addr = dht->dte[dht->front].addr - (name.len + value.len); |
| 357 | dht->front = head; |
| 358 | } |
| 359 | |
| 360 | dht->wrap = wrap; |
| 361 | dht->head = head; |
| 362 | dht->used = used; |
| 363 | |
| 364 | copy: |
| 365 | dht->total += name.len + value.len; |
| 366 | dht->dte[head].nlen = name.len; |
| 367 | dht->dte[head].vlen = value.len; |
| 368 | |
| 369 | memcpy((void *)dht + dht->dte[head].addr, name.ptr, name.len); |
| 370 | memcpy((void *)dht + dht->dte[head].addr + name.len, value.ptr, value.len); |
| 371 | return 0; |
| 372 | } |