Re: [PATCH] Be more lenient with ap_proxy_read_headers in 2.0

Tue, 24 Sep 2002 07:20:24 -0700 

I've sent a patch doing the same some time ago, but it was not accepted
so don't get your hopes up ;-). 

Peter.

Jim Jagielski wrote:
> 
> In the 2.0 proxy, a bogus header line causes an immediate 502 error,
> whereas in 1.3, we try to handle it. The below patch attemps to make
> 2.0 a bit more lenient in what we accept, and allows for backwards
> compatibility with what 1.3 does (principle of least astonishment).
> I haven't fully tested this yet, but comments/feedback are welcome.
> 
> Index: modules/proxy/proxy_util.c
> ===================================================================
> RCS file: /home/cvs/httpd-2.0/modules/proxy/proxy_util.c,v
> retrieving revision 1.98
> diff -u -r1.98 proxy_util.c
> --- modules/proxy/proxy_util.c  25 Aug 2002 20:40:11 -0000      1.98
> +++ modules/proxy/proxy_util.c  24 Sep 2002 14:21:06 -0000
> @@ -433,6 +433,7 @@
>      int len;
>      char *value, *end;
>      char field[MAX_STRING_LEN];
> +    int saw_headers = 0;
> 
>      headers_out = apr_table_make(r->pool, 20);
> 
> @@ -447,12 +448,25 @@
>             /* Buggy MS IIS servers sometimes return invalid headers
>              * (an extra "HTTP/1.0 200, OK" line sprinkled in between
>              * the usual MIME headers). Try to deal with it in a sensible
> -            * way, but log the fact.
> +            * way, but log the fact. If it's not that, but we've seen
> +            * some headers up to now, return them, The also handles the
> +            * fact that buggy MS IIS servers sometimes forget the CRLF
> +            * between headers and content.
>              * XXX: The mask check is buggy if we ever see an HTTP/1.10 */
> 
>             if (!apr_date_checkmask(buffer, "HTTP/#.# ###*")) {
>                 /* Nope, it wasn't even an extra HTTP header. Give up. */
> -               return NULL;
> +               if (saw_headers) {
> +                   ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server,
> +                        "proxy: Ignoring bogus non-header in headers "
> +                        "returned by %s (%s)", r->uri, r->method);
> +                   return headers_out;
> +               } else {
> +                   ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server,
> +                        "proxy: No HTTP headers "
> +                        "returned by %s (%s)", r->uri, r->method);
> +                   return NULL;
> +               }
>             }
> 
>             ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server,
> @@ -475,6 +489,7 @@
> 
>          /* make sure we add so as not to destroy duplicated headers */
>          apr_table_add(headers_out, buffer, value);
> +        saw_headers = 1;
> 
>         /* the header was too long; at the least we should skip extra data */
>         if (len >= size - 1) {
> --
> ===========================================================================
>    Jim Jagielski   [|]   [EMAIL PROTECTED]   [|]   http://www.jaguNET.com/
>       "A society that will trade a little liberty for a little order
>              will lose both and deserve neither" - T.Jefferson

Reply via email to