Ticket #13347: 0001-Fix-client-hang-when-HEAD-request-is-sent-to-PoorMan.patch

File 0001-Fix-client-hang-when-HEAD-request-is-sent-to-PoorMan.patch, 4.0 KB (added by kainjow, 7 years ago)

  • src/apps/poorman/PoorManServer.cpp 

    From 475157da0797cf154d0cf789bea64ee6c9bb274f Mon Sep 17 00:00:00 2001
From: Kevin Wojniak <kainjow@users.noreply.github.com>
Date: Sun, 26 Feb 2017 12:49:23 +0000
Subject: [PATCH] Fix client hang when HEAD request is sent to PoorMan

If a HEAD request was sent to PoorMan, for example from curl ("curl --HEAD http://x.x.x.x") then the client would hang due to the connection never being closed.

In PoorManServer::_Worker, after httpd_start_request() is called, a null file_address is used to detect when libhttpd has already sent a directory listing. In this situation, PoorMan assumes libhttpd already fully handled the request. However httpd_start_request() didn't properly set this flag for HEAD requests. In the if block for a null file_address, the file descriptor was incorrectly invalidated, which prevented the connection from closing. Fixing this revealed two more bugs. The first is libhttpd was not actually sending the http headers for HEAD directory listing requests. The second is PoorManServer would increment its hit count for HEAD directory listing requests. This change also refactors file_address to a more sensible name and t ype that reflects its use.
---
 src/apps/poorman/PoorManServer.cpp   | 11 ++++++-----
 src/apps/poorman/libhttpd/libhttpd.c | 10 +++-------
 src/apps/poorman/libhttpd/libhttpd.h |  2 +-
 3 files changed, 10 insertions(+), 13 deletions(-)

diff --git a/src/apps/poorman/PoorManServer.cpp b/src/apps/poorman/PoorManServer.cpp
index dacc2ac..faace73 100644
    a b int32 PoorManServer::_Worker(void* data)  
    317317    /*true means the connection is already handled
    318318     *by the directory index generator in httpd_start_request().
    319319     */
    320     if (hc->file_address == (char*) 0) {
    321         static_cast<PoorManApplication*>(be_app)->GetPoorManWindow()->SetHits(
    322             static_cast<PoorManApplication*>(be_app)->GetPoorManWindow()->GetHits() + 1
    323         );
    324         hc->conn_fd = -1;
     320    if (hc->processed_directory_index == 1) {
     321        if (hc->method == METHOD_GET) {
     322            static_cast<PoorManApplication*>(be_app)->GetPoorManWindow()->SetHits(
     323                static_cast<PoorManApplication*>(be_app)->GetPoorManWindow()->GetHits() + 1
     324            );
     325        }
    325326        goto cleanup;
    326327    }
    327328   

  • src/apps/poorman/libhttpd/libhttpd.c 

    diff --git a/src/apps/poorman/libhttpd/libhttpd.c b/src/apps/poorman/libhttpd/libhttpd.c
index ce22eeb..ab52cc4 100644
    a b httpd_get_conn( httpd_server* hs, int listen_fd, httpd_conn* hc )  
    17671767    hc->last_byte_index = -1;
    17681768    hc->keep_alive = 0;
    17691769    hc->should_linger = 0;
    1770     hc->file_address = (char*) 0;
     1770    hc->processed_directory_index = 0;
    17711771    return GC_OK;
    17721772    }
    17731773
    httpd_close_conn( httpd_conn* hc, struct timeval* nowP )  
    24592459    {
    24602460    make_log_entry( hc, nowP );
    24612461
    2462     if ( hc->file_address != (char*) 0 )
    2463     {
    2464     //mmc_unmap( hc->file_address, &(hc->sb), nowP );
    2465     hc->file_address = (char*) 0;
    2466     }
    24672462    if ( hc->conn_fd >= 0 )
    24682463    {
    24692464    (void) close( hc->conn_fd );
    ls( httpd_conn* hc )  
    27132708    send_mime(
    27142709        hc, 200, ok200title, "", "", "text/html; charset=%s", (off_t) -1,
    27152710        hc->sb.st_mtime );
     2711    httpd_write_response( hc );
    27162712    free(de);
    27172713    }
    27182714    else if ( hc->method == METHOD_GET )
    ls( httpd_conn* hc )  
    29482944    free(de);
    29492945    return -1;
    29502946    }
     2947    hc->processed_directory_index = 1;
    29512948    return 0;
    29522949    }
    29532950
    if(hc->hs->do_list_dir){  
    32653262    }
    32663263    else
    32673264    {
    3268     hc->file_address = (char*)1;
    32693265    send_mime(
    32703266        hc, 200, ok200title, hc->encodings, "", hc->type, hc->sb.st_size,
    32713267        hc->sb.st_mtime );

  • src/apps/poorman/libhttpd/libhttpd.h 

    diff --git a/src/apps/poorman/libhttpd/libhttpd.h b/src/apps/poorman/libhttpd/libhttpd.h
index f820071..71ce5ce 100644
    a b typedef struct {  
    145145    int should_linger;
    146146    struct stat sb;
    147147    int conn_fd;
    148     char* file_address;
     148    int processed_directory_index;
    149149    } httpd_conn;
    150150
    151151/* Methods. */