diff --git a/include/aws/http/http.h b/include/aws/http/http.h index aeb4bfdc8..6d1d48c71 100644 --- a/include/aws/http/http.h +++ b/include/aws/http/http.h @@ -54,6 +54,7 @@ enum aws_http_errors { AWS_ERROR_HTTP_STREAM_MANAGER_SHUTTING_DOWN, AWS_ERROR_HTTP_STREAM_MANAGER_CONNECTION_ACQUIRE_FAILURE, AWS_ERROR_HTTP_STREAM_MANAGER_UNEXPECTED_HTTP_VERSION, + AWS_ERROR_HTTP_REQUIRED_PSEUDO_HEADER_MISSING, AWS_ERROR_HTTP_END_RANGE = AWS_ERROR_ENUM_END_RANGE(AWS_C_HTTP_PACKAGE_ID) }; diff --git a/include/aws/http/private/hpack.h b/include/aws/http/private/hpack.h index d0507c2af..caa8b2062 100644 --- a/include/aws/http/private/hpack.h +++ b/include/aws/http/private/hpack.h @@ -103,9 +103,19 @@ struct aws_hpack_decoder { struct aws_hpack_context context; - /* TODO: check the new (RFC 9113 - 4.3.1) to make sure we did it right */ - /* SETTINGS_HEADER_TABLE_SIZE from http2 */ - size_t dynamic_table_protocol_max_size_setting; + /* SETTINGS_HEADER_TABLE_SIZE from http2. */ + struct { + size_t latest_value; /* The latest setting from http2 */ + uint32_t smallest_value_pending; /* The smallest setting during the pending update time. Only valid when + pending_update is true. */ + bool pending_update_in_progress; /* True when the settings was received that smaller than the current dynamic + table size but not received a regular entry yet, assume the update is still in + progress. */ + bool update_valid; /* True when the update should happen and no *conformant* Dynamic table resize was received + yet, which is at least one resize smaller than the smallest value received during the + time. */ + size_t received_resize_num; /* The continuous number of dynamic table resize received during pending. */ + } dynamic_table_protocol_max_size_setting; /* PRO TIP: Don't union progress_integer and progress_string together, since string_decode calls integer_decode */ struct hpack_progress_integer { diff --git a/source/connection.c b/source/connection.c index 7e7767c54..d381f50ec 100644 --- a/source/connection.c +++ b/source/connection.c @@ -815,9 +815,7 @@ static void s_client_bootstrap_on_channel_setup( struct aws_crt_statistics_handler *http_connection_monitor = aws_crt_statistics_handler_new_http_connection_monitor( http_bootstrap->alloc, &http_bootstrap->monitoring_options); - if (http_connection_monitor == NULL) { - goto error; - } + AWS_ASSERT(http_connection_monitor); aws_channel_set_statistics_handler(channel, http_connection_monitor); } @@ -1030,17 +1028,15 @@ int aws_http_client_connect_internal( struct aws_http2_setting *setting_array = NULL; struct aws_hash_table *alpn_string_map = NULL; - if (!aws_mem_acquire_many( - options.allocator, - 3, - &http_bootstrap, - sizeof(struct aws_http_client_bootstrap), - &setting_array, - options.http2_options->num_initial_settings * sizeof(struct aws_http2_setting), - &alpn_string_map, - sizeof(struct aws_hash_table))) { - goto error; - } + aws_mem_acquire_many( + options.allocator, + 3, + &http_bootstrap, + sizeof(struct aws_http_client_bootstrap), + &setting_array, + options.http2_options->num_initial_settings * sizeof(struct aws_http2_setting), + &alpn_string_map, + sizeof(struct aws_hash_table)); AWS_ZERO_STRUCT(*http_bootstrap); diff --git a/source/connection_manager.c b/source/connection_manager.c index 065850ba2..3b650dba6 100644 --- a/source/connection_manager.c +++ b/source/connection_manager.c @@ -124,17 +124,16 @@ enum aws_http_connection_manager_count_type { * READY - connections may be acquired and released. When the external ref count for the manager * drops to zero, the manager moves to: * - * TODO: Seems like connections can still be release while shutting down. * SHUTTING_DOWN - connections may no longer be acquired and released (how could they if the external - * ref count was accurate?) but in case of user ref errors, we simply fail attempts to do so rather - * than crash or underflow. While in this state, we wait for a set of tracking counters to all fall to zero: + * ref count was accurate?) + * While in this state, we wait for a set of tracking counters to all fall to zero: * * pending_connect_count - the # of unresolved calls to the http layer's connect logic * open_connection_count - the # of connections for whom the shutdown callback (from http) has not been invoked * vended_connection_count - the # of connections held by external users that haven't been released. Under correct * usage this should be zero before SHUTTING_DOWN is entered, but we attempt to handle incorrect usage gracefully. * - * While all the counter fall to zero and no outlife transition, connection manager will detroy itself. + * While all the counter fall to zero and no outlive transition, connection manager will detroy itself. * * While shutting down, as pending connects resolve, we immediately release new incoming (from http) connections * @@ -821,9 +820,6 @@ struct aws_http_connection_manager *aws_http_connection_manager_new( struct aws_http_connection_manager *manager = aws_mem_calloc(allocator, 1, sizeof(struct aws_http_connection_manager)); - if (manager == NULL) { - return NULL; - } manager->allocator = allocator; @@ -1232,6 +1228,7 @@ int aws_http_connection_manager_release_connection( (void *)connection); aws_mutex_lock(&manager->lock); + AWS_FATAL_ASSERT(manager->state == AWS_HCMST_READY); /* We're probably hosed in this case, but let's not underflow */ if (manager->internal_ref[AWS_HCMCT_VENDED_CONNECTION] == 0) { diff --git a/source/connection_monitor.c b/source/connection_monitor.c index 273232551..b5ff85959 100644 --- a/source/connection_monitor.c +++ b/source/connection_monitor.c @@ -204,15 +204,13 @@ struct aws_crt_statistics_handler *aws_crt_statistics_handler_new_http_connectio struct aws_crt_statistics_handler *handler = NULL; struct aws_statistics_handler_http_connection_monitor_impl *impl = NULL; - if (!aws_mem_acquire_many( - allocator, - 2, - &handler, - sizeof(struct aws_crt_statistics_handler), - &impl, - sizeof(struct aws_statistics_handler_http_connection_monitor_impl))) { - return NULL; - } + aws_mem_acquire_many( + allocator, + 2, + &handler, + sizeof(struct aws_crt_statistics_handler), + &impl, + sizeof(struct aws_statistics_handler_http_connection_monitor_impl)); AWS_ZERO_STRUCT(*handler); AWS_ZERO_STRUCT(*impl); diff --git a/source/h1_decoder.c b/source/h1_decoder.c index 821910c94..15453e0a9 100644 --- a/source/h1_decoder.c +++ b/source/h1_decoder.c @@ -108,9 +108,6 @@ static int s_cat(struct aws_h1_decoder *decoder, struct aws_byte_cursor to_appen } while (new_size < (buffer->len + to_append.len)); uint8_t *new_data = aws_mem_acquire(buffer->allocator, new_size); - if (!new_data) { - return AWS_OP_ERR; - } if (buffer->buffer != NULL) { memcpy(new_data, buffer->buffer, buffer->len); @@ -726,11 +723,7 @@ static int s_linestate_response(struct aws_h1_decoder *decoder, struct aws_byte_ struct aws_h1_decoder *aws_h1_decoder_new(struct aws_h1_decoder_params *params) { AWS_ASSERT(params); - struct aws_h1_decoder *decoder = aws_mem_acquire(params->alloc, sizeof(struct aws_h1_decoder)); - if (!decoder) { - return NULL; - } - AWS_ZERO_STRUCT(*decoder); + struct aws_h1_decoder *decoder = aws_mem_calloc(params->alloc, 1, sizeof(struct aws_h1_decoder)); decoder->alloc = params->alloc; decoder->user_data = params->user_data; diff --git a/source/h1_encoder.c b/source/h1_encoder.c index 1899d2f40..154a7929e 100644 --- a/source/h1_encoder.c +++ b/source/h1_encoder.c @@ -542,10 +542,7 @@ struct aws_h1_chunk *aws_h1_chunk_new(struct aws_allocator *allocator, const str struct aws_h1_chunk *chunk; size_t chunk_line_size = s_calculate_chunk_line_size(options); void *chunk_line_storage; - if (!aws_mem_acquire_many( - allocator, 2, &chunk, sizeof(struct aws_h1_chunk), &chunk_line_storage, chunk_line_size)) { - return NULL; - } + aws_mem_acquire_many(allocator, 2, &chunk, sizeof(struct aws_h1_chunk), &chunk_line_storage, chunk_line_size); chunk->allocator = allocator; chunk->data = aws_input_stream_acquire(options->chunk_data); diff --git a/source/h2_connection.c b/source/h2_connection.c index cb580074b..96c269a88 100644 --- a/source/h2_connection.c +++ b/source/h2_connection.c @@ -304,9 +304,6 @@ static struct aws_h2_connection *s_connection_new( AWS_PRECONDITION(http2_options); struct aws_h2_connection *connection = aws_mem_calloc(alloc, 1, sizeof(struct aws_h2_connection)); - if (!connection) { - return NULL; - } connection->base.vtable = &s_h2_connection_vtable; connection->base.alloc = alloc; connection->base.channel_handler.vtable = &s_h2_connection_vtable.channel_handler_vtable; @@ -420,9 +417,7 @@ static struct aws_h2_connection *s_connection_new( http2_options->num_initial_settings, http2_options->on_initial_settings_completed, NULL /* user_data is set later... */); - if (!connection->thread_data.init_pending_settings) { - goto error; - } + AWS_ASSERT(connection->thread_data.init_pending_settings); /* We enqueue the inital settings when handler get installed */ return connection; @@ -511,15 +506,13 @@ static struct aws_h2_pending_settings *s_new_pending_settings( size_t settings_storage_size = sizeof(struct aws_http2_setting) * num_settings; struct aws_h2_pending_settings *pending_settings; void *settings_storage; - if (!aws_mem_acquire_many( - allocator, - 2, - &pending_settings, - sizeof(struct aws_h2_pending_settings), - &settings_storage, - settings_storage_size)) { - return NULL; - } + aws_mem_acquire_many( + allocator, + 2, + &pending_settings, + sizeof(struct aws_h2_pending_settings), + &settings_storage, + settings_storage_size); AWS_ZERO_STRUCT(*pending_settings); /* We buffer the settings up, incase the caller has freed them when the ACK arrives */ @@ -542,9 +535,7 @@ static struct aws_h2_pending_ping *s_new_pending_ping( aws_http2_on_ping_complete_fn *on_completed) { struct aws_h2_pending_ping *pending_ping = aws_mem_calloc(allocator, 1, sizeof(struct aws_h2_pending_ping)); - if (!pending_ping) { - return NULL; - } + if (optional_opaque_data) { memcpy(pending_ping->opaque_data, optional_opaque_data->ptr, AWS_HTTP2_PING_DATA_SIZE); } @@ -1410,9 +1401,6 @@ static struct aws_h2err s_decoder_on_settings( struct aws_http2_setting *callback_array = NULL; if (num_settings) { callback_array = aws_mem_acquire(connection->base.alloc, num_settings * sizeof(struct aws_http2_setting)); - if (!callback_array) { - return aws_h2err_from_last_error(); - } } size_t callback_array_num = 0; @@ -2082,9 +2070,6 @@ static struct aws_http_stream *s_connection_make_request( struct aws_h2_connection *connection = AWS_CONTAINER_OF(client_connection, struct aws_h2_connection, base); - /* #TODO: http/2-ify the request (ex: add ":method" header). Should we mutate a copy or the original? Validate? - * Or just pass pointer to headers struct and let encoder transform it while encoding? */ - struct aws_h2_stream *stream = aws_h2_stream_new_request(client_connection, options); if (!stream) { CONNECTION_LOGF( @@ -2112,8 +2097,28 @@ static struct aws_http_stream *s_connection_make_request( aws_error_name(aws_last_error())); goto error; } + struct aws_byte_cursor method; + AWS_ZERO_STRUCT(method); + struct aws_byte_cursor path; + AWS_ZERO_STRUCT(path); + + if (aws_http_message_get_request_method(stream->thread_data.outgoing_message, &method)) { + aws_raise_error(AWS_ERROR_HTTP_REQUIRED_PSEUDO_HEADER_MISSING); + CONNECTION_LOG(ERROR, connection, "Cannot create request stream, the `:method` header is missing."); + goto error; + } + if (aws_http_message_get_request_path(stream->thread_data.outgoing_message, &path)) { + aws_raise_error(AWS_ERROR_HTTP_REQUIRED_PSEUDO_HEADER_MISSING); + CONNECTION_LOG(ERROR, connection, "Cannot create request stream, the `:path` header is missing."); + goto error; + } - AWS_H2_STREAM_LOG(DEBUG, stream, "Created HTTP/2 request stream"); /* #TODO: print method & path */ + AWS_H2_STREAM_LOGF( + DEBUG, + stream, + "Created HTTP/2 request stream, method: " PRInSTR ". path: " PRInSTR "", + AWS_BYTE_CURSOR_PRI(method), + AWS_BYTE_CURSOR_PRI(path)); return &stream->base; error: @@ -2263,9 +2268,7 @@ static int s_connection_change_settings( struct aws_h2_pending_settings *pending_settings = s_new_pending_settings(connection->base.alloc, settings_array, num_settings, on_completed, user_data); - if (!pending_settings) { - return AWS_OP_ERR; - } + AWS_ASSERT(pending_settings); struct aws_h2_frame *settings_frame = aws_h2_frame_new_settings(connection->base.alloc, settings_array, num_settings, false /*ACK*/); if (!settings_frame) { @@ -2818,15 +2821,18 @@ static void s_gather_statistics(struct aws_channel_handler *handler, struct aws_ struct aws_h2_connection *connection = handler->impl; AWS_PRECONDITION(aws_channel_thread_is_callers_thread(connection->base.channel_slot->channel)); - /* TODO: Need update the way we calculate statistics, to account for user-controlled pauses. - * If user is adding chunks 1 by 1, there can naturally be a gap in the upload. - * If the user lets the stream-window go to zero, there can naturally be a gap in the download. */ uint64_t now_ns = 0; if (aws_channel_current_clock_time(connection->base.channel_slot->channel, &now_ns)) { return; } if (!aws_linked_list_empty(&connection->thread_data.outgoing_streams_list)) { + /** + * For stream flow control stall and writing to stream over time, the stream will be removed from the + * outgoing_streams_list. + * For connection level flow control, as there could be streams waiting for response, we cannot mark the + * connection is inactive. + */ s_add_time_measurement_to_stats( connection->thread_data.outgoing_timestamp_ns, now_ns, @@ -2834,6 +2840,7 @@ static void s_gather_statistics(struct aws_channel_handler *handler, struct aws_ connection->thread_data.outgoing_timestamp_ns = now_ns; } + if (aws_hash_table_get_entry_count(&connection->thread_data.active_streams_map) != 0) { s_add_time_measurement_to_stats( connection->thread_data.incoming_timestamp_ns, @@ -2842,6 +2849,9 @@ static void s_gather_statistics(struct aws_channel_handler *handler, struct aws_ connection->thread_data.incoming_timestamp_ns = now_ns; } else { + /** + * was inactive as no stream has data to write or waiting for data from the other side. + */ connection->thread_data.stats.was_inactive = true; } diff --git a/source/h2_decoder.c b/source/h2_decoder.c index 0d62f75b7..234cca2cb 100644 --- a/source/h2_decoder.c +++ b/source/h2_decoder.c @@ -1156,6 +1156,60 @@ static struct aws_h2err s_flush_pseudoheaders(struct aws_h2_decoder *decoder) { if (has_request_pseudoheaders) { /* Request header-block. */ current_block->block_type = AWS_HTTP_HEADER_BLOCK_MAIN; + const struct aws_string *method_string = current_block->pseudoheader_values[PSEUDOHEADER_METHOD]; + const struct aws_string *scheme_string = current_block->pseudoheader_values[PSEUDOHEADER_SCHEME]; + const struct aws_string *authority_string = current_block->pseudoheader_values[PSEUDOHEADER_AUTHORITY]; + const struct aws_string *path_string = current_block->pseudoheader_values[PSEUDOHEADER_PATH]; + + if (!method_string) { + DECODER_LOG(ERROR, decoder, "Request is missing :method."); + goto malformed; + } + + if (!aws_strutil_is_http_token(aws_byte_cursor_from_string(method_string))) { + DECODER_LOG(ERROR, decoder, "Request method is invalid."); + DECODER_LOGF( + DEBUG, + decoder, + "Bad method is: '" PRInSTR "'", + AWS_BYTE_CURSOR_PRI(aws_byte_cursor_from_string(method_string))); + goto malformed; + } + + if (aws_string_eq_byte_cursor(method_string, &aws_http_method_connect)) { + /* RFC-9113 8.5 The ":scheme" and ":path" pseudo-header fields MUST be omitted for CONNECT method */ + if (scheme_string) { + DECODER_LOG(ERROR, decoder, "CONNECT request must not contain ':scheme' header"); + goto malformed; + } + if (path_string) { + DECODER_LOG(ERROR, decoder, "CONNECT request must not contain ':path' header"); + goto malformed; + } + if (!authority_string) { + DECODER_LOG(ERROR, decoder, "CONNECT request is missing :authority."); + goto malformed; + } + } else { + /* RFC-9113 8.3.1 All HTTP/2 requests MUST include exactly one valid value for the ":method", ":scheme", + * and ":path" pseudo-header fields, unless they are CONNECT requests */ + if (!scheme_string) { + DECODER_LOGF( + ERROR, + decoder, + "" PRInSTR " request is missing required ':scheme' header", + AWS_BYTE_CURSOR_PRI(aws_byte_cursor_from_string(method_string))); + goto malformed; + } + if (!path_string) { + DECODER_LOGF( + ERROR, + decoder, + "" PRInSTR " request is missing required ':path' header", + AWS_BYTE_CURSOR_PRI(aws_byte_cursor_from_string(method_string))); + goto malformed; + } + } } else if (has_response_pseudoheaders) { /* Response header block. */ @@ -1199,9 +1253,6 @@ static struct aws_h2err s_flush_pseudoheaders(struct aws_h2_decoder *decoder) { current_block->block_type = AWS_HTTP_HEADER_BLOCK_TRAILING; } - /* #TODO RFC-7540 8.1.2.3 & 8.3 Validate request has correct pseudoheaders. Note different rules for CONNECT */ - /* #TODO validate pseudoheader values. each one has its own special rules */ - /* Finally, deliver header-fields via callback */ for (size_t i = 0; i < PSEUDOHEADER_COUNT; ++i) { const struct aws_string *value_string = current_block->pseudoheader_values[i]; @@ -1253,6 +1304,26 @@ static struct aws_h2err s_process_header_field( goto malformed; } + /* RFC9113 8.2.1 A field value MUST NOT start or end with an ASCII whitespace character (ASCII SP or HTAB, 0x20 or + * 0x09). */ + if (!aws_strutil_is_http_field_value(header_field->value)) { + /** + * RFC9113 8.2.1 HTTP/2 implementations SHOULD validate field names and values, respectively, and treat + * messages that contain prohibited characters as malformed. + * + * Note: Field values that are not valid according to the definition of the corresponding field do not cause a + * request to be malformed. + */ + DECODER_LOG(ERROR, decoder, "Invalid header field, bad value"); + DECODER_LOGF( + DEBUG, + decoder, + "Bad header field is: \"" PRInSTR ": " PRInSTR "\"", + AWS_BYTE_CURSOR_PRI(header_field->name), + AWS_BYTE_CURSOR_PRI(header_field->value)); + goto malformed; + } + enum aws_http_header_name name_enum = aws_http_lowercase_str_to_header_name(name); bool is_pseudoheader = name.ptr[0] == ':'; @@ -1326,8 +1397,6 @@ static struct aws_h2err s_process_header_field( } } - /* #TODO Validate characters used in header_field->value */ - switch (name_enum) { case AWS_HTTP_HEADER_COOKIE: /* for a header cookie, we will not fire callback until we concatenate them all, let's store it at the @@ -1360,7 +1429,18 @@ static struct aws_h2err s_process_header_field( AWS_BYTE_CURSOR_PRI(name)); goto malformed; } break; - + case AWS_HTTP_HEADER_TE: { + /* the TE header field, which MAY be present in an HTTP/2 request; when it is, it MUST NOT contain any + * value other than "trailers" (RFC9113 8.2.2) */ + if (!aws_byte_cursor_eq_c_str(&header_field->value, "trailers")) { + DECODER_LOGF( + ERROR, + decoder, + "TE header has value:'" PRInSTR "', not allowed in HTTP/2", + AWS_BYTE_CURSOR_PRI(header_field->value)); + goto malformed; + } + } break; case AWS_HTTP_HEADER_CONTENT_LENGTH: if (current_block->body_headers_forbidden) { /* The content-length are forbidden */ @@ -1526,12 +1606,6 @@ static struct aws_h2err s_state_fn_header_block_entry(struct aws_h2_decoder *dec /* Finished decoding HPACK entry! */ - /* #TODO Enforces dynamic table resize rules from RFC-7541 4.2 - * If dynamic table size changed via SETTINGS frame, next header-block must start with DYNAMIC_TABLE_RESIZE entry. - * Is it illegal to receive a resize entry at other times? */ - - /* #TODO The TE header field ... MUST NOT contain any value other than "trailers" */ - if (result.type == AWS_HPACK_DECODE_T_HEADER_FIELD) { const struct aws_http_header *header_field = &result.data.header_field; diff --git a/source/h2_frames.c b/source/h2_frames.c index 21defb35d..8e5ab7a33 100644 --- a/source/h2_frames.c +++ b/source/h2_frames.c @@ -500,8 +500,6 @@ static struct aws_h2_frame *s_frame_new_headers_or_push_promise( const struct aws_h2_frame_priority_settings *optional_priority, uint32_t promised_stream_id) { - /* TODO: Host and ":authority" are no longer permitted to disagree. Should we enforce it here or sent it as - * requested, let the server side reject the request? */ AWS_PRECONDITION(allocator); AWS_PRECONDITION(frame_type == AWS_H2_FRAME_T_HEADERS || frame_type == AWS_H2_FRAME_T_PUSH_PROMISE); AWS_PRECONDITION(headers); @@ -525,9 +523,6 @@ static struct aws_h2_frame *s_frame_new_headers_or_push_promise( /* Create */ struct aws_h2_frame_headers *frame = aws_mem_calloc(allocator, 1, sizeof(struct aws_h2_frame_headers)); - if (!frame) { - return NULL; - } if (aws_byte_buf_init(&frame->whole_encoded_header_block, allocator, s_encoded_header_block_reserve)) { goto error; @@ -822,10 +817,7 @@ static struct aws_h2_frame_prebuilt *s_h2_frame_new_prebuilt( /* Use single allocation for frame and buffer storage */ struct aws_h2_frame_prebuilt *frame; void *storage; - if (!aws_mem_acquire_many( - allocator, 2, &frame, sizeof(struct aws_h2_frame_prebuilt), &storage, encoded_frame_len)) { - return NULL; - } + aws_mem_acquire_many(allocator, 2, &frame, sizeof(struct aws_h2_frame_prebuilt), &storage, encoded_frame_len); AWS_ZERO_STRUCT(*frame); s_init_frame_base(&frame->base, allocator, type, &s_frame_prebuilt_vtable, stream_id); diff --git a/source/hpack.c b/source/hpack.c index ef3d0b3dc..40037b805 100644 --- a/source/hpack.c +++ b/source/hpack.c @@ -4,8 +4,6 @@ */ #include -/* #TODO test empty strings */ - /* #TODO remove all OOM error handling in HTTP/2 & HPACK. make functions void if possible */ /* RFC-7540 6.5.2 */ @@ -317,9 +315,6 @@ static int s_dynamic_table_resize_buffer(struct aws_hpack_context *context, size /* Allocate the new buffer */ new_buffer = aws_mem_calloc(context->allocator, new_max_elements, sizeof(struct aws_http_header)); - if (!new_buffer) { - return AWS_OP_ERR; - } /* Don't bother copying data if old buffer was of size 0 */ if (AWS_UNLIKELY(context->dynamic_table.num_elements == 0)) { @@ -406,8 +401,13 @@ int aws_hpack_insert_header(struct aws_hpack_context *context, const struct aws_ /* If for whatever reason this new header is bigger than the total table size, burn everything to the ground. */ if (AWS_UNLIKELY(header_size > context->dynamic_table.max_size)) { - /* #TODO handle this. It's not an error. It should simply result in an empty table RFC-7541 4.4 */ - goto error; + /* RFC-7541 4.4 an attempt to add an entry larger than the maximum size causes the table to be emptied of all + * existing entries and results in an empty table */ + HPACK_LOG(TRACE, context, "Emptying dynamic table due to large header"); + if (s_dynamic_table_shrink(context, 0)) { + goto error; + } + return AWS_OP_SUCCESS; } /* Rotate out headers until there's room for the new header (this function will return immediately if nothing needs @@ -444,16 +444,12 @@ int aws_hpack_insert_header(struct aws_hpack_context *context, const struct aws_ /* Put the header at the "front" of the table */ struct aws_http_header *table_header = s_dynamic_table_get(context, 0); - /* TODO:: We can optimize this with ring buffer. */ /* allocate memory for the name and value, which will be deallocated whenever the entry is evicted from the table or * the table is cleaned up. We keep the pointer in the name pointer of each entry */ const size_t buf_memory_size = header->name.len + header->value.len; if (buf_memory_size) { uint8_t *buf_memory = aws_mem_acquire(context->allocator, buf_memory_size); - if (!buf_memory) { - return AWS_OP_ERR; - } struct aws_byte_buf buf = aws_byte_buf_from_empty_array(buf_memory, buf_memory_size); /* Copy header, then backup strings into our own allocation */ *table_header = *header; diff --git a/source/hpack_decoder.c b/source/hpack_decoder.c index 5d148f613..197e56ff2 100644 --- a/source/hpack_decoder.c +++ b/source/hpack_decoder.c @@ -24,7 +24,8 @@ void aws_hpack_decoder_init(struct aws_hpack_decoder *decoder, struct aws_alloca aws_byte_buf_init(&decoder->progress_entry.scratch, allocator, s_hpack_decoder_scratch_initial_size); - decoder->dynamic_table_protocol_max_size_setting = aws_hpack_get_dynamic_table_max_size(&decoder->context); + decoder->dynamic_table_protocol_max_size_setting.latest_value = + aws_hpack_get_dynamic_table_max_size(&decoder->context); } void aws_hpack_decoder_clean_up(struct aws_hpack_decoder *decoder) { @@ -44,7 +45,17 @@ static const struct aws_http_header *s_get_header_u64(const struct aws_hpack_dec } void aws_hpack_decoder_update_max_table_size(struct aws_hpack_decoder *decoder, uint32_t setting_max_size) { - decoder->dynamic_table_protocol_max_size_setting = setting_max_size; + decoder->dynamic_table_protocol_max_size_setting.latest_value = setting_max_size; + if (setting_max_size < decoder->context.dynamic_table.size) { + if (!decoder->dynamic_table_protocol_max_size_setting.pending_update_in_progress) { + decoder->dynamic_table_protocol_max_size_setting.smallest_value_pending = setting_max_size; + decoder->dynamic_table_protocol_max_size_setting.pending_update_in_progress = true; + decoder->dynamic_table_protocol_max_size_setting.update_valid = false; + } else { + decoder->dynamic_table_protocol_max_size_setting.smallest_value_pending = + aws_min_u32(setting_max_size, decoder->dynamic_table_protocol_max_size_setting.smallest_value_pending); + } + } } /* Return a byte with the N right-most bits masked. @@ -278,6 +289,44 @@ int aws_hpack_decode( decoder->progress_entry.u.literal.prefix_size = 4; decoder->progress_entry.state = HPACK_ENTRY_STATE_LITERAL_BEGIN; } + + /** + * RFC-9113 4.3.1 An endpoint MUST treat a field block that follows an acknowledgment of the + * reduction to the maximum dynamic table size as a connection error of type + * COMPRESSION_ERROR if it does not start with a conformant Dynamic Table Size Update instruction. + * + * The protocol max will only be updated once the SETTING ACK received. + */ + if (decoder->dynamic_table_protocol_max_size_setting.pending_update_in_progress) { + if (decoder->progress_entry.state != HPACK_ENTRY_STATE_DYNAMIC_TABLE_RESIZE) { + decoder->dynamic_table_protocol_max_size_setting.pending_update_in_progress = false; + + if (decoder->dynamic_table_protocol_max_size_setting.received_resize_num > 2) { + /* RFC-7541 4.2. the smallest maximum table size that occurs in that interval MUST be + * signaled in a dynamic table size update. The final maximum size is always signaled, + * resulting in at most two dynamic table size updates */ + HPACK_LOG( + ERROR, + decoder, + "SETTINGS_HEADER_TABLE_SIZE below the current size and other end has acknowledged the " + "change, more than two dynamic table size updates received, not a conformant resize"); + return aws_raise_error(AWS_ERROR_INVALID_STATE); + } + if (!decoder->dynamic_table_protocol_max_size_setting.update_valid) { + HPACK_LOG( + ERROR, + decoder, + "SETTINGS_HEADER_TABLE_SIZE below the current size and other end has acknowledged the " + "change, but not started with a conformant Dynamic Table Size Update instruction as " + "required"); + return aws_raise_error(AWS_ERROR_INVALID_STATE); + } + decoder->dynamic_table_protocol_max_size_setting.received_resize_num = 0; + decoder->dynamic_table_protocol_max_size_setting.update_valid = false; + } else { + ++decoder->dynamic_table_protocol_max_size_setting.received_resize_num; + } + } } break; /* RFC-7541 6.1. Indexed Header Field Representation. @@ -411,10 +460,16 @@ int aws_hpack_decode( if (!size_complete) { break; } - /* The new maximum size MUST be lower than or equal to the limit determined by the protocol using HPACK. - * A value that exceeds this limit MUST be treated as a decoding error. */ - if (*size64 > decoder->dynamic_table_protocol_max_size_setting) { - HPACK_LOG(ERROR, decoder, "Dynamic table update size is larger than the protocal setting"); + if (decoder->dynamic_table_protocol_max_size_setting.pending_update_in_progress) { + if (*size64 <= decoder->dynamic_table_protocol_max_size_setting.smallest_value_pending) { + decoder->dynamic_table_protocol_max_size_setting.update_valid = true; + } + } + /* RFC-7541 6.3. The new maximum size MUST be lower than or equal to the limit determined by the + * protocol using HPACK. A value that exceeds this limit MUST be treated as a decoding error. In HTTP/2, + * this limit is the last value of the SETTINGS_HEADER_TABLE_SIZE parameter */ + if (*size64 > decoder->dynamic_table_protocol_max_size_setting.latest_value) { + HPACK_LOG(ERROR, decoder, "Dynamic table update size is larger than the protocol setting"); return aws_raise_error(AWS_ERROR_INVALID_ARGUMENT); } size_t size = (size_t)*size64; diff --git a/source/http.c b/source/http.c index 6304c95f9..fdc030c0a 100644 --- a/source/http.c +++ b/source/http.c @@ -139,6 +139,9 @@ static struct aws_error_info s_errors[] = { AWS_DEFINE_ERROR_INFO_HTTP( AWS_ERROR_HTTP_STREAM_MANAGER_UNEXPECTED_HTTP_VERSION, "Stream acquisition failed because stream manager got an unexpected version of HTTP connection"), + AWS_DEFINE_ERROR_INFO_HTTP( + AWS_ERROR_HTTP_REQUIRED_PSEUDO_HEADER_MISSING, + "The required pseudo header is missing from the HTTP message."), }; /* clang-format on */ @@ -205,7 +208,6 @@ static void s_init_str_to_enum_hash_table( for (int i = start_index; i < end_index; ++i) { int was_created = 0; struct aws_enum_value *enum_value = aws_mem_calloc(alloc, 1, sizeof(struct aws_enum_value)); - AWS_FATAL_ASSERT(enum_value); enum_value->allocator = alloc; enum_value->value = i; diff --git a/source/http2_stream_manager.c b/source/http2_stream_manager.c index 9eaa5ebfd..89940814b 100644 --- a/source/http2_stream_manager.c +++ b/source/http2_stream_manager.c @@ -830,9 +830,17 @@ static void s_make_request_task(struct aws_channel_task *task, void *arg, enum a (void *)pending_stream_acquisition, (void *)sm_connection->connection); bool is_shutting_down = false; + bool connection_new_requests_allowed = aws_http_connection_new_requests_allowed(sm_connection->connection); { /* BEGIN CRITICAL SECTION */ s_lock_synced_data(stream_manager); is_shutting_down = stream_manager->synced_data.state != AWS_H2SMST_READY; + if (!is_shutting_down && !connection_new_requests_allowed) { + /* Push the pending stream acquisition back to the list instead of failing it. */ + pending_stream_acquisition->sm_connection = NULL; + aws_linked_list_push_back( + &stream_manager->synced_data.pending_stream_acquisitions, &pending_stream_acquisition->node); + s_sm_count_increase_synced(stream_manager, AWS_SMCT_PENDING_ACQUISITION, 1); + } s_sm_count_decrease_synced(stream_manager, AWS_SMCT_PENDING_MAKE_REQUESTS, 1); /* The stream has not open yet, but we increase the count here, if anything fails, the count will be decreased */ @@ -862,6 +870,18 @@ static void s_make_request_task(struct aws_channel_task *task, void *arg, enum a error_code = AWS_ERROR_HTTP_STREAM_MANAGER_SHUTTING_DOWN; goto error; } + if (!connection_new_requests_allowed) { + STREAM_MANAGER_LOGF( + DEBUG, + stream_manager, + "acquisition:%p was assigned to be executed from connection:%p, however, connection is not available now, " + "put it back to the list waiting for it to be picked up by other connection.", + (void *)pending_stream_acquisition, + (void *)sm_connection->connection); + s_sm_connection_on_scheduled_stream_finishes(sm_connection, stream_manager); + return; + } + struct aws_http_make_request_options request_options = { .self_size = sizeof(request_options), .request = pending_stream_acquisition->request, @@ -872,8 +892,6 @@ static void s_make_request_task(struct aws_channel_task *task, void *arg, enum a .on_destroy = s_on_stream_destroy, .user_data = pending_stream_acquisition, }; - /* TODO: we could put the pending acquisition back to the list if the connection is not available for new request. - */ struct aws_http_stream *stream = aws_http_connection_make_request(sm_connection->connection, &request_options); if (!stream) { diff --git a/source/proxy_connection.c b/source/proxy_connection.c index 44e65362d..bc329897a 100644 --- a/source/proxy_connection.c +++ b/source/proxy_connection.c @@ -88,9 +88,6 @@ struct aws_http_proxy_user_data *aws_http_proxy_user_data_new( AWS_FATAL_ASSERT(options->proxy_options != NULL); struct aws_http_proxy_user_data *user_data = aws_mem_calloc(allocator, 1, sizeof(struct aws_http_proxy_user_data)); - if (user_data == NULL) { - return NULL; - } user_data->allocator = allocator; user_data->state = AWS_PBS_SOCKET_CONNECT; @@ -182,9 +179,6 @@ struct aws_http_proxy_user_data *aws_http_proxy_user_data_new_reset_clone( AWS_FATAL_ASSERT(old_user_data != NULL); struct aws_http_proxy_user_data *user_data = aws_mem_calloc(allocator, 1, sizeof(struct aws_http_proxy_user_data)); - if (user_data == NULL) { - return NULL; - } user_data->allocator = allocator; user_data->state = AWS_PBS_SOCKET_CONNECT; @@ -215,8 +209,7 @@ struct aws_http_proxy_user_data *aws_http_proxy_user_data_new_reset_clone( if (old_user_data->original_tls_options) { /* clone tls options, but redirect user data to what we're creating */ user_data->original_tls_options = aws_mem_calloc(allocator, 1, sizeof(struct aws_tls_connection_options)); - if (user_data->original_tls_options == NULL || - aws_tls_connection_options_copy(user_data->original_tls_options, old_user_data->original_tls_options)) { + if (aws_tls_connection_options_copy(user_data->original_tls_options, old_user_data->original_tls_options)) { goto on_error; } @@ -1265,9 +1258,6 @@ static struct aws_http_proxy_config *s_aws_http_proxy_config_new( AWS_FATAL_ASSERT(proxy_options != NULL); struct aws_http_proxy_config *config = aws_mem_calloc(allocator, 1, sizeof(struct aws_http_proxy_config)); - if (config == NULL) { - return NULL; - } config->connection_type = override_proxy_connection_type; @@ -1376,9 +1366,6 @@ struct aws_http_proxy_config *aws_http_proxy_config_new_clone( AWS_FATAL_ASSERT(proxy_config != NULL); struct aws_http_proxy_config *config = aws_mem_calloc(allocator, 1, sizeof(struct aws_http_proxy_config)); - if (config == NULL) { - return NULL; - } config->connection_type = proxy_config->connection_type; @@ -1479,9 +1466,6 @@ static struct aws_proxied_socket_channel_user_data *s_proxied_socket_channel_use struct aws_socket_channel_bootstrap_options *channel_options) { struct aws_proxied_socket_channel_user_data *user_data = aws_mem_calloc(allocator, 1, sizeof(struct aws_proxied_socket_channel_user_data)); - if (user_data == NULL) { - return NULL; - } user_data->allocator = allocator; user_data->original_setup_callback = channel_options->setup_callback; diff --git a/source/request_response.c b/source/request_response.c index 49258fe47..b0d15a8bf 100644 --- a/source/request_response.c +++ b/source/request_response.c @@ -111,9 +111,6 @@ static int s_http_headers_add_header_impl( /* Store our own copy of the strings. * We put the name and value into the same allocation. */ uint8_t *strmem = aws_mem_acquire(headers->alloc, total_len); - if (!strmem) { - return AWS_OP_ERR; - } struct aws_byte_buf strbuf = aws_byte_buf_from_empty_array(strmem, total_len); aws_byte_buf_append_and_update(&strbuf, &header_copy.name); @@ -141,8 +138,6 @@ int aws_http_headers_add_header(struct aws_http_headers *headers, const struct a bool front = false; if (pseudo && aws_http_headers_count(headers)) { struct aws_http_header last_header; - /* TODO: instead if checking the last header, maybe we can add the pseudo headers to the end of the existing - * pseudo headers, which needs to insert to the middle of the array list. */ AWS_ZERO_STRUCT(last_header); aws_http_headers_get_index(headers, aws_http_headers_count(headers) - 1, &last_header); front = !aws_strutil_is_http_pseudo_header_name(last_header.name); diff --git a/source/strutil.c b/source/strutil.c index 552535f46..42b49ec46 100644 --- a/source/strutil.c +++ b/source/strutil.c @@ -153,9 +153,10 @@ static const bool s_http_field_content_table[256] = { }; /** - * From RFC7230 section 3.2: - * field-value = *( field-content / obs-fold ) + * From RFC9110 section 5.5: + * field-value = *field-content * field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ] + * field-vchar = VCHAR / obs-text * * But we're forbidding obs-fold */ diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index ce2e17dc9..e00d1bec1 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -309,6 +309,8 @@ add_h2_decoder_test_set(h2_decoder_malformed_headers_illegal_name) add_h2_decoder_test_set(h2_decoder_malformed_headers_response_to_server) add_h2_decoder_test_set(h2_decoder_malformed_headers_request_to_client) add_h2_decoder_test_set(h2_decoder_malformed_headers_mixed_pseudoheaders) +add_h2_decoder_test_set(h2_decoder_malformed_headers_missing_expected_pseudo_header) +add_h2_decoder_test_set(h2_decoder_malformed_headers_TE_header_unexpected_value) add_h2_decoder_test_set(h2_decoder_malformed_headers_late_pseudoheaders) add_h2_decoder_test_set(h2_decoder_malformed_headers_trailer_must_end_stream) add_h2_decoder_test_set(h2_decoder_malformed_header_continues_hpack_parsing) diff --git a/tests/py_localhost/non_tls_server.py b/tests/py_localhost/non_tls_server.py index a8f0f9736..5f7bc5636 100644 --- a/tests/py_localhost/non_tls_server.py +++ b/tests/py_localhost/non_tls_server.py @@ -10,19 +10,12 @@ def send_response(conn, event): stream_id = event.stream_id - response_data = b"success" conn.send_headers( stream_id=stream_id, headers=[ (':status', '200'), - ('content-length', str(len(response_data))), - ], - ) - conn.send_data( - stream_id=stream_id, - data=response_data, - end_stream=True + ], end_stream=True, ) diff --git a/tests/py_localhost/server.py b/tests/py_localhost/server.py index 9888e58a6..ff6b5a9cf 100644 --- a/tests/py_localhost/server.py +++ b/tests/py_localhost/server.py @@ -43,7 +43,7 @@ def __init__(self): self.stream_data = {} self.flow_control_futures = {} self.file_path = None - self.num_sentence_received = {} + self.total_bytes_received = {} self.raw_headers = None self.download_test_length = 2500000000 self.out_bytes_per_second = 900 @@ -105,12 +105,9 @@ def handle_request_echo(self, stream_id: int, request_data: RequestData): # Response headers back and exclude pseudo headers if i[0][0] != ':': response_headers.append(i) - body = request_data.data.getvalue().decode('utf-8') - data = json.dumps( - {"body": body}, indent=4 - ).encode("utf8") + body = request_data.data.getvalue() self.conn.send_headers(stream_id, response_headers) - asyncio.ensure_future(self.send_data(data, stream_id)) + asyncio.ensure_future(self.send_data(body, stream_id)) def stream_complete(self, stream_id: int): """ @@ -127,7 +124,7 @@ def stream_complete(self, stream_id: int): if method == "PUT" or method == "POST": self.conn.send_headers(stream_id, [(':status', '200')]) asyncio.ensure_future(self.send_data( - str(self.num_sentence_received[stream_id]).encode(), stream_id)) + str(self.total_bytes_received[stream_id]).encode(), stream_id)) elif path == '/echo': self.handle_request_echo(stream_id, request_data) elif path == '/downloadTest': @@ -159,11 +156,11 @@ def receive_data(self, data: bytes, stream_id: int): else: method = stream_data.headers[':method'] if method == "PUT" or method == "POST": - if stream_id in self.num_sentence_received: - self.num_sentence_received[stream_id] = self.num_sentence_received[stream_id] + \ + if stream_id in self.total_bytes_received: + self.total_bytes_received[stream_id] = self.total_bytes_received[stream_id] + \ len(data) else: - self.num_sentence_received[stream_id] = len(data) + self.total_bytes_received[stream_id] = len(data) # update window for stream if len(data) > 0: self.conn.increment_flow_control_window(len(data)) @@ -184,6 +181,19 @@ async def send_data(self, data, stream_id): """ Send data according to the flow control rules. """ + if not data: + try: + self.conn.send_data( + stream_id, + data, + True + ) + except (StreamClosedError, ProtocolError): + # The stream got closed and we didn't get told. We're done + # here. + return + self.transport.write(self.conn.data_to_send()) + while data: while self.conn.local_flow_control_window(stream_id) < 1: try: diff --git a/tests/test_connection_monitor.c b/tests/test_connection_monitor.c index c16bfd932..3aa5c73d6 100644 --- a/tests/test_connection_monitor.c +++ b/tests/test_connection_monitor.c @@ -235,7 +235,7 @@ static int s_do_http_monitoring_test( } static struct aws_http_connection_monitoring_options s_test_options = { - .allowable_throughput_failure_interval_seconds = 1, + .allowable_throughput_failure_interval_seconds = 2, .minimum_throughput_bytes_per_second = 1000, }; @@ -1052,15 +1052,13 @@ static struct aws_crt_statistics_handler *s_aws_crt_statistics_handler_new_http_ struct aws_crt_statistics_handler *handler = NULL; struct mock_http_connection_monitor_impl *impl = NULL; - if (!aws_mem_acquire_many( - allocator, - 2, - &handler, - sizeof(struct aws_crt_statistics_handler), - &impl, - sizeof(struct mock_http_connection_monitor_impl))) { - return NULL; - } + aws_mem_acquire_many( + allocator, + 2, + &handler, + sizeof(struct aws_crt_statistics_handler), + &impl, + sizeof(struct mock_http_connection_monitor_impl)); AWS_ZERO_STRUCT(*handler); AWS_ZERO_STRUCT(*impl); diff --git a/tests/test_h2_decoder.c b/tests/test_h2_decoder.c index ececc1efc..77a66e046 100644 --- a/tests/test_h2_decoder.c +++ b/tests/test_h2_decoder.c @@ -643,12 +643,15 @@ H2_DECODER_ON_SERVER_TEST(h2_decoder_headers_cookies) { /* clang-format off */ uint8_t input[] = { /* HEADERS FRAME*/ - 0x00, 0x00, 0x06, /* Length (24) */ + 0x00, 0x00, 20, /* Length (24) */ AWS_H2_FRAME_T_HEADERS, /* Type (8) */ AWS_H2_FRAME_F_END_STREAM, /* Flags (8) */ 0x76, 0x54, 0x32, 0x10, /* Reserved (1) | Stream Identifier (31) */ /* HEADERS */ 0x82, /* ":method: GET" - indexed */ + 0x86, /* ":scheme: http" - indexed */ + 0x41, 10, 'a', 'm', 'a', 'z', 'o', 'n', '.', 'c', 'o', 'm', /* ":authority: amazon.com" - indexed name */ + 0x84, /* ":path: /" - indexed */ 0x60, 0x03, 'a', '=', 'b', /* "cache: a=b" - indexed name, uncompressed value */ /* CONTINUATION FRAME*/ @@ -671,10 +674,13 @@ H2_DECODER_ON_SERVER_TEST(h2_decoder_headers_cookies) { ASSERT_SUCCESS(h2_decoded_frame_check_finished(frame, AWS_H2_FRAME_T_HEADERS, 0x76543210 /*stream_id*/)); ASSERT_FALSE(frame->headers_malformed); /* two sepaprate cookie headers are concatenated and moved as the last header*/ - ASSERT_UINT_EQUALS(3, aws_http_headers_count(frame->headers)); + ASSERT_UINT_EQUALS(6, aws_http_headers_count(frame->headers)); ASSERT_SUCCESS(s_check_header(frame, 0, ":method", "GET", AWS_HTTP_HEADER_COMPRESSION_USE_CACHE)); - ASSERT_SUCCESS(s_check_header(frame, 1, "user-agent", "test", AWS_HTTP_HEADER_COMPRESSION_USE_CACHE)); - ASSERT_SUCCESS(s_check_header(frame, 2, "cookie", "a=b; c=d; e=f", AWS_HTTP_HEADER_COMPRESSION_USE_CACHE)); + ASSERT_SUCCESS(s_check_header(frame, 1, ":scheme", "http", AWS_HTTP_HEADER_COMPRESSION_USE_CACHE)); + ASSERT_SUCCESS(s_check_header(frame, 2, ":authority", "amazon.com", AWS_HTTP_HEADER_COMPRESSION_USE_CACHE)); + ASSERT_SUCCESS(s_check_header(frame, 3, ":path", "/", AWS_HTTP_HEADER_COMPRESSION_USE_CACHE)); + ASSERT_SUCCESS(s_check_header(frame, 4, "user-agent", "test", AWS_HTTP_HEADER_COMPRESSION_USE_CACHE)); + ASSERT_SUCCESS(s_check_header(frame, 5, "cookie", "a=b; c=d; e=f", AWS_HTTP_HEADER_COMPRESSION_USE_CACHE)); ASSERT_INT_EQUALS(AWS_HTTP_HEADER_BLOCK_MAIN, frame->header_block_type); ASSERT_TRUE(frame->end_stream); @@ -965,6 +971,92 @@ H2_DECODER_ON_CLIENT_TEST(h2_decoder_malformed_headers_mixed_pseudoheaders) { return AWS_OP_SUCCESS; } +/* Message is malformed if the required pseudo headers are missing. + * A malformed message is a Stream Error, not a Connection Error, so the decoder should continue */ +H2_DECODER_ON_SERVER_TEST(h2_decoder_malformed_headers_missing_expected_pseudo_header) { + (void)allocator; + struct fixture *fixture = ctx; + + /* clang-format off */ + uint8_t input[] = { + 0x00, 0x00, 0x02, /* Length (24) */ + AWS_H2_FRAME_T_HEADERS, /* Type (8) */ + AWS_H2_FRAME_F_END_HEADERS | AWS_H2_FRAME_F_END_STREAM, /* Flags (8) */ + 0x00, 0x00, 0x00, 0x01, /* Reserved (1) | Stream Identifier (31) */ + /* HEADERS */ + 0x82, /* ":method: GET" - indexed */ + 0x84, /* ":path: /" - indexed */ + }; + /* clang-format on */ + + /* Decode */ + ASSERT_H2ERR_SUCCESS(s_decode_all(fixture, aws_byte_cursor_from_array(input, sizeof(input)))); + + /* Validate */ + struct h2_decoded_frame *frame = h2_decode_tester_latest_frame(&fixture->decode); + ASSERT_SUCCESS(h2_decoded_frame_check_finished(frame, AWS_H2_FRAME_T_HEADERS, 1 /*stream_id*/)); + ASSERT_TRUE(frame->headers_malformed); + + ASSERT_TRUE(frame->end_stream); + return AWS_OP_SUCCESS; +} + +/* Message is malformed if TE header has value other than "trailers". + * A malformed message is a Stream Error, not a Connection Error, so the decoder should continue */ +H2_DECODER_ON_SERVER_TEST(h2_decoder_malformed_headers_TE_header_unexpected_value) { + (void)allocator; + struct fixture *fixture = ctx; + + /* clang-format off */ + uint8_t valid_input[] = { + 0x00, 0x00, 16, /* Length (24) */ + AWS_H2_FRAME_T_HEADERS, /* Type (8) */ + AWS_H2_FRAME_F_END_HEADERS | AWS_H2_FRAME_F_END_STREAM, /* Flags (8) */ + 0x00, 0x00, 0x00, 0x01, /* Reserved (1) | Stream Identifier (31) */ + /* HEADERS */ + 0x82, /* ":method: GET" - indexed */ + 0x86, /* ":scheme: http" - indexed */ + 0x84, /* ":path: /" - indexed */ + 0x40, 0x02, 't', 'e', 0x08, 't', 'r', 'a', 'i', 'l', 'e', 'r', 's', /* "te: trailers" - TE headers has valid value */ + }; + /* clang-format on */ + + /* Decode */ + ASSERT_H2ERR_SUCCESS(s_decode_all(fixture, aws_byte_cursor_from_array(valid_input, sizeof(valid_input)))); + + /* Validate */ + struct h2_decoded_frame *frame = h2_decode_tester_latest_frame(&fixture->decode); + ASSERT_SUCCESS(h2_decoded_frame_check_finished(frame, AWS_H2_FRAME_T_HEADERS, 1 /*stream_id*/)); + ASSERT_FALSE(frame->headers_malformed); + + ASSERT_TRUE(frame->end_stream); + + /* clang-format off */ + uint8_t invalid_input[] = { + 0x00, 0x00, 16, /* Length (24) */ + AWS_H2_FRAME_T_HEADERS, /* Type (8) */ + AWS_H2_FRAME_F_END_HEADERS | AWS_H2_FRAME_F_END_STREAM, /* Flags (8) */ + 0x00, 0x00, 0x00, 0x01, /* Reserved (1) | Stream Identifier (31) */ + /* HEADERS */ + 0x82, /* ":method: GET" - indexed */ + 0x86, /* ":scheme: http" - indexed */ + 0x84, /* ":path: /" - indexed */ + 0x40, 0x02, 't', 'e', 0x08, 't', 'r', 'a', 'i', 'l', 'e', 'r', 'r', /* "te: trailerr" - TE headers has invalid value */ + }; + /* clang-format on */ + + /* Decode */ + ASSERT_H2ERR_SUCCESS(s_decode_all(fixture, aws_byte_cursor_from_array(invalid_input, sizeof(invalid_input)))); + + /* Validate */ + frame = h2_decode_tester_latest_frame(&fixture->decode); + ASSERT_SUCCESS(h2_decoded_frame_check_finished(frame, AWS_H2_FRAME_T_HEADERS, 1 /*stream_id*/)); + ASSERT_TRUE(frame->headers_malformed); + + ASSERT_TRUE(frame->end_stream); + return AWS_OP_SUCCESS; +} + /* Message is malformed if pseudo-headers come after regular headers. * A malformed message is a Stream Error, not a Connection Error, so the decoder should continue */ H2_DECODER_ON_CLIENT_TEST(h2_decoder_malformed_headers_late_pseudoheaders) { diff --git a/tests/test_stream_manager.c b/tests/test_stream_manager.c index 119bedf59..6a7b8e48f 100644 --- a/tests/test_stream_manager.c +++ b/tests/test_stream_manager.c @@ -814,25 +814,22 @@ TEST_CASE(h2_sm_mock_connections_closed_before_request_made) { struct sm_fake_connection *fake_connection = s_get_fake_connection(0); aws_http_connection_close(fake_connection->connection); ASSERT_SUCCESS(s_sm_stream_acquiring(1)); - s_drain_all_fake_connection_testing_channel(); + /* The new stream should trigger a new connection to be created and complete from the new connection */ + s_drain_all_fake_connection_testing_channel(); /* Trigger the acquisition of new connection */ + ASSERT_SUCCESS(s_wait_on_fake_connection_count(2)); /* wait for the new connection */ + s_drain_all_fake_connection_testing_channel(); /* Wait for the tasks assigned to the new connection */ ASSERT_SUCCESS(s_wait_on_streams_acquired_count(3)); - /* ASSERT new one failed. */ - ASSERT_INT_EQUALS(1, s_tester.acquiring_stream_errors); - ASSERT_INT_EQUALS(AWS_ERROR_HTTP_CONNECTION_CLOSED, s_tester.error_code); - /* Reset errors */ - s_tester.acquiring_stream_errors = 0; - s_tester.error_code = 0; - s_drain_all_fake_connection_testing_channel(); + /* ASSERT no failure. */ + ASSERT_INT_EQUALS(0, s_tester.acquiring_stream_errors); - /* As long as the connection finishes shutting down, we can still make more requests from new connection. */ + /* we can still make more requests from new connection. */ ASSERT_SUCCESS(s_sm_stream_acquiring(2)); - /* waiting for one fake connection made */ - ASSERT_SUCCESS(s_wait_on_fake_connection_count(2)); + s_drain_all_fake_connection_testing_channel(); /* No error happens */ ASSERT_INT_EQUALS(0, s_tester.acquiring_stream_errors); - /* We made 4 streams successfully */ - ASSERT_INT_EQUALS(4, aws_array_list_length(&s_tester.streams)); + /* We made 5 streams successfully */ + ASSERT_INT_EQUALS(5, aws_array_list_length(&s_tester.streams)); /* Finish all the opening streams */ ASSERT_SUCCESS(s_complete_all_fake_connection_streams()); @@ -1311,7 +1308,7 @@ TEST_CASE(localhost_integ_h2_sm_acquire_stream_stress) { (void)ctx; struct aws_byte_cursor uri_cursor = aws_byte_cursor_from_c_str("https://localhost:8443/echo"); struct aws_http_connection_monitoring_options monitor_opt = { - .allowable_throughput_failure_interval_seconds = 1, + .allowable_throughput_failure_interval_seconds = 2, .minimum_throughput_bytes_per_second = 1000, }; enum aws_log_level log_level = AWS_LOG_LEVEL_DEBUG; @@ -1328,8 +1325,8 @@ TEST_CASE(localhost_integ_h2_sm_acquire_stream_stress) { int num_to_acquire = 500 * 100; ASSERT_SUCCESS(s_sm_stream_acquiring(num_to_acquire)); ASSERT_SUCCESS(s_wait_on_streams_completed_count(num_to_acquire)); - ASSERT_TRUE((int)s_tester.acquiring_stream_errors == 0); - ASSERT_TRUE((int)s_tester.stream_200_count == num_to_acquire); + ASSERT_INT_EQUALS((int)s_tester.acquiring_stream_errors, 0); + ASSERT_INT_EQUALS((int)s_tester.stream_200_count, num_to_acquire); return s_tester_clean_up(); } @@ -1339,7 +1336,7 @@ static int s_tester_on_put_body(struct aws_http_stream *stream, const struct aws (void)stream; struct aws_string *content_length_header_str = aws_string_new_from_cursor(s_tester.allocator, data); size_t num_received = (uint32_t)atoi((const char *)content_length_header_str->bytes); - AWS_FATAL_ASSERT(s_tester.length_sent == num_received); + ASSERT_UINT_EQUALS(s_tester.length_sent, num_received); aws_string_destroy(content_length_header_str); return AWS_OP_SUCCESS; @@ -1431,7 +1428,7 @@ TEST_CASE(localhost_integ_h2_sm_connection_monitor_kill_slow_connection) { (void)ctx; struct aws_byte_cursor uri_cursor = aws_byte_cursor_from_c_str("https://localhost:8443/slowConnTest"); struct aws_http_connection_monitoring_options monitor_opt = { - .allowable_throughput_failure_interval_seconds = 1, + .allowable_throughput_failure_interval_seconds = 2, .minimum_throughput_bytes_per_second = 1000, }; struct sm_tester_options options = {