From 303f0f3fcd3d860caaea320a60fc6e4bceffaa78 Mon Sep 17 00:00:00 2001
From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Fri, 27 Jun 2014 22:53:54 +0900
Subject: [PATCH] nghttpx: Return 413 if request header is too large

For now, if request has request body, we'll issue RST_STREAM to inform
the peer to stop sending body.  RST_STREAM may be sent before error
page header or data, so peer may receive RST_STREAM only.
---
 src/shrpx_http2_upstream.cc | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/shrpx_http2_upstream.cc b/src/shrpx_http2_upstream.cc
index 43fd1fc2..53b528f6 100644
--- a/src/shrpx_http2_upstream.cc
+++ b/src/shrpx_http2_upstream.cc
@@ -212,11 +212,20 @@ int on_header_callback(nghttp2_session *session,
     return 0;
   }
   if(downstream->get_request_headers_sum() > Downstream::MAX_HEADERS_SUM) {
+    if(downstream->get_response_state() == Downstream::MSG_COMPLETE) {
+      return 0;
+    }
+
     if(LOG_ENABLED(INFO)) {
       ULOG(INFO, upstream) << "Too large header block size="
                            << downstream->get_request_headers_sum();
     }
-    return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
+
+    if(upstream->error_reply(downstream, 413) != 0) {
+      return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
+    }
+
+    return 0;
   }
   if(!http2::check_nv(name, namelen, value, valuelen)) {
     return 0;
@@ -267,6 +276,10 @@ int on_request_headers(Http2Upstream *upstream,
 {
   int rv;
 
+  if(downstream->get_response_state() == Downstream::MSG_COMPLETE) {
+    return 0;
+  }
+
   downstream->normalize_request_headers();
   auto& nva = downstream->get_request_headers();