nghttpx: HTTPS redirect should not happen with HTTP/3 upstream
This commit is contained in:
parent
2d790edac5
commit
babeddb649
|
@ -984,15 +984,8 @@ int Http3Upstream::on_downstream_abort_request(Downstream *downstream,
|
||||||
|
|
||||||
int Http3Upstream::on_downstream_abort_request_with_https_redirect(
|
int Http3Upstream::on_downstream_abort_request_with_https_redirect(
|
||||||
Downstream *downstream) {
|
Downstream *downstream) {
|
||||||
int rv;
|
assert(0);
|
||||||
|
abort();
|
||||||
rv = redirect_to_https(downstream);
|
|
||||||
if (rv != 0) {
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
handler_->signal_write();
|
|
||||||
return 0;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
namespace {
|
namespace {
|
||||||
|
@ -1604,10 +1597,11 @@ int Http3Upstream::on_downstream_reset(Downstream *downstream, bool no_retry) {
|
||||||
|
|
||||||
fail:
|
fail:
|
||||||
if (rv == SHRPX_ERR_TLS_REQUIRED) {
|
if (rv == SHRPX_ERR_TLS_REQUIRED) {
|
||||||
rv = on_downstream_abort_request_with_https_redirect(downstream);
|
assert(0);
|
||||||
} else {
|
abort();
|
||||||
rv = on_downstream_abort_request(downstream, 502);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
rv = on_downstream_abort_request(downstream, 502);
|
||||||
if (rv != 0) {
|
if (rv != 0) {
|
||||||
shutdown_stream(downstream, NGHTTP3_H3_INTERNAL_ERROR);
|
shutdown_stream(downstream, NGHTTP3_H3_INTERNAL_ERROR);
|
||||||
}
|
}
|
||||||
|
@ -2318,10 +2312,11 @@ void Http3Upstream::initiate_downstream(Downstream *downstream) {
|
||||||
auto dconn = handler_->get_downstream_connection(rv, downstream);
|
auto dconn = handler_->get_downstream_connection(rv, downstream);
|
||||||
if (!dconn) {
|
if (!dconn) {
|
||||||
if (rv == SHRPX_ERR_TLS_REQUIRED) {
|
if (rv == SHRPX_ERR_TLS_REQUIRED) {
|
||||||
rv = redirect_to_https(downstream);
|
assert(0);
|
||||||
} else {
|
abort();
|
||||||
rv = error_reply(downstream, 502);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
rv = error_reply(downstream, 502);
|
||||||
if (rv != 0) {
|
if (rv != 0) {
|
||||||
shutdown_stream(downstream, NGHTTP3_H3_INTERNAL_ERROR);
|
shutdown_stream(downstream, NGHTTP3_H3_INTERNAL_ERROR);
|
||||||
}
|
}
|
||||||
|
@ -2731,39 +2726,6 @@ int Http3Upstream::shutdown_stream_read(int64_t stream_id,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int Http3Upstream::redirect_to_https(Downstream *downstream) {
|
|
||||||
auto &req = downstream->request();
|
|
||||||
if (req.regular_connect_method() || req.scheme != "http") {
|
|
||||||
return error_reply(downstream, 400);
|
|
||||||
}
|
|
||||||
|
|
||||||
auto authority = util::extract_host(req.authority);
|
|
||||||
if (authority.empty()) {
|
|
||||||
return error_reply(downstream, 400);
|
|
||||||
}
|
|
||||||
|
|
||||||
auto &balloc = downstream->get_block_allocator();
|
|
||||||
auto config = get_config();
|
|
||||||
auto &httpconf = config->http;
|
|
||||||
|
|
||||||
StringRef loc;
|
|
||||||
if (httpconf.redirect_https_port == StringRef::from_lit("443")) {
|
|
||||||
loc = concat_string_ref(balloc, StringRef::from_lit("https://"), authority,
|
|
||||||
req.path);
|
|
||||||
} else {
|
|
||||||
loc = concat_string_ref(balloc, StringRef::from_lit("https://"), authority,
|
|
||||||
StringRef::from_lit(":"),
|
|
||||||
httpconf.redirect_https_port, req.path);
|
|
||||||
}
|
|
||||||
|
|
||||||
auto &resp = downstream->response();
|
|
||||||
resp.http_status = 308;
|
|
||||||
resp.fs.add_header_token(StringRef::from_lit("location"), loc, false,
|
|
||||||
http2::HD_LOCATION);
|
|
||||||
|
|
||||||
return send_reply(downstream, nullptr, 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
void Http3Upstream::consume(int64_t stream_id, size_t nconsumed) {
|
void Http3Upstream::consume(int64_t stream_id, size_t nconsumed) {
|
||||||
ngtcp2_conn_extend_max_stream_offset(conn_, stream_id, nconsumed);
|
ngtcp2_conn_extend_max_stream_offset(conn_, stream_id, nconsumed);
|
||||||
ngtcp2_conn_extend_max_offset(conn_, nconsumed);
|
ngtcp2_conn_extend_max_offset(conn_, nconsumed);
|
||||||
|
|
|
@ -120,7 +120,6 @@ public:
|
||||||
void initiate_downstream(Downstream *downstream);
|
void initiate_downstream(Downstream *downstream);
|
||||||
int shutdown_stream(Downstream *downstream, uint64_t app_error_code);
|
int shutdown_stream(Downstream *downstream, uint64_t app_error_code);
|
||||||
int shutdown_stream_read(int64_t stream_id, uint64_t app_error_code);
|
int shutdown_stream_read(int64_t stream_id, uint64_t app_error_code);
|
||||||
int redirect_to_https(Downstream *downstream);
|
|
||||||
int http_stream_close(Downstream *downstream, uint64_t app_error_code);
|
int http_stream_close(Downstream *downstream, uint64_t app_error_code);
|
||||||
void consume(int64_t stream_id, size_t nconsumed);
|
void consume(int64_t stream_id, size_t nconsumed);
|
||||||
void remove_downstream(Downstream *downstream);
|
void remove_downstream(Downstream *downstream);
|
||||||
|
|
Loading…
Reference in New Issue