use base qw(Danga::Socket);
use fields qw(httpd env rbuf input_left remote_addr remote_port);
use Fcntl qw(:seek);
-use HTTP::Parser::XS qw(parse_http_request); # supports pure Perl fallback
+use Plack::HTTPParser qw(parse_http_request); # XS or pure Perl
use HTTP::Status qw(status_message);
use HTTP::Date qw(time2str);
use IO::File;
CHUNK_MAX_HDR => 256,
};
+# Use the same configuration parameter as git since this is primarily
+# a slow-client sponge for git-http-backend
+# TODO: support per-respository http.maxRequestBuffer somehow...
+our $MAX_REQUEST_BUFFER = $ENV{GIT_HTTP_MAX_REQUEST_BUFFER} ||
+ (10 * 1024 * 1024);
+
my $null_io = IO::File->new('/dev/null', '<');
my $http_date;
my $prev = 0;
# We do not support Trailers in chunked requests, for now
# (they are rarely-used and git (as of 2.7.2) does not use them)
- return quit($self, 400) if $r == -1 || $env{HTTP_TRAILER};
+ if ($r == -1 || $env{HTTP_TRAILER} ||
+ # this length-check is necessary for PURE_PERL=1:
+ ($r == -2 && length($self->{rbuf}) > 0x4000)) {
+ return quit($self, 400);
+ }
return $self->watch_read(1) if $r < 0; # incomplete
$self->{rbuf} = substr($self->{rbuf}, $r);
my $proto = $env->{SERVER_PROTOCOL} or return; # HTTP/0.9 :P
my $status = $res->[0];
my $h = "$proto $status " . status_message($status) . "\r\n";
- my ($len, $chunked);
+ my $term;
my $headers = $res->[1];
for (my $i = 0; $i < @$headers; $i += 2) {
my $v = $headers->[$i + 1];
next if $k =~ /\A(?:Connection|Date)\z/i;
- $len = $v if $k =~ /\AContent-Length\z/i;
- if ($k =~ /\ATransfer-Encoding\z/i && $v =~ /\bchunked\b/i) {
- $chunked = 1;
+ if ($k =~ /\AContent-Length\z/ ||
+ ($k =~ /\ATransfer-Encoding\z/i && $v =~ /\bchunked\b/i)) {
+ $term = 1;
}
-
$h .= "$k: $v\r\n";
}
my $conn = $env->{HTTP_CONNECTION} || '';
- my $alive = (defined($len) || $chunked) &&
- ($proto eq 'HTTP/1.1' && $conn !~ /\bclose\b/i) ||
- ($conn =~ /\bkeep-alive\b/i);
+ my $alive = $term &&
+ (($proto eq 'HTTP/1.1' && $conn !~ /\bclose\b/i) ||
+ ($conn =~ /\bkeep-alive\b/i));
$h .= 'Connection: ' . ($alive ? 'keep-alive' : 'close');
$h .= "\r\nDate: " . http_date() . "\r\n\r\n";
- if (($len || $chunked) && $env->{REQUEST_METHOD} ne 'HEAD') {
+ if ($term && $env->{REQUEST_METHOD} ne 'HEAD') {
more($self, $h);
} else {
$self->write($h);
}
- ($alive, $chunked);
+ $alive;
}
sub response_write {
my ($self, $env, $res) = @_;
- my ($alive, $chunked) = response_header_write($self, $env, $res);
+ my $alive = response_header_write($self, $env, $res);
my $write = sub { $self->write($_[0]) };
my $close = sub {
if ($alive) {
my $input = $null_io;
my $len = $env->{CONTENT_LENGTH};
if ($len) {
+ if ($len > $MAX_REQUEST_BUFFER) {
+ quit($self, 413);
+ return;
+ }
$input = IO::File->new_tmpfile;
} elsif (env_chunked($env)) {
$len = CHUNK_START;
sub write_err {
my ($self) = @_;
- my $err = $self->{env}->{'psgi.errors'};
+ my $err = $self->{httpd}->{env}->{'psgi.errors'};
my $msg = $! || '(zero write)';
$err->print("error buffering to input: $msg\n");
quit($self, 500);
$self->{input_left} = $len;
return;
}
- my $err = $self->{env}->{'psgi.errors'};
+ my $err = $self->{httpd}->{env}->{'psgi.errors'};
$err->print("error reading for input: $! ($len bytes remaining)\n");
quit($self, 500);
}
if ($len == CHUNK_START) {
if ($$rbuf =~ s/\A([a-f0-9]+).*?\r\n//i) {
$len = hex $1;
+ if (($len + -s $input) > $MAX_REQUEST_BUFFER) {
+ return quit($self, 413);
+ }
} elsif (length($$rbuf) > CHUNK_MAX_HDR) {
return quit($self, 400);
}
sub event_hup { $_[0]->close }
sub event_err { $_[0]->close }
+sub write ($$) : method {
+ my PublicInbox::HTTP $self = $_[0];
+ return 1 if (defined($_[1]) && ref($_[1]) eq '' && $_[1] eq '');
+
+ $self->SUPER::write($_[1]);
+}
+
# for graceful shutdown in PublicInbox::Daemon:
sub busy () {
my ($self) = @_;