ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
vpp/src/plugins/http/http.h
Matus Fabian 499a9dd875 http: fix http_free_header_table 
Type: fix

Change-Id: I014aebc84d0c219cc0c99120e9cd51fcc520a41c
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-12-10 17:54:54 +00:00

1589 lines
48 KiB
C
Raw Permalink Blame History

/*
* Copyright (c) 2022 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef SRC_PLUGINS_HTTP_HTTP_H_
#define SRC_PLUGINS_HTTP_HTTP_H_
#include <ctype.h>
#include <vnet/plugin/plugin.h>
#include <vpp/app/version.h>
#include <vppinfra/time_range.h>
#include <vnet/session/application_interface.h>
#include <vnet/session/application.h>
#include <http/http_buffer.h>
#define HTTP_DEBUG 0
#if HTTP_DEBUG
#define HTTP_DBG(_lvl, _fmt, _args...) \
if (_lvl <= HTTP_DEBUG) \
clib_warning (_fmt, ##_args)
#else
#define HTTP_DBG(_lvl, _fmt, _args...)
#endif
typedef struct http_conn_id_
{
union
{
session_handle_t app_session_handle;
u32 parent_app_api_ctx;
};
session_handle_t tc_session_handle;
u32 parent_app_wrk_index;
} http_conn_id_t;
STATIC_ASSERT (sizeof (http_conn_id_t) <= TRANSPORT_CONN_ID_LEN,
"ctx id must be less than TRANSPORT_CONN_ID_LEN");
typedef struct
{
char *base;
uword len;
} http_token_t;
#define http_token_lit(s) (s), sizeof (s) - 1
#define foreach_http_conn_state \
_ (LISTEN, "listen") \
_ (CONNECTING, "connecting") \
_ (ESTABLISHED, "established") \
_ (TRANSPORT_CLOSED, "transport-closed") \
_ (APP_CLOSED, "app-closed") \
_ (CLOSED, "closed")
typedef enum http_conn_state_
{
#define _(s, str) HTTP_CONN_STATE_##s,
foreach_http_conn_state
#undef _
} http_conn_state_t;
#define foreach_http_req_state \
_ (0, IDLE, "idle") \
_ (1, WAIT_APP_METHOD, "wait app method") \
_ (2, WAIT_TRANSPORT_REPLY, "wait transport reply") \
_ (3, TRANSPORT_IO_MORE_DATA, "transport io more data") \
_ (4, WAIT_TRANSPORT_METHOD, "wait transport method") \
_ (5, WAIT_APP_REPLY, "wait app reply") \
_ (6, APP_IO_MORE_DATA, "app io more data") \
_ (7, TUNNEL, "tunnel")
typedef enum http_req_state_
{
#define _(n, s, str) HTTP_REQ_STATE_##s = n,
foreach_http_req_state
#undef _
HTTP_REQ_N_STATES
} http_req_state_t;
typedef enum http_req_method_
{
HTTP_REQ_GET = 0,
HTTP_REQ_POST,
HTTP_REQ_CONNECT,
} http_req_method_t;
typedef enum http_msg_type_
{
HTTP_MSG_REQUEST,
HTTP_MSG_REPLY
} http_msg_type_t;
typedef enum http_target_form_
{
HTTP_TARGET_ORIGIN_FORM,
HTTP_TARGET_ABSOLUTE_FORM,
HTTP_TARGET_AUTHORITY_FORM,
HTTP_TARGET_ASTERISK_FORM
} http_target_form_t;
#define foreach_http_content_type \
_ (APP_7Z, ".7z", "application/x-7z-compressed") \
_ (APP_DOC, ".doc", "application/msword") \
_ (APP_DOCX, ".docx", \
"application/vnd.openxmlformats-" \
"officedocument.wordprocessingml.document") \
_ (APP_EPUB, ".epub", "application/epub+zip") \
_ (APP_FONT, ".eot", "application/vnd.ms-fontobject") \
_ (APP_JAR, ".jar", "application/java-archive") \
_ (APP_JSON, ".json", "application/json") \
_ (APP_JSON_LD, ".jsonld", "application/ld+json") \
_ (APP_MPKG, ".mpkg", "application/vnd.apple.installer+xml") \
_ (APP_ODP, ".odp", "application/vnd.oasis.opendocument.presentation") \
_ (APP_ODS, ".ods", "application/vnd.oasis.opendocument.spreadsheet") \
_ (APP_ODT, ".odt", "application/vnd.oasis.opendocument.text") \
_ (APP_OGX, ".ogx", "application/ogg") \
_ (APP_PDF, ".pdf", "application/pdf") \
_ (APP_PHP, ".php", "application/x-httpd-php") \
_ (APP_PPT, ".ppt", "application/vnd.ms-powerpoint") \
_ (APP_PPTX, ".pptx", "application/vnd.ms-powerpoint") \
_ (APP_RAR, ".rar", "application/vnd.rar") \
_ (APP_RTF, ".rtf", "application/rtf") \
_ (APP_SH, ".sh", "application/x-sh") \
_ (APP_TAR, ".tar", "application/x-tar") \
_ (APP_VSD, ".vsd", "application/vnd.visio") \
_ (APP_XHTML, ".xhtml", "application/xhtml+xml") \
_ (APP_XLS, ".xls", "application/vnd.ms-excel") \
_ (APP_XML, ".xml", "application/xml") \
_ (APP_XSLX, ".xlsx", \
"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet") \
_ (APP_XUL, ".xul", "application/vnd.mozilla.xul+xml") \
_ (APP_X_WWW_FORM_URLENCODED, ".invalid", \
"application/x-www-form-urlencoded") \
_ (APP_ZIP, ".zip", "application/zip") \
_ (AUDIO_AAC, ".aac", "audio/aac") \
_ (AUDIO_CD, ".cda", "application/x-cdf") \
_ (AUDIO_WAV, ".wav", "audio/wav") \
_ (AUDIO_WEBA, ".weba", "audio/webm") \
_ (AUDO_MIDI, ".midi", "audio/midi") \
_ (AUDO_MID, ".mid", "audo/midi") \
_ (AUDO_MP3, ".mp3", "audio/mpeg") \
_ (AUDO_OGA, ".oga", "audio/ogg") \
_ (AUDO_OPUS, ".opus", "audio/opus") \
_ (APP_OCTET_STREAM, ".bin", "application/octet-stream") \
_ (BZIP2, ".bz2", "application/x-bzip2") \
_ (BZIP, ".bz", "application/x-bzip") \
_ (FONT_OTF, ".otf", "font/otf") \
_ (FONT_TTF, ".ttf", "font/ttf") \
_ (FONT_WOFF2, ".woff2", "font/woff2") \
_ (FONT_WOFF, ".woff", "font/woff") \
_ (GZIP, ".gz", "application/gzip") \
_ (IMAGE_AVIF, ".avif", "image/avif") \
_ (IMAGE_BMP, ".bmp", "image/bmp") \
_ (IMAGE_GIF, ".gif", "image/gif") \
_ (IMAGE_ICON, ".ico", "image/vnd.microsoft.icon") \
_ (IMAGE_JPEG, ".jpeg", "image/jpeg") \
_ (IMAGE_JPG, ".jpg", "image/jpeg") \
_ (IMAGE_PNG, ".png", "image/png") \
_ (IMAGE_SVG, ".svg", "image/svg+xml") \
_ (IMAGE_TIFF, ".tiff", "image/tiff") \
_ (IMAGE_TIF, ".tif", "image/tiff") \
_ (IMAGE_WEBP, ".webp", "image/webp") \
_ (SCRIPT_CSH, ".csh", "application/x-csh") \
_ (TEXT_ABIWORD, ".abw", "application/x-abiword") \
_ (TEXT_ARCHIVE, ".arc", "application/x-freearc") \
_ (TEXT_AZW, ".azw", "application/vnd.amazon.ebook") \
_ (TEXT_CALENDAR, ".ics", "text/calendar") \
_ (TEXT_CSS, ".css", "text/css") \
_ (TEXT_CSV, ".csv", "text/csv") \
_ (TEXT_HTM, ".htm", "text/html") \
_ (TEXT_HTML, ".html", "text/html") \
_ (TEXT_JS, ".js", "text/javascript") \
_ (TEXT_MJS, ".mjs", "text/javascript") \
_ (TEXT_PLAIN, ".txt", "text/plain") \
_ (VIDEO_3GP2, ".3g2", "video/3gpp2") \
_ (VIDEO_3GP, ".3gp", "video/3gpp") \
_ (VIDEO_AVI, ".avi", "video/x-msvideo") \
_ (VIDEO_MP4, ".mp4", "video/mp4") \
_ (VIDEO_MPEG, ".mpeg", "video/mpeg") \
_ (VIDEO_OGG, ".ogv", "video/ogg") \
_ (VIDEO_TS, ".ts", "video/mp2t") \
_ (VIDEO_WEBM, ".webm", "video/webm")
typedef enum http_content_type_
{
#define _(s, ext, str) HTTP_CONTENT_##s,
foreach_http_content_type
#undef _
} http_content_type_t;
#define foreach_http_status_code \
_ (100, CONTINUE, "100 Continue") \
_ (101, SWITCHING_PROTOCOLS, "101 Switching Protocols") \
_ (200, OK, "200 OK") \
_ (201, CREATED, "201 Created") \
_ (202, ACCEPTED, "202 Accepted") \
_ (203, NON_UTHORITATIVE_INFORMATION, "203 Non-Authoritative Information") \
_ (204, NO_CONTENT, "204 No Content") \
_ (205, RESET_CONTENT, "205 Reset Content") \
_ (206, PARTIAL_CONTENT, "206 Partial Content") \
_ (300, MULTIPLE_CHOICES, "300 Multiple Choices") \
_ (301, MOVED, "301 Moved Permanently") \
_ (302, FOUND, "302 Found") \
_ (303, SEE_OTHER, "303 See Other") \
_ (304, NOT_MODIFIED, "304 Not Modified") \
_ (305, USE_PROXY, "305 Use Proxy") \
_ (307, TEMPORARY_REDIRECT, "307 Temporary Redirect") \
_ (308, PERMANENT_REDIRECT, "308 Permanent Redirect") \
_ (400, BAD_REQUEST, "400 Bad Request") \
_ (401, UNAUTHORIZED, "401 Unauthorized") \
_ (402, PAYMENT_REQUIRED, "402 Payment Required") \
_ (403, FORBIDDEN, "403 Forbidden") \
_ (404, NOT_FOUND, "404 Not Found") \
_ (405, METHOD_NOT_ALLOWED, "405 Method Not Allowed") \
_ (406, NOT_ACCEPTABLE, "406 Not Acceptable") \
_ (407, PROXY_AUTHENTICATION_REQUIRED, "407 Proxy Authentication Required") \
_ (408, REQUEST_TIMEOUT, "408 Request Timeout") \
_ (409, CONFLICT, "409 Conflict") \
_ (410, GONE, "410 Gone") \
_ (411, LENGTH_REQUIRED, "411 Length Required") \
_ (412, PRECONDITION_FAILED, "412 Precondition Failed") \
_ (413, CONTENT_TOO_LARGE, "413 Content Too Large") \
_ (414, URI_TOO_LONG, "414 URI Too Long") \
_ (415, UNSUPPORTED_MEDIA_TYPE, "415 Unsupported Media Type") \
_ (416, RANGE_NOT_SATISFIABLE, "416 Range Not Satisfiable") \
_ (417, EXPECTATION_FAILED, "417 Expectation Failed") \
_ (421, MISDIRECTED_REQUEST, "421 Misdirected Request") \
_ (422, UNPROCESSABLE_CONTENT, "422 Unprocessable_Content") \
_ (426, UPGRADE_REQUIRED, "426 Upgrade Required") \
_ (500, INTERNAL_ERROR, "500 Internal Server Error") \
_ (501, NOT_IMPLEMENTED, "501 Not Implemented") \
_ (502, BAD_GATEWAY, "502 Bad Gateway") \
_ (503, SERVICE_UNAVAILABLE, "503 Service Unavailable") \
_ (504, GATEWAY_TIMEOUT, "504 Gateway Timeout") \
_ (505, HTTP_VERSION_NOT_SUPPORTED, "505 HTTP Version Not Supported")
typedef enum http_status_code_
{
#define _(c, s, str) HTTP_STATUS_##s,
foreach_http_status_code
#undef _
HTTP_N_STATUS
} http_status_code_t;
#define foreach_http_header_name \
_ (ACCEPT, "Accept") \
_ (ACCEPT_CHARSET, "Accept-Charset") \
_ (ACCEPT_ENCODING, "Accept-Encoding") \
_ (ACCEPT_LANGUAGE, "Accept-Language") \
_ (ACCEPT_RANGES, "Accept-Ranges") \
_ (ACCESS_CONTROL_ALLOW_CREDENTIALS, "Access-Control-Allow-Credentials") \
_ (ACCESS_CONTROL_ALLOW_HEADERS, "Access-Control-Allow-Headers") \
_ (ACCESS_CONTROL_ALLOW_METHODS, "Access-Control-Allow-Methods") \
_ (ACCESS_CONTROL_ALLOW_ORIGIN, "Access-Control-Allow-Origin") \
_ (ACCESS_CONTROL_EXPOSE_HEADERS, "Access-Control-Expose-Headers") \
_ (ACCESS_CONTROL_MAX_AGE, "Access-Control-Max-Age") \
_ (ACCESS_CONTROL_REQUEST_HEADERS, "Access-Control-Request-Headers") \
_ (ACCESS_CONTROL_REQUEST_METHOD, "Access-Control-Request-Method") \
_ (AGE, "Age") \
_ (ALLOW, "Allow") \
_ (ALPN, "ALPN") \
_ (ALT_SVC, "Alt-Svc") \
_ (ALT_USED, "Alt-Used") \
_ (ALTERNATES, "Alternates") \
_ (AUTHENTICATION_CONTROL, "Authentication-Control") \
_ (AUTHENTICATION_INFO, "Authentication-Info") \
_ (AUTHORIZATION, "Authorization") \
_ (CACHE_CONTROL, "Cache-Control") \
_ (CACHE_STATUS, "Cache-Status") \
_ (CAPSULE_PROTOCOL, "Capsule-Protocol") \
_ (CDN_CACHE_CONTROL, "CDN-Cache-Control") \
_ (CDN_LOOP, "CDN-Loop") \
_ (CLIENT_CERT, "Client-Cert") \
_ (CLIENT_CERT_CHAIN, "Client-Cert-Chain") \
_ (CLOSE, "Close") \
_ (CONNECTION, "Connection") \
_ (CONTENT_DIGEST, "Content-Digest") \
_ (CONTENT_DISPOSITION, "Content-Disposition") \
_ (CONTENT_ENCODING, "Content-Encoding") \
_ (CONTENT_LANGUAGE, "Content-Language") \
_ (CONTENT_LENGTH, "Content-Length") \
_ (CONTENT_LOCATION, "Content-Location") \
_ (CONTENT_RANGE, "Content-Range") \
_ (CONTENT_TYPE, "Content-Type") \
_ (COOKIE, "Cookie") \
_ (DATE, "Date") \
_ (DIGEST, "Digest") \
_ (DPOP, "DPoP") \
_ (DPOP_NONCE, "DPoP-Nonce") \
_ (EARLY_DATA, "Early-Data") \
_ (ETAG, "ETag") \
_ (EXPECT, "Expect") \
_ (EXPIRES, "Expires") \
_ (FORWARDED, "Forwarded") \
_ (FROM, "From") \
_ (HOST, "Host") \
_ (IF_MATCH, "If-Match") \
_ (IF_MODIFIED_SINCE, "If-Modified-Since") \
_ (IF_NONE_MATCH, "If-None-Match") \
_ (IF_RANGE, "If-Range") \
_ (IF_UNMODIFIED_SINCE, "If-Unmodified-Since") \
_ (KEEP_ALIVE, "Keep-Alive") \
_ (LAST_MODIFIED, "Last-Modified") \
_ (LINK, "Link") \
_ (LOCATION, "Location") \
_ (MAX_FORWARDS, "Max-Forwards") \
_ (ORIGIN, "Origin") \
_ (PRIORITY, "Priority") \
_ (PROXY_AUTHENTICATE, "Proxy-Authenticate") \
_ (PROXY_AUTHENTICATION_INFO, "Proxy-Authentication-Info") \
_ (PROXY_AUTHORIZATION, "Proxy-Authorization") \
_ (PROXY_STATUS, "Proxy-Status") \
_ (RANGE, "Range") \
_ (REFERER, "Referer") \
_ (REPR_DIGEST, "Repr-Digest") \
_ (SET_COOKIE, "Set-Cookie") \
_ (SIGNATURE, "Signature") \
_ (SIGNATURE_INPUT, "Signature-Input") \
_ (STRICT_TRANSPORT_SECURITY, "Strict-Transport-Security") \
_ (RETRY_AFTER, "Retry-After") \
_ (SERVER, "Server") \
_ (TE, "TE") \
_ (TRAILER, "Trailer") \
_ (TRANSFER_ENCODING, "Transfer-Encoding") \
_ (UPGRADE, "Upgrade") \
_ (USER_AGENT, "User-Agent") \
_ (VARY, "Vary") \
_ (VIA, "Via") \
_ (WANT_CONTENT_DIGEST, "Want-Content-Digest") \
_ (WANT_REPR_DIGEST, "Want-Repr-Digest") \
_ (WWW_AUTHENTICATE, "WWW-Authenticate")
typedef enum http_header_name_
{
#define _(sym, str) HTTP_HEADER_##sym,
foreach_http_header_name
#undef _
} http_header_name_t;
#define HTTP_BOOLEAN_TRUE "?1"
#define foreach_http_upgrade_proto \
_ (CONNECT_UDP, "connect-udp") \
_ (CONNECT_IP, "connect-ip") \
_ (WEBSOCKET, "websocket")
typedef enum http_upgrade_proto_
{
HTTP_UPGRADE_PROTO_NA =
0, /* indicating standard CONNECT where protocol is omitted */
#define _(sym, str) HTTP_UPGRADE_PROTO_##sym,
foreach_http_upgrade_proto
#undef _
} http_upgrade_proto_t;
typedef enum http_msg_data_type_
{
HTTP_MSG_DATA_INLINE,
HTTP_MSG_DATA_PTR
} http_msg_data_type_t;
typedef struct http_field_line_
{
u32 name_offset;
u32 name_len;
u32 value_offset;
u32 value_len;
} http_field_line_t;
typedef struct http_msg_data_
{
http_msg_data_type_t type;
u64 len;
http_target_form_t target_form;
u32 target_path_offset;
u32 target_path_len;
u32 target_query_offset;
u32 target_query_len;
u32 headers_offset;
u32 headers_len;
u32 body_offset;
u64 body_len;
uword headers_ctx;
http_upgrade_proto_t upgrade_proto;
u8 data[0];
} http_msg_data_t;
typedef struct http_msg_
{
http_msg_type_t type;
union
{
http_req_method_t method_type;
http_status_code_t code;
};
http_msg_data_t data;
} http_msg_t;
typedef struct http_req_
{
http_req_state_t state; /* state-machine state */
http_buffer_t tx_buf; /* message body from app to be sent */
/*
* for parsing of incoming message from transport
*/
u8 *rx_buf; /* this should hold at least control data */
u32 rx_buf_offset; /* current offset during parsing */
u32 control_data_len; /* start line + headers + empty line */
u64 to_recv; /* remaining bytes of message body to receive from transport */
u8 is_tunnel;
/*
* parsed metadata for app
*/
union
{
http_status_code_t status_code;
http_req_method_t method;
};
http_target_form_t target_form;
u32 target_path_offset;
u32 target_path_len;
u32 target_query_offset;
u32 target_query_len;
u32 headers_offset;
u32 headers_len;
u32 body_offset;
u64 body_len;
http_field_line_t *headers;
uword content_len_header_index;
uword connection_header_index;
uword upgrade_header_index;
http_upgrade_proto_t upgrade_proto;
} http_req_t;
typedef struct http_tc_
{
union
{
transport_connection_t connection;
http_conn_id_t c_http_conn_id;
};
#define h_tc_session_handle c_http_conn_id.tc_session_handle
#define h_pa_wrk_index c_http_conn_id.parent_app_wrk_index
#define h_pa_session_handle c_http_conn_id.app_session_handle
#define h_pa_app_api_ctx c_http_conn_id.parent_app_api_ctx
#define h_hc_index connection.c_index
http_conn_state_t state;
u32 timer_handle;
u32 timeout;
u8 pending_timer;
u8 *app_name;
u8 *host;
u8 is_server;
http_req_t req;
} http_conn_t;
typedef struct http_worker_
{
http_conn_t *conn_pool;
} http_worker_t;
typedef struct http_main_
{
http_worker_t *wrk;
http_conn_t *listener_pool;
http_conn_t *ho_conn_pool;
u32 app_index;
clib_timebase_t timebase;
u16 *sc_by_u16;
/*
* Runtime config
*/
u8 debug_level;
u8 is_init;
/*
* Config
*/
u64 first_seg_size;
u64 add_seg_size;
u32 fifo_size;
} http_main_t;
always_inline u8 *
format_http_bytes (u8 *s, va_list *va)
{
u8 *bytes = va_arg (*va, u8 *);
int n_bytes = va_arg (*va, int);
uword i;
if (n_bytes == 0)
return s;
for (i = 0; i < n_bytes; i++)
{
if (isprint (bytes[i]))
s = format (s, "%c", bytes[i]);
else
s = format (s, "\\x%02x", bytes[i]);
}
return s;
}
always_inline int
_validate_target_syntax (u8 *target, u32 len, int is_query, int *is_encoded)
{
int encoded = 0;
u32 i;
static uword valid_chars[4] = {
/* !$&'()*+,-./0123456789:;= */
0x2fffffd200000000,
/* @ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz~ */
0x47fffffe87ffffff,
0x0000000000000000,
0x0000000000000000,
};
for (i = 0; i < len; i++)
{
if (clib_bitmap_get_no_check (valid_chars, target[i]))
continue;
/* target was already split after first question mark,
* for query it is valid character */
if (is_query && target[i] == '?')
continue;
/* pct-encoded = "%" HEXDIG HEXDIG */
if (target[i] == '%')
{
if ((i + 2) >= len)
return -1;
if (!isxdigit (target[i + 1]) || !isxdigit (target[i + 2]))
return -1;
i += 2;
encoded = 1;
continue;
}
clib_warning ("invalid character %d", target[i]);
return -1;
}
if (is_encoded)
*is_encoded = encoded;
return 0;
}
/**
* An "absolute-path" rule validation (RFC9110 section 4.1).
*
* @param path Vector of target path to validate.
* @param is_encoded Return flag that indicates if percent-encoded (optional).
*
* @return @c 0 on success.
*/
always_inline int
http_validate_abs_path_syntax (u8 *path, int *is_encoded)
{
return _validate_target_syntax (path, vec_len (path), 0, is_encoded);
}
/**
* A "query" rule validation (RFC3986 section 2.1).
*
* @param query Vector of target query to validate.
* @param is_encoded Return flag that indicates if percent-encoded (optional).
*
* @return @c 0 on success.
*/
always_inline int
http_validate_query_syntax (u8 *query, int *is_encoded)
{
return _validate_target_syntax (query, vec_len (query), 1, is_encoded);
}
#define htoi(x) (isdigit (x) ? (x - '0') : (tolower (x) - 'a' + 10))
/**
* Decode percent-encoded data.
*
* @param src Data to decode.
* @param len Length of data to decode.
*
* @return New vector with decoded data.
*
* The caller is always responsible to free the returned vector.
*/
always_inline u8 *
http_percent_decode (u8 *src, u32 len)
{
u32 i;
u8 *decoded_uri = 0;
for (i = 0; i < len; i++)
{
if (src[i] == '%')
{
u8 c = (htoi (src[i + 1]) << 4) | htoi (src[i + 2]);
vec_add1 (decoded_uri, c);
i += 2;
}
else
vec_add1 (decoded_uri, src[i]);
}
return decoded_uri;
}
/**
* Remove dot segments from path (RFC3986 section 5.2.4)
*
* @param path Path to sanitize.
*
* @return New vector with sanitized path.
*
* The caller is always responsible to free the returned vector.
*/
always_inline u8 *
http_path_remove_dot_segments (u8 *path)
{
u32 *segments = 0, *segments_len = 0, segment_len;
u8 *new_path = 0;
int i, ii;
if (!path)
return vec_new (u8, 0);
segments = vec_new (u32, 1);
/* first segment */
segments[0] = 0;
/* find all segments */
for (i = 1; i < (vec_len (path) - 1); i++)
{
if (path[i] == '/')
vec_add1 (segments, i + 1);
}
/* dummy tail */
vec_add1 (segments, vec_len (path));
/* scan all segments for "." and ".." */
segments_len = vec_new (u32, vec_len (segments) - 1);
for (i = 0; i < vec_len (segments_len); i++)
{
segment_len = segments[i + 1] - segments[i];
if (segment_len == 2 && path[segments[i]] == '.')
segment_len = 0;
else if (segment_len == 3 && path[segments[i]] == '.' &&
path[segments[i] + 1] == '.')
{
segment_len = 0;
/* remove parent (if any) */
for (ii = i - 1; ii >= 0; ii--)
{
if (segments_len[ii])
{
segments_len[ii] = 0;
break;
}
}
}
segments_len[i] = segment_len;
}
/* we might end with empty path, so return at least empty vector */
new_path = vec_new (u8, 0);
/* append all valid segments */
for (i = 0; i < vec_len (segments_len); i++)
{
if (segments_len[i])
vec_add (new_path, path + segments[i], segments_len[i]);
}
vec_free (segments);
vec_free (segments_len);
return new_path;
}
always_inline int
_parse_field_name (u8 **pos, u8 *end, u8 **field_name_start,
u32 *field_name_len)
{
u32 name_len = 0;
u8 *p;
static uword tchar[4] = {
/* !#$%'*+-.0123456789 */
0x03ff6cba00000000,
/* ABCDEFGHIJKLMNOPQRSTUVWXYZ^_`abcdefghijklmnopqrstuvwxyz|~ */
0x57ffffffc7fffffe,
0x0000000000000000,
0x0000000000000000,
};
p = *pos;
*field_name_start = p;
while (p != end)
{
if (clib_bitmap_get_no_check (tchar, *p))
{
name_len++;
p++;
}
else if (*p == ':')
{
if (name_len == 0)
{
clib_warning ("empty field name");
return -1;
}
*field_name_len = name_len;
p++;
*pos = p;
return 0;
}
else
{
clib_warning ("invalid character %d", *p);
return -1;
}
}
clib_warning ("field name end not found");
return -1;
}
always_inline int
_parse_field_value (u8 **pos, u8 *end, u8 **field_value_start,
u32 *field_value_len)
{
u32 value_len = 0;
u8 *p;
p = *pos;
/* skip leading whitespace */
while (1)
{
if (p == end)
{
clib_warning ("field value not found");
return -1;
}
else if (*p != ' ' && *p != '\t')
{
break;
}
p++;
}
*field_value_start = p;
while (p != end)
{
if (*p == '\r')
{
if ((end - p) < 1)
{
clib_warning ("incorrect field line end");
return -1;
}
p++;
if (*p == '\n')
{
if (value_len == 0)
{
clib_warning ("empty field value");
return -1;
}
p++;
*pos = p;
/* skip trailing whitespace */
p = *field_value_start + value_len - 1;
while (*p == ' ' || *p == '\t')
{
p--;
value_len--;
}
*field_value_len = value_len;
return 0;
}
clib_warning ("CR without LF");
return -1;
}
if (*p < ' ' && *p != '\t')
{
clib_warning ("invalid character %d", *p);
return -1;
}
p++;
value_len++;
}
clib_warning ("field value end not found");
return -1;
}
typedef struct
{
http_token_t name;
http_token_t value;
} http_header_t;
typedef struct
{
http_header_t *headers;
uword *value_by_name;
u8 *buf;
char **concatenated_values;
} http_header_table_t;
#define HTTP_HEADER_TABLE_NULL \
{ \
.headers = 0, .value_by_name = 0, .buf = 0, .concatenated_values = 0, \
}
always_inline u8
http_token_is (const char *actual, uword actual_len, const char *expected,
uword expected_len)
{
ASSERT (actual != 0);
if (actual_len != expected_len)
return 0;
return memcmp (actual, expected, expected_len) == 0 ? 1 : 0;
}
always_inline u8
http_token_is_case (const char *actual, uword actual_len, const char *expected,
uword expected_len)
{
uword i;
ASSERT (actual != 0);
if (actual_len != expected_len)
return 0;
for (i = 0; i < expected_len; i++)
{
if (tolower (actual[i]) != expected[i])
return 0;
}
return 1;
}
always_inline u8
http_token_contains (const char *haystack, uword haystack_len,
const char *needle, uword needle_len)
{
uword end_index, i;
ASSERT (haystack != 0);
if (haystack_len < needle_len)
return 0;
end_index = haystack_len - needle_len;
for (i = 0; i <= end_index; i++)
{
if (!memcmp (haystack + i, needle, needle_len))
return 1;
}
return 0;
}
/**
* Reset header table before reuse.
*
* @param ht Header table to reset.
*/
always_inline void
http_reset_header_table (http_header_table_t *ht)
{
int i;
for (i = 0; i < vec_len (ht->concatenated_values); i++)
vec_free (ht->concatenated_values[i]);
vec_reset_length (ht->concatenated_values);
vec_reset_length (ht->headers);
vec_reset_length (ht->buf);
hash_free (ht->value_by_name);
}
/**
* Initialize header table input buffer.
* @param ht Header table.
* @param msg HTTP transport message metadata.
*/
always_inline void
http_init_header_table_buf (http_header_table_t *ht, http_msg_t msg)
{
vec_validate (ht->buf, msg.data.headers_len - 1);
}
/**
* Free header table's memory.
*
* @param ht Header table to free.
*/
always_inline void
http_free_header_table (http_header_table_t *ht)
{
int i;
for (i = 0; i < vec_len (ht->concatenated_values); i++)
vec_free (ht->concatenated_values[i]);
vec_free (ht->concatenated_values);
vec_free (ht->headers);
vec_free (ht->buf);
hash_free (ht->value_by_name);
}
static uword
_http_ht_hash_key_sum (hash_t *h, uword key)
{
http_token_t *name = uword_to_pointer (key, http_token_t *);
return hash_memory (name->base, name->len, 0);
}
static uword
_http_ht_hash_key_equal (hash_t *h, uword key1, uword key2)
{
http_token_t *name1 = uword_to_pointer (key1, http_token_t *);
http_token_t *name2 = uword_to_pointer (key2, http_token_t *);
return name1 && name2 &&
http_token_is (name1->base, name1->len, name2->base, name2->len);
}
/**
* Build header table.
*
* @param header_table Header table with loaded buffer.
* @param msg HTTP transport message metadata.
*
* @note If reusing already allocated header table use
* @c http_reset_header_table first.
*/
always_inline void
http_build_header_table (http_header_table_t *ht, http_msg_t msg)
{
http_token_t name;
http_header_t *header;
http_field_line_t *field_lines, *field_line;
uword *p;
ASSERT (ht);
field_lines = uword_to_pointer (msg.data.headers_ctx, http_field_line_t *);
ht->value_by_name =
hash_create2 (0, 0, sizeof (uword), _http_ht_hash_key_sum,
_http_ht_hash_key_equal, 0, 0);
vec_foreach (field_line, field_lines)
{
name.base = (char *) (ht->buf + field_line->name_offset);
name.len = field_line->name_len;
/* check if header is repeated */
p = hash_get_mem (ht->value_by_name, &name);
if (p)
{
char *new_value = 0;
header = vec_elt_at_index (ht->headers, p[0]);
u32 new_len = header->value.len + field_line->value_len + 2;
vec_validate (new_value, new_len - 1);
clib_memcpy (new_value, header->value.base, header->value.len);
new_value[header->value.len] = ',';
new_value[header->value.len + 1] = ' ';
clib_memcpy (new_value + header->value.len + 2,
ht->buf + field_line->value_offset,
field_line->value_len);
vec_add1 (ht->concatenated_values, new_value);
header->value.base = new_value;
header->value.len = new_len;
continue;
}
/* or create new record */
vec_add2 (ht->headers, header, 1);
header->name.base = name.base;
header->name.len = name.len;
header->value.base = (char *) (ht->buf + field_line->value_offset);
header->value.len = field_line->value_len;
HTTP_DBG (1, "value: %U", format_http_bytes, header->value.base,
header->value.len);
hash_set_mem (ht->value_by_name, &header->name, header - ht->headers);
}
}
/**
* Try to find given header name in header table.
*
* @param header_table Header table to search.
* @param name Header name to match.
*
* @return Header's value in case of success, @c 0 otherwise.
*/
always_inline const http_header_t *
http_get_header (http_header_table_t *header_table, const char *name,
uword name_len)
{
uword *p;
http_header_t *header;
http_token_t name_token = { (char *) name, name_len };
p = hash_get_mem (header_table->value_by_name, &name_token);
if (p)
{
header = vec_elt_at_index (header_table->headers, p[0]);
return header;
}
return 0;
}
/**
* Add header to the list.
*
* @param headers Header list.
* @param name Pointer to header's name buffer.
* @param name_len Length of the name.
* @param value Pointer to header's value buffer.
* @param value_len Length of the value.
*
* @note Headers added at protocol layer: Date, Server, Content-Length
*/
always_inline void
http_add_header (http_header_t **headers, const char *name, uword name_len,
const char *value, uword value_len)
{
http_header_t *header;
vec_add2 (*headers, header, 1);
header->name.base = (char *) name;
header->name.len = name_len;
header->value.base = (char *) value;
header->value.len = value_len;
}
/**
* Serialize the header list.
*
* @param headers Header list to serialize.
*
* @return New vector with serialized headers.
*
* The caller is always responsible to free the returned vector.
*/
always_inline u8 *
http_serialize_headers (http_header_t *headers)
{
u8 *headers_buf = 0, *dst;
u32 headers_buf_len = 2;
http_header_t *header;
vec_foreach (header, headers)
headers_buf_len += header->name.len + header->value.len + 4;
vec_validate (headers_buf, headers_buf_len - 1);
dst = headers_buf;
vec_foreach (header, headers)
{
clib_memcpy (dst, header->name.base, header->name.len);
dst += header->name.len;
*dst++ = ':';
*dst++ = ' ';
clib_memcpy (dst, header->value.base, header->value.len);
dst += header->value.len;
*dst++ = '\r';
*dst++ = '\n';
}
*dst++ = '\r';
*dst = '\n';
return headers_buf;
}
typedef struct
{
ip46_address_t ip;
u16 port;
u8 is_ip4;
} http_uri_t;
always_inline int
http_parse_authority_form_target (u8 *target, http_uri_t *authority)
{
unformat_input_t input;
u32 port;
int rv = 0;
unformat_init_vector (&input, vec_dup (target));
if (unformat (&input, "[%U]:%d", unformat_ip6_address, &authority->ip.ip6,
&port))
{
authority->port = clib_host_to_net_u16 (port);
authority->is_ip4 = 0;
}
else if (unformat (&input, "%U:%d", unformat_ip4_address, &authority->ip.ip4,
&port))
{
authority->port = clib_host_to_net_u16 (port);
authority->is_ip4 = 1;
}
/* TODO reg-name resolution */
else
{
clib_warning ("unsupported format '%v'", target);
rv = -1;
}
unformat_free (&input);
return rv;
}
always_inline u8 *
http_serialize_authority_form_target (http_uri_t *authority)
{
u8 *s;
if (authority->is_ip4)
s = format (0, "%U:%d", format_ip4_address, &authority->ip.ip4,
clib_net_to_host_u16 (authority->port));
else
s = format (0, "[%U]:%d", format_ip6_address, &authority->ip.ip6,
clib_net_to_host_u16 (authority->port));
return s;
}
typedef enum http_url_scheme_
{
HTTP_URL_SCHEME_HTTP,
HTTP_URL_SCHEME_HTTPS,
} http_url_scheme_t;
typedef struct
{
http_url_scheme_t scheme;
u16 port;
u32 host_offset;
u32 host_len;
u32 path_offset;
u32 path_len;
u8 host_is_ip6;
} http_url_t;
always_inline int
_parse_port (u8 **pos, u8 *end, u16 *port)
{
u32 value = 0;
u8 *p = *pos;
if (!isdigit (*p))
return -1;
value = *p - '0';
p++;
while (p != end)
{
if (!isdigit (*p))
break;
value = value * 10 + *p - '0';
if (value > CLIB_U16_MAX)
return -1;
p++;
}
*pos = p;
*port = clib_host_to_net_u16 ((u16) value);
return 0;
}
/**
* An "absolute-form" URL parsing.
*
* @param url Vector of target URL to validate.
* @param parsed Parsed URL metadata in case of success.
*
* @return @c 0 on success.
*/
always_inline int
http_parse_absolute_form (u8 *url, http_url_t *parsed)
{
u8 *token_start, *token_end, *end;
int is_encoded = 0;
static uword valid_chars[4] = {
/* -.0123456789 */
0x03ff600000000000,
/* ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz */
0x07fffffe07fffffe,
0x0000000000000000,
0x0000000000000000,
};
if (vec_len (url) < 9)
{
clib_warning ("uri too short");
return -1;
}
clib_memset (parsed, 0, sizeof (*parsed));
end = url + vec_len (url);
/* parse scheme */
if (!memcmp (url, "http:// ", 7))
{
parsed->scheme = HTTP_URL_SCHEME_HTTP;
parsed->port = clib_host_to_net_u16 (80);
parsed->host_offset = 7;
}
else if (!memcmp (url, "https:// ", 8))
{
parsed->scheme = HTTP_URL_SCHEME_HTTPS;
parsed->port = clib_host_to_net_u16 (443);
parsed->host_offset = 8;
}
else
{
clib_warning ("invalid scheme");
return -1;
}
token_start = url + parsed->host_offset;
/* parse host */
if (*token_start == '[')
/* IPv6 address */
{
parsed->host_is_ip6 = 1;
parsed->host_offset++;
token_end = ++token_start;
while (1)
{
if (token_end == end)
{
clib_warning ("invalid host, IPv6 addr not terminated with ']'");
return -1;
}
else if (*token_end == ']')
{
parsed->host_len = token_end - token_start;
token_start = token_end + 1;
break;
}
else if (*token_end != ':' && *token_end != '.' &&
!isxdigit (*token_end))
{
clib_warning ("invalid character '%u'", *token_end);
return -1;
}
token_end++;
}
}
else
{
token_end = token_start;
while (token_end != end && *token_end != ':' && *token_end != '/')
{
if (!clib_bitmap_get_no_check (valid_chars, *token_end))
{
clib_warning ("invalid character '%u'", *token_end);
return -1;
}
token_end++;
}
parsed->host_len = token_end - token_start;
token_start = token_end;
}
if (!parsed->host_len)
{
clib_warning ("zero length host");
return -1;
}
/* parse port, if any */
if (token_start != end && *token_start == ':')
{
token_end = ++token_start;
if (_parse_port (&token_end, end, &parsed->port))
{
clib_warning ("invalid port");
return -1;
}
token_start = token_end;
}
if (token_start == end)
return 0;
token_start++; /* drop leading slash */
parsed->path_offset = token_start - url;
parsed->path_len = end - token_start;
if (parsed->path_len)
return _validate_target_syntax (token_start, parsed->path_len, 0,
&is_encoded);
return 0;
}
/**
* Parse target host and port of UDP tunnel over HTTP.
*
* @param path Path in format "{target_host}/{target_port}/".
* @param path_len Length of given path.
* @param parsed Parsed target in case of success..
*
* @return @c 0 on success.
*
* @note Only IPv4 literals and IPv6 literals supported.
*/
always_inline int
http_parse_masque_host_port (u8 *path, u32 path_len, http_uri_t *parsed)
{
u8 *p, *end, *decoded_host;
u32 host_len;
unformat_input_t input;
p = path;
end = path + path_len;
clib_memset (parsed, 0, sizeof (*parsed));
while (p != end && *p != '/')
p++;
host_len = p - path;
if (!host_len || (host_len == path_len) || (host_len + 1 == path_len))
return -1;
decoded_host = http_percent_decode (path, host_len);
unformat_init_vector (&input, decoded_host);
if (unformat (&input, "%U", unformat_ip4_address, &parsed->ip.ip4))
parsed->is_ip4 = 1;
else if (unformat (&input, "%U", unformat_ip6_address, &parsed->ip.ip6))
parsed->is_ip4 = 0;
else
{
unformat_free (&input);
clib_warning ("unsupported target_host format");
return -1;
}
unformat_free (&input);
p++;
if (_parse_port (&p, end, &parsed->port))
{
clib_warning ("invalid port");
return -1;
}
if (p == end || *p != '/')
return -1;
return 0;
}
#define HTTP_INVALID_VARINT ((u64) ~0)
#define HTTP_UDP_PROXY_DATAGRAM_CAPSULE_OVERHEAD 5
#define HTTP_UDP_PAYLOAD_MAX_LEN 65527
#define foreach_http_capsule_type _ (0, DATAGRAM)
typedef enum http_capsule_type_
{
#define _(n, s) HTTP_CAPSULE_TYPE_##s = n,
foreach_http_capsule_type
#undef _
} __clib_packed http_capsule_type_t;
/* variable-length integer (RFC9000 section 16) */
always_inline u64
_http_decode_varint (u8 **pos, u8 *end)
{
u8 first_byte, bytes_left, *p;
u64 value;
p = *pos;
ASSERT (p < end);
first_byte = *p;
p++;
if (first_byte <= 0x3F)
{
*pos = p;
return first_byte;
}
/* remove length bits, encoded in the first two bits of the first byte */
value = first_byte & 0x3F;
bytes_left = (1 << (first_byte >> 6)) - 1;
if (PREDICT_FALSE ((end - p) < bytes_left))
return HTTP_INVALID_VARINT;
do
{
value = (value << 8) | *p;
p++;
}
while (--bytes_left);
*pos = p;
return value;
}
always_inline u8 *
_http_encode_varint (u8 *dst, u64 value)
{
ASSERT (value <= 0x3FFFFFFFFFFFFFFF);
if (value <= 0x3f)
{
*dst++ = (u8) value;
return dst;
}
else if (value <= 0x3FFF)
{
*dst++ = (0b01 << 6) | (u8) (value >> 8);
*dst++ = (u8) value;
return dst;
}
else if (value <= 0x3FFFFFFF)
{
*dst++ = (0b10 << 6) | (u8) (value >> 24);
*dst++ = (u8) (value >> 16);
*dst++ = (u8) (value >> 8);
*dst++ = (u8) value;
return dst;
}
else
{
*dst++ = (0b11 << 6) | (u8) (value >> 56);
*dst++ = (u8) (value >> 48);
*dst++ = (u8) (value >> 40);
*dst++ = (u8) (value >> 32);
*dst++ = (u8) (value >> 24);
*dst++ = (u8) (value >> 16);
*dst++ = (u8) (value >> 8);
*dst++ = (u8) value;
return dst;
}
}
always_inline int
_http_parse_capsule (u8 *data, u64 len, u64 *type, u8 *value_offset,
u64 *value_len)
{
u64 capsule_type, capsule_value_len;
u8 *p = data;
u8 *end = data + len;
capsule_type = _http_decode_varint (&p, end);
if (capsule_type == HTTP_INVALID_VARINT)
{
clib_warning ("failed to parse capsule type");
return -1;
}
if (p == end)
{
clib_warning ("capsule length missing");
return -1;
}
capsule_value_len = _http_decode_varint (&p, end);
if (capsule_value_len == HTTP_INVALID_VARINT)
{
clib_warning ("failed to parse capsule length");
return -1;
}
*type = capsule_type;
*value_offset = p - data;
*value_len = capsule_value_len;
return 0;
}
/**
* Decapsulate UDP payload from datagram capsule.
*
* @param data Input buffer.
* @param len Length of given buffer.
* @param payload_offset Offset of the UDP proxying payload (ignore if capsule
* should be skipped).
* @param payload_len Length of the UDP proxying payload (or number of bytes
* to skip).
*
* @return @c -1 if capsule datagram is invalid (session need to be aborted)
* @return @c 0 if capsule contains UDP payload
* @return @c 1 if capsule should be skipped
*/
always_inline int
http_decap_udp_payload_datagram (u8 *data, u64 len, u8 *payload_offset,
u64 *payload_len)
{
int rv;
u8 *p = data;
u8 *end = data + len;
u64 capsule_type, value_len, context_id;
u8 value_offset;
rv = _http_parse_capsule (p, len, &capsule_type, &value_offset, &value_len);
if (rv)
return rv;
/* skip unknown capsule type or empty capsule */
if ((capsule_type != HTTP_CAPSULE_TYPE_DATAGRAM) || (value_len == 0))
{
*payload_len = value_len + value_offset;
return 1;
}
p += value_offset;
if (p == end)
{
clib_warning ("context ID missing");
return -1;
}
/* context ID field should be zero (RFC9298 section 4) */
context_id = _http_decode_varint (&p, end);
if (context_id != 0)
{
*payload_len = value_len + value_offset;
return 1;
}
*payload_offset = p - data;
*payload_len = value_len - 1;
/* payload longer than 65527 is considered as error (RFC9298 section 5) */
if (*payload_len > HTTP_UDP_PAYLOAD_MAX_LEN)
{
clib_warning ("UDP payload length too long");
return -1;
}
return 0;
}
/**
* Encapsulate UDP payload to datagram capsule.
*
* @param buf Capsule buffer under construction.
* @param payload_len Length of the UDP proxying payload.
*
* @return Pointer to the UDP payload in capsule buffer.
*
* @note Capsule buffer need extra @c HTTP_UDP_PROXY_DATAGRAM_CAPSULE_OVERHEAD
* bytes to be allocated.
*/
always_inline u8 *
http_encap_udp_payload_datagram (u8 *buf, u64 payload_len)
{
/* capsule type */
*buf++ = HTTP_CAPSULE_TYPE_DATAGRAM;
/* capsule length */
buf = _http_encode_varint (buf, payload_len + 1);
/* context ID */
*buf++ = 0;
return buf;
}
#endif /* SRC_PLUGINS_HTTP_HTTP_H_ */
/*
* fd.io coding-style-patch-verification: ON
*
* Local Variables:
* eval: (c-set-style "gnu")
* End:
*/
Reference in New Issue View Git Blame Copy Permalink