aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/core/lib/channel/http_server_filter.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/core/lib/channel/http_server_filter.c')
-rw-r--r--src/core/lib/channel/http_server_filter.c296
1 files changed, 140 insertions, 156 deletions
diff --git a/src/core/lib/channel/http_server_filter.c b/src/core/lib/channel/http_server_filter.c
index 3f992977c0..f508231238 100644
--- a/src/core/lib/channel/http_server_filter.c
+++ b/src/core/lib/channel/http_server_filter.c
@@ -39,7 +39,6 @@
#include "src/core/lib/profiling/timers.h"
#include "src/core/lib/slice/percent_encoding.h"
#include "src/core/lib/slice/slice_internal.h"
-#include "src/core/lib/slice/slice_string_helpers.h"
#include "src/core/lib/transport/static_metadata.h"
#define EXPECTED_CONTENT_TYPE "application/grpc"
@@ -48,13 +47,18 @@
extern int grpc_http_trace;
typedef struct call_data {
+ uint8_t seen_path;
+ uint8_t seen_method;
+ uint8_t sent_status;
+ uint8_t seen_scheme;
+ uint8_t seen_te_trailers;
+ uint8_t seen_authority;
+ uint8_t seen_payload_bin;
grpc_linked_mdelem status;
grpc_linked_mdelem content_type;
- /* did this request come with payload-bin */
- bool seen_payload_bin;
/* flag to ensure payload_bin is delivered only once */
- bool payload_bin_delivered;
+ uint8_t payload_bin_delivered;
grpc_metadata_batch *recv_initial_metadata;
bool *recv_idempotent_request;
@@ -79,152 +83,109 @@ typedef struct call_data {
typedef struct channel_data { uint8_t unused; } channel_data;
-static grpc_error *server_filter_outgoing_metadata(grpc_exec_ctx *exec_ctx,
- grpc_call_element *elem,
- grpc_metadata_batch *b) {
- if (b->idx.named.grpc_message != NULL) {
+static grpc_mdelem *server_filter_outgoing_metadata(grpc_exec_ctx *exec_ctx,
+ void *user_data,
+ grpc_mdelem *md) {
+ if (md->key == GRPC_MDSTR_GRPC_MESSAGE) {
grpc_slice pct_encoded_msg = grpc_percent_encode_slice(
- GRPC_MDVALUE(b->idx.named.grpc_message->md),
- grpc_compatible_percent_encoding_unreserved_bytes);
- if (grpc_slice_is_equivalent(pct_encoded_msg,
- GRPC_MDVALUE(b->idx.named.grpc_message->md))) {
+ md->value->slice, grpc_compatible_percent_encoding_unreserved_bytes);
+ if (grpc_slice_is_equivalent(pct_encoded_msg, md->value->slice)) {
grpc_slice_unref_internal(exec_ctx, pct_encoded_msg);
+ return md;
} else {
- grpc_metadata_batch_set_value(exec_ctx, b->idx.named.grpc_message,
- pct_encoded_msg);
+ return grpc_mdelem_from_metadata_strings(
+ exec_ctx, GRPC_MDSTR_GRPC_MESSAGE,
+ grpc_mdstr_from_slice(exec_ctx, pct_encoded_msg));
}
+ } else {
+ return md;
}
- return GRPC_ERROR_NONE;
-}
-
-static void add_error(const char *error_name, grpc_error **cumulative,
- grpc_error *new) {
- if (new == GRPC_ERROR_NONE) return;
- if (*cumulative == GRPC_ERROR_NONE) {
- *cumulative = GRPC_ERROR_CREATE(error_name);
- }
- *cumulative = grpc_error_add_child(*cumulative, new);
}
-static grpc_error *server_filter_incoming_metadata(grpc_exec_ctx *exec_ctx,
- grpc_call_element *elem,
- grpc_metadata_batch *b) {
+static grpc_mdelem *server_filter(grpc_exec_ctx *exec_ctx, void *user_data,
+ grpc_mdelem *md) {
+ grpc_call_element *elem = user_data;
call_data *calld = elem->call_data;
- grpc_error *error = GRPC_ERROR_NONE;
- static const char *error_name = "Failed processing incoming headers";
- if (b->idx.named.method != NULL) {
- if (grpc_mdelem_eq(b->idx.named.method->md, GRPC_MDELEM_METHOD_POST)) {
+ /* Check if it is one of the headers we care about. */
+ if (md == GRPC_MDELEM_TE_TRAILERS || md == GRPC_MDELEM_METHOD_POST ||
+ md == GRPC_MDELEM_METHOD_PUT || md == GRPC_MDELEM_METHOD_GET ||
+ md == GRPC_MDELEM_SCHEME_HTTP || md == GRPC_MDELEM_SCHEME_HTTPS ||
+ md == GRPC_MDELEM_CONTENT_TYPE_APPLICATION_SLASH_GRPC) {
+ /* swallow it */
+ if (md == GRPC_MDELEM_METHOD_POST) {
+ calld->seen_method = 1;
*calld->recv_idempotent_request = false;
*calld->recv_cacheable_request = false;
- } else if (grpc_mdelem_eq(b->idx.named.method->md,
- GRPC_MDELEM_METHOD_PUT)) {
+ } else if (md == GRPC_MDELEM_METHOD_PUT) {
+ calld->seen_method = 1;
*calld->recv_idempotent_request = true;
- } else if (grpc_mdelem_eq(b->idx.named.method->md,
- GRPC_MDELEM_METHOD_GET)) {
+ } else if (md == GRPC_MDELEM_METHOD_GET) {
+ calld->seen_method = 1;
*calld->recv_cacheable_request = true;
- } else {
- add_error(error_name, &error,
- grpc_attach_md_to_error(GRPC_ERROR_CREATE("Bad header"),
- b->idx.named.method->md));
- }
- grpc_metadata_batch_remove(exec_ctx, b, b->idx.named.method);
- } else {
- add_error(error_name, &error,
- grpc_error_set_str(GRPC_ERROR_CREATE("Missing header"),
- GRPC_ERROR_STR_KEY, ":method"));
- }
-
- if (b->idx.named.te != NULL) {
- if (!grpc_mdelem_eq(b->idx.named.te->md, GRPC_MDELEM_TE_TRAILERS)) {
- add_error(error_name, &error,
- grpc_attach_md_to_error(GRPC_ERROR_CREATE("Bad header"),
- b->idx.named.te->md));
+ } else if (md->key == GRPC_MDSTR_SCHEME) {
+ calld->seen_scheme = 1;
+ } else if (md == GRPC_MDELEM_TE_TRAILERS) {
+ calld->seen_te_trailers = 1;
}
- grpc_metadata_batch_remove(exec_ctx, b, b->idx.named.te);
- } else {
- add_error(error_name, &error,
- grpc_error_set_str(GRPC_ERROR_CREATE("Missing header"),
- GRPC_ERROR_STR_KEY, "te"));
- }
-
- if (b->idx.named.scheme != NULL) {
- if (!grpc_mdelem_eq(b->idx.named.scheme->md, GRPC_MDELEM_SCHEME_HTTP) &&
- !grpc_mdelem_eq(b->idx.named.scheme->md, GRPC_MDELEM_SCHEME_HTTPS) &&
- !grpc_mdelem_eq(b->idx.named.scheme->md, GRPC_MDELEM_SCHEME_GRPC)) {
- add_error(error_name, &error,
- grpc_attach_md_to_error(GRPC_ERROR_CREATE("Bad header"),
- b->idx.named.scheme->md));
+ /* TODO(klempner): Track that we've seen all the headers we should
+ require */
+ return NULL;
+ } else if (md->key == GRPC_MDSTR_CONTENT_TYPE) {
+ const char *value_str = grpc_mdstr_as_c_string(md->value);
+ if (strncmp(value_str, EXPECTED_CONTENT_TYPE,
+ EXPECTED_CONTENT_TYPE_LENGTH) == 0 &&
+ (value_str[EXPECTED_CONTENT_TYPE_LENGTH] == '+' ||
+ value_str[EXPECTED_CONTENT_TYPE_LENGTH] == ';')) {
+ /* Although the C implementation doesn't (currently) generate them,
+ any custom +-suffix is explicitly valid. */
+ /* TODO(klempner): We should consider preallocating common values such
+ as +proto or +json, or at least stashing them if we see them. */
+ /* TODO(klempner): Should we be surfacing this to application code? */
+ } else {
+ /* TODO(klempner): We're currently allowing this, but we shouldn't
+ see it without a proxy so log for now. */
+ gpr_log(GPR_INFO, "Unexpected content-type '%s'", value_str);
}
- grpc_metadata_batch_remove(exec_ctx, b, b->idx.named.scheme);
- } else {
- add_error(error_name, &error,
- grpc_error_set_str(GRPC_ERROR_CREATE("Missing header"),
- GRPC_ERROR_STR_KEY, ":scheme"));
- }
-
- if (b->idx.named.content_type != NULL) {
- if (!grpc_mdelem_eq(b->idx.named.content_type->md,
- GRPC_MDELEM_CONTENT_TYPE_APPLICATION_SLASH_GRPC)) {
- if (grpc_slice_buf_start_eq(GRPC_MDVALUE(b->idx.named.content_type->md),
- EXPECTED_CONTENT_TYPE,
- EXPECTED_CONTENT_TYPE_LENGTH) &&
- (GRPC_SLICE_START_PTR(GRPC_MDVALUE(
- b->idx.named.content_type->md))[EXPECTED_CONTENT_TYPE_LENGTH] ==
- '+' ||
- GRPC_SLICE_START_PTR(GRPC_MDVALUE(
- b->idx.named.content_type->md))[EXPECTED_CONTENT_TYPE_LENGTH] ==
- ';')) {
- /* Although the C implementation doesn't (currently) generate them,
- any custom +-suffix is explicitly valid. */
- /* TODO(klempner): We should consider preallocating common values such
- as +proto or +json, or at least stashing them if we see them. */
- /* TODO(klempner): Should we be surfacing this to application code? */
- } else {
- /* TODO(klempner): We're currently allowing this, but we shouldn't
- see it without a proxy so log for now. */
- char *val = grpc_dump_slice(GRPC_MDVALUE(b->idx.named.content_type->md),
- GPR_DUMP_ASCII);
- gpr_log(GPR_INFO, "Unexpected content-type '%s'", val);
- gpr_free(val);
- }
+ return NULL;
+ } else if (md->key == GRPC_MDSTR_TE || md->key == GRPC_MDSTR_METHOD ||
+ md->key == GRPC_MDSTR_SCHEME) {
+ gpr_log(GPR_ERROR, "Invalid %s: header: '%s'",
+ grpc_mdstr_as_c_string(md->key), grpc_mdstr_as_c_string(md->value));
+ /* swallow it and error everything out. */
+ /* TODO(klempner): We ought to generate more descriptive error messages
+ on the wire here. */
+ grpc_call_element_send_cancel(exec_ctx, elem);
+ return NULL;
+ } else if (md->key == GRPC_MDSTR_PATH) {
+ if (calld->seen_path) {
+ gpr_log(GPR_ERROR, "Received :path twice");
+ return NULL;
}
- grpc_metadata_batch_remove(exec_ctx, b, b->idx.named.content_type);
- }
-
- if (b->idx.named.path == NULL) {
- add_error(error_name, &error,
- grpc_error_set_str(GRPC_ERROR_CREATE("Missing header"),
- GRPC_ERROR_STR_KEY, ":path"));
- }
-
- if (b->idx.named.host != NULL) {
- add_error(
- error_name, &error,
- grpc_metadata_batch_substitute(
- exec_ctx, b, b->idx.named.host,
- grpc_mdelem_from_slices(
- exec_ctx, GRPC_MDSTR_AUTHORITY,
- grpc_slice_ref_internal(GRPC_MDVALUE(b->idx.named.host->md)))));
- }
-
- if (b->idx.named.authority == NULL) {
- add_error(error_name, &error,
- grpc_error_set_str(GRPC_ERROR_CREATE("Missing header"),
- GRPC_ERROR_STR_KEY, ":authority"));
- }
-
- if (b->idx.named.grpc_payload_bin != NULL) {
- calld->seen_payload_bin = true;
+ calld->seen_path = 1;
+ return md;
+ } else if (md->key == GRPC_MDSTR_AUTHORITY) {
+ calld->seen_authority = 1;
+ return md;
+ } else if (md->key == GRPC_MDSTR_HOST) {
+ /* translate host to :authority since :authority may be
+ omitted */
+ grpc_mdelem *authority = grpc_mdelem_from_metadata_strings(
+ exec_ctx, GRPC_MDSTR_AUTHORITY, GRPC_MDSTR_REF(md->value));
+ calld->seen_authority = 1;
+ return authority;
+ } else if (md->key == GRPC_MDSTR_GRPC_PAYLOAD_BIN) {
+ /* Retrieve the payload from the value of the 'grpc-internal-payload-bin'
+ header field */
+ calld->seen_payload_bin = 1;
grpc_slice_buffer_add(&calld->read_slice_buffer,
- grpc_slice_ref_internal(
- GRPC_MDVALUE(b->idx.named.grpc_payload_bin->md)));
+ grpc_slice_ref_internal(md->value->slice));
grpc_slice_buffer_stream_init(&calld->read_stream,
&calld->read_slice_buffer, 0);
- grpc_metadata_batch_remove(exec_ctx, b, b->idx.named.grpc_payload_bin);
+ return NULL;
+ } else {
+ return md;
}
-
- return error;
}
static void hs_on_recv(grpc_exec_ctx *exec_ctx, void *user_data,
@@ -232,12 +193,49 @@ static void hs_on_recv(grpc_exec_ctx *exec_ctx, void *user_data,
grpc_call_element *elem = user_data;
call_data *calld = elem->call_data;
if (err == GRPC_ERROR_NONE) {
- err = server_filter_incoming_metadata(exec_ctx, elem,
- calld->recv_initial_metadata);
+ grpc_metadata_batch_filter(exec_ctx, calld->recv_initial_metadata,
+ server_filter, elem);
+ /* Have we seen the required http2 transport headers?
+ (:method, :scheme, content-type, with :path and :authority covered
+ at the channel level right now) */
+ if (calld->seen_method && calld->seen_scheme && calld->seen_te_trailers &&
+ calld->seen_path && calld->seen_authority) {
+ /* do nothing */
+ } else {
+ err = GRPC_ERROR_CREATE("Bad incoming HTTP headers");
+ if (!calld->seen_path) {
+ err = grpc_error_add_child(err,
+ GRPC_ERROR_CREATE("Missing :path header"));
+ }
+ if (!calld->seen_authority) {
+ err = grpc_error_add_child(
+ err, GRPC_ERROR_CREATE("Missing :authority header"));
+ }
+ if (!calld->seen_method) {
+ err = grpc_error_add_child(err,
+ GRPC_ERROR_CREATE("Missing :method header"));
+ }
+ if (!calld->seen_scheme) {
+ err = grpc_error_add_child(err,
+ GRPC_ERROR_CREATE("Missing :scheme header"));
+ }
+ if (!calld->seen_te_trailers) {
+ err = grpc_error_add_child(
+ err, GRPC_ERROR_CREATE("Missing te: trailers header"));
+ }
+ /* Error this call out */
+ if (grpc_http_trace) {
+ const char *error_str = grpc_error_string(err);
+ gpr_log(GPR_ERROR, "Invalid http2 headers: %s", error_str);
+ grpc_error_free_string(error_str);
+ }
+ grpc_call_element_send_cancel(exec_ctx, elem);
+ }
} else {
GRPC_ERROR_REF(err);
}
- grpc_closure_run(exec_ctx, calld->on_done_recv, err);
+ calld->on_done_recv->cb(exec_ctx, calld->on_done_recv->cb_arg, err);
+ GRPC_ERROR_UNREF(err);
}
static void hs_on_complete(grpc_exec_ctx *exec_ctx, void *user_data,
@@ -275,23 +273,13 @@ static void hs_mutate_op(grpc_exec_ctx *exec_ctx, grpc_call_element *elem,
/* grab pointers to our data from the call element */
call_data *calld = elem->call_data;
- if (op->send_initial_metadata != NULL) {
- grpc_error *error = GRPC_ERROR_NONE;
- static const char *error_name = "Failed sending initial metadata";
- add_error(error_name, &error, grpc_metadata_batch_add_head(
- exec_ctx, op->send_initial_metadata,
- &calld->status, GRPC_MDELEM_STATUS_200));
- add_error(error_name, &error,
- grpc_metadata_batch_add_tail(
- exec_ctx, op->send_initial_metadata, &calld->content_type,
- GRPC_MDELEM_CONTENT_TYPE_APPLICATION_SLASH_GRPC));
- add_error(error_name, &error,
- server_filter_outgoing_metadata(exec_ctx, elem,
- op->send_initial_metadata));
- if (error != GRPC_ERROR_NONE) {
- grpc_transport_stream_op_finish_with_failure(exec_ctx, op, error);
- return;
- }
+ if (op->send_initial_metadata != NULL && !calld->sent_status) {
+ calld->sent_status = 1;
+ grpc_metadata_batch_add_head(op->send_initial_metadata, &calld->status,
+ GRPC_MDELEM_STATUS_200);
+ grpc_metadata_batch_add_tail(
+ op->send_initial_metadata, &calld->content_type,
+ GRPC_MDELEM_CONTENT_TYPE_APPLICATION_SLASH_GRPC);
}
if (op->recv_initial_metadata) {
@@ -318,12 +306,8 @@ static void hs_mutate_op(grpc_exec_ctx *exec_ctx, grpc_call_element *elem,
}
if (op->send_trailing_metadata) {
- grpc_error *error = server_filter_outgoing_metadata(
- exec_ctx, elem, op->send_trailing_metadata);
- if (error != GRPC_ERROR_NONE) {
- grpc_transport_stream_op_finish_with_failure(exec_ctx, op, error);
- return;
- }
+ grpc_metadata_batch_filter(exec_ctx, op->send_trailing_metadata,
+ server_filter_outgoing_metadata, elem);
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-29 01:05:11 +0000