BUG/MAJOR: http_fetch: Get the channel depending on the keyword used

All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 12:02:59 +02:00 · 2019-04-17 12:02:59 +02:00 · 89dc499359
parent 3a4d1bea61
commit 89dc499359
2 changed files with 298 additions and 304 deletions
--- a/include/proto/http_fetch.h
+++ b/include/proto/http_fetch.h
@ -30,17 +30,17 @@
 /* Note: these functions *do* modify the sample. Even in case of success, at
 * least the type and uint value are modified.
 */
-#define CHECK_HTTP_MESSAGE_FIRST() \
-	do { int r = smp_prefetch_http(smp->px, smp->strm, smp->opt, args, smp, 1); if (r <= 0) return r; } while (0)
+#define CHECK_HTTP_MESSAGE_FIRST(chn) \
+	do { int r = smp_prefetch_http(smp->px, smp->strm, smp->opt, (chn), smp, 1); if (r <= 0) return r; } while (0)

-#define CHECK_HTTP_MESSAGE_FIRST_PERM() \
-	do { int r = smp_prefetch_http(smp->px, smp->strm, smp->opt, args, smp, 0); if (r <= 0) return r; } while (0)
+#define CHECK_HTTP_MESSAGE_FIRST_PERM(chn) \
+	do { int r = smp_prefetch_http(smp->px, smp->strm, smp->opt, (chn), smp, 0); if (r <= 0) return r; } while (0)

 int smp_prefetch_http(struct proxy *px, struct stream *s, unsigned int opt,
-                  const struct arg *args, struct sample *smp, int req_vol);
+                  struct channel *chn, struct sample *smp, int req_vol);

 struct htx;
-struct htx *smp_prefetch_htx(struct sample *smp, const struct arg *args);
+struct htx *smp_prefetch_htx(struct sample *smp, struct channel *chn);

 int val_hdr(struct arg *arg, char **err_msg);

--- a/src/http_fetch.c
+++ b/src/http_fetch.c