httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bjoern A. Zeeb" <bzeeb-li...@lists.zabbadoz.net>
Subject HTTP Version
Date Sat, 26 Apr 2003 11:35:25 GMT
Hi,


----------------------------------------
a) apache 2.0.45 (and just found a 1.3.23 which seems to handle
this the same) seems to accept any HTTP Version greater 1.1 which
seems to be strange - at least if not the major version is > 1:

--- sample ---
Connected to localhost.
Escape character is '^]'.
GET / HTTP/384326472363432.7689
Host: example.com

HTTP/1.1 200 OK
Date: Sat, 26 Apr 2003 10:39:59 GMT
Server: Apache/2.0.45 (Unix)
...
--- sample ---

To reject anything > HTTP_VERSION(1, 1) this (completly untested)
patch might be appropriate (perhaps only reject if >= 2, 0 ?):

--- httpd-2.0.45/server/protocol.c.orig	Sat Mar 29 16:33:29 2003
+++ httpd-2.0.45/server/protocol.c	Sat Apr 26 10:40:17 2003
@@ -937,9 +937,16 @@
     /* we may have switched to another server */
     r->per_dir_config = r->server->lookup_defaults;

-    if ((!r->hostname && (r->proto_num >= HTTP_VERSION(1, 1)))
-        || ((r->proto_num == HTTP_VERSION(1, 1))
-            && !apr_table_get(r->headers_in, "Host"))) {
+    if (r->proto_num > HTTP_VERSION(1, 1)) {
+        r->status = HTTP_VERSION_NOT_SUPPORTED;
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+            "client sent request with HTTP Version greater than 1.1");
+    }
+
+    if (r->status == HTTP_OK &&
+        ((!r->hostname && (r->proto_num >= HTTP_VERSION(1, 1)))
+         || ((r->proto_num == HTTP_VERSION(1, 1)))
+             && !apr_table_get(r->headers_in, "Host"))) {
         /*
          * Client sent us an HTTP/1.1 or later request without telling us the
          * hostname, either with a full URL or a Host: header. We therefore





----------------------------------------
b) apache also seems to accept:

--- sample ---
Connected to localhost.
Escape character is '^]'.
GET / HTTP/||||||.^B^B^B^B^B

HTTP/1.1 200 OK
Date: Sat, 26 Apr 2003 11:05:23 GMT
Server: Apache/2.0.45 (Unix)
...
--- sample ---
Connected to localhost.
Escape character is '^]'.
GET /
HTTP/djfhjsdhfjshdfjsdhjfhdsjfhjdshfjdhdjhjfdsfdsf.dfhyhfnv7dy74ynfljnsu9hf^[[20~9h3ouovubvuoshhf08h0spjspigh085083u^[[19~^[OR75^[[19~8hpt^[[19~yv^[[18~y^[[18~x^[[18~^[[20~vd^[[20~f7^[[20~^[[18~duvd^[[20~^[[18~f^[[18~d^[[20~f^[[20~gd

HTTP/1.1 200 OK
Date: Sat, 26 Apr 2003 11:06:13 GMT
Server: Apache/2.0.45 (Unix)
Last-Modified: Thu, 24 Apr 2003 19:12:21 GMT
ETag: "11de3-81-427c2f40"
Accept-Ranges: bytes
Content-Length: 129
Connection: close
Content-Type: text/html; charset=ISO-8859-1

<html>
        <head>
...
--- sample ---

--- log ---
127.0.0.1 - - [26/Apr/2003:11:05:23 +0000] "GET / HTTP/||||||.aaaaa" 200 129 "-"
127.0.0.1 - - [26/Apr/2003:11:06:13 +0000] "GET / HTTP/djfhjsdhfjshdfjsdhjfhdsjfhjdshfjdhdjhjfdsfdsf.dfhyhfnv7dy74ynfljnsu9hf9h3ouovubvuoshhf08h0spjspigh085083uR758hptyvyxvdf7duvdfdfgd"
200 129 "-" "-"
--- log ---

This is a BUG:

	DIGIT          = <any US-ASCII digit "0".."9">
	HTTP-Version   = "HTTP" "/" 1*DIGIT "." 1*DIGIT



[
There might be more problems around the following lines in server/protocol.c:

    else if (3 == sscanf(r->protocol, "%4s/%u.%u", http, &major, &minor)
             && (strcasecmp("http", http) == 0)
             && (minor < HTTP_VERSION(1, 0)) ) /* don't allow HTTP/0.1000 */
        r->proto_num = HTTP_VERSION(major, minor);
     else
        r->proto_num = HTTP_VERSION(1, 0);

     return 1;

p.ex. it shouldn't be strcasecmp ?
is keeping r->status correct ?
should we really have a default catchall ?
]






----------------------------------------
c) rfc2616, 19.6 Compatibility with Previous Versions
--- excerpt ---
	... we would expect commercial HTTP/1.1 servers to:

      - respond appropriately with a message in the same major version
        used by the client.
--- /excerpt ---

shouldn't apache also support this ?

--- sample ---
Connected to localhost.
Escape character is '^]'.
GET / HTTP/0.9

HTTP/1.1 200 OK
Date: Sat, 26 Apr 2003 10:38:48 GMT
Server: Apache/2.0.45 (Unix)
Last-Modified: Thu, 24 Apr 2003 19:12:21 GMT
...
--- sample ---


-- 
Greetings

Bjoern A. Zeeb				bzeeb at Zabbadoz dot NeT
56 69 73 69 74				http://www.zabbadoz.net/

Mime
View raw message