Bugfix for httpd proxy feature

Denys Vlasenko vda.linux at googlemail.com
Tue Jul 31 11:49:18 UTC 2018 

Jiiiiiiiiiiiiiiiiiiiiiiiiiiiiiim

On Tue, Jul 24, 2018 at 6:13 PM, Denys Vlasenko
<vda.linux at googlemail.com> wrote:
> On Sun, Jul 15, 2018 at 4:42 PM, Denys Vlasenko
> <vda.linux at googlemail.com> wrote:
>> On Fri, Jul 6, 2018 at 3:46 PM, Jim Knopf <osm-berlin at firemail.de> wrote:
>>> Hello list,
>>>
>>>
>>> the httpd applet's proxy feature has glitches. The promise is, quote
>>>
>>> P:/url:[http://]hostname[:port]/new/path
>>> # When /urlXXXXXX is requested, reverse proxy
>>> # it to http://hostname[:port]/new/pathXXXXXX
>>>
>>> urlcopy is not a true copy anymore when it is fdprint'ed to proxy_fd,
>>> this is because percent_decode_in_place() is called after the copy
>>> is created.
>>>
>>> Not fixing this breaks reverse proxying all URIs containing percent
>>> encoded spaces, e.g. - because a decoded URI will be printed out
>>> to proxy_fd instead of the original.
>>>
>>> The fix keeps the logic in place to canonicalize the uri first, before
>>> reverse proxying (one could argue that the uri should be proxied
>>> completely unaltered, except for the prefix rewrite), but percent
>>> (re-)encodes the (canonicalized) string before it is used.
>>>
>>> Please find attached patch that is tried and tested to work.
>>
>> Uh... this looks really not nice... can you test the following approach
>> to this problem? Basically, do not percent-decode if proxy matches:
>>
>> --- a/networking/httpd.c
>> +++ b/networking/httpd.c
>> @@ -2184,13 +2184,21 @@ static void handle_incoming_and_exit(const
>> len_and_sockaddr *fromAddr)
>>                 g_query = tptr;
>>         }
>>
>> -       /* Decode URL escape sequences */
>> -       tptr = percent_decode_in_place(urlcopy, /*strict:*/ 1);
>> -       if (tptr == NULL)
>> -               send_headers_and_exit(HTTP_BAD_REQUEST);
>> -       if (tptr == urlcopy + 1) {
>> -               /* '/' or NUL is encoded */
>> -               send_headers_and_exit(HTTP_NOT_FOUND);
>> +#if ENABLE_FEATURE_HTTPD_PROXY
>> +       proxy_entry = find_proxy_entry(urlcopy);
>> +       if (proxy_entry)
>> +               header_buf = header_ptr = xmalloc(IOBUF_SIZE);
>> +       else
>> +#endif
>> +       {
>> +               /* Decode URL escape sequences */
>> +               tptr = percent_decode_in_place(urlcopy, /*strict:*/ 1);
>> +               if (tptr == NULL)
>> +                       send_headers_and_exit(HTTP_BAD_REQUEST);
>> +               if (tptr == urlcopy + 1) {
>> +                       /* '/' or NUL is encoded */
>> +                       send_headers_and_exit(HTTP_NOT_FOUND);
>> +               }
>>         }
>>
>>         /* Canonicalize path */
>> @@ -2252,12 +2260,6 @@ static void handle_incoming_and_exit(const
>> len_and_sockaddr *fromAddr)
>>                 *tptr = '/';
>>         }
>>
>> -#if ENABLE_FEATURE_HTTPD_PROXY
>> -       proxy_entry = find_proxy_entry(urlcopy);
>> -       if (proxy_entry)
>> -               header_buf = header_ptr = xmalloc(IOBUF_SIZE);
>> -#endif
>> -
>>         if (http_major_version >= '0') {
>>                 /* Request was with "... HTTP/nXXX", and n >= 0 */
>
>
> Jim, is it working for you?

More information about the busybox mailing list