aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/http/http.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/plugins/http/http.h')
-rw-r--r--src/plugins/http/http.h530
1 files changed, 522 insertions, 8 deletions
diff --git a/src/plugins/http/http.h b/src/plugins/http/http.h
index dbae5ac4611..e3ee93b6291 100644
--- a/src/plugins/http/http.h
+++ b/src/plugins/http/http.h
@@ -16,6 +16,8 @@
#ifndef SRC_PLUGINS_HTTP_HTTP_H_
#define SRC_PLUGINS_HTTP_HTTP_H_
+#include <ctype.h>
+
#include <vnet/plugin/plugin.h>
#include <vpp/app/version.h>
@@ -83,6 +85,14 @@ typedef enum http_msg_type_
HTTP_MSG_REPLY
} http_msg_type_t;
+typedef enum http_target_form_
+{
+ HTTP_TARGET_ORIGIN_FORM,
+ HTTP_TARGET_ABSOLUTE_FORM,
+ HTTP_TARGET_AUTHORITY_FORM,
+ HTTP_TARGET_ASTERISK_FORM
+} http_target_form_t;
+
#define foreach_http_content_type \
_ (APP_7Z, ".7z", "application / x - 7z - compressed") \
_ (APP_DOC, ".doc", "application / msword") \
@@ -172,12 +182,50 @@ typedef enum http_content_type_
} http_content_type_t;
#define foreach_http_status_code \
+ _ (100, CONTINUE, "100 Continue") \
+ _ (101, SWITCHING_PROTOCOLS, "101 Switching Protocols") \
_ (200, OK, "200 OK") \
+ _ (201, CREATED, "201 Created") \
+ _ (202, ACCEPTED, "202 Accepted") \
+ _ (203, NON_UTHORITATIVE_INFORMATION, "203 Non-Authoritative Information") \
+ _ (204, NO_CONTENT, "204 No Content") \
+ _ (205, RESET_CONTENT, "205 Reset Content") \
+ _ (206, PARTIAL_CONTENT, "206 Partial Content") \
+ _ (300, MULTIPLE_CHOICES, "300 Multiple Choices") \
_ (301, MOVED, "301 Moved Permanently") \
+ _ (302, FOUND, "302 Found") \
+ _ (303, SEE_OTHER, "303 See Other") \
+ _ (304, NOT_MODIFIED, "304 Not Modified") \
+ _ (305, USE_PROXY, "305 Use Proxy") \
+ _ (307, TEMPORARY_REDIRECT, "307 Temporary Redirect") \
+ _ (308, PERMANENT_REDIRECT, "308 Permanent Redirect") \
_ (400, BAD_REQUEST, "400 Bad Request") \
+ _ (401, UNAUTHORIZED, "401 Unauthorized") \
+ _ (402, PAYMENT_REQUIRED, "402 Payment Required") \
+ _ (403, FORBIDDEN, "403 Forbidden") \
_ (404, NOT_FOUND, "404 Not Found") \
_ (405, METHOD_NOT_ALLOWED, "405 Method Not Allowed") \
- _ (500, INTERNAL_ERROR, "500 Internal Server Error")
+ _ (406, NOT_ACCEPTABLE, "406 Not Acceptable") \
+ _ (407, PROXY_AUTHENTICATION_REQUIRED, "407 Proxy Authentication Required") \
+ _ (408, REQUEST_TIMEOUT, "408 Request Timeout") \
+ _ (409, CONFLICT, "409 Conflict") \
+ _ (410, GONE, "410 Gone") \
+ _ (411, LENGTH_REQUIRED, "411 Length Required") \
+ _ (412, PRECONDITION_FAILED, "412 Precondition Failed") \
+ _ (413, CONTENT_TOO_LARGE, "413 Content Too Large") \
+ _ (414, URI_TOO_LONG, "414 URI Too Long") \
+ _ (415, UNSUPPORTED_MEDIA_TYPE, "415 Unsupported Media Type") \
+ _ (416, RANGE_NOT_SATISFIABLE, "416 Range Not Satisfiable") \
+ _ (417, EXPECTATION_FAILED, "417 Expectation Failed") \
+ _ (421, MISDIRECTED_REQUEST, "421 Misdirected Request") \
+ _ (422, UNPROCESSABLE_CONTENT, "422 Unprocessable_Content") \
+ _ (426, UPGRADE_REQUIRED, "426 Upgrade Required") \
+ _ (500, INTERNAL_ERROR, "500 Internal Server Error") \
+ _ (501, NOT_IMPLEMENTED, "501 Not Implemented") \
+ _ (502, BAD_GATEWAY, "502 Bad Gateway") \
+ _ (503, SERVICE_UNAVAILABLE, "503 Service Unavailable") \
+ _ (504, GATEWAY_TIMEOUT, "504 Gateway Timeout") \
+ _ (505, HTTP_VERSION_NOT_SUPPORTED, "505 HTTP Version Not Supported")
typedef enum http_status_code_
{
@@ -187,6 +235,51 @@ typedef enum http_status_code_
HTTP_N_STATUS
} http_status_code_t;
+#define HTTP_HEADER_ACCEPT "Accept"
+#define HTTP_HEADER_ACCEPT_CHARSET "Accept-Charset"
+#define HTTP_HEADER_ACCEPT_ENCODING "Accept-Encoding"
+#define HTTP_HEADER_ACCEPT_LANGUAGE "Accept-Language"
+#define HTTP_HEADER_ACCEPT_RANGES "Accept-Ranges"
+#define HTTP_HEADER_ALLOW "Allow"
+#define HTTP_HEADER_AUTHENTICATION_INFO "Authentication-Info"
+#define HTTP_HEADER_AUTHORIZATION "Authorization"
+#define HTTP_HEADER_CLOSE "Close"
+#define HTTP_HEADER_CONNECTION "Connection"
+#define HTTP_HEADER_CONTENT_ENCODING "Content-Encoding"
+#define HTTP_HEADER_CONTENT_LANGUAGE "Content-Language"
+#define HTTP_HEADER_CONTENT_LENGTH "Content-Length"
+#define HTTP_HEADER_CONTENT_LOCATION "Content-Location"
+#define HTTP_HEADER_CONTENT_RANGE "Content-Range"
+#define HTTP_HEADER_CONTENT_TYPE "Content-Type"
+#define HTTP_HEADER_DATE "Date"
+#define HTTP_HEADER_ETAG "ETag"
+#define HTTP_HEADER_EXPECT "Expect"
+#define HTTP_HEADER_FROM "From"
+#define HTTP_HEADER_HOST "Host"
+#define HTTP_HEADER_IF_MATCH "If-Match"
+#define HTTP_HEADER_IF_MODIFIED_SINCE "If-Modified-Since"
+#define HTTP_HEADER_IF_NONE_MATCH "If-None-Match"
+#define HTTP_HEADER_IF_RANGE "If-Range"
+#define HTTP_HEADER_IF_UNMODIFIED_SINCE "If-Unmodified-Since"
+#define HTTP_HEADER_LAST_MODIFIED "Last-Modified"
+#define HTTP_HEADER_LOCATION "Location"
+#define HTTP_HEADER_MAX_FORWARDS "Max-Forwards"
+#define HTTP_HEADER_PROXY_AUTHENTICATE "Proxy-Authenticate"
+#define HTTP_HEADER_PROXY_AUTHENTICATION_INFO "Proxy-Authentication-Info"
+#define HTTP_HEADER_PROXY_AUTHORIZATION "Proxy-Authorization"
+#define HTTP_HEADER_RANGE "Range"
+#define HTTP_HEADER_REFERER "Referer"
+#define HTTP_HEADER_RETRY_AFTER "Retry-After"
+#define HTTP_HEADER_SERVER "Server"
+#define HTTP_HEADER_TE "TE"
+#define HTTP_HEADER_TRAILER "Trailer"
+#define HTTP_HEADER_TRANSFER_ENCODING "Transfer-Encoding"
+#define HTTP_HEADER_UPGRADE "Upgrade"
+#define HTTP_HEADER_USER_AGENT "User-Agent"
+#define HTTP_HEADER_VARY "Vary"
+#define HTTP_HEADER_VIA "Via"
+#define HTTP_HEADER_WWW_AUTHENTICATE "WWW-Authenticate"
+
typedef enum http_msg_data_type_
{
HTTP_MSG_DATA_INLINE,
@@ -197,6 +290,15 @@ typedef struct http_msg_data_
{
http_msg_data_type_t type;
u64 len;
+ http_target_form_t target_form;
+ u32 target_path_offset;
+ u32 target_path_len;
+ u32 target_query_offset;
+ u32 target_query_len;
+ u32 headers_offset;
+ u32 headers_len;
+ u32 body_offset;
+ u32 body_len;
u8 data[0];
} http_msg_data_t;
@@ -227,6 +329,7 @@ typedef struct http_tc_
http_conn_state_t state;
u32 timer_handle;
+ u8 *app_name;
/*
* Current request
@@ -238,6 +341,15 @@ typedef struct http_tc_
http_buffer_t tx_buf;
u32 to_recv;
u32 bytes_dequeued;
+ http_target_form_t target_form;
+ u32 target_path_offset;
+ u32 target_path_len;
+ u32 target_query_offset;
+ u32 target_query_len;
+ u32 headers_offset;
+ u32 headers_len;
+ u32 body_offset;
+ u32 body_len;
} http_conn_t;
typedef struct http_worker_
@@ -266,14 +378,416 @@ typedef struct http_main_
u32 fifo_size;
} http_main_t;
-static inline int
-http_state_is_tx_valid (http_conn_t *hc)
+always_inline int
+_validate_target_syntax (u8 *target, int is_query, int *is_encoded)
{
- http_state_t state = hc->http_state;
- return (state == HTTP_STATE_APP_IO_MORE_DATA ||
- state == HTTP_STATE_CLIENT_IO_MORE_DATA ||
- state == HTTP_STATE_WAIT_APP_REPLY ||
- state == HTTP_STATE_WAIT_APP_METHOD);
+ int i, encoded = 0;
+
+ static uword valid_chars[4] = {
+ /* !$&'()*+,-./0123456789:;= */
+ 0x2fffffd200000000,
+ /* @ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz~ */
+ 0x47fffffe87ffffff,
+ 0x0000000000000000,
+ 0x0000000000000000,
+ };
+
+ for (i = 0; i < vec_len (target); i++)
+ {
+ if (clib_bitmap_get_no_check (valid_chars, target[i]))
+ continue;
+ /* target was already split after first question mark,
+ * for query it is valid character */
+ if (is_query && target[i] == '?')
+ continue;
+ /* pct-encoded = "%" HEXDIG HEXDIG */
+ if (target[i] == '%')
+ {
+ if ((i + 2) > vec_len (target))
+ return -1;
+ if (!isxdigit (target[i + 1]) || !isxdigit (target[i + 2]))
+ return -1;
+ i += 2;
+ encoded = 1;
+ continue;
+ }
+ clib_warning ("invalid character %d", target[i]);
+ return -1;
+ }
+ if (is_encoded)
+ *is_encoded = encoded;
+ return 0;
+}
+
+/**
+ * An "absolute-path" rule validation (RFC9110 section 4.1).
+ *
+ * @param path Target path to validate.
+ * @param is_encoded Return flag that indicates if percent-encoded (optional).
+ *
+ * @return @c 0 on success.
+ */
+always_inline int
+http_validate_abs_path_syntax (u8 *path, int *is_encoded)
+{
+ return _validate_target_syntax (path, 0, is_encoded);
+}
+
+/**
+ * A "query" rule validation (RFC3986 section 2.1).
+ *
+ * @param query Target query to validate.
+ * @param is_encoded Return flag that indicates if percent-encoded (optional).
+ *
+ * @return @c 0 on success.
+ */
+always_inline int
+http_validate_query_syntax (u8 *query, int *is_encoded)
+{
+ return _validate_target_syntax (query, 1, is_encoded);
+}
+
+#define htoi(x) (isdigit (x) ? (x - '0') : (tolower (x) - 'a' + 10))
+
+/**
+ * Decode percent-encoded data.
+ *
+ * @param src Data to decode.
+ *
+ * @return New vector with decoded data.
+ *
+ * The caller is always responsible to free the returned vector.
+ */
+always_inline u8 *
+http_percent_decode (u8 *src)
+{
+ int i;
+ u8 *decoded_uri = 0;
+
+ for (i = 0; i < vec_len (src); i++)
+ {
+ if (src[i] == '%')
+ {
+ u8 c = (htoi (src[i + 1]) << 4) | htoi (src[i + 2]);
+ vec_add1 (decoded_uri, c);
+ i += 2;
+ }
+ else
+ vec_add1 (decoded_uri, src[i]);
+ }
+ return decoded_uri;
+}
+
+/**
+ * Remove dot segments from path (RFC3986 section 5.2.4)
+ *
+ * @param path Path to sanitize.
+ *
+ * @return New vector with sanitized path.
+ *
+ * The caller is always responsible to free the returned vector.
+ */
+always_inline u8 *
+http_path_remove_dot_segments (u8 *path)
+{
+ u32 *segments = 0, *segments_len = 0, segment_len;
+ u8 *new_path = 0;
+ int i, ii;
+
+ if (!path)
+ return vec_new (u8, 0);
+
+ segments = vec_new (u32, 1);
+ /* first segment */
+ segments[0] = 0;
+ /* find all segments */
+ for (i = 1; i < (vec_len (path) - 1); i++)
+ {
+ if (path[i] == '/')
+ vec_add1 (segments, i + 1);
+ }
+ /* dummy tail */
+ vec_add1 (segments, vec_len (path));
+
+ /* scan all segments for "." and ".." */
+ segments_len = vec_new (u32, vec_len (segments) - 1);
+ for (i = 0; i < vec_len (segments_len); i++)
+ {
+ segment_len = segments[i + 1] - segments[i];
+ if (segment_len == 2 && path[segments[i]] == '.')
+ segment_len = 0;
+ else if (segment_len == 3 && path[segments[i]] == '.' &&
+ path[segments[i] + 1] == '.')
+ {
+ segment_len = 0;
+ /* remove parent (if any) */
+ for (ii = i - 1; ii >= 0; ii--)
+ {
+ if (segments_len[ii])
+ {
+ segments_len[ii] = 0;
+ break;
+ }
+ }
+ }
+ segments_len[i] = segment_len;
+ }
+
+ /* we might end with empty path, so return at least empty vector */
+ new_path = vec_new (u8, 0);
+ /* append all valid segments */
+ for (i = 0; i < vec_len (segments_len); i++)
+ {
+ if (segments_len[i])
+ vec_add (new_path, path + segments[i], segments_len[i]);
+ }
+ vec_free (segments);
+ vec_free (segments_len);
+ return new_path;
+}
+
+always_inline int
+_parse_field_name (u8 **pos, u8 *end, u8 **field_name_start,
+ u32 *field_name_len)
+{
+ u32 name_len = 0;
+ u8 *p;
+
+ static uword tchar[4] = {
+ /* !#$%'*+-.0123456789 */
+ 0x03ff6cba00000000,
+ /* ABCDEFGHIJKLMNOPQRSTUVWXYZ^_`abcdefghijklmnopqrstuvwxyz|~ */
+ 0x57ffffffc7fffffe,
+ 0x0000000000000000,
+ 0x0000000000000000,
+ };
+
+ p = *pos;
+
+ *field_name_start = p;
+ while (p != end)
+ {
+ if (clib_bitmap_get_no_check (tchar, *p))
+ {
+ name_len++;
+ p++;
+ }
+ else if (*p == ':')
+ {
+ if (name_len == 0)
+ {
+ clib_warning ("empty field name");
+ return -1;
+ }
+ *field_name_len = name_len;
+ p++;
+ *pos = p;
+ return 0;
+ }
+ else
+ {
+ clib_warning ("invalid character %d", *p);
+ return -1;
+ }
+ }
+ clib_warning ("field name end not found");
+ return -1;
+}
+
+always_inline int
+_parse_field_value (u8 **pos, u8 *end, u8 **field_value_start,
+ u32 *field_value_len)
+{
+ u32 value_len = 0;
+ u8 *p;
+
+ p = *pos;
+
+ /* skip leading whitespace */
+ while (1)
+ {
+ if (p == end)
+ {
+ clib_warning ("field value not found");
+ return -1;
+ }
+ else if (*p != ' ' && *p != '\t')
+ {
+ break;
+ }
+ p++;
+ }
+
+ *field_value_start = p;
+ while (p != end)
+ {
+ if (*p == '\r')
+ {
+ if ((end - p) < 1)
+ {
+ clib_warning ("incorrect field line end");
+ return -1;
+ }
+ p++;
+ if (*p == '\n')
+ {
+ if (value_len == 0)
+ {
+ clib_warning ("empty field value");
+ return -1;
+ }
+ p++;
+ *pos = p;
+ /* skip trailing whitespace */
+ p = *field_value_start + value_len - 1;
+ while (*p == ' ' || *p == '\t')
+ {
+ p--;
+ value_len--;
+ }
+ *field_value_len = value_len;
+ return 0;
+ }
+ clib_warning ("CR without LF");
+ return -1;
+ }
+ if (*p < ' ' && *p != '\t')
+ {
+ clib_warning ("invalid character %d", *p);
+ return -1;
+ }
+ p++;
+ value_len++;
+ }
+
+ clib_warning ("field value end not found");
+ return -1;
+}
+
+typedef struct
+{
+ u8 *name;
+ u8 *value;
+} http_header_t;
+
+typedef struct
+{
+ http_header_t *headers;
+ uword *value_by_name;
+} http_header_table_t;
+
+/**
+ * Free header table's memory.
+ *
+ * @param ht Header table to free.
+ */
+always_inline void
+http_free_header_table (http_header_table_t *ht)
+{
+ http_header_t *header;
+ vec_foreach (header, ht->headers)
+ {
+ vec_free (header->name);
+ vec_free (header->value);
+ }
+ vec_free (ht->headers);
+ hash_free (ht->value_by_name);
+ clib_mem_free (ht);
+}
+
+/**
+ * Parse headers in given vector.
+ *
+ * @param headers Vector to parse.
+ * @param [out] header_table Parsed headers in case of success.
+ *
+ * @return @c 0 on success.
+ *
+ * The caller is responsible to free the returned @c header_table
+ * using @c http_free_header_table .
+ */
+always_inline int
+http_parse_headers (u8 *headers, http_header_table_t **header_table)
+{
+ u8 *pos, *end, *name_start, *value_start, *name;
+ u32 name_len, value_len;
+ int rv;
+ http_header_t *header;
+ http_header_table_t *ht;
+ uword *p;
+
+ end = headers + vec_len (headers);
+ pos = headers;
+
+ ht = clib_mem_alloc (sizeof (*ht));
+ ht->value_by_name = hash_create_string (0, sizeof (uword));
+ ht->headers = 0;
+ do
+ {
+ rv = _parse_field_name (&pos, end, &name_start, &name_len);
+ if (rv != 0)
+ {
+ http_free_header_table (ht);
+ return rv;
+ }
+ rv = _parse_field_value (&pos, end, &value_start, &value_len);
+ if (rv != 0)
+ {
+ http_free_header_table (ht);
+ return rv;
+ }
+ name = vec_new (u8, name_len);
+ clib_memcpy (name, name_start, name_len);
+ vec_terminate_c_string (name);
+ /* check if header is repeated */
+ p = hash_get_mem (ht->value_by_name, name);
+ if (p)
+ {
+ /* if yes combine values */
+ header = vec_elt_at_index (ht->headers, p[0]);
+ vec_pop (header->value); /* drop null byte */
+ header->value = format (header->value, ", %U%c", format_ascii_bytes,
+ value_start, value_len, 0);
+ vec_free (name);
+ continue;
+ }
+ /* or create new record */
+ vec_add2 (ht->headers, header, sizeof (*header));
+ header->name = name;
+ header->value = vec_new (u8, value_len);
+ clib_memcpy (header->value, value_start, value_len);
+ vec_terminate_c_string (header->value);
+ hash_set_mem (ht->value_by_name, header->name, header - ht->headers);
+ }
+ while (pos != end);
+
+ *header_table = ht;
+
+ return 0;
+}
+
+/**
+ * Try to find given header name in header table.
+ *
+ * @param header_table Header table to search.
+ * @param name Header name to match.
+ *
+ * @return Header's value in case of success, @c 0 otherwise.
+ */
+always_inline const char *
+http_get_header (http_header_table_t *header_table, const char *name)
+{
+ uword *p;
+ http_header_t *header;
+
+ p = hash_get_mem (header_table->value_by_name, name);
+ if (p)
+ {
+ header = vec_elt_at_index (header_table->headers, p[0]);
+ return (const char *) header->value;
+ }
+
+ return 0;
}
#endif /* SRC_PLUGINS_HTTP_HTTP_H_ */