testHttp1Parser.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #include "squid.h"
10 
11 #include <cppunit/TestAssert.h>
12 
13 #define private public
14 #define protected public
15 
16 #include "compat/cppunit.h"
17 #include "debug/Stream.h"
18 #include "http/one/RequestParser.h"
19 #include "http/RequestMethod.h"
20 #include "MemBuf.h"
21 #include "SquidConfig.h"
22 #include "unitTestMain.h"
23 
24 class TestHttp1Parser : public CPPUNIT_NS::TestFixture
25 {
26  CPPUNIT_TEST_SUITE(TestHttp1Parser);
27  // object basics are working, just in case.
28  CPPUNIT_TEST(testParserConstruct);
29  CPPUNIT_TEST(testDripFeed);
30  CPPUNIT_TEST(testParseRequestLineMethods);
31  CPPUNIT_TEST(testParseRequestLineProtocols);
32  CPPUNIT_TEST(testParseRequestLineTerminators);
33  CPPUNIT_TEST(testParseRequestLineStrange);
34  CPPUNIT_TEST(testParseRequestLineInvalid);
35  CPPUNIT_TEST_SUITE_END();
36 
37 protected:
38  void globalSetup(); // MemPools init etc.
39 
40  void testParserConstruct(); // whether the constructor works
41 
42  // request-line unit tests
43  void testParseRequestLineTerminators(); // terminator detection correct
44  void testParseRequestLineMethods(); // methoid detection correct
45  void testParseRequestLineProtocols(); // protocol tokens handled correctly
46  void testParseRequestLineStrange(); // strange but valid lines accepted
47  void testParseRequestLineInvalid(); // rejection of invalid lines happens
48 
49  void testDripFeed(); // test incremental parse works
50 };
51 
52 CPPUNIT_TEST_SUITE_REGISTRATION( TestHttp1Parser );
53 
54 void
55 TestHttp1Parser::globalSetup()
56 {
57  static bool setup_done = false;
58  if (setup_done)
59  return;
60 
61  Mem::Init();
62  setup_done = true;
63 
64  // default to strict parser. set for loose parsing specifically where behaviour differs.
65  Config.onoff.relaxed_header_parser = 0;
66 
67  Config.maxRequestHeaderSize = 1024; // XXX: unit test the RequestParser handling of this limit
68 }
69 
70 struct resultSet {
71  bool parsed;
72  bool needsMore;
73  Http1::ParseState parserState;
74  Http::StatusCode status;
75  SBuf::size_type suffixSz;
76  HttpRequestMethod method;
77  const char *uri;
78  AnyP::ProtocolVersion version;
79 };
80 
81 // define SQUID_DEBUG_TESTS to see exactly which test sub-cases fail and where
82 #ifdef SQUID_DEBUG_TESTS
83 // not optimized for runtime use
84 static void
85 Replace(SBuf &where, const SBuf &what, const SBuf &with)
86 {
87  // prevent infinite loops
88  if (!what.length() || with.find(what) != SBuf::npos)
89  return;
90 
91  SBuf::size_type pos = 0;
92  while ((pos = where.find(what, pos)) != SBuf::npos) {
93  SBuf buf = where.substr(0, pos);
94  buf.append(with);
95  buf.append(where.substr(pos+what.length()));
96  where = buf;
97  pos += with.length();
98  }
99 }
100 
101 static SBuf Pretty(SBuf raw)
102 {
103  Replace(raw, SBuf("\r"), SBuf("\\r"));
104  Replace(raw, SBuf("\n"), SBuf("\\n"));
105  return raw;
106 }
107 #endif
108 
109 static void
110 testResults(int line, const SBuf &input, Http1::RequestParser &output, struct resultSet &expect)
111 {
112 #ifdef SQUID_DEBUG_TESTS
113  std::cerr << "TEST @" << line << ", in=" << Pretty(input) << "\n";
114 #else
115  (void)line;
116 #endif
117 
118  const bool parsed = output.parse(input);
119 
120 #ifdef SQUID_DEBUG_TESTS
121  if (expect.parsed != parsed)
122  std::cerr << "\tparse-FAILED: " << expect.parsed << "!=" << parsed << "\n";
123  else if (parsed && expect.method != output.method_)
124  std::cerr << "\tmethod-FAILED: " << expect.method << "!=" << output.method_ << "\n";
125  if (expect.status != output.parseStatusCode)
126  std::cerr << "\tscode-FAILED: " << expect.status << "!=" << output.parseStatusCode << "\n";
127  if (expect.suffixSz != output.buf_.length())
128  std::cerr << "\tsuffixSz-FAILED: " << expect.suffixSz << "!=" << output.buf_.length() << "\n";
129 #endif
130 
131  // runs the parse
132  CPPUNIT_ASSERT_EQUAL(expect.parsed, parsed);
133 
134  // if parsing was successful, check easily visible field outputs
135  if (parsed) {
136  CPPUNIT_ASSERT_EQUAL(expect.method, output.method_);
137  if (expect.uri != nullptr)
138  CPPUNIT_ASSERT_EQUAL(0, output.uri_.cmp(expect.uri));
139  CPPUNIT_ASSERT_EQUAL(expect.version, output.msgProtocol_);
140  }
141 
142  CPPUNIT_ASSERT_EQUAL(expect.status, output.parseStatusCode);
143 
144  // check more obscure states
145  CPPUNIT_ASSERT_EQUAL(expect.needsMore, output.needsMoreData());
146  if (output.needsMoreData())
147  CPPUNIT_ASSERT_EQUAL(expect.parserState, output.parsingStage_);
148  CPPUNIT_ASSERT_EQUAL(expect.suffixSz, output.buf_.length());
149 }
150 
151 void
152 TestHttp1Parser::testParserConstruct()
153 {
154  // whether the constructor works
155  {
156  Http1::RequestParser output;
157  CPPUNIT_ASSERT_EQUAL(true, output.needsMoreData());
158  CPPUNIT_ASSERT_EQUAL(Http1::HTTP_PARSE_NONE, output.parsingStage_);
159  CPPUNIT_ASSERT_EQUAL(Http::scNone, output.parseStatusCode); // XXX: clear() not being called.
160  CPPUNIT_ASSERT(output.buf_.isEmpty());
161  CPPUNIT_ASSERT_EQUAL(HttpRequestMethod(Http::METHOD_NONE), output.method_);
162  CPPUNIT_ASSERT(output.uri_.isEmpty());
163  CPPUNIT_ASSERT_EQUAL(AnyP::ProtocolVersion(), output.msgProtocol_);
164  }
165 
166  // whether new() works
167  {
168  Http1::RequestParser *output = new Http1::RequestParser;
169  CPPUNIT_ASSERT_EQUAL(true, output->needsMoreData());
170  CPPUNIT_ASSERT_EQUAL(Http1::HTTP_PARSE_NONE, output->parsingStage_);
171  CPPUNIT_ASSERT_EQUAL(Http::scNone, output->parseStatusCode);
172  CPPUNIT_ASSERT(output->buf_.isEmpty());
173  CPPUNIT_ASSERT_EQUAL(HttpRequestMethod(Http::METHOD_NONE), output->method_);
174  CPPUNIT_ASSERT(output->uri_.isEmpty());
175  CPPUNIT_ASSERT_EQUAL(AnyP::ProtocolVersion(), output->msgProtocol_);
176  delete output;
177  }
178 }
179 
180 void
181 TestHttp1Parser::testParseRequestLineProtocols()
182 {
183  // ensure MemPools etc exist
184  globalSetup();
185 
186  SBuf input;
187  Http1::RequestParser output;
188 
189  // TEST: Do we comply with RFC 1945 section 5.1 ?
190  // TEST: Do we comply with RFC 7230 sections 2.6, 3.1.1 and 3.5 ?
191 
192  // RFC 1945 : HTTP/0.9 simple-request
193  {
194  input.append("GET /\r\n", 7);
195  struct resultSet expect = {
196  .parsed = true,
197  .needsMore = false,
198  .parserState = Http1::HTTP_PARSE_DONE,
199  .status = Http::scOkay,
200  .suffixSz = 0,
201  .method = HttpRequestMethod(Http::METHOD_GET),
202  .uri = "/",
203  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,0,9)
204  };
205  output.clear();
206  testResults(__LINE__, input, output, expect);
207  input.clear();
208  }
209 
210  // RFC 1945 : invalid HTTP/0.9 simple-request (only GET is valid)
211  {
212  input.append("POST /\r\n", 8);
213  struct resultSet expect = {
214  .parsed = false,
215  .needsMore = false,
216  .parserState = Http1::HTTP_PARSE_DONE,
217  .status = Http::scBadRequest,
218  .suffixSz = input.length(),
219  .method = HttpRequestMethod(Http::METHOD_POST),
220  .uri = nullptr,
221  .version = AnyP::ProtocolVersion()
222  };
223  output.clear();
224  testResults(__LINE__, input, output, expect);
225  input.clear();
226  }
227 
228  // RFC 1945 and 7230 : HTTP/1.0 request
229  {
230  input.append("GET / HTTP/1.0\r\n", 16);
231  struct resultSet expect = {
232  .parsed = false,
233  .needsMore = true,
234  .parserState = Http1::HTTP_PARSE_MIME,
235  .status = Http::scOkay,
236  .suffixSz = 0,
237  .method = HttpRequestMethod(Http::METHOD_GET),
238  .uri = "/",
239  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,0)
240  };
241  output.clear();
242  testResults(__LINE__, input, output, expect);
243  input.clear();
244  }
245 
246  // RFC 7230 : HTTP/1.1 request
247  {
248  input.append("GET / HTTP/1.1\r\n", 16);
249  struct resultSet expect = {
250  .parsed = false,
251  .needsMore = true,
252  .parserState = Http1::HTTP_PARSE_MIME,
253  .status = Http::scOkay,
254  .suffixSz = 0,
255  .method = HttpRequestMethod(Http::METHOD_GET),
256  .uri = "/",
257  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
258  };
259  output.clear();
260  testResults(__LINE__, input, output, expect);
261  input.clear();
262  }
263 
264  // RFC 7230 : future 1.x version full-request
265  {
266  input.append("GET / HTTP/1.2\r\n", 16);
267  struct resultSet expect = {
268  .parsed = false,
269  .needsMore = true,
270  .parserState = Http1::HTTP_PARSE_MIME,
271  .status = Http::scOkay,
272  .suffixSz = 0,
273  .method = HttpRequestMethod(Http::METHOD_GET),
274  .uri = "/",
275  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,2)
276  };
277  output.clear();
278  testResults(__LINE__, input, output, expect);
279  input.clear();
280  }
281 
282  // RFC 7230 : future versions do not use 1.x message syntax.
283  // However, it is still valid syntax for the single-digit forms
284  // to appear. The parser we are testing should accept them.
285  {
286  input.append("GET / HTTP/2.0\r\n", 16);
287  struct resultSet expectA = {
288  .parsed = true,
289  .needsMore = false,
290  .parserState = Http1::HTTP_PARSE_DONE,
291  .status = Http::scOkay,
292  .suffixSz = 0,
293  .method = HttpRequestMethod(Http::METHOD_GET),
294  .uri = "/",
295  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,2,0)
296  };
297  output.clear();
298  testResults(__LINE__, input, output, expectA);
299  input.clear();
300 
301  input.append("GET / HTTP/9.9\r\n", 16);
302  struct resultSet expectB = {
303  .parsed = true,
304  .needsMore = false,
305  .parserState = Http1::HTTP_PARSE_DONE,
306  .status = Http::scOkay,
307  .suffixSz = 0,
308  .method = HttpRequestMethod(Http::METHOD_GET),
309  .uri = "/",
310  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,9,9)
311  };
312  output.clear();
313  testResults(__LINE__, input, output, expectB);
314  input.clear();
315  }
316 
317  // RFC 7230 : future versions >= 10.0 are invalid syntax
318  {
319  input.append("GET / HTTP/10.12\r\n", 18);
320  struct resultSet expect = {
321  .parsed = false,
322  .needsMore = false,
323  .parserState = Http1::HTTP_PARSE_MIME,
324  .status = Http::scBadRequest,
325  .suffixSz = input.length(),
326  .method = HttpRequestMethod(Http::METHOD_GET),
327  .uri = "/",
328  .version = AnyP::ProtocolVersion()
329  };
330  output.clear();
331  testResults(__LINE__, input, output, expect);
332  input.clear();
333  }
334 
335  // unknown non-HTTP protocol names
336  {
337  input.append("GET / FOO/1.0\r\n", 15);
338  struct resultSet expect = {
339  .parsed = false,
340  .needsMore = false,
341  .parserState = Http1::HTTP_PARSE_DONE,
342  .status = Http::scBadRequest,
343  .suffixSz = input.length(),
344  .method = HttpRequestMethod(Http::METHOD_GET),
345  .uri = "/",
346  .version = AnyP::ProtocolVersion()
347  };
348  output.clear();
349  testResults(__LINE__, input, output, expect);
350  input.clear();
351  }
352 
353  // no version digits
354  {
355  input.append("GET / HTTP/\r\n", 13);
356  struct resultSet expect = {
357  .parsed = false,
358  .needsMore = false,
359  .parserState = Http1::HTTP_PARSE_DONE,
360  .status = Http::scBadRequest,
361  .suffixSz = input.length(),
362  .method = HttpRequestMethod(Http::METHOD_GET),
363  .uri = "/",
364  .version = AnyP::ProtocolVersion()
365  };
366  output.clear();
367  testResults(__LINE__, input, output, expect);
368  input.clear();
369  }
370 
371  // no major version
372  {
373  input.append("GET / HTTP/.1\r\n", 15);
374  struct resultSet expect = {
375  .parsed = false,
376  .needsMore = false,
377  .parserState = Http1::HTTP_PARSE_DONE,
378  .status = Http::scBadRequest,
379  .suffixSz = input.length(),
380  .method = HttpRequestMethod(Http::METHOD_GET),
381  .uri = "/",
382  .version = AnyP::ProtocolVersion()
383  };
384  output.clear();
385  testResults(__LINE__, input, output, expect);
386  input.clear();
387  }
388 
389  // no version dot
390  {
391  input.append("GET / HTTP/11\r\n", 15);
392  struct resultSet expect = {
393  .parsed = false,
394  .needsMore = false,
395  .parserState = Http1::HTTP_PARSE_DONE,
396  .status = Http::scBadRequest,
397  .suffixSz = input.length(),
398  .method = HttpRequestMethod(Http::METHOD_GET),
399  .uri = "/",
400  .version = AnyP::ProtocolVersion()
401  };
402  output.clear();
403  testResults(__LINE__, input, output, expect);
404  input.clear();
405  }
406 
407  // negative major version (bug 3062)
408  {
409  input.append("GET / HTTP/-999999.1\r\n", 22);
410  struct resultSet expect = {
411  .parsed = false,
412  .needsMore = false,
413  .parserState = Http1::HTTP_PARSE_DONE,
414  .status = Http::scBadRequest,
415  .suffixSz = input.length(),
416  .method = HttpRequestMethod(Http::METHOD_GET),
417  .uri = "/",
418  .version = AnyP::ProtocolVersion()
419  };
420  output.clear();
421  testResults(__LINE__, input, output, expect);
422  input.clear();
423  }
424 
425  // no minor version
426  {
427  input.append("GET / HTTP/1.\r\n", 15);
428  struct resultSet expect = {
429  .parsed = false,
430  .needsMore = false,
431  .parserState = Http1::HTTP_PARSE_DONE,
432  .status = Http::scBadRequest,
433  .suffixSz = input.length(),
434  .method = HttpRequestMethod(Http::METHOD_GET),
435  .uri = "/",
436  .version = AnyP::ProtocolVersion()
437  };
438  output.clear();
439  testResults(__LINE__, input, output, expect);
440  input.clear();
441  }
442 
443  // negative major version (bug 3062 corollary)
444  {
445  input.append("GET / HTTP/1.-999999\r\n", 22);
446  struct resultSet expect = {
447  .parsed = false,
448  .needsMore = false,
449  .parserState = Http1::HTTP_PARSE_DONE,
450  .status = Http::scBadRequest,
451  .suffixSz = input.length(),
452  .method = HttpRequestMethod(Http::METHOD_GET),
453  .uri = "/",
454  .version = AnyP::ProtocolVersion()
455  };
456  output.clear();
457  testResults(__LINE__, input, output, expect);
458  input.clear();
459  }
460 }
461 
462 void
463 TestHttp1Parser::testParseRequestLineStrange()
464 {
465  // ensure MemPools etc exist
466  globalSetup();
467 
468  SBuf input;
469  Http1::RequestParser output;
470 
471  // space padded URL
472  {
473  input.append("GET / HTTP/1.1\r\n", 21);
474  // when being tolerant extra (sequential) SP delimiters are acceptable
475  Config.onoff.relaxed_header_parser = 1;
476  struct resultSet expect = {
477  .parsed = false,
478  .needsMore = true,
479  .parserState = Http1::HTTP_PARSE_MIME,
480  .status = Http::scOkay,
481  .suffixSz = 0,
482  .method = HttpRequestMethod(Http::METHOD_GET),
483  .uri = "/",
484  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
485  };
486  output.clear();
487  testResults(__LINE__, input, output, expect);
488 
489  Config.onoff.relaxed_header_parser = 0;
490  struct resultSet expectStrict = {
491  .parsed = false,
492  .needsMore = false,
493  .parserState = Http1::HTTP_PARSE_DONE,
494  .status = Http::scBadRequest,
495  .suffixSz = input.length(),
496  .method = HttpRequestMethod(),
497  .uri = nullptr,
498  .version = AnyP::ProtocolVersion()
499  };
500  output.clear();
501  testResults(__LINE__, input, output, expectStrict);
502  input.clear();
503  }
504 
505  // whitespace inside URI. (nasty but happens)
506  {
507  input.append("GET /fo o/ HTTP/1.1\r\n", 21);
508  Config.onoff.relaxed_header_parser = 1;
509  struct resultSet expect = {
510  .parsed = false,
511  .needsMore = true,
512  .parserState = Http1::HTTP_PARSE_MIME,
513  .status = Http::scOkay,
514  .suffixSz = 0,
515  .method = HttpRequestMethod(Http::METHOD_GET),
516  .uri = "/fo o/",
517  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
518  };
519  output.clear();
520  testResults(__LINE__, input, output, expect);
521 
522  Config.onoff.relaxed_header_parser = 0;
523  struct resultSet expectStrict = {
524  .parsed = false,
525  .needsMore = false,
526  .parserState = Http1::HTTP_PARSE_DONE,
527  .status = Http::scBadRequest,
528  .suffixSz = input.length(),
529  .method = HttpRequestMethod(),
530  .uri = nullptr,
531  .version = AnyP::ProtocolVersion()
532  };
533  output.clear();
534  testResults(__LINE__, input, output, expectStrict);
535  input.clear();
536  }
537 
538  // additional data in buffer
539  {
540  input.append("GET / HTTP/1.1\r\nboo!", 20);
541  struct resultSet expect = {
542  .parsed = false,
543  .needsMore = true,
544  .parserState = Http1::HTTP_PARSE_MIME,
545  .status = Http::scOkay,
546  .suffixSz = 4, // strlen("boo!")
547  .method = HttpRequestMethod(Http::METHOD_GET),
548  .uri = "/",
549  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
550  };
551  output.clear();
552  testResults(__LINE__, input, output, expect);
553  input.clear();
554  Config.onoff.relaxed_header_parser = 0;
555  }
556 }
557 
558 void
559 TestHttp1Parser::testParseRequestLineTerminators()
560 {
561  // ensure MemPools etc exist
562  globalSetup();
563 
564  SBuf input;
565  Http1::RequestParser output;
566 
567  // alternative EOL sequence: NL-only
568  // RFC 7230 tolerance permits omitted CR
569  {
570  input.append("GET / HTTP/1.1\n", 15);
571  Config.onoff.relaxed_header_parser = 1;
572  struct resultSet expect = {
573  .parsed = false,
574  .needsMore = true,
575  .parserState = Http1::HTTP_PARSE_MIME,
576  .status = Http::scOkay,
577  .suffixSz = 0,
578  .method = HttpRequestMethod(Http::METHOD_GET),
579  .uri = "/",
580  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
581  };
582  output.clear();
583  testResults(__LINE__, input, output, expect);
584 
585  Config.onoff.relaxed_header_parser = 0;
586  struct resultSet expectStrict = {
587  .parsed = false,
588  .needsMore = false,
589  .parserState = Http1::HTTP_PARSE_DONE,
590  .status = Http::scBadRequest,
591  .suffixSz = input.length(),
592  .method = HttpRequestMethod(),
593  .uri = nullptr,
594  .version = AnyP::ProtocolVersion()
595  };
596  output.clear();
597  testResults(__LINE__, input, output, expectStrict);
598  input.clear();
599  }
600 
601  // alternative EOL sequence: double-NL-only
602  // RFC 7230 tolerance permits omitted CR
603  // NP: represents a request with no mime headers
604  {
605  input.append("GET / HTTP/1.1\n\n", 16);
606  Config.onoff.relaxed_header_parser = 1;
607  struct resultSet expect = {
608  .parsed = true,
609  .needsMore = false,
610  .parserState = Http1::HTTP_PARSE_DONE,
611  .status = Http::scOkay,
612  .suffixSz = 0,
613  .method = HttpRequestMethod(Http::METHOD_GET),
614  .uri = "/",
615  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
616  };
617  output.clear();
618  testResults(__LINE__, input, output, expect);
619 
620  Config.onoff.relaxed_header_parser = 0;
621  struct resultSet expectStrict = {
622  .parsed = false,
623  .needsMore = false,
624  .parserState = Http1::HTTP_PARSE_DONE,
625  .status = Http::scBadRequest,
626  .suffixSz = input.length(),
627  .method = HttpRequestMethod(),
628  .uri = nullptr,
629  .version = AnyP::ProtocolVersion()
630  };
631  output.clear();
632  testResults(__LINE__, input, output, expectStrict);
633  input.clear();
634  }
635 
636  // space padded version
637  {
638  // RFC 7230 specifies version is followed by CRLF. No intermediary bytes.
639  input.append("GET / HTTP/1.1 \r\n", 17);
640  struct resultSet expect = {
641  .parsed = false,
642  .needsMore = false,
643  .parserState = Http1::HTTP_PARSE_DONE,
644  .status = Http::scBadRequest,
645  .suffixSz = input.length(),
646  .method = HttpRequestMethod(),
647  .uri = nullptr,
648  .version = AnyP::ProtocolVersion()
649  };
650  output.clear();
651  testResults(__LINE__, input, output, expect);
652  input.clear();
653  }
654 }
655 
656 void
657 TestHttp1Parser::testParseRequestLineMethods()
658 {
659  // ensure MemPools etc exist
660  globalSetup();
661 
662  SBuf input;
663  Http1::RequestParser output;
664 
665  // RFC 7230 : dot method
666  {
667  input.append(". / HTTP/1.1\r\n", 14);
668  struct resultSet expect = {
669  .parsed = false,
670  .needsMore = true,
671  .parserState = Http1::HTTP_PARSE_MIME,
672  .status = Http::scOkay,
673  .suffixSz = 0,
674  .method = HttpRequestMethod(SBuf(".")),
675  .uri = "/",
676  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
677  };
678  output.clear();
679  testResults(__LINE__, input, output, expect);
680  input.clear();
681  }
682 
683  // RFC 7230 : special TCHAR method chars
684  {
685  input.append("!#$%&'*+-.^_`|~ / HTTP/1.1\r\n", 28);
686  struct resultSet expect = {
687  .parsed = false,
688  .needsMore = true,
689  .parserState = Http1::HTTP_PARSE_MIME,
690  .status = Http::scOkay,
691  .suffixSz = 0,
692  .method = HttpRequestMethod(SBuf("!#$%&'*+-.^_`|~")),
693  .uri = "/",
694  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
695  };
696  output.clear();
697  testResults(__LINE__, input, output, expect);
698  input.clear();
699  }
700 
701  // OPTIONS with * URL
702  {
703  input.append("OPTIONS * HTTP/1.1\r\n", 20);
704  struct resultSet expect = {
705  .parsed = false,
706  .needsMore = true,
707  .parserState = Http1::HTTP_PARSE_MIME,
708  .status = Http::scOkay,
709  .suffixSz = 0,
710  .method = HttpRequestMethod(Http::METHOD_OPTIONS),
711  .uri = "*",
712  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
713  };
714  output.clear();
715  testResults(__LINE__, input, output, expect);
716  input.clear();
717  }
718 
719  // unknown method
720  {
721  input.append("HELLOWORLD / HTTP/1.1\r\n", 23);
722  struct resultSet expect = {
723  .parsed = false,
724  .needsMore = true,
725  .parserState = Http1::HTTP_PARSE_MIME,
726  .status = Http::scOkay,
727  .suffixSz = 0,
728  .method = HttpRequestMethod(SBuf("HELLOWORLD")),
729  .uri = "/",
730  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
731  };
732  output.clear();
733  testResults(__LINE__, input, output, expect);
734  input.clear();
735  }
736 
737  // method-only
738  {
739  input.append("A\n", 2);
740  struct resultSet expect = {
741  .parsed = false,
742  .needsMore = false,
743  .parserState = Http1::HTTP_PARSE_DONE,
744  .status = Http::scBadRequest,
745  .suffixSz = input.length(),
746  .method = HttpRequestMethod(),
747  .uri = nullptr,
748  .version = AnyP::ProtocolVersion()
749  };
750  output.clear();
751  testResults(__LINE__, input, output, expect);
752  input.clear();
753  }
754 
755  {
756  input.append("GET\n", 4);
757  struct resultSet expect = {
758  .parsed = false,
759  .needsMore = false,
760  .parserState = Http1::HTTP_PARSE_DONE,
761  .status = Http::scBadRequest,
762  .suffixSz = input.length(),
763  .method = HttpRequestMethod(),
764  .uri = nullptr,
765  .version = AnyP::ProtocolVersion()
766  };
767  output.clear();
768  testResults(__LINE__, input, output, expect);
769  input.clear();
770  }
771 
772  // space padded method (SP is reserved so invalid as a method byte)
773  {
774  input.append(" GET / HTTP/1.1\r\n", 17);
775  struct resultSet expect = {
776  .parsed = false,
777  .needsMore = false,
778  .parserState = Http1::HTTP_PARSE_DONE,
779  .status = Http::scBadRequest,
780  .suffixSz = input.length(),
781  .method = HttpRequestMethod(),
782  .uri = nullptr,
783  .version = AnyP::ProtocolVersion()
784  };
785  output.clear();
786  testResults(__LINE__, input, output, expect);
787  input.clear();
788  }
789 
790  // RFC 7230 defined tolerance: ignore empty line(s) prefix on messages
791  {
792  input.append("\r\n\r\n\nGET / HTTP/1.1\r\n", 21);
793  Config.onoff.relaxed_header_parser = 1;
794  struct resultSet expect = {
795  .parsed = false,
796  .needsMore = true,
797  .parserState = Http1::HTTP_PARSE_MIME,
798  .status = Http::scOkay,
799  .suffixSz = 0,
800  .method = HttpRequestMethod(Http::METHOD_GET),
801  .uri = "/",
802  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
803  };
804  output.clear();
805  testResults(__LINE__, input, output, expect);
806 
807  Config.onoff.relaxed_header_parser = 0;
808  struct resultSet expectStrict = {
809  .parsed = false,
810  .needsMore = false,
811  .parserState = Http1::HTTP_PARSE_DONE,
812  .status = Http::scBadRequest,
813  .suffixSz = input.length(),
814  .method = HttpRequestMethod(),
815  .uri = nullptr,
816  .version = AnyP::ProtocolVersion()
817  };
818  output.clear();
819  testResults(__LINE__, input, output, expectStrict);
820  input.clear();
821  }
822 
823  // forbidden character in method
824  {
825  input.append("\tGET / HTTP/1.1\r\n", 17);
826  struct resultSet expect = {
827  .parsed = false,
828  .needsMore = false,
829  .parserState = Http1::HTTP_PARSE_DONE,
830  .status = Http::scBadRequest,
831  .suffixSz = input.length(),
832  .method = HttpRequestMethod(),
833  .uri = nullptr,
834  .version = AnyP::ProtocolVersion()
835  };
836  output.clear();
837  testResults(__LINE__, input, output, expect);
838  input.clear();
839  }
840 
841  // CR in method delimiters
842  {
843  // RFC 7230 section 3.5 permits CR in whitespace but only for tolerant parsers
844  input.append("GET\r / HTTP/1.1\r\n", 17);
845  Config.onoff.relaxed_header_parser = 1;
846  struct resultSet expect = {
847  .parsed = false,
848  .needsMore = true,
849  .parserState = Http1::HTTP_PARSE_MIME,
850  .status = Http::scOkay,
851  .suffixSz = 0,
852  .method = HttpRequestMethod(Http::METHOD_GET),
853  .uri = "/",
854  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
855  };
856  output.clear();
857  testResults(__LINE__, input, output, expect);
858 
859  Config.onoff.relaxed_header_parser = 0;
860  struct resultSet expectStrict = {
861  .parsed = false,
862  .needsMore = false,
863  .parserState = Http1::HTTP_PARSE_DONE,
864  .status = Http::scBadRequest,
865  .suffixSz = input.length(),
866  .method = HttpRequestMethod(),
867  .uri = nullptr,
868  .version = AnyP::ProtocolVersion()
869  };
870  output.clear();
871  testResults(__LINE__, input, output, expectStrict);
872  input.clear();
873  }
874 
875  // tolerant parser delimiters
876  {
877  // RFC 7230 section 3.5 permits certain binary characters as whitespace delimiters
878  input.append("GET\r\t\x0B\x0C / HTTP/1.1\r\n", 20);
879  Config.onoff.relaxed_header_parser = 1;
880  struct resultSet expect = {
881  .parsed = false,
882  .needsMore = true,
883  .parserState = Http1::HTTP_PARSE_MIME,
884  .status = Http::scOkay,
885  .suffixSz = 0,
886  .method = HttpRequestMethod(Http::METHOD_GET),
887  .uri = "/",
888  .version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1)
889  };
890  output.clear();
891  testResults(__LINE__, input, output, expect);
892 
893  Config.onoff.relaxed_header_parser = 0;
894  struct resultSet expectStrict = {
895  .parsed = false,
896  .needsMore = false,
897  .parserState = Http1::HTTP_PARSE_DONE,
898  .status = Http::scBadRequest,
899  .suffixSz = input.length(),
900  .method = HttpRequestMethod(),
901  .uri = nullptr,
902  .version = AnyP::ProtocolVersion()
903  };
904  output.clear();
905  testResults(__LINE__, input, output, expectStrict);
906  input.clear();
907  }
908 }
909 
910 void
911 TestHttp1Parser::testParseRequestLineInvalid()
912 {
913  // ensure MemPools etc exist
914  globalSetup();
915 
916  SBuf input;
917  Http1::RequestParser output;
918 
919  // no method (or method delimiter)
920  {
921  // HTTP/0.9 requires method to be "GET"
922  input.append("/ HTTP/1.0\n", 11);
923  struct resultSet expect = {
924  .parsed = false,
925  .needsMore = false,
926  .parserState = Http1::HTTP_PARSE_DONE,
927  .status = Http::scBadRequest,
928  .suffixSz = input.length(),
929  .method = HttpRequestMethod(),
930  .uri = nullptr,
931  .version = AnyP::ProtocolVersion()
932  };
933  output.clear();
934  testResults(__LINE__, input, output, expect);
935  input.clear();
936  }
937 
938  // no method (with method delimiter)
939  {
940  input.append(" / HTTP/1.0\n", 12);
941  struct resultSet expectStrict = {
942  .parsed = false,
943  .needsMore = false,
944  .parserState = Http1::HTTP_PARSE_DONE,
945  .status = Http::scBadRequest,
946  .suffixSz = input.length(),
947  .method = HttpRequestMethod(),
948  .uri = nullptr,
949  .version = AnyP::ProtocolVersion()
950  };
951  output.clear();
952  testResults(__LINE__, input, output, expectStrict);
953  input.clear();
954  }
955 
956  // binary code after method (invalid)
957  {
958  input.append("GET\x16 / HTTP/1.1\r\n", 17);
959  struct resultSet expect = {
960  .parsed = false,
961  .needsMore = false,
962  .parserState = Http1::HTTP_PARSE_DONE,
963  .status = Http::scBadRequest,
964  .suffixSz = input.length(),
965  .method = HttpRequestMethod(),
966  .uri = nullptr,
967  .version = AnyP::ProtocolVersion()
968  };
969  output.clear();
970  testResults(__LINE__, input, output, expect);
971  input.clear();
972  }
973 
974  // binary code NUL! after method (always invalid)
975  {
976  input.append("GET\0 / HTTP/1.1\r\n", 17);
977  struct resultSet expect = {
978  .parsed = false,
979  .needsMore = false,
980  .parserState = Http1::HTTP_PARSE_DONE,
981  .status = Http::scBadRequest,
982  .suffixSz = input.length(),
983  .method = HttpRequestMethod(),
984  .uri = nullptr,
985  .version = AnyP::ProtocolVersion()
986  };
987  output.clear();
988  testResults(__LINE__, input, output, expect);
989  input.clear();
990  }
991 
992  // Either an RFC 1945 HTTP/0.9 simple-request for an "HTTP/1.1" URI or
993  // an invalid (no URI) HTTP/1.1 request. We treat this as latter, naturally.
994  {
995  input.append("GET HTTP/1.1\r\n", 15);
996  Config.onoff.relaxed_header_parser = 1;
997  struct resultSet expect = {
998  .parsed = false,
999  .needsMore = false,
1000  .parserState = Http1::HTTP_PARSE_DONE,
1001  .status = Http::scBadRequest,
1002  .suffixSz = input.length(),
1003  .method = HttpRequestMethod(),
1004  .uri = nullptr,
1005  .version = AnyP::ProtocolVersion()
1006  };
1007  output.clear();
1008  testResults(__LINE__, input, output, expect);
1009 
1010  Config.onoff.relaxed_header_parser = 0;
1011  struct resultSet expectStrict = {
1012  .parsed = false,
1013  .needsMore = false,
1014  .parserState = Http1::HTTP_PARSE_DONE,
1015  .status = Http::scBadRequest,
1016  .suffixSz = input.length(),
1017  .method = HttpRequestMethod(),
1018  .uri = nullptr,
1019  .version = AnyP::ProtocolVersion()
1020  };
1021  output.clear();
1022  testResults(__LINE__, input, output, expectStrict);
1023  input.clear();
1024  }
1025 
1026  // Either an RFC 1945 HTTP/0.9 simple-request for an "HTTP/1.1" URI or
1027  // an invalid (no URI) HTTP/1.1 request. We treat this as latter, naturally.
1028  {
1029  input.append("GET HTTP/1.1\r\n", 14);
1030  struct resultSet expect = {
1031  .parsed = false,
1032  .needsMore = false,
1033  .parserState = Http1::HTTP_PARSE_DONE,
1034  .status = Http::scBadRequest,
1035  .suffixSz = input.length(),
1036  .method = HttpRequestMethod(),
1037  .uri = nullptr,
1038  .version = AnyP::ProtocolVersion()
1039  };
1040  output.clear();
1041  testResults(__LINE__, input, output, expect);
1042  input.clear();
1043  }
1044 
1045  // binary line
1046  {
1047  input.append("\xB\xC\xE\xF\n", 5);
1048  struct resultSet expect = {
1049  .parsed = false,
1050  .needsMore = false,
1051  .parserState = Http1::HTTP_PARSE_DONE,
1052  .status = Http::scBadRequest,
1053  .suffixSz = input.length(),
1054  .method = HttpRequestMethod(),
1055  .uri = nullptr,
1056  .version = AnyP::ProtocolVersion()
1057  };
1058  output.clear();
1059  testResults(__LINE__, input, output, expect);
1060  input.clear();
1061  }
1062 
1063  // mixed whitespace line
1064  {
1065  input.append("\t \t \t\n", 6);
1066  struct resultSet expect = {
1067  .parsed = false,
1068  .needsMore = false,
1069  .parserState = Http1::HTTP_PARSE_DONE,
1070  .status = Http::scBadRequest,
1071  .suffixSz = input.length(),
1072  .method = HttpRequestMethod(),
1073  .uri = nullptr,
1074  .version = AnyP::ProtocolVersion()
1075  };
1076  output.clear();
1077  testResults(__LINE__, input, output, expect);
1078  input.clear();
1079  }
1080 
1081  // mixed whitespace line with CR
1082  {
1083  input.append("\r \t \n", 6);
1084  struct resultSet expect = {
1085  .parsed = false,
1086  .needsMore = false,
1087  .parserState = Http1::HTTP_PARSE_DONE,
1088  .status = Http::scBadRequest,
1089  .suffixSz = input.length(),
1090  .method = HttpRequestMethod(),
1091  .uri = nullptr,
1092  .version = AnyP::ProtocolVersion()
1093  };
1094  output.clear();
1095  testResults(__LINE__, input, output, expect);
1096  input.clear();
1097  }
1098 }
1099 
1100 void
1101 TestHttp1Parser::testDripFeed()
1102 {
1103  // Simulate a client drip-feeding Squid a few bytes at a time.
1104  // extend the size of the buffer from 0 bytes to full request length
1105  // calling the parser repeatedly as visible data grows.
1106 
1107  SBuf data;
1108  data.append("\n\n\n\n\n\n\n\n\n\n\n\n", 12);
1109  SBuf::size_type garbageEnd = data.length();
1110  data.append("GET ", 4);
1111  data.append("http://example.com/ ", 20);
1112  data.append("HTTP/1.1\r\n", 10);
1113  SBuf::size_type reqLineEnd = data.length() - 1;
1114  data.append("Host: example.com\r\n\r\n", 21);
1115  SBuf::size_type mimeEnd = data.length() - 1;
1116  data.append("...", 3); // trailer to catch mime EOS errors.
1117 
1118  SBuf ioBuf;
1119  Http1::RequestParser hp;
1120 
1121  // start with strict and move on to relaxed
1122  Config.onoff.relaxed_header_parser = 2;
1123 
1124  Config.maxRequestHeaderSize = 1024; // large enough to hold the test data.
1125 
1126  do {
1127 
1128  // state of things we expect right now
1129  struct resultSet expect = {
1130  .parsed = false,
1131  .needsMore = true,
1132  .parserState = Http1::HTTP_PARSE_NONE,
1133  .status = Http::scNone,
1134  .suffixSz = 0,
1135  .method = HttpRequestMethod(),
1136  .uri = nullptr,
1137  .version = AnyP::ProtocolVersion()
1138  };
1139 
1140  ioBuf.clear(); // begins empty for each parser type
1141  hp.clear();
1142 
1143  --Config.onoff.relaxed_header_parser;
1144 
1145  for (SBuf::size_type pos = 0; pos <= data.length(); ++pos) {
1146 
1147  // simulate reading one more byte
1148  ioBuf.append(data.substr(pos,1));
1149 
1150  // strict does not permit the garbage prefix
1151  if (pos < garbageEnd && !Config.onoff.relaxed_header_parser) {
1152  ioBuf.clear();
1153  continue;
1154  }
1155 
1156  // when the garbage is passed we expect to start seeing first-line bytes
1157  if (pos == garbageEnd)
1158  expect.parserState = Http1::HTTP_PARSE_FIRST;
1159 
1160  // all points after garbage start to see accumulated bytes looking for end of current section
1161  if (pos >= garbageEnd)
1162  expect.suffixSz = ioBuf.length();
1163 
1164  // at end of request line expect to see method, URI, version details
1165  // and switch to seeking Mime header section
1166  if (pos == reqLineEnd) {
1167  expect.parserState = Http1::HTTP_PARSE_MIME;
1168  expect.suffixSz = 0; // and a checkpoint buffer reset
1169  expect.status = Http::scOkay;
1170  expect.method = HttpRequestMethod(Http::METHOD_GET);
1171  expect.uri = "http://example.com/";
1172  expect.version = AnyP::ProtocolVersion(AnyP::PROTO_HTTP,1,1);
1173  }
1174 
1175  // one mime header is done we are expecting a new request
1176  // parse results say true and initial data is all gone from the buffer
1177  if (pos == mimeEnd) {
1178  expect.parsed = true;
1179  expect.needsMore = false;
1180  expect.suffixSz = 0; // and a checkpoint buffer reset
1181  }
1182 
1183  testResults(__LINE__, ioBuf, hp, expect);
1184 
1185  // sync the buffers like Squid does
1186  ioBuf = hp.remaining();
1187 
1188  // Squid stops using the parser once it has parsed the first message.
1189  if (!hp.needsMoreData())
1190  break;
1191  }
1192 
1193  } while (Config.onoff.relaxed_header_parser);
1194 
1195 }
1196 
1197 int
1198 main(int argc, char *argv[])
1199 {
1200  return TestProgram().run(argc, argv);
1201 }
1202 
CPPUNIT_TEST_SUITE_REGISTRATION
CPPUNIT_TEST_SUITE_REGISTRATION(TestHttp1Parser)
SBuf::find
size_type find(char c, size_type startPos=0) const
Definition: SBuf.cc:584
SquidConfig::relaxed_header_parser
int relaxed_header_parser
Definition: SquidConfig.h:315
Http::scBadRequest
@ scBadRequest
Definition: StatusCode.h:45
Ftp::ProtocolVersion
AnyP::ProtocolVersion ProtocolVersion()
Protocol version to use in Http::Message structures wrapping FTP messages.
Definition: Elements.cc:24
Http::scNone
@ scNone
Definition: StatusCode.h:21
SBuf::isEmpty
bool isEmpty() const
Definition: SBuf.h:435
TestProgram
implements test program's main() function while enabling customization
Definition: unitTestMain.h:25
Http::One::HTTP_PARSE_MIME
@ HTTP_PARSE_MIME
HTTP/1 mime-header block.
Definition: Parser.h:28
SBuf
Definition: SBuf.h:93
Http::One::Parser::parsingStage_
ParseState parsingStage_
what stage the parser is currently up to
Definition: Parser.h:149
Http::One::Parser::needsMoreData
bool needsMoreData() const
Definition: Parser.h:66
resultSet::version
AnyP::ProtocolVersion version
Definition: testHttp1Parser.cc:78
SquidConfig::onoff
struct SquidConfig::@97 onoff
Http::One::RequestParser::uri_
SBuf uri_
raw copy of the original client request-line URI field
Definition: RequestParser.h:75
TestHttp1Parser::CPPUNIT_TEST
CPPUNIT_TEST(testParserConstruct)
Http::StatusCode
StatusCode
Definition: StatusCode.h:20
SBuf::substr
SBuf substr(size_type pos, size_type n=npos) const
Definition: SBuf.cc:576
SBuf::clear
void clear()
Definition: SBuf.cc:175
Http::METHOD_OPTIONS
@ METHOD_OPTIONS
Definition: MethodType.h:31
TestProgram::run
int run(int argc, char *argv[])
Definition: unitTestMain.h:44
resultSet::parserState
Http1::ParseState parserState
Definition: testHttp1Parser.cc:73
SBuf::size_type
MemBlob::size_type size_type
Definition: SBuf.h:96
Http::One::RequestParser::method_
HttpRequestMethod method_
what request method has been found on the first line
Definition: RequestParser.h:72
TestHttp1Parser::CPPUNIT_TEST_SUITE
CPPUNIT_TEST_SUITE(TestHttp1Parser)
Http::One::HTTP_PARSE_NONE
@ HTTP_PARSE_NONE
initialized, but nothing usefully parsed yet
Definition: Parser.h:23
Http::One::ParseState
ParseState
Definition: Parser.h:22
TestHttp1Parser::testParseRequestLineTerminators
void testParseRequestLineTerminators()
Definition: testHttp1Parser.cc:559
Http::One::Parser::buf_
SBuf buf_
bytes remaining to be parsed
Definition: Parser.h:146
Http::METHOD_POST
@ METHOD_POST
Definition: MethodType.h:26
Http::One::Parser::remaining
const SBuf & remaining() const
the remaining unprocessed section of buffer
Definition: Parser.h:98
TestHttp1Parser::testParseRequestLineInvalid
void testParseRequestLineInvalid()
Definition: testHttp1Parser.cc:911
TestHttp1Parser::testParseRequestLineStrange
void testParseRequestLineStrange()
Definition: testHttp1Parser.cc:463
SBuf::length
size_type length() const
Returns the number of bytes stored in SBuf.
Definition: SBuf.h:419
SquidConfig::maxRequestHeaderSize
size_t maxRequestHeaderSize
Definition: SquidConfig.h:134
Http::One::HTTP_PARSE_FIRST
@ HTTP_PARSE_FIRST
HTTP/1 message first-line.
Definition: Parser.h:24
SBuf::append
SBuf & append(const SBuf &S)
Definition: SBuf.cc:185
Http::One::RequestParser::parse
bool parse(const SBuf &aBuf) override
Definition: RequestParser.cc:336
SBuf::npos
static const size_type npos
Definition: SBuf.h:100
TestHttp1Parser::testParseRequestLineProtocols
void testParseRequestLineProtocols()
Definition: testHttp1Parser.cc:181
Http::One::Parser::parseStatusCode
Http::StatusCode parseStatusCode
Definition: Parser.h:108
Http::One::HTTP_PARSE_DONE
@ HTTP_PARSE_DONE
parsed a message header, or reached a terminal syntax error
Definition: Parser.h:29
AnyP::PROTO_HTTP
@ PROTO_HTTP
Definition: ProtocolType.h:25
SBuf::cmp
int cmp(const SBuf &S, const size_type n) const
shorthand version for compare()
Definition: SBuf.h:279
Http::One::Parser::msgProtocol_
AnyP::ProtocolVersion msgProtocol_
what protocol label has been found in the first line (if any)
Definition: Parser.h:152
resultSet::status
Http::StatusCode status
Definition: testHttp1Parser.cc:74
Http::METHOD_NONE
@ METHOD_NONE
Definition: MethodType.h:22
Mem::Init
void Init()
Definition: old_api.cc:281
TestHttp1Parser::testParseRequestLineMethods
void testParseRequestLineMethods()
Definition: testHttp1Parser.cc:657
resultSet::suffixSz
SBuf::size_type suffixSz
Definition: testHttp1Parser.cc:75
main
int main(int argc, char *argv[])
Definition: testHttp1Parser.cc:1198
testResults
static void testResults(int line, const SBuf &input, Http1::RequestParser &output, struct resultSet &expect)
Definition: testHttp1Parser.cc:110
Http::scOkay
@ scOkay
Definition: StatusCode.h:27
Http::METHOD_GET
@ METHOD_GET
Definition: MethodType.h:25
resultSet::method
HttpRequestMethod method
Definition: testHttp1Parser.cc:76
Http::One::RequestParser::clear
void clear() override
Definition: RequestParser.h:42
resultSet::uri
const char * uri
Definition: testHttp1Parser.cc:77
Config
class SquidConfig Config
Definition: SquidConfig.cc:12

 

Introduction

Documentation

Support

Miscellaneous