BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error

There are incompatible MUST statements in the HTTP/2 specification. Some
require a stream error and others a connection error for the same situation.
As discussed in the thread below, let's always apply the connection error
when relevant (headers-like frame in half-closed(remote)) :

  https://mailarchive.ietf.org/arch/msg/httpbisa/pOIWRBRBdQrw5TDHODZXp8iblcE

This must be backported to 1.9, possibly to 1.8 as well.

diff --git a/src/mux_h2.c b/src/mux_h2.c
index 0a8238dd8cb55e43d3f6421e6982a6c59d54fa9f..6ec53e88f75d83cf58826541cb17591a77637ac2 100644 (file)
--- a/src/mux_h2.c
+++ b/src/mux_h2.c
@@ -2252,9 +2252,14 @@ static void h2_process_demux(struct h2c *h2c)
                if (h2s->st == H2_SS_HREM && h2c->dft != H2_FT_WINDOW_UPDATE &&
                    h2c->dft != H2_FT_RST_STREAM && h2c->dft != H2_FT_PRIORITY) {
                        /* RFC7540#5.1: any frame other than WU/PRIO/RST in
-                        * this state MUST be treated as a stream error
+                        * this state MUST be treated as a stream error.
+                        * 6.2, 6.6 and 6.10 further mandate that HEADERS/
+                        * PUSH_PROMISE/CONTINUATION cause connection errors.
                         */
-                       h2s_error(h2s, H2_ERR_STREAM_CLOSED);
+                       if (h2_ft_bit(h2c->dft) & H2_FT_HDR_MASK)
+                               h2c_error(h2c, H2_ERR_PROTOCOL_ERROR);
+                       else
+                               h2s_error(h2s, H2_ERR_STREAM_CLOSED);
                        goto strm_err;
                }