BUG/MEDIUM: h3: reject frontend CONNECT as currently not implemented

HTTP/3 CONNECT transcoding is not properly implemented on the frontend
side. Neither tunnel mode of application nor extended connect are
currently functional.

Clarify this situation by rejecting any CONNETC attempts on the frontend
side. The stream is thus now closed via a RESET_STREAM with error code
REQUEST_REJECTED.

This should be backported to every stable versions.

diff --git a/src/h3.c b/src/h3.c
index 79266457d6756453194f197fdb2617f0f185a060..849bba2a6fbdd8910e2d04ccd91746b7e9d6fec3 100644 (file)
--- a/src/h3.c
+++ b/src/h3.c
@@ -812,6 +812,11 @@ static ssize_t h3_req_headers_to_htx(struct qcs *qcs, const struct buffer *buf,
                        goto out;
                }
        }
+       else {
+               h3s->err = H3_ERR_REQUEST_REJECTED;
+               len = -1;
+               goto out;
+       }
 
        flags |= HTX_SL_F_VER_11;
        flags |= HTX_SL_F_XFER_LEN;