From: Stefan Eissing <icing@apache.org>
Date: Tue, 26 Nov 2019 09:36:28 +0000 (+0000)
Subject:   *) mod_http2: Fixed interaction with mod_reqtimeout. A loaded mod_http2 was disabli... 
X-Git-Tag: 2.5.0-alpha2-ci-test-only~1768
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dd8ba2004741b76758873b779e250f5ce9f7b949;p=thirdparty%2Fapache%2Fhttpd.git

  *) mod_http2: Fixed interaction with mod_reqtimeout. A loaded mod_http2 was disabling the
     ssl handshake timeouts. Also, fixed a mistake of the last version that made `H2Direct`
     always `on`, irregardless of configuration. Found and reported by
     <Armin.Abfalterer@united-security-providers.ch> and
     <Marcial.Rion@united-security-providers.ch>. [Stefan Eissing]

  *) mod_http2: Multiple field length violations in the same request no longer cause
     several log entries to be written. [@mkauf]



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1870454 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index d655a0b8ec0..e99096813cc 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,15 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.1
 
+  *) mod_http2: Fixed interaction with mod_reqtimeout. A loaded mod_http2 was disabling the
+     ssl handshake timeouts. Also, fixed a mistake of the last version that made `H2Direct` 
+     always `on`, irregardless of configuration. Found and reported by
+     <Armin.Abfalterer@united-security-providers.ch> and
+     <Marcial.Rion@united-security-providers.ch>. [Stefan Eissing] 
+
+  *) mod_http2: Multiple field length violations in the same request no longer cause
+     several log entries to be written. [@mkauf]
+  
   *) mod_md: v2.2.4 from github, Fixes a compile time issue with OpenSSL 1.0.2 in 
      the new OCSP code. Skips port checks for domain server_rec selection when "tls-alpn-01" 
      is configured explicitly (related to #133). [@mkauf, Stefan Eissing]
diff --git a/modules/http2/h2_config.c b/modules/http2/h2_config.c
index fede8cc255c..53415024b56 100644
--- a/modules/http2/h2_config.c
+++ b/modules/http2/h2_config.c
@@ -269,8 +269,7 @@ static apr_int64_t h2_srv_config_geti64(const h2_config *conf, h2_config_var_t v
         case H2_CONF_UPGRADE:
             return H2_CONFIG_GET(conf, &defconf, h2_upgrade);
         case H2_CONF_DIRECT:
-            return 1;
-            /*return H2_CONFIG_GET(conf, &defconf, h2_direct);*/
+            return H2_CONFIG_GET(conf, &defconf, h2_direct);
         case H2_CONF_TLS_WARMUP_SIZE:
             return H2_CONFIG_GET(conf, &defconf, tls_warmup_size);
         case H2_CONF_TLS_COOLDOWN_SECS:
diff --git a/modules/http2/h2_h2.c b/modules/http2/h2_h2.c
index 4ff1d51d84e..1b69fe3502c 100644
--- a/modules/http2/h2_h2.c
+++ b/modules/http2/h2_h2.c
@@ -542,7 +542,7 @@ int h2_allows_h2_upgrade(request_rec *r)
  * Register various hooks
  */
 static const char* const mod_ssl[]        = { "mod_ssl.c", NULL};
-static const char* const mod_reqtimeout[] = { "mod_reqtimeout.c", NULL};
+static const char* const mod_reqtimeout[] = { "mod_ssl.c", "mod_reqtimeout.c", NULL};
 
 void h2_h2_register_hooks(void)
 {
@@ -553,7 +553,7 @@ void h2_h2_register_hooks(void)
      * a chance to take over before it.
      */
     ap_hook_process_connection(h2_h2_process_conn, 
-                               mod_ssl, mod_reqtimeout, APR_HOOK_LAST);
+                               mod_reqtimeout, NULL, APR_HOOK_LAST);
     
     /* One last chance to properly say goodbye if we have not done so
      * already. */
diff --git a/modules/http2/h2_stream.c b/modules/http2/h2_stream.c
index b93ff196280..6136baa41c9 100644
--- a/modules/http2/h2_stream.c
+++ b/modules/http2/h2_stream.c
@@ -696,19 +696,23 @@ apr_status_t h2_stream_add_header(h2_stream *stream,
     if (name[0] == ':') {
         if ((vlen) > session->s->limit_req_line) {
             /* pseudo header: approximation of request line size check */
-            ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, session->c,  
-                          H2_STRM_LOG(APLOGNO(10178), stream, 
-                                      "Request pseudo header exceeds "
-                                      "LimitRequestFieldSize: %s"), name);
+            if (!h2_stream_is_ready(stream)) {
+                ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, session->c,
+                              H2_STRM_LOG(APLOGNO(10178), stream,
+                                          "Request pseudo header exceeds "
+                                          "LimitRequestFieldSize: %s"), name);
+            }
             error = HTTP_REQUEST_URI_TOO_LARGE;
         }
     }
     else if ((nlen + 2 + vlen) > session->s->limit_req_fieldsize) {
         /* header too long */
-        ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, session->c,  
-                      H2_STRM_LOG(APLOGNO(10180), stream,"Request header exceeds "
-                                  "LimitRequestFieldSize: %.*s"),
-                      (int)H2MIN(nlen, 80), name);
+        if (!h2_stream_is_ready(stream)) {
+            ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, session->c,
+                          H2_STRM_LOG(APLOGNO(10180), stream,"Request header exceeds "
+                                      "LimitRequestFieldSize: %.*s"),
+                          (int)H2MIN(nlen, 80), name);
+        }
         error = HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE;
     }
     
@@ -720,9 +724,11 @@ apr_status_t h2_stream_add_header(h2_stream *stream,
             h2_stream_rst(stream, H2_ERR_ENHANCE_YOUR_CALM);
             return APR_ECONNRESET;
         }
-        ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, session->c, 
-                      H2_STRM_LOG(APLOGNO(10181), stream, "Number of request headers "
-                                  "exceeds LimitRequestFields"));
+        if (!h2_stream_is_ready(stream)) {
+            ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, session->c,
+                          H2_STRM_LOG(APLOGNO(10181), stream, "Number of request headers "
+                                      "exceeds LimitRequestFields"));
+        }
         error = HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE;
     }
     
@@ -782,10 +788,12 @@ apr_status_t h2_stream_end_headers(h2_stream *stream, int eos, size_t raw_bytes)
         ctx.failed_key = NULL;
         apr_table_do(table_check_val_len, &ctx, stream->request->headers, NULL);
         if (ctx.failed_key) {
-            ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, stream->session->c,  
-                          H2_STRM_LOG(APLOGNO(10190), stream,"Request header exceeds "
-                                      "LimitRequestFieldSize: %.*s"),
-                          (int)H2MIN(strlen(ctx.failed_key), 80), ctx.failed_key);
+            if (!h2_stream_is_ready(stream)) {
+                ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, stream->session->c,
+                              H2_STRM_LOG(APLOGNO(), stream,"Request header exceeds "
+                                          "LimitRequestFieldSize: %.*s"),
+                              (int)H2MIN(strlen(ctx.failed_key), 80), ctx.failed_key);
+            }
             set_error_response(stream, HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE);
             /* keep on returning APR_SUCCESS, so that we send a HTTP response and
              * do not RST the stream. */
diff --git a/modules/slotmem/mod_slotmem_shm.c b/modules/slotmem/mod_slotmem_shm.c
index 6dda8f65fec..b86a6e8066e 100644
--- a/modules/slotmem/mod_slotmem_shm.c
+++ b/modules/slotmem/mod_slotmem_shm.c
@@ -21,6 +21,7 @@
  * otherwise.
  */
 
+#include <assert.h>
 #include  "ap_slotmem.h"
 
 #include "httpd.h"
@@ -400,6 +401,7 @@ static apr_status_t slotmem_create(ap_slotmem_instance_t **new,
             else {
                 apr_shm_remove(fname, pool);
                 rv = apr_shm_create(&shm, size, fname, gpool);
+                assert(rv == APR_SUCCESS);
             }
         }
         else {