From ddb6dbf4cf63e98d3954c5d46e0311abc4fd6cfc Mon Sep 17 00:00:00 2001 From: Marcin Siodelski Date: Tue, 16 Apr 2019 21:57:29 +0200 Subject: [PATCH] [#360,!305] Host header is included in all HA exchanges. --- src/hooks/dhcp/high_availability/ha_service.cc | 15 ++++++++++----- .../tests/ha_service_unittest.cc | 18 ++++++++++++++++++ 2 files changed, 28 insertions(+), 5 deletions(-) diff --git a/src/hooks/dhcp/high_availability/ha_service.cc b/src/hooks/dhcp/high_availability/ha_service.cc index 470674eab0..005cae4f06 100644 --- a/src/hooks/dhcp/high_availability/ha_service.cc +++ b/src/hooks/dhcp/high_availability/ha_service.cc @@ -756,7 +756,8 @@ HAService::asyncSendLeaseUpdate(const QueryPtrType& query, const ParkingLotHandlePtr& parking_lot) { // Create HTTP/1.1 request including our command. PostHttpRequestJsonPtr request = boost::make_shared - (HttpRequest::Method::HTTP_POST, "/", HttpVersion::HTTP_11()); + (HttpRequest::Method::HTTP_POST, "/", HttpVersion::HTTP_11(), + HostHttpHeader(config->getUrl().getHostname())); request->setBodyAsJson(command); request->finalize(); @@ -917,7 +918,8 @@ HAService::asyncSendHeartbeat() { // Create HTTP/1.1 request including our command. PostHttpRequestJsonPtr request = boost::make_shared - (HttpRequest::Method::HTTP_POST, "/", HttpVersion::HTTP_11()); + (HttpRequest::Method::HTTP_POST, "/", HttpVersion::HTTP_11(), + HostHttpHeader(partner_config->getUrl().getHostname())); request->setBodyAsJson(CommandCreator::createHeartbeat(server_type_)); request->finalize(); @@ -1030,7 +1032,8 @@ HAService::asyncDisableDHCPService(HttpClient& http_client, // Create HTTP/1.1 request including our command. PostHttpRequestJsonPtr request = boost::make_shared - (HttpRequest::Method::HTTP_POST, "/", HttpVersion::HTTP_11()); + (HttpRequest::Method::HTTP_POST, "/", HttpVersion::HTTP_11(), + HostHttpHeader(remote_config->getUrl().getHostname())); request->setBodyAsJson(CommandCreator::createDHCPDisable(max_period, server_type_)); @@ -1098,7 +1101,8 @@ HAService::asyncEnableDHCPService(HttpClient& http_client, // Create HTTP/1.1 request including our command. PostHttpRequestJsonPtr request = boost::make_shared - (HttpRequest::Method::HTTP_POST, "/", HttpVersion::HTTP_11()); + (HttpRequest::Method::HTTP_POST, "/", HttpVersion::HTTP_11(), + HostHttpHeader(remote_config->getUrl().getHostname())); request->setBodyAsJson(CommandCreator::createDHCPEnable(server_type_)); request->finalize(); @@ -1225,7 +1229,8 @@ HAService::asyncSyncLeasesInternal(http::HttpClient& http_client, // Create HTTP/1.1 request including our command. PostHttpRequestJsonPtr request = boost::make_shared - (HttpRequest::Method::HTTP_POST, "/", HttpVersion::HTTP_11()); + (HttpRequest::Method::HTTP_POST, "/", HttpVersion::HTTP_11(), + HostHttpHeader(partner_config->getUrl().getHostname())); if (server_type_ == HAServerType::DHCPv4) { request->setBodyAsJson(CommandCreator::createLease4GetPage( boost::dynamic_pointer_cast(last_lease), config_->getSyncPageLimit())); diff --git a/src/hooks/dhcp/high_availability/tests/ha_service_unittest.cc b/src/hooks/dhcp/high_availability/tests/ha_service_unittest.cc index cedc2164b6..36f597d505 100644 --- a/src/hooks/dhcp/high_availability/tests/ha_service_unittest.cc +++ b/src/hooks/dhcp/high_availability/tests/ha_service_unittest.cc @@ -336,6 +336,24 @@ private: // Remember the request received. requests_.push_back(request_json); + // The request must always contain non-empty Host header. + bool invalid_host = false; + try { + auto host_hdr = request_json->getHeader("Host"); + if (host_hdr->getValue().empty()) { + invalid_host = true; + } + + } catch (...) { + // Host header does not exist. + invalid_host = true; + } + + // If invalid host then return Bad Request. + if (invalid_host) { + return (createStockHttpResponse(request, HttpStatusCode::BAD_REQUEST)); + } + int control_result = -1; ElementPtr arguments; -- 2.47.2