From: "Daniel P. Berrange" <berrange@redhat.com>
To: "Marc-André Lureau" <marcandre.lureau@gmail.com>
Cc: qemu-devel@nongnu.org, "Denis V. Lunev" <den@openvz.org>,
Anton Nefedov <anton.nefedov@virtuozzo.com>
Subject: Re: [Qemu-devel] [PATCH] io: fully parse & validate HTTP headers for websocket protocol handshake
Date: Tue, 28 Feb 2017 13:51:39 +0000 [thread overview]
Message-ID: <20170228135139.GF2720@redhat.com> (raw)
In-Reply-To: <CAJ+F1CJ2WiJy9+atWvJ7cb0C_gzq1_N8zKo6t-KQArVJDuQ6zA@mail.gmail.com>
On Tue, Feb 28, 2017 at 01:48:23PM +0000, Marc-André Lureau wrote:
> Hi
>
> On Tue, Feb 28, 2017 at 4:11 PM Daniel P. Berrange <berrange@redhat.com>
> wrote:
>
> > The current websockets protocol handshake code is very relaxed, just
> > doing crude string searching across the HTTP header data. This causes
> > it to both reject valid connections and fail to reject invalid
> > connections. For example, according to the RFC 6455 it:
> >
> > - MUST reject any method other than "GET"
> > - MUST reject any HTTP version less than "HTTP/1.1"
> > - MUST reject Connection header without "Upgrade" listed
> > - MUST reject Upgrade header which is not 'websocket'
> > - MUST reject missing Host header
> > - MUST treat HTTP header names as case insensitive
> >
> > To do all this validation correctly requires that we fully parse the
> > HTTP headers, populating a data structure containing the header
> > fields.
> >
> > After this change, we also reject any path other than '/'
>
>
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> > io/channel-websock.c | 236
> > ++++++++++++++++++++++++++++++++++++++++++---------
> > 1 file changed, 194 insertions(+), 42 deletions(-)
> >
>
> Looks good, but tests would be welcome, do you have plans for it?
It is a todo item but I've not had time to work on it. All the other
I/O channel implementations share a generall purpose test framework,
but I couldn't wire up websockets to that because we only have an
impl of the server side, not the client. So doing testing for this
will be a bit more involved, but it is certainly something we need
coverage for.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
prev parent reply other threads:[~2017-02-28 13:51 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-28 12:07 [Qemu-devel] [PATCH] io: fully parse & validate HTTP headers for websocket protocol handshake Daniel P. Berrange
2017-02-28 12:59 ` Anton Nefedov
2017-02-28 13:48 ` Marc-André Lureau
2017-02-28 13:51 ` Daniel P. Berrange [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170228135139.GF2720@redhat.com \
--to=berrange@redhat.com \
--cc=anton.nefedov@virtuozzo.com \
--cc=den@openvz.org \
--cc=marcandre.lureau@gmail.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.