[squid-dev] [PATCH] Non-HTTP bypass

Tsantilas Christos chtsanti at users.sourceforge.net
Fri Jan 16 11:31:31 UTC 2015 

I am preparing this patch for commit, but I have many problems with 
tests/testHttp1Parser tester.
The most of the problems caused because the changes I made in 
Http1Parser aborts immediately parsing when no valid characters found 
for the request method.

These problems can be fixed however there are 1-2 cases where I am not 
sure about correct fix.

For example Http1PArser without my fixes considers as valid methods:
  - with tabs inside method name, for example "\tGET"
  - with '\0' at the end of method name

About the "\t" probably we should "eat" tabs with spaces in 
skipGarbageLines.
About the '\0' do we have such cases?  The true is that I remember in 
the past, cases where a '\0' is appeared inside HTTP request headers. 
But maybe in these cases we must not include it in HTTP request method, 
but consider it as a space.....



On 01/14/2015 06:00 PM, Amos Jeffries wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 14/01/2015 7:21 a.m., Tsantilas Christos wrote:
>> I made all requested changes/fixes. The patch also ported to latest
>> trunk.
>>
>
>
> Okay, +1 for commit ....
>
> FYI: Alex, kinkie, and myself had a debate on IRC and came to an
> agreement for calling the new directive "on_unsupported_protocol"
> instead of on_first_request_error.
>
> Please feel free to make that naming switch when comitting if you
> like, it does not require another review IMO.
>
> Amos
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (MingW32)
>
> iQEcBAEBAgAGBQJUtpKRAAoJELJo5wb/XPRjtLwH/1L0K9u80Yl95ymszoroP2MB
> TivdghsRQcFO8BIbUkWxVp3M7FghUQY9h/famsxX5R55SiAPOgMmXxoCSWTPe+ID
> 6VPlYdhr8XsUkWuJZ0MwNA1iJO4yM5jGhU9E/kwH4PSbJqD4aP38Wdt+iuG/+753
> px76GFBIVhiW6hVORxW1vXGcnrMcHKaoRwgfnEFSK4QyyDeVr5xVEAQOE0vOluyO
> AWYGd8pEeMl1gcegcYm+OsdBXdQyvoJBSC74andl2PFOqEu/2wybKCZa86s6IXLi
> 0PrwtiGWXlOI868ZNlD0TCRTvrES11OZsxx2P9245HNpWo0IULjYlBui4NDVolA=
> =KsmY
> -----END PGP SIGNATURE-----
> _______________________________________________
> squid-dev mailing list
> squid-dev at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-dev
>

More information about the squid-dev mailing list