From c1ec990a37d22342c48ad5f541f1d3204d7fd864 Mon Sep 17 00:00:00 2001 From: "Alan M. Carroll" Date: Thu, 30 Jul 2020 15:50:16 -0500 Subject: [PATCH] Move the direct self loop check later to HttpSM::do_http_server_open just before connection upstream. This closed #7052 --- proxy/http/HttpSM.cc | 6 ++++++ proxy/http/HttpTransact.cc | 22 ++++++++++------------ proxy/http/HttpTransact.h | 2 +- 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index db0fc62debf..ae4b5a03adf 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -4938,6 +4938,12 @@ HttpSM::do_http_server_open(bool raw) } } + // Check for self loop. + if (HttpTransact::will_this_request_self_loop(&t_state)) { + call_transact_and_set_next_state(HttpTransact::SelfLoop); + return; + } + // If this is not a raw connection, we try to get a session from the // shared session pool. Raw connections are for SSLs tunnel and // require a new connection diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc index d7e90ba95cc..ef7781dfd90 100644 --- a/proxy/http/HttpTransact.cc +++ b/proxy/http/HttpTransact.cc @@ -845,6 +845,16 @@ HttpTransact::Forbidden(State *s) TRANSACT_RETURN(SM_ACTION_SEND_ERROR_CACHE_NOOP, nullptr); } +void +HttpTransact::SelfLoop(State *s) +{ + TxnDebug("http_trans", "[Loop]" + "Request will selfloop."); + bootstrap_state_variables_from_request(s, &s->hdr_info.client_request); + build_error_response(s, HTTP_STATUS_BAD_REQUEST, "Direct self loop detected", "request#cycle_detected"); + TRANSACT_RETURN(SM_ACTION_SEND_ERROR_CACHE_NOOP, nullptr); +} + void HttpTransact::TooEarly(State *s) { @@ -1856,17 +1866,6 @@ HttpTransact::OSDNSLookup(State *s) TRANSACT_RETURN(SM_ACTION_SEND_ERROR_CACHE_NOOP, nullptr); } - // detect whether we are about to self loop. the client may have - // specified the proxy as the origin server (badness). - // Check if this procedure is already done - YTS Team, yamsat - if (!s->request_will_not_selfloop) { - if (will_this_request_self_loop(s)) { - TxnDebug("http_trans", "[OSDNSLookup] request will selfloop - bailing out"); - SET_VIA_STRING(VIA_DETAIL_TUNNEL, VIA_DETAIL_TUNNEL_NO_FORWARD); - TRANSACT_RETURN(SM_ACTION_SEND_ERROR_CACHE_NOOP, nullptr); - } - } - if (!s->dns_info.lookup_success) { // maybe the name can be expanded (e.g cnn -> www.cnn.com) HostNameExpansionError_t host_name_expansion = try_to_expand_host_name(s); @@ -6640,7 +6639,6 @@ HttpTransact::will_this_request_self_loop(State *s) via_field = via_field->m_next_dup; } } - s->request_will_not_selfloop = true; return false; } diff --git a/proxy/http/HttpTransact.h b/proxy/http/HttpTransact.h index de80411cf51..df7986a4588 100644 --- a/proxy/http/HttpTransact.h +++ b/proxy/http/HttpTransact.h @@ -686,7 +686,6 @@ class HttpTransact bool force_dns = false; MgmtByte cache_open_write_fail_action = 0; bool is_revalidation_necessary = false; // Added to check if revalidation is necessary - YTS Team, yamsat - bool request_will_not_selfloop = false; // To determine if process done - YTS Team, yamsat ConnectionAttributes client_info; ConnectionAttributes parent_info; ConnectionAttributes server_info; @@ -939,6 +938,7 @@ class HttpTransact static void BadRequest(State *s); static void Forbidden(State *s); static void TooEarly(State *s); + static void SelfLoop(State *s); static void PostActiveTimeoutResponse(State *s); static void PostInactiveTimeoutResponse(State *s); static void DecideCacheLookup(State *s);