# HG changeset patch # User Ruslan Ermilov # Date 1493152753 -10800 # Node ID 8801ff7d58e1650c9d1abb50e09f5979e4f9ffbf # Parent 330b6c33a5c4e5a0fab162bc7509542485e0bd8e Don't pretend we support HTTP major versions >1 as HTTP/1.1. diff --git a/src/http/ngx_http_header_filter_module.c b/src/http/ngx_http_header_filter_module.c --- a/src/http/ngx_http_header_filter_module.c +++ b/src/http/ngx_http_header_filter_module.c @@ -119,7 +119,7 @@ static ngx_str_t ngx_http_status_lines[] ngx_string("502 Bad Gateway"), ngx_string("503 Service Temporarily Unavailable"), ngx_string("504 Gateway Time-out"), - ngx_null_string, /* "505 HTTP Version Not Supported" */ + ngx_string("505 HTTP Version Not Supported"), ngx_null_string, /* "506 Variant Also Negotiates" */ ngx_string("507 Insufficient Storage"), diff --git a/src/http/ngx_http_parse.c b/src/http/ngx_http_parse.c --- a/src/http/ngx_http_parse.c +++ b/src/http/ngx_http_parse.c @@ -723,6 +723,11 @@ ngx_http_parse_request_line(ngx_http_req } r->http_major = ch - '0'; + + if (r->http_major > 1) { + return NGX_HTTP_PARSE_INVALID_VERSION; + } + state = sw_major_digit; break; @@ -737,11 +742,12 @@ ngx_http_parse_request_line(ngx_http_req return NGX_HTTP_PARSE_INVALID_REQUEST; } - if (r->http_major > 99) { - return NGX_HTTP_PARSE_INVALID_REQUEST; + r->http_major = r->http_major * 10 + ch - '0'; + + if (r->http_major > 1) { + return NGX_HTTP_PARSE_INVALID_VERSION; } - r->http_major = r->http_major * 10 + ch - '0'; break; /* first digit of minor HTTP version */ diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c --- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -72,6 +72,9 @@ static char *ngx_http_client_errors[] = /* NGX_HTTP_PARSE_INVALID_REQUEST */ "client sent invalid request", + /* NGX_HTTP_PARSE_INVALID_VERSION */ + "client sent invalid version", + /* NGX_HTTP_PARSE_INVALID_09_METHOD */ "client sent invalid method in HTTP/0.9 request" }; @@ -1036,7 +1039,14 @@ ngx_http_process_request_line(ngx_event_ ngx_log_error(NGX_LOG_INFO, c->log, 0, ngx_http_client_errors[rc - NGX_HTTP_CLIENT_ERROR]); - ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); + + if (rc == NGX_HTTP_PARSE_INVALID_VERSION) { + ngx_http_finalize_request(r, NGX_HTTP_VERSION_NOT_SUPPORTED); + + } else { + ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); + } + return; } diff --git a/src/http/ngx_http_request.h b/src/http/ngx_http_request.h --- a/src/http/ngx_http_request.h +++ b/src/http/ngx_http_request.h @@ -54,9 +54,10 @@ #define NGX_HTTP_CLIENT_ERROR 10 #define NGX_HTTP_PARSE_INVALID_METHOD 10 #define NGX_HTTP_PARSE_INVALID_REQUEST 11 -#define NGX_HTTP_PARSE_INVALID_09_METHOD 12 +#define NGX_HTTP_PARSE_INVALID_VERSION 12 +#define NGX_HTTP_PARSE_INVALID_09_METHOD 13 -#define NGX_HTTP_PARSE_INVALID_HEADER 13 +#define NGX_HTTP_PARSE_INVALID_HEADER 14 /* unused 1 */ @@ -136,6 +137,7 @@ #define NGX_HTTP_BAD_GATEWAY 502 #define NGX_HTTP_SERVICE_UNAVAILABLE 503 #define NGX_HTTP_GATEWAY_TIME_OUT 504 +#define NGX_HTTP_VERSION_NOT_SUPPORTED 505 #define NGX_HTTP_INSUFFICIENT_STORAGE 507 diff --git a/src/http/ngx_http_special_response.c b/src/http/ngx_http_special_response.c --- a/src/http/ngx_http_special_response.c +++ b/src/http/ngx_http_special_response.c @@ -321,6 +321,14 @@ static char ngx_http_error_504_page[] = ; +static char ngx_http_error_505_page[] = +"" CRLF +"505 HTTP Version Not Supported" CRLF +"" CRLF +"

505 HTTP Version Not Supported

" CRLF +; + + static char ngx_http_error_507_page[] = "" CRLF "507 Insufficient Storage" CRLF @@ -395,7 +403,7 @@ static ngx_str_t ngx_http_error_pages[] ngx_string(ngx_http_error_502_page), ngx_string(ngx_http_error_503_page), ngx_string(ngx_http_error_504_page), - ngx_null_string, /* 505 */ + ngx_string(ngx_http_error_505_page), ngx_null_string, /* 506 */ ngx_string(ngx_http_error_507_page)