libmicrohttpd2

HTTP server C library (MHD 2.x, alpha)
Log | Files | Refs | README | LICENSE

test_incompatible.c (31164B)


      1 /* SPDX-License-Identifier: LGPL-2.1-or-later OR (GPL-2.0-or-later WITH eCos-exception-2.0) */
      2 /*
      3   This file is part of GNU libmicrohttpd.
      4   Copyright (C) 2025 Christian Grothoff
      5 
      6   GNU libmicrohttpd is free software; you can redistribute it and/or
      7   modify it under the terms of the GNU Lesser General Public
      8   License as published by the Free Software Foundation; either
      9   version 2.1 of the License, or (at your option) any later version.
     10 
     11   GNU libmicrohttpd is distributed in the hope that it will be useful,
     12   but WITHOUT ANY WARRANTY; without even the implied warranty of
     13   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     14   Lesser General Public License for more details.
     15 
     16   Alternatively, you can redistribute GNU libmicrohttpd and/or
     17   modify it under the terms of the GNU General Public License as
     18   published by the Free Software Foundation; either version 2 of
     19   the License, or (at your option) any later version, together
     20   with the eCos exception, as follows:
     21 
     22     As a special exception, if other files instantiate templates or
     23     use macros or inline functions from this file, or you compile this
     24     file and link it with other works to produce a work based on this
     25     file, this file does not by itself cause the resulting work to be
     26     covered by the GNU General Public License. However the source code
     27     for this file must still be made available in accordance with
     28     section (3) of the GNU General Public License v2.
     29 
     30     This exception does not invalidate any other reasons why a work
     31     based on this file might be covered by the GNU General Public
     32     License.
     33 
     34   You should have received copies of the GNU Lesser General Public
     35   License and the GNU General Public License along with this library;
     36   if not, see <https://www.gnu.org/licenses/>.
     37 */
     38 
     39 /**
     40  * @file test_incompatible.c
     41  * @brief tests server rejects incorrect or non-standard requests, either
     42  *   those that are:
     43  *   - incompatible to MUST requirements, or
     44  *   - non-standard and violate SHOULD requirements
     45  * @author Christian Grothoff
     46  */
     47 #include <stdio.h>
     48 #include <stdbool.h>
     49 #include <errno.h>
     50 #include <string.h>
     51 #include <stdlib.h>
     52 #include <unistd.h>
     53 #include <arpa/inet.h>
     54 #include <netinet/ip.h>
     55 #include "microhttpd2.h"
     56 
     57 #define LOG 0
     58 
     59 /**
     60  * Defines a test.
     61  */
     62 struct Test
     63 {
     64   /**
     65    * Human-readable name of the test. NULL to end test array.
     66    */
     67   const char *name;
     68 
     69   /**
     70    * Request to send to the server.
     71    */
     72   const char *upload;
     73 
     74 };
     75 
     76 
     77 /**
     78  * Tests with HTTP requests that violate MUST constraints
     79  * of the HTTP specifications.
     80  *
     81  * For example, using a bare LF instead of CRLF is forbidden, and
     82  * requests that include both a "Transfer-Encoding:" and a
     83  * "Content-Length:" headers are rejected.
     84  */
     85 static struct Test tests_must[] = {
     86   {
     87     .name = "HTTP 1.1 without Host",
     88     .upload = "GET / HTTP/1.1\r\n\r\n",
     89   },
     90   {
     91     .name = "HTTP 1.0 GET without CRLF",
     92     .upload = "GET / HTTP/1.0\n\n",
     93   },
     94   {
     95     .name = "POST with both Content-Length and Transfer-Encoding",
     96     .upload =
     97       "POST / HTTP/1.1\r\nHost: example.com\r\nContent-Length: 1\r\nTransfer-Encoding: chunked\r\n\r\n0\r\n",
     98   },
     99   {
    100     .name = "unsupported Ttransfer-Encoding",
    101     .upload =
    102       "POST / HTTP/1.1\r\nHost: example.com\r\nTransfer-Encoding: wild\r\n\r\n0\r\n",
    103   },
    104   {
    105     .name = "Invalid HTTP version format",
    106     .upload = "GET / HTTP/1\r\nHost: example.com\r\n\r\n",
    107     // RFC 9112 Section 2.3: HTTP-version must be "HTTP/" followed by two digits separated by "."
    108   },
    109   {
    110     .name = "Missing space after method",
    111     .upload = "GET/ HTTP/1.1\r\nHost: example.com\r\n\r\n",
    112     // RFC 9112 Section 3: Request-line requires SP between method and request-target
    113   },
    114   {
    115     .name = "Invalid request-target with space",
    116     .upload = "GET /path with space HTTP/1.1\r\nHost: example.com\r\n\r\n",
    117     // RFC 9112 Section 3.2: Request-target must not contain unencoded spaces
    118   },
    119   {
    120     .name = "Header field name with space",
    121     .upload = "GET / HTTP/1.1\r\nHost Name: example.com\r\n\r\n",
    122     // RFC 9110 Section 5.1: Field names must be tokens (no spaces allowed)
    123   },
    124 #ifdef MORE_PEER_VALIDATION
    125   {
    126     .name = "Header field name with colon",
    127     .upload = "GET / HTTP/1.1\r\nHost:Name: example.com\r\n\r\n",
    128     // RFC 9110 Section 5.1: Field names must be tokens (colons not allowed)
    129   },
    130 #endif
    131   {
    132     .name = "Missing colon after header field name",
    133     .upload = "GET / HTTP/1.1\r\nHost example.com\r\n\r\n",
    134     // RFC 9112 Section 5: Header field must have name, colon, and value
    135   },
    136   {
    137     .name = "Header line ending with bare CR",
    138     .upload = "GET / HTTP/1.1\rHost: example.com\r\n\r\n",
    139     // RFC 9112 Section 2.2: Lines must end with CRLF, not bare CR
    140   },
    141   {
    142     .name = "Request line ending with bare LF",
    143     .upload = "GET / HTTP/1.1\nHost: example.com\r\n\r\n",
    144     // RFC 9112 Section 2.2: Request-line must end with CRLF
    145   },
    146   {
    147     .name = "Multiple Host headers",
    148     .upload = "GET / HTTP/1.1\r\nHost: example.com\r\nHost: other.com\r\n\r\n",
    149     // RFC 9112 Section 3.2: A sender MUST NOT generate multiple Host header fields
    150   },
    151   {
    152     .name = "Negative Content-Length",
    153     .upload =
    154       "POST / HTTP/1.1\r\nHost: example.com\r\nContent-Length: -5\r\n\r\n",
    155     // RFC 9110 Section 8.6: Content-Length value must be non-negative decimal integer
    156   },
    157   {
    158     .name = "Non-numeric Content-Length",
    159     .upload =
    160       "POST / HTTP/1.1\r\nHost: example.com\r\nContent-Length: abc\r\n\r\n",
    161     // RFC 9110 Section 8.6: Content-Length must be a decimal integer
    162   },
    163   {
    164     .name = "Multiple Content-Length with different values",
    165     .upload =
    166       "POST / HTTP/1.1\r\nHost: example.com\r\nContent-Length: 5\r\nContent-Length: 10\r\n\r\n",
    167     // RFC 9110 Section 8.6: Multiple Content-Length values must be identical
    168   },
    169 #ifdef MORE_PEER_VALIDATION
    170   {
    171     .name = "Invalid method with control character",
    172     .upload = "GET\x01 / HTTP/1.1\r\nHost: example.com\r\n\r\n",
    173     // RFC 9110 Section 9.1: Method token must not contain control characters
    174   },
    175 #endif
    176   {
    177     .name = "Request-target starting with space",
    178     .upload = "GET  / HTTP/1.1\r\nHost: example.com\r\n\r\n",
    179     // RFC 9112 Section 3: Only single SP allowed between method and request-target
    180   },
    181   {
    182     .name = "HTTP/0.9 simple request with headers",
    183     .upload = "GET /\r\nHost: example.com\r\n\r\n",
    184     // RFC 9112 Section 2.3: HTTP/0.9 requests must not have headers
    185   },
    186   {
    187     .name = "Missing final CRLF after headers",
    188     .upload = "GET / HTTP/1.1\r\nHost: example.com\r\n",
    189     // RFC 9112 Section 6.1: Empty line (CRLF) required after headers
    190   },
    191   {
    192     .name = "Whitespace before header field name",
    193     .upload = "GET / HTTP/1.1\r\n Host: example.com\r\n\r\n",
    194     // RFC 9112 Section 5: No whitespace allowed before field name
    195   },
    196 
    197 
    198   {
    199     .name = "Empty request line",
    200     .upload = "\r\n\r\n",
    201     // RFC 9112 Section 3: Request-line is required
    202   },
    203   {
    204     .name = "Request line with only method",
    205     .upload = "GET\r\n\r\n",
    206     // RFC 9112 Section 3: Request-line must have method, target, and version
    207   },
    208   {
    209     .name = "Request line with only method and target",
    210     .upload = "GET /\r\n\r\n",
    211     // RFC 9112 Section 3: HTTP-version is required in request-line
    212   },
    213   {
    214     .name = "Request with only CR as line ending",
    215     .upload = "GET / HTTP/1.1\rHost: example.com\r\r",
    216     // RFC 9112 Section 2.2: CRLF required, not bare CR
    217   },
    218   {
    219     .name = "Missing space before HTTP version",
    220     .upload = "GET /HTTP/1.1\r\nHost: example.com\r\n\r\n",
    221     // RFC 9112 Section 3: SP required between request-target and HTTP-version
    222   },
    223   {
    224     .name = "HTTP version with extra dot",
    225     .upload = "GET / HTTP/1.1.0\r\nHost: example.com\r\n\r\n",
    226     // RFC 9112 Section 2.3: Version format is "HTTP/" DIGIT "." DIGIT
    227   },
    228   {
    229     .name = "HTTP version with letter",
    230     .upload = "GET / HTTP/1.A\r\nHost: example.com\r\n\r\n",
    231     // RFC 9112 Section 2.3: Version numbers must be digits
    232   },
    233 #ifdef NOT_A_BUG
    234   {
    235     .name = "Method with lowercase letters",
    236     .upload = "get / HTTP/1.1\r\nHost: example.com\r\n\r\n",
    237     // RFC 9110 Section 9.1: Method is case-sensitive
    238     /* This a valid non-standard ("custom") method. */
    239   },
    240 #endif
    241 #ifdef MORE_PEER_VALIDATION
    242   {
    243     .name = "Request-target with fragment identifier",
    244     .upload = "GET /path#fragment HTTP/1.1\r\nHost: example.com\r\n\r\n",
    245     // RFC 9112 Section 3.2.1: Fragment must not be sent in request-target
    246   },
    247 #endif
    248 #ifdef OTHER_USES
    249   {
    250     .name = "Absolute-form with userinfo in HTTP/1.1",
    251     .upload =
    252       "GET http://user:pass@example.com/ HTTP/1.1\r\nHost: example.com\r\n\r\n",
    253     // RFC 9110 Section 4.2.4: Userinfo (and its "@" delimiter) is now disallowed
    254     /* This is a valid string for HTTP proxy */
    255   },
    256 #endif
    257   {
    258     .name = "Request-target with bare CR",
    259     .upload = "GET /path\r/file HTTP/1.1\r\nHost: example.com\r\n\r\n",
    260     // RFC 9112 Section 3.2: Request-target must not contain CR
    261   },
    262   {
    263     .name = "Request-target with LF",
    264     .upload = "GET /path\n/file HTTP/1.1\r\nHost: example.com\r\n\r\n",
    265     // RFC 9112 Section 3.2: Request-target must not contain LF
    266   },
    267   {
    268     .name = "Header colon without field name",
    269     .upload = "GET / HTTP/1.1\r\n: value\r\nHost: example.com\r\n\r\n",
    270     // RFC 9110 Section 5.1: Field name is required before colon
    271   },
    272   {
    273     .name = "Content-Length with plus sign",
    274     .upload =
    275       "POST / HTTP/1.1\r\nHost: example.com\r\nContent-Length: +10\r\n\r\n0123456789",
    276     // RFC 9110 Section 8.6: Content-Length must be 1*DIGIT (no sign allowed)
    277   },
    278   {
    279     .name = "Content-Length with whitespace",
    280     .upload =
    281       "POST / HTTP/1.1\r\nHost: example.com\r\nContent-Length: 1 0\r\n\r\n0123456789",
    282     // RFC 9110 Section 8.6: Content-Length must be digits only
    283   },
    284   {
    285     .name = "Content-Length with decimal point",
    286     .upload =
    287       "POST / HTTP/1.1\r\nHost: example.com\r\nContent-Length: 10.0\r\n\r\n0123456789",
    288     // RFC 9110 Section 8.6: Content-Length must be decimal integer, not floating point
    289   },
    290   {
    291     .name = "Content-Length overflow value",
    292     .upload =
    293       "POST / HTTP/1.1\r\nHost: example.com\r\nContent-Length: 99999999999999999999999999999\r\n\r\n",
    294     // RFC 9110 Section 8.6: Content-Length must be valid decimal integer
    295   },
    296 #ifdef MORE_PEER_VALIDATION
    297   {
    298     .name = "Request with vertical tab in header",
    299     .upload = "GET / HTTP/1.1\r\nHost: example.com\r\nX-Custom:\vvalue\r\n\r\n",
    300     // RFC 9110 Section 5.5: Only HTAB, SP, and VCHAR allowed in field values (VT is 0x0B)
    301   },
    302 #endif
    303 #ifdef MORE_PEER_VALIDATION
    304   {
    305     .name = "Request with form feed in header value",
    306     .upload =
    307       "GET / HTTP/1.1\r\nHost: example.com\r\nX-Custom: val\fue\r\n\r\n",
    308     // RFC 9110 Section 5.5: Form feed (0x0C) not allowed in field values
    309   },
    310 #endif
    311   {
    312     .name = "Transfer-Encoding with unknown coding",
    313     .upload =
    314       "POST / HTTP/1.1\r\nHost: example.com\r\nTransfer-Encoding: gzip\r\n\r\n",
    315     // RFC 9112 Section 6.1: Only 'chunked' and specific codings defined
    316   },
    317   {
    318     .name = "Transfer-Encoding chunked not last",
    319     .upload =
    320       "POST / HTTP/1.1\r\nHost: example.com\r\nTransfer-Encoding: chunked, gzip\r\n\r\n",
    321     // RFC 9112 Section 6.1: 'chunked' must be last when present
    322   },
    323 #ifdef SPECIAL_STRICT_PEER_CHECKING
    324   {
    325     .name = "HTTP/1.0 with Transfer-Encoding",
    326     .upload =
    327       "POST / HTTP/1.0\r\nHost: example.com\r\nTransfer-Encoding: chunked\r\n\r\n0\r\n\r\n",
    328     // RFC 9112 Section 6.1: Transfer-Encoding must not be sent in HTTP/1.0
    329     /* RFC does not enforce the server to reject such requests. "Must not be sent" != "Must be rejected" */
    330   },
    331 #endif
    332 #ifdef NOT_A_BUG
    333   {
    334     .name = "POST without Content-Length or Transfer-Encoding",
    335     .upload = "POST / HTTP/1.1\r\nHost: example.com\r\n\r\n",
    336     // RFC 9112 Section 6.3: Message with body must have Content-Length or Transfer-Encoding
    337     /* This is a perfectly valid request with an empty body. */
    338   },
    339 #endif
    340 #ifdef MORE_PEER_VALIDATION
    341   {
    342     .name = "Request with CTL character in header name",
    343     .upload =
    344       "GET / HTTP/1.1\r\nHost: example.com\r\nX-Cu\x01stom: value\r\n\r\n",
    345     // RFC 9110 Section 5.1: Field names must be tokens, CTL chars not allowed
    346   },
    347 #endif
    348 #ifdef MORE_PEER_VALIDATION
    349   {
    350     .name = "Request with DEL character in header name",
    351     .upload =
    352       "GET / HTTP/1.1\r\nHost: example.com\r\nX-Custom\x7F: value\r\n\r\n",
    353     // RFC 9110 Section 5.1: DEL (0x7F) not allowed in field names
    354   },
    355 #endif
    356 #ifdef MORE_PEER_VALIDATION
    357   {
    358     .name = "Request with non-ASCII in header name",
    359     .upload = "GET / HTTP/1.1\r\nHost: example.com\r\nX-Cüstom: value\r\n\r\n",
    360     // RFC 9110 Section 5.1: Field names must be ASCII tokens
    361   },
    362 #endif
    363 #ifdef SPECIAL_STRICT_PEER_CHECKING
    364   {
    365     .name = "Request-target as asterisk for non-OPTIONS",
    366     .upload = "GET * HTTP/1.1\r\nHost: example.com\r\n\r\n",
    367     // RFC 9112 Section 3.2.4: Asterisk form only valid for OPTIONS
    368   },
    369 #endif
    370 #ifdef MORE_PEER_VALIDATION
    371   {
    372     .name = "Authority-form for non-CONNECT",
    373     .upload = "GET example.com:80 HTTP/1.1\r\nHost: example.com\r\n\r\n",
    374     // RFC 9112 Section 3.2.3: Authority-form only valid for CONNECT
    375   },
    376 #endif
    377   {
    378     .name = "HTTP/1.1 GET with empty Host header",
    379     .upload = "GET / HTTP/1.1\r\nHost: \r\n\r\n",
    380     // RFC 9112 Section 3.2: Empty Host header is invalid for this target form
    381   },
    382 #ifdef MORE_PEER_VALIDATION
    383   {
    384     .name = "Request with quoted string in field name",
    385     .upload =
    386       "GET / HTTP/1.1\r\nHost: example.com\r\n\"X-Custom\": value\r\n\r\n",
    387     // RFC 9110 Section 5.1: Field names must be tokens, not quoted strings
    388   },
    389 #endif
    390 #if 0 /* NOT A BUG */
    391   {
    392     .name = "HTTP/1.1 request with HTTP/1.2 version",
    393     .upload = "GET / HTTP/1.2\r\nHost: example.com\r\n\r\n",
    394     /* HTTP/1.2 SHOULD be processed as 1.1 if server supports 1.1.
    395        RFC 9110, Section 6.2
    396        See https://www.rfc-editor.org/rfc/rfc9110.html#name-control-data */
    397   },
    398 #endif
    399   {
    400     .name = "HTTP/1.1 request with HTTP/1.10 version",
    401     .upload = "GET / HTTP/1.10\r\nHost: example.com\r\n\r\n",
    402     /* Version must be "digit dot digit"
    403      * RFC 9112, Section 2.3 */
    404   },
    405   {
    406     .name = "HTTP/1.1 request with HTTP/1.I version",
    407     .upload = "GET / HTTP/1.I\r\nHost: example.com\r\n\r\n",
    408     /* Version must be "digit dot digit"
    409      * RFC 9112, Section 2.3 */
    410   },
    411   {
    412     .name = "HTTP/1.1 request with HTTP/1,1 version",
    413     .upload = "GET / HTTP/1,1\r\nHost: example.com\r\n\r\n",
    414     /* Version must be "digit dot digit"
    415      * RFC 9112, Section 2.3 */
    416   },
    417   {
    418     .name = "HTTP version HTTP/2.0 on HTTP/1.1 connection",
    419     .upload = "GET / HTTP/2.0\r\nHost: example.com\r\n\r\n",
    420     // RFC 9112 Section 2.3: HTTP/2 uses different framing, not text-based
    421   },
    422   {
    423     .name = "Empty method",
    424     .upload = " / HTTP/1.1\r\nHost: example.com\r\n\r\n",
    425     // RFC 9112 Section 3: Method is required
    426   },
    427 #ifdef MORE_PEER_VALIDATION
    428   {
    429     .name = "Method with special character",
    430     .upload = "GET/ / HTTP/1.1\r\nHost: example.com\r\n\r\n",
    431     // RFC 9110 Section 9.1: Method must be a token (no '/' in method name)
    432   },
    433 #endif
    434   {
    435     .name = "Triple Host headers",
    436     .upload =
    437       "GET / HTTP/1.1\r\nHost: a.com\r\nHost: b.com\r\nHost: c.com\r\n\r\n",
    438     // RFC 9112 Section 3.2: Multiple Host headers forbidden
    439   },
    440   {
    441     .name = "Content-Length with hexadecimal",
    442     .upload =
    443       "POST / HTTP/1.1\r\nHost: example.com\r\nContent-Length: 0x10\r\n\r\n0123456789012345",
    444     // RFC 9110 Section 8.6: Content-Length must be decimal, not hexadecimal
    445   },
    446   {
    447     .name = NULL,
    448   }
    449 };
    450 
    451 
    452 /**
    453  * Tests with HTTP requests that violate MUST constraints
    454  * of the HTTP specifications during the upload.
    455  */
    456 static struct Test tests_must_upload[] = {
    457   {
    458     .name = "Chunked encoding with invalid hex",
    459     .upload =
    460       "POST / HTTP/1.1\r\nHost: example.com\r\nTransfer-Encoding: chunked\r\n\r\nGG\r\n\r\n",
    461     // RFC 9112 Section 7.1: Chunk size must be hexadecimal
    462   },
    463   {
    464     .name = "Chunked encoding with negative size",
    465     .upload =
    466       "POST / HTTP/1.1\r\nHost: example.com\r\nTransfer-Encoding: chunked\r\n\r\n-5\r\n\r\n",
    467     // RFC 9112 Section 7.1: Chunk size must be non-negative hex
    468   },
    469   {
    470     .name = "Chunked encoding missing CRLF after size",
    471     .upload =
    472       "POST / HTTP/1.1\r\nHost: example.com\r\nTransfer-Encoding: chunked\r\n\r\n5hello\r\n0\r\n\r\n",
    473     // RFC 9112 Section 7.1: CRLF required after chunk-size
    474   },
    475   {
    476     .name = "Chunked encoding missing CRLF after data",
    477     .upload =
    478       "POST / HTTP/1.1\r\nHost: example.com\r\nTransfer-Encoding: chunked\r\n\r\n5\r\nhello0\r\n\r\n",
    479     // RFC 9112 Section 7.1: CRLF required after chunk-data
    480   },
    481   {
    482     .name = "Chunked with no final chunk",
    483     .upload =
    484       "POST / HTTP/1.1\r\nHost: example.com\r\nTransfer-Encoding: chunked\r\n\r\n5\r\nhello\r\n",
    485     // RFC 9112 Section 7.1: Last chunk (size 0) is required
    486   },
    487   {
    488     .name = "Chunk size with leading whitespace",
    489     .upload =
    490       "POST / HTTP/1.1\r\nHost: example.com\r\nTransfer-Encoding: chunked\r\n\r\n 5\r\nhello\r\n0\r\n\r\n",
    491     // RFC 9112 Section 7.1: No whitespace before chunk-size
    492   },
    493   {
    494     .name = "Chunk size exceeding data provided",
    495     .upload =
    496       "POST / HTTP/1.1\r\nHost: example.com\r\nTransfer-Encoding: chunked\r\n\r\nA\r\nhello\r\n0\r\n\r\n",
    497     // RFC 9112 Section 7.1: Chunk-size must match chunk-data length (10 bytes expected, 5 provided)
    498   },
    499   {
    500     .name = NULL,
    501   }
    502 };
    503 
    504 
    505 /**
    506  * Tests with HTTP requests that violate SHOULD constraints
    507  * of the HTTP specifications.
    508  *
    509  * For example, for chunked encoding, this level (and more restrictive
    510  * ones) forbids whitespace in chunk extensions.  For cookie parsing,
    511  * this level (and more restrictive ones) rejects the entire cookie if
    512  * even a single value within it is incorrectly encoded.
    513  */
    514 static struct Test tests_should[] = {
    515   {
    516     .name = "Obsolete line folding in header",
    517     .upload = "GET / HTTP/1.1\r\nHost: example.com\r\n continuation\r\n\r\n",
    518     // RFC 9112 Section 5.2: Line folding is obsolete, recipients SHOULD reject or replace with SP
    519   },
    520 #ifdef NOT_A_BUG
    521   {
    522     .name = "Multiple spaces after colon in header",
    523     .upload = "GET / HTTP/1.1\r\nHost:     example.com\r\n\r\n",
    524     // RFC 9110 Section 5.6.3: Senders SHOULD NOT generate optional whitespace except as SP
    525     /* RFC 9110 Section 5.6.3: "OWS and RWS have the same semantics as a single SP."
    526      * RFC 9112 Section 5.1: "A field line value might be preceded and/or followed by optional whitespace (OWS)"
    527      * The server must parse this value as a correct value. */
    528   },
    529 #endif
    530 #ifdef NOT_A_BUG
    531   {
    532     .name = "Trailing whitespace in header value",
    533     .upload = "GET / HTTP/1.1\r\nHost: example.com   \r\n\r\n",
    534     // RFC 9110 Section 5.3: Trailing whitespace should be stripped
    535     /* RFC 9112 Section 5.1: "OWS occurring before the first non-whitespace octet of the field line value,
    536                               or after the last non-whitespace octet of the field line value, is excluded
    537                               by parsers when extracting the field line value from a field line."
    538      * This is a valid request. */
    539   },
    540 #endif
    541 #ifdef NOT_A_BUG
    542   {
    543     .name = "Leading whitespace in header value",
    544     .upload = "GET / HTTP/1.1\r\nHost:    example.com\r\n\r\n",
    545     // RFC 9110 Section 5.3: Leading whitespace should be stripped
    546     /* RFC 9112 Section 5.1: "OWS occurring before the first non-whitespace octet of the field line value,
    547                               or after the last non-whitespace octet of the field line value, is excluded
    548                               by parsers when extracting the field line value from a field line."
    549      * This is a valid request. */
    550   },
    551 #endif
    552 #ifdef NOT_A_BUG
    553   {
    554     .name = "Chunk extension with whitespace",
    555     .upload =
    556       "POST / HTTP/1.1\r\nHost: example.com\r\nTransfer-Encoding: chunked\r\n\r\n5 ; ext=val\r\nhello\r\n0\r\n\r\n",
    557     // RFC 9112 Section 7.1.1: Whitespace in chunk extensions should be minimal
    558     /* This is a valid request. */
    559   },
    560 #endif
    561 #ifdef NOT_A_BUG
    562   {
    563     .name = "Chunked with uppercase hex digits",
    564     .upload =
    565       "POST / HTTP/1.1\r\nHost: example.com\r\nTransfer-Encoding: chunked\r\n\r\n5\r\nhello\r\n0\r\n\r\n",
    566     // RFC 9112 Section 7.1: Senders SHOULD use lowercase for hex digits (though uppercase is valid)
    567     /* This is a valid request. It must be parsed. */
    568   },
    569 #endif
    570 #ifdef NOT_A_BUG
    571   {
    572     .name = "Empty header field value",
    573     .upload = "GET / HTTP/1.1\r\nHost: example.com\r\nX-Empty:\r\n\r\n",
    574     // RFC 9110 Section 5.3: Empty field values are valid but some implementations may reject
    575     /* This is a valid request. It must be parsed. */
    576   },
    577 #endif
    578 #ifdef NOT_A_BUG
    579   {
    580     .name = "Header field name with uppercase and lowercase",
    581     .upload = "GET / HTTP/1.1\r\nHoSt: example.com\r\n\r\n",
    582     // RFC 9110 Section 5.1: Field names are case-insensitive, but conventional capitalization SHOULD be used
    583     /* This is a valid request. It must be parsed. */
    584   },
    585 #endif
    586   {
    587     .name = "Excessive whitespace in request line",
    588     .upload = "GET / HTTP/1.1 \r\nHost: example.com\r\n\r\n",
    589     // RFC 9112 Section 3: Trailing whitespace in request-line should not be present
    590   },
    591 #ifdef NOT_A_BUG
    592   {
    593     .name = "Content-Length with leading zeros",
    594     .upload =
    595       "POST / HTTP/1.1\r\nHost: example.com\r\nContent-Length: 0005\r\n\r\nhello",
    596     // RFC 9110 Section 8.6: Leading zeros should not be sent
    597     /* This is a valid request. It must be parsed. */
    598   },
    599 #endif
    600 #ifdef NOT_A_BUG
    601   {
    602     .name = "Cookie header with invalid encoding in value",
    603     .upload =
    604       "GET / HTTP/1.1\r\nHost: example.com\r\nCookie: name=val ue\r\n\r\n",
    605     // RFC 6265 Section 4.2: Cookie values should be properly encoded, spaces require encoding
    606     /* Rejected completely on stricter level. On default level valid part "name=val" is used. */
    607   },
    608 #endif
    609   {
    610     .name = NULL,
    611   }
    612 };
    613 
    614 
    615 static struct Test *current;
    616 
    617 
    618 /**
    619  * Our port.
    620  */
    621 static uint16_t port;
    622 
    623 /**
    624  * Set to true if a test failed.
    625  */
    626 static volatile bool failed;
    627 
    628 
    629 /**
    630  * Function to process data uploaded by a client.
    631  *
    632  * Given that we ONLY generate incorrect/malformed upload requests,
    633  * this function should never be called.
    634  *
    635  * @param upload_cls the argument given together with the function
    636  *                   pointer when the handler was registered with MHD
    637  * @param request the request is being processed
    638  * @param content_data_size the size of the @a content_data,
    639  *                          zero when all data have been processed
    640  * @param[in] content_data the uploaded content data,
    641  *                         may be modified in the callback,
    642  *                         valid only until return from the callback,
    643  *                         NULL when all data have been processed
    644  * @return action specifying how to proceed:
    645  *         #MHD_upload_action_continue() to continue upload (for incremental
    646  *         upload processing only),
    647  *         #MHD_upload_action_suspend() to stop reading the upload until
    648  *         the request is resumed,
    649  *         #MHD_upload_action_abort_request() to close the socket,
    650  *         or a response to discard the rest of the upload and transmit
    651  *         the response
    652  * @ingroup action
    653  */
    654 static const struct MHD_UploadAction *
    655 uc_fail (void *upload_cls,
    656          struct MHD_Request *request,
    657          size_t content_data_size,
    658          void *content_data)
    659 {
    660   fprintf (stderr,
    661            "Test `%s' failed\n",
    662            current->name);
    663   failed = true;
    664   return NULL;
    665 }
    666 
    667 
    668 /**
    669  * A client has requested the given url using the given method
    670  * (#MHD_HTTP_METHOD_GET, #MHD_HTTP_METHOD_PUT,
    671  * #MHD_HTTP_METHOD_DELETE, #MHD_HTTP_METHOD_POST, etc).
    672  * If @a upload_size is not zero and response action is provided by this
    673  * callback, then upload will be discarded and the stream (the connection for
    674  * HTTP/1.1) will be closed after sending the response.
    675  *
    676  * This function is expected to be called, but when we try to
    677  * process the upload it should always fail on the MHD side.
    678  *
    679  * @param cls argument given together with the function
    680  *        pointer when the handler was registered with MHD
    681  * @param request the request object
    682  * @param path the requested uri (without arguments after "?")
    683  * @param method the HTTP method used (#MHD_HTTP_METHOD_GET,
    684  *        #MHD_HTTP_METHOD_PUT, etc.)
    685  * @param upload_size the size of the message upload content payload,
    686  *                    #MHD_SIZE_UNKNOWN for chunked uploads (if the
    687  *                    final chunk has not been processed yet)
    688  * @return action how to proceed, NULL
    689  *         if the request must be aborted due to a serious
    690  *         error while handling the request (implies closure
    691  *         of underling data stream, for HTTP/1.1 it means
    692  *         socket closure).
    693  */
    694 static const struct MHD_Action *
    695 server_upload_req_cb (void *cls,
    696                       struct MHD_Request *MHD_RESTRICT request,
    697                       const struct MHD_String *MHD_RESTRICT path,
    698                       enum MHD_HTTP_Method method,
    699                       uint_fast64_t upload_size)
    700 {
    701   return MHD_action_process_upload (request,
    702                                     1024 * 1024,
    703                                     &uc_fail,
    704                                     NULL,
    705                                     &uc_fail,
    706                                     NULL);
    707 }
    708 
    709 
    710 /**
    711  * A client has requested the given url using the given method
    712  * (#MHD_HTTP_METHOD_GET, #MHD_HTTP_METHOD_PUT,
    713  * #MHD_HTTP_METHOD_DELETE, #MHD_HTTP_METHOD_POST, etc).
    714  * If @a upload_size is not zero and response action is provided by this
    715  * callback, then upload will be discarded and the stream (the connection for
    716  * HTTP/1.1) will be closed after sending the response.
    717  *
    718  * Given that we ONLY generate incorrect/malformed requests,
    719  * this function should never be called.
    720  *
    721  * @param cls argument given together with the function
    722  *        pointer when the handler was registered with MHD
    723  * @param request the request object
    724  * @param path the requested uri (without arguments after "?")
    725  * @param method the HTTP method used (#MHD_HTTP_METHOD_GET,
    726  *        #MHD_HTTP_METHOD_PUT, etc.)
    727  * @param upload_size the size of the message upload content payload,
    728  *                    #MHD_SIZE_UNKNOWN for chunked uploads (if the
    729  *                    final chunk has not been processed yet)
    730  * @return action how to proceed, NULL
    731  *         if the request must be aborted due to a serious
    732  *         error while handling the request (implies closure
    733  *         of underling data stream, for HTTP/1.1 it means
    734  *         socket closure).
    735  */
    736 static const struct MHD_Action *
    737 server_req_cb (void *cls,
    738                struct MHD_Request *MHD_RESTRICT request,
    739                const struct MHD_String *MHD_RESTRICT path,
    740                enum MHD_HTTP_Method method,
    741                uint_fast64_t upload_size)
    742 {
    743   fprintf (stderr,
    744            "Test `%s' failed\n",
    745            current->name);
    746   failed = true;
    747   return NULL;
    748 }
    749 
    750 
    751 /**
    752  * Helper function to deal with partial writes.
    753  * Fails hard (calls exit() on failures)!
    754  *
    755  * @param fd where to write to
    756  * @param buf what to write
    757  * @param buf_size number of bytes in @a buf
    758  */
    759 static void
    760 write_all (int fd,
    761            const void *buf,
    762            size_t buf_size)
    763 {
    764   const char *cbuf = buf;
    765   size_t off;
    766 
    767   off = 0;
    768   while (off < buf_size)
    769   {
    770     ssize_t ret;
    771 
    772     ret = write (fd,
    773                  &cbuf[off],
    774                  buf_size - off);
    775     if (ret <= 0)
    776     {
    777       fprintf (stderr,
    778                "Writing %u bytes to %d failed: %s\n",
    779                (unsigned int) (buf_size - off),
    780                fd,
    781                strerror (errno));
    782       exit (1);
    783     }
    784     off += ret;
    785   }
    786 }
    787 
    788 
    789 static int
    790 run_test ()
    791 {
    792   int s;
    793   struct sockaddr_in sa = {
    794     .sin_family = AF_INET,
    795     .sin_port = htons (port),
    796   };
    797   char dummy;
    798 
    799   s = socket (AF_INET, SOCK_STREAM, 0);
    800   if (-1 == s)
    801   {
    802     fprintf (stderr,
    803              "socket() failed: %s\n",
    804              strerror (errno));
    805     return 1;
    806   }
    807   inet_pton (AF_INET,
    808              "127.0.0.1",
    809              &sa.sin_addr);
    810   if (0 != connect (s,
    811                     (struct sockaddr *) &sa,
    812                     sizeof (sa)))
    813   {
    814     fprintf (stderr,
    815              "bind() failed: %s\n",
    816              strerror (errno));
    817     close (s);
    818     return 1;
    819   }
    820   write_all (s,
    821              current->upload,
    822              strlen (current->upload));
    823   shutdown (s,
    824             SHUT_WR);
    825   if (((ssize_t) sizeof (dummy)) !=
    826       read (s,
    827             &dummy,
    828             sizeof (dummy)))
    829   {
    830 #if LOG
    831     fprintf (stderr,
    832              "Server closed connection\n");
    833 #endif
    834   }
    835   close (s);
    836   if (failed)
    837     return 1;
    838   return 0;
    839 }
    840 
    841 
    842 static int
    843 run_tests (struct Test *tests)
    844 {
    845   for (unsigned int i = 0;
    846        NULL != tests[i].name;
    847        i++)
    848   {
    849     current = &tests[i];
    850 #if LOG || 1
    851     fprintf (stderr,
    852              "Running test `%s'\n",
    853              current->name);
    854 #endif
    855     if (0 != run_test ())
    856       return 1;
    857   }
    858   return 0;
    859 }
    860 
    861 
    862 static int
    863 run (MHD_RequestCallback cb,
    864      struct Test *tests,
    865      enum MHD_ProtocolStrictLevel psl)
    866 {
    867   struct MHD_Daemon *d;
    868 
    869   d = MHD_daemon_create (cb,
    870                          NULL);
    871   if (MHD_SC_OK !=
    872       MHD_DAEMON_SET_OPTIONS (
    873         d,
    874         MHD_D_OPTION_WM_WORKER_THREADS (2),
    875 #if ! LOG
    876         MHD_D_OPTION_LOG_CALLBACK (NULL,
    877                                    NULL),
    878 #endif
    879         MHD_D_OPTION_PROTOCOL_STRICT_LEVEL (psl,
    880                                             MHD_USL_PRECISE),
    881         MHD_D_OPTION_DEFAULT_TIMEOUT_MILSEC (1000),
    882         MHD_D_OPTION_BIND_PORT (MHD_AF_AUTO,
    883                                 0)))
    884   {
    885     fprintf (stderr,
    886              "Failed to configure daemon!");
    887     return 1;
    888   }
    889 
    890   {
    891     enum MHD_StatusCode sc;
    892 
    893     sc = MHD_daemon_start (d);
    894     if (MHD_SC_OK != sc)
    895     {
    896 #ifdef FIXME_STATUS_CODE_TO_STRING_NOT_IMPLEMENTED
    897       fprintf (stderr,
    898                "Failed to start server: %s\n",
    899                MHD_status_code_to_string_lazy (sc));
    900 #else
    901       fprintf (stderr,
    902                "Failed to start server: %u\n",
    903                (unsigned int) sc);
    904 #endif
    905       MHD_daemon_destroy (d);
    906       return 1;
    907     }
    908   }
    909 
    910   {
    911     union MHD_DaemonInfoFixedData info;
    912     enum MHD_StatusCode sc;
    913 
    914     sc = MHD_daemon_get_info_fixed (
    915       d,
    916       MHD_DAEMON_INFO_FIXED_BIND_PORT,
    917       &info);
    918     if (MHD_SC_OK != sc)
    919     {
    920       fprintf (stderr,
    921                "Failed to determine our port: %u\n",
    922                (unsigned int) sc);
    923       MHD_daemon_destroy (d);
    924       return 1;
    925     }
    926     port = info.v_bind_port_uint16;
    927   }
    928 
    929   {
    930     int result;
    931 
    932     result = run_tests (tests);
    933     MHD_daemon_destroy (d);
    934     return result;
    935   }
    936 }
    937 
    938 
    939 int
    940 main (void)
    941 {
    942   if (0 !=
    943       run (&server_req_cb,
    944            tests_must,
    945            MHD_PSL_STRICT))
    946     return 1;
    947   if (0 !=
    948       run (&server_upload_req_cb,
    949            tests_must_upload,
    950            MHD_PSL_STRICT))
    951     return 1;
    952   if (0 !=
    953       run (&server_req_cb,
    954            tests_should,
    955            MHD_PSL_VERY_STRICT))
    956     return 1;
    957   return 0;
    958 }