allow clients to override sanity check for content-length header

5 files changed, 75 insertions, 22 deletions

diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h
index e6090fbb..3387e500 100644
--- a/src/include/microhttpd.h
+++ b/src/include/microhttpd.h
@@ -132,7 +132,7 @@ typedef intptr_t ssize_t;
  * Current version of the library.
  * 0x01093001 = 1.9.30-1.
  */
-#define MHD_VERSION 0x00096701
+#define MHD_VERSION 0x00096702
 
 /**
  * MHD-internal return code for "YES".
@@ -1691,10 +1691,35 @@ enum MHD_OPTION
    * followed by a argument of type `gnutls_certificate_retrieve_function3 *`.
    * This option provides an
    * alternative/extension to #MHD_OPTION_HTTPS_CERT_CALLBACK.
-  * You must use this version if you want to use OCSP stapling.
+   * You must use this version if you want to use OCSP stapling.
    * Using this option requires GnuTLS 3.6.3 or higher.
    */
-  MHD_OPTION_HTTPS_CERT_CALLBACK2 = 31
+  MHD_OPTION_HTTPS_CERT_CALLBACK2 = 31,
+
+  /**
+   * Allows the application to disable certain sanity precautions
+   * in MHD. With these, the client can break the HTTP protocol,
+   * so this should never be used in production. The options are,
+   * however, useful for testing HTTP clients against "broken"
+   * server implementations.
+   * This argument must be followed by an "unsigned int", corresponding
+   * to an `enum MHD_DisableSanityCheck`.
+   */
+  MHD_OPTION_SERVER_INSANITY = 32
+};
+
+
+/**
+ * Bitfield for the #MHD_OPTION_SERVER_INSANITY specifying
+ * which santiy checks should be disabled.
+ */
+enum MHD_DisableSanityCheck
+{
+  /**
+   * All sanity checks are enabled.
+   */
+  MHD_DSC_SANE = 0
+
 };
 
 
@@ -2924,7 +2949,14 @@ enum MHD_ResponseFlags
    * #MHD_RF_HTTP_VERSION_1_0_ONLY flag, the response's HTTP version will
    * always be set to 1.0 and "Connection" headers are still supported.
    */
-  MHD_RF_HTTP_VERSION_1_0_RESPONSE = 2
+  MHD_RF_HTTP_VERSION_1_0_RESPONSE = 2,
+
+  /**
+   * Disable sanity check preventing clients from manually
+   * setting the HTTP content length option.
+   */
+  MHD_RF_INSANITY_HEADER_CONTENT_LENGTH = 4
+
 
 };
 
diff --git a/src/microhttpd/connection.c b/src/microhttpd/connection.c
index 1dbbbd82..2ef0b989 100644
--- a/src/microhttpd/connection.c
+++ b/src/microhttpd/connection.c
@@ -1430,8 +1430,9 @@ build_header_response (struct MHD_Connection *connection)
          (MHD_HTTP_NO_CONTENT != rc) &&
          (MHD_HTTP_NOT_MODIFIED != rc) &&
          (MHD_HTTP_OK <= rc) &&
-         (NULL ==   /* this should always succeed due to check in
-                       MHD_add_response_header() */
+         (NULL ==   /* this COULD fail if the check in
+                       MHD_add_response_header() was bypassed
+                       via #MHD_RF_INSANITY_HEADER_CONTENT_LENGTH */
           MHD_get_response_header (response,
                                    MHD_HTTP_HEADER_CONTENT_LENGTH)) &&
          (may_add_content_length) &&
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
index 1e5716e3..aec6aa86 100644
--- a/src/microhttpd/daemon.c
+++ b/src/microhttpd/daemon.c
@@ -2182,7 +2182,7 @@ thread_main_handle_connection (void *data)
                            MHD_REQUEST_TERMINATED_DAEMON_SHUTDOWN :
                            MHD_REQUEST_TERMINATED_WITH_ERROR);
   MHD_connection_handle_idle (con);
-exit:
+  exit:
   if (NULL != con->response)
   {
     MHD_destroy_response (con->response);
@@ -2742,7 +2742,7 @@ internal_add_connection (struct MHD_Daemon *daemon,
 #endif
   }
   return MHD_YES;
-cleanup:
+  cleanup:
   if (NULL != daemon->notify_connection)
     daemon->notify_connection (daemon->notify_connection_cls,
                                connection,
@@ -5062,6 +5062,11 @@ parse_options_va (struct MHD_Daemon *daemon,
       daemon->uri_log_callback_cls = va_arg (ap,
                                              void *);
       break;
+    case MHD_OPTION_SERVER_INSANITY:
+      daemon->insanity_level = (enum MHD_DisableSanityCheck)
+                               va_arg (ap,
+                                       unsigned int);
+      break;
 #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS)
     case MHD_OPTION_THREAD_POOL_SIZE:
       daemon->worker_pool_size = va_arg (ap,
@@ -5404,6 +5409,7 @@ parse_options_va (struct MHD_Daemon *daemon,
         case MHD_OPTION_TCP_FASTOPEN_QUEUE_SIZE:
         case MHD_OPTION_LISTENING_ADDRESS_REUSE:
         case MHD_OPTION_LISTEN_BACKLOG_SIZE:
+        case MHD_OPTION_SERVER_INSANITY:
           if (MHD_YES != parse_options (daemon,
                                         servaddr,
                                         opt,
@@ -6547,7 +6553,7 @@ MHD_start_daemon_va (unsigned int flags,
   return daemon;
 
 #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS)
-thread_failed:
+  thread_failed:
   /* If no worker threads created, then shut down normally. Calling
      MHD_stop_daemon (as we do below) doesn't work here since it
      assumes a 0-sized thread pool means we had been in the default
@@ -6571,7 +6577,7 @@ thread_failed:
   return NULL;
 #endif
 
-free_and_fail:
+  free_and_fail:
   /* clean up basic memory state in 'daemon' and return NULL to
      indicate failure */
 #ifdef EPOLL_SUPPORT
diff --git a/src/microhttpd/internal.h b/src/microhttpd/internal.h
index fa66d265..8f7192e7 100644
--- a/src/microhttpd/internal.h
+++ b/src/microhttpd/internal.h
@@ -1461,6 +1461,12 @@ struct MHD_Daemon
   size_t thread_stack_size;
 
   /**
+   * Our #MHD_OPTION_SERVER_INSANITY level, bits indicating
+   * which sanity checks are off.
+   */
+  enum MHD_DisableSanityCheck insanity_level;
+
+  /**
    * Number of worker daemons
    */
   unsigned int worker_pool_size;
diff --git a/src/microhttpd/response.c b/src/microhttpd/response.c
index 112a622a..968fc8c9 100644
--- a/src/microhttpd/response.c
+++ b/src/microhttpd/response.c
@@ -147,8 +147,10 @@ MHD_add_response_header (struct MHD_Response *response,
     /* NOTE: for compressed bodies, use the "Content-encoding" header */
     return MHD_NO;
   }
-  if (MHD_str_equal_caseless_ (header,
-                               MHD_HTTP_HEADER_CONTENT_LENGTH))
+  if ( (0 == (MHD_RF_INSANITY_HEADER_CONTENT_LENGTH
+              & response->flags)) &&
+       (MHD_str_equal_caseless_ (header,
+                                 MHD_HTTP_HEADER_CONTENT_LENGTH)) )
   {
     /* MHD will set Content-length if allowed and possible,
        reject attempt by application */
@@ -838,17 +840,20 @@ MHD_upgrade_action (struct MHD_UpgradeResponseHandle *urh,
       return MHD_YES;
     }
     else
-#else
+#endif
     {
       if (0 ==
           MHD_socket_cork_ (connection->socket_fd,
                             true))
+      {
         connection->sk_cork_on = true;
-    }
-#endif
-    case MHD_UPGRADE_ACTION_CORK_OFF:
-      if (! connection->sk_cork_on)
         return MHD_YES;
+      }
+      return MHD_NO;
+    }
+  case MHD_UPGRADE_ACTION_CORK_OFF:
+    if (! connection->sk_cork_on)
+      return MHD_YES;
 #ifdef HTTPS_SUPPORT
     if (0 != (daemon->options & MHD_USE_TLS) )
     {
@@ -857,17 +862,20 @@ MHD_upgrade_action (struct MHD_UpgradeResponseHandle *urh,
       return MHD_YES;
     }
     else
-#else
+#endif
     {
       if (0 ==
           MHD_socket_cork_ (connection->socket_fd,
                             false))
+      {
         connection->sk_cork_on = false;
-    }
-#endif
-    default:
-      /* we don't understand this one */
+        return MHD_YES;
+      }
       return MHD_NO;
+    }
+  default:
+    /* we don't understand this one */
+    return MHD_NO;
   }
 }