From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-2.9 required=3.0 tests=ALL_TRUSTED,AWL,BAYES_00 shortcircuit=no autolearn=unavailable version=3.3.2 X-Original-To: yahns-public@yhbt.net Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net (Postfix) with ESMTP id 2CFCB20125 for ; Sat, 11 Apr 2015 00:41:14 +0000 (UTC) From: Eric Wong To: yahns-public@yhbt.net Subject: [PATCH] proxy_pass: attempt to forward premature upstream responses Date: Sat, 11 Apr 2015 00:41:14 +0000 Message-Id: <1428712874-27356-1-git-send-email-e@80x24.org> List-Id: Upstreams may shut us down while we're writing a request body, attempt to forward any responses from the upstream back to the client which may explain the rejection reason for giant uploads. --- lib/yahns/proxy_pass.rb | 5 +++++ test/test_proxy_pass.rb | 48 +++++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 48 insertions(+), 5 deletions(-) diff --git a/lib/yahns/proxy_pass.rb b/lib/yahns/proxy_pass.rb index d02bb40..e86e9c9 100644 --- a/lib/yahns/proxy_pass.rb +++ b/lib/yahns/proxy_pass.rb @@ -139,6 +139,11 @@ def send_req_body(req) close_req_body(input) prepare_wait_readable end + rescue Errno::EPIPE, Errno::ECONNRESET, Errno::ENOTCONN + # no more reading off the client socket, just prepare to forward + # the rejection response from the upstream (if any) + @yahns_client.to_io.shutdown(Socket::SHUT_RD) + prepare_wait_readable end def prepare_wait_readable diff --git a/test/test_proxy_pass.rb b/test/test_proxy_pass.rb index eb866b3..840ad1c 100644 --- a/test/test_proxy_pass.rb +++ b/test/test_proxy_pass.rb @@ -141,11 +141,21 @@ def chunky.each [ 200, h, [] ] end when 'PUT' - buf = env['rack.input'].read - [ 201, { - 'Content-Length' => buf.bytesize.to_s, - 'Content-Type' => 'text/plain', - }, [ buf ] ] + case env['PATH_INFO'] + when '/forbidden-put' + # ignore rack.input + [ 403, [ %w(Content-Type text/html), %w(Content-Length 0) ], [] ] + when '/forbidden-put-abort' + env['rack.hijack'].call.close + # should not be seen: + [ 123, [ %w(Content-Type text/html), %w(Content-Length 0) ], [] ] + else + buf = env['rack.input'].read + [ 201, { + 'Content-Length' => buf.bytesize.to_s, + 'Content-Type' => 'text/plain', + }, [ buf ] ] + end end end end @@ -249,11 +259,13 @@ def test_proxy_pass app(:rack, ProxiedApp.new) do listen "#{host2}:#{port2}" client_max_body_size nil + input_buffering :lazy end stderr_path err.path end end + check_forbidden_put(host, port) check_eof_body(host, port) check_pipelining(host, port) check_response_trailer(host, port) @@ -560,4 +572,30 @@ def check_eof_body(host, port) s.close end end + + def check_forbidden_put(host, port) + to_close = [] + Timeout.timeout(60) do + s = TCPSocket.new(host, port) + to_close << s + s.write("PUT /forbidden-put HTTP/1.1\r\nHost: example.com\r\n" \ + "Content-Length: #{OMFG.size}\r\n\r\n") + assert_equal OMFG.size, s.write(OMFG), + "proxy fully buffers, upstream does not" + assert_match %r{\AHTTP/1\.1 403 }, s.readpartial(1024) + assert_raises(EOFError) { s.readpartial(1) } + + s = TCPSocket.new(host, port) + to_close << s + s.write("PUT /forbidden-put-abort HTTP/1.1\r\nHost: example.com\r\n" \ + "Content-Length: #{OMFG.size}\r\n\r\n") + assert_equal OMFG.size, s.write(OMFG), + "proxy fully buffers, upstream does not" + assert_match %r{\AHTTP/1\.1 502 Bad Gateway}, s.readpartial(1024) + assert_raises(EOFError) { s.readpartial(1) } + @err.truncate(0) + end + ensure + to_close.each(&:close) + end end -- EW