[edk2-devel] Http redirection handling using HttpDxe driver

Vladimir Olovyannikov via groups.io vladimir.olovyannikov=broadcom.com at groups.io
Thu Aug 27 19:23:48 UTC 2020 

Hi Maciej,

I would like to get your input (and the HttpDxe driver guys) on the issue
I see with Http redirection (using HttpDynamicCommand)
Basically, let's say that we connect to a server "server.com"

Request:
GET / HTTP/1.1
Host: server.com

Reply:
HTTP/1.1 301 Moved permanently
Location: www.server.com

By RFC, the client reissues the request like following and connects to
www.server.com:
Request:
GET / HTTP/1.1
Host: www.server.com

Reply:
HTTP/1.1 200 OK

I have an issue of getting EFI_ACCESS_DENIED in SockInterface.c on the
redirection.
The logic is:
1. Send a request
2. Parse the response. If there is a redirection code returned, then
 a) cancel Http connection
 b) resubmit to the proper host with proper host header.

Obviously, there are no issues with a). However, there is an issue with b)
When the second request is being sent,
EfiHttpRequest sets Configure and Reconfigure flags,  closes and cancels
Http connection
with HttpCloseConnection/EfiHttpCancel.
Everything is OK at this point. Note that the socket is closed, but it's
ConfiguredState is 1, and is not changed.
Now, HttpInitSession() is called with Configure flag.
  It calls into HttpConfigureTcp4(), which in turn calls
    Tcp4Configure().
    Here everything is fine until
      SockConfigure is called.
      The SockConfigure checks if ConfigureState is "not configured" (see
above, the ConfigureState is not changed on Http session cancel/close).
       So, the SockConfigure returns EFI_ACCESS_DENIED error as the socket
is configured, and this is returned to HttpConfigureTcp4().
  Which, in turn, returns an error up, and the Http in HttpDynamicCommand
gets this error, reports it and aborts the operation.

If I change the line in HttpConfigureTcp4, line 1108 in HttpProto.c from
if (EFI_ERROR (Status)) {
  DEBUG ((.....));
  return Status;
}
to
if (EFI_ERROR (Status) && (Status != EFI_ACCESS_DENIED)) {
  DEBUG ((...));
  return Status;
}
then EFI_SUCCESS is returned, socket placeholder is reused, and multiple
redirections works properly (I tried this scheme:
server.com->www.server.com->www1.server.com->got content).
I suspect, it is wrong to make an assumption that the ACCESS_DEINED
returned from Tcp4Configure() would be because of the socket.
Maybe, I am missing something? Can you help?

Thank you,
Vladimir

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#64704): https://edk2.groups.io/g/devel/message/64704
Mute This Topic: https://groups.io/mt/76459258/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list