Commit graph

27 commits

Author SHA1 Message Date
Piyush Shah
8890fa98c8 esp_http_server: Fixed a bug which could cause issues with LRU purge
LRU counter should be started from 1, and not 0, so that all checks
work fine.

Closes https://github.com/espressif/esp-idf/issues/4753
2020-05-27 17:14:12 +00:00
Chinmay
38b1c93764 esp_http_server : Bugfix in parsing of empty header values
This MR is intended to fix incorrect parsing of HTTP requests when empty header values are present.

The issue is was due to asymmetric behavior of `http_parser` library, which in case of:

    non-empty header values : invokes callbacks with the pointer to the start of a value
    empty header values : invokes callbacks with pointer to the start of next header or section

Since HTTP server relies on this pointer (along with length of the value) to locate the end of a value, and replace the line terminators (CRLFs) with null characters, the second case needed to be handled correctly.

Closes IDFGH-1539

Closes https://github.com/espressif/esp-idf/issues/3803
2019-09-09 08:21:13 +00:00
Piyush Shah
1aa2f36dec httpd_sess_close: Check for session validity before closing
If httpd_sess_trigger_close() gets called twice for the same socket,
the first httpd_sess_close() cb closes the correct socket, but the second
invocation closes the wrong socket which was just accepted and added to
the socket db. Checking for the lru counter will help identify this as the
counter is set only for requests actually served.
2019-08-28 09:03:55 +00:00
Anurag Kar
95b72a96f8 HTTP Server : Close new session immediately if open_fn fails
open_fn() was introduced in the context of HTTPS server, as a configurable callback function that is called by the HTTP server, on every newly created socket. It is responsible of allocating resources for per session transport security.

Earlier, if open_fn were to fail, the newly created socket would be closed by the server but the corresponding entry, for the now invalid socket, will remain in the internal socket database until that invalid socket is detected due to error when calling select(). Because of this delayed closing of sockets, the HTTPS server would quickly face shortage of available sessions when a lot of SSL handshake errors are happening (this typically occurs when a browser finds that the server certificate is self signed). This changes in this MR fix this issue by clearing up the socket from internal database, right after open_fn fails.

Closes https://github.com/espressif/esp-idf/issues/3479
2019-06-28 10:11:26 +00:00
Angus Gratton
e681f449bc Merge branch 'bugfix/httpd_log_purge_v3.3' into 'release/v3.3'
esp_http_server : Logging of purged data to monitor made configurable (backport v3.3)

See merge request idf/esp-idf!5015
2019-06-04 13:28:27 +08:00
Anurag Kar
d0e7fd4369 esp_http_server : Minor clarification in httpd_req_get_url_query_str() API documentation
Closes https://github.com/espressif/esp-idf/issues/3374
2019-06-03 08:35:03 +00:00
Anurag Kar
172a216edb esp_http_server : Logging of purged data to monitor made configurable
List of changes:
* Kconfig option HTTPD_LOG_PURGE_DATA enables logging of purged data
* Kconfig option HTTPD_PURGE_BUF_LEN sets purge buffer length
* Purged data is logged in hex

Closes https://github.com/espressif/esp-idf/issues/3359
2019-06-03 05:51:14 +00:00
Anurag Kar
0757e019f4 esp_http_server : Allow binding to same address and port upon restarting server without delay
Issue : Restarting the server without 30sec delay between httpd_stop() and httpd_start() causes EADDRINUSE error
Resolution : Use setsockopt() to enable SO_REUSEADDR on listener socket

Closes https://github.com/espressif/esp-idf/issues/3381
2019-05-06 10:52:49 +05:30
Anurag Kar
8bd09fb0a5 esp_http_server : Test added to check limit on max_open_sockets config option 2019-04-08 11:22:12 +05:30
Anurag Kar
e90c90d1f6 esp_http_server : Only accept new connections if server has capacity to handle more
This fix prevents HTTP server from accepting new connections when the total count of connected
sockets has reached the max_open_sockets limit set during configuration. The pending connections
are kept in backlog until atleast one of the connected sockets is closed. The maximum number of
connection requests that can kept in backlog is specified as backlog_conn configuration option.
Note that this modification has no effect when LRU purge is enabled.

Also added sanity check on setting for max_open_sockets during configuration.

Solution suggested by jimparis https://github.com/espressif/esp-idf/issues/3183#issue-421234265

Closes https://github.com/espressif/esp-idf/issues/3183
2019-04-08 11:21:44 +05:30
Anurag Kar
ff01bcfd88 HTTP Server : Fix for tolerating LF terminated headers
List of changes:
* When parsing requests, count termination from LF characters only
* Correct memcpy() length parameter in httpd_unrecv() (pointed out by jimparis in GitHub issue thread)
* Use ssize_t to store results of length subtractions during parsing
* Modify some comments to reduce ambiguity

Closes https://github.com/espressif/esp-idf/issues/3182
2019-04-01 15:38:59 +05:30
Piyush Shah
f28f4016cb esp_http_server: Provide apps an option to let http_server ignore sess_ctx changes
By default, if a URI handler changes the http session context,
the webserver internally clears the older context after the handler
returns. However, if applications want to change this behavior and
manage the allocation/de-allocation/freeing themselves and let the
server handle only the "socket close" case, this commit provides such
an option.
2019-03-05 00:21:03 +05:30
Angus Gratton
19fd436e88 Merge branch 'esp_http_server/lru_counter_for_timestamp' into 'master'
esp_http_server/lru_counter_for_timestamp:Added LRU counter for timer

See merge request idf/esp-idf!4205
2019-02-28 07:04:21 +08:00
Supreet Deshpande
4c8e997289 esp_http_server/lru_counter_for_timestamp:Added LRU counter for timer
Replaced the os timer in http server by LRU counter. The timestamp is
unnecessary for LRU.
2019-02-25 10:08:15 +00:00
Anurag Kar
28412d8cb6 http_server : Added feature for invoking user configurable handlers during server errors
Added APIs :
  * httpd_resp_send_err()        : for sending HTTP error responses for error codes given by httpd_err_code_t. It uses TCP_NODELAY option to ensure that HTTP error responses reach the client before socket is closed.
  * httpd_register_err_handler() : for registering HTTP error handler functions of type httpd_err_handler_func_t.

The default behavior, on encountering errors during processing of HTTP requests, is now to send HTTP error response (if possible) and close the underlying socket. User configurable handlers can be used to override this behavior for each error individually (except for 500 Internal Server Error).

Also fixed some typos.

Closes https://github.com/espressif/esp-idf/issues/3005
2019-02-25 09:13:39 +00:00
Roland Dobai
37126d3451 Correct Kconfigs according to the coding style 2019-01-29 13:37:01 +01:00
Anurag Kar
cfebbae3ef esp_http_server : Remove casual use of 'template' keyword
Closes https://github.com/espressif/esp-idf/issues/2956
2019-01-21 16:13:01 +05:30
Anurag Kar
21878d1bbf HTTP Server : Unit test added for httpd_uri_match_wildcard() function as given in https://github.com/espressif/esp-idf/pull/2581#issuecomment-430788473 2019-01-14 08:59:55 +05:30
Anurag Kar
416c55e7f0 HTTP Server : Add uri_match_fn field in config structure which accepts custom URI matching functions of type httpd_uri_match_func_t and defaults to basic string compare when set to NULL.
Move static uri_matches() function to httpd_uri_match_wildcard() under esp_http_server.h and make it optional.
2019-01-14 08:59:55 +05:30
Anurag Kar
107f52c4fc HTTP Server : Add helper APIs for sending string content
Note : In future consider deprecating usage of -1 for setting
buffer length equal to string length in APIs httpd_resp_send()
and httpd_resp_send_chunk()
2019-01-14 08:36:18 +05:30
Ondřej Hruška
91d6b3b989 Implement wildcard URI matching for http_server 2019-01-06 03:07:13 +05:30
Angus Gratton
61ee1bd31f Merge branch 'feature/esp_https_server' into 'master'
Add HTTPS Server component

See merge request idf/esp-idf!3608
2018-11-20 13:58:26 +08:00
Ivan Grokhotkov
6091021e83 unity: separate common and IDF specific functionality
New unity component can be used for testing other applications.
Upstream version of Unity is included as a submodule.
Utilities specific to ESP-IDF unit tests (partitions, leak checking
setup/teardown functions, etc) are kept only in unit-test-app.
Kconfig options are added to allow disabling certain Unity features.
2018-11-19 12:36:31 +08:00
Anurag Kar
9a9d18e466 esp_http_server : APIs renamed and context get/set implementations fixed
* http_sess_set_*_override APIs are now the only ones available to set custom recv/send/pending functions
* Fixed side effects to using http_sess_set/get_context inside URI handlers
2018-11-19 04:00:21 +00:00
Anurag Kar
aa6066a197 esp_https_server : Docs and API references fixed 2018-11-19 04:00:21 +00:00
Ondřej Hruška
a10fc02dd9 esp_http_server improvements to allow adding transport layer encryption
Changes:
- renamed `httpd_free_sess_ctx_fn_t` to `httpd_free_ctx_fn_t`
- added a `httpd_handle_t` argument to `httpd_send_func_t` and `httpd_recv_func_t`
- internal function `httpd_sess_get()` is no longer static, as it's used in other
  files besides httpd_sess.c

Bug fixes:
- removed a trailing semicolon from `HTTPD_DEFAULT_CONFIG()`
- fixed issue with failed `select()`, now it automatically closes invalid sockets
  instead of shutting down the entire server

New features:
- `httpd_resp_send()` and `httpd_resp_send_chunk()` now accept -1 as length to use
  `strlen()` internally
- added `httpd_sess_set_ctx()` to accompany `httpd_sess_get_ctx()`
- added a "transport context" to the session structure (next to user context)
- added `httpd_sess_{get,set}_transport_ctx()` to work with this transport context
- added "global user context" and "global transport context" stored in the server
  config (and then the handle); supports a user-provided free_fn
- added a "pending func" to e.g. check for data in the transport layer receive
  buffer
- added functions `httpd_set_sess_{send,recv,pending}_override()` that target
  a session by ID (i.e. not using a request object)
- added `httpd_set_pending_override()`
- added a "open_fn" and "close_fn" - functions called when creating and closing
  a session. These may be used to set up transport layer encryption or some other
  session-wide feature
2018-11-19 04:00:21 +00:00
Anurag Kar
2af9d7e0ed HTTP Server : Added esp_ prefix to http_server component files 2018-10-24 17:32:20 +05:30