IETF Logo Mail Archive

Re: HTTP/2 client behaviour on receiving illegal PUSH_PROMISE frames

Alan Egerton <eggyal@gmail.com> Wed, 23 September 2020 01:06 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 255293A09CC for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 22 Sep 2020 18:06:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.77
X-Spam-Level:
X-Spam-Status: No, score=-2.77 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FEegoOntWdwX for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 22 Sep 2020 18:06:53 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CD733A091A for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 22 Sep 2020 18:06:52 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1kKtCr-0008R0-Jl for ietf-http-wg-dist@listhub.w3.org; Wed, 23 Sep 2020 01:04:25 +0000
Resent-Date: Wed, 23 Sep 2020 01:04:25 +0000
Resent-Message-Id: <E1kKtCr-0008R0-Jl@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <eggyal@gmail.com>) id 1kKtCo-0008Q9-7a for ietf-http-wg@listhub.w3.org; Wed, 23 Sep 2020 01:04:22 +0000
Received: from mail-pg1-x535.google.com ([2607:f8b0:4864:20::535]) by mimas.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <eggyal@gmail.com>) id 1kKtCm-0002WW-64 for ietf-http-wg@w3.org; Wed, 23 Sep 2020 01:04:21 +0000
Received: by mail-pg1-x535.google.com with SMTP id u24so2504594pgi.1 for <ietf-http-wg@w3.org>; Tue, 22 Sep 2020 18:04:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=uw02StmSTu+knYjKKqtzBWfhqaPh9mP/N5KaG+ZFmLs=; b=TKZgnIH0tcIdPeo9Byjqwk/3s+i+GocCwv6QKscjV9lmyt1IPne5PETBjgOcsDPnFQ FZsibljnBuzMLERFzb94BqNIFTnRES19w/98NtFGMsV5FxAgkLDq2bPNoYp3u4+tnZ2Y oCLZo3YthgOmT6PHZ7Efr1Jxm4AKEBaH7Ma154BMGaxR7dO0yAI3I+fignPeJTo79iPA W2B+7dUgV1B8YDaOZbIQSmimEWqU7iafxoHrbH2uMa5Dybu09yViRQ3yQMtikInBd/XN UchMX5IhK+0cWMTiaVF+cL4TLAMM6thdorm5lksh3PZFkErk7sC7r7RDozHY9+9ITJMj ucow==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=uw02StmSTu+knYjKKqtzBWfhqaPh9mP/N5KaG+ZFmLs=; b=T+TEDxOOiBUq1fjelkVZJA771kHXCp6Z/kZozLYZJs9x4SPdoBobBAKmU+S3PXrZT9 VGnMjyk8lAA18Wo6f76WNyf6EcxRTNkZWVy05zmCs66JgmRR+HbolT8ZxQovMFEO9GXG h6e9jDHuqBOlkwnDzUW529Fp9qEjlr4oELHVYkCRXYzjOGbOkWUeI8rH4Q70j0kFl6VD cWonyWO7htovEj+dEFu9OsTbmuD9tz5mCscFWVRDQvZSU/IWK0Y4Np+8hCJLyEKC0ZXS VgeSsvlGSU1LTWv5Wc3dB36P/p/CQAorIzA2IQA9VocEzoxDw4V3CN4JsmuPmHPgZcYz RC/g==
X-Gm-Message-State: AOAM532/K7GPZDgRrhqvv71qajm0+ko4iQiJd5dpHsXeQ+KVJfEO/AoU +5repeL8noakceNp7SLrOHCbAyZTSIlEkuKjmb8=
X-Google-Smtp-Source: ABdhPJz/NhTW0uck9Mrkul9NBq3nsZNAcg28FGEMFyFlHOQQByuERl2gx2LMOY5jaWx41t7dQjRi/5wAUkChNErCd1E=
X-Received: by 2002:a62:d456:0:b029:13c:1611:66c2 with SMTP id u22-20020a62d4560000b029013c161166c2mr6446484pfl.13.1600823048884; Tue, 22 Sep 2020 18:04:08 -0700 (PDT)
MIME-Version: 1.0
References: <CA+phaeeHSjyKx8Dv_DqUmL=1TuYyahsFEW364TQT3Kw5j4U5xw@mail.gmail.com> <CALGR9oZLp+RBZCaCr-Q4uBX7UGieSavizxWLcw3gmHpcuz8k1g@mail.gmail.com> <CA+phaeeaeL+64TyrQgp3+=wDiDbtxcTYqzSzQN2PN34WfRadsQ@mail.gmail.com> <CALGR9oYU=JzkZuVYwvY87hycUgy1qKrWV50VF49cfM_A8pntMw@mail.gmail.com> <CA+phaec3g5YdyY29OAjSg4QXh62EPRsf3FpdQ09DLU+Ufytb3A@mail.gmail.com> <CALGR9oZuBxQieo50fb+EpbXAu38=FeTE33qxjEAmBS6+9pVR0Q@mail.gmail.com> <CH2PR22MB20869D12084628CDF0F0876FDA3B0@CH2PR22MB2086.namprd22.prod.outlook.com>
In-Reply-To: <CH2PR22MB20869D12084628CDF0F0876FDA3B0@CH2PR22MB2086.namprd22.prod.outlook.com>
From: Alan Egerton <eggyal@gmail.com>
Date: Wed, 23 Sep 2020 02:03:57 +0100
Message-ID: <CA+phaeesjdoTz7H1PvHdE3bYS9zip5OK2baOWNZKs+3yTDDxfw@mail.gmail.com>
To: Mike Bishop <mbishop@evequefou.be>
Cc: Lucas Pardue <lucaspardue.24.7@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="0000000000002d55af05aff0a96e"
Received-SPF: pass client-ip=2607:f8b0:4864:20::535; envelope-from=eggyal@gmail.com; helo=mail-pg1-x535.google.com
X-W3C-Hub-Spam-Status: No, score=-5.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1kKtCm-0002WW-64 0415a920a98389d48b37d59ed40fe5fb
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP/2 client behaviour on receiving illegal PUSH_PROMISE frames
Archived-At: <https://www.w3.org/mid/CA+phaeesjdoTz7H1PvHdE3bYS9zip5OK2baOWNZKs+3yTDDxfw@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/38062
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Ok, thanks for the clarification.  I hadn't considered that the spec might
be requiring multiple errors be raised/handled.

-- Alan


On Tue, Sep 22, 2020 at 11:10 PM Mike Bishop <mbishop@evequefou.be> wrote:

> Section 6.6 says that you C:P-E (using your notation) for receipt of
> PUSH_PROMISE when they can’t have legally been sent; it has an exception to
> account for a race condition, and says that you “MUST handle” them.  So it
> doesn’t mandate anything in particular beyond handling as normal in that
> race condition.  I’d echo most of Lucas’s points; it doesn’t need to
> specify the error code for RST_STREAM, because you’re “handling” it
> normally.  If you don’t want it, use the error code you would routinely use
> for unwanted pushes.
>
>
>
> However, you’re correct that receiving a PUSH_PROMISE in “half-closed
> (remote)” isn’t one of these race conditions; that means that the exception
> doesn’t apply in that case and the requirement to C:P-E applies in that
> scenario.
>
>
>
> It’s a bit odd that we require *both* a stream error *and *a connection
> error triggered by the same frame, but the ordering of those doesn’t
> matter; the connection is closed at the end either way.  I suppose my
> lawyerly answer is that a requirement to generate a stream error doesn’t
> preclude also treating it as a connection error, so this is merely a bit
> awkward and not outright wrong.
>
>
>
> *From:* Lucas Pardue <lucaspardue.24.7@gmail.com>
> *Sent:* Tuesday, September 22, 2020 5:03 PM
> *To:* Alan Egerton <eggyal@gmail.com>
> *Cc:* HTTP Working Group <ietf-http-wg@w3.org>
> *Subject:* Re: HTTP/2 client behaviour on receiving illegal PUSH_PROMISE
> frames
>
>
>
> My read is that 6.6 is a specialisation of the error conditions described
> in 5.1, therefore it might help to mention that in 5.1. Others might
> disagree.
>
>
>
> As for RST_STREAM of the unwanted push, I'd say this is just as described
> in 8.2.2; either CANCEL or REFUSED_STREAM.
>
>
>
> On Tue, 22 Sep 2020, 21:42 Alan Egerton, <eggyal@gmail.com> wrote:
>
> Hi Lucas,
>
>
> The situations I've described are absolutely illegal PUSH_PROMISE
> frames—but sections 5.1 and 6.6 appear to disagree over what error handling
> is appropriate in those situations.
>
>
> -- Alan
>
>
>
>
>
> On Tue, Sep 22, 2020 at 9:09 PM Lucas Pardue <lucaspardue.24.7@gmail.com>
> wrote:
>
>
>
>
>
> On Tue, Sep 22, 2020 at 8:38 PM Alan Egerton <eggyal@gmail.com> wrote:
>
> Thanks Lucas, but I don't think either of those reports are quite the
> same: they both appear to concern the state transition from "idle" state on
> sending a PUSH_PROMISE (and that the spec can be misread as describing
> transitions from that state on receiving such frames); whereas I am
> concerned with the correct error handling on receiving an erroneous
> PUSH_PROMISE in the "half-closed(remote)" or "closed" states.
>
>
>
> -- Alan
>
>
>
>
>
> oops I meant to say "possibly related" because this is about the handling
> of push promises with respect to stream lifecycle. My 2c:
>
>
>
> I might be squinting at the state machine wrong but I don't think it is
> practically possible for the client to have a request stream in a
> half-closed (remote) and receive a PUSH_PROMISE. Because the only way to
> get a stream in that state is for a server to respond to a request with
> END_STREAM set, before the client has sent END_STREAM or RST_STREAM. This
> is an early response, which is allowed. But the server shouldn't be trying
> to promise things after it closed the stream, that's a plain error.
> Similarly, a server sending PUSH_PROMISE after RST_STREAM is also an error.
>
>
>
> The odd case is when a client and server have a race about the stream
> being closed due to the client sending RST_STREAM in the open state.
> "Closed because I said so" is a bit different to "Closed because you said
> so". The statement in 6.6 about "MUST handle PUSH_PROMISES" is trying to
> wiggle out of the race condition.
>
>
>
> Cheers
>
> Lucas
>
>

v2.23.0 | Report a Bug | By Email