Re: what constitutes an "invalid" content-length
Willy Tarreau <w@1wt.eu> Thu, 14 July 2016 05:31 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F11812B02B for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 13 Jul 2016 22:31:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.208
X-Spam-Level:
X-Spam-Status: No, score=-8.208 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.287, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kqgp9K2aCKSP for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 13 Jul 2016 22:31:14 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD6EA12D613 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 13 Jul 2016 22:31:14 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bNZAe-00076W-OP for ietf-http-wg-dist@listhub.w3.org; Thu, 14 Jul 2016 05:26:48 +0000
Resent-Date: Thu, 14 Jul 2016 05:26:48 +0000
Resent-Message-Id: <E1bNZAe-00076W-OP@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <w@1wt.eu>) id 1bNZAY-00075p-IO for ietf-http-wg@listhub.w3.org; Thu, 14 Jul 2016 05:26:42 +0000
Received: from wtarreau.pck.nerim.net ([62.212.114.60] helo=1wt.eu) by lisa.w3.org with esmtp (Exim 4.80) (envelope-from <w@1wt.eu>) id 1bNZAW-0004YJ-Lq for ietf-http-wg@w3.org; Thu, 14 Jul 2016 05:26:41 +0000
Received: (from willy@localhost) by pcw.home.local (8.15.2/8.15.2/Submit) id u6E5Q4of014747; Thu, 14 Jul 2016 07:26:04 +0200
Date: Thu, 14 Jul 2016 07:26:04 +0200
From: Willy Tarreau <w@1wt.eu>
To: Patrick McManus <mcmanus@ducksong.com>
Cc: Mark Nottingham <mnot@mnot.net>, Adrien de Croy <adrien@qbik.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <20160714052604.GA14717@1wt.eu>
References: <em19b7fba4-42bf-40e8-83a9-132dfdc92698@bodybag> <CAOdDvNq5Tgb+yYxprV2s+GDSvCoPi2kd9VJWL1hdHQYDq0bUFA@mail.gmail.com> <5FA906F3-23E7-4E6D-9812-DEDF49CEC80C@mnot.net> <CAOdDvNr6T-d2KEdvYXzwx5S9u3Qfg-88krpSD28=U0sLEX7Qrg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAOdDvNr6T-d2KEdvYXzwx5S9u3Qfg-88krpSD28=U0sLEX7Qrg@mail.gmail.com>
User-Agent: Mutt/1.6.0 (2016-04-01)
Received-SPF: pass client-ip=62.212.114.60; envelope-from=w@1wt.eu; helo=1wt.eu
X-W3C-Hub-Spam-Status: No, score=-5.5
X-W3C-Hub-Spam-Report: AWL=-0.575, BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1bNZAW-0004YJ-Lq bae84fd71b16a8e96141380dd44808d6
X-Original-To: ietf-http-wg@w3.org
Subject: Re: what constitutes an "invalid" content-length
Archived-At: <http://www.w3.org/mid/20160714052604.GA14717@1wt.eu>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31963
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On Wed, Jul 13, 2016 at 08:40:42AM -0400, Patrick McManus wrote: > My biggest frustration in this space is actually around the unreliability > of truncation detection. *lots* of non persistent h1 transactions that seem > to be strongly framed come up short by some criterion - c-l, missing a > zero-chunk terminator, or unclean close termiations like RST or TLS Alerts. I actually second this observation. In haproxy we have to process socket errors *after* processing the message so that we get a chance to pass a complete message in case it ends with a reset. And since haproxy is most often installed very close to the server, we cannot even blame some random blackboxes, it's the server which does nasty stuff. I found that one cause of such issues is when the max_orphans setting on the system is low and applications immediately close() after the last send(), and haproxy itself used to be caught doing this from time to time as well. As a workaround for this specific case in haproxy, we do a shutdown(SHUT_WR) before the close(), which manages to send the last FIN before trying to turn the socket into an orphan, so that if there's no more orphans and an RST has to be sent, at least a FIN was sent before. But what it means is that quite a number of resets are actually caused by this and also indicate an intentional close() by the application, meaning that you likely got the last chunk... unless it was killed in the TCP stack upon receipt of the reset of course. Willy
- Re: what constitutes an "invalid" content-length Willy Tarreau
- Re: what constitutes an "invalid" content-length Patrick McManus
- Re: what constitutes an "invalid" content-length Mark Nottingham
- Re: what constitutes an "invalid" content-length Adrien de Croy
- Re: what constitutes an "invalid" content-length Tim Bray
- Re: what constitutes an "invalid" content-length Willy Tarreau
- Re: what constitutes an "invalid" content-length Alex Rousskov
- Re: what constitutes an "invalid" content-length Adrien de Croy
- Re: what constitutes an "invalid" content-length Patrick McManus
- what constitutes an "invalid" content-length Adrien de Croy