IETF Logo Mail Archive

Re: HTTP/2 client behaviour on receiving illegal PUSH_PROMISE frames

Lucas Pardue <lucaspardue.24.7@gmail.com> Tue, 22 September 2020 18:20 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1E6D3A0A0C for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 22 Sep 2020 11:20:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.77
X-Spam-Level:
X-Spam-Status: No, score=-2.77 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GDCAXtUT2wqq for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 22 Sep 2020 11:20:49 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F28DD3A0A00 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 22 Sep 2020 11:20:48 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1kKmrc-0004K8-Ay for ietf-http-wg-dist@listhub.w3.org; Tue, 22 Sep 2020 18:18:04 +0000
Resent-Date: Tue, 22 Sep 2020 18:18:04 +0000
Resent-Message-Id: <E1kKmrc-0004K8-Ay@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <lucaspardue.24.7@gmail.com>) id 1kKmrX-0004EM-R5 for ietf-http-wg@listhub.w3.org; Tue, 22 Sep 2020 18:17:59 +0000
Received: from mail-ed1-x534.google.com ([2a00:1450:4864:20::534]) by titan.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <lucaspardue.24.7@gmail.com>) id 1kKmrV-0003at-Nu for ietf-http-wg@w3.org; Tue, 22 Sep 2020 18:17:59 +0000
Received: by mail-ed1-x534.google.com with SMTP id b12so17044251edz.11 for <ietf-http-wg@w3.org>; Tue, 22 Sep 2020 11:17:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=x59/8a4vMdED1guqGkJz/z3IQt4GgCeX/3twiDzjRu0=; b=EgZbYl+Jj1WcaZdbBeWI33zOO4NH074I/xS7DdrocjkxUxAF6obr1Wpy68eF05MhE1 JLLinlI+X4yTT0f+F0H3Sahq1FINwy6Q4m3kBGCXKUke0WwJBt9AFT4kOLxYlQ0tK0qB er4kBlr3EkKaEuRBEaE708WYHZnKyQG9ffjAFRoFQnQ9i75penMouCsI0a2xQrMyvihl jpddi/1fSWcIV5A5Fq1fcM8dqcKMvCsD3J1H5I+7UFnUPILak95cCTqfdBgnTIxI/DgK ++rh3IildDM8I6chhIRjmeNytxeYUnqHYUBLdHOurhkY6NqnJ1KY1CjFFiwhg9jN/tEO 40vg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=x59/8a4vMdED1guqGkJz/z3IQt4GgCeX/3twiDzjRu0=; b=RQkTvKi9lm4V/VoaAOp6K+VMUaeEcDLmNGlAZO+44fdUd4Fdd/GeSUL7FCO9J+J+I/ XgZHLjilLV0NGA8cTpdqOy7lUCHAO9IOiXhEw+W/3H06kQVw/22bcSXwKAI9xdCl8Etd kj6749vjoTN6VAU0iEFpw+tUi3oW/ASrWuVizcwADCrDD1efIXLi5yA6WDcZiCpjEMI8 45FsxkghNckDfyhVaSQnjTgNyuTmKYRKp82bTMDcPIOo0rXnycpWMh2H6Z7i022pThey DoHeF7PR/EfSv0vfYOYx8rFgmLmGAKuoo6LO90z8IQvVTGlywD759ml1va92Oxp1rWLA akHw==
X-Gm-Message-State: AOAM5338i0o/9EVLlsdS/XKQIbP3dYhaFliX9N7oKMFfuT2P4/M50qJ+ Sn52R0Jh9+SPTH7gZhcF7uaG19BuCG3N3KbxzFo=
X-Google-Smtp-Source: ABdhPJwcE5XbkTS1wijZOVR8xaXaJaqdWffV3F9PHeG4VpeQ0JoD3C6dtWYdw/IWyBz0Rkb8/428aE9Rie/O95Pkt5M=
X-Received: by 2002:aa7:d4d4:: with SMTP id t20mr5315148edr.229.1600798666431; Tue, 22 Sep 2020 11:17:46 -0700 (PDT)
MIME-Version: 1.0
References: <CA+phaeeHSjyKx8Dv_DqUmL=1TuYyahsFEW364TQT3Kw5j4U5xw@mail.gmail.com>
In-Reply-To: <CA+phaeeHSjyKx8Dv_DqUmL=1TuYyahsFEW364TQT3Kw5j4U5xw@mail.gmail.com>
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Tue, 22 Sep 2020 19:17:35 +0100
Message-ID: <CALGR9oZLp+RBZCaCr-Q4uBX7UGieSavizxWLcw3gmHpcuz8k1g@mail.gmail.com>
To: Alan Egerton <eggyal@gmail.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="000000000000dea0f005afeafb83"
Received-SPF: pass client-ip=2a00:1450:4864:20::534; envelope-from=lucaspardue.24.7@gmail.com; helo=mail-ed1-x534.google.com
X-W3C-Hub-Spam-Status: No, score=-7.8
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1kKmrV-0003at-Nu da0a89166b9bffb6405893292157bf26
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP/2 client behaviour on receiving illegal PUSH_PROMISE frames
Archived-At: <https://www.w3.org/mid/CALGR9oZLp+RBZCaCr-Q4uBX7UGieSavizxWLcw3gmHpcuz8k1g@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/38056
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

The confusion is possibly due to the reports in errata 4535 [1] and
duplicate 4645 [2],


[1] - https://www.rfc-editor.org/errata/eid4535
[2] - https://www.rfc-editor.org/errata/eid4645

On Tue, Sep 22, 2020 at 6:30 PM Alan Egerton <eggyal@gmail.com> wrote:

> I'm a little unclear exactly how clients should behave upon receiving
> PUSH_PROMISE frames in certain illegal states.  In particular,
> sections 5.1 and 6.6 of RFC 7540 appear to state contradictory
> requirements:
>
> +------------------------------+-----------------+-----------------+
> | Client state                 |   Section 5.1   |   Section 6.6   |
> +------------------------------+-----------------+-----------------+
> | half-closed(remote)          |       S:SC      |       C:PE      |
> |                              |                 |                 |
> | closed (RST_STREAM received) |       S:SC      |       C:PE      |
> | closed (END_STREAM received) |       C:SC      |       C:PE      |
> | closed (RST_STREAM sent)     |    Ignore/P:?   |   Handle/C:PE   |
> +------------------------------+-----------------+-----------------+
> KEY
> S: = Stream error
> C: = Connection error
> P: = Reset promised stream (error type not stated)
> :SC = STREAM_CLOSED
> :PE = PROTOCOL_ERROR
>
>
> So, which is correct?  And where RST_STREAM has been sent, should the
> PUSH_PROMISE be ignored or handled (beyond sending RST_STREAM for the
> promised stream, in which case what should be the error type)?
>
>
> The relevant extracts from Section 5.1 are:
>
> In "half-closed(remote)":
>
> > If an endpoint receives additional frames, other than WINDOW_UPDATE,
> > PRIORITY, or RST_STREAM, for a stream that is in this state, it MUST
> > respond with a stream error (Section 5.4.2) of type STREAM_CLOSED.
>
> In "closed":
>
> > An endpoint that receives any frame other than PRIORITY after
> > receiving a RST_STREAM MUST treat that as a stream error (Section
> > 5.4.2) of type STREAM_CLOSED. Similarly, an endpoint that receives any
> > frames after receiving a frame with the END_STREAM flag set MUST treat
> > that as a connection error (Section 5.4.1) of type STREAM_CLOSED,
> > unless the frame is permitted as described below.
>
> and
>
> > An endpoint MUST ignore frames that it receives on closed streams
> > after it has sent a RST_STREAM frame.
> >
> > [deletia]
> >
> > An endpoint might receive a PUSH_PROMISE frame after it sends
> > RST_STREAM. PUSH_PROMISE causes a stream to become "reserved" even if
> > the associated stream has been reset. Therefore, a RST_STREAM is
> > needed to close an unwanted promised stream.
>
>
> And from Section 6.6 PUSH_PROMISE:
>
> > A receiver MUST treat the receipt of a PUSH_PROMISE on a stream that
> > is neither "open" nor "half-closed (local)" as a connection error
> > (Section 5.4.1) of type PROTOCOL_ERROR. However, an endpoint that has
> > sent RST_STREAM on the associated stream MUST handle PUSH_PROMISE
> > frames that might have been created before the RST_STREAM frame is
> > received and processed.
>
> -- Alan
>

v2.23.0 | Report a Bug | By Email