Merge commit from fork

Fix unresponsive cupsd process caused by a slow client

Author: zdohnal

cups/http-private.h

@@ -83,6 +83,7 @@ extern "C" {
 // Constants...
 //
 
+#  define _HTTP_MAX_BUFFER	32768	/* Size of read buffer */
 #  define _HTTP_MAX_SBUFFER	65536	/* Size of (de)compression buffer */
 
 #  define _HTTP_TLS_NONE	0	/* No TLS options */
@@ -157,8 +158,8 @@ struct _http_s				// HTTP connection structure
   http_encoding_t	data_encoding;	/* Chunked or not */
   int			_data_remaining;/* Number of bytes left (deprecated) */
   int			used;		/* Number of bytes used in buffer */
-  char			buffer[HTTP_MAX_BUFFER];
-					/* Buffer for incoming data */
+  char			_buffer[HTTP_MAX_BUFFER];
+					/* Old read buffer (deprecated) */
   int			_auth_type;	/* Authentication in use (deprecated) */
   unsigned char		_md5_state[88];	/* MD5 state (deprecated) */
   char			nonce[HTTP_MAX_VALUE];
@@ -231,6 +232,8 @@ struct _http_s				// HTTP connection structure
   			*default_fields[HTTP_FIELD_MAX];
 					/* Default field values, if any */
   /**** New in CUPS 2.5 ****/
+  char			buffer[_HTTP_MAX_BUFFER];
+					/* Read buffer */
   char  		qop[HTTP_MAX_VALUE];
 					/* Quality of Protection (qop) value from WWW-Authenticate */
 };

cups/http.c

@@ -37,7 +37,7 @@ static http_t		*http_create(const char *host, int port, http_addrlist_t *addrlis
 #ifdef DEBUG
 static void		http_debug_hex(const char *prefix, const char *buffer, int bytes);
 #endif // DEBUG
-static ssize_t		http_read(http_t *http, char *buffer, size_t length);
+static ssize_t		http_read(http_t *http, char *buffer, size_t length, int timeout);
 static ssize_t		http_read_buffered(http_t *http, char *buffer, size_t length);
 static ssize_t		http_read_chunk(http_t *http, char *buffer, size_t length);
 static bool		http_send(http_t *http, http_state_t request, const char *uri);
@@ -1435,7 +1435,7 @@ httpGets2(http_t *http,			// I - HTTP connection
         return (NULL);
       }
 
-      bytes = http_read(http, http->buffer + http->used, (size_t)(HTTP_MAX_BUFFER - http->used));
+      bytes = http_read(http, http->buffer + http->used, (size_t)(_HTTP_MAX_BUFFER - http->used), http->wait_value);
 
       DEBUG_printf("4httpGets2: read " CUPS_LLFMT " bytes.", CUPS_LLCAST bytes);
 
@@ -1919,24 +1919,13 @@ httpPeek(http_t *http,			// I - HTTP connection
     // Buffer small reads for better performance...
     ssize_t	buflen;			// Length of read for buffer
 
-    if (!http->blocking)
-    {
-      while (!httpWait(http, http->wait_value))
-      {
-	if (http->timeout_cb && (*http->timeout_cb)(http, http->timeout_data))
-	  continue;
-
-	return (0);
-      }
-    }
-
     if ((size_t)http->data_remaining > sizeof(http->buffer))
       buflen = sizeof(http->buffer);
     else
       buflen = (ssize_t)http->data_remaining;
 
     DEBUG_printf("2httpPeek: Reading %d bytes into buffer.", (int)buflen);
-    bytes = http_read(http, http->buffer, (size_t)buflen);
+    bytes = http_read(http, http->buffer, (size_t)buflen, http->wait_value);
 
     DEBUG_printf("2httpPeek: Read " CUPS_LLFMT " bytes into buffer.", CUPS_LLCAST bytes);
     if (bytes > 0)
@@ -1954,9 +1943,9 @@ httpPeek(http_t *http,			// I - HTTP connection
     int		zerr;			// Decompressor error
     z_stream	stream;			// Copy of decompressor stream
 
-    if (http->used > 0 && ((z_stream *)http->stream)->avail_in < HTTP_MAX_BUFFER)
+    if (http->used > 0 && ((z_stream *)http->stream)->avail_in < _HTTP_MAX_BUFFER)
     {
-      size_t buflen = HTTP_MAX_BUFFER - ((z_stream *)http->stream)->avail_in;
+      size_t buflen = _HTTP_MAX_BUFFER - ((z_stream *)http->stream)->avail_in;
 					// Number of bytes to copy
 
       if (((z_stream *)http->stream)->avail_in > 0 && ((z_stream *)http->stream)->next_in > http->sbuffer)
@@ -2205,7 +2194,7 @@ httpRead2(http_t *http,			// I - HTTP connection
 
       if (bytes == 0)
       {
-        ssize_t buflen = HTTP_MAX_BUFFER - (ssize_t)((z_stream *)http->stream)->avail_in;
+        ssize_t buflen = _HTTP_MAX_BUFFER - (ssize_t)((z_stream *)http->stream)->avail_in;
 					// Additional bytes for buffer
 
         if (buflen > 0)
@@ -2904,17 +2893,51 @@ int					// O - 1 to continue, 0 to stop
 _httpUpdate(http_t        *http,	// I - HTTP connection
             http_status_t *status)	// O - Current HTTP status
 {
-  char		line[32768],		// Line from connection...
+  char		line[_HTTP_MAX_BUFFER],	// Line from connection...
 		*value;			// Pointer to value on line
   http_field_t	field;			// Field index
   int		major, minor;		// HTTP version numbers
 
 
   DEBUG_printf("_httpUpdate(http=%p, status=%p), state=%s", (void *)http, (void *)status, httpStateString(http->state));
 
+  // When doing non-blocking I/O, make sure we have a whole line...
+  if (!http->blocking)
+  {
+    ssize_t	bytes;			// Bytes "peeked" from connection
+
+    // See whether our read buffer is full...
+    DEBUG_printf("2_httpUpdate: used=%d", http->used);
+
+    if (http->used > 0 && !memchr(http->buffer, '\n', (size_t)http->used) && (size_t)http->used < sizeof(http->buffer))
+    {
+      // No, try filling in more data...
+      if ((bytes = http_read(http, http->buffer + http->used, sizeof(http->buffer) - (size_t)http->used, /*timeout*/0)) > 0)
+      {
+	DEBUG_printf("2_httpUpdate: Read %d bytes.", (int)bytes);
+	http->used += (int)bytes;
+      }
+    }
+
+    // Peek at the incoming data...
+    if (!http->used || !memchr(http->buffer, '\n', (size_t)http->used))
+    {
+      // Don't have a full line, tell the reader to try again when there is more data...
+      DEBUG_puts("1_htttpUpdate: No newline in buffer yet.");
+      if ((size_t)http->used == sizeof(http->buffer))
+	*status = HTTP_STATUS_ERROR;
+      else
+	*status = HTTP_STATUS_CONTINUE;
+      return (0);
+    }
+
+    DEBUG_puts("2_httpUpdate: Found newline in buffer.");
+  }
+
   // Grab a single line from the connection...
   if (!httpGets2(http, line, sizeof(line)))
   {
+    DEBUG_puts("1_httpUpdate: Error reading request line.");
     *status = HTTP_STATUS_ERROR;
     return (0);
   }
@@ -4100,7 +4123,8 @@ http_debug_hex(const char *prefix,	// I - Prefix for line
 static ssize_t				// O - Number of bytes read or -1 on error
 http_read(http_t *http,			// I - HTTP connection
           char   *buffer,		// I - Buffer
-          size_t length)		// I - Maximum bytes to read
+          size_t length,		// I - Maximum bytes to read
+          int    timeout)		// I - Wait timeout
 {
   ssize_t	bytes;			// Bytes read
 
@@ -4109,7 +4133,7 @@ http_read(http_t *http,			// I - HTTP connection
 
   if (!http->blocking || http->timeout_value > 0.0)
   {
-    while (!httpWait(http, http->wait_value))
+    while (!_httpWait(http, timeout, 1))
     {
       if (http->timeout_cb && (*http->timeout_cb)(http, http->timeout_data))
 	continue;
@@ -4212,7 +4236,7 @@ http_read_buffered(http_t *http,	// I - HTTP connection
     else
       bytes = (ssize_t)length;
 
-    DEBUG_printf("8http_read: Grabbing %d bytes from input buffer.", (int)bytes);
+    DEBUG_printf("8http_read_buffered: Grabbing %d bytes from input buffer.", (int)bytes);
 
     memcpy(buffer, http->buffer, (size_t)bytes);
     http->used -= (int)bytes;
@@ -4222,7 +4246,7 @@ http_read_buffered(http_t *http,	// I - HTTP connection
   }
   else
   {
-    bytes = http_read(http, buffer, length);
+    bytes = http_read(http, buffer, length, http->wait_value);
   }
 
   return (bytes);
@@ -4535,16 +4559,14 @@ http_set_timeout(int    fd,		// I - File descriptor
 static void
 http_set_wait(http_t *http)		// I - HTTP connection
 {
-  if (http->blocking)
-  {
-    http->wait_value = (int)(http->timeout_value * 1000);
+  http->wait_value = (int)(http->timeout_value * 1000);
 
-    if (http->wait_value <= 0)
-      http->wait_value = 60000;
-  }
-  else
+  if (http->wait_value <= 0)
   {
-    http->wait_value = 10000;
+    if (http->blocking)
+      http->wait_value = 60000;
+    else
+      http->wait_value = 1000;
   }
 }
 

cups/tls-gnutls.c

@@ -1832,7 +1832,7 @@ _httpTLSStart(http_t *http)		// I - Connection to server
 
       if (!cupsCreateCredentials(tls_keypath, false, CUPS_CREDPURPOSE_SERVER_AUTH, CUPS_CREDTYPE_DEFAULT, CUPS_CREDUSAGE_DEFAULT_TLS, NULL, NULL, NULL, NULL, NULL, cn, /*email*/NULL, 0, NULL, NULL, time(NULL) + 3650 * 86400))
       {
-	DEBUG_puts("4_httpTLSStart: cupsCreateCredentials failed.");
+	DEBUG_printf("4_httpTLSStart: cupsCreateCredentials failed: %s", cupsGetErrorString());
 	http->error  = errno = EINVAL;
 	http->status = HTTP_STATUS_ERROR;
 	cupsMutexUnlock(&tls_mutex);

cups/tls-openssl.c

@@ -1900,7 +1900,7 @@ _httpTLSStart(http_t *http)		// I - Connection to server
 
       if (!cupsCreateCredentials(tls_keypath, false, CUPS_CREDPURPOSE_SERVER_AUTH, CUPS_CREDTYPE_DEFAULT, CUPS_CREDUSAGE_DEFAULT_TLS, NULL, NULL, NULL, NULL, NULL, cn, NULL, 0, NULL, NULL, time(NULL) + 3650 * 86400))
       {
-	DEBUG_puts("4_httpTLSStart: cupsCreateCredentials failed.");
+	DEBUG_printf("4_httpTLSStart: cupsCreateCredentials failed: %s", cupsGetErrorString());
 	http->error  = errno = EINVAL;
 	http->status = HTTP_STATUS_ERROR;
 	SSL_CTX_free(context);
@@ -2190,11 +2190,14 @@ http_bio_read(BIO  *h,			// I - BIO data
   http = (http_t *)BIO_get_data(h);
   DEBUG_printf("9http_bio_read: http=%p", (void *)http);
 
-  if (!http->blocking)
+  if (!http->blocking || http->timeout_value > 0.0)
   {
     // Make sure we have data before we read...
-    if (!_httpWait(http, 10000, 0))
+    while (!_httpWait(http, http->wait_value, 0))
     {
+      if (http->timeout_cb && (*http->timeout_cb)(http, http->timeout_data))
+	continue;
+
 #ifdef WIN32
       http->error = WSAETIMEDOUT;
 #else