diff --git a/lib/secure-streams/protocols/ss-h1.c b/lib/secure-streams/protocols/ss-h1.c index 50b00efd6..93cb8607b 100644 --- a/lib/secure-streams/protocols/ss-h1.c +++ b/lib/secure-streams/protocols/ss-h1.c @@ -225,7 +225,8 @@ secstream_h1(struct lws *wsi, enum lws_callback_reasons reason, void *user, switch (reason) { case LWS_CALLBACK_CLIENT_CONNECTION_ERROR: - assert(h); + if (!h) + break; assert(h->policy); lwsl_info("%s: h: %p, %s CLIENT_CONNECTION_ERROR: %s\n", __func__, h, h->policy->streamtype, in ? (char *)in : "(null)"); @@ -293,14 +294,17 @@ secstream_h1(struct lws *wsi, enum lws_callback_reasons reason, void *user, lwsl_info("%s: Connected streamtype %s, %d\n", __func__, h->policy->streamtype, status); else - lwsl_warn("%s: Connected streamtype %s, BAD %d\n", __func__, - h->policy->streamtype, status); + if (h->u.http.good_respcode) + lwsl_warn("%s: Connected streamtype %s, BAD %d\n", + __func__, h->policy->streamtype, + status); h->hanging_som = 0; h->retry = 0; h->seqstate = SSSEQ_CONNECTED; lws_sul_cancel(&h->sul); + if (lws_ss_event_helper(h, LWSSSCS_CONNECTED)) /* was destroyed */ return -1; @@ -414,8 +418,8 @@ malformed: lwsl_debug("%s: adding blob %d: %s\n", __func__, m, buf); if (lws_add_http_header_by_name(wsi, - (uint8_t *)h->policy->u.http.blob_header[m], - buf, (int)(buflen + o), p, end)) + (uint8_t *)h->policy->u.http.blob_header[m], + buf, (int)(buflen + o), p, end)) return -1; } @@ -432,6 +436,18 @@ malformed: } + /* + * So when proxied, for POST we have to synthesize a CONNECTED + * state, so it can request a writeable and deliver the POST + * body + */ + if ((h->policy->protocol == LWSSSP_H1 || + h->policy->protocol == LWSSSP_H2) && + h->being_serialized && + !strcmp(h->policy->u.http.method, "POST")) + if (lws_ss_event_helper(h, LWSSSCS_CONNECTED)) + return LWSSSSRET_SS_HANDLE_DESTROYED; + break; /* chunks of chunked content, with header removed */ diff --git a/lib/secure-streams/secure-streams-serialize.c b/lib/secure-streams/secure-streams-serialize.c index 9a1d61d75..c3ed7faed 100644 --- a/lib/secure-streams/secure-streams-serialize.c +++ b/lib/secure-streams/secure-streams-serialize.c @@ -986,6 +986,12 @@ payload_ff: case LWSSSCS_CONNECTED: lwsl_info("%s: CONNECTED %s\n", __func__, ssi->streamtype); + if (*state == LPCSCLI_OPERATIONAL) + /* + * Don't allow to see connected more + * than once for one connection + */ + goto swallow; lws_ss_serialize_state_transition(state, LPCSCLI_OPERATIONAL); ((lws_sspc_handle_t *)*pss)->conn_req_state = @@ -1006,6 +1012,7 @@ payload_ff: #endif if (ssi->state((void *)pss, NULL, par->ctr, par->flags)) goto hangup; +swallow: break; diff --git a/minimal-examples/secure-streams/minimal-secure-streams-post/minimal-secure-streams-post.c b/minimal-examples/secure-streams/minimal-secure-streams-post/minimal-secure-streams-post.c index d112ee24b..8df205fb4 100644 --- a/minimal-examples/secure-streams/minimal-secure-streams-post/minimal-secure-streams-post.c +++ b/minimal-examples/secure-streams/minimal-secure-streams-post/minimal-secure-streams-post.c @@ -23,6 +23,7 @@ #include #include #include +#include /* * uncomment to force network traffic through 127.0.0.1:1080