Opened 8 years ago
Closed 8 years ago
#1056 closed defect (wontfix)
Maximum Content-Length value
Reported by: | Owned by: | ||
---|---|---|---|
Priority: | minor | Milestone: | |
Component: | nginx-core | Version: | 1.9.x |
Keywords: | Cc: | ||
uname -a: | Linux FW01 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-2+deb8u3 (2016-07-02) x86_64 GNU/Linux | ||
nginx -V: |
nginx version: nginx/1.6.2
TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt=-Wl,-z,relro --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_addition_module --with-http_dav_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_spdy_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module --add-module=/build/nginx-ryOGNl/nginx-1.6.2/debian/modules/nginx-auth-pam --add-module=/build/nginx-ryOGNl/nginx-1.6.2/debian/modules/nginx-dav-ext-module --add-module=/build/nginx-ryOGNl/nginx-1.6.2/debian/modules/nginx-echo --add-module=/build/nginx-ryOGNl/nginx-1.6.2/debian/modules/nginx-upstream-fair --add-module=/build/nginx-ryOGNl/nginx-1.6.2/debian/modules/ngx_http_substitutions_filter_module |
Description
In troubleshooting an issue I'm having publishing a Microsoft SSTP service (1) via ngx_http_proxy_module it appears that nginx returns a "400 Bad Request" when the Content-Length request header is a certain size.
2016/08/20 13:55:41 [debug] 5524#0: *1 http process request line 2016/08/20 13:55:41 [debug] 5524#0: *1 http request line: "SSTP_DUPLEX_POST /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ HTTP/1.1" 2016/08/20 13:55:41 [debug] 5524#0: *1 http uri: "/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/" 2016/08/20 13:55:41 [debug] 5524#0: *1 http args: "" 2016/08/20 13:55:41 [debug] 5524#0: *1 http exten: "" 2016/08/20 13:55:41 [debug] 5524#0: *1 http process request header line 2016/08/20 13:55:41 [debug] 5524#0: *1 http header: "SSTPCORRELATIONID: {D88F83A0-42C4-4835-95AA-1BC32C58C26A}" 2016/08/20 13:55:41 [debug] 5524#0: *1 http header: "Content-Length: 18446744073709551615" 2016/08/20 13:55:41 [debug] 5524#0: *1 http header: "Host: xxxx" 2016/08/20 13:55:41 [debug] 5524#0: *1 http header done 2016/08/20 13:55:41 [info] 5524#0: *1 client sent invalid "Content-Length" header while reading client request headers, client: 10.99.99.74, server: xxxx, request: "SSTP_DUPLEX_POST /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ HTTP/1.1", host: "xxxx" 2016/08/20 13:55:41 [debug] 5524#0: *1 http finalize request: 400, "/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/?" a:1, c:1 2016/08/20 13:55:41 [debug] 5524#0: *1 event timer del: 7: 1471697801120 2016/08/20 13:55:41 [debug] 5524#0: *1 http special response: 400, "/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/?" 2016/08/20 13:55:41 [debug] 5524#0: *1 http set discard body 2016/08/20 13:55:41 [debug] 5524#0: *1 xslt filter header 2016/08/20 13:55:41 [debug] 5524#0: *1 posix_memalign: 000000000137A860:4096 @16 2016/08/20 13:55:41 [debug] 5524#0: *1 HTTP/1.1 400 Bad Request Server: nginx/1.6.2 Date: Sat, 20 Aug 2016 12:55:41 GMT Content-Type: text/html Content-Length: 172 Connection: close
An SSTP client will set the content-length request header to a constant size, 18446744073709551615 (corresponding to unsigned long long).
Following advise in #ngix, I've tried setting more_clear_input_headers from nginx-extras without success.
Looking at the HTTP RFC (2), it looks like a content-length value greater than or equal to 0 is a valid value.
[1] https://msdn.microsoft.com/en-us/library/cc247338.aspx
[2] https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13
The error is returned as nginx is not able to parse the value provided. It uses
off_t
to storeContent-Length
, and thus can parse only up to 9223372036854775807 on most platforms. This is believed to be large enough for all real lengths.Removing the header, even if possible, won't help, as for requests no Content-Length means no body. But even with this solved (e.g., some smaller fake value used instead), it won't be possible to use SSTP anyway, as it assumes bidirectional communication during proxying - not something nginx provides.
Correct approach nginx will be able to support is to use HTTP/1.1 Upgrade mechanism to switch the connection to a different protocol after an initial HTTP handshake, similar to what WebSockets use. Unfortunately, Microsoft decided to rely on HTTP hacks instead. This may work for them, but expectedly will have problems with reverse proxies like nginx.
If you want to proxy SSTP, consider using stream proxy module instead.