ignore normal Rack response at request-time hijackhijack
authorEric Wong <normalperson@yhbt.net>
Tue, 22 Jan 2013 23:52:14 +0000 (22 23:52 +0000)
committerEric Wong <normalperson@yhbt.net>
Tue, 22 Jan 2013 23:54:37 +0000 (22 23:54 +0000)
Once a connection is hijacked, we ignore it completely and leave
the connection at the mercy of the application.

lib/unicorn/http_request.rb
lib/unicorn/http_server.rb
t/hijack.ru
t/t0200-rack-hijack.sh

index 3bc64ed..3795b3b 100644 (file)
@@ -106,6 +106,10 @@ class Unicorn::HttpParser
     RACK_HIJACK = "rack.hijack".freeze
     RACK_HIJACK_IO = "rack.hijack_io".freeze
 
+    def hijacked?
+      env.include?(RACK_HIJACK_IO)
+    end
+
     def hijack_setup(e, socket)
       e[RACK_HIJACK] = proc { e[RACK_HIJACK_IO] ||= socket }
     end
@@ -113,5 +117,9 @@ class Unicorn::HttpParser
     # old Rack, do nothing.
     def hijack_setup(e, _)
     end
+
+    def hijacked?
+      false
+    end
   end
 end
index 2d8e4e1..cc0a705 100644 (file)
@@ -550,11 +550,13 @@ class Unicorn::HttpServer
   # in 3 easy steps: read request, call app, write app response
   def process_client(client)
     status, headers, body = @app.call(env = @request.read(client))
+    return if @request.hijacked?
 
     if 100 == status.to_i
       client.write(expect_100_response)
       env.delete(Unicorn::Const::HTTP_EXPECT)
       status, headers, body = @app.call(env)
+      return if @request.hijacked?
     end
     @request.headers? or headers = nil
     http_response_write(client, status, headers, body,
index 105e0d7..fcb0b6d 100644 (file)
@@ -17,7 +17,12 @@ run lambda { |env|
       io = env["rack.hijack"].call
       if io.respond_to?(:read_nonblock) &&
          env["rack.hijack_io"].respond_to?(:read_nonblock)
-        return [ 200, {}, [ "hijack.OK\n" ] ]
+
+        # exercise both, since we Rack::Lint may use different objects
+        env["rack.hijack_io"].write("HTTP/1.0 200 OK\r\n\r\n")
+        io.write("request.hijacked")
+        io.close
+        return [ 500, {}, DieIfUsed.new ]
       end
     end
     [ 500, {}, [ "hijack BAD\n" ] ]
index 23a9ee4..f772071 100755 (executable)
@@ -9,7 +9,7 @@ t_begin "setup and start" && {
 }
 
 t_begin "check request hijack" && {
-       test "xhijack.OK" = x"$(curl -sSfv http://$listen/hijack_req)"
+       test "xrequest.hijacked" = x"$(curl -sSfv http://$listen/hijack_req)"
 }
 
 t_begin "check response hijack" && {