net: lib: downloader: limit number of redirects #20224
Conversation
github-actions
bot
added
the
changelog-entry-required
CI InformationTo view the history of this post, clich the 'edited' button above Inputs:Sources:sdk-nrf: PR head: 6c388d17536e9c148d7556e885272c94e100a9d1 more detailssdk-nrf:
Github labels
List of changed files detected by CI (6)Outputs:ToolchainVersion: 4cff34261a Test Spec & Results: ✅ Success; ❌ Failure; 🟠 Queued; 🟡 Progress; ◻️ Skipped;
|
|
You can find the documentation preview for this PR at this link. Note: This comment is automatically posted by the Documentation Publish GitHub Action. |
include/net/downloader.h
Outdated
| * Maximum number of HTTP redirects. | ||
| * Use 0 to set default value of CONFIG_DOWNLOADER_MAX_REDIRECTS. | ||
| */ | ||
| int redirects_max; |
There was a problem hiding this comment.
So, there is no way to disable this feature by setting the maximum number of redirects to zero?
There was a problem hiding this comment.
I thought about that, but the case is that if we are disabling it and the server misbehaves (which it should not do), we will end in a endless loop. In reality there should not be many redirects to get to a file, so setting a high number will result in similar behavior. I would rather have a number of attempts by default than unlimited.
eivindj-nordic
force-pushed
the
downloader_http_redirect_max_retries
branch
2 times, most recently
from
882964d to
d147faa
Compare
| if (dl->host_cfg.range_override) { | ||
| if (tls_force_range && dl->host_cfg.range_override > (TLS_RANGE_MAX)) { | ||
| if (tls_force_range) { | ||
| if (dl->host_cfg.range_override > (TLS_RANGE_MAX)) { |
There was a problem hiding this comment.
| if (dl->host_cfg.range_override > (TLS_RANGE_MAX)) { | |
| if (dl->host_cfg.range_override > TLS_RANGE_MAX) { |
| if (dl->host_cfg.range_override) { | ||
| if (tls_force_range && dl->host_cfg.range_override > (TLS_RANGE_MAX)) { | ||
| if (tls_force_range) { | ||
| if (dl->host_cfg.range_override > (TLS_RANGE_MAX)) { | ||
| LOG_WRN("Range override > TLS max range, setting to TLS max range"); | ||
| dl->host_cfg.range_override = (TLS_RANGE_MAX); |
There was a problem hiding this comment.
| dl->host_cfg.range_override = (TLS_RANGE_MAX); | |
| dl->host_cfg.range_override = TLS_RANGE_MAX; |
| return len; | ||
| } | ||
| if (dl->progress + len == dl->file_size) { | ||
| /* A full file have been received */ |
There was a problem hiding this comment.
My fault 😞
| /* A full file have been received */ | |
| /* A full file has been received */ |
eivindj-nordic
force-pushed
the
downloader_http_redirect_max_retries
branch
from
d147faa to
f6fd041
Compare
include/net/downloader.h
Outdated
| @@ -195,6 +196,11 @@ struct downloader_host_cfg { | |||
| * This string is used in case you are requesting a proxied file from a CoAP server. | |||
| */ | |||
| const char *proxy_uri; | |||
| /** | |||
| * Maximum number of HTTP redirects. | |||
| * Use 0 to set default value of CONFIG_DOWNLOADER_MAX_REDIRECTS. | |||
There was a problem hiding this comment.
This seems incorrect. The implementation sets the value of CONFIG_DOWNLOADER_MAX_REDIRECTS, not its default (10).
There was a problem hiding this comment.
Ok, I see your point. I thought of the value of CONFIG_DOWNLOADER_MAX_REDIRECTS as the default, but that is not the default value of CONFIG_DOWNLOADER_MAX_REDIRECTS. I'll rewrite.
| dl->host_cfg.range_override = (TLS_RANGE_MAX); | ||
| dl->host_cfg.range_override = TLS_RANGE_MAX; | ||
| } else if (dl->host_cfg.range_override == 0) { | ||
| dl->host_cfg.range_override = TLS_RANGE_MAX; |
There was a problem hiding this comment.
Because here it is not explicitly set to something else by the application, as it is above.
| @@ -960,6 +960,8 @@ static ssize_t z_impl_zsock_recvfrom_http_redirect_and_close( | |||
| return 0; | |||
| } | |||
|
|
|||
| memcpy(buf, HTTP_HDR_REDIRECT, strlen(HTTP_HDR_REDIRECT)); | |||
| return strlen(HTTP_HDR_REDIRECT); | |||
| return 0; | |||
There was a problem hiding this comment.
This is unreachable and should be removed.
eivindj-nordic
force-pushed
the
downloader_http_redirect_max_retries
branch
from
f6fd041 to
36e2f23
Compare
| @@ -95,6 +95,9 @@ struct transport_params_http { | |||
|
|
|||
| /** Request new data */ | |||
| bool new_data_req; | |||
| /** Redirect retries */ | |||
| uint32_t redirects; | |||
|
|
|||
There was a problem hiding this comment.
Fixed in the right commit now.
| @@ -26,6 +26,12 @@ config DOWNLOADER_MAX_FILENAME_SIZE | |||
| range 8 2048 | |||
| default 255 | |||
|
|
|||
| config DOWNLOADER_MAX_REDIRECTS | |||
| int "Default maximum number of redirects before download is aborted" | |||
| default 10 | |||
There was a problem hiding this comment.
possible range value to limit range so someone doesn't set this to 0 or -40?
There was a problem hiding this comment.
Added to the wrong commit, thanks!
eivindj-nordic
force-pushed
the
downloader_http_redirect_max_retries
branch
3 times, most recently
from
2e20e9c to
bc7785e
Compare
eivindj-nordic
force-pushed
the
downloader_http_redirect_max_retries
branch
3 times, most recently
from
4b4faa9 to
6a24117
Compare
Limit the number of redirects before downloader fails the download. Co-authored-by: Seppo Takalo <seppo.takalo@nordicsemi.no> Signed-off-by: Eivind Jølsgard <eivind.jolsgard@nordicsemi.no>
Cleanup formatting and some code restructuring. Co-authored-by: Andreas Moltumyr <andreas.moltumyr@nordicsemi.no> Signed-off-by: Eivind Jølsgard <eivind.jolsgard@nordicsemi.no>
eivindj-nordic
force-pushed
the
downloader_http_redirect_max_retries
branch
from
6a24117 to
6c388d1
Compare
|
After documentation is built, you will find the preview for this PR here. |
Limit the number of redirects before downloader fails the download.
Cleanup formatting and some code indentation.