When breaking early out of the upstream response body loop, we must ensure we know we've hit the parser body EOF and preserve the buffer for trailer parsing. Otherwise, reentering proxy_read_body will put us in a bad state and corrupt responses.
This is a critical bugfix which only affects users of the soon-to-be-released "proxy_buffering: false" feature of proxy_pass. --- Fwiw, I discovered this using dumb git HTTP clones in a dumb configuration: yahns (proxy_pass) -> varnish -> dumb HTTP server GIT_SMART_HTTP=0 git -c http.maxRequests=100 clone $URL_OF_YAHNS But it's a decent HTTP server test for finding bugs like these since git checksums object responses to detect corruption. And damn, dumb HTTP in git is really slow at cloning a 750M repo (I guess one problem is the tree layout is really bad for this...) :< lib/yahns/proxy_http_response.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/yahns/proxy_http_response.rb b/lib/yahns/proxy_http_response.rb index 316c310..0ca2c34 100644 --- a/lib/yahns/proxy_http_response.rb +++ b/lib/yahns/proxy_http_response.rb @@ -167,7 +167,10 @@ def proxy_read_body(tip, kcar, req_res) end wbuf = proxy_write(wbuf, tmp, req_res) chunk.clear if chunk - return proxy_unbuffer(wbuf) if Yahns::WbufLite === wbuf + if Yahns::WbufLite === wbuf + req_res.proxy_trailers = [ rbuf.dup, tip ] if chunk && kcar.body_eof? + return proxy_unbuffer(wbuf) + end when nil # EOF # HTTP/1.1 upstream, unexpected premature EOF: msg = "upstream EOF (#{len} bytes left)" if len -- unsubscribe: yahns-public+unsubscr...@yhbt.net archive: https://yhbt.net/yahns-public/