Skip to content

Commit bc528cf

Browse files
jshajsha
authored
Error when redirect target is too long. (letsencrypt#4775)
This can happen when a misconfiguration redirects a certain path to itself, doubled. After 10 redirects the error message can get quite long. Instead we halt things at 2000 bytes, which should be more than enough.
1 parent b351fa5 commit bc528cf

File tree

2 files changed

+32
-1
lines changed

2 files changed

+32
-1
lines changed

va/http.go

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,8 +28,11 @@ const (
2828
// HTTP-01 challenge response. The expected payload should be ~87 bytes. Since
2929
// it may be padded by whitespace which we previously allowed accept up to 128
3030
// bytes before rejecting a response (32 byte b64 encoded token + . + 32 byte
31-
// b64 encoded key fingerprint)
31+
// b64 encoded key fingerprint).
3232
maxResponseSize = 128
33+
// maxPathSize is the maximum number of bytes we will accept in the path of a
34+
// redirect URL.
35+
maxPathSize = 2000
3336
// whitespaceCutset is the set of characters trimmed from the right of an
3437
// HTTP-01 key authorization response.
3538
whitespaceCutset = "\n\r\t "
@@ -521,6 +524,10 @@ func (va *ValidationAuthorityImpl) processHTTPValidation(
521524
}
522525

523526
redirPath := req.URL.Path
527+
if len(redirPath) > maxPathSize {
528+
return berrors.ConnectionFailureError("Redirect target too long")
529+
}
530+
524531
// If the redirect URL has query parameters we need to preserve
525532
// those in the redirect path
526533
redirQuery := ""

va/http_test.go

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -558,6 +558,14 @@ func httpTestSrv(t *testing.T) *httptest.Server {
558558
fmt.Fprint(resp, tooLargeBuf)
559559
})
560560

561+
mux.HandleFunc("/redir-path-too-long", func(resp http.ResponseWriter, req *http.Request) {
562+
http.Redirect(
563+
resp,
564+
req,
565+
"https://example.com/this-is-too-long-01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789",
566+
http.StatusMovedPermanently)
567+
})
568+
561569
// A path that redirects to an uppercase public suffix (#4215)
562570
mux.HandleFunc("/redir-uppercase-publicsuffix", func(resp http.ResponseWriter, req *http.Request) {
563571
http.Redirect(
@@ -811,6 +819,22 @@ func TestFetchHTTP(t *testing.T) {
811819
},
812820
},
813821
},
822+
{
823+
Name: "Redirect to long path",
824+
Host: "example.com",
825+
Path: "/redir-path-too-long",
826+
ExpectedProblem: probs.ConnectionFailure(
827+
"Fetching https://example.com/this-is-too-long-01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789: Redirect target too long"),
828+
ExpectedRecords: []core.ValidationRecord{
829+
{
830+
Hostname: "example.com",
831+
Port: strconv.Itoa(httpPort),
832+
URL: "http://example.com/redir-path-too-long",
833+
AddressesResolved: []net.IP{net.ParseIP("127.0.0.1")},
834+
AddressUsed: net.ParseIP("127.0.0.1"),
835+
},
836+
},
837+
},
814838
{
815839
Name: "Wrong HTTP status code",
816840
Host: "example.com",

0 commit comments

Comments
 (0)