diff options
Diffstat (limited to 'http/http2_connection.hpp')
| -rw-r--r-- | http/http2_connection.hpp | 55 |
1 files changed, 27 insertions, 28 deletions
diff --git a/http/http2_connection.hpp b/http/http2_connection.hpp index 2c60c1268e..446c38f302 100644 --- a/http/http2_connection.hpp +++ b/http/http2_connection.hpp @@ -37,7 +37,7 @@ namespace crow struct Http2StreamData { - Request req; + std::shared_ptr<Request> req = std::make_shared<Request>(); std::optional<bmcweb::HttpBody::reader> reqReader; Response res; std::optional<bmcweb::HttpBody::writer> writer; @@ -170,7 +170,7 @@ class HTTP2Connection : Http2StreamData& stream = it->second; Response& res = stream.res; res = std::move(completedRes); - crow::Request& thisReq = stream.req; + crow::Request& thisReq = *stream.req; completeResponseFields(thisReq, res); res.addHeader(boost::beast::http::field::date, getCachedDateStr()); @@ -243,7 +243,7 @@ class HTTP2Connection : return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; } } - crow::Request& thisReq = it->second.req; + crow::Request& thisReq = *it->second.req; thisReq.ioService = static_cast<decltype(thisReq.ioService)>( &adaptor.get_executor().context()); BMCWEB_LOG_DEBUG("Handling {} \"{}\"", logPtr(&thisReq), @@ -262,31 +262,30 @@ class HTTP2Connection : }); auto asyncResp = std::make_shared<bmcweb::AsyncResp>(std::move(it->second.res)); -#ifndef BMCWEB_INSECURE_DISABLE_AUTHX - thisReq.session = crow::authentication::authenticate( - {}, asyncResp->res, thisReq.method(), thisReq.req, nullptr); - if (!crow::authentication::isOnAllowlist(thisReq.url().path(), - thisReq.method()) && - thisReq.session == nullptr) - { - BMCWEB_LOG_WARNING("Authentication failed"); - forward_unauthorized::sendUnauthorized( - thisReq.url().encoded_path(), - thisReq.getHeaderValue("X-Requested-With"), - thisReq.getHeaderValue("Accept"), asyncResp->res); - } - else -#endif // BMCWEB_INSECURE_DISABLE_AUTHX + if constexpr (!BMCWEB_INSECURE_DISABLE_AUTH) { - std::string_view expected = thisReq.getHeaderValue( - boost::beast::http::field::if_none_match); - BMCWEB_LOG_DEBUG("Setting expected hash {}", expected); - if (!expected.empty()) + thisReq.session = crow::authentication::authenticate( + {}, asyncResp->res, thisReq.method(), thisReq.req, nullptr); + if (!crow::authentication::isOnAllowlist(thisReq.url().path(), + thisReq.method()) && + thisReq.session == nullptr) { - asyncResp->res.setExpectedHash(expected); + BMCWEB_LOG_WARNING("Authentication failed"); + forward_unauthorized::sendUnauthorized( + thisReq.url().encoded_path(), + thisReq.getHeaderValue("X-Requested-With"), + thisReq.getHeaderValue("Accept"), asyncResp->res); + return 0; } - handler->handle(thisReq, asyncResp); } + std::string_view expected = + thisReq.getHeaderValue(boost::beast::http::field::if_none_match); + BMCWEB_LOG_DEBUG("Setting expected hash {}", expected); + if (!expected.empty()) + { + asyncResp->res.setExpectedHash(expected); + } + handler->handle(it->second.req, asyncResp); return 0; } @@ -306,8 +305,8 @@ class HTTP2Connection : if (!reqReader) { reqReader.emplace( - bmcweb::HttpBody::reader(thisStream->second.req.req.base(), - thisStream->second.req.req.body())); + bmcweb::HttpBody::reader(thisStream->second.req->req.base(), + thisStream->second.req->req.body())); } boost::beast::error_code ec; reqReader->put(boost::asio::const_buffer(data, len), ec); @@ -425,7 +424,7 @@ class HTTP2Connection : return -1; } - crow::Request& thisReq = thisStream->second.req; + crow::Request& thisReq = *thisStream->second.req; if (nameSv == ":path") { @@ -493,7 +492,7 @@ class HTTP2Connection : Http2StreamData& stream = streams[frame.hd.stream_id]; // http2 is by definition always tls - stream.req.isSecure = true; + stream.req->isSecure = true; } return 0; } |