Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-17414

[NE-982] When the configured http header name's length is larger than 255, cluster will send http 500 to the client request

XMLWordPrintable

    • No
    • Sprint 240
    • 1
    • Approved
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      Configure an ingress-controller or a route with a http request header, whose name's length is larger than 255, the cluster will send back "http 500 Internal Server Error" to a client http request

      Version-Release number of selected component (if applicable):

      4.14.0-0.test-2023-08-07-002636-ci-ln-w7n69q2-latest

      How reproducible:

      100%

      Steps to Reproduce:

      1.
% oc get clusterversion
NAME      VERSION                                                AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.14.0-0.test-2023-08-07-002636-ci-ln-w7n69q2-latest   True        False         8h      Cluster version is 4.14.0-0.test-2023-08-07-002636-ci-ln-w7n69q2-latest 

2. configure route selector for the default ingress-controller, then create an ingress-controller

3. create a pod, svc and expose the route with specified hostname
% oc get route unsec-server3 -oyaml
apiVersion: route.openshift.io/v1
kind: Route
metadata:
  creationTimestamp: "2023-08-07T02:54:30Z"
  labels:
    name: service-unsecure
  name: unsec-server3
  namespace: default
  resourceVersion: "59125"
  uid: 08a6e8ed-c1dc-4509-bba2-56a9236cc858
spec:
  host: unsec-server3.int1.shudi-414g07.qe.gcp.devcluster.openshift.com
  port:
    targetPort: http
  to:
    kind: Service
    name: unsec-server3
    weight: 100
  wildcardPolicy: None
status:
  ingress:
  - conditions:
    - lastTransitionTime: "2023-08-07T02:54:30Z"
      status: "True"
      type: Admitted
    host: unsec-server3.int1.shudi-414g07.qe.gcp.devcluster.openshift.com
    routerCanonicalHostname: router-int1.int1.shudi-414g07.qe.gcp.devcluster.openshift.com
    routerName: int1
    wildcardPolicy: None

4. Configure the custom ingress controller with a request http header whose name length is 256
% oc -n openshift-ingress-operator get ingresscontroller int1 -oyaml | grep -A7 httpHeaders:
  httpHeaders:
    actions:
      request:
      - action:
          set:
            value: header name length test
          type: Set
        name: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

5. rsh to pod and try to curl the route
 % oc rsh centos-pod2
sh-4.4# curl http://unsec-server3.int1.shudi-414g07.qe.gcp.devcluster.openshift.com 
<html><body><h1>500 Internal Server Error</h1>
An internal server error occurred.
</body></html>

6. rsh to server pod and check the captured packet, the server doesn't receive a packet on port 8080
% oc rsh server3
sh-4.4# tcpdump -i eth0 port 8080 -s 0 -n -v
dropped privs to tcpdump
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
sh-4.4#

      Actual results:

      http 500 error occurs

      Expected results:

      the http request with the http header inserted by the controller is forwarded to the server

      Additional info:

       

              rhn-support-misalunk Miheer Salunke
              shudili@redhat.com Shudi Li
              Shudi Li Shudi Li
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: