From 34ef9743d2653d3d1bc641966bd01527987021e8 Mon Sep 17 00:00:00 2001
From: Andy Green <andy@warmcat.com>
Date: Tue, 27 Jun 2017 10:07:34 +0800
Subject: [PATCH] serving: protect file sending from downgrading to waiting
 pipelined headers

https://github.com/warmcat/libwebsockets/issues/946
---
 lib/handshake.c | 9 ++++-----
 lib/parsers.c   | 3 +++
 lib/server.c    | 6 ++++--
 3 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/lib/handshake.c b/lib/handshake.c
index 98e75b3..8172e96 100644
--- a/lib/handshake.c
+++ b/lib/handshake.c
@@ -95,17 +95,16 @@ lws_read(struct lws *wsi, unsigned char *buf, lws_filepos_t len)
 		break;
 #endif
 
+	case LWSS_HTTP_ISSUING_FILE:
+		return 0;
+
 	case LWSS_CLIENT_HTTP_ESTABLISHED:
 		break;
 
 	case LWSS_HTTP:
 		wsi->hdr_parsing_completed = 0;
 		/* fallthru */
-	case LWSS_HTTP_ISSUING_FILE:
-		wsi->state = LWSS_HTTP_HEADERS;
-		wsi->u.hdr.parser_state = WSI_TOKEN_NAME_PART;
-		wsi->u.hdr.lextable_pos = 0;
-		/* fallthru */
+
 	case LWSS_HTTP_HEADERS:
 		if (!wsi->u.hdr.ah) {
 			lwsl_err("%s: LWSS_HTTP_HEADERS: NULL ah\n", __func__);
diff --git a/lib/parsers.c b/lib/parsers.c
index 9cd70e0..97731bc 100644
--- a/lib/parsers.c
+++ b/lib/parsers.c
@@ -86,6 +86,9 @@ lws_header_table_reset(struct lws *wsi, int autoservice)
 
 	_lws_header_table_reset(ah);
 
+        wsi->u.hdr.parser_state = WSI_TOKEN_NAME_PART;
+        wsi->u.hdr.lextable_pos = 0;
+
 	/* since we will restart the ah, our new headers are not completed */
 	// wsi->hdr_parsing_completed = 0;
 
diff --git a/lib/server.c b/lib/server.c
index 159c140..93ed568 100644
--- a/lib/server.c
+++ b/lib/server.c
@@ -2243,7 +2243,8 @@ lws_server_socket_service(struct lws_context *context, struct lws *wsi,
 			}
 			
 			/* just ignore incoming if waiting for close */
-			if (wsi->state != LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE) {
+			if (wsi->state != LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE &&
+			    wsi->state != LWSS_HTTP_ISSUING_FILE) {
 				n = lws_read(wsi, ah->rx + ah->rxpos,
 					     ah->rxlen - ah->rxpos);
 				if (n < 0) /* we closed wsi */
@@ -2294,7 +2295,8 @@ lws_server_socket_service(struct lws_context *context, struct lws *wsi,
 		}
 
 		/* just ignore incoming if waiting for close */
-		if (wsi->state != LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE) {
+		if (wsi->state != LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE &&
+		    wsi->state != LWSS_HTTP_ISSUING_FILE) {
 			/*
 			 * this may want to send
 			 * (via HTTP callback for example)
-- 
2.7.4