From 2709f328b9976c937d417f9d03b6d8b90ca2d1c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= <essen@ninenines.eu>
Date: Mon, 23 Sep 2019 13:46:32 +0200
Subject: Properly error out on HTTP/1.0 Websocket upgrade attempts

---
 src/gun_http.erl  |  7 ++++---
 test/ws_SUITE.erl | 16 ++++++++++++++++
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/src/gun_http.erl b/src/gun_http.erl
index 780dc04..59f4fe7 100644
--- a/src/gun_http.erl
+++ b/src/gun_http.erl
@@ -777,9 +777,10 @@ end_stream(State=#http_state{streams=[_|Tail]}) ->
 
 %% Websocket upgrade.
 
-%% Ensure version is 1.1.
-ws_upgrade(#http_state{version='HTTP/1.0'}, _, _, _, _, _, _, _, _) ->
-	error; %% @todo Probably don't error out here, have a protocol function/command.
+ws_upgrade(#http_state{owner=ReplyTo, version='HTTP/1.0'}, StreamRef, _, _, _, _, _, _, EvHandlerState) ->
+	ReplyTo ! {gun_error, self(), StreamRef, {badstate,
+		"Websocket cannot be used over an HTTP/1.0 connection."}},
+	{[], EvHandlerState};
 ws_upgrade(State=#http_state{owner=ReplyTo, out=head},
 		StreamRef, Host, Port, Path, Headers0, WsOpts,
 		EvHandler, EvHandlerState0) ->
diff --git a/test/ws_SUITE.erl b/test/ws_SUITE.erl
index 1abf046..c672b22 100644
--- a/test/ws_SUITE.erl
+++ b/test/ws_SUITE.erl
@@ -54,6 +54,22 @@ await(Config) ->
 	{ws, Frame} = gun:await(ConnPid, StreamRef),
 	gun:close(ConnPid).
 
+error_http10_upgrade(Config) ->
+	doc("Attempting to upgrade HTTP/1.0 to Websocket produces an error."),
+	{ok, ConnPid} = gun:open("localhost", config(port, Config), #{
+		http_opts => #{version => 'HTTP/1.0'}
+	}),
+	{ok, _} = gun:await_up(ConnPid),
+	StreamRef = gun:ws_upgrade(ConnPid, "/", []),
+	receive
+		{gun_error, ConnPid, StreamRef, {badstate, _}} ->
+			gun:close(ConnPid);
+		Msg ->
+			error({fail, Msg})
+	after 1000 ->
+		error(timeout)
+	end.
+
 reject_upgrade(Config) ->
 	doc("Ensure Websocket connections can be rejected."),
 	{ok, ConnPid} = gun:open("localhost", config(port, Config)),
-- 
cgit v1.2.3