Date: Thu, 4 Jul 2013 08:53:44 GMT From: "Oleg A. Mamontov" <oleg@mamontov.net> To: freebsd-gnats-submit@FreeBSD.org Subject: misc/180253: libfetch https/HTTP_PROXY bug Message-ID: <201307040853.r648ri3t022014@oldred.freebsd.org> Resent-Message-ID: <201307040900.r64900N3007108@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 180253 >Category: misc >Synopsis: libfetch https/HTTP_PROXY bug >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Jul 04 09:00:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Oleg A. Mamontov >Release: 9.1-RELEASE-p4 >Organization: >Environment: FreeBSD bsd.moda.local 9.1-RELEASE-p4 FreeBSD 9.1-RELEASE-p4 #0: Mon Jun 17 11:42:37 UTC 2013 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 >Description: /usr/bin/fetch utility does not download files over https when environment variable HTTP_PROXY is set. When establishing tcp ssl connection, host and port are chosen correctly (regardless of the variable HTTP_PROXY): if (purl && strcasecmp(URL->scheme, SCHEME_HTTPS) != 0) { URL = purl; But GET string is formed not quite correct: if (purl) { http_cmd(conn, "%s %s://%s%s HTTP/1.1", op, url->scheme, host, url->doc); As a result, the https request string looks like this: GET https://some.host/uri HTTP/1.1 While this is technically correct, some web servers do not serve these requests and returns '400 Bad Request'. >How-To-Repeat: env HTTP_PROXY=foo fetch https://github.com/simpl/ngx_devel_kit/tarball/v0.2.18/simpl-ngx_devel_kit-v0.2.18-0-g48bc5dd.tar.gz fetch: https://github.com/simpl/ngx_devel_kit/tarball/v0.2.18/simpl-ngx_devel_kit-v0.2.18-0-g48bc5dd.tar.gz: Bad Request >Fix: --- /usr/src/lib/libfetch/http.c.orig 2013-07-04 12:31:44.743957898 +0400 +++ /usr/src/lib/libfetch/http.c 2013-07-04 12:32:14.552958838 +0400 @@ -1566,7 +1566,7 @@ if (verbose) fetch_info("requesting %s://%s%s", url->scheme, host, url->doc); - if (purl) { + if (purl && strcasecmp(URL->scheme, SCHEME_HTTPS) != 0) { http_cmd(conn, "%s %s://%s%s HTTP/1.1", op, url->scheme, host, url->doc); } else { env HTTP_PROXY=foo fetch https://github.com/simpl/ngx_devel_kit/tarball/v0.2.18/simpl-ngx_devel_kit-v0.2.18-0-g48bc5dd.tar.gz simpl-ngx_devel_kit-v0.2.18-0-g48bc5dd.tar.gz 100% of 63 kB 237 kBps >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201307040853.r648ri3t022014>