FreeBSD Mail Archives

Date:      Thu, 4 Jul 2013 08:53:44 GMT
From:      "Oleg A. Mamontov" <oleg@mamontov.net>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   misc/180253: libfetch https/HTTP_PROXY bug
Message-ID:  <201307040853.r648ri3t022014@oldred.freebsd.org>
Resent-Message-ID: <201307040900.r64900N3007108@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help


>Number:         180253
>Category:       misc
>Synopsis:       libfetch https/HTTP_PROXY bug
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jul 04 09:00:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Oleg A. Mamontov
>Release:        9.1-RELEASE-p4
>Organization:
>Environment:
FreeBSD bsd.moda.local 9.1-RELEASE-p4 FreeBSD 9.1-RELEASE-p4 #0: Mon Jun 17 11:42:37 UTC 2013     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64
>Description:
/usr/bin/fetch utility does not download files over https when environment variable HTTP_PROXY is set.
When establishing tcp ssl connection, host and port are chosen correctly (regardless of the variable HTTP_PROXY):
if (purl && strcasecmp(URL->scheme, SCHEME_HTTPS) != 0) {
    URL = purl;

But GET string is formed not quite correct:
if (purl) {
    http_cmd(conn, "%s %s://%s%s HTTP/1.1",
        op, url->scheme, host, url->doc);

As a result, the https request string looks like this:
GET https://some.host/uri HTTP/1.1

While this is technically correct, some web servers do not serve these requests and returns '400 Bad Request'.
>How-To-Repeat:
env HTTP_PROXY=foo fetch https://github.com/simpl/ngx_devel_kit/tarball/v0.2.18/simpl-ngx_devel_kit-v0.2.18-0-g48bc5dd.tar.gz
fetch: https://github.com/simpl/ngx_devel_kit/tarball/v0.2.18/simpl-ngx_devel_kit-v0.2.18-0-g48bc5dd.tar.gz: Bad Request
>Fix:
--- /usr/src/lib/libfetch/http.c.orig	2013-07-04 12:31:44.743957898 +0400
+++ /usr/src/lib/libfetch/http.c	2013-07-04 12:32:14.552958838 +0400
@@ -1566,7 +1566,7 @@
 		if (verbose)
 			fetch_info("requesting %s://%s%s",
 			    url->scheme, host, url->doc);
-		if (purl) {
+		if (purl && strcasecmp(URL->scheme, SCHEME_HTTPS) != 0) {
 			http_cmd(conn, "%s %s://%s%s HTTP/1.1",
 			    op, url->scheme, host, url->doc);
 		} else {



env HTTP_PROXY=foo fetch https://github.com/simpl/ngx_devel_kit/tarball/v0.2.18/simpl-ngx_devel_kit-v0.2.18-0-g48bc5dd.tar.gz
simpl-ngx_devel_kit-v0.2.18-0-g48bc5dd.tar.gz 100% of   63 kB  237 kBps

>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201307040853.r648ri3t022014>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation