From owner-freebsd-bugs@FreeBSD.ORG Tue Nov 22 02:50:31 2005 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D459816A422 for ; Tue, 22 Nov 2005 02:50:28 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id AD7FA43D69 for ; Tue, 22 Nov 2005 02:50:23 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id jAM2oNkK031345 for ; Tue, 22 Nov 2005 02:50:23 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id jAM2oNNr031341; Tue, 22 Nov 2005 02:50:23 GMT (envelope-from gnats) Resent-Date: Tue, 22 Nov 2005 02:50:23 GMT Resent-Message-Id: <200511220250.jAM2oNNr031341@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Edwin Groothuis Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 71C1016A420 for ; Tue, 22 Nov 2005 02:40:50 +0000 (GMT) (envelope-from edwin@mavetju.org) Received: from mail3out.barnet.com.au (mail3out.barnet.com.au [202.83.176.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id 378E343D49 for ; Tue, 22 Nov 2005 02:40:19 +0000 (GMT) (envelope-from edwin@mavetju.org) Received: by mail3out.barnet.com.au (Postfix, from userid 27) id D677E877CAD; Tue, 22 Nov 2005 13:40:16 +1100 (EST) Received: from mail3-auth.barnet.com.au (mail3.barnet.com.au [202.83.176.16]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.barnet.com.au", Issuer "BarNet Root Certificate Authority" (verified OK)) by mail3.barnet.com.au (Postfix) with ESMTP id B26DC877CA9 for ; Tue, 22 Nov 2005 13:40:16 +1100 (EST) Received: from k7.mavetju (edwin-3.int.barnet.com.au [10.10.12.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "edwin.adsl.barnet.com.au", Issuer "BarNet Root Certificate Authority" (not verified)) by mail3-auth.barnet.com.au (Postfix) with ESMTP id 377FB877CA4 for ; Tue, 22 Nov 2005 13:40:16 +1100 (EST) Received: by k7.mavetju (Postfix, from userid 1001) id 0759463A6; Tue, 22 Nov 2005 13:40:15 +1100 (EST) Message-Id: <20051122024015.0759463A6@k7.mavetju> Date: Tue, 22 Nov 2005 13:40:15 +1100 (EST) From: Edwin Groothuis To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: bin/89403: fetch(1) doesn't honour authentication credentials when going through a proxy X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Edwin Groothuis List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Nov 2005 02:50:31 -0000 >Number: 89403 >Category: bin >Synopsis: fetch(1) doesn't honour authentication credentials when going through a proxy >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Nov 22 02:50:23 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Edwin Groothuis >Release: FreeBSD 5.4-RELEASE i386 >Organization: - >Environment: System: FreeBSD tinderbox.barnet.com.au 5.4-RELEASE FreeBSD 5.4-RELEASE #0: Sun May 8 10:21:06 UTC 2005 root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 >Description: When trying this URL on a machine without HTTP_PROXY defined: $ fetch ftp://3dgr35g:mr23g239a@3dgamers.mirror.internode.on.net/3dgamers/games/quake4/foo fetch: ftp://3dgr35g:mr23g239a@3dgamers.mirror.internode.on.net/3dgamers/games/quake4/foo: File unavailable (e.g., file not found, no access) But when running it on a machine with HTTP_PROXY defined: $ fetch ftp://3dgr35g:mr23g239a@3dgamers.mirror.internode.on.net/3dgamers/games/quake4/foo fetch: ftp://3dgr35g:mr23g239a@3dgamers.mirror.internode.on.net/3dgamers/games/quake4/foo: Unauthorized Network trace gives this: T 10.192.1.5:61229 -> 202.83.176.9:8080 [AP] GET ftp://3dgamers.mirror.internode.on.net/3dgamers/games/quake4/foo HTTP/1.1.. ## T 10.192.1.5:61229 -> 202.83.176.9:8080 [AP] Host: 3dgamers.mirror.internode.on.net..Authorization: Basic M2RncjM1Zzptcj IzZzIzOWE=..User-Agent: fetch libfetch/2.0..Connection: close.... And towards the FTP server: T 203.16.214.173:21 -> 202.83.176.9:1982 [AP] 220 203.16.214.173 FTP server ready.. # T 202.83.176.9:1982 -> 203.16.214.173:21 [AP] USER anonymous.. ## T 203.16.214.173:21 -> 202.83.176.9:1982 [AP] 331 Password required for anonymous... # T 202.83.176.9:1982 -> 203.16.214.173:21 [AP] PASS Squid@.. When telnetting to the proxy and entering this command: GET ftp://3dgr35g:mr23g239a@3dgamers.mirror.internode.on.net/3dgamers/games/quake4/foo HTTP/1.1 I see this on the line: 220 203.16.214.173 FTP server ready.. # T 202.83.176.9:3880 -> 203.16.214.173:21 [AP] USER 3dgr35g.. ## T 203.16.214.173:21 -> 202.83.176.9:3880 [AP] 331 Password required for 3dgr35g... # T 202.83.176.9:3880 -> 203.16.214.173:21 [AP] PASS mr23g239a.. # T 203.16.214.173:21 -> 202.83.176.9:3880 [AP] 230 Anonymous access granted, restrictions apply... which is exactly what I expected in the first place. >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: >Unformatted: