FreeBSD Bugzilla – Attachment 148498 Details for
Bug 194483
[PATCH] libfetch: Properly deal with multi-line proxy responses to CONNECT requests
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
[PATCH] libfetch: Properly deal with multi-line proxy responses to CONNECT requests
libfetch-Properly-deal-with-multi-line-proxy-respons.diff (text/plain), 1.51 KB, created by
Fabian Keil
on 2014-10-20 11:55:28 UTC
(
hide
)
Description:
[PATCH] libfetch: Properly deal with multi-line proxy responses to CONNECT requests
Filename:
MIME Type:
Creator:
Fabian Keil
Created:
2014-10-20 11:55:28 UTC
Size:
1.51 KB
patch
obsolete
>From 9d24010a598dfd9bd9c7419a6956bc592ead6d9c Mon Sep 17 00:00:00 2001 >From: Fabian Keil <fk@fabiankeil.de> >Date: Sun, 19 Oct 2014 16:17:18 +0200 >Subject: [PATCH] libfetch: Properly deal with multi-line proxy responses to > CONNECT requests > >Previously http_connect() expected the proxy response to consist >of a single response line with no common HTTP headers and would >otherwise leave parts of the HTTP response unread. > >OpenSSL did not appreciate that: > >fk@r500 ~/papers $fetch https://www.usenix.org/system/files/conference/osdi14/osdi14-paper-yuan.pdf >34380892520:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:787: >fetch: https://www.usenix.org/system/files/conference/osdi14/osdi14-paper-yuan.pdf: Authentication error >--- > lib/libfetch/http.c | 10 +++++++++- > 1 file changed, 9 insertions(+), 1 deletion(-) > >diff --git a/lib/libfetch/http.c b/lib/libfetch/http.c >index ad4a419..fec8d77 100644 >--- a/lib/libfetch/http.c >+++ b/lib/libfetch/http.c >@@ -1411,7 +1411,15 @@ http_connect(struct url *URL, struct url *purl, const char *flags) > fetch_close(conn); > return (NULL); > } >- http_get_reply(conn); >+ /* Read and discard the rest of the proxy response */ >+ do { >+ if (-1 == fetch_getln(conn)) { >+ fetch_syserr(); >+ fetch_close(conn); >+ return (NULL); >+ } >+ http_conn_trimright(conn); >+ } while (conn->buflen != 0); > } > if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0 && > fetch_ssl(conn, URL, verbose) == -1) { >-- >2.1.2 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=148498">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 194483
:
148498
|
162043
|
162113
|
175412