svn commit: r289419 - head/lib/libfetch
Dag-Erling Smørgrav
des at FreeBSD.org
Fri Oct 16 12:21:45 UTC 2015
Author: des
Date: Fri Oct 16 12:21:44 2015
New Revision: 289419
URL: https://svnweb.freebsd.org/changeset/base/289419
Log:
Fix two bugs in HTTPS tunnelling:
- If the proxy returns a non-200 result, set the error code accordingly
so the caller / user gets a somewhat meaningful error message.
- Consume and discard any HTTP response header following the result line.
PR: 194483
Tested by: Fabian Keil <fk at fabiankeil.de>
MFC after: 1 week
Modified:
head/lib/libfetch/http.c
Modified: head/lib/libfetch/http.c
==============================================================================
--- head/lib/libfetch/http.c Fri Oct 16 12:16:35 2015 (r289418)
+++ head/lib/libfetch/http.c Fri Oct 16 12:21:44 2015 (r289419)
@@ -1376,8 +1376,12 @@ http_connect(struct url *URL, struct url
{
struct url *curl;
conn_t *conn;
+ hdr_t h;
+ http_headerbuf_t headerbuf;
+ const char *p;
int verbose;
int af, val;
+ int serrno;
#ifdef INET6
af = AF_UNSPEC;
@@ -1398,6 +1402,7 @@ http_connect(struct url *URL, struct url
if ((conn = fetch_connect(curl->host, curl->port, af, verbose)) == NULL)
/* fetch_connect() has already set an error code */
return (NULL);
+ init_http_headerbuf(&headerbuf);
if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0 && purl) {
http_cmd(conn, "CONNECT %s:%d HTTP/1.1",
URL->host, URL->port);
@@ -1405,10 +1410,26 @@ http_connect(struct url *URL, struct url
URL->host, URL->port);
http_cmd(conn, "");
if (http_get_reply(conn) != HTTP_OK) {
- fetch_close(conn);
- return (NULL);
+ http_seterr(conn->err);
+ goto ouch;
}
- http_get_reply(conn);
+ /* Read and discard the rest of the proxy response */
+ if (fetch_getln(conn) < 0) {
+ fetch_syserr();
+ goto ouch;
+ }
+ do {
+ switch ((h = http_next_header(conn, &headerbuf, &p))) {
+ case hdr_syserror:
+ fetch_syserr();
+ goto ouch;
+ case hdr_error:
+ http_seterr(HTTP_PROTOCOL_ERROR);
+ goto ouch;
+ default:
+ /* ignore */ ;
+ }
+ } while (h < hdr_end);
}
if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0 &&
fetch_ssl(conn, URL, verbose) == -1) {
@@ -1416,13 +1437,20 @@ http_connect(struct url *URL, struct url
/* grrr */
errno = EAUTH;
fetch_syserr();
- return (NULL);
+ goto ouch;
}
val = 1;
setsockopt(conn->sd, IPPROTO_TCP, TCP_NOPUSH, &val, sizeof(val));
+ clean_http_headerbuf(&headerbuf);
return (conn);
+ouch:
+ serrno = errno;
+ clean_http_headerbuf(&headerbuf);
+ fetch_close(conn);
+ errno = serrno;
+ return (NULL);
}
static struct url *
More information about the svn-src-head
mailing list