[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: [PATCH] wget: Fix fetching of https URLs with http proxy
From: Denys Vlasenko <vda.linux () googlemail ! com>
Date: 2018-03-04 23:17:44
Message-ID: CAK1hOcMfuORKG7GTqKyrYKagZUTG-itwcZB8JP46yZpeuyxJ9A () mail ! gmail ! com
[Download RAW message or body]
Applied, thanks
On Sun, Mar 4, 2018 at 11:25 PM, Peter Lloyd <l-busybox@pgl22.co.uk> wrote:
> When fetching a https:// URL with HTTP proxy configured
> (e.g. with environment variable http_proxy=http://your-proxy:3128)
> busybox was making a https connection to the proxy.
>
> This was because the protocol scheme for the target URL was used to determine \
> whether to connect to the proxy over SSL or not.
> When the proxy is in use, the decision on whether to connect to the proxy over \
> https should based on the proxy URL not on the target URL.
>
> Signed-off-by: Peter Lloyd <l-busybox at pgl22.co.uk>
> ---
> networking/wget.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/networking/wget.c b/networking/wget.c
> index 3a5d681..8643bef 100644
> --- a/networking/wget.c
> +++ b/networking/wget.c
> @@ -1034,6 +1034,7 @@ static void download_one_url(const char *url)
> parse_url(proxy, &server);
> }
> if (!use_proxy) {
> + server.protocol = target.protocol;
> server.port = target.port;
> if (ENABLE_FEATURE_IPV6) {
> //free(server.allocated); - can't be non-NULL
> @@ -1098,7 +1099,7 @@ static void download_one_url(const char *url)
> /* Open socket to http(s) server */
> #if ENABLE_FEATURE_WGET_OPENSSL
> /* openssl (and maybe internal TLS) support is configured */
> - if (target.protocol == P_HTTPS) {
> + if (server.protocol == P_HTTPS) {
> /* openssl-based helper
> * Inconvenient API since we can't give it an open fd
> */
> @@ -1122,7 +1123,7 @@ static void download_one_url(const char *url)
> #elif ENABLE_FEATURE_WGET_HTTPS
> /* Only internal TLS support is configured */
> sfp = open_socket(lsa);
> - if (target.protocol == P_HTTPS)
> + if (server.protocol == P_HTTPS)
> spawn_ssl_client(server.host, fileno(sfp), /*flags*/ 0);
> #else
> /* ssl (https) support is not configured */
> --
> 1.9.1
> _______________________________________________
> busybox mailing list
> busybox@busybox.net
> http://lists.busybox.net/mailman/listinfo/busybox
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic