[prev in list] [next in list] [prev in thread] [next in thread]
List: privoxy-developers
Subject: [privoxy-devel] [ ijbswa-Bugs-2950483 ] privoxy 3.0.15 returns a
From: "SourceForge.net" <noreply () sourceforge ! net>
Date: 2010-02-15 17:02:52
Message-ID: E1Nh4LU-0005VJ-JT () sfs-web-2 ! v29 ! ch3 ! sourceforge ! com
[Download RAW message or body]
Bugs item #2950483, was opened at 2010-02-12 11:14
Message generated for change (Comment added) made by fabiankeil
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=111118&aid=2950483&group_id=11118
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
> Status: Closed
> Resolution: Fixed
Priority: 5
Private: No
Submitted By: zebul666 (zebul666)
Assigned to: Fabian Keil (fabiankeil)
Summary: privoxy 3.0.15 returns a 503 on DNS error
Initial Comment:
if the DNS returns a "No such name", privoxy 3.0.15 returns a 503 error wrongly \
stating connect failed "the site could not be reach" instead of 404 error with No \
such domain.
i run archlinux with privoxy 3.0.15
----------------------------------------------------------------------
> Comment By: Fabian Keil (fabiankeil)
Date: 2010-02-15 17:02
Message:
Fixed in CVS.
----------------------------------------------------------------------
Comment By: Lee (ler762)
Date: 2010-02-15 15:25
Message:
> it's just that i don't use IPV6.
It doesn't matter if you're using it or not - it's what code path is taken
in Privoxy.
I'm on Window & Privoxy doesn't support IPv6 on windows [yet]. You're on
archlinux & apparently Privoxy does support IPv6 there. So we follow
different code paths - you get the
#ifdef HAVE_RFC2553
call getaddrinfo to do the name -> address lookup
code that doesn't set errno on a lookup failure and I get the
#else /* ndef HAVE_RFC2553 */
call resolve_hostname_to_ip to do the name -> address lookup
code which does set errno on a lookup failure.
Regards,
Lee
----------------------------------------------------------------------
Comment By: Lee (ler762)
Date: 2010-02-15 15:04
Message:
> I think we could even do it in 3.0.16
Sounds good.
Work has gotten so risk averse that I don't even propose last-minute
changes any more..
Regards,
Lee
----------------------------------------------------------------------
Comment By: Fabian Keil (fabiankeil)
Date: 2010-02-14 23:28
Message:
But Privoxy still has been compiled with FEATURE_IPV6_SUPPORT:
http://config.privoxy.org/show-status
----------------------------------------------------------------------
Comment By: zebul666 (zebul666)
Date: 2010-02-14 22:54
Message:
it's just that i don't use IPV6. i have disable the ipv6 module. (by using
alias net-pf-10 off in modprobe.conf)
but i use google's DNS so that 's not completly impossible though
improbable.
also i have specified privoxy adress by ipv4 127.0.0.1:8118 and not
localhost
----------------------------------------------------------------------
Comment By: Fabian Keil (fabiankeil)
Date: 2010-02-14 19:47
Message:
You are following this correctly and I think we could even do it in 3.0.16
and use a clean solution in 3.0.17 and later.
----------------------------------------------------------------------
Comment By: Lee (ler762)
Date: 2010-02-14 16:04
Message:
> if the DNS server responds right away to say that the domain doesn't
> exist, it's hardly a server failure.
Right. But 504 was the only status mentioning DNS & the 4xx status codes
are for client errors. Although I suppose giving an invalid host name
could be considered an error on the client side..
Am I following the code correctly?
#ifdef HAVE_RFC2553 code path calls getaddrinfo which doen't set errno
for a lookup failure.
#ifndef HAVE_RFC2553 code path calls resolve_hostname_to_ip which sets
errno = EINVAL for a lookup failure.
If it's just a two line fix to get back to giving a "404 No such domain"
for lookup failures when IPv6 is enabled, that sound like a good 1st patch
for 3.0.17
Regards,
Lee
----------------------------------------------------------------------
Comment By: Fabian Keil (fabiankeil)
Date: 2010-02-14 07:39
Message:
It's a FEATURE_IPV6_SUPPORT thing. One can work around it with:
diff --git a/jbsockets.c b/jbsockets.c
index 7731171..f564273 100644
--- a/jbsockets.c
+++ b/jbsockets.c
@@ -176,6 +176,8 @@ jb_socket connect_to(const char *host, int portnum,
struct client_state *csp)
{
log_error(LOG_LEVEL_INFO,
"Can not resolve %s: %s", host, gai_strerror(retval));
+ /* XXX: Should find a better way to propagate this error. */
+ errno = EINVAL;
csp->http->host_ip_addr_str = strdup("unknown");
return(JB_INVALID_SOCKET);
(SF will mess up line breaks and white-space)
504 could cover the case when the DNS server doesn't respond, but if the
DNS server responds right away to say that the domain doesn't exist, it's
hardly a server failure.
On the other hand there really is no perfect status code a proxy could
use, that fits completely.
----------------------------------------------------------------------
Comment By: Lee (ler762)
Date: 2010-02-14 00:24
Message:
Wouldn't a 504 error be more correct for a DNS lookup failure?
http://tools.ietf.org/html/rfc2616#section-10.5.5
10.5.5 504 Gateway Timeout
The server, while acting as a gateway or proxy, did not receive a
timely response from the upstream server specified by the URI (e.g.
HTTP, FTP, LDAP) or some other auxiliary server (e.g. DNS) it needed
to access in attempting to complete the request.
and near the end:
19.6.3 Changes from RFC 2068
This specification has been carefully audited to correct and
disambiguate key word usage; RFC 2068 had many problems in respect to
the conventions laid out in RFC 2119 [34].
Clarified which error code should be used for inbound server failures
(e.g. DNS failures). (Section 10.5.5).
And is this a Windows/nix thing? Privoxy on Windows XP give me a 404
error:
No such domain
Your request for http://doesnotexist.local/ could not be fulfilled,
because the domain name doesnotexist.local could not be resolved.
This is often a temporary failure, so you might just try again.
Lee
----------------------------------------------------------------------
Comment By: zebul666 (zebul666)
Date: 2010-02-13 21:26
Message:
i don't want privoxy to return a 404 error. i was refering to the previous
behavior.
i would certainly not say it is "technically correct". You could say it is
correct overall but certainly not "technically correct". To be "technically
correct" you would have to tell about the Dns error response. and/or the
failed look up name.
use 503 or 502 if you want but a custom message would not hurt, for sure.
every browser is able to do so by giving a correct information on this. so
please, try to do so and do not imply wrong thing with the message of
privoxy
----------------------------------------------------------------------
Comment By: Fabian Keil (fabiankeil)
Date: 2010-02-13 14:04
Message:
Thanks for the report but I don't see this as a bug. The actual message
is:
Your request for http://doesnotexist.local/ could not be fulfilled,
because the connection to doesnotexist.local (unknown) could not be
established.
Which is technically correct, although I agree that it wouldn't hurt to be
more explicit about the reason.
503 and 502 are the status codes commonly used by proxies to signal DNS
resolution failures and while they aren't perfect, I think they fit better
than using 404.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=111118&aid=2950483&group_id=11118
------------------------------------------------------------------------------
SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
http://p.sf.net/sfu/solaris-dev2dev
_______________________________________________
Ijbswa-developers mailing list
Ijbswa-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ijbswa-developers
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic