[Bug 235548] fetch(1): Options -s and -S cause Bad Request when used with https URL and proxy.

Tue, 05 Feb 2019 21:55:10 -0800 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=235548

            Bug ID: 235548
           Summary: fetch(1): Options -s and -S cause Bad Request when
                    used with https URL and proxy.
           Product: Base System
           Version: 12.0-RELEASE
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: bin
          Assignee: b...@freebsd.org
          Reporter: mickey...@gmx.net

The commandline options '-s' and '-S' of fetch(1) to report/require remote file
size fail with 'Bad Request' when used with a https URL through a (squid) proxy
server (no SSL bump, connect through proxy). Without proxy or using http
instead of https both works.

$ env HTTP_PROXY=http://10.6.6.1:3128 fetch -s
https://download.kde.org/stable/plasma/5.14.5/powerdevil-5.14.5.tar.xz
fetch: Bad Request

$ env HTTP_PROXY=http://10.6.6.1:3128 fetch -s
http://download.kde.org/stable/plasma/5.14.5/powerdevil-5.14.5.tar.xz
599712

$ fetch -s
https://download.kde.org/stable/plasma/5.14.5/powerdevil-5.14.5.tar.xz
599712

$ env HTTP_PROXY=http://10.6.6.1:3128 fetch -S 599712
https://download.kde.org/stable/plasma/5.14.5/powerdevil-5.14.5.tar.xz
fetch: https://download.kde.org/stable/plasma/5.14.5/powerdevil-5.14.5.tar.xz:
Bad Request

$ env HTTP_PROXY=http://10.6.6.1:3128 fetch -S 599712
http://download.kde.org/stable/plasma/5.14.5/powerdevil-5.14.5.tar.xz
powerdevil-5.14.5.tar.xz              585 kB  329 kBps   02s

$ fetch -S 599712
https://download.kde.org/stable/plasma/5.14.5/powerdevil-5.14.5.tar.xz
powerdevil-5.14.5.tar.xz              585 kB  312 kBps   02s

The proxy log shows two requests for each attempt that failed with 'Bad
Request'. In case of the '-s' option it shows:

"CONNECT download.kde.org:443 HTTP/1.1" 200 6863 TCP_TUNNEL:HIER_DIRECT
"HEAD /pub/mirrors/ftp.kde.org/stable/plasma/5.14.5/powerdevil-5.14.5.tar.xz
HTTP/1.1" 400 301 NONE:HIER_NONE

And with the '-S 599712' option:

"CONNECT download.kde.org:443 HTTP/1.1" 200 7243 TCP_TUNNEL:HIER_DIRECT
"GET
/pub/mirrors/ftp.kde.org/pub/kde/stable/plasma/5.14.5/powerdevil-5.14.5.tar.xz
HTTP/1.1" 400 3973 NONE:HIER_NONE

This is particularly bad cause the ports system uses these options to fetch the
required distfiles. On ports that use https URLs the first attempt will always
fail and cause a fallback to another site.

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

Reply via email to