Branch: Tag:

2019-08-07

2019-08-07 13:32:21 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Protocols.HTTP [do_async_proxied_method]: Check whether CONNECT failed.

Do not attempt to start a TLS connection over a socket where
the proxy has returned a failure code.

Fixes PIKE-198 (#8198).

112: Inside #if constant(SSL.sslfile)
   m_delete(proxy_headers, "authorization"); // Keep the proxy in the dark.    con = do_method("CONNECT", proxy, 0, proxy_headers);    con->data(0); -  if (con->status/100 > 2) { +  if (con->status >= 300) { +  // Proxy did not like us or failed to connect to the remote.    return con;    }    con->headers["connect"] = "keep-alive";
382:    mapping(string:string) request_headers,    string data)   { +  if (con->status >= 300) { +  // Proxy did not like us or failed to connect to the remote. +  https_proxy_connect_fail(con, orig_cb_info, url, method, +  query_variables, request_headers, +  data); +  return; +  }    con->set_callbacks(@orig_cb_info);       con->headers["connect"] = "keep-alive";