>Synopsis: pkg_add doesn't set the Host header in CONNECT requests
>Category: user
>Environment:
System : OpenBSD 7.4
Details : OpenBSD 7.4 (GENERIC) #3: Wed Feb 28 06:23:08 MST 2024
[email protected]:/usr/src/sys/arch/amd64/compile/GENERIC
Architecture: OpenBSD.amd64
Machine : amd64
>Description:
pkg_add doesn't work when http_proxy is set.
The proxy server says that client sent HTTP/1.1 request without hostname.
>How-To-Repeat:
# pkg_add apache-httpd
# perl -pi.old -e '/mod_proxy(_http|_connect)?\.so/ && s/^#//'
/etc/apache2/httpd2.conf
# perl -pi -e '/^LogLevel/ && s/warn/debug/' /etc/apache2/httpd2.conf
# echo 'ProxyRequests On' >> /etc/apache2/httpd2.conf
# apachectl2 start
# export http_proxy=http://localhost:80/
# pkg_add bash
https://cdn.openbsd.org/pub/OpenBSD/7.4/packages-stable/amd64/: TLS handshake
failure: handshake failed: unexpected EOF
https://cdn.openbsd.org/pub/OpenBSD/7.4/packages/amd64/: TLS handshake failure:
handshake failed: unexpected EOF
https://cdn.openbsd.org/pub/OpenBSD/7.4/packages/amd64/: empty
# tail -n 1 /var/www/logs/access_log
127.0.0.1 - - [06/Apr/2024:22:40:26 +0900] "CONNECT cdn.openbsd.org:443
HTTP/1.1" 400 226
# tail -n 1 /var/www/logs/error_log
[Sat Apr 06 22:40:26.215271 2024] [core:debug] [pid 32509] protocol.c(1043):
[client 127.0.0.1:39864] AH00569: client sent HTTP/1.1 request without hostname
(see RFC2616 section 14.23): /
>Fix:
I added the Host header as follows.
--- usr.bin/ftp/fetch.c.orig Thu Jun 29 02:35:06 2023
+++ usr.bin/ftp/fetch.c Sat Apr 6 22:44:46 2024
@@ -1724,11 +1724,13 @@
if (cookie) {
l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n"
+ "Host: %s:%s\r\n"
"Proxy-Authorization: Basic %s\r\n%s\r\n\r\n",
- host, port, cookie, HTTP_USER_AGENT);
+ host, port, host, port, cookie, HTTP_USER_AGENT);
} else {
- l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n%s\r\n\r\n",
- host, port, HTTP_USER_AGENT);
+ l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n"
+ "Host: %s:%s\r\n%s\r\n\r\n",
+ host, port, host, port, HTTP_USER_AGENT);
}
if (l == -1)
