When fetching a https:// URL with HTTP proxy configured (e.g. with environment variable http_proxy=http://your-proxy:3128) busybox was making a https connection to the proxy.
This was because the protocol scheme for the target URL was used to determine whether to connect to the proxy over SSL or not. When the proxy is in use, the decision on whether to connect to the proxy over https should based on the proxy URL not on the target URL. Signed-off-by: Peter Lloyd <l-busybox at pgl22.co.uk> --- networking/wget.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/networking/wget.c b/networking/wget.c index 3a5d681..8643bef 100644 --- a/networking/wget.c +++ b/networking/wget.c @@ -1034,6 +1034,7 @@ static void download_one_url(const char *url) parse_url(proxy, &server); } if (!use_proxy) { + server.protocol = target.protocol; server.port = target.port; if (ENABLE_FEATURE_IPV6) { //free(server.allocated); - can't be non-NULL @@ -1098,7 +1099,7 @@ static void download_one_url(const char *url) /* Open socket to http(s) server */ #if ENABLE_FEATURE_WGET_OPENSSL /* openssl (and maybe internal TLS) support is configured */ - if (target.protocol == P_HTTPS) { + if (server.protocol == P_HTTPS) { /* openssl-based helper * Inconvenient API since we can't give it an open fd */ @@ -1122,7 +1123,7 @@ static void download_one_url(const char *url) #elif ENABLE_FEATURE_WGET_HTTPS /* Only internal TLS support is configured */ sfp = open_socket(lsa); - if (target.protocol == P_HTTPS) + if (server.protocol == P_HTTPS) spawn_ssl_client(server.host, fileno(sfp), /*flags*/ 0); #else /* ssl (https) support is not configured */ -- 1.9.1 _______________________________________________ busybox mailing list busybox@busybox.net http://lists.busybox.net/mailman/listinfo/busybox