[jira] [Issue Comment Deleted] (HTTPCLIENT-1406) https on port 80 over proxy caused the http client to go into an infinite loop

Oleg Kalnichevski (JIRA) Wed, 02 Oct 2013 06:19:23 -0700

     [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-1406?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Oleg Kalnichevski updated HTTPCLIENT-1406:
------------------------------------------

    Comment: was deleted

(was: I am unable to reproduce the problem with HttpClient 4.3

{noformat}
executing request: GET / HTTP/1.1
via proxy: http://localhost:8080
to target: https://localhost:80
2013/10/02 14:11:34:565 GMT+01:00 [DEBUG] RequestAddCookies - CookieSpec 
selected: best-match
2013/10/02 14:11:34:574 GMT+01:00 [DEBUG] RequestAuthCache - Auth cache not set 
in the context
2013/10/02 14:11:34:575 GMT+01:00 [DEBUG] PoolingHttpClientConnectionManager - 
Connection request: [route: 
{tls}->http://localhost:8080->https://localhost:80][total kept alive: 0; route 
allocated: 0 of 2; total allocated: 0 of 20]
2013/10/02 14:11:34:588 GMT+01:00 [DEBUG] PoolingHttpClientConnectionManager - 
Connection leased: [id: 0][route: 
{tls}->http://localhost:8080->https://localhost:80][total kept alive: 0; route 
allocated: 1 of 2; total allocated: 1 of 20]
2013/10/02 14:11:34:599 GMT+01:00 [DEBUG] MainClientExec - Opening connection 
{tls}->http://localhost:8080->https://localhost:80
2013/10/02 14:11:34:603 GMT+01:00 [DEBUG] HttpClientConnectionManager - 
Connecting to localhost/127.0.0.1:8080
2013/10/02 14:11:34:609 GMT+01:00 [DEBUG] headers - http-outgoing-0 >> CONNECT 
localhost:80 HTTP/1.1
2013/10/02 14:11:34:609 GMT+01:00 [DEBUG] headers - http-outgoing-0 >> Host: 
localhost:80
2013/10/02 14:11:34:609 GMT+01:00 [DEBUG] headers - http-outgoing-0 >> 
Proxy-Connection: Keep-Alive
2013/10/02 14:11:34:612 GMT+01:00 [DEBUG] headers - http-outgoing-0 << HTTP/1.0 
407 Proxy Authentication Required
2013/10/02 14:11:34:612 GMT+01:00 [DEBUG] headers - http-outgoing-0 << Server: 
squid/2.5.STABLE13
2013/10/02 14:11:34:612 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
Mime-Version: 1.0
2013/10/02 14:11:34:612 GMT+01:00 [DEBUG] headers - http-outgoing-0 << Date: 
Wed, 02 Oct 2013 13:11:34 GMT
2013/10/02 14:11:34:612 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
Content-Type: text/html
2013/10/02 14:11:34:613 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
Content-Length: 1265
2013/10/02 14:11:34:613 GMT+01:00 [DEBUG] headers - http-outgoing-0 << Expires: 
Wed, 02 Oct 2013 13:11:34 GMT
2013/10/02 14:11:34:613 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
2013/10/02 14:11:34:613 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
Proxy-Authenticate: Basic realm="test-proxy"
2013/10/02 14:11:34:613 GMT+01:00 [DEBUG] headers - http-outgoing-0 << X-Cache: 
MISS from localhost
2013/10/02 14:11:34:614 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
Proxy-Connection: close
2013/10/02 14:11:34:616 GMT+01:00 [DEBUG] HttpAuthenticator - Authentication 
required
2013/10/02 14:11:34:616 GMT+01:00 [DEBUG] HttpAuthenticator - localhost:8080 
requested authentication
2013/10/02 14:11:34:617 GMT+01:00 [DEBUG] ProxyAuthenticationStrategy - 
Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, 
Digest, Basic]
2013/10/02 14:11:34:617 GMT+01:00 [DEBUG] ProxyAuthenticationStrategy - 
Challenge for negotiate authentication scheme not available
2013/10/02 14:11:34:617 GMT+01:00 [DEBUG] ProxyAuthenticationStrategy - 
Challenge for Kerberos authentication scheme not available
2013/10/02 14:11:34:617 GMT+01:00 [DEBUG] ProxyAuthenticationStrategy - 
Challenge for NTLM authentication scheme not available
2013/10/02 14:11:34:617 GMT+01:00 [DEBUG] ProxyAuthenticationStrategy - 
Challenge for Digest authentication scheme not available
2013/10/02 14:11:34:633 GMT+01:00 [DEBUG] HttpAuthenticator - Selected 
authentication options: [BASIC]
2013/10/02 14:11:34:634 GMT+01:00 [DEBUG] DefaultManagedHttpClientConnection - 
http-outgoing-0: Close connection
2013/10/02 14:11:34:635 GMT+01:00 [DEBUG] HttpClientConnectionManager - 
Connecting to localhost/127.0.0.1:8080
2013/10/02 14:11:34:635 GMT+01:00 [DEBUG] HttpAuthenticator - Generating 
response to an authentication challenge using basic scheme
2013/10/02 14:11:34:637 GMT+01:00 [DEBUG] headers - http-outgoing-0 >> CONNECT 
localhost:80 HTTP/1.1
2013/10/02 14:11:34:637 GMT+01:00 [DEBUG] headers - http-outgoing-0 >> Host: 
localhost:80
2013/10/02 14:11:34:637 GMT+01:00 [DEBUG] headers - http-outgoing-0 >> 
Proxy-Connection: Keep-Alive
2013/10/02 14:11:34:637 GMT+01:00 [DEBUG] headers - http-outgoing-0 >> 
Proxy-Authorization: Basic xxxxxxxx
2013/10/02 14:11:34:638 GMT+01:00 [DEBUG] headers - http-outgoing-0 << HTTP/1.0 
200 Connection established
2013/10/02 14:11:34:638 GMT+01:00 [DEBUG] HttpAuthenticator - Authentication 
succeeded
2013/10/02 14:11:34:639 GMT+01:00 [DEBUG] ProxyAuthenticationStrategy - Caching 
'basic' auth scheme for http://localhost:8080
2013/10/02 14:11:34:639 GMT+01:00 [DEBUG] MainClientExec - Tunnel to target 
created.
2013/10/02 14:11:34:890 GMT+01:00 [DEBUG] MainClientExec - Executing request 
GET / HTTP/1.1
2013/10/02 14:11:34:890 GMT+01:00 [DEBUG] MainClientExec - Target auth state: 
UNCHALLENGED
2013/10/02 14:11:34:890 GMT+01:00 [DEBUG] headers - http-outgoing-0 >> GET / 
HTTP/1.1
2013/10/02 14:11:34:890 GMT+01:00 [DEBUG] headers - http-outgoing-0 >> Host: 
localhost:80
2013/10/02 14:11:34:890 GMT+01:00 [DEBUG] headers - http-outgoing-0 >> 
Connection: Keep-Alive
2013/10/02 14:11:34:891 GMT+01:00 [DEBUG] headers - http-outgoing-0 >> 
User-Agent: Apache-HttpClient/4.3.1-SNAPSHOT (java 1.5)
2013/10/02 14:11:34:891 GMT+01:00 [DEBUG] headers - http-outgoing-0 >> 
Accept-Encoding: gzip,deflate
2013/10/02 14:11:34:891 GMT+01:00 [DEBUG] headers - http-outgoing-0 << HTTP/1.1 
200 OK
2013/10/02 14:11:34:892 GMT+01:00 [DEBUG] headers - http-outgoing-0 << Date: 
Wed, 02 Oct 2013 13:11:34 GMT
2013/10/02 14:11:34:892 GMT+01:00 [DEBUG] headers - http-outgoing-0 << Server: 
Apache/2.2.22 (Ubuntu)
2013/10/02 14:11:34:892 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
Last-Modified: Sat, 13 Apr 2013 09:48:25 GMT
2013/10/02 14:11:34:892 GMT+01:00 [DEBUG] headers - http-outgoing-0 << ETag: 
"2111e-b1-4da3aebc22fcf"
2013/10/02 14:11:34:892 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
Accept-Ranges: bytes
2013/10/02 14:11:34:892 GMT+01:00 [DEBUG] headers - http-outgoing-0 << Vary: 
Accept-Encoding
2013/10/02 14:11:34:892 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
Content-Encoding: gzip
2013/10/02 14:11:34:892 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
Content-Length: 146
2013/10/02 14:11:34:892 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
Keep-Alive: timeout=5, max=100
2013/10/02 14:11:34:892 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
Connection: Keep-Alive
2013/10/02 14:11:34:892 GMT+01:00 [DEBUG] headers - http-outgoing-0 << 
Content-Type: text/html
2013/10/02 14:11:34:894 GMT+01:00 [DEBUG] MainClientExec - Connection can be 
kept alive for 5000 MILLISECONDS
2013/10/02 14:11:34:909 GMT+01:00 [DEBUG] PoolingHttpClientConnectionManager - 
Connection [id: 0][route: {tls}->http://localhost:8080->https://localhost:80] 
can be kept alive for 5.0 seconds
2013/10/02 14:11:34:910 GMT+01:00 [DEBUG] PoolingHttpClientConnectionManager - 
Connection released: [id: 0][route: 
{tls}->http://localhost:8080->https://localhost:80][total kept alive: 1; route 
allocated: 1 of 2; total allocated: 1 of 20]
2013/10/02 14:11:34:910 GMT+01:00 [DEBUG] PoolingHttpClientConnectionManager - 
Connection manager is shutting down
2013/10/02 14:11:34:910 GMT+01:00 [DEBUG] DefaultManagedHttpClientConnection - 
http-outgoing-0: Close connection
2013/10/02 14:11:34:911 GMT+01:00 [DEBUG] DefaultManagedHttpClientConnection - 
http-outgoing-0: Close connection
2013/10/02 14:11:34:911 GMT+01:00 [DEBUG] PoolingHttpClientConnectionManager - 
Connection manager shut down
----------------------------------------
HTTP/1.1 200 OK
Response content length: -1
{noformat})

> https on port 80 over proxy caused the http client to go into an infinite loop
> ------------------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-1406
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1406
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>    Affects Versions: 4.2.5
>            Reporter: Jason Webb
>
> Using a proxy configuration of https on port 80 sends the http client into an 
> infinite loop.  Creating mini dos attack on the proxy server.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Issue Comment Deleted] (HTTPCLIENT-1406) https on port 80 over proxy caused the http client to go into an infinite loop

Reply via email to