Maxime Suret created HTTPCLIENT-1531:
----------------------------------------
Summary: https connections through proxies don't work if
authentication is disabled
Key: HTTPCLIENT-1531
URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1531
Project: HttpComponents HttpClient
Issue Type: Bug
Components: HttpClient
Affects Versions: 4.4 Alpha1, 4.3.4, 4.3.3, 4.3.2
Reporter: Maxime Suret
HttpClient seems to have a problem accessing websites using SSL behind a proxy
when authentication is disabled.
How to reproduce:
Create a HttpClient with a proxy and authentication disabled, and use it to
access a "https" website (note that the proxy does not require authentication):
{code:title=Example.java|borderStyle=solid}
HttpClientBuilder
.create()
.setDefaultRequestConfig(
RequestConfig
.custom()
.setAuthenticationEnabled(false)
.build())
.setProxy(someProxy)
.build()
.execute(
RequestBuilder
.create(HttpGet.METHOD_NAME)
.setUri("https://some.site";)
.build());
{code}
The request fails with the following exception:
{noformat}
DEBUG - Connection request: [route:
{tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443][total
kept alive: 0; route allocated: 0 of 100; total allocated: 0 of 100]
DEBUG - Connection leased: [id: 0][route:
{tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443][total
kept alive: 0; route allocated: 1 of 100; total allocated: 1 of 100]
DEBUG - Opening connection
{tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443
DEBUG - Connecting to
ec2-54-73-107-194.eu-west-1.compute.amazonaws.com/54.73.107.194:3128
DEBUG - Connection established 192.168.0.21:53559<->54.73.107.194:3128
DEBUG - http-outgoing-0 >> CONNECT provisioning.eu.blackberry.com:443 HTTP/1.1
DEBUG - http-outgoing-0 >> Host: provisioning.eu.blackberry.com
DEBUG - http-outgoing-0 >> Proxy-Connection: Keep-Alive
DEBUG - http-outgoing-0 >> "CONNECT provisioning.eu.blackberry.com:443
HTTP/1.1[\r][\n]"
DEBUG - http-outgoing-0 >> "Host: provisioning.eu.blackberry.com[\r][\n]"
DEBUG - http-outgoing-0 >> "Proxy-Connection: Keep-Alive[\r][\n]"
DEBUG - http-outgoing-0 >> "[\r][\n]"
DEBUG - http-outgoing-0 << "HTTP/1.0 200 Connection established[\r][\n]"
DEBUG - http-outgoing-0 << "[\r][\n]"
DEBUG - http-outgoing-0 << HTTP/1.0 200 Connection established
DEBUG - http-outgoing-0 >> CONNECT provisioning.eu.blackberry.com:443 HTTP/1.1
DEBUG - http-outgoing-0 >> Host: provisioning.eu.blackberry.com
DEBUG - http-outgoing-0 >> Proxy-Connection: Keep-Alive
DEBUG - http-outgoing-0 >> "CONNECT provisioning.eu.blackberry.com:443
HTTP/1.1[\r][\n]"
DEBUG - http-outgoing-0 >> "Host: provisioning.eu.blackberry.com[\r][\n]"
DEBUG - http-outgoing-0 >> "Proxy-Connection: Keep-Alive[\r][\n]"
DEBUG - http-outgoing-0 >> "[\r][\n]"
DEBUG - http-outgoing-0 << "end of stream"
DEBUG - http-outgoing-0: Close connection
DEBUG - http-outgoing-0: Shutdown connection
DEBUG - Connection discarded
DEBUG - http-outgoing-0: Close connection
DEBUG - Connection released: [id: 0][route:
{tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443][total
kept alive: 0; route allocated: 0 of 100; total allocated: 0 of 100]
INFO - I/O exception (org.apache.http.NoHttpResponseException) caught when
processing request to
{tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443:
The target server failed to respond
DEBUG - The target server failed to respond
org.apache.http.NoHttpResponseException: The target server failed to respond
at
org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:143)
at
org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:57)
at
org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:261)
at
org.apache.http.impl.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:165)
at
org.apache.http.impl.conn.CPoolProxy.receiveResponseHeader(CPoolProxy.java:167)
at
org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:271)
at
org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:123)
at
org.apache.http.impl.execchain.MainClientExec.createTunnelToTarget(MainClientExec.java:457)
at
org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:382)
at
org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:221)
at
org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:199)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:87)
at
org.apache.http.impl.execchain.ServiceUnavailableRetryExec.execute(ServiceUnavailableRetryExec.java:83)
at
org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:84)
at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
{noformat}
It seems to be because of the *for* loop not being properly exited in
*org.apache.http.impl.execchain.MainClientExec.createTunnelToTarget* when
*config.isAuthenticationEnabled()* returns *false*:
{code:title=MainClientExec.java|borderStyle=solid}
private boolean createTunnelToTarget(
...
for (;;) {
...
if (config.isAuthenticationEnabled()) {
...
}
}
...
}
{code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
