1.1 configured as session protocol and vice-versa.

Sudheer Vinukonda (JIRA) Wed, 05 Nov 2014 14:26:02 -0800

     [ 
https://issues.apache.org/jira/browse/TS-3172?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Sudheer Vinukonda updated TS-3172:
----------------------------------
    Description: 
With the below configuration restricting http/1.0 for the TLS ports, I still 
see that http/1.0 requests are not rejected.

{code}
% sudo traffic_line -m . | grep server_ports
proxy.config.http.server_ports 80:proto=http/1.1
{code}

{code}
% curl -0  -v http://myproxy.com --o /dev/null
* About to connect() to myproxy. port 80 (#0)
*   Trying xx.xx.xx.xxx... connected
* Connected to myproxy.com (xx.xx.xx.xxx) port 80 (#0)
> GET / HTTP/1.0
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 
> zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: myproxy.com
> Accept: */*
> 
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* 
HTTP 1.0, assume close after body
< HTTP/1.0 404 Not Found
< Content-Type: text/html
< Content-Length: 345
< Date: Wed, 05 Nov 2014 18:48:58 GMT
< Server: ATS
< Age: 0
< Via: http/1.1 myproxy.com (ApacheTrafficServer/5.0.1)
< 
{ [data not shown]
115   345  115   345    0     0  42846      0 --:--:-- --:--:-- --:--:-- 69000* 
Closing connection #0
{code}

The above inconsistent behavior is true when http/1.0 alone is configured as 
well (http/1.1 requests are allowed).



  was:
With the below configuration restricting http/1.0 for the TLS ports, I still 
see that http/1.0 requests are not rejected.

{code}
% sudo traffic_line -m . | grep server_ports
proxy.config.http.server_ports 80:proto=http/1.1
{code}

{code}
% curl -0  -v http://myproxy.com --o /dev/null
* About to connect() to myproxy. port 80 (#0)
*   Trying xx.xx.xx.xxx... connected
* Connected to myproxy.com (xx.xx.xx.xxx) port 80 (#0)
> GET / HTTP/1.0
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 
> zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: myproxy.com
> Accept: */*
> 
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* 
HTTP 1.0, assume close after body
< HTTP/1.0 404 Not Found
< Content-Type: text/html
< Content-Length: 345
< Date: Wed, 05 Nov 2014 18:48:58 GMT
< Server: ATS
< Age: 0
< Via: http/1.1 myproxy.com (ApacheTrafficServer/5.0.1)
< 
{ [data not shown]
115   345  115   345    0     0  42846      0 --:--:-- --:--:-- --:--:-- 69000* 
Closing connection #0
{code}



> Http/1.0 allowed even when only Http/1.1 configured as session protocol and 
> vice-versa.
> ---------------------------------------------------------------------------------------
>
>                 Key: TS-3172
>                 URL: https://issues.apache.org/jira/browse/TS-3172
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: HTTP
>    Affects Versions: 5.1.0
>            Reporter: Sudheer Vinukonda
>            Assignee: Sudheer Vinukonda
>
> With the below configuration restricting http/1.0 for the TLS ports, I still 
> see that http/1.0 requests are not rejected.
> {code}
> % sudo traffic_line -m . | grep server_ports
> proxy.config.http.server_ports 80:proto=http/1.1
> {code}
> {code}
> % curl -0  -v http://myproxy.com --o /dev/null
> * About to connect() to myproxy. port 80 (#0)
> *   Trying xx.xx.xx.xxx... connected
> * Connected to myproxy.com (xx.xx.xx.xxx) port 80 (#0)
> > GET / HTTP/1.0
> > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 
> > NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> > Host: myproxy.com
> > Accept: */*
> > 
>   % Total    % Received % Xferd  Average Speed   Time    Time     Time  
> Current
>                                  Dload  Upload   Total   Spent    Left  Speed
>   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     
> 0* HTTP 1.0, assume close after body
> < HTTP/1.0 404 Not Found
> < Content-Type: text/html
> < Content-Length: 345
> < Date: Wed, 05 Nov 2014 18:48:58 GMT
> < Server: ATS
> < Age: 0
> < Via: http/1.1 myproxy.com (ApacheTrafficServer/5.0.1)
> < 
> { [data not shown]
> 115   345  115   345    0     0  42846      0 --:--:-- --:--:-- --:--:-- 
> 69000* Closing connection #0
> {code}
> The above inconsistent behavior is true when http/1.0 alone is configured as 
> well (http/1.1 requests are allowed).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (TS-3172) Http/1.0 allowed even when only Http/1.1 configured as session protocol and vice-versa.

Reply via email to