Re: Bugfix: acme-client 301 redirect issue
ok Florian Obser(flor...@openbsd.org) on 2018.03.14 08:15:35 +0100: > On Wed, Mar 14, 2018 at 01:08:33AM +, Stuart Henderson wrote: > > On 2018/03/11 17:52, Florian Obser wrote: > > > > > > I think we should just follow the 301. > > > > I didn't hear back from @letsencrypt_ops about why they were > > issue 301s, but I do agree it makes sense to follow them. > > update diff with more redirect status codes and EOL tab fixed > > diff --git netproc.c netproc.c > index 26033a3fc3c..ea901a1bda5 100644 > --- netproc.c > +++ netproc.c > @@ -180,15 +180,18 @@ nreq(struct conn *c, const char *addr) > { > struct httpget *g; > struct sourcesrc[MAX_SERVERS_DNS]; > + struct httphead *st; > char*host, *path; > shortport; > size_t srcsz; > ssize_t ssz; > long code; > + int redirects = 0; > > if ((host = url2host(addr, &port, &path)) == NULL) > return -1; > > +again: > if ((ssz = urlresolve(c->dfd, host, src)) < 0) { > free(host); > free(path); > @@ -202,7 +205,36 @@ nreq(struct conn *c, const char *addr) > if (g == NULL) > return -1; > > - code = g->code; > + switch (g->code) { > + case 301: > + case 302: > + case 303: > + case 307: > + case 308: > + redirects++; > + if (redirects > 3) { > + warnx("too many redirects"); > + http_get_free(g); > + return -1; > + } > + > + if ((st = http_head_get("Location", g->head, g->headsz)) == > + NULL) { > + warnx("redirect without location header"); > + return -1; > + } > + > + dodbg("Location: %s", st->val); > + host = url2host(st->val, &port, &path); > + http_get_free(g); > + if (host == NULL) > + return -1; > + goto again; > + break; > + default: > + code = g->code; > + break; > + } > > /* Copy the body part into our buffer. */ > > > > -- > I'm not entirely sure you are real. >
Re: Bugfix: acme-client 301 redirect issue
On Wed, Mar 14, 2018 at 01:08:33AM +, Stuart Henderson wrote: > On 2018/03/11 17:52, Florian Obser wrote: > > > > I think we should just follow the 301. > > I didn't hear back from @letsencrypt_ops about why they were > issue 301s, but I do agree it makes sense to follow them. update diff with more redirect status codes and EOL tab fixed diff --git netproc.c netproc.c index 26033a3fc3c..ea901a1bda5 100644 --- netproc.c +++ netproc.c @@ -180,15 +180,18 @@ nreq(struct conn *c, const char *addr) { struct httpget *g; struct sourcesrc[MAX_SERVERS_DNS]; + struct httphead *st; char*host, *path; shortport; size_t srcsz; ssize_t ssz; long code; + int redirects = 0; if ((host = url2host(addr, &port, &path)) == NULL) return -1; +again: if ((ssz = urlresolve(c->dfd, host, src)) < 0) { free(host); free(path); @@ -202,7 +205,36 @@ nreq(struct conn *c, const char *addr) if (g == NULL) return -1; - code = g->code; + switch (g->code) { + case 301: + case 302: + case 303: + case 307: + case 308: + redirects++; + if (redirects > 3) { + warnx("too many redirects"); + http_get_free(g); + return -1; + } + + if ((st = http_head_get("Location", g->head, g->headsz)) == + NULL) { + warnx("redirect without location header"); + return -1; + } + + dodbg("Location: %s", st->val); + host = url2host(st->val, &port, &path); + http_get_free(g); + if (host == NULL) + return -1; + goto again; + break; + default: + code = g->code; + break; + } /* Copy the body part into our buffer. */ -- I'm not entirely sure you are real.
Re: Bugfix: acme-client 301 redirect issue
On 2018/03/11 17:52, Florian Obser wrote: > > I think we should just follow the 301. I didn't hear back from @letsencrypt_ops about why they were issue 301s, but I do agree it makes sense to follow them. > OK? > > diff --git netproc.c netproc.c > index 26033a3fc3c..14da5a8c1a9 100644 > --- netproc.c > +++ netproc.c > @@ -180,15 +180,18 @@ nreq(struct conn *c, const char *addr) > { > struct httpget *g; > struct sourcesrc[MAX_SERVERS_DNS]; > + struct httphead *st; > char*host, *path; > shortport; > size_t srcsz; > ssize_t ssz; > long code; > + int redirects = 0; > > if ((host = url2host(addr, &port, &path)) == NULL) > return -1; > > +again: > if ((ssz = urlresolve(c->dfd, host, src)) < 0) { > free(host); > free(path); > @@ -202,6 +205,28 @@ nreq(struct conn *c, const char *addr) > if (g == NULL) > return -1; > > + if (g->code == 301) { 301 is the one we saw, but shouldn't we follow others as well? https://http.cat/302 https://http.cat/303 https://http.cat/307 > + redirects++; > + if (redirects > 3) { > + warnx("too many redirects"); > + http_get_free(g); > + return -1; > + } > + > + if ((st = http_head_get("Location", g->head, g->headsz)) == > + NULL) { > + warnx("redirect without location header"); > + return -1; > + } > + > + dodbg("Location: %s", st->val); > + host = url2host(st->val, &port, &path); > + http_get_free(g); > + if (host == NULL) nitpicking, trailing tabs > + return -1; > + goto again; > + } > + > code = g->code; > > /* Copy the body part into our buffer. */ > > -- > I'm not entirely sure you are real. >
Re: Bugfix: acme-client 301 redirect issue
I think we should just follow the 301. OK? diff --git netproc.c netproc.c index 26033a3fc3c..14da5a8c1a9 100644 --- netproc.c +++ netproc.c @@ -180,15 +180,18 @@ nreq(struct conn *c, const char *addr) { struct httpget *g; struct sourcesrc[MAX_SERVERS_DNS]; + struct httphead *st; char*host, *path; shortport; size_t srcsz; ssize_t ssz; long code; + int redirects = 0; if ((host = url2host(addr, &port, &path)) == NULL) return -1; +again: if ((ssz = urlresolve(c->dfd, host, src)) < 0) { free(host); free(path); @@ -202,6 +205,28 @@ nreq(struct conn *c, const char *addr) if (g == NULL) return -1; + if (g->code == 301) { + redirects++; + if (redirects > 3) { + warnx("too many redirects"); + http_get_free(g); + return -1; + } + + if ((st = http_head_get("Location", g->head, g->headsz)) == + NULL) { + warnx("redirect without location header"); + return -1; + } + + dodbg("Location: %s", st->val); + host = url2host(st->val, &port, &path); + http_get_free(g); + if (host == NULL) + return -1; + goto again; + } + code = g->code; /* Copy the body part into our buffer. */ -- I'm not entirely sure you are real.