Re: Bugfix: acme-client 301 redirect issue
ok
Florian Obser(flor...@openbsd.org) on 2018.03.14 08:15:35 +0100:
> On Wed, Mar 14, 2018 at 01:08:33AM +, Stuart Henderson wrote:
> > On 2018/03/11 17:52, Florian Obser wrote:
> > >
> > > I think we should just follow the 301.
> >
> > I didn't hear back from @letsencrypt_ops about why they were
> > issue 301s, but I do agree it makes sense to follow them.
>
> update diff with more redirect status codes and EOL tab fixed
>
> diff --git netproc.c netproc.c
> index 26033a3fc3c..ea901a1bda5 100644
> --- netproc.c
> +++ netproc.c
> @@ -180,15 +180,18 @@ nreq(struct conn *c, const char *addr)
> {
> struct httpget *g;
> struct sourcesrc[MAX_SERVERS_DNS];
> + struct httphead *st;
> char*host, *path;
> shortport;
> size_t srcsz;
> ssize_t ssz;
> long code;
> + int redirects = 0;
>
> if ((host = url2host(addr, &port, &path)) == NULL)
> return -1;
>
> +again:
> if ((ssz = urlresolve(c->dfd, host, src)) < 0) {
> free(host);
> free(path);
> @@ -202,7 +205,36 @@ nreq(struct conn *c, const char *addr)
> if (g == NULL)
> return -1;
>
> - code = g->code;
> + switch (g->code) {
> + case 301:
> + case 302:
> + case 303:
> + case 307:
> + case 308:
> + redirects++;
> + if (redirects > 3) {
> + warnx("too many redirects");
> + http_get_free(g);
> + return -1;
> + }
> +
> + if ((st = http_head_get("Location", g->head, g->headsz)) ==
> + NULL) {
> + warnx("redirect without location header");
> + return -1;
> + }
> +
> + dodbg("Location: %s", st->val);
> + host = url2host(st->val, &port, &path);
> + http_get_free(g);
> + if (host == NULL)
> + return -1;
> + goto again;
> + break;
> + default:
> + code = g->code;
> + break;
> + }
>
> /* Copy the body part into our buffer. */
>
>
>
> --
> I'm not entirely sure you are real.
>
Re: Bugfix: acme-client 301 redirect issue
On Wed, Mar 14, 2018 at 01:08:33AM +, Stuart Henderson wrote:
> On 2018/03/11 17:52, Florian Obser wrote:
> >
> > I think we should just follow the 301.
>
> I didn't hear back from @letsencrypt_ops about why they were
> issue 301s, but I do agree it makes sense to follow them.
update diff with more redirect status codes and EOL tab fixed
diff --git netproc.c netproc.c
index 26033a3fc3c..ea901a1bda5 100644
--- netproc.c
+++ netproc.c
@@ -180,15 +180,18 @@ nreq(struct conn *c, const char *addr)
{
struct httpget *g;
struct sourcesrc[MAX_SERVERS_DNS];
+ struct httphead *st;
char*host, *path;
shortport;
size_t srcsz;
ssize_t ssz;
long code;
+ int redirects = 0;
if ((host = url2host(addr, &port, &path)) == NULL)
return -1;
+again:
if ((ssz = urlresolve(c->dfd, host, src)) < 0) {
free(host);
free(path);
@@ -202,7 +205,36 @@ nreq(struct conn *c, const char *addr)
if (g == NULL)
return -1;
- code = g->code;
+ switch (g->code) {
+ case 301:
+ case 302:
+ case 303:
+ case 307:
+ case 308:
+ redirects++;
+ if (redirects > 3) {
+ warnx("too many redirects");
+ http_get_free(g);
+ return -1;
+ }
+
+ if ((st = http_head_get("Location", g->head, g->headsz)) ==
+ NULL) {
+ warnx("redirect without location header");
+ return -1;
+ }
+
+ dodbg("Location: %s", st->val);
+ host = url2host(st->val, &port, &path);
+ http_get_free(g);
+ if (host == NULL)
+ return -1;
+ goto again;
+ break;
+ default:
+ code = g->code;
+ break;
+ }
/* Copy the body part into our buffer. */
--
I'm not entirely sure you are real.
Re: Bugfix: acme-client 301 redirect issue
On 2018/03/11 17:52, Florian Obser wrote:
>
> I think we should just follow the 301.
I didn't hear back from @letsencrypt_ops about why they were
issue 301s, but I do agree it makes sense to follow them.
> OK?
>
> diff --git netproc.c netproc.c
> index 26033a3fc3c..14da5a8c1a9 100644
> --- netproc.c
> +++ netproc.c
> @@ -180,15 +180,18 @@ nreq(struct conn *c, const char *addr)
> {
> struct httpget *g;
> struct sourcesrc[MAX_SERVERS_DNS];
> + struct httphead *st;
> char*host, *path;
> shortport;
> size_t srcsz;
> ssize_t ssz;
> long code;
> + int redirects = 0;
>
> if ((host = url2host(addr, &port, &path)) == NULL)
> return -1;
>
> +again:
> if ((ssz = urlresolve(c->dfd, host, src)) < 0) {
> free(host);
> free(path);
> @@ -202,6 +205,28 @@ nreq(struct conn *c, const char *addr)
> if (g == NULL)
> return -1;
>
> + if (g->code == 301) {
301 is the one we saw, but shouldn't we follow others as well?
https://http.cat/302
https://http.cat/303
https://http.cat/307
> + redirects++;
> + if (redirects > 3) {
> + warnx("too many redirects");
> + http_get_free(g);
> + return -1;
> + }
> +
> + if ((st = http_head_get("Location", g->head, g->headsz)) ==
> + NULL) {
> + warnx("redirect without location header");
> + return -1;
> + }
> +
> + dodbg("Location: %s", st->val);
> + host = url2host(st->val, &port, &path);
> + http_get_free(g);
> + if (host == NULL)
nitpicking, trailing tabs
> + return -1;
> + goto again;
> + }
> +
> code = g->code;
>
> /* Copy the body part into our buffer. */
>
> --
> I'm not entirely sure you are real.
>
Re: Bugfix: acme-client 301 redirect issue
I think we should just follow the 301.
OK?
diff --git netproc.c netproc.c
index 26033a3fc3c..14da5a8c1a9 100644
--- netproc.c
+++ netproc.c
@@ -180,15 +180,18 @@ nreq(struct conn *c, const char *addr)
{
struct httpget *g;
struct sourcesrc[MAX_SERVERS_DNS];
+ struct httphead *st;
char*host, *path;
shortport;
size_t srcsz;
ssize_t ssz;
long code;
+ int redirects = 0;
if ((host = url2host(addr, &port, &path)) == NULL)
return -1;
+again:
if ((ssz = urlresolve(c->dfd, host, src)) < 0) {
free(host);
free(path);
@@ -202,6 +205,28 @@ nreq(struct conn *c, const char *addr)
if (g == NULL)
return -1;
+ if (g->code == 301) {
+ redirects++;
+ if (redirects > 3) {
+ warnx("too many redirects");
+ http_get_free(g);
+ return -1;
+ }
+
+ if ((st = http_head_get("Location", g->head, g->headsz)) ==
+ NULL) {
+ warnx("redirect without location header");
+ return -1;
+ }
+
+ dodbg("Location: %s", st->val);
+ host = url2host(st->val, &port, &path);
+ http_get_free(g);
+ if (host == NULL)
+ return -1;
+ goto again;
+ }
+
code = g->code;
/* Copy the body part into our buffer. */
--
I'm not entirely sure you are real.
