From f2380a78aa90ff8a3b76607c0c140810aff84086 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Fri, 26 Jul 2013 09:22:52 +0200 Subject: request absolute URIs from proxies again (0.9.9.3 regession) Commit 2b9c9b7f28b18f6ae3e422020e8934872b06c9f3 not only removes keep-alive, but also changes the request URI send to proxies which are required to be absolute URIs rather than the usual absolute paths. Closes: 717891 --- .../test-bug-717891-abolute-uris-for-proxies | 28 +++++++++++++++++ test/interactive-helper/aptwebserver.cc | 36 +++++++++++++++++----- 2 files changed, 56 insertions(+), 8 deletions(-) create mode 100755 test/integration/test-bug-717891-abolute-uris-for-proxies (limited to 'test') diff --git a/test/integration/test-bug-717891-abolute-uris-for-proxies b/test/integration/test-bug-717891-abolute-uris-for-proxies new file mode 100755 index 000000000..e9c38492e --- /dev/null +++ b/test/integration/test-bug-717891-abolute-uris-for-proxies @@ -0,0 +1,28 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework +setupenvironment +configarchitecture 'amd64' + +buildsimplenativepackage 'unrelated' 'all' '0.5~squeeze1' 'unstable' + +setupaptarchive +changetowebserver --request-absolute='uri' + +msgtest 'Check that absolute paths are' 'not accepted' +aptget update >/dev/null 2>&1 && msgfail || msgpass + +echo 'Acquire::http::Proxy "http://localhost:8080";' > rootdir/etc/apt/apt.conf.d/99proxy + +msgtest 'Check that requests to proxies are' 'absolute uris' +aptget update >/dev/null 2>&1 && msgpass || msgfail + +testequal 'Reading package lists... +Building dependency tree... +The following NEW packages will be installed: + unrelated +0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. +Inst unrelated (0.5~squeeze1 unstable [all]) +Conf unrelated (0.5~squeeze1 unstable [all])' aptget install unrelated -s diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc index a8d191d0e..fde95fec9 100644 --- a/test/interactive-helper/aptwebserver.cc +++ b/test/interactive-helper/aptwebserver.cc @@ -319,6 +319,33 @@ bool parseFirstLine(int const client, std::string const &request, /*{{{*/ sendError(client, 500, request, sendContent, "Filename contains an unencoded space"); return false; } + + std::string host = LookupTag(request, "Host", ""); + if (host.empty() == true) + { + // RFC 2616 §14.23 requires Host + sendError(client, 400, request, sendContent, "Host header is required"); + return false; + } + host = "http://" + host; + + // Proxies require absolute uris, so this is a simple proxy-fake option + std::string const absolute = _config->Find("aptwebserver::request::absolute", "uri,path"); + if (strncmp(host.c_str(), filename.c_str(), host.length()) == 0) + { + if (absolute.find("uri") == std::string::npos) + { + sendError(client, 400, request, sendContent, "Request is absoluteURI, but configured to not accept that"); + return false; + } + // strip the host from the request to make it an absolute path + filename.erase(0, host.length()); + } + else if (absolute.find("path") == std::string::npos) + { + sendError(client, 400, request, sendContent, "Request is absolutePath, but configured to not accept that"); + return false; + } filename = DeQuoteString(filename); // this is not a secure server, but at least prevent the obvious … @@ -342,6 +369,7 @@ int main(int const argc, const char * argv[]) { CommandLine::Args Args[] = { {0, "port", "aptwebserver::port", CommandLine::HasArg}, + {0, "request-absolute", "aptwebserver::request::absolute", CommandLine::HasArg}, {'c',"config-file",0,CommandLine::ConfigFile}, {'o',"option",0,CommandLine::ArbItem}, {0,0,0,0} @@ -447,14 +475,6 @@ int main(int const argc, const char * argv[]) if (parseFirstLine(client, *m, filename, sendContent, closeConnection) == false) continue; - std::string host = LookupTag(*m, "Host", ""); - if (host.empty() == true) - { - // RFC 2616 §14.23 requires Host - sendError(client, 400, *m, sendContent, "Host header is required"); - continue; - } - // string replacements in the requested filename ::Configuration::Item const *Replaces = _config->Tree("aptwebserver::redirect::replace"); if (Replaces != NULL) -- cgit v1.2.3