summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChristian Heimes <cheimes@redhat.com>2015-11-25 20:42:17 +0100
committerMatthew Harmsen <mharmsen@pki.usersys.redhat.com>2015-12-15 15:59:40 -0700
commitd895ca41472112a3ef07486419d4580f6c9d0983 (patch)
tree9fba683660a97f902ab33f9991237c164272a9b1
parent54bbce097db9caaeeeda04bd547f2798221591ed (diff)
downloadpki-d895ca41472112a3ef07486419d4580f6c9d0983.tar.gz
pki-d895ca41472112a3ef07486419d4580f6c9d0983.tar.xz
pki-d895ca41472112a3ef07486419d4580f6c9d0983.zip
sslget must set Host HTTP header
The sslget tool sends a TLS SNI header. Apache doesn't like server name indication without a matching HTTP header. Requests without a Host header are refused with HTTP/1.1 400 Bad Request Hostname example.org provided via SNI, but no hostname provided in HTTP request sslget now sets a Host HTTP header for all requests. https://fedorahosted.org/pki/ticket/1704 Signed-off-by: Christian Heimes <cheimes@redhat.com> (cherry picked from commit 73f5e33c945d865a88b47491b73553ba8ecf2f53)
Diffstat
-rw-r--r--base/native-tools/src/sslget/sslget.c23
1 files changed, 10 insertions, 13 deletions
diff --git a/base/native-tools/src/sslget/sslget.c b/base/native-tools/src/sslget/sslget.c
index c453096ba..bd631c6fb 100644
--- a/base/native-tools/src/sslget/sslget.c
+++ b/base/native-tools/src/sslget/sslget.c
@@ -299,14 +299,6 @@ printSecurityInfo(PRFileDesc *fd)
PRBool useModelSocket = PR_TRUE;
-static const char outHeader[] = {
- "HTTP/1.0 200 OK\r\n"
- "Server: Netscape-Enterprise/2.0a\r\n"
- "Date: Tue, 26 Aug 1997 22:10:05 GMT\r\n"
- "Content-type: text/plain\r\n"
- "\r\n"
-};
-
PRInt32
do_writes(
@@ -703,18 +695,23 @@ client_main(
SECStatus
-createRequest(char * url, char *post)
+createRequest(
+ char * url,
+ char *post,
+ const char *hostName,
+ unsigned short port)
{
char * newstr;
if (post == NULL) {
newstr = PR_smprintf(
- "GET %s HTTP/1.0\r\n\r\n",
- url);
+ "GET %s HTTP/1.0\r\nHost: %s:%u\r\n\r\n",
+ url, hostName, (PRUintn)port);
} else {
int len = strlen(post);
newstr = PR_smprintf(
- "POST %s HTTP/1.0\r\nContent-Length: %d\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\n%s", url, len, post);
+ "POST %s HTTP/1.0\r\nHost: %s:%u\r\nContent-Length: %d\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\n%s",
+ url, hostName, (PRUintn)port, len, post);
}
bigBuf.data = (unsigned char *)newstr;
@@ -833,7 +830,7 @@ main(int argc, char **argv)
Usage(progName);
}
- createRequest(url, post);
+ createRequest(url, post, hostName, port);
if (passwdfile) {
fp = fopen(passwdfile,"r");
generated by cgit (git 2.34.1) at 2024-04-23 14:06:10 +0000