diff options
author | Christian Heimes <cheimes@redhat.com> | 2015-11-25 20:42:17 +0100 |
---|---|---|
committer | Matthew Harmsen <mharmsen@pki.usersys.redhat.com> | 2015-12-15 15:50:26 -0700 |
commit | 73f5e33c945d865a88b47491b73553ba8ecf2f53 (patch) | |
tree | 5aff81670cae1aedbe18b5206e783cdfc98dba2b /base | |
parent | 6a9990784b3a5ff18a800a288e8d1af173c7ae6e (diff) | |
download | pki-73f5e33c945d865a88b47491b73553ba8ecf2f53.tar.gz pki-73f5e33c945d865a88b47491b73553ba8ecf2f53.tar.xz pki-73f5e33c945d865a88b47491b73553ba8ecf2f53.zip |
sslget must set Host HTTP header
The sslget tool sends a TLS SNI header. Apache doesn't like server name
indication without a matching HTTP header. Requests without a Host
header are refused with
HTTP/1.1 400 Bad Request
Hostname example.org provided via SNI, but no hostname provided in HTTP request
sslget now sets a Host HTTP header for all requests.
https://fedorahosted.org/pki/ticket/1704
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Diffstat (limited to 'base')
-rw-r--r-- | base/native-tools/src/sslget/sslget.c | 23 |
1 files changed, 10 insertions, 13 deletions
diff --git a/base/native-tools/src/sslget/sslget.c b/base/native-tools/src/sslget/sslget.c index c453096ba..bd631c6fb 100644 --- a/base/native-tools/src/sslget/sslget.c +++ b/base/native-tools/src/sslget/sslget.c @@ -299,14 +299,6 @@ printSecurityInfo(PRFileDesc *fd) PRBool useModelSocket = PR_TRUE; -static const char outHeader[] = { - "HTTP/1.0 200 OK\r\n" - "Server: Netscape-Enterprise/2.0a\r\n" - "Date: Tue, 26 Aug 1997 22:10:05 GMT\r\n" - "Content-type: text/plain\r\n" - "\r\n" -}; - PRInt32 do_writes( @@ -703,18 +695,23 @@ client_main( SECStatus -createRequest(char * url, char *post) +createRequest( + char * url, + char *post, + const char *hostName, + unsigned short port) { char * newstr; if (post == NULL) { newstr = PR_smprintf( - "GET %s HTTP/1.0\r\n\r\n", - url); + "GET %s HTTP/1.0\r\nHost: %s:%u\r\n\r\n", + url, hostName, (PRUintn)port); } else { int len = strlen(post); newstr = PR_smprintf( - "POST %s HTTP/1.0\r\nContent-Length: %d\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\n%s", url, len, post); + "POST %s HTTP/1.0\r\nHost: %s:%u\r\nContent-Length: %d\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\n%s", + url, hostName, (PRUintn)port, len, post); } bigBuf.data = (unsigned char *)newstr; @@ -833,7 +830,7 @@ main(int argc, char **argv) Usage(progName); } - createRequest(url, post); + createRequest(url, post, hostName, port); if (passwdfile) { fp = fopen(passwdfile,"r"); |