bin/172452: [patch] [fetch] add HTTP 305 handling to libfetch

Garrett Cooper yanegomi at gmail.com
Sun Oct 7 13:40:14 UTC 2012 

>Number:         172452
>Category:       bin
>Synopsis:       [patch] [fetch] add HTTP 305 handling to libfetch
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Oct 07 13:40:13 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Garrett Cooper
>Release:        9.1-STABLE
>Organization:
EMC Isilon
>Environment:
FreeBSD bayonetta.local 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE #0 r240836M: Sat Sep 22 12:30:11 PDT 2012     gcooper at bayonetta.local:/usr/obj/store/freebsd/stable/9/sys/BAYONETTA  amd64
>Description:
While poking around RFC-2616 and looking at libfetch for bin/172451, I noticed that libfetch wasn't handling HTTP 305 style redirects. From the RFC...

10.3.6 305 Use Proxy

   The requested resource MUST be accessed through the proxy given by
   the Location field. The Location field gives the URI of the proxy.
   The recipient is expected to repeat this single request via the
   proxy. 305 responses MUST only be generated by origin servers.

      Note: RFC 2068 was not clear that 305 was intended to redirect a
      single request, and to be generated by origin servers only.  Not
      observing these limitations has significant security consequences.

Plugging in the support was relatively trivial, but my patch isn't ultra paranoid like noted here. I poked around curl and wget, and discovered that curl implements the support, but they don't do the "paranoia checking" and instead just redirect and wget doesn't implement it at all.

Whether or not it's useful to implement this is a good question, but the simple patch is available for any interested parties.
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

Index: lib/libfetch/http.c
===================================================================
--- lib/libfetch/http.c	(revision 241309)
+++ lib/libfetch/http.c	(working copy)
@@ -103,6 +103,7 @@
 #define HTTP_MOVED_TEMP		302
 #define HTTP_SEE_OTHER		303
 #define HTTP_NOT_MODIFIED	304
+#define HTTP_USE_PROXY		305
 #define HTTP_TEMP_REDIRECT	307
 #define HTTP_NEED_AUTH		401
 #define HTTP_NEED_PROXY_AUTH	407
@@ -112,7 +113,8 @@
 #define HTTP_REDIRECT(xyz) ((xyz) == HTTP_MOVED_PERM \
 			    || (xyz) == HTTP_MOVED_TEMP \
 			    || (xyz) == HTTP_TEMP_REDIRECT \
-			    || (xyz) == HTTP_SEE_OTHER)
+			    || (xyz) == HTTP_SEE_OTHER \
+			    || (xyz) == HTTP_USE_PROXY)
 
 #define HTTP_ERROR(xyz) ((xyz) > 400 && (xyz) < 599)
 
@@ -1697,6 +1698,7 @@
 		case HTTP_MOVED_PERM:
 		case HTTP_MOVED_TEMP:
 		case HTTP_SEE_OTHER:
+		case HTTP_USE_PROXY:
 			/*
 			 * Not so fine, but we still have to read the
 			 * headers to get the new location.


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list