Red Hat Bugzilla – Bug 1000773
nc breaks on HTTP/1.1 proxy servers
Last modified: 2015-07-13 00:14:45 EDT
Description of problem:
nc only supports HTTP/1.0 proxy servers and fails on HTTP/1.1 responses.
$ nc -X connect -x proxy.example.com:3128 www.example.com 443
nc: Proxy error: "HTTP/1.1 200 Connection established"
nc works fine without proxy or with HTTP/1.0 proxy servers, but with recent versions of Squid (always sending HTTP/1.1 responses) it fails. Proxy servers must send the highest HTTP version they support (not necessarily the same as the version of the original request).
If you look into the source code, nc expects a hardcoded "HTTP/1.0 200 " response. It shouldn't care about the HTTP version as long as it gets a positive "200" response.
Version-Release number of selected component (if applicable):
Use nc to connect through a HTTP/1.1 proxy.
Steps to Reproduce:
1. see above
nc aborts because of hardcoded HTTP version.
Happily connect and ignore the HTTP version (the "200" response is all that matters).
I could use "ncat" (nmap) instead but that has also an issue with HTTP proxy.
This is an easy fix and already present upstream, too.
This should be a trivial fix, please update from upstream.
A fix pushed in nc-1.84-23.el6.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.