Bug 1161163 - Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE
Summary: Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: curl
Version: 6.5
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: rc
: ---
Assignee: Kamil Dudka
QA Contact: Stefan Kremen
URL:
Whiteboard:
Depends On: 1161182
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-11-06 14:39 UTC by Stefan Heinzel
Modified: 2015-07-22 05:44 UTC (History)
3 users (show)

Fixed In Version: curl-7.19.7-43.el6
Doc Type: Bug Fix
Doc Text:
Previously, libcurl returned wrong value of the CURLINFO_HEADER_SIZE field in case a proxy server appended its own headers to the HTTP response. An upstream patch has been applied on libcurl sources to fix calculation of the field. Now the returned value is valid even if proxy headers are appended.
Clone Of:
: 1161182 (view as bug list)
Environment:
Last Closed: 2015-07-22 05:44:06 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:1254 normal SHIPPED_LIVE Moderate: curl security, bug fix, and enhancement update 2015-07-20 17:50:03 UTC

Description Stefan Heinzel 2014-11-06 14:39:41 UTC
Description of problem:

Sourceforge bug id -> #1204 -> http://sourceforge.net/p/curl/bugs/1204/

###
See https://github.com/bagder/curl/pull/60

Often times proxy servers add their own headers (like HTTP/1.0 200 Connection established) to responses on their way back to the client. The size of these headers was not taken into account when calculating CURLINFO_HEADER_SIZE before the change from this pull request.

The problem can be reproduced quite easily using the test program from https://gist.github.com/mj/5102778. In our case the proxy server at proxy:8080 was the default Squid that ships with Debian stable.
###


Version-Release number of selected component in my case:

   # rpm -qa |grep curl
   curl-7.19.7-37.el6_5.3.x86_64
   libcurl-7.19.7-37.el6_5.3.x86_64
   [...]

   # curl --version
   curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
   [...]

How reproducible:

Use curl to connect to URL through proxy server.

Comment 2 Kamil Dudka 2014-11-06 15:25:18 UTC
Thank you for reporting the bug!

upstream commit:
https://github.com/bagder/curl/commit/bc6037ed

Comment 8 Stefan Heinzel 2015-03-11 09:09:16 UTC
Hi,

is there any plan when QA will be processed/finished? Our customer is facing this problem and would really like to have this problem fixed. ;)

Thanks and kind regards
Stefan

Comment 9 Kamil Dudka 2015-03-18 15:07:19 UTC
Hi Stefan,

this bug is approved to be fixed in the RHEL 6.7 update.

Please contact Product Support if you need an accelerated fix for the issue.

Comment 12 errata-xmlrpc 2015-07-22 05:44:06 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-1254.html


Note You need to log in before you can comment on or make changes to this bug.