Bug 1161182 - Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE
Summary: Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: curl
Version: 7.2
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: alpha
: ---
Assignee: Kamil Dudka
QA Contact: Stefan Kremen
URL:
Whiteboard:
Depends On:
Blocks: 1161163
TreeView+ depends on / blocked
 
Reported: 2014-11-06 15:27 UTC by Kamil Dudka
Modified: 2015-11-19 07:07 UTC (History)
3 users (show)

Fixed In Version: curl-7.29.0-24.el7
Doc Type: Bug Fix
Doc Text:
Previously, libcurl returned wrong value of the CURLINFO_HEADER_SIZE field in case a proxy server appended its own headers to the HTTP response. An upstream patch has been applied on libcurl sources to fix calculation of the field. Now the returned value is valid even if proxy headers are appended.
Clone Of: 1161163
Environment:
Last Closed: 2015-11-19 07:07:14 UTC
Target Upstream Version:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:2159 0 normal SHIPPED_LIVE Moderate: curl security, bug fix, and enhancement update 2015-11-19 08:26:18 UTC

Description Kamil Dudka 2014-11-06 15:27:41 UTC 
+++ This bug was initially created as a clone of Bug #1161163 +++

Description of problem:

Sourceforge bug id -> #1204 -> http://sourceforge.net/p/curl/bugs/1204/

###
See https://github.com/bagder/curl/pull/60

Often times proxy servers add their own headers (like HTTP/1.0 200 Connection established) to responses on their way back to the client. The size of these headers was not taken into account when calculating CURLINFO_HEADER_SIZE before the change from this pull request.

The problem can be reproduced quite easily using the test program from https://gist.github.com/mj/5102778. In our case the proxy server at proxy:8080 was the default Squid that ships with Debian stable.
###


Version-Release number of selected component in my case:

   # rpm -qa |grep curl
   curl-7.19.7-37.el6_5.3.x86_64
   libcurl-7.19.7-37.el6_5.3.x86_64
   [...]

   # curl --version
   curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
   [...]

How reproducible:

Use curl to connect to URL through proxy server.

--- Additional comment from RHEL Product and Program Management on 2014-11-06 15:50:49 CET ---

Since this bug report was entered in bugzilla, the release flag has been
set to ? to ensure that it is properly evaluated for this release.

--- Additional comment from Kamil Dudka on 2014-11-06 16:25:18 CET ---

Thank you for reporting the bug!

upstream commit:
https://github.com/bagder/curl/commit/bc6037ed
Comment 7 errata-xmlrpc 2015-11-19 07:07:14 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-2159.html
Note You need to log in before you can comment on or make changes to this bug.