mirror of
https://github.com/openssl/openssl.git
synced 2024-11-27 20:14:20 +08:00
s_client: Better response success check for CONNECT
Instead of looking for "200" and "established" (and failing all other 2xx responses or "Established"), let's look for a line that's not a header (i.e. doesn't contain a ':') and where the first space is followed by a '2'. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1664)
This commit is contained in:
parent
9d6fcd4295
commit
ec2a0e6065
@ -2020,24 +2020,44 @@ int s_client_main(int argc, char **argv)
|
||||
break;
|
||||
case PROTO_CONNECT:
|
||||
{
|
||||
int foundit = 0;
|
||||
enum {
|
||||
error_proto, /* Wrong protocol, not even HTTP */
|
||||
error_connect, /* CONNECT failed */
|
||||
success
|
||||
} foundit = error_connect;
|
||||
BIO *fbio = BIO_new(BIO_f_buffer());
|
||||
|
||||
BIO_push(fbio, sbio);
|
||||
BIO_printf(fbio, "CONNECT %s HTTP/1.0\r\n\r\n", connectstr);
|
||||
(void)BIO_flush(fbio);
|
||||
/* wait for multi-line response to end CONNECT response */
|
||||
do {
|
||||
mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
|
||||
if (strstr(mbuf, "200") != NULL
|
||||
&& strstr(mbuf, "established") != NULL)
|
||||
foundit++;
|
||||
} while (mbuf_len > 3 && foundit == 0);
|
||||
/*
|
||||
* The first line is the HTTP response. According to RFC 7230,
|
||||
* it's formated exactly like this:
|
||||
*
|
||||
* HTTP/d.d ddd Reason text\r\n
|
||||
*/
|
||||
mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
|
||||
if (mbuf[8] != ' ') {
|
||||
BIO_printf(bio_err,
|
||||
"%s: HTTP CONNECT failed, incorrect response "
|
||||
"from proxy\n", prog);
|
||||
foundit = error_proto;
|
||||
} else if (mbuf[9] != '2') {
|
||||
BIO_printf(bio_err, "%s: HTTP CONNECT failed: %s ", prog,
|
||||
&mbuf[9]);
|
||||
} else {
|
||||
foundit = success;
|
||||
}
|
||||
if (foundit != error_proto) {
|
||||
/* Read past all following headers */
|
||||
do {
|
||||
mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
|
||||
} while (mbuf_len > 2);
|
||||
}
|
||||
(void)BIO_flush(fbio);
|
||||
BIO_pop(fbio);
|
||||
BIO_free(fbio);
|
||||
if (!foundit) {
|
||||
BIO_printf(bio_err, "%s: HTTP CONNECT failed\n", prog);
|
||||
if (foundit != success) {
|
||||
goto shut;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user