NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

bin/51043: ftp(1) should use the port number for CONNECT



>Number:         51043
>Category:       bin
>Synopsis:       ftp(1) should use the port number for CONNECT
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Apr 04 20:10:00 +0000 2016
>Originator:     Yorick Hardy
>Release:        NetBSD-7
>Organization:
>Environment:
NetBSD HOME 7.0_STABLE NetBSD 7.0_STABLE (YORICK.amd64) #1: Fri Mar  4 14:03:27 SAST 2016  root@HOME:/root/build.amd64.local7/obj/sys/arch/amd64/compile/YORICK.amd64 amd64
>Description:
RFC 2817 section 5.3:

5.2 Requesting a Tunnel with CONNECT

   A CONNECT method requests that a proxy establish a tunnel connection
   on its behalf. The Request-URI portion of the Request-Line is always
   an 'authority' as defined by URI Generic Syntax [2], which is to say
   the host name and port number destination of the requested connection
   separated by a colon:

      CONNECT server.example.com:80 HTTP/1.1
      Host: server.example.com:80

Using the port name does not seem to work with, for example, privoxy.
>How-To-Repeat:

>Fix:
Index: usr.bin/ftp/fetch.c
==================================================================
--- usr.bin/ftp/fetch.c
+++ usr.bin/ftp/fetch.c
@@ -845,12 +845,12 @@
 			    (int)(p - ui->host), ui->host);
 		h = hname;
 	} else
 		h = ui->host;
 
-	fetch_printf(fin, "CONNECT %s:%s HTTP/1.1\r\n", h, ui->port);
-	fetch_printf(fin, "Host: %s:%s\r\n", h, ui->port);
+	fetch_printf(fin, "CONNECT %s:%d HTTP/1.1\r\n", h, ui->portnum);
+	fetch_printf(fin, "Host: %s:%d\r\n", h, ui->portnum);
 }
 #endif
 
 #define C_OK 0
 #define C_CLEANUP 1



Home | Main Index | Thread Index | Old Index