From: Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Date: Tue, 30 Nov 2021 19:06:09 +0000 (+0100)
Subject: OSSL_HTTP_set1_request(): Fix check for presence of port option and its documentation
X-Git-Tag: openssl-3.2.0-alpha1~3254
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=266383b44c4ebce5ddf551547e73ab6eec47805b;p=thirdparty%2Fopenssl.git

OSSL_HTTP_set1_request(): Fix check for presence of port option and its documentation

For HTTP (not HTTPS) with proxy, server must be given, port is optional

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17186)
---

diff --git a/crypto/http/http_client.c b/crypto/http/http_client.c
index 45e92cd7fd3..d8e54c03a9d 100644
--- a/crypto/http/http_client.c
+++ b/crypto/http/http_client.c
@@ -961,7 +961,7 @@ int OSSL_HTTP_set1_request(OSSL_HTTP_REQ_CTX *rctx, const char *path,
         return 0;
     }
     use_http_proxy = rctx->proxy != NULL && !rctx->use_ssl;
-    if (use_http_proxy && (rctx->server == NULL || rctx->port == NULL)) {
+    if (use_http_proxy && rctx->server == NULL) {
         ERR_raise(ERR_LIB_HTTP, ERR_R_PASSED_INVALID_ARGUMENT);
         return 0;
     }
diff --git a/doc/man3/OSSL_HTTP_transfer.pod b/doc/man3/OSSL_HTTP_transfer.pod
index 2aef3a5347a..6b784ea0b5d 100644
--- a/doc/man3/OSSL_HTTP_transfer.pod
+++ b/doc/man3/OSSL_HTTP_transfer.pod
@@ -58,7 +58,7 @@ NULL, else by connecting to a given I<server> optionally via a I<proxy>.
 Typically the OpenSSL build supports sockets and the I<bio> parameter is NULL.
 In this case I<rbio> must be NULL as well, and the
 library creates a network BIO internally for connecting to the given I<server>
-at the specified I<port> if any, defaulting to 80 for HTTP or 443 for HTTPS.
+and the optionally given I<port>, defaulting to 80 for HTTP or 443 for HTTPS.
 Then this internal BIO is used for setting up a connection
 and for exchanging one or more request and response.
 If I<bio> is given and I<rbio> is NULL then this I<bio> is used instead.
@@ -150,6 +150,8 @@ NULL) to print additional diagnostic information in a user-oriented way.
 
 OSSL_HTTP_set1_request() sets up in I<rctx> the request header and content data
 and expectations on the response using the following parameters.
+If <rctx> indicates using a proxy for HTTP (but not HTTPS), the server hostname
+(and optionally port) needs to be placed in the header and thus must be present.
 If I<path> is NULL it defaults to "/".
 If I<req> is NULL the HTTP GET method will be used to send the request
 else HTTP POST with the contents of I<req> and optional I<content_type>, where