From: Martin Panter Date: Mon, 7 Sep 2015 01:18:47 +0000 (+0000) Subject: Issue #17849: Raise sensible exception for invalid HTTP tunnel response X-Git-Tag: v2.7.11rc1~175 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b75a0e9f32c47cc75924c79f7ac74e2f11f32506;p=thirdparty%2FPython%2Fcpython.git Issue #17849: Raise sensible exception for invalid HTTP tunnel response Initial patch from Cory Benfield. --- diff --git a/Lib/httplib.py b/Lib/httplib.py index fc908d214dff..7223ba151271 100644 --- a/Lib/httplib.py +++ b/Lib/httplib.py @@ -810,6 +810,11 @@ class HTTPConnection: method = self._method) (version, code, message) = response._read_status() + if version == "HTTP/0.9": + # HTTP/0.9 doesn't support the CONNECT verb, so if httplib has + # concluded HTTP/0.9 is being used something has gone wrong. + self.close() + raise socket.error("Invalid response from tunnel request") if code != 200: self.close() raise socket.error("Tunnel connection failed: %d %s" % (code, diff --git a/Lib/test/test_httplib.py b/Lib/test/test_httplib.py index 301458910d6b..a72f6f7ff1c2 100644 --- a/Lib/test/test_httplib.py +++ b/Lib/test/test_httplib.py @@ -578,6 +578,16 @@ class BasicTest(TestCase): #self.assertTrue(response[0].closed) self.assertTrue(conn.sock.file_closed) + def test_proxy_tunnel_without_status_line(self): + # Issue 17849: If a proxy tunnel is created that does not return + # a status code, fail. + body = 'hello world' + conn = httplib.HTTPConnection('example.com', strict=False) + conn.set_tunnel('foo') + conn.sock = FakeSocket(body) + with self.assertRaisesRegexp(socket.error, "Invalid response"): + conn._tunnel() + class OfflineTest(TestCase): def test_responses(self): self.assertEqual(httplib.responses[httplib.NOT_FOUND], "Not Found") diff --git a/Misc/ACKS b/Misc/ACKS index ba3e3fe64791..59d0914c1f40 100644 --- a/Misc/ACKS +++ b/Misc/ACKS @@ -107,6 +107,7 @@ Ben Bell Thomas Bellman Alexander “Саша” Belopolsky Eli Bendersky +Cory Benfield David Benjamin Oscar Benjamin Andrew Bennetts diff --git a/Misc/NEWS b/Misc/NEWS index 017acc611d54..26e41c334c9d 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -37,6 +37,10 @@ Core and Builtins Library ------- +- Issue #17849: Raise a sensible exception if an invalid response is + received for a HTTP tunnel request, as seen with some servers that + do not support tunnelling. Initial patch from Cory Benfield. + - Issue #16180: Exit pdb if file has syntax error, instead of trapping user in an infinite loop. Patch by Xavier de Gaye.