Return-Path: X-Original-To: apmail-hc-dev-archive@www.apache.org Delivered-To: apmail-hc-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 847A710294 for ; Wed, 23 Jul 2014 12:13:39 +0000 (UTC) Received: (qmail 58002 invoked by uid 500); 23 Jul 2014 12:13:39 -0000 Delivered-To: apmail-hc-dev-archive@hc.apache.org Received: (qmail 57962 invoked by uid 500); 23 Jul 2014 12:13:39 -0000 Mailing-List: contact dev-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpComponents Project" Delivered-To: mailing list dev@hc.apache.org Received: (qmail 57923 invoked by uid 99); 23 Jul 2014 12:13:39 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 23 Jul 2014 12:13:39 +0000 Date: Wed, 23 Jul 2014 12:13:39 +0000 (UTC) From: "Oleg Kalnichevski (JIRA)" To: dev@hc.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Resolved] (HTTPCLIENT-1531) https connections through proxies don't work if authentication is disabled MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HTTPCLIENT-1531?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Oleg Kalnichevski resolved HTTPCLIENT-1531. ------------------------------------------- Resolution: Fixed Fix Version/s: 4.4 Alpha2 4.3.5 Fixed in SVN trunk and 4.3.x branch. Please review / re-test. Oleg > https connections through proxies don't work if authentication is disabled > -------------------------------------------------------------------------- > > Key: HTTPCLIENT-1531 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1531 > Project: HttpComponents HttpClient > Issue Type: Bug > Components: HttpClient > Affects Versions: 4.3.2, 4.3.3, 4.3.4, 4.4 Alpha1 > Reporter: Maxime Suret > Fix For: 4.3.5, 4.4 Alpha2 > > > HttpClient seems to have a problem accessing websites using SSL behind a proxy when authentication is disabled. > How to reproduce: > Create a HttpClient with a proxy and authentication disabled, and use it to access a "https" website (note that the proxy does not require authentication): > {code:title=Example.java|borderStyle=solid} > HttpClientBuilder > .create() > .setDefaultRequestConfig( > RequestConfig > .custom() > .setAuthenticationEnabled(false) > .build()) > .setProxy(someProxy) > .build() > .execute( > RequestBuilder > .create(HttpGet.METHOD_NAME) > .setUri("https://some.site") > .build()); > {code} > The request fails with the following exception: > {noformat} > DEBUG - Connection request: [route: {tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443][total kept alive: 0; route allocated: 0 of 100; total allocated: 0 of 100] > DEBUG - Connection leased: [id: 0][route: {tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443][total kept alive: 0; route allocated: 1 of 100; total allocated: 1 of 100] > DEBUG - Opening connection {tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443 > DEBUG - Connecting to ec2-54-73-107-194.eu-west-1.compute.amazonaws.com/54.73.107.194:3128 > DEBUG - Connection established 192.168.0.21:53559<->54.73.107.194:3128 > DEBUG - http-outgoing-0 >> CONNECT provisioning.eu.blackberry.com:443 HTTP/1.1 > DEBUG - http-outgoing-0 >> Host: provisioning.eu.blackberry.com > DEBUG - http-outgoing-0 >> Proxy-Connection: Keep-Alive > DEBUG - http-outgoing-0 >> "CONNECT provisioning.eu.blackberry.com:443 HTTP/1.1[\r][\n]" > DEBUG - http-outgoing-0 >> "Host: provisioning.eu.blackberry.com[\r][\n]" > DEBUG - http-outgoing-0 >> "Proxy-Connection: Keep-Alive[\r][\n]" > DEBUG - http-outgoing-0 >> "[\r][\n]" > DEBUG - http-outgoing-0 << "HTTP/1.0 200 Connection established[\r][\n]" > DEBUG - http-outgoing-0 << "[\r][\n]" > DEBUG - http-outgoing-0 << HTTP/1.0 200 Connection established > DEBUG - http-outgoing-0 >> CONNECT provisioning.eu.blackberry.com:443 HTTP/1.1 > DEBUG - http-outgoing-0 >> Host: provisioning.eu.blackberry.com > DEBUG - http-outgoing-0 >> Proxy-Connection: Keep-Alive > DEBUG - http-outgoing-0 >> "CONNECT provisioning.eu.blackberry.com:443 HTTP/1.1[\r][\n]" > DEBUG - http-outgoing-0 >> "Host: provisioning.eu.blackberry.com[\r][\n]" > DEBUG - http-outgoing-0 >> "Proxy-Connection: Keep-Alive[\r][\n]" > DEBUG - http-outgoing-0 >> "[\r][\n]" > DEBUG - http-outgoing-0 << "end of stream" > DEBUG - http-outgoing-0: Close connection > DEBUG - http-outgoing-0: Shutdown connection > DEBUG - Connection discarded > DEBUG - http-outgoing-0: Close connection > DEBUG - Connection released: [id: 0][route: {tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443][total kept alive: 0; route allocated: 0 of 100; total allocated: 0 of 100] > INFO - I/O exception (org.apache.http.NoHttpResponseException) caught when processing request to {tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443: The target server failed to respond > DEBUG - The target server failed to respond > org.apache.http.NoHttpResponseException: The target server failed to respond > at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:143) > at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:57) > at org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:261) > at org.apache.http.impl.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:165) > at org.apache.http.impl.conn.CPoolProxy.receiveResponseHeader(CPoolProxy.java:167) > at org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:271) > at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:123) > at org.apache.http.impl.execchain.MainClientExec.createTunnelToTarget(MainClientExec.java:457) > at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:382) > at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:221) > at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:199) > at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:87) > at org.apache.http.impl.execchain.ServiceUnavailableRetryExec.execute(ServiceUnavailableRetryExec.java:83) > at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184) > at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:84) > at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57) > {noformat} > It seems to be because of the *for* loop not being properly exited in *org.apache.http.impl.execchain.MainClientExec.createTunnelToTarget* when *config.isAuthenticationEnabled()* returns *false*: > {code:title=MainClientExec.java|borderStyle=solid} > private boolean createTunnelToTarget( > ... > for (;;) { > ... > if (config.isAuthenticationEnabled()) { > ... > } > } > ... > } > {code} -- This message was sent by Atlassian JIRA (v6.2#6252) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org For additional commands, e-mail: dev-help@hc.apache.org