httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 29773] New: - FTP proxy connects to incorrect destination port
Date Thu, 24 Jun 2004 01:21:21 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=29773>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=29773

FTP proxy connects to incorrect destination port

           Summary: FTP proxy connects to incorrect destination port
           Product: Apache httpd-2.0
           Version: 2.0.49
          Platform: All
        OS/Version: Other
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: mod_proxy
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: uzl6iz702@sneakemail.com
                CC: uzl6iz702@sneakemail.com


When a client uses a Host: HTTP header containing a port number in a proxied ftp
GET request, the ftp proxy incorrectly attempts to connect to the FTP server on
that port.  For example, if the apache proxy runs on port 1234 the "yum" client
will send the following request to the proxy:

-----
GET ftp://server.otherdomain.com/path/to/file.txt HTTP/1.1
Host: proxy.mydomain.com:1234
Accept-Encoding: identity
User-agent: Yum/2.X
-----

The proxy then tries to connect to server.otherdomain.com on port 1234 rather
than the default of port 21.  If the log level is cranked up, the following
lines appear in the error_log:

-----
[debug] proxy_ftp.c(150): proxy: FTP: canonicalising URL
//server.otherdomain.com/path/to/file.txt
[debug] proxy_http.c(1038): proxy: HTTP: declining URL
ftp://server.otherdomain.com/path/to/file.txt
[debug] proxy_connect.c(102): proxy: CONNECT: declining URL
ftp://server.otherdomain.com/path/to/file.txt
[debug] proxy_ftp.c(782): proxy: FTP: serving URL
ftp://server.otherdomain.com/path/to/file.txt
[debug] proxy_ftp.c(885): proxy: FTP: connecting
ftp://server.otherdomain.com/path/to/file.txt to server.otherdomain.com:1234
[debug] proxy_ftp.c(963): proxy: FTP: fam 2 socket created, trying to connect to
1.2.3.4:1234 (server.otherdomain.com)...
(times out since port 1234 is firewalled)
-----

Thanks to the detailed debug info provided, it's simple to see the code that's
not working as expected:

----- proxy_ftp.c ----
    /* We break the URL into host, port, path-search */
    connectname = r->parsed_uri.hostname;
    connectport = (r->parsed_uri.port != 0)
        ? r->parsed_uri.port
        : apr_uri_port_of_scheme("ftp");
-----

For some reason the HOST: header included is providing a port via the parsed_uri
structure.  When I send the following to the proxy via a telnet connection it
works fine:

-----
GET ftp://server.otherdomain.com/path/to/file.txt HTTP/1.1
Host: proxy.mydomain.com
-----

I suspect something is wrong in how the parsed_uri gets built, but I haven't
traced it yet.

  -- Steve

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message