Return-Path: X-Original-To: apmail-httpd-users-archive@www.apache.org Delivered-To: apmail-httpd-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 58AD1EF47 for ; Wed, 30 Jan 2013 10:41:46 +0000 (UTC) Received: (qmail 50372 invoked by uid 500); 30 Jan 2013 10:41:42 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 50329 invoked by uid 500); 30 Jan 2013 10:41:42 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 50317 invoked by uid 99); 30 Jan 2013 10:41:42 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 30 Jan 2013 10:41:42 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy) Received: from [83.223.49.132] (HELO gate1.netsafe.cz) (83.223.49.132) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 30 Jan 2013 10:41:35 +0000 Received: (qmail 13926 invoked from network); 30 Jan 2013 11:41:11 +0100 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on webgate.netsafe.cz X-Spam-Level: Received: from unknown (HELO nudel.localnet) (pavel@10.64.1.132) by webgate.netsafe.cz with AES256-SHA encrypted SMTP; 30 Jan 2013 11:41:11 +0100 From: Pavel Mateja Organization: Netsafe To: users@httpd.apache.org Date: Wed, 30 Jan 2013 11:41:10 +0100 User-Agent: KMail/1.13.7 (Linux/3.2.0-4-amd64; KDE/4.8.4; x86_64; ; ) References: <201301221407.05915.pavel@netsafe.cz> In-Reply-To: <201301221407.05915.pavel@netsafe.cz> Cc: dev@httpd.apache.org MIME-Version: 1.0 Content-Type: Text/Plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-Id: <201301301141.10874.pavel@netsafe.cz> X-Virus-Checked: Checked by ClamAV on apache.org X-Old-Spam-Status: No, score=-106.8 required=5.0 tests=ALL_TRUSTED,BAYES_00, USER_IN_WHITELIST autolearn=ham version=3.2.5 Subject: Re: [users@httpd] Proxy CONNECT HTTP version > Hi! > I have two debian servers - one squeeze and one wheezy - with different > versions of wget - 1.12-2.1 and 1.13.4-3 and proxy server with apache > 2.4.3. I'm trying to set https_proxy and wget some pages via https. > Old wget is working just fine but the new one is reporting: > "Proxy tunneling failed: Bad Request Unable to establish SSL connection." > Wget debug output says there is one major difference. New wget is trying to > do "CONNECT .. HTTP/1.1". The old working one uses just HTTP/1.0. > Has anybody seen something similar? Hi again. I've checked the code and problem is with wget which sends HTTP/1.1 without Host header which is required by apache. Comment from server/protocol.c: /* * Client sent us an HTTP/1.1 or later request without telling us the * hostname, either with a full URL or a Host: header. We therefore * need to (as per the 1.1 spec) send an error. As a special case, * HTTP/1.1 mentions twice (S9, S14.23) that a request MUST contain * a Host: header, and the server MUST respond with 400 if it doesn't. */ The wget package will be in next stable debian which sux because all CONNECT requests thru apache will fail. I just compiled wget from git (1.14.31-3be7) and the bug is still there. Any idea what to do? Should somebody fill bug for debian and wget or should we ignore that RFC request? -- Pavel Mateja --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org