diff options
| author | Peter Lloyd <l-busybox@pgl22.co.uk> | 2018-03-05 00:17:02 +0100 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2018-03-05 00:19:33 +0100 |
| commit | 804ce5a6fed63a2da6268a2d06f1ee2075435297 (patch) | |
| tree | b72e3cdcd4245f4574dd1def927f38759077cb90 /networking/wget.c | |
| parent | d9aabfe578e58ef8a884c402d6294edc8dfda883 (diff) | |
| download | busybox-804ce5a6fed63a2da6268a2d06f1ee2075435297.tar.gz | |
wget: fix fetching of https URLs with http proxy
When fetching a https:// URL with HTTP proxy configured
(e.g. with environment variable http_proxy=http://your-proxy:3128)
busybox was making a https connection to the proxy.
This was because the protocol scheme for the target URL was used to determine whether to connect to the proxy over SSL or not.
When the proxy is in use, the decision on whether to connect to the proxy over https
should based on the proxy URL not on the target URL.
function old new delta
wget_main 2381 2387 +6
Signed-off-by: Peter Lloyd <l-busybox@pgl22.co.uk>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking/wget.c')
| -rw-r--r-- | networking/wget.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/networking/wget.c b/networking/wget.c index 3a5d68173..8969310a4 100644 --- a/networking/wget.c +++ b/networking/wget.c @@ -1011,7 +1011,6 @@ static void download_one_url(const char *url) len_and_sockaddr *lsa; FILE *sfp; /* socket to web/ftp server */ FILE *dfp; /* socket to ftp server (data) */ - char *proxy = NULL; char *fname_out_alloc; char *redirected_path = NULL; struct host_info server; @@ -1027,13 +1026,14 @@ static void download_one_url(const char *url) /* Use the proxy if necessary */ use_proxy = (strcmp(G.proxy_flag, "off") != 0); if (use_proxy) { - proxy = getenv(target.protocol[0] == 'f' ? "ftp_proxy" : "http_proxy"); + char *proxy = getenv(target.protocol[0] == 'f' ? "ftp_proxy" : "http_proxy"); //FIXME: what if protocol is https? Ok to use http_proxy? use_proxy = (proxy && proxy[0]); if (use_proxy) parse_url(proxy, &server); } if (!use_proxy) { + server.protocol = target.protocol; server.port = target.port; if (ENABLE_FEATURE_IPV6) { //free(server.allocated); - can't be non-NULL @@ -1098,7 +1098,7 @@ static void download_one_url(const char *url) /* Open socket to http(s) server */ #if ENABLE_FEATURE_WGET_OPENSSL /* openssl (and maybe internal TLS) support is configured */ - if (target.protocol == P_HTTPS) { + if (server.protocol == P_HTTPS) { /* openssl-based helper * Inconvenient API since we can't give it an open fd */ @@ -1122,7 +1122,7 @@ static void download_one_url(const char *url) #elif ENABLE_FEATURE_WGET_HTTPS /* Only internal TLS support is configured */ sfp = open_socket(lsa); - if (target.protocol == P_HTTPS) + if (server.protocol == P_HTTPS) spawn_ssl_client(server.host, fileno(sfp), /*flags*/ 0); #else /* ssl (https) support is not configured */ |