~alpine/apk-tools

Use correct port when redirected v1 PROPOSED

Martin Vahlensieck: 1
 Use correct port when redirected

 1 files changed, 1 insertions(+), 1 deletions(-)
Export patchset (mbox)
How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git:

curl -s https://lists.alpinelinux.org/~alpine/apk-tools/patches/3463/mbox | git am -3
Learn more about email & git

[PATCH] Use correct port when redirected Export this patch

---
Long story short:  The mirror I usually use has added a redirect from
http to https.  libfetch detects this, but wrongly uses the old url
scheme to determine the port.  This subsequently leads to the following
OpenSSL error:

139741541575496:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:331:

Using the new scheme fixes this.  This error message comes from trying
to connect to port 80 with TLS, it can also be observed by issuing
  $ openssl s_client -connect alpinelinux.org:80

This bug was introduced in commit
7158474 libfetch: keep http auth only if redirect is for the same host

Best,

Martin

 libfetch/http.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libfetch/http.c b/libfetch/http.c
index 8239313..e3d8d53 100644
--- a/libfetch/http.c
+++ b/libfetch/http.c
@@ -1065,7 +1065,7 @@ http_request(struct url *URL, const char *op, struct url_stat *us,
					goto ouch;
				}
				if (!new->port)
					new->port = fetch_default_port(url->scheme);
					new->port = fetch_default_port(new->scheme);
				if (!new->user[0] && !new->pwd[0] &&
				    new->port == url->port &&
				    strcmp(new->scheme, url->scheme) == 0 &&
-- 
2.30.2
Hi!

Thanks for chasing the issue down, and providing a fix. Applied!

Timo

On Fri, 12 Mar 2021 17:08:15 +0100
Martin Vahlensieck <git@academicsolutions.ch> wrote: