[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug-wget] [bug #47408] Wget sends malformed SNI host names
From: |
Yst Dawson |
Subject: |
[Bug-wget] [bug #47408] Wget sends malformed SNI host names |
Date: |
Mon, 14 Mar 2016 17:21:15 +0000 |
User-agent: |
|
URL:
<http://savannah.gnu.org/bugs/?47408>
Summary: Wget sends malformed SNI host names
Project: GNU Wget
Submitted by: yst
Submitted on: Mon 14 Mar 2016 05:21:14 PM GMT
Category: Program Logic
Severity: 3 - Normal
Priority: 5 - Normal
Status: None
Privacy: Public
Assigned to: None
Originator Name:
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Release: 1.16
Operating System: GNU/Linux
Reproducibility: Every Time
Fixed Release: None
Planned Release: None
Regression: None
Work Required: None
Patch Included: None
_______________________________________________________
Details:
To quote a couple specifications:
<https://tools.ietf.org/html/rfc6066#section-3> (SNI)
"HostName" contains the fully qualified DNS hostname of the server,
as understood by the client. The hostname is represented as a byte
string using ASCII encoding without a trailing dot.
<https://tools.ietf.org/html/rfc7230#section-5.4> (HTTP)
A client MUST send a Host header field in all HTTP/1.1 request
messages. If the target URI includes an authority component, then a
client MUST send a field-value for Host that is identical to that
authority component, excluding any userinfo subcomponent and its "@"
delimiter (Section 2.7.1).
That means that the SNI host name and HTTP Host header do not always match.
The SNI host name must never have a trailing dot, but the HTTP Host header
must reflect a host name that is identical to the host name of the URI, so if
the URI's host has a trailing dot, the HTTP Host header must include that
trailing dot.
For example, if the URI of a page is <https://alice.sni.velox.ch./>, the
following values should be sent by the Web browser:
SNI host: alice.sni.velox.ch
HTTP host: alice.sni.velox.ch.
However, Wget sends "alice.sni.velox.ch." as the SNI host name. In some cases,
malformed SNI host names can cause the server to throw an error, an example of
which can be seen at <https://sni.velox.ch./> or <https://www.apache.org./>.
Other information:
* version: 1.16
* invoked by running "wget --no-check-certificate
https://alice.sni.velox.ch./"
* expected result: Wget should send an SNI host name that conforms to RFC
6066 or no SNI host name, while still sending an HTTP Host header that
includes the trailing dot, as per RFC 7230.
* actual result: Wget sent a malformed SNI host name
* The output, in case relevant, has been attached as a file upload.
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: Mon 14 Mar 2016 05:21:14 PM GMT Name: index.html Size: 5kB By: yst
<http://savannah.gnu.org/bugs/download.php?file_id=36634>
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?47408>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
- [Bug-wget] [bug #47408] Wget sends malformed SNI host names,
Yst Dawson <=