Fetching a feed via SSL (https) through and HTTP proxy server, on a system with an installed libcurl version of 7.30.0 or newer results in the beginning of the feed being clipped by exactly the number of characters of header data added by the proxy server.
As noted in the libcurl change log (http://curl.haxx.se/changes.html) and this bug report (http://sourceforge.net/p/curl/bugs/1204/), starting with version 7.30.0 of libcurl, it correctly reports the size of all headers added to the response in the CURLINFO_HEADER_SIZE option.
As a result, on a system with a version of libcurl newer than 7.30.0, function http_request_get() in libraries/http_request.inc is clipping the beginning of the response data because it assumes a libcurl that doesn't count the size of proxy-added headers in CURLINFO_HEADER_SIZE.
The attached patch only removes the proxy-added headers if we are using a version of libcurl earlier than 7.30.0.
Comment | File | Size | Author |
---|---|---|---|
#4 | feed_ssl_via_proxy-v2.patch | 1.41 KB | ttaylor249 |
feed_ssl_via_proxy.patch | 1.41 KB | ttaylor249 | |
Comments
Comment #1
MegaChriz CreditAttribution: MegaChriz commentedHm, is this what is causing the following error when fetching a feed from drupal.org?
In the dev version of Feeds #1062178: Add configuration option to allow invalid/unverified or (self certified) SSL certificates was committed to work around this problem by providing an option to accept invalid SSL certificates.
I'm on curl 7.19 at the moment, so I can't tell.
Comment #2
MegaChriz CreditAttribution: MegaChriz commentedComment #3
MegaChriz CreditAttribution: MegaChriz commentedOops, disregard that comment about the cURL error. That error happens before evaluating the headers, so this issue has nothing to do with that.
Comment #4
ttaylor249 CreditAttribution: ttaylor249 commentedAttached is a slightly modified version of my patch which makes the libcurl version test strictly less than 7.30.0 as that is the version of libcurl with the correct behaviour.
Comment #6
twistor CreditAttribution: twistor commentedFixed up the comments and made the patch a bit simpler.
Thanks for tracking this down.