You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by bu...@apache.org on 2003/04/01 13:35:17 UTC
DO NOT REPLY [Bug 18561] New: -
SSL Tunneling via MS-Proxy 2.0 does not work; bad response from proxy
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18561>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=18561
SSL Tunneling via MS-Proxy 2.0 does not work; bad response from proxy
Summary: SSL Tunneling via MS-Proxy 2.0 does not work; bad
response from proxy
Product: Axis
Version: current (nightly)
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: Other
Component: Basic Architecture
AssignedTo: axis-dev@ws.apache.org
ReportedBy: piggy@xs4all.nl
When Axis sends a tunnel request to MS-Proxy 2.0, like:
--
CONNECT <host>:443 HTTP/1.0
User-Agent: AxisClient
Content-Length: 0
Pragma: no-cache
--
it responds with:
--
HTTP/1.1 200 Connection established
--
Please note the double-space between 1.1 and the statuscode. Another bit of
weirdness is the 1.1 response to a 1.0 request, but let's ignore that one since
it does not break anything. The double-space does. The response-verification
code in SunJSSESocketFactory, JSSESocketFactory and IBMJSSESocketFactory all
does this:
--
if (!replyStr.startsWith("HTTP/1.0 200")
&& !replyStr.startsWith("HTTP/1.1 200")) {
throw new IOException(Messages.getMessage("cantTunnel00",
new String[]{
tcp.getProxyHost(),
"" + tunnelPort,
replyStr}));
}
--
Is it possible to add another condition? Like:
--
!replyStr.startsWith("HTTP/1.1 200")
--
Cheers,
Renzo