Bug #2218
closedIPv6 link-local interface index causing Invalid Hostname in request.c
Description
# curl -g -H "Host: [fe80::221:5eff:fe26:cfd4]" http://fe80::221:5eff:fe26:cfd4%eth0/index.html <html> <body> lighttpd </body> </html> # curl -g http://fe80::221:5eff:fe26:cfd4%eth0/index.html
Files
Updated by kwmonroe over 14 years ago
Bah! Sorry about that.. Turns out the Submit button had my focus and I submitted this bug prematurely.
I'm trying to add a zone_id to a link-local ipv6 address to make a lighttpd request. When I force curl to set the Host header and include the "%eth0" zone_id, lighttpd dies with an Invalid Hostname message in the logs:
# curl -H "Host: [fe80::221:5eff:fe26:cfd4%eth0]" http://fe80::221:5eff:fe26:cfd4%eth0/index.html 2010-06-02 19:51:46: (request.c.304) fd: 7 request-len: 186 GET /index.html HTTP/1.1 User-Agent: curl/7.20.1 (x86_64-unknown-linux-gnu) libcurl/7.19.0 OpenSSL/0.9.8h zlib/1.2.3 libidn/1.10 Accept: */* Host: [fe80::221:5eff:fe26:cfd4%eth0] 2010-06-02 19:51:46: (request.c.1109) Invalid Hostname -> 400 2010-06-02 19:51:46: (request.c.1111) request-header: GET /index.html HTTP/1.1 User-Agent: curl/7.20.1 (x86_64-unknown-linux-gnu) libcurl/7.19.0 OpenSSL/0.9.8h zlib/1.2.3 libidn/1.10 Accept: */* Host: [fe80::221:5eff:fe26:cfd4%eth0] 2010-06-02 19:51:46: (response.c.128) Response-Header: HTTP/1.1 400 Bad Request Content-Type: text/html Content-Length: 349 Connection: close Date: Thu, 03 Jun 2010 00:51:46 GMT Server: lighttpd/1.4.26
If I use curl to force a Host header without the "%eth0" suffix, lighttpd responds 200 OK:
# curl -H "Host: [fe80::221:5eff:fe26:cfd4]" http://fe80::221:5eff:fe26:cfd4%eth0/index.html 2010-06-02 19:54:06: (request.c.304) fd: 7 request-len: 181 GET /index.html HTTP/1.1 User-Agent: curl/7.20.1 (x86_64-unknown-linux-gnu) libcurl/7.19.0 OpenSSL/0.9.8h zlib/1.2.3 libidn/1.10 Accept: */* Host: [fe80::221:5eff:fe26:cfd4]
<-- snip lots of valid response data -->
2010-06-02 19:54:06: (response.c.128) Response-Header: HTTP/1.1 200 OK Content-Type: text/html Accept-Ranges: bytes ETag: "2193158773" Last-Modified: Tue, 25 May 2010 12:13:35 GMT Content-Length: 39 Date: Thu, 03 Jun 2010 00:54:06 GMT Server: lighttpd/1.4.26
The problem seems to be that lighttpd doesn't recognize the zone_id as a valid part of an ipv6 host.
Updated by kwmonroe over 14 years ago
Looks like s11.2 of RFC4007 allows for a zone_id like this:
<address>%<zone_id>
The attached patch allows such a string for zone_id in request.c, but I'm not sure about the ramifications of allowing a Host header to contain this info. Anyone foresee a problem here?
Updated by kwmonroe over 14 years ago
- File patch2.diff patch2.diff added
After a bit more searching, it looks like the %<zone_id> should be removed from an HTTP Host header by the client, but it would be handy if the server could also handle it. This issue was raised against apache at:
https://issues.apache.org/bugzilla/show_bug.cgi?id=35122
Even though the client (wget/curl/browser/etc) should be stripping this string, it seems as though apache will also ignore it if present. I've reworked my earlier patch so lighttpd ignores it using a technique similar to busybox's wget applet:
http://lists.busybox.net/pipermail/busybox-cvs/2009-June/029521.html
Thoughts?
Updated by Olaf-van-der-Spek over 14 years ago
It's a bug in the client, it should be fixed in the client.
Working around it in the server will only delay clients getting fixed, so should not be done.
Also available in: Atom