Bug#531157: [http transport]: does not allow empty Reason-Phase in Status-Line (breaks on 304s of squid)
Package: apt
Version: 0.7.21
Severity: important
File: /usr/lib/apt/methods/http
Tags: patch
Hello,
according to RFC2616[0], empty Reason-Phase is allowed in Full-Response
Status-Line. However, apt http transport does not allow that and bails out with
"The HTTP server sent an invalid reply header" error. At least squid cache
server seems to return an empty reason phase in some of its 304 responses. The
attached patch fixes the problem by improving parser of the Status-Line.
0. http://www.w3.org/Protocols/rfc2616/rfc2616.html
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (101, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.30-rc7-amd64 (SMP w/1 CPU core)
Locale: LANG=lt_LT.UTF-8, LC_CTYPE=lt_LT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages apt depends on:
ii debian-archive-keyring 2009.01.31 GnuPG archive keys of the Debian a
ii libc6 2.9-13 GNU C Library: Shared libraries
ii libgcc1 1:4.4.0-5 GCC support library
ii libstdc++6 4.4.0-5 The GNU Standard C++ Library v3
apt recommends no packages.
Versions of packages apt suggests:
pn apt-doc <none> (no description available)
ii aptitude 0.4.11.11-1+b1 terminal-based package manager
ii bzip2 1.0.5-1 high-quality block-sorting file co
ii dpkg-dev 1.15.2 Debian package development tools
ii lzma 4.43-14 Compression method of 7z format in
ii python-apt 0.7.10.3+b1 Python interface to libapt-pkg
-- no debconf information
=== modified file 'methods/http.cc'
--- methods/http.cc 2009-04-09 02:36:34 +0000
+++ methods/http.cc 2009-05-30 10:01:32 +0000
@@ -544,18 +544,23 @@
if (stringcasecmp(Tag.c_str(),Tag.c_str()+4,"HTTP") == 0)
{
+ int codeoffset;
// Evil servers return no version
if (Line[4] == '/')
{
- if (sscanf(Line.c_str(),"HTTP/%u.%u %u %[^\n]",&Major,&Minor,
- &Result,Code) != 4)
+ if (sscanf(Line.c_str(),"HTTP/%u.%u %u%1[ ]%n",&Major,&Minor,
+ &Result,&Code,&codeoffset) == 4)
+ strcpy(Code, Line.c_str()+codeoffset);
+ else
return _error->Error(_("The HTTP server sent an invalid reply header"));
}
else
{
Major = 0;
Minor = 9;
- if (sscanf(Line.c_str(),"HTTP %u %[^\n]",&Result,Code) != 2)
+ if (sscanf(Line.c_str(),"HTTP %u%1[ ]%n",&Result,Code,codeoffset) == 2)
+ strcpy(Code, Line.c_str()+codeoffset);
+ else
return _error->Error(_("The HTTP server sent an invalid reply header"));
}
Reply to: