Bug#822780: apt sends invalid HTTP Host: headers for local IPv6 addresses
Package: apt
Version: 1.0.9.8.3
Severity: normal
Tags: ipv6
Dear Maintainer,
I have a repository server running on fe80::1, which is easy to access
for new systems because of IPv6 SLAAC -- normally, this just works.
Since I upgraded to Jessie, I cannot reach it via apt anymore, because
apt sends invalid Host: headers:
| # apt -o Debug::Acquire::http=yes update
[...]
| GET /dists/test-base/Release HTTP/1.1
| Host: [fe80::1%tap0]:8080
| Cache-Control: max-age=0
| Accept: text/*
| User-Agent: Debian APT-HTTP/1.3 (1.0.9.8.3)
This results in a "bad request" from Apache 2.2 on the server. RFC 7230,
section "5.4. Host" tells us:
Host = uri-host [ ":" port ]
And "uri-host" references "host" in RFC 3986, section "3.2.2. Host".
To be concise: IPv6 addresses shall be written as groups of four
hexadecimal digits in square brackets, but the interface identifier
should be left out. (BTW: it has no meaning to the server, as it is
local to the client.)
Therefore I believe apt should strip out interface identifiers when
constructing Host headers, while it should still use them to create
the TCP connection.
-- Package-specific info:
-- apt-config dump --
APT "";
APT::Architecture "i386";
APT::Build-Essential "";
APT::Build-Essential:: "build-essential";
APT::Install-Recommends "false";
APT::Install-Suggests "false";
APT::NeverAutoRemove "";
APT::NeverAutoRemove:: "^firmware-linux.*";
APT::NeverAutoRemove:: "^linux-firmware$";
APT::NeverAutoRemove:: "^linux-image-3\.16\.0-4-686-pae$";
APT::NeverAutoRemove:: "^linux-headers-3\.16\.0-4-686-pae$";
APT::NeverAutoRemove:: "^linux-image-extra-3\.16\.0-4-686-pae$";
APT::NeverAutoRemove:: "^linux-signed-image-3\.16\.0-4-686-pae$";
APT::NeverAutoRemove:: "^kfreebsd-image-3\.16\.0-4-686-pae$";
APT::NeverAutoRemove:: "^kfreebsd-headers-3\.16\.0-4-686-pae$";
APT::NeverAutoRemove:: "^gnumach-image-3\.16\.0-4-686-pae$";
APT::NeverAutoRemove:: "^.*-modules-3\.16\.0-4-686-pae$";
APT::NeverAutoRemove:: "^.*-kernel-3\.16\.0-4-686-pae$";
APT::NeverAutoRemove:: "^linux-backports-modules-.*-3\.16\.0-4-686-pae$";
APT::NeverAutoRemove:: "^linux-tools-3\.16\.0-4-686-pae$";
APT::VersionedKernelPackages "";
APT::VersionedKernelPackages:: "linux-image";
APT::VersionedKernelPackages:: "linux-headers";
APT::VersionedKernelPackages:: "linux-image-extra";
APT::VersionedKernelPackages:: "linux-signed-image";
APT::VersionedKernelPackages:: "kfreebsd-image";
APT::VersionedKernelPackages:: "kfreebsd-headers";
APT::VersionedKernelPackages:: "gnumach-image";
APT::VersionedKernelPackages:: ".*-modules";
APT::VersionedKernelPackages:: ".*-kernel";
APT::VersionedKernelPackages:: "linux-backports-modules-.*";
APT::VersionedKernelPackages:: "linux-tools";
APT::Never-MarkAuto-Sections "";
APT::Never-MarkAuto-Sections:: "metapackages";
APT::Never-MarkAuto-Sections:: "restricted/metapackages";
APT::Never-MarkAuto-Sections:: "universe/metapackages";
APT::Never-MarkAuto-Sections:: "multiverse/metapackages";
APT::Never-MarkAuto-Sections:: "oldlibs";
APT::Never-MarkAuto-Sections:: "restricted/oldlibs";
APT::Never-MarkAuto-Sections:: "universe/oldlibs";
APT::Never-MarkAuto-Sections:: "multiverse/oldlibs";
APT::Architectures "";
APT::Architectures:: "i386";
APT::Compressor "";
APT::Compressor::. "";
APT::Compressor::.::Name ".";
APT::Compressor::.::Extension "";
APT::Compressor::.::Binary "";
APT::Compressor::.::Cost "1";
APT::Compressor::gzip "";
APT::Compressor::gzip::Name "gzip";
APT::Compressor::gzip::Extension ".gz";
APT::Compressor::gzip::Binary "gzip";
APT::Compressor::gzip::Cost "2";
APT::Compressor::gzip::CompressArg "";
APT::Compressor::gzip::CompressArg:: "-9n";
APT::Compressor::gzip::UncompressArg "";
APT::Compressor::gzip::UncompressArg:: "-d";
APT::Compressor::bzip2 "";
APT::Compressor::bzip2::Name "bzip2";
APT::Compressor::bzip2::Extension ".bz2";
APT::Compressor::bzip2::Binary "bzip2";
APT::Compressor::bzip2::Cost "3";
APT::Compressor::bzip2::CompressArg "";
APT::Compressor::bzip2::CompressArg:: "-9";
APT::Compressor::bzip2::UncompressArg "";
APT::Compressor::bzip2::UncompressArg:: "-d";
APT::Compressor::xz "";
APT::Compressor::xz::Name "xz";
APT::Compressor::xz::Extension ".xz";
APT::Compressor::xz::Binary "xz";
APT::Compressor::xz::Cost "4";
APT::Compressor::xz::CompressArg "";
APT::Compressor::xz::CompressArg:: "-6";
APT::Compressor::xz::UncompressArg "";
APT::Compressor::xz::UncompressArg:: "-d";
APT::Compressor::lzma "";
APT::Compressor::lzma::Name "lzma";
APT::Compressor::lzma::Extension ".lzma";
APT::Compressor::lzma::Binary "xz";
APT::Compressor::lzma::Cost "5";
APT::Compressor::lzma::CompressArg "";
APT::Compressor::lzma::CompressArg:: "--format=lzma";
APT::Compressor::lzma::CompressArg:: "-9";
APT::Compressor::lzma::UncompressArg "";
APT::Compressor::lzma::UncompressArg:: "--format=lzma";
APT::Compressor::lzma::UncompressArg:: "-d";
Dir "/";
Dir::State "var/lib/apt/";
Dir::State::lists "lists/";
Dir::State::cdroms "cdroms.list";
Dir::State::mirrors "mirrors/";
Dir::State::extended_states "extended_states";
Dir::State::status "/var/lib/dpkg/status";
Dir::Cache "var/cache/apt/";
Dir::Cache::archives "archives/";
Dir::Cache::srcpkgcache "srcpkgcache.bin";
Dir::Cache::pkgcache "pkgcache.bin";
Dir::Etc "etc/apt/";
Dir::Etc::sourcelist "sources.list";
Dir::Etc::sourceparts "sources.list.d";
Dir::Etc::vendorlist "vendors.list";
Dir::Etc::vendorparts "vendors.list.d";
Dir::Etc::main "apt.conf";
Dir::Etc::netrc "auth.conf";
Dir::Etc::parts "apt.conf.d";
Dir::Etc::preferences "preferences";
Dir::Etc::preferencesparts "preferences.d";
Dir::Etc::trusted "trusted.gpg";
Dir::Etc::trustedparts "trusted.gpg.d";
Dir::Bin "";
Dir::Bin::methods "/usr/lib/apt/methods";
Dir::Bin::solvers "";
Dir::Bin::solvers:: "/usr/lib/apt/solvers";
Dir::Bin::dpkg "/usr/bin/dpkg";
Dir::Bin::bzip2 "/bin/bzip2";
Dir::Bin::xz "/usr/bin/xz";
Dir::Bin::lzma "/usr/bin/xz";
Dir::Media "";
Dir::Media::MountPath "/media/apt";
Dir::Log "var/log/apt";
Dir::Log::Terminal "term.log";
Dir::Log::History "history.log";
Dir::Ignore-Files-Silently "";
Dir::Ignore-Files-Silently:: "~$";
Dir::Ignore-Files-Silently:: "\.disabled$";
Dir::Ignore-Files-Silently:: "\.bak$";
Dir::Ignore-Files-Silently:: "\.dpkg-[a-z]+$";
Dir::Ignore-Files-Silently:: "\.save$";
Dir::Ignore-Files-Silently:: "\.orig$";
Dir::Ignore-Files-Silently:: "\.distUpgrade$";
Acquire "";
Acquire::cdrom "";
Acquire::cdrom::mount "/media/cdrom/";
Acquire::Languages "";
Acquire::Languages:: "en";
Acquire::Languages:: "none";
DPkg "";
DPkg::Pre-Install-Pkgs "";
DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true";
DPkg::Pre-Invoke "";
DPkg::Pre-Invoke:: "/usr/sbin/baseconfig --silent --reverse; exit 0";
DPkg::Post-Invoke "";
DPkg::Post-Invoke:: "/usr/sbin/baseconfig --silent; exit 0";
DPkg::Post-Invoke:: "test -x /usr/sbin/update-munin-plugins && /usr/sbin/update-munin-plugins --silent; exit 0";
DPkg::Post-Invoke:: "test -x /usr/sbin/update-tg-info && /usr/sbin/update-tg-info; exit 0";
CommandLine "";
CommandLine::AsString "apt-config dump";
-- (no /etc/apt/preferences present) --
-- /etc/apt/sources.list --
#deb http://repo-serv:3142/ftp.de.debian.org/debian/ jessie main
#deb http://repo-serv:3142/security.debian.org/ jessie/updates main
#deb http://repo-serv:3142/ftp.de.debian.org/debian/ jessie-backports main
deb http://ftp.de.debian.org/debian/ jessie main
deb http://security.debian.org/ jessie/updates main
deb http://ftp.de.debian.org/debian/ jessie-backports main
deb http://fe80::1%tap0:8080/ test-base main
-- System Information:
Debian Release: 8.4
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 3.16.0-4-686-pae (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages apt depends on:
ii debian-archive-keyring 2014.3
ii gnupg 1.4.18-7+deb8u1
ii libapt-pkg4.12 1.0.9.8.3
ii libc6 2.19-18+deb8u4
ii libgcc1 1:4.9.2-10
ii libstdc++6 4.9.2-10
apt recommends no packages.
Versions of packages apt suggests:
pn apt-doc <none>
ii aptitude 0.6.11-1+b1
ii dpkg-dev 1.17.26
pn python-apt <none>
-- no debconf information
Reply to: