wget: fix fetching of https URLs with http proxy

When fetching a https:// URL with HTTP proxy configured (e.g. with environment variable http_proxy=http://your-proxy:3128) busybox was making a https connection to the proxy. This was because the protocol scheme for the target URL was used to determine whether to connect to the proxy over SSL or not. When the proxy is in use, the decision on whether to connect to the proxy over https should based on the proxy URL not on the target URL. function old new delta wget_main 2381 2387 +6 Signed-off-by: Peter Lloyd <l-busybox@pgl22.co.uk> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
author: Peter Lloyd <l-busybox@pgl22.co.uk> 2018-03-05 00:17:02 +0100
committer: Denys Vlasenko <vda.linux@googlemail.com> 2018-03-05 00:19:33 +0100
commit: 804ce5a6fed63a2da6268a2d06f1ee2075435297 (patch)
tree: b72e3cdcd4245f4574dd1def927f38759077cb90
parent: d9aabfe578e58ef8a884c402d6294edc8dfda883 (diff)
download: busybox-w32-804ce5a6fed63a2da6268a2d06f1ee2075435297.tar.gz
busybox-w32-804ce5a6fed63a2da6268a2d06f1ee2075435297.tar.bz2
busybox-w32-804ce5a6fed63a2da6268a2d06f1ee2075435297.zip
1 files changed, 4 insertions, 4 deletions
diff --git a/networking/wget.c b/networking/wget.c
index 3a5d68173..8969310a4 100644
--- a/networking/wget.c
+++ b/networking/wget.c
@@ -1011,7 +1011,6 @@ static void download_one_url(const char *url)
        len_and_sockaddr *lsa;
        FILE *sfp;                      /* socket to web/ftp server         */
        FILE *dfp;                      /* socket to ftp server (data)      */
-        char *proxy = NULL;
        char *fname_out_alloc;
        char *redirected_path = NULL;
        struct host_info server;
@@ -1027,13 +1026,14 @@ static void download_one_url(const char *url)
        /* Use the proxy if necessary */
        use_proxy = (strcmp(G.proxy_flag, "off") != 0);
        if (use_proxy) {
-                proxy = getenv(target.protocol[0] == 'f' ? "ftp_proxy" : "http_proxy");
+                char *proxy = getenv(target.protocol[0] == 'f' ? "ftp_proxy" : "http_proxy");
 //FIXME: what if protocol is https? Ok to use http_proxy?
                use_proxy = (proxy && proxy[0]);
                if (use_proxy)
                        parse_url(proxy, &server);
        }
        if (!use_proxy) {
+                server.protocol = target.protocol;
                server.port = target.port;
                if (ENABLE_FEATURE_IPV6) {
                        //free(server.allocated); - can't be non-NULL
@@ -1098,7 +1098,7 @@ static void download_one_url(const char *url)
                /* Open socket to http(s) server */
 #if ENABLE_FEATURE_WGET_OPENSSL
                /* openssl (and maybe internal TLS) support is configured */
-                if (target.protocol == P_HTTPS) {
+                if (server.protocol == P_HTTPS) {
                        /* openssl-based helper
                         * Inconvenient API since we can't give it an open fd
                         */
@@ -1122,7 +1122,7 @@ static void download_one_url(const char *url)
 #elif ENABLE_FEATURE_WGET_HTTPS
                /* Only internal TLS support is configured */
                sfp = open_socket(lsa);
-                if (target.protocol == P_HTTPS)
+                if (server.protocol == P_HTTPS)
                        spawn_ssl_client(server.host, fileno(sfp), /*flags*/ 0);
 #else
                /* ssl (https) support is not configured */
author	Peter Lloyd <l-busybox@pgl22.co.uk>	2018-03-05 00:17:02 +0100
committer	Denys Vlasenko <vda.linux@googlemail.com>	2018-03-05 00:19:33 +0100
commit	804ce5a6fed63a2da6268a2d06f1ee2075435297 (patch)
tree	b72e3cdcd4245f4574dd1def927f38759077cb90
parent	d9aabfe578e58ef8a884c402d6294edc8dfda883 (diff)
download	busybox-w32-804ce5a6fed63a2da6268a2d06f1ee2075435297.tar.gz busybox-w32-804ce5a6fed63a2da6268a2d06f1ee2075435297.tar.bz2 busybox-w32-804ce5a6fed63a2da6268a2d06f1ee2075435297.zip