HttpsProxy sometimes ought to set Host: header
Hello,
I'm in an organization using Apache as a Proxy to provide Internet Access.
I noticed that Tor isn't properly working, in fact the Proxy always replies with "400 Bad Request" errors.
Here is my configuration file:
ControlPort 9051
DirReqStatistics 0
HTTPSProxy 10.0.51.254:80
HTTPSProxyAuthenticator xxxxxx:xxxxxx
Socks5ProxyUsername xxxxxx
Socks5ProxyPassword xxxxxx
Log notice stdout
ReachableAddresses *:80,*:443
ReachableAddresses reject *:*
SocksListenAddress 127.0.0.1
I noticed that Tor does a CONNECT HTTP/1.1 and then sends the authentication information. This results in the 400 Bad Request error, because when using HTTP/1.1 you should provide a Host: header afaik.
Here is a dump of the issue :
CONNECT 86.59.21.38:443 HTTP/1.1
Proxy-Authorization: Basic xxxxxxxxxxxxxxxxxxxxxxxxxx
HTTP/1.1 400 Bad Request
Date: Tue, 10 Apr 2012 11:06:33 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8d DAV/2
And here is a "working" CONNECT using Putty (for example) :
CONNECT 88.191.119.38:443 HTTP/1.1
Host: 88.191.119.38:443
Proxy-Authorization: Basic xxxxxxxxxxxxxxxx
HTTP/1.0 200 Connection Established
Proxy-agent: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8d DAV/2SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu3
I checked the GIT repository to find the issue, my guess is that it's around line 1487 in src/or/connection.c (https://gitweb.torproject.org/tor.git/blob?f=src/or/connection.c#l1487), but my C skills are rather limited...
Trac:
Username: munsternet