On 2020/01/11 12:48, Kor son of Rynar wrote: > Hi Stuart, > > thank you for your fast reply. > > On Fri, Jan 10, 2020 at 7:22 PM Stuart Henderson <s...@spacehopper.org> > wrote: > > > On 2020/01/10 19:13, Kor son of Rynar wrote: > > > On Fri, Jan 10, 2020 at 6:48 PM Kor son of Rynar < > > daharmaster...@gmail.com> > > > wrote: > > > > > > > >Fix: > > > > Unknown. Could be related to the lack of "Connection: close" > > > > and/or "Content-Type" headers in the HTTP request? > > > > > > > > > > Adding the missing headers seems to solve the problem: > > > > > > --- http.c.orig Fri Jun 28 13:32:49 2019 > > > +++ http.c Fri Jan 10 22:04:09 2020 > > > @@ -349,7 +349,10 @@ > > > c = asprintf(&req, > > > "POST %s HTTP/1.0\r\n" > > > > ...this uses HTTP/1.0 > > > > > "Host: %s\r\n" > > > + "Accept: */*\r\n" > > > + "Content-Type: application/ocsp-request\r\n" > > > "Content-Length: %zu\r\n" > > > + "Connection: close\r\n" > > > > ...but Connection: close is an HTTP/1.1 header, so this isn't entirely > > legit. > > Does it work without that (i.e. just add Accept/Content-Type)? > > > > It does work without the Connection: close and even without the Accept: */* > header. It stops working when you remove the Content-Type: header. The > diff is simpler, then: > > --- http.c.orig Fri Jun 28 13:32:49 2019 > +++ http.c Sat Jan 11 15:29:22 2020 > @@ -349,6 +349,7 @@ > c = asprintf(&req, > "POST %s HTTP/1.0\r\n" > "Host: %s\r\n" > + "Content-Type: application/ocsp-request\r\n" > "Content-Length: %zu\r\n" > "\r\n", > http->path, http->host, psz);
Great, this change is definitely safe (in fact this header is required by the OCSP RFCs - both the current RFC 6960 and the original 2560). I'll reinclude the diff so it applies with patch (spaces/tabs issue) and CC a couple of people who may be able to review - any developer OKs to commit? Index: http.c =================================================================== RCS file: /cvs/src/usr.sbin/ocspcheck/http.c,v retrieving revision 1.12 diff -u -p -r1.12 http.c --- http.c 28 Jun 2019 13:32:49 -0000 1.12 +++ http.c 11 Jan 2020 16:36:10 -0000 @@ -349,6 +349,7 @@ http_open(const struct http *http, const c = asprintf(&req, "POST %s HTTP/1.0\r\n" "Host: %s\r\n" + "Content-Type: application/ocsp-request\r\n" "Content-Length: %zu\r\n" "\r\n", http->path, http->host, psz);