[patch] fix broken --stdin-stdout option that writes to stdin
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
httptunnel (Debian) |
Fix Released
|
Unknown
|
|||
httptunnel (Ubuntu) |
Fix Released
|
Undecided
|
Luke Yelavich |
Bug Description
Binary package hint: httptunnel
The --stdin-stdout option is broken, both in the client (htc) and the server (hts). When used, the program writes its output to stdin instead of stdout. This breaks anything calling htc or hts with --stdin-stdout, unless stdin happens to be something which can be written to (e.g. a socket or a pseudo-terminal).
In particular, it will break programs that communicate with htc or hts with via pipes, such as the OpenSSH client with the ProxyCommand set to htc (which is one of the main purposes for which someone would want to use httptunnel in the first place).
What happens is an infinite connect/disconnect loop where htc connects, gets the banner from the server (sshd for example), fails to pass it to the client (ssh in this case) because it tries to write to stdin, then reconnects to try again, over and over.
To reproduce, take the following steps:
1. Run an httptunnel server somewhere, for example:
$ hts -F www.example.com:80 -w
2. Run the client with --stdin-stdout, so that its stdin is not a tty
(in this case, it's a pipe from cat). Assuming the server is on
the same machine:
$ cat | htc --stdin-stdout localhost
3. While the client is still running, check the active connections.
You will notice hundreds of connections being created and closed,
endlessly.
$ netstat -at
The expected behavior would be for htc not to be stuck making infinite connections to hts, and for the tunnel to actually work. As it stands, if you type e.g. "GET / HTTP/1.0" (without the quotes) and two newlines on the client at step 2, nothing will happen (you should see the HTML response from www.example.com).
The problem is present in the latest version of the httptunnel package, and it is present in the latest upstream version as well (3.3 as of this writing, since 2001). I have reported it to the upstream maintainers via email and sent them the same patch I am submitting below.
Related branches
Changed in httptunnel: | |
assignee: | nobody → themuso |
status: | Unconfirmed → In Progress |
Changed in httptunnel: | |
status: | In Progress → Fix Released |
Changed in httptunnel: | |
status: | Unknown → New |
Changed in httptunnel: | |
status: | New → Fix Committed |
Changed in httptunnel: | |
status: | Fix Committed → Fix Released |
Patch to fix the problem (caused by a broken check in the source).
ChangeLog entry:
2007-06-20 Israel G. Lugo <email address hidden>
* common.c (handle_ tunnel_ input): really write to stdout if fd == 0.