| 2011-08-10 09:47:30 |
Данило Шеган |
description |
02_tls.patch in the package which disables the SSLv3 use (added as a resolution for http://bugs.debian.org/579429 in libsoup2.4-2.34.2) makes Epiphany unable to browse launchpad.net subdomains properly: if I go to https://launchpad.net/ and then try to go to https://bugs.launchpad.net/, https://code.launchpad.net/, https://translations.launchpad.net/, https://answers.launchpad.net/ (in new tabs, but shouldn't matter), the second or third subdomain will throw a "400 Bad Request" error.
After that, I am able to only browse launchpad.net subdomains which have correctly loaded, and any requests on others keep returning 400 Bad Request. After a while, things seem to "reset" and I can get to a different subdomain, but then others become inaccessible instead (at most I could have access to 2 different subdomains at any one time).
Originally, I thought the problem was with upstream libsoup, but when I compiled it I couldn't reproduce the problem. I reproduced the problem with both 2.34.3~1natty1 from gnome3 ppa and official 2.35.4-0ubuntu1 from Oneiric. I am currently using my own re-compiled version of 2.34.3~1natty1 (in https://launchpad.net/~danilo/+archive/epiphany) with 02_tls.patch removed.
However, as the patch was added because of problems accessing sites like meego.com, just removing it is probably not a proper solution. (And yes, TLS negotiation fails on meego.com with the patch removed)
To reproduce:
- Open Epiphany 3.* in Oneiric and browse to https://launchpad.net/ (anonymously is ok)
- Click on "Help translate", "Bugs", "Code hosting"... to get taken to different subdomains
- Note how those loaded last return a "400 Bad Request" instead of properly loading
Work-around:
- Remove 02_tls.patch from the package and Launchpad.net starts working properly again |
With latest epiphany, fetching different subdomains of launchpad.net ends up with 400 Bad Request (not all the time, though). I was able to reproduce this with
$ cat requests
GET / HTTP/1.1
Host: answers.launchpad.net
GET / HTTP/1.1
Host: bugs.launchpad.net
GET / HTTP/1.1
Host: code.launchpad.net
GET / HTTP/1.1
Host: translations.launchpad.net
$ openssl s_client -connect launchpad.net:443 < requests |
|
| 2011-08-10 09:49:49 |
Данило Шеган |
description |
With latest epiphany, fetching different subdomains of launchpad.net ends up with 400 Bad Request (not all the time, though). I was able to reproduce this with
$ cat requests
GET / HTTP/1.1
Host: answers.launchpad.net
GET / HTTP/1.1
Host: bugs.launchpad.net
GET / HTTP/1.1
Host: code.launchpad.net
GET / HTTP/1.1
Host: translations.launchpad.net
$ openssl s_client -connect launchpad.net:443 < requests |
With latest epiphany, fetching different subdomains of launchpad.net ends up with 400 Bad Request (not all the time, though). I was able to reproduce this with
$ openssl s_client -connect launchpad.net:443
...
GET / HTTP/1.1
Host: answers.launchpad.net
GET / HTTP/1.1
Host: bugs.launchpad.net
GET / HTTP/1.1
Host: code.launchpad.net
GET / HTTP/1.1
Host: translations.launchpad.net
which ended up with
HTTP/1.1 400 Bad Request
Date: Wed, 10 Aug 2011 09:43:19 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 306
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
<hr>
<address>Apache/2.2.14 (Ubuntu) Server at launchpad.net Port 443</address>
</body></html>
from two entirely distinct networks (so I hope that means that network configuration issues might not be the problem here). |
|
