Fossil SCM

Fix the SSL transport so that it honors the --ipv4 flag. See [forum:/forumpost/ea4b2ec3fe577e79|forum post ea4b2ec3f]. To facilitate testing, add the --ipv4 flag to the test-httpmsg command and report the IP-address when the -v flag is present.

drh 2025-03-21 13:50 trunk

Commit 136dbe9ce0fbd46046a11bae037b92cb7766932c75a44f5674f233552e0868c1

Parent 53b080b24509ffa…

2 files changed +4 +8 -2

~ src/http.c ~ src/http_ssl.c

M src/http.c

		--- src/http.c
		+++ src/http.c
		@@ -512,10 +512,13 @@
512	512	transport_send(&g.url, &hdr);
513	513	transport_send(&g.url, &payload);
514	514	blob_reset(&hdr);
515	515	blob_reset(&payload);
516	516	transport_flip(&g.url);
	517	+ if( mHttpFlags & HTTP_VERBOSE ){
	518	+ fossil_print("IP-Address: %s\n", g.zIpAddr);
	519	+ }
517	520
518	521	/*
519	522	** Read and interpret the server reply
520	523	*/
521	524	closeConnection = 1;
		@@ -793,10 +796,11 @@
793	796	}
794	797	if( find_option("xfer",0,0)!=0 ){
795	798	mHttpFlags \|= HTTP_USE_LOGIN;
796	799	mHttpFlags &= ~HTTP_GENERIC;
797	800	}
	801	+ if( find_option("ipv4",0,0) ) g.fIPv4 = 1;
798	802	verify_all_options();
799	803	if( g.argc<3 \|\| g.argc>5 ){
800	804	usage("URL ?PAYLOAD? ?OUTPUT?");
801	805	}
802	806	zInFile = g.argc>=4 ? g.argv[3] : 0;
803	807

	--- src/http.c
	+++ src/http.c
	@@ -512,10 +512,13 @@
512	transport_send(&g.url, &hdr);
513	transport_send(&g.url, &payload);
514	blob_reset(&hdr);
515	blob_reset(&payload);
516	transport_flip(&g.url);



517
518	/*
519	** Read and interpret the server reply
520	*/
521	closeConnection = 1;
	@@ -793,10 +796,11 @@
793	}
794	if( find_option("xfer",0,0)!=0 ){
795	mHttpFlags \|= HTTP_USE_LOGIN;
796	mHttpFlags &= ~HTTP_GENERIC;
797	}

798	verify_all_options();
799	if( g.argc<3 \|\| g.argc>5 ){
800	usage("URL ?PAYLOAD? ?OUTPUT?");
801	}
802	zInFile = g.argc>=4 ? g.argv[3] : 0;
803

	--- src/http.c
	+++ src/http.c
	@@ -512,10 +512,13 @@
512	transport_send(&g.url, &hdr);
513	transport_send(&g.url, &payload);
514	blob_reset(&hdr);
515	blob_reset(&payload);
516	transport_flip(&g.url);
517	if( mHttpFlags & HTTP_VERBOSE ){
518	fossil_print("IP-Address: %s\n", g.zIpAddr);
519	}
520
521	/*
522	** Read and interpret the server reply
523	*/
524	closeConnection = 1;
	@@ -793,10 +796,11 @@
796	}
797	if( find_option("xfer",0,0)!=0 ){
798	mHttpFlags \|= HTTP_USE_LOGIN;
799	mHttpFlags &= ~HTTP_GENERIC;
800	}
801	if( find_option("ipv4",0,0) ) g.fIPv4 = 1;
802	verify_all_options();
803	if( g.argc<3 \|\| g.argc>5 ){
804	usage("URL ?PAYLOAD? ?OUTPUT?");
805	}
806	zInFile = g.argc>=4 ? g.argv[3] : 0;
807

M src/http_ssl.c

+8 -2

		--- src/http_ssl.c
		+++ src/http_ssl.c
		@@ -451,11 +451,14 @@
451	451	ssl_global_init_client();
452	452	if( pUrlData->useProxy ){
453	453	int rc;
454	454	char *connStr = mprintf("%s:%d", g.url.name, pUrlData->port);
455	455	BIO *sBio = BIO_new_connect(connStr);
456		- free(connStr);
	456	+ if( g.fIPv4 ){
	457	+ BIO_set_conn_ip_family(sBio, BIO_FAMILY_IPV4);
	458	+ }
	459	+ fossil_free(connStr);
457	460	if( BIO_do_connect(sBio)<=0 ){
458	461	ssl_set_errmsg("SSL: cannot connect to proxy %s:%d (%s)",
459	462	pUrlData->name, pUrlData->port,
460	463	ERR_reason_error_string(ERR_get_error()));
461	464	ssl_close_client();
		@@ -503,11 +506,14 @@
503	506	#endif
504	507
505	508	if( !pUrlData->useProxy ){
506	509	char *connStr = mprintf("%s:%d", pUrlData->name, pUrlData->port);
507	510	BIO_set_conn_hostname(iBio, connStr);
508		- free(connStr);
	511	+ fossil_free(connStr);
	512	+ if( g.fIPv4 ){
	513	+ BIO_set_conn_ip_family(iBio, BIO_FAMILY_IPV4);
	514	+ }
509	515	if( BIO_do_connect(iBio)<=0 ){
510	516	ssl_set_errmsg("SSL: cannot connect to host %s:%d (%s)",
511	517	pUrlData->name, pUrlData->port,
512	518	ERR_reason_error_string(ERR_get_error()));
513	519	ssl_close_client();
514	520

	--- src/http_ssl.c
	+++ src/http_ssl.c
	@@ -451,11 +451,14 @@
451	ssl_global_init_client();
452	if( pUrlData->useProxy ){
453	int rc;
454	char *connStr = mprintf("%s:%d", g.url.name, pUrlData->port);
455	BIO *sBio = BIO_new_connect(connStr);
456	free(connStr);



457	if( BIO_do_connect(sBio)<=0 ){
458	ssl_set_errmsg("SSL: cannot connect to proxy %s:%d (%s)",
459	pUrlData->name, pUrlData->port,
460	ERR_reason_error_string(ERR_get_error()));
461	ssl_close_client();
	@@ -503,11 +506,14 @@
503	#endif
504
505	if( !pUrlData->useProxy ){
506	char *connStr = mprintf("%s:%d", pUrlData->name, pUrlData->port);
507	BIO_set_conn_hostname(iBio, connStr);
508	free(connStr);



509	if( BIO_do_connect(iBio)<=0 ){
510	ssl_set_errmsg("SSL: cannot connect to host %s:%d (%s)",
511	pUrlData->name, pUrlData->port,
512	ERR_reason_error_string(ERR_get_error()));
513	ssl_close_client();
514

	--- src/http_ssl.c
	+++ src/http_ssl.c
	@@ -451,11 +451,14 @@
451	ssl_global_init_client();
452	if( pUrlData->useProxy ){
453	int rc;
454	char *connStr = mprintf("%s:%d", g.url.name, pUrlData->port);
455	BIO *sBio = BIO_new_connect(connStr);
456	if( g.fIPv4 ){
457	BIO_set_conn_ip_family(sBio, BIO_FAMILY_IPV4);
458	}
459	fossil_free(connStr);
460	if( BIO_do_connect(sBio)<=0 ){
461	ssl_set_errmsg("SSL: cannot connect to proxy %s:%d (%s)",
462	pUrlData->name, pUrlData->port,
463	ERR_reason_error_string(ERR_get_error()));
464	ssl_close_client();
	@@ -503,11 +506,14 @@
506	#endif
507
508	if( !pUrlData->useProxy ){
509	char *connStr = mprintf("%s:%d", pUrlData->name, pUrlData->port);
510	BIO_set_conn_hostname(iBio, connStr);
511	fossil_free(connStr);
512	if( g.fIPv4 ){
513	BIO_set_conn_ip_family(iBio, BIO_FAMILY_IPV4);
514	}
515	if( BIO_do_connect(iBio)<=0 ){
516	ssl_set_errmsg("SSL: cannot connect to host %s:%d (%s)",
517	pUrlData->name, pUrlData->port,
518	ERR_reason_error_string(ERR_get_error()));
519	ssl_close_client();
520

Fossil SCM

Keyboard Shortcuts