Skip to content

Instantly share code, notes, and snippets.

@laurentsenta

laurentsenta/demo.sh

Last active March 22, 2023 11:11
Show Gist options
  • Save laurentsenta/18b37a8405e4fee0d819102dde52e95b to your computer and use it in GitHub Desktop.
Save laurentsenta/18b37a8405e4fee0d819102dde52e95b to your computer and use it in GitHub Desktop.
Download ZIP
demo - sharness - proxytunnel bug
Raw
demo.sh
#!/bin/sh
set -x
set -e
set -u
GWAY_PORT=8080
url="http://bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am.ipfs.localhost/"
host=$(echo $url | cut -d'/' -f3 | cut -d':' -f1)
hostname=$(echo $url | cut -d'/' -f3 | cut -d':' -f1,2)
# Proxy is the same as HTTP Gateway, we use raw IP and port to be sure
proxy="http://127.0.0.1:$GWAY_PORT"
# Create a raw URL version with IP to ensure hostname from Host header is used
# (removes false-positives, Host header is used for passing hostname already)
rawurl=$(echo "$url" | sed "s/$hostname/127.0.0.1:$GWAY_PORT/")
curl -H "Host: $hostname" --verbose "$rawurl" 1>response_a 2>&1
# HTTP proxy
# (hostname is passed via URL)
# Note: proxy client should not care, but curl does DNS lookup
# for some reason anyway, so we pass static DNS mapping
curl -x $proxy --verbose "$url" 1>response_b 2>&1
# HTTP proxy 1.0
# (repeating proxy test with older spec, just to be sure)
curl --proxy1.0 $proxy --verbose "$url" 1>response_c 2>&1
# HTTP proxy tunneling (CONNECT)
# https://tools.ietf.org/html/rfc7231#section-4.3.6
# In HTTP/1.x, the pseudo-method CONNECT
# can be used to convert an HTTP connection into a tunnel to a remote host
curl --proxytunnel -x $proxy -H "Host: $hostname" --verbose "$rawurl" 1>response_d 2>&1
# FIXED
curl --proxy1.0 $proxy --proxytunnel -H "Host: $hostname" --verbose "$rawurl" 1>response_e 2>&1
Raw
reponse_a
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 127.0.0.1:8080...
* Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
> GET / HTTP/1.1
> Host: bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am.ipfs.localhost
> User-Agent: curl/7.86.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Accept-Ranges: bytes
< Access-Control-Allow-Headers: Content-Type
< Access-Control-Allow-Headers: Range
< Access-Control-Allow-Headers: User-Agent
< Access-Control-Allow-Headers: X-Requested-With
< Access-Control-Allow-Methods: GET
< Access-Control-Allow-Origin: *
< Access-Control-Expose-Headers: Content-Length
< Access-Control-Expose-Headers: Content-Range
< Access-Control-Expose-Headers: X-Chunked-Output
< Access-Control-Expose-Headers: X-Ipfs-Path
< Access-Control-Expose-Headers: X-Ipfs-Roots
< Access-Control-Expose-Headers: X-Stream-Output
< Cache-Control: public, max-age=29030400, immutable
< Content-Length: 6
< Content-Type: text/plain; charset=utf-8
< Etag: "bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am"
< X-Ipfs-Path: /ipfs/bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am/
< X-Ipfs-Roots: bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am
< Date: Wed, 22 Mar 2023 11:08:51 GMT
<
{ [6 bytes data]
100 6 100 6 0 0 1201 0 --:--:-- --:--:-- --:--:-- 6000
* Connection #0 to host 127.0.0.1 left intact
hello
Raw
reponse_b
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 127.0.0.1:8080...
* Connected to (nil) (127.0.0.1) port 8080 (#0)
> GET http://bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am.ipfs.localhost/ HTTP/1.1
> Host: bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am.ipfs.localhost
> User-Agent: curl/7.86.0
> Accept: */*
> Proxy-Connection: Keep-Alive
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Accept-Ranges: bytes
< Access-Control-Allow-Headers: Content-Type
< Access-Control-Allow-Headers: Range
< Access-Control-Allow-Headers: User-Agent
< Access-Control-Allow-Headers: X-Requested-With
< Access-Control-Allow-Methods: GET
< Access-Control-Allow-Origin: *
< Access-Control-Expose-Headers: Content-Length
< Access-Control-Expose-Headers: Content-Range
< Access-Control-Expose-Headers: X-Chunked-Output
< Access-Control-Expose-Headers: X-Ipfs-Path
< Access-Control-Expose-Headers: X-Ipfs-Roots
< Access-Control-Expose-Headers: X-Stream-Output
< Cache-Control: public, max-age=29030400, immutable
< Content-Length: 6
< Content-Type: text/plain; charset=utf-8
< Etag: "bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am"
< X-Ipfs-Path: /ipfs/bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am/
< X-Ipfs-Roots: bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am
< Date: Wed, 22 Mar 2023 11:08:51 GMT
<
{ [6 bytes data]
100 6 100 6 0 0 1645 0 --:--:-- --:--:-- --:--:-- 6000
* Connection #0 to host (nil) left intact
hello
Raw
reponse_c
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 127.0.0.1:8080...
* Connected to (nil) (127.0.0.1) port 8080 (#0)
> GET http://bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am.ipfs.localhost/ HTTP/1.1
> Host: bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am.ipfs.localhost
> User-Agent: curl/7.86.0
> Accept: */*
> Proxy-Connection: Keep-Alive
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Accept-Ranges: bytes
< Access-Control-Allow-Headers: Content-Type
< Access-Control-Allow-Headers: Range
< Access-Control-Allow-Headers: User-Agent
< Access-Control-Allow-Headers: X-Requested-With
< Access-Control-Allow-Methods: GET
< Access-Control-Allow-Origin: *
< Access-Control-Expose-Headers: Content-Length
< Access-Control-Expose-Headers: Content-Range
< Access-Control-Expose-Headers: X-Chunked-Output
< Access-Control-Expose-Headers: X-Ipfs-Path
< Access-Control-Expose-Headers: X-Ipfs-Roots
< Access-Control-Expose-Headers: X-Stream-Output
< Cache-Control: public, max-age=29030400, immutable
< Content-Length: 6
< Content-Type: text/plain; charset=utf-8
< Etag: "bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am"
< X-Ipfs-Path: /ipfs/bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am/
< X-Ipfs-Roots: bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am
< Date: Wed, 22 Mar 2023 11:08:51 GMT
<
{ [6 bytes data]
100 6 100 6 0 0 2086 0 --:--:-- --:--:-- --:--:-- 6000
* Connection #0 to host (nil) left intact
hello
Raw
reponse_d
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 127.0.0.1:8080...
* Connected to (nil) (127.0.0.1) port 8080 (#0)
* allocate connect buffer
* Establish HTTP proxy tunnel to 127.0.0.1:8080
> CONNECT 127.0.0.1:8080 HTTP/1.1
> Host: 127.0.0.1:8080
> User-Agent: curl/7.86.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 OK
< Date: Wed, 22 Mar 2023 11:08:51 GMT
< Content-Length: 0
* Ignoring Content-Length in CONNECT 200 response
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed
> GET / HTTP/1.1
> Host: bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am.ipfs.localhost
> User-Agent: curl/7.86.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Accept-Ranges: bytes
< Access-Control-Allow-Headers: Content-Type
< Access-Control-Allow-Headers: Range
< Access-Control-Allow-Headers: User-Agent
< Access-Control-Allow-Headers: X-Requested-With
< Access-Control-Allow-Methods: GET
< Access-Control-Allow-Origin: *
< Access-Control-Expose-Headers: Content-Length
< Access-Control-Expose-Headers: Content-Range
< Access-Control-Expose-Headers: X-Chunked-Output
< Access-Control-Expose-Headers: X-Ipfs-Path
< Access-Control-Expose-Headers: X-Ipfs-Roots
< Access-Control-Expose-Headers: X-Stream-Output
< Cache-Control: public, max-age=29030400, immutable
< Content-Length: 6
< Content-Type: text/plain; charset=utf-8
< Etag: "bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am"
< X-Ipfs-Path: /ipfs/bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am/
< X-Ipfs-Roots: bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am
< Date: Wed, 22 Mar 2023 11:08:51 GMT
<
{ [6 bytes data]
100 6 100 6 0 0 1965 0 --:--:-- --:--:-- --:--:-- 6000
* Connection #0 to host (nil) left intact
hello
Raw
reponse_e
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 127.0.0.1:8080...
* Connected to (nil) (127.0.0.1) port 8080 (#0)
* allocate connect buffer
* Establish HTTP proxy tunnel to 127.0.0.1:8080
> CONNECT 127.0.0.1:8080 HTTP/1.0
> Host: 127.0.0.1:8080
> User-Agent: curl/7.86.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.0 200 OK
< Date: Wed, 22 Mar 2023 11:10:35 GMT
< Content-Length: 0
* Ignoring Content-Length in CONNECT 200 response
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed
> GET / HTTP/1.1
> Host: bafkreicysg23kiwv34eg2d7qweipxwosdo2py4ldv42nbauguluen5v6am.ipfs.localhost
> User-Agent: curl/7.86.0
> Accept: */*
>
* Recv failure: Connection reset by peer
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Closing connection 0
curl: (56) Recv failure: Connection reset by peer
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment