Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
4.3.2, 4.3.3, 4.3.4, 4.4 Alpha1
-
None
Description
HttpClient seems to have a problem accessing websites using SSL behind a proxy when authentication is disabled.
How to reproduce:
Create a HttpClient with a proxy and authentication disabled, and use it to access a "https" website (note that the proxy does not require authentication):
Example.java
HttpClientBuilder
.create()
.setDefaultRequestConfig(
RequestConfig
.custom()
.setAuthenticationEnabled(false)
.build())
.setProxy(someProxy)
.build()
.execute(
RequestBuilder
.create(HttpGet.METHOD_NAME)
.setUri("https://some.site")
.build());
The request fails with the following exception:
DEBUG - Connection request: [route: {tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443][total kept alive: 0; route allocated: 0 of 100; total allocated: 0 of 100]
DEBUG - Connection leased: [id: 0][route: {tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443][total kept alive: 0; route allocated: 1 of 100; total allocated: 1 of 100]
DEBUG - Opening connection {tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443
DEBUG - Connecting to ec2-54-73-107-194.eu-west-1.compute.amazonaws.com/54.73.107.194:3128
DEBUG - Connection established 192.168.0.21:53559<->54.73.107.194:3128
DEBUG - http-outgoing-0 >> CONNECT provisioning.eu.blackberry.com:443 HTTP/1.1
DEBUG - http-outgoing-0 >> Host: provisioning.eu.blackberry.com
DEBUG - http-outgoing-0 >> Proxy-Connection: Keep-Alive
DEBUG - http-outgoing-0 >> "CONNECT provisioning.eu.blackberry.com:443 HTTP/1.1[\r][\n]"
DEBUG - http-outgoing-0 >> "Host: provisioning.eu.blackberry.com[\r][\n]"
DEBUG - http-outgoing-0 >> "Proxy-Connection: Keep-Alive[\r][\n]"
DEBUG - http-outgoing-0 >> "[\r][\n]"
DEBUG - http-outgoing-0 << "HTTP/1.0 200 Connection established[\r][\n]"
DEBUG - http-outgoing-0 << "[\r][\n]"
DEBUG - http-outgoing-0 << HTTP/1.0 200 Connection established
DEBUG - http-outgoing-0 >> CONNECT provisioning.eu.blackberry.com:443 HTTP/1.1
DEBUG - http-outgoing-0 >> Host: provisioning.eu.blackberry.com
DEBUG - http-outgoing-0 >> Proxy-Connection: Keep-Alive
DEBUG - http-outgoing-0 >> "CONNECT provisioning.eu.blackberry.com:443 HTTP/1.1[\r][\n]"
DEBUG - http-outgoing-0 >> "Host: provisioning.eu.blackberry.com[\r][\n]"
DEBUG - http-outgoing-0 >> "Proxy-Connection: Keep-Alive[\r][\n]"
DEBUG - http-outgoing-0 >> "[\r][\n]"
DEBUG - http-outgoing-0 << "end of stream"
DEBUG - http-outgoing-0: Close connection
DEBUG - http-outgoing-0: Shutdown connection
DEBUG - Connection discarded
DEBUG - http-outgoing-0: Close connection
DEBUG - Connection released: [id: 0][route: {tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443][total kept alive: 0; route allocated: 0 of 100; total allocated: 0 of 100]
INFO - I/O exception (org.apache.http.NoHttpResponseException) caught when processing request to {tls}->http://ec2-54-73-107-194.eu-west-1.compute.amazonaws.com:3128->https://provisioning.eu.blackberry.com:443: The target server failed to respond
DEBUG - The target server failed to respond
org.apache.http.NoHttpResponseException: The target server failed to respond
at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:143)
at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:57)
at org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:261)
at org.apache.http.impl.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:165)
at org.apache.http.impl.conn.CPoolProxy.receiveResponseHeader(CPoolProxy.java:167)
at org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:271)
at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:123)
at org.apache.http.impl.execchain.MainClientExec.createTunnelToTarget(MainClientExec.java:457)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:382)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:221)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:199)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:87)
at org.apache.http.impl.execchain.ServiceUnavailableRetryExec.execute(ServiceUnavailableRetryExec.java:83)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:84)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
It seems to be because of the for loop not being properly exited in org.apache.http.impl.execchain.MainClientExec.createTunnelToTarget when config.isAuthenticationEnabled() returns false:
MainClientExec.java
private boolean createTunnelToTarget( ... for (;;) { ... if (config.isAuthenticationEnabled()) { ... } } ... }