Re: HTTPSConnection script fails, but only on some servers (long)

---

• From: "Paul Winkler" <stuff@xxxxxxxxxx>
• Date: 13 Apr 2005 10:51:03 -0700

---

Thanks for the replies, Steve and Andreas! I will check out pycurl,
thanks very much for the tip.

Meanwhile, I'm trying to prepare a bug report re. httplib and get as
much information as possible.

Something I neglected to mention: when the script hits the problematic
server, it always takes about 3 minutes to get the Bad Gateway
response. Don't know if that's indicative of anything.

I added a bunch of blather to httplib.py to see at what point things
are waiting, or if it was stuck in a loop or what. The result is pretty
clear: we get as far as this point in SSLFile:

def _read(self):
buf = ''
# put in a loop so that we retry on transient errors
while True:
try:
buf = self._ssl.read(self._bufsize)

.... at which point we simply wait for the server for three minutes,
Then a response finally comes back, no exceptions are caught or raised
within _read(), and finally _read() returns buf. I can't easily trace
any deeper because self._ssl apparently comes from _ssl.so and I don't
fancy hacking at the C code.

Do these observations seem consistent with the hypothesis that
HTTPSConnection is failing to handle the HTTP 1.0 proxy?

I will also see what else I can find out from the admin. Maybe there's
more useful info in the logs somewhere. Unfortunately IIRC our jboss
log is always clogged with a few zillion irrelevant messages ... that
should be fun.

-PW

.

---

• References:
  • HTTPSConnection script fails, but only on some servers (long)
    • From: Paul Winkler
  • Re: HTTPSConnection script fails, but only on some servers (long)
    • From: andreas

• Prev by Date: Re: Compute pi to base 12 using Python?
• Next by Date: How to call a function in embeded python code in delphi?
• Previous by thread: Re: HTTPSConnection script fails, but only on some servers (long)
• Next by thread: Re: HTTPSConnection script fails, but only on some servers (long)
• Index(es):
  • Date
  • Thread

---

Relevant Pages [REVS] Introduction to HTTP Response Splitting ... single HTTP request that forces the web server to form an output stream, ... one response. ... HTTP response splitting is a fairly new web application vulnerability. ... Web cache poisoning: In this form a rather larger defacement takes place ... (Securiteam) RE: isa 2004 & external website access issue ... emailed the logs to you as requested. ... each web server has its own public IP ... > headers in ISA Server ... > 'Microsoft Firewall' service. ... (microsoft.public.windows.server.sbs) RE: Exchange Server ... I researched your logs and found the MSExchangeTransport events 4006, 969, ... Right click Default SMTP Virtual Server and select Properties. ... Microsoft CSS Online Newsgroup Support ... This newsgroup only focuses on SBS technical issues. ... (microsoft.public.windows.server.sbs) RE: OWA 2003 with ISA 2004 ... OWA externally. ... i can login by any user. ... 825763 How to configure Internet access in Windows Small Business Server ... g. Reproduce this issue and send the logs to me. ... (microsoft.public.windows.server.sbs) RE: OWA 2003 with ISA 2004 ... I understand that you can not login OWA from ... 825763 How to configure Internet access in Windows Small Business Server ... g. Reproduce this issue and send the logs to me. ... and then right click 'Microsoft Firewall' to ... (microsoft.public.windows.server.sbs)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

coding.derkeiler.com  > Archive  > Python  > comp.lang.python  > 2005-04