Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTPS Request through HTTP Proxy is sent incorrectly when using chunked body #6279

Open
moshec2 opened this issue Nov 8, 2022 · 3 comments
Open

HTTPS Request through HTTP Proxy is sent incorrectly when using chunked body #6279

moshec2 opened this issue Nov 8, 2022 · 3 comments

Comments

@moshec2
Copy link

moshec2 commented Nov 8, 2022
edited

I am using the chunked request body feature (data=generator). When defining a HTTP proxy and sending a request to a HTTPS URL, requests is trying to perform a TLS handshake with the (HTTP) proxy server, instead of sending a CONNECT request and performing the handshake with the target server through the tunnel. This behaviour prevents the request from completing successfully.

Expected Result

requests should send a CONNECT request to the proxy and negotiate TLS with the target server through the tunnel.

Actual Result

requests tries to negotiate TLS directly with the HTTP proxy server, and fails to do so.

Reproduction Steps

Run an HTTP proxy on 127.0.0.1:8080 and execute the following code:

  import requests
  
  def body_generator():
    yield "test"
    return
  
  requests.post("https://www.google.com/",
    proxies={"https": "http://127.0.0.1:8080/"},
    data=body_generator(),
  )

More info

The chunked encoding generator feature is implemented in requests/adapters.py:

try:
    if not chunked:
        resp = conn.urlopen(
            ...
        )

    # Send the request.
    else:
        if hasattr(conn, "proxy_pool"):
            conn = conn.proxy_pool

        low_conn = conn._get_conn(timeout=DEFAULT_POOL_TIMEOUT)

        try:
            ... Send request with chunked body ...

In the case of chunked encoding, instead of using conn.urlopen to send the request, it uses conn._get_conn and sends the request manually.
It seems like, for some reason, conn._get_conn is not handling the proxy correctly.
@sveint sveint mentioned this issue Mar 3, 2023
Closed
@sveint
Copy link

sveint commented Mar 3, 2023

I can confirm this is still an issue on latest release.
I filed a duplicate issue (now closed) here: #6371

@SteniMariyaThomas
Copy link

SteniMariyaThomas commented May 5, 2023
edited

I am using requests 2.28.2 with urllib3 as 1.26.14, and getting below issue when calling the api (proxy is not added).

requests.exceptions.SSLError: HTTPSConnectionPool(host="my client host", port="my client port"): Max retries exceeded with url: /v1/omni-channel/message (Caused by SSLError(SSLError(1, '[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1129)')))

Is there anything else that I need to check?

@MozarM
Copy link

MozarM commented Jun 22, 2023

Seems there is an issue with the SSL/TLS connection when making the API call.

You can check few things -

  1. Verify the URL: Ensure that the URL you are using is correct and corresponds to the intended API endpoint.
  2. Updating the libraries 'requests' and its dependencies 'urllib' and 'ssl' to the latest one.
  3. Verify the SSL/TLS version compatibility with the client-server versions

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@MozarM @sveint @moshec2 @SteniMariyaThomas