Hi,
I'm currently working on connecting to an HTTP server on a local network to grab log files, push configurations, and modify access rights to the server. This product could be deployed to sites where said server has SSL enabled. As such, I am doing testing on a server with SSL enabled. I already have it set up to accept server certificates, but I'm having an issue when I try to get the response of the server. The code snippet is:
System.
String path = "{undisclosed}";string addy = mResovedAddress;
if (!addy.StartsWith("http://") || !addy.StartsWith("HTTP://"))
{
addy = "http://" + addy;
}
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(addy + path);
request.AllowAutoRedirect = true;
request.Method = "GET";
request.ContentType = "application/something";
request.Headers.Add("Authorization", mEmbeddedString);
request.Timeout = 2000 + mAdditionalTimeout;
HttpWebResponse response = null;
try
{
response = (HttpWebResponse)request.GetResponse();
}
catch (WebException)
{
throw;
}
When I attempt to get the response, I receive the following WebException:
"The server committed a protocol violation. Section=ResponseHeader Detail='Content-Length' header value is invalid"
Oddly enough, I did an Ethereal capture, and Content-Length isn't even in there:
No. Time Source Destination Protocol Info
12 3.166274 {undisclosed} {undisclosed} HTTP HTTP/1.1 302 Found (text/html)
Frame 12 (483 bytes on wire, 483 bytes captured)
Ethernet II, Src: {undisclosed}, Dst: {undisclosed}
Internet Protocol, Src: {undisclosed}, Dst: {undisclosed}
Transmission Control Protocol, Src Port: http (80), Dst Port: 3892 (3892), Seq: 2321941439, Ack: 2858380326, Len:
429
Hypertext Transfer Protocol
HTTP/1.1 302 Found\r\n
Request Version: HTTP/1.1
Response Code: 302
Date: Thu, 02 Mar 2006 19:49:52 GMT\r\n
Server: Webserver\r\n
Location: https://{undisclosed}\r\n
Transfer-Encoding: chunked\r\n
Content-Type: text/html; charset=iso-8859-1\r\n
\r\n
HTTP chunked response
Data chunk (217 octets)
Chunk size: 217 octets
Data (217 bytes)
Line-based text data: text/html
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>302 Found</TITLE>
</HEAD><BODY>
<H1>Found</H1>
The document has moved <A HREF="https://{undisclosed}">here</A>.<P>
</BODY></HTML>
This isn't an entirely high priority issue... 90% of our customer sites won't have SSL enabled on these servers. Any thoughts on how I can work around this
Thanks,
Noah Nadeau
SSL server throws WebException for a protocol violation.
Des Geraghty
ms_blackhat
Let's first make sure I understand correctly what you're trying to do.
You're making an HttpWebRequest to a non ssl server and then you get redirected to an https site and that's when the error occurs, right
Now I have to questions:
1) how you're handling the certificates
2) are you using credentials in the authorization header It's better if you set the HttpWebRequest credentials yourself
Virlene
Mariya,
Thank you for your response.
You're making an HttpWebRequest to a non ssl server and then you get redirected to an https site and that's when the error occurs, right
The Ethereal capture that I saw shows that I successfully established a secure connection, but the error occurs when I attempt to get the response stream in code.
In response to your questions:
1) I set ServicePointManager.ServerCertificateValidationCallback to a static boolean method that accepts all certificates. This is strictly for debugging purposes, considering this is my first go at communicating with SSL in code.
2) I am using an authorization string in the authorization header. While I do agree that I should be setting the HttpWebRequest credentials myself, I'm following the SDK for the makers of the server with which I'm communicating by sending an authorization header. Pretty much any server I'm communicating with will accept a specific authorization string.
At this point, I'm partially convinced that the issue lies not with my code, but with the server. I'm currently working on a go-between forwarder that sends the unencrypted packets to my machine so I can do an Ethereal capture and understand the issue better. I'll keep you posted.
Thanks.
John Jeffers
In this case you are using HTTP and I don't see HTTPs.
The transfer encoding is chunked so there is no content length.
We automaticaly follow redirects so please send the complete capture of
what happens *after* the 302 doc moved. The servers *redirected* response may be
causing the protocol violation
You can use a configuration file to force accepting protocol violation.
Serach this forum for my previous posts where I posted a config fix for this
StiNKy
< xml version="1.0" encoding="utf-8" >
<configuration>
<system.net>
<settings>
<httpWebRequest useUnsafeHeaderParsing="true"/>
</settings>
</system.net>
</configuration>
Any suggestions on where to go from here As stated above, a Packet Sniffer wouldn't be much use, since the connection is encrypted via SSL
jimwill
Mike,
Thank you for responding.
I went ahead and put the configuration settings into the file, and I can perform about 50% of the operations which is better than where I was before. Some of the other operations are not going through my SSL handler, so that's my issue to fix. Thanks for the help.