[tor-bugs] #22865 [Obfuscation/meek]: Explicitly set Content-Length to zero when there is no data to send

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Jul 16 18:54:18 UTC 2017 

#22865: Explicitly set Content-Length to zero when there is no data to send
------------------------------+------------------------------
 Reporter:  twim              |          Owner:  dcf
     Type:  defect            |         Status:  needs_review
 Priority:  Medium            |      Milestone:
Component:  Obfuscation/meek  |        Version:
 Severity:  Normal            |     Resolution:
 Keywords:                    |  Actual Points:
Parent ID:                    |         Points:
 Reviewer:                    |        Sponsor:
------------------------------+------------------------------

Comment (by twim):

 Replying to [comment:9 dcf]:
 > I've just done a test here locally, and meek-client compiled with
 `go1.8.3 linux/amd64` sends `Content-Length: 0` even without the patch
 from this ticket. I inspected the traffic by running a socat shim on port
 4000:
 > ...
 > Are you able to reproduce this? I don't see how the patch would cause it
 to behave any differently.

 Yes I am. It turns out that `Content-Length` is being set to 0 when
 HTTP/1.1 is used, and omitted in case of HTTP/2.

 > And the documentation for [https://golang.org/pkg/net/http/#NewRequest
 http.NewRequest] says that a *bytes.Reader has special handling and sets
 the body to the magic value [https://golang.org/pkg/net/http/#pkg-
 variables NoBody] when the length of the Reader is 0:

 No, it says that body is set to NoBody if `request.ContentLength == 0`.


 > So I'm wondering if this patch is really needed? If so, can you give me
 complete reproduction instructions so that I can see the bug for myself?

 Yes, see https://github.com/golang/go/issues/20257 for details. And this
 is a blocker on GAE Flex (maybe others).

 I wrote a PoC for this (see attachments). With HTTP/2 it makes a request
 like this:
 `POST / HTTP/2.0\r\nHost: meek.appspot.com\r\nAccept-Encoding: gzip\r
 \nUser-Agent: Go-http-client/2.0\r\n\r\n`
 So this gets proxied via HTTP/1.1 to the application. If there is a
 middleware in between it returns `411 Length Required`.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22865#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list