Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Do not send "Connection: close" when requesting a tunnel #46070
When validating SSL certs using an a non-SSL proxy, do not send "Connection: close" when requesting a tunnel. This prevents some proxy servers from dropping the connection
RFC2817 section 5.2 (or any other section) does not specify use of sending
changed the title from
Do not send "Connection: close" when requesting a tunnel. Fixes #32750
Do not send "Connection: close" when requesting a tunnel
Sep 25, 2018
Today, I was able to verify the fix.
I used this playbook:
The fixed version worked as expected:
Ansible 2.6.4 failed (as was expected):
@webknjaz I don't have a way to easily reproduce this end-to-end, see #32750 (comment). So my best guess to avoid regressions would be to write a test with a (pseudo-)proxy that captures the headers and then simply check if the header's absent. That's not very elegant but it's the best I can think of when we cannot reproduce this in a lab environment.
I'm sure it is, although I have not reproduced the issue. I can spend a little time trying to reproduce with a container.
I however don't think we should hold this up to add the tests, since the linked issue represents a fair number of people this seems to affect.