Closed Bug 152619 Opened 22 years ago Closed 22 years ago

PAC: https tries to do dns lookups

Categories

(Core :: Networking, defect)

Product:
Core
Component:
Networking
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

()

Status:
VERIFIED DUPLICATE of bug 171441

People

(Reporter: fy, Assigned: darin.moz)

References

(
URL
)

Details

Attachments

(1 file)

Proxy configuration
1.07 KB, text/plain
Details 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1a) Gecko/20020611
BuildID:    2002061104

If I type in 
    https://www.amazon.com
I get a message indicating that Mozilla cannot resolve the name
www.amazon.com.  It has no problem with http://www.amazon.com.

This is a simplified case of the problem.   I cannot securely log in to the
amazon web site, though I can log in using the insecure login.


Reproducible: Always
Steps to Reproduce:
1. Use a proxy
2. https://www.amazon.com
3.

Actual Results:  Error message about not being able to resolve www.amazon.com

Expected Results:  Amazon normally redirects https://www.amazon.com to its
http:// home page.  I expect to see that.
Any proxy configurations here?
You need to make sure "SSL Proxy" is in use.
Summary: Cannot resolve names when using https, proxy → Proxy: Cannot resolve names when using https
Here's useful comments from the reporter.

I hope you got my last email.

For the "manual configuration of proxy", I agree with your recent addition to
the bugtraq.

But what is one supposed to use when using a proxy configuration file?  The
Netscape documentation indicates that FindProxyForURL should return a string
with the keywords "DIRECT" and "PROXY <name>".    And it seems that https
ignores PROXY.  

Is there an additional keyword I should know about?  Or is this a bug?

== Frank Yellin
Summary: Proxy: Cannot resolve names when using https → PAC: https not working via PROXY directive
Can your machine use DNS directly? Or does the proxy have to resolve names for you?

I think PSM/NSS may be trying to do a hostname resolution.
Answering Bradley Baetz's question:

When I am inside the firewall, I have no access to name resolution of anything
outside the firewall.  The proxy handles that for me.  

It is clear from the error message that I'm getting that Mozilla is attempting
to do the name resolution instead of passing it to the proxy.  (But why does
Mozilla do the right thing when I use a manual proxy configuration instead of a
proxy configuration file?)

== Frank

Hmm. I just did a network trace of 1.0 connecting to an https server via pac,
and that didn't do dns lookups. Let me try a cvs build, now.
Summary: PAC: https not working via PROXY directive → PAC: https tries to do dns lookups
and a cvs build doesn't try this either.

Maybe dns lookups aren't the problem?
You have to do name resolution to the proxy in the PROXY directive... You could
hack your PAC file to have just an IP address for the purposes of troubleshooting.

I also commented via email that I'm pretty sure this worked based on some
dogfood and PAC smoketesting I did for mozilla 1.0 and Netscape 7.0 PR 1.

frank, any update?
I'm not sure I understand the question from Benjamin.

I just downloaded Mozilla 1.2a and the bug seems to be still there.

When I set my proxies using a Manual proxy configuration, I have no problem
accessing URL's outside my firewall.  However using the "automatic proxy
configuration" fails.  I've simply given up using automatic proxy configuration
with Mozilla.

Note that I'm using a URL for my automatic proxy configuration that works just
fine with Netscape.

The bug seems to be that the browser attempts to do DNS resolution on the name.
 It should be the proxy doing the name resolution.

== Frank
Frank: I think I know what is going on. Can you post your PAC file as an attachment?

If his PAC file is not written to send https:// to PROXY, then he would get a
DNS lookup b/c the URL would use DIRECCT.
QA Contact: benc → pacqa
-> me (waiting for feedback from reporter)
Assignee: new-network-bugs → darin
Severity: normal → minor
Attached file Proxy configuration 
Here is the proxy configuration that you asked me to send.

Actually, the bug has gotten worse.  I can no longer use http or https.  For
example, when I try to access
	     http://www.amazon.com/
It tells me that it cannot resolve www.amazon.com, even though clearly it is
the proxy that should be doing the resolution.

As the proxy configuration, I have tried all of the following:
     http://sunlabs.eng/proxy_config/eng.pac
     //sunlabs.eng/proxy_config/eng.pac
     /sunlabs.eng/proxy_config/eng.pac
and all give the same (non) results.
frank: thanks for the PAC file.  given the fact that PAC seems to be completely
hosed for you, can you please try deleting the file components/compreg.dat in
the mozilla installation directory.  there have been numerous reports about
corruption of that file leading to PAC bustage.  (please be sure to completely
quit mozilla before deleting the file; it will be regenerated the next time
mozilla starts up.)
Yes.  This now works.  Deleting the compreg.dat file seems to have made the 
problem go away.

Thanks for the help.  I wonder how my compreg.dat got corrupted.

== Frank

The compreg.dat is a generated file. The uninstaller doesn't delete it (because
the installer doesn't install this file).
You have a old compreg.dat file from an older mozilla version.
see also the release note : install in a new/clean directory

*** This bug has been marked as a duplicate of 171441 ***
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
VERIFIED/dupe
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: