Holy shit I caught 1

Mike Perry mikepery at fscked.org
Mon Aug 28 19:19:50 UTC 2006


Thus spake Fabian Keil (freebsd-listen at fabiankeil.de):

> > So even so, it's unsettling.. You download some app, iso, video, or
> > whatever via Privoxy and it kindly tells you there's a temporary
> > failure mid-binary stream. How nice of it.
> 
> How nice of you to back up your claims with enough information
> to reproduce the problem. Which error message did you get and
> did you verify the problem with another client?

I assumed that anyone who actually cared to reproduce the problem
would just run the script, because that's all I did.

Running the script out of the box with the default settings
will reproduce the problem within a few hours of scanning. You will
get tons of corrupted Torpark exes in your docs dir. Seems to really
like Torpark more than anything else. Probably cause its the biggest.

Here is the error:

  <title>503 - Connect failed (Privoxy at localhost.localdomain)</title>
          This is <a href="http://www.privoxy.org/">Privoxy</a> 3.0.3
on localhost.localdomain (127.0.0.1), port 8118<!-- @if-can-toggle-start -->,

It's embedded in the exe. strings won't find it, but grep will.

> Especially the "keeping the size exactly the same" part sounds
> more like a problem in the fetching client. Are you sure that
> your application doesn't retry failed fetch attempts without
> caring about status codes?

Client is wget. Apparently it does retry after failure. Manpage says
nothing about status codes. Maybe it doesn't know what to do with 503.
 
> Is it impossible that the download was started but the connection
> broke down, your application tried again and got a "404 no such
> domain", saved the error message in the binary stream and tried
> again with a adjusted byte range?  

Yeah, I'm thinking the connection most likely broke down, wget retried
and tried to continue the stream, but Privoxy came back with its 503
status error page instead, probably not something wget was looking
for. Wget probably tried once more after that connection closed, and
picked up the stream again.

Unfortunately my copy of curl is ignoring HTTP proxy environment
variables and --proxy command line settings, so I can't check to see
if it has the same property.

-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs



More information about the tor-talk mailing list