IPv6 address malformatted in getca requests
rberkow opened this issue · 0 comments
When issuing a getca
request to an IPv6 address such as the following:
sscep getca -u "http://[::1]/CertSrv/mscep/" -c "example.cert" -d
The HTTP request gets sent without the [
and ]
characters present in the host field. Example output of the above, with debug enabled:
sscep: starting sscep, version 0.10.0
sscep: new transaction
sscep: transaction id: SSCEP transactionId
sscep: hostname: ::1
sscep: directory: CertSrv/mscep/
sscep: port: 80
sscep: SCEP_OPERATION_GETCAPS
sscep: scep request:
GET /CertSrv/mscep/?operation=GetCACaps HTTP/1.1
Host: ::1
Connection: close
(I verified the square brackets are not present in the Host
field also by taking a packet capture of the resulting HTTP GET request)
The following RFCs specify the IPv6 address in Host
field must be surrounded by [
and ]
:
https://www.ietf.org/rfc/rfc2732.txt
https://tools.ietf.org/html/rfc7230#section-5.4
https://tools.ietf.org/html/rfc3986#section-3.2.2
My NDES server rejects HTTP requests with host IPv6 address not enclosed by square brackets, returning the error
HTTP Error 400. The request hostname is invalid.
When issuing a GET request to the same address using curl
or wget
the server returns 200.