[syslinux] lpxelinux.0 does not set the port number in the http Host: header

Gene Cumm gene.cumm at gmail.com
Fri Oct 9 03:30:38 PDT 2015 

On Thu, Oct 8, 2015 at 10:47 PM, Michael DeCandia via Syslinux
<syslinux at zytor.com> wrote:
> Hello all,
>
> I think I may have found a bug with the way lpxelinux.0 sends http
> requests.  Specifically when I trace the requests I notice that the
> Host: header does not contain the port that was used to make the
> request.
>
> Here's my scenario.  I have a python Flask app that dynamically
> generates the PXE menu for kickstarts.  When I request a URL the
> server responds with a file containing more URLs based on Flask's
> request.url_root.  My web server is running on a non-standard port,
> 5550.  When my generated menu file came back I noticed that all of the
> included URLs were lacking the port.  So instead of seeing the
> following:
>
> LABEL rhelresc-manual
>     MENU LABEL   Red Hat Enterprise Linux 6 Rescue (HTTP - Manual)
>     KERNEL
> http://foo.example.com:5550/autoprov/Linux__RedHat__6Server__x86_64/vendor_media/images/pxeboot/vmlinuz
>     INITRD
> http://foo.example.com:5550/autoprov/Linux__RedHat__6Server__x86_64/vendor_media/images/pxeboot/initrd.img
>     APPEND           root=/dev/ram0 text rescue
>
> I received (note the missing port number on foo.example.com):
>
> LABEL rhelresc-manual
>     MENU LABEL   Red Hat Enterprise Linux 6 Rescue (HTTP - Manual)
>     KERNEL
> http://foo.example.com/autoprov/Linux__RedHat__6Server__x86_64/vendor_media/images/pxeboot/vmlinuz
>     INITRD
> http://foo.example.com/autoprov/Linux__RedHat__6Server__x86_64/vendor_media/images/pxeboot/initrd.img
>     APPEND           root=/dev/ram0 text rescue
>
>
> A packet trace shows the following headers when fetching
> http://foo.example.com:5550/autoprov/tftpboot/pxelinux.cfg/01-00-0f-53-27-22-e0.
>
> GET //autoprov/tftpboot/pxelinux.cfg/01-00-0f-53-27-22-e0 HTTP/1.0
> Host: foo.example.com
> User-Agent: Syslinux/6.03
> Connection: close
> Cookie: _Syslinux_ip=10.219.25.26%3A10.219.26.71%3A10.219.25.1%3A255.255.255.192;_Syslinux_BOOTIF=01-00-0f-53-27-22-e0;_Syslinux_SYSUUID=44454c4c-3200-105a-8043-c6c04f523232;_Syslinux_CPU=6PVTXL;_Syslinux_SYSVENDOR=Dell+Inc.;_Syslinux_SYSPRODUCT=PowerEdge+R630;_Syslinux_SYSSERIAL=F2ZCR22;_Syslinux_SYSSKU=SKU%3DNotProvided%3BModelName%3DPowerEdge+R630;_Syslinux_SYSFAMILY=PowerEdge;_Syslinux_MBVENDOR=Dell+Inc.;_Syslinux_MBPRODUCT=0CNCJW;_Syslinux_MBVERSION=A03;_Syslinux_MBSERIAL=.F2ZCR22.CN747514AN0076.;_Syslinux_BIOSVENDOR=Dell+Inc.;_Syslinux_BIOSVERSION=1.1.4;_Syslinux_SYSFF=23;
>
> The web server trusts the Host: header more than I expected.  While I
> feel like that's a Flask/uwsgi bug (feature?) I need to deal with,
> lpxelinux.0 should still send the header as "Host:
> foo.example.com:5550".  I realize that the host header is only
> required as part of HTTP/1.1, and this is a HTTP/1.0 request, but it
> would make sense to implement it as defined in the HTTP/1.1 spec or to
> just remove it.
>
> This was found on syslinux-6.0.3 using the official binaries.  I found
> a couple of other bugs/bad behaviors too, but it's probably best if I
> post those separately.
>
>
> -Mike
>
> _______________________________________________
> Syslinux mailing list
> Submissions to Syslinux at zytor.com
> Unsubscribe or set options at:
> http://www.zytor.com/mailman/listinfo/syslinux



-- 
-Gene

More information about the Syslinux mailing list