Issue #17849: Raise sensible exception for invalid HTTP tunnel response

Initial patch from Cory Benfield.

Lib/httplib.py

@@ -810,6 +810,11 @@ class HTTPConnection:
                                        method = self._method)
         (version, code, message) = response._read_status()
 
+        if version == "HTTP/0.9":
+            # HTTP/0.9 doesn't support the CONNECT verb, so if httplib has
+            # concluded HTTP/0.9 is being used something has gone wrong.
+            self.close()
+            raise socket.error("Invalid response from tunnel request")
         if code != 200:
             self.close()
             raise socket.error("Tunnel connection failed: %d %s" % (code,

Lib/test/test_httplib.py

@@ -578,6 +578,16 @@ class BasicTest(TestCase):
         #self.assertTrue(response[0].closed)
         self.assertTrue(conn.sock.file_closed)
 
+    def test_proxy_tunnel_without_status_line(self):
+        # Issue 17849: If a proxy tunnel is created that does not return
+        # a status code, fail.
+        body = 'hello world'
+        conn = httplib.HTTPConnection('example.com', strict=False)
+        conn.set_tunnel('foo')
+        conn.sock = FakeSocket(body)
+        with self.assertRaisesRegexp(socket.error, "Invalid response"):
+            conn._tunnel()
+
 class OfflineTest(TestCase):
     def test_responses(self):
         self.assertEqual(httplib.responses[httplib.NOT_FOUND], "Not Found")

Misc/ACKS

@@ -107,6 +107,7 @@ Ben Bell
 Thomas Bellman
 Alexander “Саша” Belopolsky
 Eli Bendersky
+Cory Benfield
 David Benjamin
 Oscar Benjamin
 Andrew Bennetts

Misc/NEWS

@@ -37,6 +37,10 @@ Core and Builtins
 Library
 -------
 
+- Issue #17849: Raise a sensible exception if an invalid response is
+  received for a HTTP tunnel request, as seen with some servers that
+  do not support tunnelling.  Initial patch from Cory Benfield.
+
 - Issue #16180: Exit pdb if file has syntax error, instead of trapping user
   in an infinite loop.  Patch by Xavier de Gaye.