lib/fetch/http.c: send proxy auth on https as connect header.

fixes #185
This commit is contained in:
Enno Boland 2016-07-04 09:02:19 +02:00
parent f196abb207
commit 934a59ecd9

View File

@ -695,6 +695,24 @@ http_authorize(conn_t *conn, const char *hdr, const char *p)
* Helper functions for connecting to a server or proxy * Helper functions for connecting to a server or proxy
*/ */
/*
* Send headers consumed by the proxy server.
*/
static void
send_proxy_headers(conn_t *conn, struct url *purl)
{
char *p;
/* proxy authorization */
if (purl) {
if (*purl->user || *purl->pwd)
http_basic_auth(conn, "Proxy-Authorization",
purl->user, purl->pwd);
else if ((p = getenv("HTTP_PROXY_AUTH")) != NULL && *p != '\0')
http_authorize(conn, "Proxy-Authorization", p);
}
}
/* /*
* Connect to the correct HTTP server or proxy. * Connect to the correct HTTP server or proxy.
*/ */
@ -733,8 +751,13 @@ http_connect(struct url *URL, struct url *purl, const char *flags, int *cached)
/* fetch_connect() has already set an error code */ /* fetch_connect() has already set an error code */
return (NULL); return (NULL);
if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0 && purl) { if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0 && purl) {
http_cmd(conn, "CONNECT %s:%d HTTP/1.1\r\n\r\n", http_cmd(conn, "CONNECT %s:%d HTTP/1.1\r\n",
URL->host, URL->port); URL->host, URL->port);
send_proxy_headers(conn, purl);
http_cmd(conn, "\r\n");
if (http_get_reply(conn) != HTTP_OK) { if (http_get_reply(conn) != HTTP_OK) {
fetch_close(conn); fetch_close(conn);
return (NULL); return (NULL);
@ -909,14 +932,8 @@ http_request(struct url *URL, const char *op, struct url_stat *us,
/* virtual host */ /* virtual host */
http_cmd(conn, "Host: %s\r\n", host); http_cmd(conn, "Host: %s\r\n", host);
/* proxy authorization */ if (strcasecmp(URL->scheme, SCHEME_HTTPS) != 0)
if (purl) { send_proxy_headers(conn, purl);
if (*purl->user || *purl->pwd)
http_basic_auth(conn, "Proxy-Authorization",
purl->user, purl->pwd);
else if ((p = getenv("HTTP_PROXY_AUTH")) != NULL && *p != '\0')
http_authorize(conn, "Proxy-Authorization", p);
}
/* server authorization */ /* server authorization */
if (need_auth || *url->user || *url->pwd) { if (need_auth || *url->user || *url->pwd) {