diff options
author | Julian Andres Klode <jak@debian.org> | 2017-06-30 13:52:18 +0200 |
---|---|---|
committer | Julian Andres Klode <jak@debian.org> | 2017-06-30 15:00:41 +0200 |
commit | bafebf1afc59db7df7e0148b723f3f361770272c (patch) | |
tree | 5437fbdba6bd6c4f692c78d8cbc902f3b7f7f82b /methods | |
parent | 64207dad49f1c803d2b004ccf8fc6432789a8cc2 (diff) |
http: Add support for https:// proxies
HTTPS proxies just require unwrapping the TLS layer at the proxy
connection, that's easy, and of course sending proxy-specific
headers that are sent on "http" proxies.
Diffstat (limited to 'methods')
-rw-r--r-- | methods/http.cc | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/methods/http.cc b/methods/http.cc index 845e9c45b..35e2545e8 100644 --- a/methods/http.cc +++ b/methods/http.cc @@ -491,16 +491,21 @@ bool HttpServerState::Open() Port = ServerName.Port; Host = ServerName.Host; } - else if (Proxy.Access != "http") + else if (Proxy.Access != "http" && Proxy.Access != "https") return _error->Error("Unsupported proxy configured: %s", URI::SiteOnly(Proxy).c_str()); else { if (Proxy.Port != 0) Port = Proxy.Port; Host = Proxy.Host; + + if (Proxy.Access == "https" && Port == 0) + Port = 443; } if (!Connect(Host, Port, DefaultService, DefaultPort, ServerFd, TimeOut, Owner)) return false; + if (Host == Proxy.Host && Proxy.Access == "https" && UnwrapTLS(Proxy.Host, ServerFd, TimeOut, Owner) == false) + return false; if (Host == Proxy.Host && tls && UnwrapHTTPConnect(ServerName.Host, ServerName.Port == 0 ? DefaultPort : ServerName.Port, Proxy, ServerFd, Owner->ConfigFindI("TimeOut", 120), Owner) == false) return false; } @@ -919,8 +924,8 @@ void HttpMethod::SendReq(FetchItem *Itm) else if (Itm->LastModified != 0) Req << "If-Modified-Since: " << TimeRFC1123(Itm->LastModified, false).c_str() << "\r\n"; - if (Server->Proxy.Access == "http" && - (Server->Proxy.User.empty() == false || Server->Proxy.Password.empty() == false)) + if ((Server->Proxy.Access == "http" || Server->Proxy.Access == "https") && + (Server->Proxy.User.empty() == false || Server->Proxy.Password.empty() == false)) Req << "Proxy-Authorization: Basic " << Base64Encode(Server->Proxy.User + ":" + Server->Proxy.Password) << "\r\n"; |