mirror of
https://github.com/curl/curl.git
synced 2024-11-21 01:16:58 +08:00
Added a new 'bit' in the connect struct named 'tunnel_proxy' that is set
if a connection is tunneled through a proxy. A tunnel is done with CONNECT, either when using HTTPS or FTPS, or if explicitly enabled by the app.
This commit is contained in:
parent
fd802db39f
commit
2c43d64302
@ -487,7 +487,7 @@ CURLcode Curl_ftp_connect(struct connectdata *conn)
|
|||||||
ftp->passwd = conn->passwd;
|
ftp->passwd = conn->passwd;
|
||||||
ftp->response_time = 3600; /* set default response time-out */
|
ftp->response_time = 3600; /* set default response time-out */
|
||||||
|
|
||||||
if (data->set.tunnel_thru_httpproxy) {
|
if (conn->bits.tunnel_proxy) {
|
||||||
/* We want "seamless" FTP operations through HTTP proxy tunnel */
|
/* We want "seamless" FTP operations through HTTP proxy tunnel */
|
||||||
result = Curl_ConnectHTTPProxyTunnel(conn, FIRSTSOCKET,
|
result = Curl_ConnectHTTPProxyTunnel(conn, FIRSTSOCKET,
|
||||||
conn->host.name, conn->remote_port);
|
conn->host.name, conn->remote_port);
|
||||||
@ -1702,7 +1702,7 @@ CURLcode ftp_use_pasv(struct connectdata *conn,
|
|||||||
/* this just dumps information about this second connection */
|
/* this just dumps information about this second connection */
|
||||||
ftp_pasv_verbose(conn, conninfo, newhostp, connectport);
|
ftp_pasv_verbose(conn, conninfo, newhostp, connectport);
|
||||||
|
|
||||||
if(data->set.tunnel_thru_httpproxy) {
|
if(conn->bits.tunnel_proxy) {
|
||||||
/* We want "seamless" FTP operations through HTTP proxy tunnel */
|
/* We want "seamless" FTP operations through HTTP proxy tunnel */
|
||||||
result = Curl_ConnectHTTPProxyTunnel(conn, SECONDARYSOCKET,
|
result = Curl_ConnectHTTPProxyTunnel(conn, SECONDARYSOCKET,
|
||||||
newhostp, newport);
|
newhostp, newport);
|
||||||
|
19
lib/http.c
19
lib/http.c
@ -254,8 +254,12 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
|
|||||||
* done.
|
* done.
|
||||||
*
|
*
|
||||||
* @param conn all information about the current connection
|
* @param conn all information about the current connection
|
||||||
|
* @param request pointer to the request keyword
|
||||||
|
* @param path pointer to the requested path
|
||||||
|
* @param proxytunnel boolean if this is the request setting up a "proxy
|
||||||
|
* tunnel"
|
||||||
*
|
*
|
||||||
* Returns CURLcode
|
* @returns CURLcode
|
||||||
*/
|
*/
|
||||||
static CURLcode
|
static CURLcode
|
||||||
Curl_http_output_auth(struct connectdata *conn,
|
Curl_http_output_auth(struct connectdata *conn,
|
||||||
@ -304,7 +308,7 @@ Curl_http_output_auth(struct connectdata *conn,
|
|||||||
|
|
||||||
/* Send proxy authentication header if needed */
|
/* Send proxy authentication header if needed */
|
||||||
if (conn->bits.httpproxy &&
|
if (conn->bits.httpproxy &&
|
||||||
(data->set.tunnel_thru_httpproxy == proxytunnel)) {
|
(conn->bits.tunnel_proxy == proxytunnel)) {
|
||||||
#ifdef USE_SSLEAY
|
#ifdef USE_SSLEAY
|
||||||
if(data->state.authproxy.want == CURLAUTH_NTLM) {
|
if(data->state.authproxy.want == CURLAUTH_NTLM) {
|
||||||
auth=(char *)"NTLM";
|
auth=(char *)"NTLM";
|
||||||
@ -1136,10 +1140,9 @@ CURLcode Curl_http_connect(struct connectdata *conn)
|
|||||||
* has occured, can we start talking SSL
|
* has occured, can we start talking SSL
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if(conn->bits.httpproxy &&
|
if(conn->bits.tunnel_proxy) {
|
||||||
((conn->protocol & PROT_HTTPS) || data->set.tunnel_thru_httpproxy)) {
|
|
||||||
|
|
||||||
/* either HTTPS over proxy, OR explicitly asked for a tunnel */
|
/* either SSL over proxy, or explicitly asked for */
|
||||||
result = Curl_ConnectHTTPProxyTunnel(conn, FIRSTSOCKET,
|
result = Curl_ConnectHTTPProxyTunnel(conn, FIRSTSOCKET,
|
||||||
conn->host.name,
|
conn->host.name,
|
||||||
conn->remote_port);
|
conn->remote_port);
|
||||||
@ -1396,9 +1399,9 @@ CURLcode Curl_http(struct connectdata *conn)
|
|||||||
return CURLE_OUT_OF_MEMORY;
|
return CURLE_OUT_OF_MEMORY;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (conn->bits.httpproxy &&
|
if (conn->bits.httpproxy && !conn->bits.tunnel_proxy) {
|
||||||
!data->set.tunnel_thru_httpproxy &&
|
/* Using a proxy but does not tunnel through it */
|
||||||
!(conn->protocol&PROT_HTTPS)) {
|
|
||||||
/* The path sent to the proxy is in fact the entire URL. But if the remote
|
/* The path sent to the proxy is in fact the entire URL. But if the remote
|
||||||
host is a IDN-name, we must make sure that the request we produce only
|
host is a IDN-name, we must make sure that the request we produce only
|
||||||
uses the encoded host name! */
|
uses the encoded host name! */
|
||||||
|
@ -2137,6 +2137,7 @@ static CURLcode CreateConnection(struct SessionHandle *data,
|
|||||||
conn->bits.user_passwd = data->set.userpwd?1:0;
|
conn->bits.user_passwd = data->set.userpwd?1:0;
|
||||||
conn->bits.proxy_user_passwd = data->set.proxyuserpwd?1:0;
|
conn->bits.proxy_user_passwd = data->set.proxyuserpwd?1:0;
|
||||||
conn->bits.no_body = data->set.opt_no_body;
|
conn->bits.no_body = data->set.opt_no_body;
|
||||||
|
conn->bits.tunnel_proxy = data->set.tunnel_thru_httpproxy;
|
||||||
|
|
||||||
/* This initing continues below, see the comment "Continue connectdata
|
/* This initing continues below, see the comment "Continue connectdata
|
||||||
* initialization here" */
|
* initialization here" */
|
||||||
@ -2837,6 +2838,13 @@ static CURLcode CreateConnection(struct SessionHandle *data,
|
|||||||
free(proxydup); /* free the duplicate pointer and not the modified */
|
free(proxydup); /* free the duplicate pointer and not the modified */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*************************************************************
|
||||||
|
* If the protcol is using SSL and HTTP proxy is used, we set
|
||||||
|
* the tunnel_proxy bit.
|
||||||
|
*************************************************************/
|
||||||
|
if((conn->protocol&PROT_SSL) && conn->bits.httpproxy)
|
||||||
|
conn->bits.tunnel_proxy = TRUE;
|
||||||
|
|
||||||
/*************************************************************
|
/*************************************************************
|
||||||
* Take care of user and password authentication stuff
|
* Take care of user and password authentication stuff
|
||||||
*************************************************************/
|
*************************************************************/
|
||||||
|
@ -309,6 +309,10 @@ struct ConnectBits {
|
|||||||
bool retry; /* this connection is about to get closed and then
|
bool retry; /* this connection is about to get closed and then
|
||||||
re-attempted at another connection. */
|
re-attempted at another connection. */
|
||||||
bool no_body; /* CURLOPT_NO_BODY (or similar) was set */
|
bool no_body; /* CURLOPT_NO_BODY (or similar) was set */
|
||||||
|
bool tunnel_proxy; /* if CONNECT is used to "tunnel" through the proxy.
|
||||||
|
This is implicit when SSL-protocols are used through
|
||||||
|
proxies, but can also be enabled explicitly by
|
||||||
|
apps */
|
||||||
};
|
};
|
||||||
|
|
||||||
struct hostname {
|
struct hostname {
|
||||||
|
Loading…
Reference in New Issue
Block a user