Annotation of embedaddon/curl/lib/http_proxy.c, revision 1.1
1.1 ! misho 1: /***************************************************************************
! 2: * _ _ ____ _
! 3: * Project ___| | | | _ \| |
! 4: * / __| | | | |_) | |
! 5: * | (__| |_| | _ <| |___
! 6: * \___|\___/|_| \_\_____|
! 7: *
! 8: * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
! 9: *
! 10: * This software is licensed as described in the file COPYING, which
! 11: * you should have received as part of this distribution. The terms
! 12: * are also available at https://curl.haxx.se/docs/copyright.html.
! 13: *
! 14: * You may opt to use, copy, modify, merge, publish, distribute and/or sell
! 15: * copies of the Software, and permit persons to whom the Software is
! 16: * furnished to do so, under the terms of the COPYING file.
! 17: *
! 18: * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
! 19: * KIND, either express or implied.
! 20: *
! 21: ***************************************************************************/
! 22:
! 23: #include "curl_setup.h"
! 24:
! 25: #include "http_proxy.h"
! 26:
! 27: #if !defined(CURL_DISABLE_PROXY) && !defined(CURL_DISABLE_HTTP)
! 28:
! 29: #include <curl/curl.h>
! 30: #include "sendf.h"
! 31: #include "http.h"
! 32: #include "url.h"
! 33: #include "select.h"
! 34: #include "progress.h"
! 35: #include "non-ascii.h"
! 36: #include "connect.h"
! 37: #include "curlx.h"
! 38: #include "vtls/vtls.h"
! 39:
! 40: /* The last 3 #include files should be in this order */
! 41: #include "curl_printf.h"
! 42: #include "curl_memory.h"
! 43: #include "memdebug.h"
! 44:
! 45: /*
! 46: * Perform SSL initialization for HTTPS proxy. Sets
! 47: * proxy_ssl_connected connection bit when complete. Can be
! 48: * called multiple times.
! 49: */
! 50: static CURLcode https_proxy_connect(struct connectdata *conn, int sockindex)
! 51: {
! 52: #ifdef USE_SSL
! 53: CURLcode result = CURLE_OK;
! 54: DEBUGASSERT(conn->http_proxy.proxytype == CURLPROXY_HTTPS);
! 55: if(!conn->bits.proxy_ssl_connected[sockindex]) {
! 56: /* perform SSL initialization for this socket */
! 57: result =
! 58: Curl_ssl_connect_nonblocking(conn, sockindex,
! 59: &conn->bits.proxy_ssl_connected[sockindex]);
! 60: if(result)
! 61: /* a failed connection is marked for closure to prevent (bad) re-use or
! 62: similar */
! 63: connclose(conn, "TLS handshake failed");
! 64: }
! 65: return result;
! 66: #else
! 67: (void) conn;
! 68: (void) sockindex;
! 69: return CURLE_NOT_BUILT_IN;
! 70: #endif
! 71: }
! 72:
! 73: CURLcode Curl_proxy_connect(struct connectdata *conn, int sockindex)
! 74: {
! 75: if(conn->http_proxy.proxytype == CURLPROXY_HTTPS) {
! 76: const CURLcode result = https_proxy_connect(conn, sockindex);
! 77: if(result)
! 78: return result;
! 79: if(!conn->bits.proxy_ssl_connected[sockindex])
! 80: return result; /* wait for HTTPS proxy SSL initialization to complete */
! 81: }
! 82:
! 83: if(conn->bits.tunnel_proxy && conn->bits.httpproxy) {
! 84: #ifndef CURL_DISABLE_PROXY
! 85: /* for [protocol] tunneled through HTTP proxy */
! 86: struct HTTP http_proxy;
! 87: void *prot_save;
! 88: const char *hostname;
! 89: int remote_port;
! 90: CURLcode result;
! 91:
! 92: /* BLOCKING */
! 93: /* We want "seamless" operations through HTTP proxy tunnel */
! 94:
! 95: /* Curl_proxyCONNECT is based on a pointer to a struct HTTP at the
! 96: * member conn->proto.http; we want [protocol] through HTTP and we have
! 97: * to change the member temporarily for connecting to the HTTP
! 98: * proxy. After Curl_proxyCONNECT we have to set back the member to the
! 99: * original pointer
! 100: *
! 101: * This function might be called several times in the multi interface case
! 102: * if the proxy's CONNECT response is not instant.
! 103: */
! 104: prot_save = conn->data->req.protop;
! 105: memset(&http_proxy, 0, sizeof(http_proxy));
! 106: conn->data->req.protop = &http_proxy;
! 107: connkeep(conn, "HTTP proxy CONNECT");
! 108:
! 109: /* for the secondary socket (FTP), use the "connect to host"
! 110: * but ignore the "connect to port" (use the secondary port)
! 111: */
! 112:
! 113: if(conn->bits.conn_to_host)
! 114: hostname = conn->conn_to_host.name;
! 115: else if(sockindex == SECONDARYSOCKET)
! 116: hostname = conn->secondaryhostname;
! 117: else
! 118: hostname = conn->host.name;
! 119:
! 120: if(sockindex == SECONDARYSOCKET)
! 121: remote_port = conn->secondary_port;
! 122: else if(conn->bits.conn_to_port)
! 123: remote_port = conn->conn_to_port;
! 124: else
! 125: remote_port = conn->remote_port;
! 126: result = Curl_proxyCONNECT(conn, sockindex, hostname, remote_port);
! 127: conn->data->req.protop = prot_save;
! 128: if(CURLE_OK != result)
! 129: return result;
! 130: Curl_safefree(conn->allocptr.proxyuserpwd);
! 131: #else
! 132: return CURLE_NOT_BUILT_IN;
! 133: #endif
! 134: }
! 135: /* no HTTP tunnel proxy, just return */
! 136: return CURLE_OK;
! 137: }
! 138:
! 139: bool Curl_connect_complete(struct connectdata *conn)
! 140: {
! 141: return !conn->connect_state ||
! 142: (conn->connect_state->tunnel_state == TUNNEL_COMPLETE);
! 143: }
! 144:
! 145: bool Curl_connect_ongoing(struct connectdata *conn)
! 146: {
! 147: return conn->connect_state &&
! 148: (conn->connect_state->tunnel_state != TUNNEL_COMPLETE);
! 149: }
! 150:
! 151: static CURLcode connect_init(struct connectdata *conn, bool reinit)
! 152: {
! 153: struct http_connect_state *s;
! 154: if(!reinit) {
! 155: DEBUGASSERT(!conn->connect_state);
! 156: s = calloc(1, sizeof(struct http_connect_state));
! 157: if(!s)
! 158: return CURLE_OUT_OF_MEMORY;
! 159: infof(conn->data, "allocate connect buffer!\n");
! 160: conn->connect_state = s;
! 161: }
! 162: else {
! 163: DEBUGASSERT(conn->connect_state);
! 164: s = conn->connect_state;
! 165: }
! 166: s->tunnel_state = TUNNEL_INIT;
! 167: s->keepon = TRUE;
! 168: s->line_start = s->connect_buffer;
! 169: s->ptr = s->line_start;
! 170: s->cl = 0;
! 171: s->close_connection = FALSE;
! 172: return CURLE_OK;
! 173: }
! 174:
! 175: static void connect_done(struct connectdata *conn)
! 176: {
! 177: struct http_connect_state *s = conn->connect_state;
! 178: s->tunnel_state = TUNNEL_COMPLETE;
! 179: infof(conn->data, "CONNECT phase completed!\n");
! 180: }
! 181:
! 182: static CURLcode CONNECT(struct connectdata *conn,
! 183: int sockindex,
! 184: const char *hostname,
! 185: int remote_port)
! 186: {
! 187: int subversion = 0;
! 188: struct Curl_easy *data = conn->data;
! 189: struct SingleRequest *k = &data->req;
! 190: CURLcode result;
! 191: curl_socket_t tunnelsocket = conn->sock[sockindex];
! 192: struct http_connect_state *s = conn->connect_state;
! 193:
! 194: #define SELECT_OK 0
! 195: #define SELECT_ERROR 1
! 196:
! 197: if(Curl_connect_complete(conn))
! 198: return CURLE_OK; /* CONNECT is already completed */
! 199:
! 200: conn->bits.proxy_connect_closed = FALSE;
! 201:
! 202: do {
! 203: timediff_t check;
! 204: if(TUNNEL_INIT == s->tunnel_state) {
! 205: /* BEGIN CONNECT PHASE */
! 206: char *host_port;
! 207: Curl_send_buffer *req_buffer;
! 208:
! 209: infof(data, "Establish HTTP proxy tunnel to %s:%d\n",
! 210: hostname, remote_port);
! 211:
! 212: /* This only happens if we've looped here due to authentication
! 213: reasons, and we don't really use the newly cloned URL here
! 214: then. Just free() it. */
! 215: free(data->req.newurl);
! 216: data->req.newurl = NULL;
! 217:
! 218: /* initialize a dynamic send-buffer */
! 219: req_buffer = Curl_add_buffer_init();
! 220:
! 221: if(!req_buffer)
! 222: return CURLE_OUT_OF_MEMORY;
! 223:
! 224: host_port = aprintf("%s:%d", hostname, remote_port);
! 225: if(!host_port) {
! 226: Curl_add_buffer_free(&req_buffer);
! 227: return CURLE_OUT_OF_MEMORY;
! 228: }
! 229:
! 230: /* Setup the proxy-authorization header, if any */
! 231: result = Curl_http_output_auth(conn, "CONNECT", host_port, TRUE);
! 232:
! 233: free(host_port);
! 234:
! 235: if(!result) {
! 236: char *host = NULL;
! 237: const char *proxyconn = "";
! 238: const char *useragent = "";
! 239: const char *http = (conn->http_proxy.proxytype == CURLPROXY_HTTP_1_0) ?
! 240: "1.0" : "1.1";
! 241: bool ipv6_ip = conn->bits.ipv6_ip;
! 242: char *hostheader;
! 243:
! 244: /* the hostname may be different */
! 245: if(hostname != conn->host.name)
! 246: ipv6_ip = (strchr(hostname, ':') != NULL);
! 247: hostheader = /* host:port with IPv6 support */
! 248: aprintf("%s%s%s:%d", ipv6_ip?"[":"", hostname, ipv6_ip?"]":"",
! 249: remote_port);
! 250: if(!hostheader) {
! 251: Curl_add_buffer_free(&req_buffer);
! 252: return CURLE_OUT_OF_MEMORY;
! 253: }
! 254:
! 255: if(!Curl_checkProxyheaders(conn, "Host")) {
! 256: host = aprintf("Host: %s\r\n", hostheader);
! 257: if(!host) {
! 258: free(hostheader);
! 259: Curl_add_buffer_free(&req_buffer);
! 260: return CURLE_OUT_OF_MEMORY;
! 261: }
! 262: }
! 263: if(!Curl_checkProxyheaders(conn, "Proxy-Connection"))
! 264: proxyconn = "Proxy-Connection: Keep-Alive\r\n";
! 265:
! 266: if(!Curl_checkProxyheaders(conn, "User-Agent") &&
! 267: data->set.str[STRING_USERAGENT])
! 268: useragent = conn->allocptr.uagent;
! 269:
! 270: result =
! 271: Curl_add_bufferf(&req_buffer,
! 272: "CONNECT %s HTTP/%s\r\n"
! 273: "%s" /* Host: */
! 274: "%s" /* Proxy-Authorization */
! 275: "%s" /* User-Agent */
! 276: "%s", /* Proxy-Connection */
! 277: hostheader,
! 278: http,
! 279: host?host:"",
! 280: conn->allocptr.proxyuserpwd?
! 281: conn->allocptr.proxyuserpwd:"",
! 282: useragent,
! 283: proxyconn);
! 284:
! 285: if(host)
! 286: free(host);
! 287: free(hostheader);
! 288:
! 289: if(!result)
! 290: result = Curl_add_custom_headers(conn, TRUE, req_buffer);
! 291:
! 292: if(!result)
! 293: /* CRLF terminate the request */
! 294: result = Curl_add_bufferf(&req_buffer, "\r\n");
! 295:
! 296: if(!result) {
! 297: /* Send the connect request to the proxy */
! 298: /* BLOCKING */
! 299: result =
! 300: Curl_add_buffer_send(&req_buffer, conn,
! 301: &data->info.request_size, 0, sockindex);
! 302: }
! 303: req_buffer = NULL;
! 304: if(result)
! 305: failf(data, "Failed sending CONNECT to proxy");
! 306: }
! 307:
! 308: Curl_add_buffer_free(&req_buffer);
! 309: if(result)
! 310: return result;
! 311:
! 312: s->tunnel_state = TUNNEL_CONNECT;
! 313: s->perline = 0;
! 314: } /* END CONNECT PHASE */
! 315:
! 316: check = Curl_timeleft(data, NULL, TRUE);
! 317: if(check <= 0) {
! 318: failf(data, "Proxy CONNECT aborted due to timeout");
! 319: return CURLE_OPERATION_TIMEDOUT;
! 320: }
! 321:
! 322: if(!Curl_conn_data_pending(conn, sockindex))
! 323: /* return so we'll be called again polling-style */
! 324: return CURLE_OK;
! 325:
! 326: /* at this point, the tunnel_connecting phase is over. */
! 327:
! 328: { /* READING RESPONSE PHASE */
! 329: int error = SELECT_OK;
! 330:
! 331: while(s->keepon) {
! 332: ssize_t gotbytes;
! 333:
! 334: /* make sure we have space to read more data */
! 335: if(s->ptr >= &s->connect_buffer[CONNECT_BUFFER_SIZE]) {
! 336: failf(data, "CONNECT response too large!");
! 337: return CURLE_RECV_ERROR;
! 338: }
! 339:
! 340: /* Read one byte at a time to avoid a race condition. Wait at most one
! 341: second before looping to ensure continuous pgrsUpdates. */
! 342: result = Curl_read(conn, tunnelsocket, s->ptr, 1, &gotbytes);
! 343: if(result == CURLE_AGAIN)
! 344: /* socket buffer drained, return */
! 345: return CURLE_OK;
! 346:
! 347: if(Curl_pgrsUpdate(conn))
! 348: return CURLE_ABORTED_BY_CALLBACK;
! 349:
! 350: if(result) {
! 351: s->keepon = FALSE;
! 352: break;
! 353: }
! 354: else if(gotbytes <= 0) {
! 355: if(data->set.proxyauth && data->state.authproxy.avail) {
! 356: /* proxy auth was requested and there was proxy auth available,
! 357: then deem this as "mere" proxy disconnect */
! 358: conn->bits.proxy_connect_closed = TRUE;
! 359: infof(data, "Proxy CONNECT connection closed\n");
! 360: }
! 361: else {
! 362: error = SELECT_ERROR;
! 363: failf(data, "Proxy CONNECT aborted");
! 364: }
! 365: s->keepon = FALSE;
! 366: break;
! 367: }
! 368:
! 369:
! 370: if(s->keepon > TRUE) {
! 371: /* This means we are currently ignoring a response-body */
! 372:
! 373: s->ptr = s->connect_buffer;
! 374: if(s->cl) {
! 375: /* A Content-Length based body: simply count down the counter
! 376: and make sure to break out of the loop when we're done! */
! 377: s->cl--;
! 378: if(s->cl <= 0) {
! 379: s->keepon = FALSE;
! 380: s->tunnel_state = TUNNEL_COMPLETE;
! 381: break;
! 382: }
! 383: }
! 384: else {
! 385: /* chunked-encoded body, so we need to do the chunked dance
! 386: properly to know when the end of the body is reached */
! 387: CHUNKcode r;
! 388: CURLcode extra;
! 389: ssize_t tookcareof = 0;
! 390:
! 391: /* now parse the chunked piece of data so that we can
! 392: properly tell when the stream ends */
! 393: r = Curl_httpchunk_read(conn, s->ptr, 1, &tookcareof, &extra);
! 394: if(r == CHUNKE_STOP) {
! 395: /* we're done reading chunks! */
! 396: infof(data, "chunk reading DONE\n");
! 397: s->keepon = FALSE;
! 398: /* we did the full CONNECT treatment, go COMPLETE */
! 399: s->tunnel_state = TUNNEL_COMPLETE;
! 400: }
! 401: }
! 402: continue;
! 403: }
! 404:
! 405: s->perline++; /* amount of bytes in this line so far */
! 406:
! 407: /* if this is not the end of a header line then continue */
! 408: if(*s->ptr != 0x0a) {
! 409: s->ptr++;
! 410: continue;
! 411: }
! 412:
! 413: /* convert from the network encoding */
! 414: result = Curl_convert_from_network(data, s->line_start,
! 415: (size_t)s->perline);
! 416: /* Curl_convert_from_network calls failf if unsuccessful */
! 417: if(result)
! 418: return result;
! 419:
! 420: /* output debug if that is requested */
! 421: if(data->set.verbose)
! 422: Curl_debug(data, CURLINFO_HEADER_IN,
! 423: s->line_start, (size_t)s->perline);
! 424:
! 425: if(!data->set.suppress_connect_headers) {
! 426: /* send the header to the callback */
! 427: int writetype = CLIENTWRITE_HEADER;
! 428: if(data->set.include_header)
! 429: writetype |= CLIENTWRITE_BODY;
! 430:
! 431: result = Curl_client_write(conn, writetype,
! 432: s->line_start, s->perline);
! 433: if(result)
! 434: return result;
! 435: }
! 436:
! 437: data->info.header_size += (long)s->perline;
! 438: data->req.headerbytecount += (long)s->perline;
! 439:
! 440: /* Newlines are CRLF, so the CR is ignored as the line isn't
! 441: really terminated until the LF comes. Treat a following CR
! 442: as end-of-headers as well.*/
! 443:
! 444: if(('\r' == s->line_start[0]) ||
! 445: ('\n' == s->line_start[0])) {
! 446: /* end of response-headers from the proxy */
! 447: s->ptr = s->connect_buffer;
! 448: if((407 == k->httpcode) && !data->state.authproblem) {
! 449: /* If we get a 407 response code with content length
! 450: when we have no auth problem, we must ignore the
! 451: whole response-body */
! 452: s->keepon = 2;
! 453:
! 454: if(s->cl) {
! 455: infof(data, "Ignore %" CURL_FORMAT_CURL_OFF_T
! 456: " bytes of response-body\n", s->cl);
! 457: }
! 458: else if(s->chunked_encoding) {
! 459: CHUNKcode r;
! 460: CURLcode extra;
! 461:
! 462: infof(data, "Ignore chunked response-body\n");
! 463:
! 464: /* We set ignorebody true here since the chunked
! 465: decoder function will acknowledge that. Pay
! 466: attention so that this is cleared again when this
! 467: function returns! */
! 468: k->ignorebody = TRUE;
! 469:
! 470: if(s->line_start[1] == '\n') {
! 471: /* this can only be a LF if the letter at index 0
! 472: was a CR */
! 473: s->line_start++;
! 474: }
! 475:
! 476: /* now parse the chunked piece of data so that we can
! 477: properly tell when the stream ends */
! 478: r = Curl_httpchunk_read(conn, s->line_start + 1, 1, &gotbytes,
! 479: &extra);
! 480: if(r == CHUNKE_STOP) {
! 481: /* we're done reading chunks! */
! 482: infof(data, "chunk reading DONE\n");
! 483: s->keepon = FALSE;
! 484: /* we did the full CONNECT treatment, go to COMPLETE */
! 485: s->tunnel_state = TUNNEL_COMPLETE;
! 486: }
! 487: }
! 488: else {
! 489: /* without content-length or chunked encoding, we
! 490: can't keep the connection alive since the close is
! 491: the end signal so we bail out at once instead */
! 492: s->keepon = FALSE;
! 493: }
! 494: }
! 495: else
! 496: s->keepon = FALSE;
! 497: if(!s->cl)
! 498: /* we did the full CONNECT treatment, go to COMPLETE */
! 499: s->tunnel_state = TUNNEL_COMPLETE;
! 500: continue;
! 501: }
! 502:
! 503: s->line_start[s->perline] = 0; /* zero terminate the buffer */
! 504: if((checkprefix("WWW-Authenticate:", s->line_start) &&
! 505: (401 == k->httpcode)) ||
! 506: (checkprefix("Proxy-authenticate:", s->line_start) &&
! 507: (407 == k->httpcode))) {
! 508:
! 509: bool proxy = (k->httpcode == 407) ? TRUE : FALSE;
! 510: char *auth = Curl_copy_header_value(s->line_start);
! 511: if(!auth)
! 512: return CURLE_OUT_OF_MEMORY;
! 513:
! 514: result = Curl_http_input_auth(conn, proxy, auth);
! 515:
! 516: free(auth);
! 517:
! 518: if(result)
! 519: return result;
! 520: }
! 521: else if(checkprefix("Content-Length:", s->line_start)) {
! 522: if(k->httpcode/100 == 2) {
! 523: /* A client MUST ignore any Content-Length or Transfer-Encoding
! 524: header fields received in a successful response to CONNECT.
! 525: "Successful" described as: 2xx (Successful). RFC 7231 4.3.6 */
! 526: infof(data, "Ignoring Content-Length in CONNECT %03d response\n",
! 527: k->httpcode);
! 528: }
! 529: else {
! 530: (void)curlx_strtoofft(s->line_start +
! 531: strlen("Content-Length:"), NULL, 10, &s->cl);
! 532: }
! 533: }
! 534: else if(Curl_compareheader(s->line_start, "Connection:", "close"))
! 535: s->close_connection = TRUE;
! 536: else if(checkprefix("Transfer-Encoding:", s->line_start)) {
! 537: if(k->httpcode/100 == 2) {
! 538: /* A client MUST ignore any Content-Length or Transfer-Encoding
! 539: header fields received in a successful response to CONNECT.
! 540: "Successful" described as: 2xx (Successful). RFC 7231 4.3.6 */
! 541: infof(data, "Ignoring Transfer-Encoding in "
! 542: "CONNECT %03d response\n", k->httpcode);
! 543: }
! 544: else if(Curl_compareheader(s->line_start,
! 545: "Transfer-Encoding:", "chunked")) {
! 546: infof(data, "CONNECT responded chunked\n");
! 547: s->chunked_encoding = TRUE;
! 548: /* init our chunky engine */
! 549: Curl_httpchunk_init(conn);
! 550: }
! 551: }
! 552: else if(Curl_compareheader(s->line_start,
! 553: "Proxy-Connection:", "close"))
! 554: s->close_connection = TRUE;
! 555: else if(2 == sscanf(s->line_start, "HTTP/1.%d %d",
! 556: &subversion,
! 557: &k->httpcode)) {
! 558: /* store the HTTP code from the proxy */
! 559: data->info.httpproxycode = k->httpcode;
! 560: }
! 561:
! 562: s->perline = 0; /* line starts over here */
! 563: s->ptr = s->connect_buffer;
! 564: s->line_start = s->ptr;
! 565: } /* while there's buffer left and loop is requested */
! 566:
! 567: if(Curl_pgrsUpdate(conn))
! 568: return CURLE_ABORTED_BY_CALLBACK;
! 569:
! 570: if(error)
! 571: return CURLE_RECV_ERROR;
! 572:
! 573: if(data->info.httpproxycode/100 != 2) {
! 574: /* Deal with the possibly already received authenticate
! 575: headers. 'newurl' is set to a new URL if we must loop. */
! 576: result = Curl_http_auth_act(conn);
! 577: if(result)
! 578: return result;
! 579:
! 580: if(conn->bits.close)
! 581: /* the connection has been marked for closure, most likely in the
! 582: Curl_http_auth_act() function and thus we can kill it at once
! 583: below */
! 584: s->close_connection = TRUE;
! 585: }
! 586:
! 587: if(s->close_connection && data->req.newurl) {
! 588: /* Connection closed by server. Don't use it anymore */
! 589: Curl_closesocket(conn, conn->sock[sockindex]);
! 590: conn->sock[sockindex] = CURL_SOCKET_BAD;
! 591: break;
! 592: }
! 593: } /* END READING RESPONSE PHASE */
! 594:
! 595: /* If we are supposed to continue and request a new URL, which basically
! 596: * means the HTTP authentication is still going on so if the tunnel
! 597: * is complete we start over in INIT state */
! 598: if(data->req.newurl && (TUNNEL_COMPLETE == s->tunnel_state)) {
! 599: connect_init(conn, TRUE); /* reinit */
! 600: }
! 601:
! 602: } while(data->req.newurl);
! 603:
! 604: if(data->info.httpproxycode/100 != 2) {
! 605: if(s->close_connection && data->req.newurl) {
! 606: conn->bits.proxy_connect_closed = TRUE;
! 607: infof(data, "Connect me again please\n");
! 608: connect_done(conn);
! 609: }
! 610: else {
! 611: free(data->req.newurl);
! 612: data->req.newurl = NULL;
! 613: /* failure, close this connection to avoid re-use */
! 614: streamclose(conn, "proxy CONNECT failure");
! 615: Curl_closesocket(conn, conn->sock[sockindex]);
! 616: conn->sock[sockindex] = CURL_SOCKET_BAD;
! 617: }
! 618:
! 619: /* to back to init state */
! 620: s->tunnel_state = TUNNEL_INIT;
! 621:
! 622: if(conn->bits.proxy_connect_closed)
! 623: /* this is not an error, just part of the connection negotiation */
! 624: return CURLE_OK;
! 625: failf(data, "Received HTTP code %d from proxy after CONNECT",
! 626: data->req.httpcode);
! 627: return CURLE_RECV_ERROR;
! 628: }
! 629:
! 630: s->tunnel_state = TUNNEL_COMPLETE;
! 631:
! 632: /* If a proxy-authorization header was used for the proxy, then we should
! 633: make sure that it isn't accidentally used for the document request
! 634: after we've connected. So let's free and clear it here. */
! 635: Curl_safefree(conn->allocptr.proxyuserpwd);
! 636: conn->allocptr.proxyuserpwd = NULL;
! 637:
! 638: data->state.authproxy.done = TRUE;
! 639: data->state.authproxy.multipass = FALSE;
! 640:
! 641: infof(data, "Proxy replied %d to CONNECT request\n",
! 642: data->info.httpproxycode);
! 643: data->req.ignorebody = FALSE; /* put it (back) to non-ignore state */
! 644: conn->bits.rewindaftersend = FALSE; /* make sure this isn't set for the
! 645: document request */
! 646: return CURLE_OK;
! 647: }
! 648:
! 649: void Curl_connect_free(struct Curl_easy *data)
! 650: {
! 651: struct connectdata *conn = data->conn;
! 652: struct http_connect_state *s = conn->connect_state;
! 653: if(s) {
! 654: free(s);
! 655: conn->connect_state = NULL;
! 656: }
! 657: }
! 658:
! 659: /*
! 660: * Curl_proxyCONNECT() requires that we're connected to a HTTP proxy. This
! 661: * function will issue the necessary commands to get a seamless tunnel through
! 662: * this proxy. After that, the socket can be used just as a normal socket.
! 663: */
! 664:
! 665: CURLcode Curl_proxyCONNECT(struct connectdata *conn,
! 666: int sockindex,
! 667: const char *hostname,
! 668: int remote_port)
! 669: {
! 670: CURLcode result;
! 671: if(!conn->connect_state) {
! 672: result = connect_init(conn, FALSE);
! 673: if(result)
! 674: return result;
! 675: }
! 676: result = CONNECT(conn, sockindex, hostname, remote_port);
! 677:
! 678: if(result || Curl_connect_complete(conn))
! 679: connect_done(conn);
! 680:
! 681: return result;
! 682: }
! 683:
! 684: #else
! 685: void Curl_connect_free(struct Curl_easy *data)
! 686: {
! 687: (void)data;
! 688: }
! 689:
! 690: #endif /* CURL_DISABLE_PROXY */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to http_proxy.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / curl / lib