void HTTPS_Proxy::send_auth()
{
if (getAuth()){
string s = basic_auth(getUser(), getPassword());
bOut << "Proxy-Authorization: Basic ";
bOut << s.c_str();
bOut << "\r\n";
}
}
int begin_http_relay( SOCKET s )
{
char buf[1024];
int result;
char *auth_what;
g_debug("begin_http_relay()\n");
if (sendf(s,"CONNECT %s:%d HTTP/1.0\r\n", dest_host, dest_port) < 0)
return START_ERROR;
if (proxy_auth_type == PROXY_AUTH_BASIC && basic_auth (s) < 0)
return START_ERROR;
if (sendf(s,"\r\n") < 0)
return START_ERROR;
if ( line_input(s, buf, sizeof(buf)) < 0 ) {
g_debug("failed to read http response.\n");
return START_ERROR;
}
if (!strchr(buf, ' ')) {
g_error ("Unexpected http response: '%s'.\n", buf);
return START_ERROR;
}
result = atoi(strchr(buf,' '));
switch ( result ) {
case 200:
g_debug("connected, start user session.\n");
break;
case 302:
do {
if (line_input(s, buf, sizeof(buf)))
break;
downcase(buf);
if (expect(buf, "Location: ")) {
relay_host = cut_token(buf, "//");
cut_token(buf, "/");
relay_port = atoi(cut_token(buf, ":"));
}
} while (strcmp(buf,"\r\n") != 0);
return START_RETRY;
case 401:
case 407:
/*TODO - authentication*/
if (proxy_auth_type != PROXY_AUTH_NONE) {
g_error("Authentication failed.\n");
return START_ERROR;
}
auth_what = (result == 401) ? "WWW-Authenticate:" : "Proxy-Authenticate:";
do {
if ( line_input(s, buf, sizeof(buf)) ) {
break;
}
downcase(buf);
if (expect(buf, auth_what)) {
char *scheme, *realm;
scheme = cut_token(buf, " ");
realm = cut_token(scheme, " ");
if ( scheme == NULL || realm == NULL ) {
g_debug("Invalid format of %s field.", auth_what);
return START_ERROR;
}
if (expect(scheme, "basic")) {
proxy_auth_type = PROXY_AUTH_BASIC;
} else {
g_debug("Unsupported authentication type: %s", scheme);
}
}
} while (strcmp(buf,"\r\n") != 0);
if ( proxy_auth_type == PROXY_AUTH_NONE ) {
g_debug("Can't find %s in response header.", auth_what);
return START_ERROR;
} else {
return START_RETRY;
}
default:
g_debug("http proxy is not allowed.\n");
return START_ERROR;
}
do {
if ( line_input(s, buf, sizeof(buf) ) ) {
g_debug("Can't skip response headers\n");
return START_ERROR;
}
} while ( strcmp(buf,"\r\n") != 0 );
return START_OK;
}
void FetchClient::connect_ready()
{
#ifdef USE_OPENSSL
if ((m_state == None) & m_bHTTPS){
m_socket->setRaw(true);
m_socket->readBuffer.init(0);
HTTPSClient *https = new HTTPSClient(m_socket->socket());
if (!https->init()){
m_socket->error_state("Can't initialize HTTPS");
return;
}
m_state = SSLConnect;
m_socket->setSocket(https);
https->connect();
https->process();
return;
}
#endif
log(L_DEBUG, "HTTP connect ready");
m_socket->setRaw(true);
m_socket->writeBuffer.packetStart();
string proto;
string host;
string user;
string pass;
string uri;
string extra;
unsigned short port;
crackUrl(m_uri.c_str(), proto, host, port, user, pass, uri, extra);
if (!extra.empty()){
uri += "?";
uri += extra;
}
m_socket->writeBuffer
<< (m_post ? "POST " : "GET ")
<< uri.c_str()
<< " HTTP/1.0\r\n";
if (!findHeader("Host"))
m_socket->writeBuffer
<< "Host: "
<< host.c_str()
<< "\r\n";
if (!findHeader("User-Agent"))
m_socket->writeBuffer
<< "User-Agent: " PACKAGE "/" VERSION "\r\n";
if (!findHeader("Authorization") && !user.empty())
m_socket->writeBuffer
<< "Authorization: basic "
<< basic_auth(user.c_str(), pass.c_str()).c_str()
<< "\r\n";
if (m_post){
if (!findHeader("Content-Length"))
m_socket->writeBuffer
<< "Content-Length: "
<< number(m_post->size()).c_str()
<< "\r\n";
}
for (HEADERS_MAP::iterator it = m_hOut.begin(); it != m_hOut.end(); ++it){
m_socket->writeBuffer
<< (*it).first.c_str()
<< ": "
<< (*it).second.c_str()
<< "\r\n";
}
m_socket->writeBuffer
<< "\r\n";
if (m_post)
m_socket->writeBuffer.pack(m_post->data(), m_post->size());
log_packet(m_socket->writeBuffer, true, HTTPPacket);
m_socket->write();
m_socket->readBuffer.init(0);
m_socket->readBuffer.packetStart();
}
