Commit 81c348d6 authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont

Support HTTP/TLS tunnels through HTTP/1.1 proxies

(closes #136)
parent 2280a7d8
...@@ -871,28 +871,76 @@ static int Connect( access_t *p_access, int64_t i_tell ) ...@@ -871,28 +871,76 @@ static int Connect( access_t *p_access, int64_t i_tell )
} }
/* Initialize TLS/SSL session */ /* Initialize TLS/SSL session */
/* FIXME: support proxy CONNECT for HTTP/SSL */
if( p_sys->b_ssl == VLC_TRUE ) if( p_sys->b_ssl == VLC_TRUE )
{ {
/* CONNECT to establish TLS tunnel through HTTP proxy */
if( p_sys->b_proxy ) if( p_sys->b_proxy )
{ {
msg_Err( p_access, "HTTP/SSL through HTTP proxy not supported yet" ); char *psz;
unsigned i_status = 0;
if( p_sys->i_version == 0 )
{
/* CONNECT is not in HTTP/1.0 */
Disconnect( p_access );
return VLC_EGENERIC;
}
net_Printf( VLC_OBJECT(p_access), p_sys->fd, NULL,
"CONNECT %s:%d HTTP/1.%d\r\nHost: %s:%d\r\n\r\n",
p_sys->url.psz_host, p_sys->url.i_port,
p_sys->i_version,
p_sys->url.psz_host, p_sys->url.i_port);
psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, NULL );
if( psz == NULL )
{
msg_Err( p_access, "cannot establish HTTP/TLS tunnel" );
Disconnect( p_access );
return VLC_EGENERIC;
}
sscanf( psz, "HTTP/%*u.%*u %3u", &i_status );
free( psz );
if( ( i_status / 100 ) != 2 )
{
msg_Err( p_access, "HTTP/TLS tunnel through proxy denied" );
Disconnect( p_access );
return VLC_EGENERIC;
}
do
{
psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, NULL );
if( psz == NULL )
{
msg_Err( p_access, "HTTP proxy connection failed" );
Disconnect( p_access ); Disconnect( p_access );
return VLC_EGENERIC; return VLC_EGENERIC;
} }
if( *psz == '\0' )
i_status = 0;
free( psz );
}
while( i_status );
}
/* TLS/SSL handshake */
p_sys->p_tls = tls_ClientCreate( VLC_OBJECT(p_access), p_sys->fd, p_sys->p_tls = tls_ClientCreate( VLC_OBJECT(p_access), p_sys->fd,
srv.psz_host ); srv.psz_host );
if( p_sys->p_tls == NULL ) if( p_sys->p_tls == NULL )
{ {
msg_Err( p_access, "cannot establish HTTP/SSL session" ); msg_Err( p_access, "cannot establish HTTP/TLS session" );
Disconnect( p_access ); Disconnect( p_access );
return VLC_EGENERIC; return VLC_EGENERIC;
} }
p_sys->p_vs = &p_sys->p_tls->sock; p_sys->p_vs = &p_sys->p_tls->sock;
} }
return Request( p_access,i_tell ); return Request( p_access, i_tell );
} }
...@@ -904,6 +952,7 @@ static int Request( access_t *p_access, int64_t i_tell ) ...@@ -904,6 +952,7 @@ static int Request( access_t *p_access, int64_t i_tell )
if( p_sys->b_proxy ) if( p_sys->b_proxy )
{ {
/* FIXME: support SSL proxies */
if( p_sys->url.psz_path ) if( p_sys->url.psz_path )
{ {
net_Printf( VLC_OBJECT(p_access), p_sys->fd, NULL, net_Printf( VLC_OBJECT(p_access), p_sys->fd, NULL,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment