Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
V
vlc
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Redmine
Redmine
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Metrics
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
videolan
vlc
Commits
89119e54
Commit
89119e54
authored
Jan 13, 2016
by
Rémi Denis-Courmont
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
https: add support for HTTPS proxies
parent
16847983
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
65 additions
and
38 deletions
+65
-38
modules/access/http/tunnel.c
modules/access/http/tunnel.c
+65
-38
No files found.
modules/access/http/tunnel.c
View file @
89119e54
...
...
@@ -82,23 +82,43 @@ static struct vlc_http_msg *vlc_http_tunnel_open(struct vlc_http_conn *conn,
}
return
resp
;
}
/* So far, this will only work with HTTP 1.1 over plain TCP as the TLS protocol
* module can only use a socket file descriptor as I/O back-end. Consequently
* neither TLS over TLS nor TLS over HTTP/2 framing are possible. */
#define TLS_OVER_TLS 0
#if !TLS_OVER_TLS
static
int
vlc_http_tls_shutdown_ignore
(
vlc_tls_t
*
session
,
bool
duplex
)
static
int
vlc_tls_ProxyGetFD
(
vlc_tls_t
*
tls
)
{
(
void
)
session
;
(
void
)
duplex
;
return
0
;
struct
vlc_tls
*
sock
=
tls
->
sys
;
return
vlc_tls_GetFD
(
sock
);
}
static
void
vlc_http_tls_close_ignore
(
vlc_tls_t
*
session
)
static
ssize_t
vlc_tls_ProxyRead
(
vlc_tls_t
*
tls
,
struct
iovec
*
iov
,
unsigned
count
)
{
(
void
)
session
;
struct
vlc_tls
*
sock
=
tls
->
sys
;
return
sock
->
readv
(
sock
,
iov
,
count
);
}
static
ssize_t
vlc_tls_ProxyWrite
(
vlc_tls_t
*
tls
,
const
struct
iovec
*
iov
,
unsigned
count
)
{
struct
vlc_tls
*
sock
=
tls
->
sys
;
return
sock
->
writev
(
sock
,
iov
,
count
);
}
static
int
vlc_tls_ProxyShutdown
(
vlc_tls_t
*
tls
,
bool
duplex
)
{
struct
vlc_tls
*
sock
=
tls
->
sys
;
return
vlc_tls_Shutdown
(
sock
,
duplex
);
}
static
void
vlc_tls_ProxyClose
(
vlc_tls_t
*
tls
)
{
struct
vlc_http_msg
*
msg
=
tls
->
p
;
vlc_http_msg_destroy
(
msg
);
/* <- sock is destroyed there too */
}
#endif
vlc_tls_t
*
vlc_https_connect_proxy
(
vlc_tls_creds_t
*
creds
,
const
char
*
hostname
,
unsigned
port
,
...
...
@@ -122,29 +142,29 @@ vlc_tls_t *vlc_https_connect_proxy(vlc_tls_creds_t *creds,
return
NULL
;
}
vlc_tls_t
*
s
ession
=
NULL
;
vlc_tls_t
*
s
ock
=
NULL
;
bool
ptwo
=
false
;
#if TLS_OVER_TLS
if
(
!
strcasecmp
(
url
.
psz_protocol
,
"https"
))
s
ession
=
vlc_https_connect
(
creds
,
url
.
psz_host
,
url
.
i_port
,
&
ptwo
);
s
ock
=
vlc_https_connect
(
creds
,
url
.
psz_host
,
url
.
i_port
,
&
ptwo
);
else
#endif
if
(
!
strcasecmp
(
url
.
psz_protocol
,
"http"
))
s
ession
=
vlc_http_connect
(
creds
?
creds
->
p_parent
:
NULL
,
url
.
psz_host
,
url
.
i_port
);
s
ock
=
vlc_http_connect
(
creds
?
creds
->
p_parent
:
NULL
,
url
.
psz_host
,
url
.
i_port
);
else
s
ession
=
NULL
;
s
ock
=
NULL
;
vlc_UrlClean
(
&
url
);
if
(
s
ession
==
NULL
)
if
(
s
ock
==
NULL
)
return
NULL
;
struct
vlc_http_conn
*
conn
=
ptwo
?
vlc_h2_conn_create
(
session
)
:
vlc_h1_conn_create
(
session
,
false
);
assert
(
!
ptwo
);
/* HTTP/2 proxy not supported yet */
struct
vlc_http_conn
*
conn
=
/*ptwo ? vlc_h2_conn_create(sock)
:*/
vlc_h1_conn_create
(
sock
,
false
);
if
(
unlikely
(
conn
==
NULL
))
{
vlc_tls_Close
(
s
ession
);
vlc_tls_Close
(
s
ock
);
return
NULL
;
}
...
...
@@ -156,28 +176,35 @@ vlc_tls_t *vlc_https_connect_proxy(vlc_tls_creds_t *creds,
if
(
resp
==
NULL
)
return
NULL
;
struct
vlc_tls
*
psock
=
malloc
(
sizeof
(
*
proxy
));
if
(
unlikely
(
psock
==
NULL
))
{
vlc_http_msg_destroy
(
resp
);
/* <- sock is destroyed there too */
return
NULL
;
}
psock
->
obj
=
VLC_OBJECT
(
creds
);
psock
->
sys
=
sock
;
psock
->
get_fd
=
vlc_tls_ProxyGetFD
;
psock
->
readv
=
vlc_tls_ProxyRead
;
psock
->
writev
=
vlc_tls_ProxyWrite
;
psock
->
shutdown
=
vlc_tls_ProxyShutdown
;
psock
->
close
=
vlc_tls_ProxyClose
;
psock
->
p
=
resp
;
vlc_tls_t
*
tls
;
const
char
*
alpn
[]
=
{
"h2"
,
"http/1.1"
,
NULL
};
char
*
alp
;
#if TLS_OVER_TLS
# error ENOSYS
/* TODO: create a vlc_tls_t * from a struct vlc_http_msg *. */
#else
int
fd
=
vlc_tls_GetFD
(
session
);
session
->
shutdown
=
vlc_http_tls_shutdown_ignore
;
session
->
close
=
vlc_http_tls_close_ignore
;
vlc_http_msg_destroy
(
resp
);
/* <- session is destroyed here */
session
=
vlc_tls_ClientSessionCreateFD
(
creds
,
fd
,
hostname
,
"https"
,
alpn
+
!*
two
,
&
alp
);
#endif
if
(
session
==
NULL
)
tls
=
vlc_tls_ClientSessionCreate
(
creds
,
psock
,
hostname
,
"https"
,
alpn
+
!*
two
,
&
alp
);
if
(
tls
==
NULL
)
{
net_Close
(
fd
);
vlc_tls_Close
(
psock
);
return
NULL
;
}
*
two
=
(
alp
!=
NULL
)
&&
!
strcmp
(
alp
,
"h2"
);
free
(
alp
);
return
session
;
return
tls
;
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
