From 16e260e5621cde71a2a7baef681e5b658c2cc2b3 Mon Sep 17 00:00:00 2001
From: corvid <corvid@lavabit.com>
Date: Mon, 1 Jun 2009 01:29:42 +0000
Subject: proxy support for HTTPS

---
 src/IO/Url.h  |  2 ++
 src/IO/http.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 53 insertions(+)

(limited to 'src/IO')

diff --git a/src/IO/Url.h b/src/IO/Url.h
index d57e9251..f144bfad 100644
--- a/src/IO/Url.h
+++ b/src/IO/Url.h
@@ -16,6 +16,8 @@ extern void a_Http_freeall(void);
 int a_Http_init(void);
 int a_Http_proxy_auth(void);
 void a_Http_set_proxy_passwd(const char *str);
+char *a_Http_make_connect_str(const DilloUrl *url);
+const char *a_Http_get_proxy_urlstr();
 Dstr *a_Http_make_query_str(const DilloUrl *url, bool_t use_proxy);
 
 void a_Http_ccc (int Op, int Branch, int Dir, ChainLink *Info,
diff --git a/src/IO/http.c b/src/IO/http.c
index 55ba3502..ae87c8d0 100644
--- a/src/IO/http.c
+++ b/src/IO/http.c
@@ -16,6 +16,7 @@
 
 #include <config.h>
 
+#include <ctype.h>              /* isdigit */
 #include <unistd.h>
 #include <errno.h>              /* for errno */
 #include <stdlib.h>
@@ -414,6 +415,56 @@ static int Http_must_use_proxy(const DilloUrl *url)
    return ret;
 }
 
+/*
+ * Return a new string for the request used to tunnel HTTPS through a proxy.
+ * As of 2009, the best reference appears to be section 5 of RFC 2817.
+ */
+char *a_Http_make_connect_str(const DilloUrl *url)
+{
+   Dstr *dstr;
+   const char *auth1;
+   int auth_len;
+   char *auth2, *proxy_auth, *retstr;
+
+   dReturn_val_if_fail(Http_must_use_proxy(url), NULL);
+
+   dstr = dStr_new("");
+   auth1 = URL_AUTHORITY(url);
+   auth_len = strlen(auth1);
+   if (auth_len > 0 && !isdigit(auth1[auth_len - 1]))
+      /* if no port number, add HTTPS port */
+      auth2 = dStrconcat(auth1, ":443", NULL);
+   else
+      auth2 = dStrdup(auth1);
+   proxy_auth = HTTP_Proxy_Auth_base64 ?
+                   dStrconcat ("Proxy-Authorization: Basic ",
+                               HTTP_Proxy_Auth_base64, "\r\n", NULL) :
+                   dStrdup("");
+   dStr_sprintfa(
+      dstr,
+      "CONNECT %s HTTP/1.1\r\n"
+      "Host: %s\r\n"
+      "%s"
+      "\r\n",
+      auth2, 
+      auth2,
+      proxy_auth);
+
+   dFree(auth2);
+   dFree(proxy_auth);
+   retstr = dstr->str;
+   dStr_free(dstr, 0);
+   return retstr;
+}
+
+/*
+ * Return URL string of HTTP proxy, if any
+ */
+const char *a_Http_get_proxy_urlstr()
+{
+   return HTTP_Proxy ? URL_STR(HTTP_Proxy) : NULL;
+}
+
 /*
  * Callback function for the DNS resolver.
  * Continue connecting the socket, or abort upon error condition.
-- 
cgit v1.2.3