From 64207dad49f1c803d2b004ccf8fc6432789a8cc2 Mon Sep 17 00:00:00 2001 From: Julian Andres Klode Date: Fri, 30 Jun 2017 13:24:04 +0200 Subject: http: Add support for CONNECT proxying to HTTPS locations Proxying HTTPS traffic requires the proxy providing the CONNECT method. This implements the client side of it, although it is a bit hacky. HTTP connect is a normal HTTP CONNECT request, followed by a normal HTTP response, just that the body of the response is the TCP stream of the target host. We use a special wrapper in case there are data bytes in the header packets - in that case, the bytes are stored in a buffer and the buffer will be drained first, afterwards the connection continues directly with the TCP stream (with one more vcall). Also: Do not send full URI to https destinations when proxying, as we are directly interfacing with the destination data stream. --- methods/http.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'methods/http.h') diff --git a/methods/http.h b/methods/http.h index 3336fb780..7a763675c 100644 --- a/methods/http.h +++ b/methods/http.h @@ -73,6 +73,7 @@ class CircleBuf // Write data out bool Write(std::unique_ptr const &Fd); + bool Write(std::string &Data); bool WriteTillEl(std::string &Data,bool Single = false); // Control the write limit @@ -92,6 +93,8 @@ class CircleBuf ~CircleBuf(); }; +bool UnwrapHTTPConnect(std::string To, int Port, URI Proxy, std::unique_ptr &Fd, unsigned long Timeout, aptMethod *Owner); + struct HttpServerState: public ServerState { // This is the connection itself. Output is data FROM the server -- cgit v1.2.3