Establish a proxy connection on an open socket to a web proxy by using the * CONNECT method. If proxy_user and proxy_pass are not NULL, they are used to * authenticate to the proxy using the "Basic" proxy-authorization protocol. */
| 53 | * CONNECT method. If proxy_user and proxy_pass are not NULL, they are used to |
| 54 | * authenticate to the proxy using the "Basic" proxy-authorization protocol. */ |
| 55 | static int establish_proxy_connection(int fd, char *host, int port, char *proxy_user, char *proxy_pass) |
| 56 | { |
| 57 | char *cp, buffer[PROXY_BUF_SIZE + 1]; |
| 58 | char *authhdr, authbuf[PROXY_BUF_SIZE + 1]; |
| 59 | int len; |
| 60 | |
| 61 | if (proxy_user && proxy_pass) { |
| 62 | stringjoin(buffer, PROXY_BUF_SIZE, |
| 63 | proxy_user, ":", proxy_pass, NULL); |
| 64 | len = strlen(buffer); |
| 65 | |
| 66 | if ((len*8 + 5) / 6 >= PROXY_BUF_SIZE - 3) { |
| 67 | rprintf(FERROR, |
| 68 | "authentication information is too long\n"); |
| 69 | return -1; |
| 70 | } |
| 71 | |
| 72 | base64_encode(buffer, len, authbuf, 1); |
| 73 | authhdr = "\r\nProxy-Authorization: Basic "; |
| 74 | } else { |
| 75 | *authbuf = '\0'; |
| 76 | authhdr = ""; |
| 77 | } |
| 78 | |
| 79 | len = snprintf(buffer, PROXY_BUF_SIZE, "CONNECT %s:%d HTTP/1.0%s%s\r\n\r\n", host, port, authhdr, authbuf); |
| 80 | assert(len > 0 && len < PROXY_BUF_SIZE); |
| 81 | if (write(fd, buffer, len) != len) { |
| 82 | rsyserr(FERROR, errno, "failed to write to proxy"); |
| 83 | return -1; |
| 84 | } |
| 85 | |
| 86 | for (cp = buffer; cp < &buffer[PROXY_BUF_SIZE - 1]; cp++) { |
| 87 | if (read(fd, cp, 1) != 1) { |
| 88 | rsyserr(FERROR, errno, "failed to read from proxy"); |
| 89 | return -1; |
| 90 | } |
| 91 | if (*cp == '\n') |
| 92 | break; |
| 93 | } |
| 94 | |
| 95 | if (cp == &buffer[PROXY_BUF_SIZE - 1]) { |
| 96 | rprintf(FERROR, "proxy response line too long\n"); |
| 97 | return -1; |
| 98 | } |
| 99 | *cp = '\0'; |
| 100 | if (cp > buffer && cp[-1] == '\r') |
| 101 | cp[-1] = '\0'; |
| 102 | if (strncmp(buffer, "HTTP/", 5) != 0) { |
| 103 | rprintf(FERROR, "bad response from proxy -- %s\n", |
| 104 | buffer); |
| 105 | return -1; |
| 106 | } |
| 107 | for (cp = &buffer[5]; isDigit(cp) || *cp == '.'; cp++) {} |
| 108 | while (*cp == ' ') |
| 109 | cp++; |
| 110 | if (*cp != '2') { |
| 111 | rprintf(FERROR, "bad response from proxy -- %s\n", |
| 112 | buffer); |
no test coverage detected