ghttpproxy.c source code [gtk/subprojects/glib/gio/ghttpproxy.c]

1	/ GIO - GLib Input, Output and Streaming Library*
2	*
3	* Copyright (C) 2010 Collabora, Ltd.
4	* Copyright (C) 2014 Red Hat, Inc.
5	*
6	* This library is free software; you can redistribute it and/or
7	* modify it under the terms of the GNU Lesser General Public
8	* License as published by the Free Software Foundation; either
9	* version 2.1 of the License, or (at your option) any later version.
10	*
11	* This library is distributed in the hope that it will be useful,
12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14	* Lesser General Public License for more details.
15	*
16	* You should have received a copy of the GNU Lesser General
17	* Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
18	*
19	* Author: Nicolas Dufresne <nicolas.dufresne@collabora.co.uk>
20	* Marc-André Lureau <marcandre.lureau@redhat.com>
21	*/
22
23	#include "config.h"
24
25	#include "ghttpproxy.h"
26
27	#include <string.h>
28	#include <stdlib.h>
29
30	#include "giomodule.h"
31	#include "giomodule-priv.h"
32	#include "giostream.h"
33	#include "ginputstream.h"
34	#include "glibintl.h"
35	#include "goutputstream.h"
36	#include "gproxy.h"
37	#include "gproxyaddress.h"
38	#include "gsocketconnectable.h"
39	#include "gtask.h"
40	#include "gtlsclientconnection.h"
41	#include "gtlsconnection.h"
42
43
44	struct _GHttpProxy
45	{
46	GObject parent;
47	};
48
49	struct _GHttpProxyClass
50	{
51	GObjectClass parent_class;
52	};
53
54	static void g_http_proxy_iface_init (GProxyInterface *proxy_iface);
55
56	#define g_http_proxy_get_type _g_http_proxy_get_type
57	G_DEFINE_TYPE_WITH_CODE (GHttpProxy, g_http_proxy, G_TYPE_OBJECT,
58	G_IMPLEMENT_INTERFACE (G_TYPE_PROXY,
59	g_http_proxy_iface_init)
60	_g_io_modules_ensure_extension_points_registered ();
61	g_io_extension_point_implement (G_PROXY_EXTENSION_POINT_NAME,
62	g_define_type_id,
63	"http",
64	`0`))
65
66	static void
67	g_http_proxy_init (GHttpProxy *proxy)
68	{
69	}
70
71	static gchar *
72	create_request (GProxyAddress *proxy_address,
73	gboolean *has_cred,
74	GError **error)
75	{
76	const gchar *hostname;
77	gint port;
78	const gchar *username;
79	const gchar *password;
80	GString *request;
81	gchar *ascii_hostname;
82
83	if (has_cred)
84	*has_cred = FALSE;
85
86	hostname = g_proxy_address_get_destination_hostname (proxy: proxy_address);
87	ascii_hostname = g_hostname_to_ascii (hostname);
88	if (!ascii_hostname)
89	{
90	g_set_error_literal (err: error, G_IO_ERROR, code: G_IO_ERROR_FAILED,
91	_("Invalid hostname"));
92	return NULL;
93	}
94	port = g_proxy_address_get_destination_port (proxy: proxy_address);
95	username = g_proxy_address_get_username (proxy: proxy_address);
96	password = g_proxy_address_get_password (proxy: proxy_address);
97
98	request = g_string_new (NULL);
99
100	g_string_append_printf (string: request,
101	format: "CONNECT %s:%i HTTP/1.0\r\n"
102	"Host: %s:%i\r\n"
103	"Proxy-Connection: keep-alive\r\n"
104	"User-Agent: GLib/%i.%i\r\n",
105	ascii_hostname, port,
106	ascii_hostname, port,
107	GLIB_MAJOR_VERSION, GLIB_MINOR_VERSION);
108	g_free (mem: ascii_hostname);
109
110	if (username != NULL && password != NULL)
111	{
112	gchar *cred;
113	gchar *base64_cred;
114
115	if (has_cred)
116	*has_cred = TRUE;
117
118	cred = g_strdup_printf (format: "%s:%s", username, password);
119	base64_cred = g_base64_encode (data: (guchar *) cred, len: strlen (s: cred));
120	g_free (mem: cred);
121	g_string_append_printf (string: request,
122	format: "Proxy-Authorization: Basic %s\r\n",
123	base64_cred);
124	g_free (mem: base64_cred);
125	}
126
127	g_string_append (string: request, val: "\r\n");
128
129	return g_string_free (string: request, FALSE);
130	}
131
132	static gboolean
133	check_reply (const gchar *buffer,
134	gboolean has_cred,
135	GError **error)
136	{
137	gint err_code;
138	const gchar *ptr = buffer + `7`;
139
140	if (strncmp (s1: buffer, s2: "HTTP/1.", n: `7`) != `0` \|\| (ptr != `'0'` && ptr != `'1'`))
141	{
142	g_set_error_literal (err: error, G_IO_ERROR, code: G_IO_ERROR_PROXY_FAILED,
143	_("Bad HTTP proxy reply"));
144	return FALSE;
145	}
146
147	ptr++;
148	while (*ptr == `' '`)
149	ptr++;
150
151	err_code = atoi (nptr: ptr);
152
153	if (err_code < `200` \|\| err_code >= `300`)
154	{
155	switch (err_code)
156	{
157	case `403`:
158	g_set_error_literal (err: error, G_IO_ERROR, code: G_IO_ERROR_PROXY_NOT_ALLOWED,
159	_("HTTP proxy connection not allowed"));
160	break;
161	case `407`:
162	if (has_cred)
163	g_set_error_literal (err: error, G_IO_ERROR, code: G_IO_ERROR_PROXY_AUTH_FAILED,
164	_("HTTP proxy authentication failed"));
165	else
166	g_set_error_literal (err: error, G_IO_ERROR, code: G_IO_ERROR_PROXY_NEED_AUTH,
167	_("HTTP proxy authentication required"));
168	break;
169	default:
170	g_set_error (err: error, G_IO_ERROR, code: G_IO_ERROR_PROXY_FAILED,
171	_("HTTP proxy connection failed: %i"), err_code);
172	}
173
174	return FALSE;
175	}
176
177	return TRUE;
178	}
179
180	#define HTTP_END_MARKER "\r\n\r\n"
181
182	static GIOStream *
183	g_http_proxy_connect (GProxy *proxy,
184	GIOStream *io_stream,
185	GProxyAddress *proxy_address,
186	GCancellable *cancellable,
187	GError **error)
188	{
189	GInputStream *in;
190	GOutputStream *out;
191	gchar *buffer = NULL;
192	gsize buffer_length;
193	gsize bytes_read;
194	gboolean has_cred;
195	GIOStream *tlsconn = NULL;
196
197	if (G_IS_HTTPS_PROXY (proxy))
198	{
199	tlsconn = g_tls_client_connection_new (base_io_stream: io_stream,
200	G_SOCKET_CONNECTABLE (proxy_address),
201	error);
202	if (!tlsconn)
203	goto error;
204
205	#ifdef DEBUG
206	{
207	GTlsCertificateFlags tls_validation_flags = G_TLS_CERTIFICATE_VALIDATE_ALL;
208
209	tls_validation_flags &= ~(G_TLS_CERTIFICATE_UNKNOWN_CA \| G_TLS_CERTIFICATE_BAD_IDENTITY);
210	g_tls_client_connection_set_validation_flags (G_TLS_CLIENT_CONNECTION (tlsconn),
211	tls_validation_flags);
212	}
213	#endif
214
215	if (!g_tls_connection_handshake (G_TLS_CONNECTION (tlsconn), cancellable, error))
216	goto error;
217
218	io_stream = tlsconn;
219	}
220
221	in = g_io_stream_get_input_stream (stream: io_stream);
222	out = g_io_stream_get_output_stream (stream: io_stream);
223
224	buffer = create_request (proxy_address, has_cred: &has_cred, error);
225	if (!buffer)
226	goto error;
227	if (!g_output_stream_write_all (stream: out, buffer, count: strlen (s: buffer), NULL,
228	cancellable, error))
229	goto error;
230
231	g_free (mem: buffer);
232
233	bytes_read = `0`;
234	buffer_length = `1024`;
235	buffer = g_malloc (n_bytes: buffer_length);
236
237	/ Read byte-by-byte instead of using GDataInputStream*
238	* since we do not want to read beyond the end marker
239	*/
240	do
241	{
242	gssize signed_nread;
243	gsize nread;
244
245	signed_nread =
246	g_input_stream_read (stream: in, buffer: buffer + bytes_read, count: `1`, cancellable, error);
247	if (signed_nread == -`1`)
248	goto error;
249
250	nread = signed_nread;
251	if (nread == `0`)
252	break;
253
254	++bytes_read;
255
256	if (bytes_read == buffer_length)
257	{
258	/ HTTP specifications does not defines any upper limit for*
259	* headers. But, the most usual size used seems to be 8KB.
260	* Yet, the biggest we found was Tomcat's HTTP headers whose
261	* size is 48K. So, for a reasonable error margin, let's accept
262	* a header with a twice as large size but no more: 96KB */
263	if (buffer_length > `98304`)
264	{
265	g_set_error_literal (err: error, G_IO_ERROR, code: G_IO_ERROR_PROXY_FAILED,
266	_("HTTP proxy response too big"));
267	goto error;
268	}
269	buffer_length = `2` * buffer_length;
270	buffer = g_realloc (mem: buffer, n_bytes: buffer_length);
271	}
272
273	*(buffer + bytes_read) = `'\0'`;
274
275	if (g_str_has_suffix (str: buffer, HTTP_END_MARKER))
276	break;
277	}
278	while (TRUE);
279
280	if (bytes_read == `0`)
281	{
282	g_set_error_literal (err: error, G_IO_ERROR, code: G_IO_ERROR_PROXY_FAILED,
283	_("HTTP proxy server closed connection unexpectedly."));
284	goto error;
285	}
286
287	if (!check_reply (buffer, has_cred, error))
288	goto error;
289
290	g_free (mem: buffer);
291
292	g_object_ref (io_stream);
293	g_clear_object (&tlsconn);
294
295	return io_stream;
296
297	error:
298	g_clear_object (&tlsconn);
299	g_free (mem: buffer);
300	return NULL;
301	}
302
303	typedef struct
304	{
305	GIOStream *io_stream;
306	GProxyAddress *proxy_address;
307	} ConnectAsyncData;
308
309	static void
310	free_connect_data (ConnectAsyncData *data)
311	{
312	g_object_unref (object: data->io_stream);
313	g_object_unref (object: data->proxy_address);
314	g_slice_free (ConnectAsyncData, data);
315	}
316
317	static void
318	connect_thread (GTask *task,
319	gpointer source_object,
320	gpointer task_data,
321	GCancellable *cancellable)
322	{
323	GProxy *proxy = source_object;
324	ConnectAsyncData *data = task_data;
325	GIOStream *res;
326	GError *error = NULL;
327
328	res = g_http_proxy_connect (proxy, io_stream: data->io_stream, proxy_address: data->proxy_address,
329	cancellable, error: &error);
330
331	if (res == NULL)
332	g_task_return_error (task, error);
333	else
334	g_task_return_pointer (task, result: res, result_destroy: g_object_unref);
335	}
336
337	static void
338	g_http_proxy_connect_async (GProxy *proxy,
339	GIOStream *io_stream,
340	GProxyAddress *proxy_address,
341	GCancellable *cancellable,
342	GAsyncReadyCallback callback,
343	gpointer user_data)
344	{
345	ConnectAsyncData *data;
346	GTask *task;
347
348	data = g_slice_new0 (ConnectAsyncData);
349	data->io_stream = g_object_ref (io_stream);
350	data->proxy_address = g_object_ref (proxy_address);
351
352	task = g_task_new (source_object: proxy, cancellable, callback, callback_data: user_data);
353	g_task_set_source_tag (task, g_http_proxy_connect_async);
354	g_task_set_task_data (task, task_data: data, task_data_destroy: (GDestroyNotify) free_connect_data);
355
356	g_task_run_in_thread (task, task_func: connect_thread);
357	g_object_unref (object: task);
358	}
359
360	static GIOStream *
361	g_http_proxy_connect_finish (GProxy *proxy,
362	GAsyncResult *result,
363	GError **error)
364	{
365	return g_task_propagate_pointer (G_TASK (result), error);
366	}
367
368	static gboolean
369	g_http_proxy_supports_hostname (GProxy *proxy)
370	{
371	return TRUE;
372	}
373
374	static void
375	g_http_proxy_class_init (GHttpProxyClass *class)
376	{
377	}
378
379	static void
380	g_http_proxy_iface_init (GProxyInterface *proxy_iface)
381	{
382	proxy_iface->connect = g_http_proxy_connect;
383	proxy_iface->connect_async = g_http_proxy_connect_async;
384	proxy_iface->connect_finish = g_http_proxy_connect_finish;
385	proxy_iface->supports_hostname = g_http_proxy_supports_hostname;
386	}
387
388	struct _GHttpsProxy
389	{
390	GHttpProxy parent;
391	};
392
393	struct _GHttpsProxyClass
394	{
395	GHttpProxyClass parent_class;
396	};
397
398	#define g_https_proxy_get_type _g_https_proxy_get_type
399	G_DEFINE_TYPE_WITH_CODE (GHttpsProxy, g_https_proxy, G_TYPE_HTTP_PROXY,
400	G_IMPLEMENT_INTERFACE (G_TYPE_PROXY,
401	g_http_proxy_iface_init)
402	_g_io_modules_ensure_extension_points_registered ();
403	g_io_extension_point_implement (G_PROXY_EXTENSION_POINT_NAME,
404	g_define_type_id,
405	"https",
406	`0`))
407
408	static void
409	g_https_proxy_init (GHttpsProxy *proxy)
410	{
411	}
412
413	static void
414	g_https_proxy_class_init (GHttpsProxyClass *class)
415	{
416	}
417

source code of gtk/subprojects/glib/gio/ghttpproxy.c