Allow chrome to handle 407 auth challenges to CONNECT requests

through HTTPS Proxies. This also changes the mechanism used to restart HttpProxyClientSocket requests with auth. Previously the transport socket would be Disconnected, and then re-Connected (which was not implemented for SSLClientSockets). However, the approach was problematic in the face of, for example, ipv6. The new approach is to close the HttpProxyClientSocket, and request a new socket from the pool. Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=110529 Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=110879 Review URL: http://codereview.chromium.org/8502024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110965 0039d316-1c4b-4281-b951-d872f2087c98
author: rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-11-21 18:32:01 +0000
committer: rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-11-21 18:32:01 +0000
commit: 15a3c20866a1de64fa731b03b8662ad0e89436dd (patch)
tree: ca07527ce12072cd336e8c243c17a9bb4bd005b0 /net/http/http_proxy_client_socket.cc
parent: 82a8b9cc6d3e491d79256e6ec0bc715e8b2171cc (diff)
download: chromium_src-15a3c20866a1de64fa731b03b8662ad0e89436dd.zip
chromium_src-15a3c20866a1de64fa731b03b8662ad0e89436dd.tar.gz
chromium_src-15a3c20866a1de64fa731b03b8662ad0e89436dd.tar.bz2
1 files changed, 8 insertions, 37 deletions
diff --git a/net/http/http_proxy_client_socket.cc b/net/http/http_proxy_client_socket.cc
index 32ccb1b..1434c655 100644
--- a/net/http/http_proxy_client_socket.cc
+++ b/net/http/http_proxy_client_socket.cc
@@ -68,7 +68,7 @@ int HttpProxyClientSocket::RestartWithAuth(OldCompletionCallback* callback) {
   DCHECK(!user_callback_);
 
   int rv = PrepareForAuthRestart();
-  if (rv != OK)
+  if (rv != OK || next_state_ == STATE_NONE)
     return rv;
 
   rv = DoLoop(OK);
@@ -77,6 +77,11 @@ int HttpProxyClientSocket::RestartWithAuth(OldCompletionCallback* callback) {
   return rv;
 }
 
+const
+scoped_refptr<HttpAuthController>& HttpProxyClientSocket::auth_controller() {
+  return auth_;
+}
+
 const HttpResponseInfo* HttpProxyClientSocket::GetConnectResponseInfo() const {
   return response_.headers ? &response_ : NULL;
 }
@@ -251,10 +256,7 @@ int HttpProxyClientSocket::DidDrainBodyForAuthRestart(bool keep_alive) {
     next_state_ = STATE_GENERATE_AUTH_TOKEN;
     transport_->set_is_reused(true);
   } else {
-    // This assumes that the underlying transport socket is a TCP socket,
-    // since only TCP sockets are restartable.
-    next_state_ = STATE_TCP_RESTART;
-    transport_->socket()->Disconnect();
+    next_state_ = STATE_NONE;
   }
 
   // Reset the other member variables.
@@ -267,17 +269,6 @@ int HttpProxyClientSocket::DidDrainBodyForAuthRestart(bool keep_alive) {
   return OK;
 }
 
-int HttpProxyClientSocket::HandleAuthChallenge() {
-  DCHECK(response_.headers);
-
-  int rv = auth_->HandleAuthChallenge(response_.headers, false, true, net_log_);
-  response_.auth_challenge = auth_->auth_info();
-  if (rv == OK)
-    return ERR_PROXY_AUTH_REQUESTED;
-
-  return rv;
-}
-
 void HttpProxyClientSocket::LogBlockedTunnelResponse(int response_code) const {
   LOG(WARNING) << "Blocked proxy response with status " << response_code
                << " to CONNECT request for "
@@ -347,13 +338,6 @@ int HttpProxyClientSocket::DoLoop(int last_io_result) {
       case STATE_DRAIN_BODY_COMPLETE:
         rv = DoDrainBodyComplete(rv);
         break;
-      case STATE_TCP_RESTART:
-        DCHECK_EQ(OK, rv);
-        rv = DoTCPRestart();
-        break;
-      case STATE_TCP_RESTART_COMPLETE:
-        rv = DoTCPRestartComplete(rv);
-        break;
       case STATE_DONE:
         break;
       default:
@@ -452,7 +436,7 @@ int HttpProxyClientSocket::DoReadHeadersComplete(int result) {
       // authentication code is smart enough to avoid being tricked by an
       // active network attacker.
       // The next state is intentionally not set as it should be STATE_NONE;
-      return HandleAuthChallenge();
+      return HandleAuthChallenge(auth_, &response_, net_log_);
 
     default:
       if (is_https_proxy_)
@@ -488,17 +472,4 @@ int HttpProxyClientSocket::DoDrainBodyComplete(int result) {
   return OK;
 }
 
-int HttpProxyClientSocket::DoTCPRestart() {
-  next_state_ = STATE_TCP_RESTART_COMPLETE;
-  return transport_->socket()->Connect(&io_callback_);
-}
-
-int HttpProxyClientSocket::DoTCPRestartComplete(int result) {
-  if (result != OK)
-    return result;
-
-  next_state_ = STATE_GENERATE_AUTH_TOKEN;
-  return result;
-}
-
 }  // namespace net
author	rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-11-21 18:32:01 +0000
committer	rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-11-21 18:32:01 +0000
commit	15a3c20866a1de64fa731b03b8662ad0e89436dd (patch)
tree	ca07527ce12072cd336e8c243c17a9bb4bd005b0 /net/http/http_proxy_client_socket.cc
parent	82a8b9cc6d3e491d79256e6ec0bc715e8b2171cc (diff)
download	chromium_src-15a3c20866a1de64fa731b03b8662ad0e89436dd.zip chromium_src-15a3c20866a1de64fa731b03b8662ad0e89436dd.tar.gz chromium_src-15a3c20866a1de64fa731b03b8662ad0e89436dd.tar.bz2