diff options
| author | rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-11-21 04:21:12 +0000 |
|---|---|---|
| committer | rch@chromium.org <rch@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-11-21 04:21:12 +0000 |
| commit | e84e6956fca7f37a25713059ee2a09ae7b65ff23 (patch) | |
| tree | 1bca98b969f0c7e4ad33312edda79d2d0e3ce362 /net/spdy/spdy_proxy_client_socket.cc | |
| parent | 7fa878350b0964b0f16f1ac33ad977c3d2cef6bb (diff) | |
| download | chromium_src-e84e6956fca7f37a25713059ee2a09ae7b65ff23.zip chromium_src-e84e6956fca7f37a25713059ee2a09ae7b65ff23.tar.gz chromium_src-e84e6956fca7f37a25713059ee2a09ae7b65ff23.tar.bz2 | |
Allow chrome to handle 407 auth challenges to CONNECT requests
through HTTPS Proxies. This also changes the mechanism used
to restart HttpProxyClientSocket requests with auth. Previously
the transport socket would be Disconnected, and then re-Connected
(which was not implemented for SSLClientSockets). However, the
approach was problematic in the face of, for example, ipv6. The
new approach is to close the HttpProxyClientSocket, and request
a new socket from the pool.
Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=110529
Review URL: http://codereview.chromium.org/8502024
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110879 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/spdy/spdy_proxy_client_socket.cc')
| -rw-r--r-- | net/spdy/spdy_proxy_client_socket.cc | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/net/spdy/spdy_proxy_client_socket.cc b/net/spdy/spdy_proxy_client_socket.cc index 1b2674d..6ef88e7 100644 --- a/net/spdy/spdy_proxy_client_socket.cc +++ b/net/spdy/spdy_proxy_client_socket.cc @@ -63,6 +63,19 @@ const HttpResponseInfo* SpdyProxyClientSocket::GetConnectResponseInfo() const { return response_.headers ? &response_ : NULL; } +int SpdyProxyClientSocket::RestartWithAuth(OldCompletionCallback* callback) { + // A SPDY Stream can only handle a single request, so the underlying + // stream may not be reused and a new SpdyProxyClientSocket must be + // created (possibly on top of the same SPDY Session). + next_state_ = STATE_DISCONNECTED; + return OK; +} + +const +scoped_refptr<HttpAuthController>& SpdyProxyClientSocket::auth_controller() { + return auth_; +} + HttpStream* SpdyProxyClientSocket::CreateConnectResponseStream() { DCHECK(response_stream_.get()); return response_stream_.release(); @@ -384,6 +397,16 @@ int SpdyProxyClientSocket::DoReadReplyComplete(int result) { if (response_.headers->response_code() == 200) { return OK; } else if (response_.headers->response_code() == 407) { + int rv = HandleAuthChallenge(auth_, &response_, net_log_); + if (rv != ERR_PROXY_AUTH_REQUESTED) { + return rv; + } + // SPDY only supports basic and digest auth + if (auth_->auth_info() && + (auth_->auth_info()->scheme == "basic" || + auth_->auth_info()->scheme == "digest")) { + return ERR_PROXY_AUTH_REQUESTED; + } return ERR_TUNNEL_CONNECTION_FAILED; } else { // Immediately hand off our SpdyStream to a newly created SpdyHttpStream |