https over proxy patch

Hi,
In the last three weeks I was working to implement patch that will enable https 
connection over proxy. I contacted Olga Antropova and she sent me her 
implementation based on an old code base of the libwww. I've integrated into 
5.3.2 code base and did some testing by using wwwssl example by adding 
HTProxy_add("http", "http://proxy:8888");
and on some application level code.
As well I've send a path to <tudor.hulubei@ecora.com> to do independent test of 
the patch. All the tests were secuessfull.
Here is Olga comments on how she implemented this feature:
> >Basically in HTAuthFilter I change method from what it was to CONNECT and
> >have HTTPS_proxyAfterFilter that changes method back to original if
connect
> >was ok.
> >So I added CONNECT method to the mehtods.
> >Also I have some changes in HTChannel.c
> >And I do not use https connection management in HTSSL.c
> >

Find attached the diff file for https over proxy.

Regards, Srdjan
 ====
 Srdjan Matovina
 Sun Microsystems Americas Customer Engineering
 srdjan.matovina@canada.sun.com
 Ph.(905) 415-2883 Fax.(905) 477-0217

------------- Begin Forwarded Message -------------

MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Date: Mon, 19 Mar 2001 12:18:30 -0500 (EST)
From: Tudor Hulubei <tudor.hulubei@ecora.com>
To: Srdjan Matovina -- Customer Engineering <srdjan@opcom-mail.canada.sun.com>
Subject: Re: SSL through a proxy w/ libwww


  On Monday, 19 March 2001, Srdjan Matovina -- Customer Engineering wrote:
> I set my proxy server:
> HTProxy_add(http, "http://proxy:8888");
> With this setup I can get the page no problem.
> 
> If I set proxy like: HTProxy_add(https, "https://proxy:8888");
> then client never connect to the secure server and also client is going into 
> infinitive loop. Have to kill the client process.
> Try add the proxy with http protocol type, not with https:
> 
> HTProxy_add(http, "http://proxy:8888");
> Let me know the result!

Well, good news!  It does work, indeed, after I took the "s" out from
"https" in HTProxy_add.  Thanks!  Let me know if there is something
else that you want me to test.

Tudor


------------- End Forwarded Message -------------

------------- Begin Forwarded Message -------------

X-Authentication-Warning: balefire.eai.com: uucp set sender to <olga@eai.com> 
using -f
Really-From: olga@eai.com
From: "Olga Antropova" <olga@eai.com>
To: "Srdjan Matovina -- Customer Engineering" <srdjan@opcom-mail.canada.sun.com>
Cc: <antonb@opcom-mail.canada.sun.com>, "Olga Antropova" <olga@eai.com>
Subject: Re: SSL patch: Can you do that??
Date: Thu, 8 Mar 2001 13:07:33 -0600
MIME-Version: 1.0
X-Priority: 3
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600

Hi,

I think *CachingState is not relevant and should not be merged.

I am impressed with the fact that you are almost finished. Please be careful
to merge only the pieces that make sense.
And please be sure to test the resulting patch intensively before sending it
to the library. (We do not want to break it :-)

Also I am sure that I have missed some more files.

Olga.
----- Original Message -----
From: "Srdjan Matovina -- Customer Engineering" <srdjan@scot.canada.sun.com>
To: <olga@eai.com>
Cc: <antonb@discover.canada.sun.com>
Sent: Thursday, March 08, 2001 10:39 AM
Subject: Re: SSL patch: Can you do that??


> Hi Olga,
>
> Thanks a lot for ssl over proxy patch code. I am integrating your ssl
patch into
> latest libwww. So far I am almost finished with integration except for the
> following function implementation that you missed to send:
>
> extern void HTRequest_setUseHTTPS(HTRequest *, BOOL val);
> extern BOOL HTRequest_useHTTPS(HTRequest *);
>
> extern void HTRequest_setCachingState(HTRequest *, BOOL val);
> extern BOOL HTRequest_cachingState(HTRequest *);
>
> extern void HTRequest_setHTTPSRequest(HTRequest *, BOOL val);
> extern BOOL HTRequest_isHTTPSRequest(HTRequest *);
>
> extern void HTRequest_saveOrigMethod(HTRequest *);
> extern HTMethod HTRequest_origMethod(HTRequest *);
>
> extern int HTRequest_httpsProxyRetries(HTRequest *);
> extern void HTRequest_httpsProxyAddRetry(HTRequest *);
>
> Those are the function declaration from HTReq.h file.
>
> If you could send it to me that would be great.
>
>  Thanks a lot
>
>  Srdjan
> >Date: Wed, 7 Mar 2001 13:12:19 -0500 (EST)
> >From: Anton Belov -- Customer Engineering
<antonb@opcom-mail.canada.sun.com>
> >Subject: SSL patch: Can you do that??
> >To: srdjan@canada.sun.com
> >MIME-Version: 1.0
> >
> >
> >------------- Begin Forwarded Message -------------
> >
> >X-Authentication-Warning: balefire.eai.com: uucp set sender to
<olga@eai.com>
> >using -f
> >Really-From: olga@eai.com
> >From: "Olga Antropova" <olga@eai.com>
> >To: "Anton Belov -- Customer Engineering"
<antonb@opcom-mail.canada.sun.com>,
> >"Olga Antropova" <olga@eai.com>
> >Subject: SSL patch: Can you do that??
> >Date: Wed, 7 Mar 2001 11:06:09 -0600
> >MIME-Version: 1.0
> >X-Priority: 3
> >X-MSMail-Priority: Normal
> >X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600
> >
> >Privet Anton!
> >
> >I have it working but my codebase is old and the code is not perfect :-)
> >(well... ugly)
> >
> >Basically in HTAuthFilter I change method from what it was to CONNECT and
> >have HTTPS_proxyAfterFilter that changes method back to original if
connect
> >was ok.
> >So I added CONNECT method to the mehtods.
> >Also I have some changes in HTChannel.c
> >And I do not use https connection management in HTSSL.c
> >
> >So I am attaching the files.
> >If you can make sense and even make patch for the current version of www
of
> >that stuff it would be great!
> >I just absolutely have no time for that.
> >
> >Let me know if I missed some files.
> >Caution: the files contain some changes not relevant to SSL support.
> >
> >Schastlivo!
> >
> >Olga.
> >
> >
> >----- Original Message -----
> >From: "Anton Belov -- Customer Engineering" <antonb@scot.canada.sun.com>
> >To: <www-lib@w3.org>
> >Sent: Wednesday, March 07, 2001 10:22 AM
> >Subject: https & proxy
> >
> >
> >> Hi !
> >>
> >> I'm trying to understand why i cannot do https through proxy (if anyone
> >has it
> >> working, please let me know); To my understanding there are two ways to
do
> >it:
> >>
> >>  - one is when the communication between client and proxy is regular
HTTP,
> >and
> >>    proxy to the destination is HTTPS. In this case client doesn't even
> >need to
> >>    support SSL, because all the SSL work will be done by the proxy,
which
> >>    requires proxy to be configured for that. And i think not all of
them
> >are -
> >>    in my particular case i'd always get "500 Internal Server Error"
from
> >the
> >>    proxy.
> >>
> >>  - the other, and prefered way is to use proxy SSL tunneling, which is
> >>    established using CONNECT command to the proxy, and getting the 200
> >>    response if the destination server has accepted the connection.
Here's
> >>    the spec for this:
> >>
>
>http://www.web-cache.com/Writings/Internet-Drafts/draft-luotonen-web-proxy-
t
> >unne
> >> ling-01.txt
> >>
> >>    This is not implemented in LibWWW, am i correct ? Is anyone working
on
> >this
> >>    right now ?
> >>
> >>
> >> Best Regards,
> >> Anton
> >>
> >>
> >>
> >> ~v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^vv^v^v^v^v^v^v^v^v^v^v^~
> >>
> >> Anton Belov
> >> Sun Microsystems Americas Customer Engineering
> >> anton.belov@canada.sun.com
> >> Ph. (905)415-2841  Fax. (905)477-0217
> >>
> >>
> >
> >------------- End Forwarded Message -------------
> >
> >
> >~v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^v^vv^v^v^v^v^v^v^v^v^v^v^~
> >
> >Anton Belov
> >Sun Microsystems Americas Customer Engineering
> >anton.belov@canada.sun.com
> >Ph. (905)415-2841  Fax. (905)477-0217
> >
>
> ====
> Srdjan Matovina
> Sun Microsystems Americas Customer Engineering
> srdjan.matovina@canada.sun.com
> Ph.(905) 415-2883 Fax.(905) 477-0217
>
>

------------- End Forwarded Message -------------