OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_proxy_client_socket.h" | 5 #include "net/http/http_proxy_client_socket.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
10 #include "base/strings/stringprintf.h" | 10 #include "base/strings/stringprintf.h" |
(...skipping 465 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
476 // attacker can force us into this state by masquerading as the proxy. | 476 // attacker can force us into this state by masquerading as the proxy. |
477 // The only safe thing to do here is to fail the connection because our | 477 // The only safe thing to do here is to fail the connection because our |
478 // client is expecting an SSL protected response. | 478 // client is expecting an SSL protected response. |
479 // See http://crbug.com/7338. | 479 // See http://crbug.com/7338. |
480 | 480 |
481 case 302: // Found / Moved Temporarily | 481 case 302: // Found / Moved Temporarily |
482 // Attempt to follow redirects from HTTPS proxies, but only if we can | 482 // Attempt to follow redirects from HTTPS proxies, but only if we can |
483 // sanitize the response. This still allows a rogue HTTPS proxy to | 483 // sanitize the response. This still allows a rogue HTTPS proxy to |
484 // redirect an HTTPS site load to a similar-looking site, but no longer | 484 // redirect an HTTPS site load to a similar-looking site, but no longer |
485 // allows it to impersonate the site the user requested. | 485 // allows it to impersonate the site the user requested. |
486 if (is_https_proxy_ && SanitizeProxyRedirect(&response_, request_.url)) { | 486 if (!is_https_proxy_ || !SanitizeProxyRedirect(&response_)) { |
| 487 // We're not using an HTTPS proxy, or we couldn't sanitize the redirect. |
| 488 LogBlockedTunnelResponse(); |
| 489 return ERR_TUNNEL_CONNECTION_FAILED; |
| 490 } |
| 491 |
| 492 { |
487 bool is_connection_reused = http_stream_parser_->IsConnectionReused(); | 493 bool is_connection_reused = http_stream_parser_->IsConnectionReused(); |
488 redirect_has_load_timing_info_ = | 494 redirect_has_load_timing_info_ = |
489 transport_->GetLoadTimingInfo( | 495 transport_->GetLoadTimingInfo( |
490 is_connection_reused, &redirect_load_timing_info_); | 496 is_connection_reused, &redirect_load_timing_info_); |
491 transport_.reset(); | |
492 http_stream_parser_.reset(); | |
493 return ERR_HTTPS_PROXY_TUNNEL_RESPONSE; | |
494 } | 497 } |
495 | 498 transport_.reset(); |
496 // We're not using an HTTPS proxy, or we couldn't sanitize the redirect. | 499 http_stream_parser_.reset(); |
497 LogBlockedTunnelResponse(); | 500 return ERR_HTTPS_PROXY_TUNNEL_RESPONSE; |
498 return ERR_TUNNEL_CONNECTION_FAILED; | |
499 | 501 |
500 case 407: // Proxy Authentication Required | 502 case 407: // Proxy Authentication Required |
501 // We need this status code to allow proxy authentication. Our | 503 // We need this status code to allow proxy authentication. Our |
502 // authentication code is smart enough to avoid being tricked by an | 504 // authentication code is smart enough to avoid being tricked by an |
503 // active network attacker. | 505 // active network attacker. |
504 // The next state is intentionally not set as it should be STATE_NONE; | 506 // The next state is intentionally not set as it should be STATE_NONE; |
| 507 if (!SanitizeProxyAuth(&response_)) { |
| 508 LogBlockedTunnelResponse(); |
| 509 return ERR_TUNNEL_CONNECTION_FAILED; |
| 510 } |
505 return HandleProxyAuthChallenge(auth_.get(), &response_, net_log_); | 511 return HandleProxyAuthChallenge(auth_.get(), &response_, net_log_); |
506 | 512 |
507 default: | 513 default: |
508 // Ignore response to avoid letting the proxy impersonate the target | 514 // Ignore response to avoid letting the proxy impersonate the target |
509 // server. (See http://crbug.com/137891.) | 515 // server. (See http://crbug.com/137891.) |
510 // We lose something by doing this. We have seen proxy 403, 404, and | 516 // We lose something by doing this. We have seen proxy 403, 404, and |
511 // 501 response bodies that contain a useful error message. For | 517 // 501 response bodies that contain a useful error message. For |
512 // example, Squid uses a 404 response to report the DNS error: "The | 518 // example, Squid uses a 404 response to report the DNS error: "The |
513 // domain name does not exist." | 519 // domain name does not exist." |
514 LogBlockedTunnelResponse(); | 520 LogBlockedTunnelResponse(); |
(...skipping 29 matching lines...) Expand all Loading... |
544 | 550 |
545 int HttpProxyClientSocket::DoTCPRestartComplete(int result) { | 551 int HttpProxyClientSocket::DoTCPRestartComplete(int result) { |
546 if (result != OK) | 552 if (result != OK) |
547 return result; | 553 return result; |
548 | 554 |
549 next_state_ = STATE_GENERATE_AUTH_TOKEN; | 555 next_state_ = STATE_GENERATE_AUTH_TOKEN; |
550 return result; | 556 return result; |
551 } | 557 } |
552 | 558 |
553 } // namespace net | 559 } // namespace net |
OLD | NEW |