[libwww-perl] 02/02: removed fix-https-proxy patch (applied upstream)
dod at debian.org
dod at debian.org
Thu Apr 24 13:55:22 UTC 2014
This is an automated email from the git hooks/post-receive script.
dod pushed a commit to branch master
in repository libwww-perl.
commit 32ea130056660df82adbced7d6b336254c5b7ac8
Author: Dominique Dumont <dod at debian.org>
Date: Thu Apr 24 09:40:53 2014 +0200
removed fix-https-proxy patch (applied upstream)
---
debian/patches/fix-htts-proxy | 174 ------------------------------------------
debian/patches/series | 1 -
2 files changed, 175 deletions(-)
diff --git a/debian/patches/fix-htts-proxy b/debian/patches/fix-htts-proxy
deleted file mode 100644
index 29120b4..0000000
--- a/debian/patches/fix-htts-proxy
+++ /dev/null
@@ -1,174 +0,0 @@
-Description:Fix htts proxy
- part 1 of a patch to fix https_proxy handling
-Author:Steffen Ullrich
-Origin:https://github.com/libwww-perl/libwww-perl/pull/52
-Applied-Upstream:yes
---- a/lib/LWP/Protocol/http.pm
-+++ b/lib/LWP/Protocol/http.pm
-@@ -16,16 +16,6 @@
- sub _new_socket
- {
- my($self, $host, $port, $timeout) = @_;
-- my $conn_cache = $self->{ua}{conn_cache};
-- if ($conn_cache) {
-- if (my $sock = $conn_cache->withdraw($self->socket_type, "$host:$port")) {
-- return $sock if $sock && !$sock->can_read(0);
-- # if the socket is readable, then either the peer has closed the
-- # connection or there are some garbage bytes on it. In either
-- # case we abandon it.
-- $sock->close;
-- }
-- }
-
- local($^W) = 0; # IO::Socket::INET can be noisy
- my $sock = $self->socket_class->new(PeerAddr => $host,
-@@ -33,7 +23,7 @@
- LocalAddr => $self->{ua}{local_address},
- Proto => 'tcp',
- Timeout => $timeout,
-- KeepAlive => !!$conn_cache,
-+ KeepAlive => !!$self->{ua}{conn_cache},
- SendTE => 1,
- $self->_extra_sock_opts($host, $port),
- );
-@@ -104,9 +94,10 @@
- }
- $h->init_header('Host' => $hhost);
-
-- if ($proxy) {
-+ if ($proxy && $url->scheme ne 'https') {
- # Check the proxy URI's userinfo() for proxy credentials
-- # export http_proxy="http://proxyuser:proxypass@proxyhost:port"
-+ # export http_proxy="http://proxyuser:proxypass@proxyhost:port".
-+ # For https only the initial CONNECT requests needs authorization.
- my $p_auth = $proxy->userinfo();
- if(defined $p_auth) {
- require URI::Escape;
-@@ -140,26 +131,81 @@
- }
-
- my $url = $request->uri;
-- my($host, $port, $fullpath);
-
-- # Check if we're proxy'ing
-- if (defined $proxy) {
-- # $proxy is an URL to an HTTP server which will proxy this request
-- $host = $proxy->host;
-- $port = $proxy->port;
-- $fullpath = $method eq "CONNECT" ?
-- ($url->host . ":" . $url->port) :
-- $url->as_string;
-- }
-- else {
-- $host = $url->host;
-- $port = $url->port;
-- $fullpath = $url->path_query;
-- $fullpath = "/$fullpath" unless $fullpath =~ m,^/,;
-- }
-
-- # connect to remote site
-- my $socket = $self->_new_socket($host, $port, $timeout);
-+ # Proxying SSL with a http proxy needs issues a CONNECT request to build a
-+ # tunnel and then upgrades the tunnel to SSL. But when doing keep-alive the
-+ # https request does not need to be the first request in the connection, so
-+ # we need to distinguish between
-+ # - not yet connected (create socket and ssl upgrade)
-+ # - connected but not inside ssl tunnel (ssl upgrade)
-+ # - inside ssl tunnel to the target - once we are in the tunnel to the
-+ # target we cannot only reuse the tunnel for more https requests with the
-+ # same target
-+
-+ my $ssl_tunnel = $proxy && $url->scheme eq 'https'
-+ && $url->host.":".$url->port;
-+
-+ my ($host,$port) = $proxy
-+ ? ($proxy->host,$proxy->port)
-+ : ($url->host,$url->port);
-+ my $fullpath =
-+ $method eq 'CONNECT' ? $url->host . ":" . $url->port :
-+ $proxy && ! $ssl_tunnel ? $url->as_string :
-+ do {
-+ my $path = $url->path_query;
-+ $path = "/$path" if $path !~m{^/};
-+ $path
-+ };
-+
-+ my $socket;
-+ my $conn_cache = $self->{ua}{conn_cache};
-+ my $cache_key;
-+ if ( $conn_cache ) {
-+ $cache_key = "$host:$port";
-+ # For https we reuse the socket immediatly only if it has an established
-+ # tunnel to the target. Otherwise a CONNECT request followed by an SSL
-+ # upgrade need to be done first. The request itself might reuse an
-+ # existing non-ssl connection to the proxy
-+ $cache_key .= "!".$ssl_tunnel if $ssl_tunnel;
-+ if ( $socket = $conn_cache->withdraw($self->socket_type,$cache_key)) {
-+ if ($socket->can_read(0)) {
-+ # if the socket is readable, then either the peer has closed the
-+ # connection or there are some garbage bytes on it. In either
-+ # case we abandon it.
-+ $socket->close;
-+ $socket = undef;
-+ } # else use $socket
-+ }
-+ }
-+
-+ if ( ! $socket && $ssl_tunnel ) {
-+ my $proto_https = LWP::Protocol::create('https',$self->{ua})
-+ or die "no support for scheme https found";
-+
-+ # only if ssl socket class is IO::Socket::SSL we can upgrade
-+ # a plain socket to SSL. In case of Net::SSL we fall back to
-+ # the old version
-+ if ( my $upgrade_sub = $proto_https->can('_upgrade_sock')) {
-+ my $response = $self->request(
-+ HTTP::Request->new('CONNECT',"http://$ssl_tunnel"),
-+ $proxy,
-+ undef,$size,$timeout
-+ );
-+ $response->is_success or die
-+ "establishing SSL tunnel failed: ".$response->status_line;
-+ $socket = $upgrade_sub->($proto_https,
-+ $response->{client_socket},$url)
-+ or die "SSL upgrade failed: $@";
-+ } else {
-+ $socket = $proto_https->_new_socket($url->host,$url->port,$timeout);
-+ }
-+ }
-+
-+ if ( ! $socket ) {
-+ # connect to remote site w/o reusing established socket
-+ $socket = $self->_new_socket($host, $port, $timeout );
-+ }
-
- my $http_version = "";
- if (my $proto = $request->protocol) {
-@@ -428,13 +474,13 @@
-
- # keep-alive support
- unless ($drop_connection) {
-- if (my $conn_cache = $self->{ua}{conn_cache}) {
-+ if ($cache_key) {
- my %connection = map { (lc($_) => 1) }
- split(/\s*,\s*/, ($response->header("Connection") || ""));
- if (($peer_http_version eq "1.1" && !$connection{close}) ||
- $connection{"keep-alive"})
- {
-- $conn_cache->deposit($self->socket_type, "$host:$port", $socket);
-+ $conn_cache->deposit($self->socket_type, $cache_key, $socket);
- }
- }
- }
---- a/lib/LWP/UserAgent.pm
-+++ b/lib/LWP/UserAgent.pm
-@@ -346,7 +346,8 @@
- )
- {
- my $proxy = ($code == &HTTP::Status::RC_PROXY_AUTHENTICATION_REQUIRED);
-- my $ch_header = $proxy ? "Proxy-Authenticate" : "WWW-Authenticate";
-+ my $ch_header = $proxy || $request->method eq 'CONNECT'
-+ ? "Proxy-Authenticate" : "WWW-Authenticate";
- my @challenge = $response->header($ch_header);
- unless (@challenge) {
- $response->header("Client-Warning" =>
diff --git a/debian/patches/series b/debian/patches/series
index 8f66dda..81e055e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,2 @@
-fix-htts-proxy
ipv6-http-proxy.patch
drop-non-blocking-socket.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-perl/packages/libwww-perl.git
More information about the Pkg-perl-cvs-commits
mailing list