[SCM] WebKit Debian packaging branch, webkit-1.2, updated. upstream/1.1.90-6072-g9a69373
ap at apple.com
ap at apple.com
Wed Apr 7 23:43:41 UTC 2010
The following commit has been merged in the webkit-1.2 branch:
commit 331a302488ee5b7fe1068137951c35b8163bade0
Author: ap at apple.com <ap at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Mon Nov 16 17:59:08 2009 +0000
Reviewed by Darin Adler.
https://bugs.webkit.org/show_bug.cgi?id=31494
Add unauthenticated proxy support to SocketStreamHandleCFNet
Cannot be tested in DRT.
* platform/network/cf/SocketStreamHandleCFNet.cpp:
(WebCore::SocketStreamHandle::chooseProxy): Fetch proxy information from OS.
(WebCore::SocketStreamHandle::createStreams): Apply it to the newly created streams.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@51040 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index 076a5d6..1547408 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,16 @@
+2009-11-16 Alexey Proskuryakov <ap at apple.com>
+
+ Reviewed by Darin Adler.
+
+ https://bugs.webkit.org/show_bug.cgi?id=31494
+ Add unauthenticated proxy support to SocketStreamHandleCFNet
+
+ Cannot be tested in DRT.
+
+ * platform/network/cf/SocketStreamHandleCFNet.cpp:
+ (WebCore::SocketStreamHandle::chooseProxy): Fetch proxy information from OS.
+ (WebCore::SocketStreamHandle::createStreams): Apply it to the newly created streams.
+
2009-11-14 Antonio Gomes <tonikitoo at webkit.org>
Reviewed by Antti Koivisto.
diff --git a/WebCore/platform/network/cf/SocketStreamHandleCFNet.cpp b/WebCore/platform/network/cf/SocketStreamHandleCFNet.cpp
index 3bf2d1d..41c77d4 100644
--- a/WebCore/platform/network/cf/SocketStreamHandleCFNet.cpp
+++ b/WebCore/platform/network/cf/SocketStreamHandleCFNet.cpp
@@ -36,6 +36,18 @@
#include "SocketStreamError.h"
#include "SocketStreamHandleClient.h"
+#if defined(BUILDING_ON_TIGER) || defined(BUILDING_ON_LEOPARD)
+#include <SystemConfiguration/SystemConfiguration.h>
+#endif
+
+#if PLATFORM(WIN)
+#include <CFNetwork/CFSocketStreamPriv.h>
+#else
+extern const CFStringRef kCFStreamPropertyCONNECTProxy;
+extern const CFStringRef kCFStreamPropertyCONNECTProxyHost;
+extern const CFStringRef kCFStreamPropertyCONNECTProxyPort;
+#endif
+
namespace WebCore {
SocketStreamHandle::SocketStreamHandle(const KURL& url, SocketStreamHandleClient* client)
@@ -74,7 +86,97 @@ SocketStreamHandle::SocketStreamHandle(const KURL& url, SocketStreamHandleClient
void SocketStreamHandle::chooseProxy()
{
- // FIXME: Retrieve proxy information.
+#if !defined(BUILDING_ON_TIGER) && !defined(BUILDING_ON_LEOPARD)
+ RetainPtr<CFDictionaryRef> proxyDictionary(AdoptCF, CFNetworkCopySystemProxySettings());
+#else
+ // We don't need proxy information often, so there is no need to set up a permanent dynamic store session.
+ RetainPtr<CFDictionaryRef> proxyDictionary(AdoptCF, SCDynamicStoreCopyProxies(0));
+#endif
+
+ // SOCKS or HTTPS (AKA CONNECT) proxies are supported.
+ // WebSocket protocol relies on handshake being transferred unchanged, so we need a proxy that will not modify headers.
+ // Since HTTP proxies must add Via headers, they are highly unlikely to work.
+ // Many CONNECT proxies limit connectivity to port 443, so we prefer SOCKS, if configured.
+
+ if (!proxyDictionary) {
+ m_connectionType = Direct;
+ return;
+ }
+
+#ifndef BUILDING_ON_TIGER
+ // CFNetworkCopyProxiesForURL doesn't know about WebSocket schemes, so pretend to use http.
+ // Always use "https" to get HTTPS proxies in result - we'll try to use those for ws:. even though many are configured to reject connections to ports other than 443.
+ KURL httpsURL(KURL(), "https://" + m_url.host());
+ RetainPtr<CFURLRef> httpsURLCF(AdoptCF, httpsURL.createCFURL());
+
+ RetainPtr<CFArrayRef> proxyArray(AdoptCF, CFNetworkCopyProxiesForURL(httpsURLCF.get(), proxyDictionary.get()));
+ CFIndex proxyArrayCount = CFArrayGetCount(proxyArray.get());
+
+ // FIXME: Support PAC files (always the preferred entry).
+
+ CFDictionaryRef chosenProxy = 0;
+ for (CFIndex i = 0; i < proxyArrayCount; ++i) {
+ CFDictionaryRef proxyInfo = static_cast<CFDictionaryRef>(CFArrayGetValueAtIndex(proxyArray.get(), i));
+ CFTypeRef proxyType = CFDictionaryGetValue(proxyInfo, kCFProxyTypeKey);
+ if (proxyType && CFGetTypeID(proxyType) == CFStringGetTypeID()) {
+ if (CFEqual(proxyType, kCFProxyTypeSOCKS)) {
+ m_connectionType = SOCKSProxy;
+ chosenProxy = proxyInfo;
+ break;
+ }
+ if (CFEqual(proxyType, kCFProxyTypeHTTPS)) {
+ m_connectionType = CONNECTProxy;
+ chosenProxy = proxyInfo;
+ // Keep looking for proxies, as a SOCKS one is preferable.
+ }
+ }
+ }
+
+ if (chosenProxy) {
+ ASSERT(m_connectionType != Unknown);
+ ASSERT(m_connectionType != Direct);
+
+ CFTypeRef proxyHost = CFDictionaryGetValue(chosenProxy, kCFProxyHostNameKey);
+ CFTypeRef proxyPort = CFDictionaryGetValue(chosenProxy, kCFProxyPortNumberKey);
+
+ if (proxyHost && CFGetTypeID(proxyHost) == CFStringGetTypeID() && proxyPort && CFGetTypeID(proxyPort) == CFNumberGetTypeID()) {
+ m_proxyHost = static_cast<CFStringRef>(proxyHost);
+ m_proxyPort = static_cast<CFNumberRef>(proxyPort);
+ return;
+ }
+ }
+#else // BUILDING_ON_TIGER
+ // FIXME: check proxy bypass list and ExcludeSimpleHostnames.
+ // FIXME: Support PAC files.
+
+ CFTypeRef socksEnableCF = CFDictionaryGetValue(proxyDictionary.get(), kSCPropNetProxiesSOCKSEnable);
+ int socksEnable;
+ if (socksEnableCF && CFGetTypeID(socksEnableCF) == CFNumberGetTypeID() && CFNumberGetValue(static_cast<CFNumberRef>(socksEnableCF), kCFNumberIntType, &socksEnable) && socksEnable) {
+ CFTypeRef proxyHost = CFDictionaryGetValue(proxyDictionary.get(), kSCPropNetProxiesSOCKSProxy);
+ CFTypeRef proxyPort = CFDictionaryGetValue(proxyDictionary.get(), kSCPropNetProxiesSOCKSPort);
+ if (proxyHost && CFGetTypeID(proxyHost) == CFStringGetTypeID() && proxyPort && CFGetTypeID(proxyPort) == CFNumberGetTypeID()) {
+ m_proxyHost = static_cast<CFStringRef>(proxyHost);
+ m_proxyPort = static_cast<CFNumberRef>(proxyPort);
+ m_connectionType = SOCKSProxy;
+ return;
+ }
+ }
+
+ CFTypeRef httpsEnableCF = CFDictionaryGetValue(proxyDictionary.get(), kSCPropNetProxiesHTTPSEnable);
+ int httpsEnable;
+ if (httpsEnableCF && CFGetTypeID(httpsEnableCF) == CFNumberGetTypeID() && CFNumberGetValue(static_cast<CFNumberRef>(httpsEnableCF), kCFNumberIntType, &httpsEnable) && httpsEnable) {
+ CFTypeRef proxyHost = CFDictionaryGetValue(proxyDictionary.get(), kSCPropNetProxiesHTTPSProxy);
+ CFTypeRef proxyPort = CFDictionaryGetValue(proxyDictionary.get(), kSCPropNetProxiesHTTPSPort);
+
+ if (proxyHost && CFGetTypeID(proxyHost) == CFStringGetTypeID() && proxyPort && CFGetTypeID(proxyPort) == CFNumberGetTypeID()) {
+ m_proxyHost = static_cast<CFStringRef>(proxyHost);
+ m_proxyPort = static_cast<CFNumberRef>(proxyPort);
+ m_connectionType = CONNECTProxy;
+ return;
+ }
+ }
+#endif
+
m_connectionType = Direct;
}
@@ -97,7 +199,29 @@ void SocketStreamHandle::createStreams()
m_readStream.adoptCF(readStream);
m_writeStream.adoptCF(writeStream);
- // FIXME: Apply proxy information to streams.
+ switch (m_connectionType) {
+ case Unknown:
+ ASSERT_NOT_REACHED();
+ break;
+ case Direct:
+ break;
+ case SOCKSProxy: {
+ // FIXME: SOCKS5 doesn't do challenge-response, should we try to apply credentials from Keychain right away?
+ // But SOCKS5 credentials don't work at the time of this writing anyway, see <rdar://6776698>.
+ const void* proxyKeys[] = { kCFStreamPropertySOCKSProxyHost, kCFStreamPropertySOCKSProxyPort };
+ const void* proxyValues[] = { m_proxyHost.get(), m_proxyPort.get() };
+ RetainPtr<CFDictionaryRef> connectDictionary(AdoptCF, CFDictionaryCreate(0, proxyKeys, proxyValues, sizeof(proxyKeys) / sizeof(*proxyKeys), &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
+ CFReadStreamSetProperty(m_readStream.get(), kCFStreamPropertySOCKSProxy, connectDictionary.get());
+ break;
+ }
+ case CONNECTProxy: {
+ const void* proxyKeys[] = { kCFStreamPropertyCONNECTProxyHost, kCFStreamPropertyCONNECTProxyPort };
+ const void* proxyValues[] = { m_proxyHost.get(), m_proxyPort.get() };
+ RetainPtr<CFDictionaryRef> connectDictionary(AdoptCF, CFDictionaryCreate(0, proxyKeys, proxyValues, sizeof(proxyKeys) / sizeof(*proxyKeys), &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
+ CFReadStreamSetProperty(m_readStream.get(), kCFStreamPropertyCONNECTProxy, connectDictionary.get());
+ break;
+ }
+ }
if (shouldUseSSL()) {
const void* keys[] = { kCFStreamSSLPeerName, kCFStreamSSLLevel };
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list