From patchwork Fri Aug 21 08:29:25 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Moritz Barsnick X-Patchwork-Id: 21787 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id B7AEC44A116 for ; Fri, 21 Aug 2020 11:29:34 +0300 (EEST) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 992BE68B5F4; Fri, 21 Aug 2020 11:29:34 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id CEAA96899D2 for ; Fri, 21 Aug 2020 11:29:27 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1597998567; bh=5sBVnrDjOwvOH0VufKNuL3wjrzZ9ufQsiNF0VHBEvB8=; h=X-UI-Sender-Class:Date:From:To:Subject:References:In-Reply-To; b=JYQFStZQUNJRRqTi3OgwypOEangGvk/0NZyX1sTM0hIBtKnU3jTbDQhZj8CWhpgEx 8YwqSoG4h8yGr+BkqeCNjFvOJTwCt2npxADMAxgka8cSO2wQ5wsXtY0+i9ckDP+2+q IbsZOW14VjkYNozBBrmsyVSn53eZtur83zGT9rcc= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from sunshine.barsnick.net ([89.182.225.41]) by mail.gmx.com (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MwwZX-1ksMqz49WN-00yTv6; Fri, 21 Aug 2020 10:29:27 +0200 Date: Fri, 21 Aug 2020 10:29:25 +0200 From: Moritz Barsnick To: FFmpeg development discussions and patches Message-ID: <20200821082925.GP4729@sunshine.barsnick.net> References: <20200820165050.GI4729@sunshine.barsnick.net> <20200820194831.GL4729@sunshine.barsnick.net> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Provags-ID: V03:K1:qiN9zIgwFNqVT0mGMf9QrtU3shyUlFafn4ekKHiKGdulNAVXpkJ f3S/uCHIFjFftaqQ6DLXdsVlpeANjaB6w9/bPBW8NvYTAXj9KSI5rRa44pvSsNu9gsAJQuQ MUScKfI4UJOOMKpvp7a0mJrzKF2AvSSLC0Lf8EA3h3HPtWKGMJxf/V3sEWxTlFacD36J43B Gqd3dG5bsQAuK6MIHJPAg== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:kcZLmdkTJkI=:qb08NUPmtkUkvHTJWmJ2AN ZA2wrRAE3quYzrvxHPhlDt/f7j2LUPFAfOxHN/++XFXxM2pbs/BfktQlwwLf/ZSieYj4zpUEc NyagOP2hwnc2gJ4rud3GY7N2J4fpwL/FKJ5jHbEv1gZLKNzMxQ6NtQa1/IkerCaq4MDfzM0E3 Mxm/7+2uNrmZh1mvDFc35cWyUq8iLCC2Vfxxd9Qv0UrbOOgO/PS6Ij5ekFIdyYGO8PzHBcIjz enkavTznHkM4dHsRe+lZvZTmiIRpE239pyYZH93+0kO/zl6poygTgmQBHLeMVYleRc4SMHA1E Y1iz1WxCkZuH0tqMkPV3llgfM7wwNkwAeLp7J05GpnttJDfcXTFvAsY0jBj8YVBf/WhwocLrt /Atowdqy0fQFpDJU0X5yHe7Ooq+QgKxYfD6ULSj4rLHpPky0fRbn5kn7xkdeckAlMubmGqfNX 5YeY4uP1SMV5+XDiA78stpaUw9n0yqnbD9/omoLnyUT/7C6OwrZs4/NDRkLmaCtfbQtp2oYBN DdRREubGb5pE5WLjAUrXFepN5vAIC6lMJ9gLDNxqIvwosQ8oXDHJxBb3zqrkaktdrvPQl+/QZ 3fRUp1tqQdDLMiEjk2kGR1qMgprssLhyS/ubi2SYoR9GrTnZ9KG3W4HukNIfrn+3cfE9jVJfR eLLsHLICn35TnJ4d7wpZEHw4+IvZpsrrOGfYmeDQVQ9b+Fzb5bQNThATI6TJdIt1qp3LQsbRg CNSK1qF7afqbe3Pz/FGyf6BuqJ5xHSeqNMlcr+MR7qbReMYD75Wf6gQaq3Mk1bojhA4axWSbR hrswmAuyk4Uo1lQ9GyeI15Cgn7HxOOY/geKg6rku6Vd0ggs9fMlLzi07jxn0KUSE6Q4UBsro8 MCSWoXJhBzhuLahlfxrZh+yd7dFCKFhoXXw9tvktW7T222eBmupDi5VbE+UjrBYtQ1ouW9FF9 lRiUPLUncr2yAcXmSVG8ZFCPiOp6KaMyqql9yi3VdfUS/YLzY3otCrogiOK/Mhd0StVmf5N+E KJI2quNfFpzYYO3I0pQlHbqn2K4XTjTj9YiH3VuGCBn89+M8ib+n0WRsRUBVIowuv3gQ2DJ8H 026hTEFVfmlzeK2T2dQGfzWRgCwWJdpkizKvsKm0pvIK4Q4mLTeFdU/c825tZBY0J9DFDwVZ7 +eIpk40K/RAqkjt57v5cguf45FQv3SeIX0mE3yqyQn0C6dfI27LLgb/lvanlwl0JdOHbLw07r EQEHZQ8TpjE/Kb5zvEI6UVfKL4rdniG8oLFqSow== Subject: [FFmpeg-devel] [PATCH v2] avformat/http, tls: honor http_proxy command line variable for HTTPS X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Patch version 2 attached, with added documentation. Moritz From 2f2a43e4c684cd4bfda420bbedf5125dd78b3b34 Mon Sep 17 00:00:00 2001 From: Moritz Barsnick Date: Thu, 20 Aug 2020 17:49:14 +0200 Subject: [PATCH] avformat/http,tls: honor http_proxy command line variable for HTTPS Add the "http_proxy" option and its handling to the "tls" protocol, pass the option from the "https" protocol. The "https" protocol already defines the "http_proxy" command line option, like the "http" protocol does. The "http" protocol properly honors that command line option in addition to the environment variable. The "https" protocol doesn't, because the proxy is evaluated in the underlying "tls" protocol, which doesn't have this option, and thus only handles the environment variable, which it has access to. Fixes #7223. Signed-off-by: Moritz Barsnick --- doc/protocols.texi | 4 ++++ libavformat/http.c | 6 ++++++ libavformat/tls.c | 2 +- libavformat/tls.h | 2 ++ 4 files changed, 13 insertions(+), 1 deletion(-) -- 2.26.2 diff --git a/doc/protocols.texi b/doc/protocols.texi index 7b3df96fda..603943023c 100644 --- a/doc/protocols.texi +++ b/doc/protocols.texi @@ -1708,6 +1708,10 @@ A file containing the private key for the certificate. If enabled, listen for connections on the provided port, and assume the server role in the handshake instead of the client role. +@item http_proxy +The HTTP proxy to tunnel through, e.g. @code{http://example.com:1234}. +The proxy must support the CONNECT method. + @end table Example command lines: diff --git a/libavformat/http.c b/libavformat/http.c index 6c39da1a8b..21584bdce9 100644 --- a/libavformat/http.c +++ b/libavformat/http.c @@ -213,6 +213,12 @@ static int http_open_cnx_internal(URLContext *h, AVDictionary **options) use_proxy = 0; if (port < 0) port = 443; + /* pass http_proxy to underlying protocol */ + if (s->http_proxy) { + err = av_dict_set(options, "http_proxy", s->http_proxy, 0); + if (err < 0) + return err; + } } if (port < 0) port = 80; diff --git a/libavformat/tls.c b/libavformat/tls.c index 10e0792e29..302c0f8d59 100644 --- a/libavformat/tls.c +++ b/libavformat/tls.c @@ -89,7 +89,7 @@ int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AV if (!c->host && !(c->host = av_strdup(c->underlying_host))) return AVERROR(ENOMEM); - proxy_path = getenv("http_proxy"); + proxy_path = c->http_proxy ? c->http_proxy : getenv("http_proxy"); use_proxy = !ff_http_match_no_proxy(getenv("no_proxy"), c->underlying_host) && proxy_path && av_strstart(proxy_path, "http://", NULL); diff --git a/libavformat/tls.h b/libavformat/tls.h index beb19d6d55..0c52ff3be6 100644 --- a/libavformat/tls.h +++ b/libavformat/tls.h @@ -34,6 +34,7 @@ typedef struct TLSShared { int listen; char *host; + char *http_proxy; char underlying_host[200]; int numerichost; @@ -49,6 +50,7 @@ typedef struct TLSShared { {"cert_file", "Certificate file", offsetof(pstruct, options_field . cert_file), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \ {"key_file", "Private key file", offsetof(pstruct, options_field . key_file), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \ {"listen", "Listen for incoming connections", offsetof(pstruct, options_field . listen), AV_OPT_TYPE_INT, { .i64 = 0 }, 0, 1, .flags = TLS_OPTFL }, \ + {"http_proxy", "set proxy to tunnel through when using HTTPS", offsetof(pstruct, options_field . http_proxy), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL }, \ {"verifyhost", "Verify against a specific hostname", offsetof(pstruct, options_field . host), AV_OPT_TYPE_STRING, .flags = TLS_OPTFL } int ff_tls_open_underlying(TLSShared *c, URLContext *parent, const char *uri, AVDictionary **options);