When passing a dict to the nested protocol, it will consume
the used options from it, so a separate copy needs to be used
when reopening the connection multiple times.
Signed-off-by: Martin Storsjö <martin@martin.st>
Derived from VLC's http module.
Original authors:
Antoine Cellerier <dionoea@videolan.org>
Sébastien Escudier <sebastien-devel@celeos.eu>
Rémi Duraffort <ivoire@videolan.org>
Rémi Denis-Courmont <remi@remlab.net>
Francois Cartegnie <fcvlcdev@free.fr>
Normally, http servers shouldn't send this to us since we
don't advertise it with an Accept-Encoding header, but some
servers still do it anyway.
Signed-off-by: Martin Storsjö <martin@martin.st>
The handling of the environment variable no_proxy, present since
one of the initial commits (de6d9b6404), is inconsistent with
how many other applications and libraries interpret this
variable. Its bare presence does not indicate that the use of
proxies should be skipped, but it is some sort of pattern for
hosts that does not need using a proxy (e.g. for a local network).
As investigated by Rudolf Polzer, different libraries handle this
in different ways, some supporting IP address masks, some supporting
arbitrary globbing using *, some just checking that the pattern matches
the end of the hostname without regard for whether it actually is
the right domain or a domain that ends in the same string.
This simple logic should be pretty similar to the logic used by
lynx and curl.
Signed-off-by: Martin Storsjö <martin@martin.st>
Use the MAX_URL_SIZE define where applicable. Increase buffer
sizes for all buffers that need to fit a long pathname - buffers
that need to fit only the hostname (and other short strings, but
not the pathname - such as "headers" in http_connect) are kept
at 1024 bytes for now.
Also increase the max line length in http_read_header, since it
might need to contain a full url for Location: redirects.
Signed-off-by: Martin Storsjö <martin@martin.st>
This can happen if doing a new request using the same socket,
but the new request failed, which clears the urlcontext.
Signed-off-by: Martin Storsjö <martin@martin.st>
This fixes issues with opening http urls that have authentication
or redirects, introduced in commit e999b641.
Signed-off-by: Martin Storsjö <martin@martin.st>
Introduce ff_http_do_new_request(), a new function which sends a new
HTTP request, reusing the existing connection to the server.
Signed-off-by: Martin Storsjö <martin@martin.st>
Add a new AVOption 'multiple_requests', which indicates if we want
to use persistent connections (ie. Connection: keep-alive).
Signed-off-by: Martin Storsjö <martin@martin.st>
Allow up to 4 retries for normal requests, where both the
proxy and the target server might need to authenticate.
Signed-off-by: Martin Storsjö <martin@martin.st>
This definition is in two files, since the definitions will move
to the private header at the next bump.
Signed-off-by: Martin Storsjö <martin@martin.st>
This string will be passed to ff_http_auth_create_response
even if no proxy is used, resulting in reading uninitialized
memory. The other auth string is always initialized by
av_url_split.
Signed-off-by: Martin Storsjö <martin@martin.st>
The tls protocol handles connections via proxies internally.
With TLS/SSL, the peer verification requires that the client
speaks directly with the server, since the proxy doesn't have
the remote server's private key.
Signed-off-by: Martin Storsjö <martin@martin.st>
This opens a plain TCP connection through the proxy via the
CONNECT HTTP method. Normally, this is allowed for connections
on port 443, but can in general be used to allow connections
to any port (depending on proxy configuration), and could thus
be used to tunnel any TCP connection via a HTTP proxy.
Signed-off-by: Martin Storsjö <martin@martin.st>
Tested with both Basic and Digest authentication, and tested with
both proxy authentication and authentication for the requested
resource at the same time.
Signed-off-by: Martin Storsjö <martin@martin.st>
The error was hidden before, to avoid showing an error on the
first request where no auth has been provided, when the server
indicates which authentication method to use.
Now the error is printed if an authentication method was used,
but failed.
Signed-off-by: Martin Storsjö <martin@martin.st>
The chunksize internal variable has two different uses - for
reading, it's the amount of data left of the current chunk
(or -1 if the server doesn't send data in chunked mode), where
it's only an internal state variable. For writing, it's used
to decide whether to enable chunked encoding (by default), by
using the value 0, or disable chunked encoding (value -1).
This, while consistent, doesn't make much sense to expose
as an AVOption. This splits the usage of the internal variable
into two variables, chunksize which is used for reading (as
before), and chunked_post which is the user-settable option,
with the values 0 and 1, where 1 is default.
Signed-off-by: Martin Storsjö <martin@martin.st>
All current usages of it are incompatible with localization.
For example strcasecmp("i", "I") != 0 is possible, but would
break many of the places where it is used.
Instead use our own implementations that always treat the data
as ASCII.
Signed-off-by: Martin Storsjö <martin@martin.st>
The initial request contains "Range: 0-", which servers normally
have responded with "HTTP/1.1 206 Partial Content" reply with
a Content-Range header, which was used as indicator for seekability.
Apache, since 2.2.20, responds with "HTTP/1.1 200 OK" for these
requests, which is more friendly to caches and proxies, but the
seekability still is indicated via the Accept-Ranges: bytes header.
Signed-off-by: Martin Storsjö <martin@martin.st>