The tls protocol handles connections via proxies internally.
With TLS/SSL, the peer verification requires that the client
speaks directly with the server, since the proxy doesn't have
the remote server's private key.
Signed-off-by: Martin Storsjö <martin@martin.st>
This opens a plain TCP connection through the proxy via the
CONNECT HTTP method. Normally, this is allowed for connections
on port 443, but can in general be used to allow connections
to any port (depending on proxy configuration), and could thus
be used to tunnel any TCP connection via a HTTP proxy.
Signed-off-by: Martin Storsjö <martin@martin.st>
Tested with both Basic and Digest authentication, and tested with
both proxy authentication and authentication for the requested
resource at the same time.
Signed-off-by: Martin Storsjö <martin@martin.st>
The error was hidden before, to avoid showing an error on the
first request where no auth has been provided, when the server
indicates which authentication method to use.
Now the error is printed if an authentication method was used,
but failed.
Signed-off-by: Martin Storsjö <martin@martin.st>
The chunksize internal variable has two different uses - for
reading, it's the amount of data left of the current chunk
(or -1 if the server doesn't send data in chunked mode), where
it's only an internal state variable. For writing, it's used
to decide whether to enable chunked encoding (by default), by
using the value 0, or disable chunked encoding (value -1).
This, while consistent, doesn't make much sense to expose
as an AVOption. This splits the usage of the internal variable
into two variables, chunksize which is used for reading (as
before), and chunked_post which is the user-settable option,
with the values 0 and 1, where 1 is default.
Signed-off-by: Martin Storsjö <martin@martin.st>
All current usages of it are incompatible with localization.
For example strcasecmp("i", "I") != 0 is possible, but would
break many of the places where it is used.
Instead use our own implementations that always treat the data
as ASCII.
Signed-off-by: Martin Storsjö <martin@martin.st>
The initial request contains "Range: 0-", which servers normally
have responded with "HTTP/1.1 206 Partial Content" reply with
a Content-Range header, which was used as indicator for seekability.
Apache, since 2.2.20, responds with "HTTP/1.1 200 OK" for these
requests, which is more friendly to caches and proxies, but the
seekability still is indicated via the Accept-Ranges: bytes header.
Signed-off-by: Martin Storsjö <martin@martin.st>
Make AVIO_FLAG_ access constants work as flags, and in particular fix
the behavior of functions (such as avio_check()) which expect them to
be flags rather than modes.
This breaks API.
Amazon S3 sends header field names all lowercase.
This is actually acceptable according to the HTTP standard.
http://tools.ietf.org/html/rfc2616#section-4.2
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
ff_url_split() is retained as an alias, as it was used by ffserver,
to avoid breaking ABI compatibility with it.
Originally committed as revision 23822 to svn://svn.ffmpeg.org/ffmpeg/trunk
Also make the RTSP protocol use url_alloc and url_connect instead of relying
on the delay open behaviour.
Originally committed as revision 23710 to svn://svn.ffmpeg.org/ffmpeg/trunk