From 97f0c6be463bd83764e0e5d76e79f1831ef29df0 Mon Sep 17 00:00:00 2001 From: Senthil Kumaran Date: Sat, 25 Jul 2009 04:24:38 +0000 Subject: Fixed Issue1424152 in Py3k: urllib2 fails with HTTPS over Proxy. --- Doc/library/http.client.rst | 6 ++++++ Lib/http/client.py | 30 ++++++++++++++++++++++++++++++ Lib/test/test_urllib2.py | 17 +++++++++++++++++ Lib/urllib/request.py | 15 ++++++++++++--- Misc/NEWS | 3 +++ 5 files changed, 68 insertions(+), 3 deletions(-) diff --git a/Doc/library/http.client.rst b/Doc/library/http.client.rst index 3632242..3d37c1b 100644 --- a/Doc/library/http.client.rst +++ b/Doc/library/http.client.rst @@ -386,6 +386,12 @@ HTTPConnection Objects .. versionadded:: 2.7 +.. method:: HTTPConnection.set_tunnel(host, port=None) + + Set the host and the port for HTTP Connect Tunnelling. Normally used when it + is required to a HTTPS Connection through a proxy server. + + .. versionadded:: 3.1 .. method:: HTTPConnection.connect() diff --git a/Lib/http/client.py b/Lib/http/client.py index cef942f..496c89a 100644 --- a/Lib/http/client.py +++ b/Lib/http/client.py @@ -644,11 +644,17 @@ class HTTPConnection: self.__response = None self.__state = _CS_IDLE self._method = None + self._tunnel_host = None + self._tunnel_port = None self._set_hostport(host, port) if strict is not None: self.strict = strict + def set_tunnel(self, host, port=None): + self._tunnel_host = host + self._tunnel_port = port + def _set_hostport(self, host, port): if port is None: i = host.rfind(':') @@ -669,10 +675,29 @@ class HTTPConnection: def set_debuglevel(self, level): self.debuglevel = level + def _tunnel(self): + self._set_hostport(self._tunnel_host, self._tunnel_port) + connect_str = "CONNECT %s:%d HTTP/1.0\r\n\r\n" %(self.host, self.port) + connect_bytes = connect_str.encode("ascii") + self.send(connect_bytes) + response = self.response_class(self.sock, strict = self.strict, + method= self._method) + (version, code, message) = response._read_status() + if code != 200: + self.close() + raise socket.error("Tunnel connection failed: %d %s" % (code, + message.strip())) + while True: + line = response.fp.readline() + if line == b'\r\n': + break + def connect(self): """Connect to the host and port specified in __init__.""" self.sock = socket.create_connection((self.host,self.port), self.timeout) + if self._tunnel_host: + self._tunnel() def close(self): """Close the connection to the HTTP server.""" @@ -1008,6 +1033,11 @@ else: sock = socket.create_connection((self.host, self.port), self.timeout) + + if self._tunnel_host: + self.sock = sock + self._tunnel() + self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file) diff --git a/Lib/test/test_urllib2.py b/Lib/test/test_urllib2.py index 7efa1d8..8093f0e 100644 --- a/Lib/test/test_urllib2.py +++ b/Lib/test/test_urllib2.py @@ -947,6 +947,23 @@ class HandlerTests(unittest.TestCase): self.assertEqual([(handlers[0], "http_open")], [tup[0:2] for tup in o.calls]) + def test_proxy_https(self): + o = OpenerDirector() + ph = urllib.request.ProxyHandler(dict(https="proxy.example.com:3128")) + o.add_handler(ph) + meth_spec = [ + [("https_open", "return response")] + ] + handlers = add_ordered_mock_handlers(o, meth_spec) + + req = Request("https://www.example.com/") + self.assertEqual(req.get_host(), "www.example.com") + r = o.open(req) + self.assertEqual(req.get_host(), "proxy.example.com:3128") + self.assertEqual([(handlers[0], "https_open")], + [tup[0:2] for tup in o.calls]) + + def test_basic_auth(self, quote_char='"'): opener = OpenerDirector() password_manager = MockPasswordManager() diff --git a/Lib/urllib/request.py b/Lib/urllib/request.py index b133fe4..6bc386b 100644 --- a/Lib/urllib/request.py +++ b/Lib/urllib/request.py @@ -163,6 +163,7 @@ class Request: self.full_url = unwrap(url) self.data = data self.headers = {} + self._tunnel_host = None for key, value in headers.items(): self.add_header(key, value) self.unredirected_hdrs = {} @@ -218,8 +219,12 @@ class Request: # End deprecated methods def set_proxy(self, host, type): - self.host, self.type = host, type - self.selector = self.full_url + if self.type == 'https' and not self._tunnel_host: + self._tunnel_host = self.host + else: + self.type= type + self.selector = self.full_url + self.host = host def has_proxy(self): return self.selector == self.full_url @@ -659,7 +664,7 @@ class ProxyHandler(BaseHandler): req.add_header('Proxy-authorization', 'Basic ' + creds) hostport = unquote(hostport) req.set_proxy(hostport, proxy_type) - if orig_type == proxy_type: + if orig_type == proxy_type or orig_type == 'https': # let other handlers take care of it return None else: @@ -1041,6 +1046,10 @@ class AbstractHTTPHandler(BaseHandler): # request. headers["Connection"] = "close" headers = dict((name.title(), val) for name, val in headers.items()) + + if req._tunnel_host: + h.set_tunnel(req._tunnel_host) + try: h.request(req.get_method(), req.selector, req.data, headers) r = h.getresponse() # an HTTPResponse instance diff --git a/Misc/NEWS b/Misc/NEWS index 2306861..558ab29 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -60,6 +60,9 @@ C-API Library ------- +- Issue #1424152: Fix for httplib, urllib2 to support SSL while working through + proxy. Original patch by Christopher Li, changes made by Senthil Kumaran + - Add importlib.abc.ExecutionLoader to represent the PEP 302 protocol for loaders that allow for modules to be executed. Both importlib.abc.PyLoader and PyPycLoader inherit from this class and provide implementations in -- cgit v0.12