From: Fabian Keil <fk@fabiankeil.de>
Date: Sat, 3 Oct 2020 11:53:17 +0000 (+0200)
Subject: Add support for Websockets with https inspection enabled
X-Git-Tag: v_3_0_29~52
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/faq/@default-cgi@/developer-manual/static/@default-cgi@show-url-info?a=commitdiff_plain;h=57702318b095358ffe8fa3a99ec330d7aed3fca3;p=privoxy.git
Add support for Websockets with https inspection enabled
Set the CT_TABOO flag in case of status code 101 and
continue shuffling data around until one of the sockets
gets closed.
---
diff --git a/jcc.c b/jcc.c
index bb57dedb..dbc5e115 100644
--- a/jcc.c
+++ b/jcc.c
@@ -2841,6 +2841,37 @@ static void handle_established_connection(struct client_state *csp)
#ifdef FEATURE_HTTPS_INSPECTION
if (client_use_ssl(csp))
{
+ if (csp->http->status == 101)
+ {
+ len = ssl_recv_data(&(csp->ssl_client_attr),
+ (unsigned char *)csp->receive_buffer,
+ (size_t)max_bytes_to_read);
+ if (len == -1)
+ {
+ log_error(LOG_LEVEL_ERROR, "Failed to receive data "
+ "on client socket %d for an upgraded connection",
+ csp->cfd);
+ break;
+ }
+ if (len == 0)
+ {
+ log_error(LOG_LEVEL_CONNECT, "Done receiving data "
+ "on client socket %d for an upgraded connection",
+ csp->cfd);
+ break;
+ }
+ byte_count += (unsigned long long)len;
+ len = ssl_send_data(&(csp->ssl_server_attr),
+ (unsigned char *)csp->receive_buffer, (size_t)len);
+ if (len == -1)
+ {
+ log_error(LOG_LEVEL_ERROR, "Failed to send data "
+ "on server socket %d for an upgraded connection",
+ csp->server_connection.sfd);
+ break;
+ }
+ continue;
+ }
log_error(LOG_LEVEL_CONNECT, "Breaking with TLS/SSL.");
break;
}
diff --git a/parsers.c b/parsers.c
index 06f1ae8b..3f704deb 100644
--- a/parsers.c
+++ b/parsers.c
@@ -4067,7 +4067,8 @@ static jb_err server_http(struct client_state *csp, char **header)
return JB_ERR_PARSE;
}
- if (csp->http->status == 206)
+ if (csp->http->status == 101 ||
+ csp->http->status == 206)
{
csp->content_type = CT_TABOO;
}