curl/curl
1
1
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-09-16 17:12:43 +03:00
Code Issues Packages Projects Releases Wiki Activity

haxproxy: send before TLS handhshake

Browse Source 
- reverse order of haproxy and final ssl cfilter

- make haproxy avaiable on PROXY builds, independent of HTTP support as
  it can be used with any protocol.

Reported-by: Sergio-IME on github
Fixes #10165
Closes #10167
This commit is contained in:
Stefan Eissing 2022-12-27 12:10:45 +01:00 committed by Daniel Stenberg
parent 1971a861bd
commit db5f833cc7
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
3 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/cfilters.c
View File

@ -319,7 +319,14 @@ CURLcode Curl_conn_setup(struct Curl_easy *data,
if(result) if(result)
goto out; goto out;
} }
}
#endif /* !CURL_DISABLE_HTTP */ #endif /* !CURL_DISABLE_HTTP */
/* HAProxy protocol comes *before* SSL, see #10165 */
if(data->set.haproxyprotocol) {
result = Curl_conn_haproxy_add(data, conn, sockindex);
if(result)
goto out;
} }
#endif /* !CURL_DISABLE_PROXY */ #endif /* !CURL_DISABLE_PROXY */
@ -335,14 +342,6 @@ CURLcode Curl_conn_setup(struct Curl_easy *data,
(void)ssl_mode; (void)ssl_mode;
#endif /* USE_SSL */ #endif /* USE_SSL */
#if !defined(CURL_DISABLE_PROXY) && !defined(CURL_DISABLE_HTTP)
if(data->set.haproxyprotocol) {
result = Curl_conn_haproxy_add(data, conn, sockindex);
if(result)
goto out;
}
#endif /* !CURL_DISABLE_PROXY && !CURL_DISABLE_HTTP */
} }
DEBUGASSERT(conn->cfilter[sockindex]); DEBUGASSERT(conn->cfilter[sockindex]);
cf = data->conn->cfilter[sockindex]; cf = data->conn->cfilter[sockindex];

5
lib/http_proxy.c
View File

@ -1195,6 +1195,9 @@ CURLcode Curl_conn_http_proxy_add(struct Curl_easy *data,
return result; return result;
} }
#endif /* !CURL_DISABLE_PROXY &6 ! CURL_DISABLE_HTTP */
#if !defined(CURL_DISABLE_PROXY)
static CURLcode send_haproxy_header(struct Curl_cfilter*cf, static CURLcode send_haproxy_header(struct Curl_cfilter*cf,
struct Curl_easy *data) struct Curl_easy *data)
@ -1280,4 +1283,4 @@ CURLcode Curl_conn_haproxy_add(struct Curl_easy *data,
return result; return result;
} }
#endif /* !CURL_DISABLE_PROXY &6 ! CURL_DISABLE_HTTP */ #endif /* !CURL_DISABLE_PROXY */

6
lib/http_proxy.h
View File

@ -27,19 +27,21 @@
#include "curl_setup.h" #include "curl_setup.h"
#include "urldata.h" #include "urldata.h"
#if !defined(CURL_DISABLE_PROXY) && !defined(CURL_DISABLE_HTTP) #if !defined(CURL_DISABLE_PROXY)
#if !defined(CURL_DISABLE_HTTP)
/* Default proxy timeout in milliseconds */ /* Default proxy timeout in milliseconds */
#define PROXY_TIMEOUT (3600*1000) #define PROXY_TIMEOUT (3600*1000)
CURLcode Curl_conn_http_proxy_add(struct Curl_easy *data, CURLcode Curl_conn_http_proxy_add(struct Curl_easy *data,
struct connectdata *conn, struct connectdata *conn,
int sockindex); int sockindex);
#endif /* !CURL_DISABLE_HTTP */
CURLcode Curl_conn_haproxy_add(struct Curl_easy *data, CURLcode Curl_conn_haproxy_add(struct Curl_easy *data,
struct connectdata *conn, struct connectdata *conn,
int sockindex); int sockindex);
#endif /* !CURL_DISABLE_PROXY && !CURL_DISABLE_HTTP */ #endif /* !CURL_DISABLE_PROXY */
#endif /* HEADER_CURL_HTTP_PROXY_H */ #endif /* HEADER_CURL_HTTP_PROXY_H */