*) Bugfix for Blacklist support for https (only initial connect)

See: http://www.yacy-forum.de/viewtopic.php?p=9419 git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@684 6c8d7289-2bf4-0310-a012-ef5d649a1542
19 years ago · 7809b382bf
parent d666630bad
commit 7809b382bf
2 changed files with 30 additions and 22 deletions
--- a/source/de/anomic/http/httpd.java
+++ b/source/de/anomic/http/httpd.java
@ -695,14 +695,10 @@ public final class httpd implements serverHandler {
            httpVersion = arg.substring(pos + 1);
            arg = arg.substring(0, pos);
        }
+        prop.setProperty(httpd.CONNECTION_PROP_HTTP_VER, httpVersion);
        
-        if (!(allowProxy)) {
-            // not authorized through firewall blocking (ip does not match filter)
-            session.out.write((httpVersion + " 403 refused (IP not granted)" + serverCore.crlfString + serverCore.crlfString + "you are not allowed to connect to this proxy, because you are using the non-granted IP " + clientIP + ". allowed are only connections that match with the following filter: " + switchboard.getConfig("proxyClient", "*") + serverCore.crlfString).getBytes());
-            return serverCore.TERMINATE_CONNECTION;
-        }
-        
-        // parse port
+        // parse hostname and port
+        prop.setProperty(httpd.CONNECTION_PROP_HOST, arg);
        pos = arg.indexOf(":");
        int port = 443;
        if (pos >= 0) {
@ -710,11 +706,22 @@ public final class httpd implements serverHandler {
            arg = arg.substring(0, pos);
        }       
        
-        // arg is now the host string
+        // setting other connection properties
+        prop.setProperty(httpd.CONNECTION_PROP_CLIENTIP, this.clientIP);
+        prop.setProperty(httpd.CONNECTION_PROP_METHOD, httpHeader.METHOD_CONNECT);
+        prop.setProperty(httpd.CONNECTION_PROP_PATH, "/");
+        prop.setProperty(httpd.CONNECTION_PROP_EXT, "");
+        prop.setProperty(httpd.CONNECTION_PROP_URL, "");        
        
        // parse remaining lines
        httpHeader header = readHeader();                
        
+        if (!(allowProxy)) {
+            // not authorized through firewall blocking (ip does not match filter)          
+            session.out.write((httpVersion + " 403 refused (IP not granted)" + serverCore.crlfString + serverCore.crlfString + "you are not allowed to connect to this proxy, because you are using the non-granted IP " + clientIP + ". allowed are only connections that match with the following filter: " + switchboard.getConfig("proxyClient", "*") + serverCore.crlfString).getBytes());
+            return serverCore.TERMINATE_CONNECTION;
+        }        
+        
        if (port != 443) {
            // security: connection only to ssl port
            // we send a 403 (forbidden) error back
@ -723,12 +730,6 @@ public final class httpd implements serverHandler {
            return serverCore.TERMINATE_CONNECTION;
        }
        
-        // prepare to pass values
-        Properties prop = new Properties();
-        prop.setProperty("HOST", arg);
-        prop.setProperty("PORT", Integer.toString(port));
-        prop.setProperty("HTTP", httpVersion);
-        
        // pass to proxy
        if (allowProxy) {
            if (handleProxyAuthentication(header)) {
@ -1119,8 +1120,9 @@ public final class httpd implements serverHandler {
            
            // generating the desired request url
            String host = conProp.getProperty(httpd.CONNECTION_PROP_HOST);
-            String path = conProp.getProperty(httpd.CONNECTION_PROP_PATH);
+            String path = conProp.getProperty(httpd.CONNECTION_PROP_PATH,"/");
            String args = conProp.getProperty(httpd.CONNECTION_PROP_ARGS);
+            String method = conProp.getProperty(httpd.CONNECTION_PROP_METHOD);
            
            int port = 80, pos = host.indexOf(":");        
            if (pos != -1) {
@ -1130,7 +1132,7 @@ public final class httpd implements serverHandler {
            
            String urlString;
            try {
-                urlString = (new URL("http", host, port, (args == null) ? path : path + "?" + args)).toString();
+                urlString = (new URL((method.equals(httpHeader.METHOD_CONNECT)?"https":"http"), host, port, (args == null) ? path : path + "?" + args)).toString();
            } catch (MalformedURLException e) {
                urlString = "invalid URL"; 
            }            
--- a/source/de/anomic/http/httpdProxyHandler.java
+++ b/source/de/anomic/http/httpdProxyHandler.java
@ -1014,11 +1014,17 @@ public final class httpdProxyHandler extends httpdAbstractHandler implements htt
        this.connectionProperties = conProp;
        switchboard.proxyLastAccess = System.currentTimeMillis();
        
-        String host = conProp.getProperty("HOST");
-        int    port = Integer.parseInt(conProp.getProperty("PORT"));
-        String httpVersion = conProp.getProperty("HTTP");
+        String host = conProp.getProperty(httpd.CONNECTION_PROP_HOST);
+        String httpVersion = conProp.getProperty(httpd.CONNECTION_PROP_HTTP_VER);
        int timeout = Integer.parseInt(switchboard.getConfig("clientTimeout", "10000"));
        
+        int port, pos;
+        if ((pos = host.indexOf(":")) < 0) {
+            port = 80;
+        } else {
+            port = Integer.parseInt(host.substring(pos + 1));
+            host = host.substring(0, pos);
+        }                
        
        // check the blacklist
        // blacklist idea inspired by [AS]: