From 0d7aad1b30de7e9deb8b3c7011d9b679e538371c Mon Sep 17 00:00:00 2001 From: Lars Magne Ingebrigtsen Date: Wed, 6 Apr 2016 18:36:18 +0200 Subject: [PATCH] Revert "Backport HTTPS proxy fix" This reverts commit 2d1a6054b161bd1055d4feb11c8c5ac95543f5db. It's too late in the Emacs 25 release cycle to add things like this to Emacs 25.1. It's border line new feature. --- etc/NEWS | 2 - lisp/url/url-http.el | 110 ++++++------------------------------------- 2 files changed, 15 insertions(+), 97 deletions(-) diff --git a/etc/NEWS b/etc/NEWS index 7ed617b7575..95265882ec3 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -933,8 +933,6 @@ variable, meaning you can bind it around an 'url-retrieve' call. plist will contain a :peer element that has the output of 'gnutls-peer-status' (if Emacs is built with GnuTLS support). -*** The URL package now support https over proxies supporting CONNECT. - ** Tramp +++ diff --git a/lisp/url/url-http.el b/lisp/url/url-http.el index 9548a1ffbe2..5832e92c5a3 100644 --- a/lisp/url/url-http.el +++ b/lisp/url/url-http.el @@ -26,7 +26,6 @@ ;;; Code: (require 'cl-lib) -(require 'nsm) (eval-when-compile (require 'subr-x)) @@ -136,8 +135,6 @@ request.") (507 insufficient-storage "Insufficient storage")) "The HTTP return codes and their text.") -(defconst url-https-default-port 443 "Default HTTPS port.") - ;(eval-when-compile ;; These are all macros so that they are hidden from external sight ;; when the file is byte-compiled. @@ -199,14 +196,7 @@ request.") ;; `url-open-stream' needs a buffer in which to do things ;; like authentication. But we use another buffer afterwards. (unwind-protect - (let ((proc (url-open-stream host buf - (if url-using-proxy - (url-host url-using-proxy) - host) - (if url-using-proxy - (url-port url-using-proxy) - port) - gateway-method))) + (let ((proc (url-open-stream host buf host port gateway-method))) ;; url-open-stream might return nil. (when (processp proc) ;; Drop the temp buffer link before killing the buffer. @@ -485,7 +475,6 @@ work correctly." ) (declare-function gnutls-peer-status "gnutls.c" (proc)) -(declare-function gnutls-negotiate "gnutls.el") (defun url-http-parse-headers () "Parse and handle HTTP specific headers. @@ -942,13 +931,7 @@ should be shown to the user." (erase-buffer) (let ((url-request-method url-http-method) (url-request-extra-headers url-http-extra-headers) - (url-request-data url-http-data) - (url-using-proxy (url-find-proxy-for-url - url-current-object - (url-host url-current-object)))) - (when url-using-proxy - (setq url-using-proxy - (url-generic-parse-url url-using-proxy))) + (url-request-data url-http-data)) (url-http url-current-object url-callback-function url-callback-arguments (current-buffer))))) ((url-http-parse-headers) @@ -1229,20 +1212,17 @@ overriding the value of `url-gateway-method'." (nsm-noninteractive (or url-request-noninteractive (and (boundp 'url-http-noninteractive) url-http-noninteractive))) - (connection (url-http-find-free-connection (url-host url) - (url-port url) - gateway-method)) + (connection (url-http-find-free-connection host port gateway-method)) (mime-accept-string url-mime-accept-string) (buffer (or retry-buffer (generate-new-buffer - (format " *http %s:%d*" (url-host url) (url-port url)))))) + (format " *http %s:%d*" host port))))) (if (not connection) ;; Failed to open the connection for some reason (progn (kill-buffer buffer) (setq buffer nil) - (error "Could not create connection to %s:%d" (url-host url) - (url-port url))) + (error "Could not create connection to %s:%d" host port)) (with-current-buffer buffer (mm-disable-multibyte) (setq url-current-object url @@ -1298,72 +1278,13 @@ overriding the value of `url-gateway-method'." (set-process-sentinel connection 'url-http-async-sentinel)) (`failed ;; Asynchronous connection failed - (error "Could not create connection to %s:%d" (url-host url) - (url-port url))) + (error "Could not create connection to %s:%d" host port)) (_ - (if (and url-http-proxy (string= "https" - (url-type url-current-object))) - (url-https-proxy-connect connection) - (set-process-sentinel connection - 'url-http-end-of-document-sentinel) - (process-send-string connection (url-http-create-request))))))) + (set-process-sentinel connection + 'url-http-end-of-document-sentinel) + (process-send-string connection (url-http-create-request)))))) buffer)) -(defun url-https-proxy-connect (connection) - (setq url-http-after-change-function 'url-https-proxy-after-change-function) - (process-send-string connection (format (concat "CONNECT %s:%d HTTP/1.1\r\n" - "Host: %s\r\n" - "\r\n") - (url-host url-current-object) - (or (url-port url-current-object) - url-https-default-port) - (url-host url-current-object)))) - -(defun url-https-proxy-after-change-function (st nd length) - (let* ((process-buffer (current-buffer)) - (proc (get-buffer-process process-buffer))) - (goto-char (point-min)) - (when (re-search-forward "^\r?\n" nil t) - (backward-char 1) - ;; Saw the end of the headers - (setq url-http-end-of-headers (set-marker (make-marker) (point))) - (url-http-parse-response) - (cond - ((null url-http-response-status) - ;; We got back a headerless malformed response from the - ;; server. - (url-http-activate-callback) - (error "Malformed response from proxy, fail!")) - ((= url-http-response-status 200) - (if (gnutls-available-p) - (condition-case e - (let ((tls-connection (gnutls-negotiate - :process proc - :hostname (url-host url-current-object) - :verify-error nil))) - ;; check certificate validity - (setq tls-connection - (nsm-verify-connection tls-connection - (url-host url-current-object) - (url-port url-current-object))) - (with-current-buffer process-buffer (erase-buffer)) - (set-process-buffer tls-connection process-buffer) - (setq url-http-after-change-function - 'url-http-wait-for-headers-change-function) - (set-process-filter tls-connection 'url-http-generic-filter) - (process-send-string tls-connection - (url-http-create-request))) - (gnutls-error - (url-http-activate-callback) - (error "gnutls-error: %s" e)) - (error - (url-http-activate-callback) - (error "error: %s" e))) - (error "error: gnutls support needed!"))) - (t - (url-http-activate-callback) - (message "error response: %d" url-http-response-status)))))) - (defun url-http-async-sentinel (proc why) ;; We are performing an asynchronous connection, and a status change ;; has occurred. @@ -1375,13 +1296,11 @@ overriding the value of `url-gateway-method'." (url-http-end-of-document-sentinel proc why)) ((string= (substring why 0 4) "open") (setq url-http-connection-opened t) - (if (and url-http-proxy (string= "https" (url-type url-current-object))) - (url-https-proxy-connect proc) - (condition-case error - (process-send-string proc (url-http-create-request)) - (file-error - (setq url-http-connection-opened nil) - (message "HTTP error: %s" error))))) + (condition-case error + (process-send-string proc (url-http-create-request)) + (file-error + (setq url-http-connection-opened nil) + (message "HTTP error: %s" error)))) (t (setf (car url-callback-arguments) (nconc (list :error (list 'error 'connection-failed why @@ -1542,6 +1461,7 @@ p3p ;; with url-http.el on systems with 8-character file names. (require 'tls) +(defconst url-https-default-port 443 "Default HTTPS port.") (defconst url-https-asynchronous-p t "HTTPS retrievals are asynchronous.") ;; FIXME what is the point of this alias being an autoload? -- 2.39.2