提交 4556ca73 编写于 作者: M michaelm

8048035: Ensure proper proxy protocols

Reviewed-by: chegar, coffeys
上级 7f8d92e4
...@@ -336,6 +336,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection { ...@@ -336,6 +336,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
/* try auth without calling Authenticator. Used for transparent NTLM authentication */ /* try auth without calling Authenticator. Used for transparent NTLM authentication */
private boolean tryTransparentNTLMServer = true; private boolean tryTransparentNTLMServer = true;
private boolean tryTransparentNTLMProxy = true; private boolean tryTransparentNTLMProxy = true;
private boolean useProxyResponseCode = false;
/* Used by Windows specific code */ /* Used by Windows specific code */
private Object authObj; private Object authObj;
...@@ -2243,6 +2244,14 @@ public class HttpURLConnection extends java.net.HttpURLConnection { ...@@ -2243,6 +2244,14 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
if (tryTransparentNTLMProxy) { if (tryTransparentNTLMProxy) {
tryTransparentNTLMProxy = tryTransparentNTLMProxy =
NTLMAuthenticationProxy.supportsTransparentAuth; NTLMAuthenticationProxy.supportsTransparentAuth;
/* If the platform supports transparent authentication
* then normally it's ok to do transparent auth to a proxy
* because we generally trust proxies (chosen by the user)
* But not in the case of 305 response where the server
* chose it. */
if (tryTransparentNTLMProxy && useProxyResponseCode) {
tryTransparentNTLMProxy = false;
}
} }
a = null; a = null;
if (tryTransparentNTLMProxy) { if (tryTransparentNTLMProxy) {
...@@ -2614,6 +2623,10 @@ public class HttpURLConnection extends java.net.HttpURLConnection { ...@@ -2614,6 +2623,10 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
requests.set(0, method + " " + getRequestURI()+" " + requests.set(0, method + " " + getRequestURI()+" " +
httpVersion, null); httpVersion, null);
connected = true; connected = true;
// need to remember this in case NTLM proxy authentication gets
// used. We can't use transparent authentication when user
// doesn't know about proxy.
useProxyResponseCode = true;
} else { } else {
// maintain previous headers, just change the name // maintain previous headers, just change the name
// of the file we're getting // of the file we're getting
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册