From 9c85ee8b61c24587a228b3644c37b1b4fdfb7dcb Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Wed, 12 Sep 2012 17:36:19 +0200 Subject: inets httpc: TLS via proxy Introduces new option htts_proxy so that it is possible to have different proxies for http and https. The new option defaults to the old proxy option. Implements HTTP-1.1 extension method CONNECT to establish SSL/TLS tunnel We choose not to implement "TLS upgrade" as defined by RFC 2817 as this method of upgrade is vulnerable to man in the middle attacks, can be easily broken by proxies and does not seem to be widely adopted. --- lib/inets/src/http_client/httpc.erl | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'lib/inets/src/http_client/httpc.erl') diff --git a/lib/inets/src/http_client/httpc.erl b/lib/inets/src/http_client/httpc.erl index b6e7708353..ede649a5a9 100644 --- a/lib/inets/src/http_client/httpc.erl +++ b/lib/inets/src/http_client/httpc.erl @@ -917,6 +917,10 @@ validate_options([{proxy, Proxy} = Opt| Tail], Acc) -> validate_proxy(Proxy), validate_options(Tail, [Opt | Acc]); +validate_options([{https_proxy, Proxy} = Opt| Tail], Acc) -> + validate_https_proxy(Proxy), + validate_options(Tail, [Opt | Acc]); + validate_options([{max_sessions, Value} = Opt| Tail], Acc) -> validate_max_sessions(Value), validate_options(Tail, [Opt | Acc]); @@ -979,6 +983,14 @@ validate_proxy({{ProxyHost, ProxyPort}, NoProxy} = Proxy) validate_proxy(BadProxy) -> bad_option(proxy, BadProxy). +validate_https_proxy({{ProxyHost, ProxyPort}, NoProxy} = Proxy) + when is_list(ProxyHost) andalso + is_integer(ProxyPort) andalso + is_list(NoProxy) -> + Proxy; +validate_https_proxy(BadProxy) -> + bad_option(https_proxy, BadProxy). + validate_max_sessions(Value) when is_integer(Value) andalso (Value >= 0) -> Value; validate_max_sessions(BadValue) -> -- cgit v1.2.3