Closed Bug 89500 Opened 23 years ago Closed 23 years ago

SOCKS: only http|https re-directted in (post Mozilla 0.9.2)

Categories

(Core :: Networking, defect, P1)

defect

Tracking

()

VERIFIED FIXED
mozilla0.9.4

People

(Reporter: bbaetz, Assigned: darin.moz)

References

Details

(Whiteboard: r/sr=dougt,darin [PDT+] fixed-on-trunk,fixed-on-branch,testing-in-progress)

Attachments

(5 files)

See bug 89206. Fixing this involves a bit of code reorganisation, and won't happen for a while. If someone can comment on the proposed release note, I'll go and get it added. DRAFT RELEASE NOTE: Netscape/Mozilla only supports the use of SOCKS proxies for http and https connections. Other protocols (such as ftp) will not attempt to use a socks proxy. The mox relnotes can reference this bug.
Summary: socks only works with http/https → SOCKS: only http|https re-directted in (post Mozilla 0.9.2)
I need to discuss API changes with darin.
Priority: -- → P4
Oh, and this will allow mail/news to work through socks as well, which according to a post on npm.general ns4 could do.
Keywords: 4xp
Check with someone in mailnews about bug 44995.
I should hopefully have an infrastructure patch for this early next week
Status: NEW → ASSIGNED
Keywords: nsenterprise
Priority: P4 → P2
Target Milestone: --- → mozilla0.9.4
OK, I'm going to attach a patch. This allows datetime to work through a socks proxy. Its not finished - next is ftp, then I'll try to remove all the now-unneeded socks cruft from http. Then I'll work on mailnews. ssl support will need a change to the helper function signature to pass the type in. We need a better way of handling proxable types, to remove the checks from nsProtocolProxyService. I'm thinking of two extra flags on the protocol handler (via the recently added URIType attribute); URI_CAN_PROXY and URI_CAN_PROXY_HTTP. Because of PAC, I need to separate this out (some pac files will just return "PROXY foo:80", and that doesn't mean that smtp should be done through the proxy, and PAC will support socks soon - I may do this as part of my changes). If a protocol doesn't have the URI_CAN_PROXY flag then CreateTransportInfo will return null before talking to the protocolproxy service. If it doesn't have URI_CAN_PROXY_HTTP, then if we end up getting a proxy of type "http", we'll return null. (This also means that existing protocol handlers only have to be modified if they want to support proxying. All protocols supported by http proxying are in the mozilla tree, so thats not an issue for third parties) comments? ccing valeski for the proposed minor api change, and any other comments.
Blocks: 71565
Blocks: 44995
AAfter sepaking with darin, I plan to move the various helper functions onto more appropriate interfaces, and possibly get rid of the transport creation helper, and just change the signature of nsSocketTransport::CreateTransport and friends. And I got the check for a null transportInfo wrong.
Attached patch v0.9 patchSplinter Review
I had to redo the API a bit to allow https via a proxy to work (PSM needs the correct final hostname to do cert verification). I think that its cleaner now, as well. All non mailnews protcols have been modified - looking for testing, r/sr.
Attached patch patch, v1.0Splinter Review
some nits: 1) there exist references to nsISupportsTransparentProxy in nsIProtocolHandler.idl 2) the comments for URI_PROXY and URI_PROXY_HTTP need to be fixed. the meaning of these flags is not clear from the comments? 3) does the for loop near line 270 of nsSocketTransport.cpp need to be wrapped? 4) out of curiosity: are there http proxies out there that implement the datetime protocol? 5) off by 1 indentation problem near callsite of NewProxiedChannel in nsHttpHandler.cpp 6) fix instances of NewProxyChannel in nsHttpHandler::NewProxiedChannel 7) add comment block for nsHttpHandler::nsIProxiedProtocolHandler fix these, test it out a bunch, and r/sr=darin
dougt should review this too.
r=rginda for the chatzilla changes.
1) Fixed 2) Fixed 3) If I don't then its 86 chars, but given the rest of the file I've just unwrapped it. 4) Doubt it. And even if there are, we don't have the pref for manual proxies, and not all proxies support that. The flag being there was a typo, and I didn't pick it up because it made no difference with manual proxies. Fixed. 5) I really dislike msvc's editor... fixed. 6) Fixed 7) I don't understand this. nsIHttpProtocolHandler now inherits of nsIProxiedProtocolHandler, rather than nsIProtocolHandler. What do you mean by this?
the comment block //----------------------------------------------------------------------------- // nsHttpHandler::nsIProxiedProtocolHandler //----------------------------------------------------------------------------- is just meant to indicate that this section contains nsHttpHandler's implementation of the methods declared on nsIProxiedProtocolHandler. please add this comment above the NewProxiedChannel method definition. thanks! also, can you attach a new patch when you get around to it?
Blocks: 96624
I think that bbaetz is gone, reassigning to smeredith.
Assignee: bbaetz → smeredith
Status: ASSIGNED → NEW
I'm here til tuesday, and have r/sr=darin, and r/sr=dougt after we discuss the overloading of URIFlags with darin (and changing URI_PROXY to URI_ALLOW_PROXY, which I've done in my local tree) Taking back for now.
Assignee: smeredith → bbaetz
OK, patch with minor changes (URIType->ProtocolFlags), and a few style nits. This one is larger, because I changed the method name on all the protocol handlers. I'll take care of the commercial one-liner fix. I'll mail drivers for approval.
Status: NEW → ASSIGNED
Whiteboard: r/sr=dougt,darin
Attached patch v1.2Splinter Review
ok, so drivers rejected this. Moving to 0.9.5, and nominating nsBranch. This means that it won't go in before Tuesday (monday is a public holiday) Either darin will check this in for me, or I'll have net access by then and will do it myself (darin mailed me the mac mcp files). Either way I'll sort it out next week.
Keywords: nsbranch
Target Milestone: mozilla0.9.4 → mozilla0.9.5
Marking nsbranch+ and PDT+. Who is going to check this in? Darin? Steve? Thanks!
Keywords: nsbranchnsbranch+
Whiteboard: r/sr=dougt,darin → r/sr=dougt,darin [PTD+]
Whiteboard: r/sr=dougt,darin [PTD+] → r/sr=dougt,darin [PDT+]
i can do it if bradley is unable to. bradley?
Darin: Yes, please check this in for me - I still don't have net access at home. Remember the commercial one-liner.
-> me for checkin
Assignee: bbaetz → darin
Status: ASSIGNED → NEW
fixed-on-trunk
Status: NEW → ASSIGNED
Whiteboard: r/sr=dougt,darin [PDT+] → r/sr=dougt,darin [PDT+] fixed-on-trunk
-> 0.9.4 branch
Target Milestone: mozilla0.9.5 → mozilla0.9.4
untargeted until mozilla.org ships 0.9.4
Target Milestone: mozilla0.9.4 → ---
back to 0.9.4, awaiting PDT approval for checkin on the 0.9.4 branch
Priority: P2 → P1
Target Milestone: --- → mozilla0.9.4
0.9.4 is out the door
Target Milestone: mozilla0.9.4 → mozilla0.9.5
-> 0.9.4 for checkin on the nsbranch
Target Milestone: mozilla0.9.5 → mozilla0.9.4
Get r/sr = in patch status, and you can check it in.
Comment on attachment 47287 [details] [diff] [review] v1.2 r=dougt sr=darin
Attachment #47287 - Flags: superreview+
Attachment #47287 - Flags: review+
hoping to land this on the branch tomorrow.
Has this landed on the branch?
nope.. i got delayed.. i'm now planning to land this today.
fixed-on-branch
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Whiteboard: r/sr=dougt,darin [PDT+] fixed-on-trunk → r/sr=dougt,darin [PDT+] fixed-on-trunk,fixed-on-branch
->qa to trix. I'll dogfood, but I'm not the lead tester here.
QA Contact: benc → trix
reassigning qa to lrg
QA Contact: trix → lrg
RELNOTE Netscape 6.2: Mozilla|Netscape supports the use of SOCKS 4 and 5 proxies for http, https and ftp. Other protocols will ignore the SOCKS preference.
Summary: SOCKS: only http|https re-directted in (post Mozilla 0.9.2) → SOCKS: only http|https|ftp re-directted in (post Mozilla 0.9.2)
benc: No - the bug was that only http|https was proxied. This has been fixed with this patch (except for mailnews) Resetting summary relnote: netscape6.x: Non-mailnews protocols will use socks proxies. However, news and mail protocls will ignore any socks proxy settings you have made. (I assume theres a separate relnote on password-authenticated socks proxies not working)
Summary: SOCKS: only http|https|ftp re-directted in (post Mozilla 0.9.2) → SOCKS: only http|https re-directted in (post Mozilla 0.9.2)
FTP works right? that's all I really want to know.
Whiteboard: r/sr=dougt,darin [PDT+] fixed-on-trunk,fixed-on-branch → r/sr=dougt,darin [PDT+] fixed-on-trunk,fixed-on-branch,testing-in-progress
Hmm, last message didn't seem to get through. Verfied fixed on MacOS Linux and Windows, no major problems. Handled ftp http and https well. When the proxy address was invalid, Mail/News, IMAP, and AIM requests went through fine across all platforms. Small concern dealing with IMAP, the images refered in these files are often hosted externally to the imap document; In the case that the server where these images are stored is invalid, the page loading process is extremely slow. In other cases of invalid (by proxy configuration) urls, it seems that this failure is quickly noticed, and Netscape doesn't try to load the blocked page.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: