/* * libjingle * Copyright 2004--2005, Google Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright notice, * this list of conditions and the following disclaimer in the documentation * and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "talk/base/proxydetect.h" #ifdef WIN32 #include "talk/base/win32.h" #include <shlobj.h> #endif // WIN32 #ifdef HAVE_CONFIG_H #include "config.h" #endif #ifdef OSX #include <SystemConfiguration/SystemConfiguration.h> #include <CoreFoundation/CoreFoundation.h> #include <CoreServices/CoreServices.h> #include <Security/Security.h> #include "macconversion.h" #endif #include <map> #include "talk/base/fileutils.h" #include "talk/base/httpcommon.h" #include "talk/base/httpcommon-inl.h" #include "talk/base/pathutils.h" #include "talk/base/stringutils.h" #ifdef WIN32 #define _TRY_WINHTTP 1 #define _TRY_JSPROXY 0 #define _TRY_WM_FINDPROXY 0 #define _TRY_IE_LAN_SETTINGS 1 #endif // WIN32 // For all platforms try Firefox. #define _TRY_FIREFOX 1 // Use profiles.ini to find the correct profile for this user. // If not set, we'll just look for the default one. #define USE_FIREFOX_PROFILES_INI 1 static const size_t kMaxLineLength = 1024; static const char kFirefoxPattern[] = "Firefox"; static const char kInternetExplorerPattern[] = "MSIE"; struct StringMap { public: void Add(const char * name, const char * value) { map_[name] = value; } const std::string& Get(const char * name, const char * def = "") const { std::map<std::string, std::string>::const_iterator it = map_.find(name); if (it != map_.end()) return it->second; def_ = def; return def_; } bool IsSet(const char * name) const { return (map_.find(name) != map_.end()); } private: std::map<std::string, std::string> map_; mutable std::string def_; }; enum UserAgent { UA_FIREFOX, UA_INTERNETEXPLORER, UA_OTHER, UA_UNKNOWN }; #if _TRY_WINHTTP //#include <winhttp.h> // Note: From winhttp.h const char WINHTTP[] = "winhttp"; typedef LPVOID HINTERNET; typedef struct { DWORD dwAccessType; // see WINHTTP_ACCESS_* types below LPWSTR lpszProxy; // proxy server list LPWSTR lpszProxyBypass; // proxy bypass list } WINHTTP_PROXY_INFO, * LPWINHTTP_PROXY_INFO; typedef struct { DWORD dwFlags; DWORD dwAutoDetectFlags; LPCWSTR lpszAutoConfigUrl; LPVOID lpvReserved; DWORD dwReserved; BOOL fAutoLogonIfChallenged; } WINHTTP_AUTOPROXY_OPTIONS; typedef struct { BOOL fAutoDetect; LPWSTR lpszAutoConfigUrl; LPWSTR lpszProxy; LPWSTR lpszProxyBypass; } WINHTTP_CURRENT_USER_IE_PROXY_CONFIG; extern "C" { typedef HINTERNET (WINAPI * pfnWinHttpOpen) ( IN LPCWSTR pwszUserAgent, IN DWORD dwAccessType, IN LPCWSTR pwszProxyName OPTIONAL, IN LPCWSTR pwszProxyBypass OPTIONAL, IN DWORD dwFlags ); typedef BOOL (STDAPICALLTYPE * pfnWinHttpCloseHandle) ( IN HINTERNET hInternet ); typedef BOOL (STDAPICALLTYPE * pfnWinHttpGetProxyForUrl) ( IN HINTERNET hSession, IN LPCWSTR lpcwszUrl, IN WINHTTP_AUTOPROXY_OPTIONS * pAutoProxyOptions, OUT WINHTTP_PROXY_INFO * pProxyInfo ); typedef BOOL (STDAPICALLTYPE * pfnWinHttpGetIEProxyConfig) ( IN OUT WINHTTP_CURRENT_USER_IE_PROXY_CONFIG * pProxyConfig ); } // extern "C" #define WINHTTP_AUTOPROXY_AUTO_DETECT 0x00000001 #define WINHTTP_AUTOPROXY_CONFIG_URL 0x00000002 #define WINHTTP_AUTOPROXY_RUN_INPROCESS 0x00010000 #define WINHTTP_AUTOPROXY_RUN_OUTPROCESS_ONLY 0x00020000 #define WINHTTP_AUTO_DETECT_TYPE_DHCP 0x00000001 #define WINHTTP_AUTO_DETECT_TYPE_DNS_A 0x00000002 #define WINHTTP_ACCESS_TYPE_DEFAULT_PROXY 0 #define WINHTTP_ACCESS_TYPE_NO_PROXY 1 #define WINHTTP_ACCESS_TYPE_NAMED_PROXY 3 #define WINHTTP_NO_PROXY_NAME NULL #define WINHTTP_NO_PROXY_BYPASS NULL #endif // _TRY_WINHTTP #if _TRY_JSPROXY extern "C" { typedef BOOL (STDAPICALLTYPE * pfnInternetGetProxyInfo) ( LPCSTR lpszUrl, DWORD dwUrlLength, LPSTR lpszUrlHostName, DWORD dwUrlHostNameLength, LPSTR * lplpszProxyHostName, LPDWORD lpdwProxyHostNameLength ); } // extern "C" #endif // _TRY_JSPROXY #if _TRY_WM_FINDPROXY #include <comutil.h> #include <wmnetsourcecreator.h> #include <wmsinternaladminnetsource.h> #endif // _TRY_WM_FINDPROXY #if _TRY_IE_LAN_SETTINGS #include <wininet.h> #include <string> #endif // _TRY_IE_LAN_SETTINGS namespace talk_base { ////////////////////////////////////////////////////////////////////// // Utility Functions ////////////////////////////////////////////////////////////////////// #ifdef WIN32 #ifdef _UNICODE typedef std::wstring tstring; std::string Utf8String(const tstring& str) { return ToUtf8(str); } #else // !_UNICODE typedef std::string tstring; std::string Utf8String(const tstring& str) { return str; } #endif // !_UNICODE #endif // WIN32 bool ProxyItemMatch(const Url<char>& url, char * item, size_t len) { // hostname:443 if (char * port = ::strchr(item, ':')) { *port++ = '\0'; if (url.port() != atol(port)) { return false; } } // A.B.C.D or A.B.C.D/24 int a, b, c, d, m; int match = sscanf(item, "%d.%d.%d.%d/%d", &a, &b, &c, &d, &m); if (match >= 4) { uint32 ip = ((a & 0xFF) << 24) | ((b & 0xFF) << 16) | ((c & 0xFF) << 8) | (d & 0xFF); if ((match < 5) || (m > 32)) m = 32; else if (m < 0) m = 0; uint32 mask = (m == 0) ? 0 : (~0UL) << (32 - m); SocketAddress addr(url.host(), 0); return !addr.IsUnresolved() && ((addr.ip() & mask) == (ip & mask)); } // .foo.com if (*item == '.') { size_t hostlen = url.host().length(); return (hostlen > len) && (stricmp(url.host().c_str() + (hostlen - len), item) == 0); } // localhost or www.*.com if (!string_match(url.host().c_str(), item)) return false; return true; } bool ProxyListMatch(const Url<char>& url, const std::string& proxy_list, char sep) { const size_t BUFSIZE = 256; char buffer[BUFSIZE]; const char* list = proxy_list.c_str(); while (*list) { // Remove leading space if (isspace(*list)) { ++list; continue; } // Break on separator size_t len; const char * start = list; if (const char * end = ::strchr(list, sep)) { len = (end - list); list += len + 1; } else { len = strlen(list); list += len; } // Remove trailing space while ((len > 0) && isspace(start[len-1])) --len; // Check for oversized entry if (len >= BUFSIZE) continue; memcpy(buffer, start, len); buffer[len] = 0; if (!ProxyItemMatch(url, buffer, len)) continue; return true; } return false; } bool Better(ProxyType lhs, const ProxyType rhs) { // PROXY_NONE, PROXY_HTTPS, PROXY_SOCKS5, PROXY_UNKNOWN const int PROXY_VALUE[5] = { 0, 2, 3, 1 }; return (PROXY_VALUE[lhs] > PROXY_VALUE[rhs]); } bool ParseProxy(const std::string& saddress, ProxyInfo* proxy) { const size_t kMaxAddressLength = 1024; // Allow semicolon, space, or tab as an address separator const char* const kAddressSeparator = " ;\t"; ProxyType ptype; std::string host; uint16 port; const char* address = saddress.c_str(); while (*address) { size_t len; const char * start = address; if (const char * sep = strchr(address, kAddressSeparator)) { len = (sep - address); address += len + 1; while (*address != '\0' && ::strchr(kAddressSeparator, *address)) { address += 1; } } else { len = strlen(address); address += len; } if (len > kMaxAddressLength - 1) { LOG(LS_WARNING) << "Proxy address too long [" << start << "]"; continue; } char buffer[kMaxAddressLength]; memcpy(buffer, start, len); buffer[len] = 0; char * colon = ::strchr(buffer, ':'); if (!colon) { LOG(LS_WARNING) << "Proxy address without port [" << buffer << "]"; continue; } *colon = 0; char * endptr; port = static_cast<uint16>(strtol(colon + 1, &endptr, 0)); if (*endptr != 0) { LOG(LS_WARNING) << "Proxy address with invalid port [" << buffer << "]"; continue; } if (char * equals = ::strchr(buffer, '=')) { *equals = 0; host = equals + 1; if (_stricmp(buffer, "socks") == 0) { ptype = PROXY_SOCKS5; } else if (_stricmp(buffer, "https") == 0) { ptype = PROXY_HTTPS; } else { LOG(LS_WARNING) << "Proxy address with unknown protocol [" << buffer << "]"; ptype = PROXY_UNKNOWN; } } else { host = buffer; ptype = PROXY_UNKNOWN; } if (Better(ptype, proxy->type)) { proxy->type = ptype; proxy->address.SetIP(host); proxy->address.SetPort(port); } } return proxy->type != PROXY_NONE; } UserAgent GetAgent(const char* agent) { if (agent) { std::string agent_str(agent); if (agent_str.find(kFirefoxPattern) != std::string::npos) { return UA_FIREFOX; } else if (agent_str.find(kInternetExplorerPattern) != std::string::npos) { return UA_INTERNETEXPLORER; } else if (agent_str.empty()) { return UA_UNKNOWN; } } return UA_OTHER; } bool EndsWith(const std::string& a, const std::string& b) { if (b.size() > a.size()) { return false; } int result = a.compare(a.size() - b.size(), b.size(), b); return result == 0; } bool GetFirefoxProfilePath(Pathname* path) { #ifdef WIN32 wchar_t w_path[MAX_PATH]; if (SHGetFolderPath(0, CSIDL_APPDATA, 0, SHGFP_TYPE_CURRENT, w_path) != S_OK) { LOG(LS_ERROR) << "SHGetFolderPath failed"; return false; } path->SetFolder(ToUtf8(w_path, wcslen(w_path))); path->AppendFolder("Mozilla"); path->AppendFolder("Firefox"); #elif OSX FSRef fr; if (0 != FSFindFolder(kUserDomain, kApplicationSupportFolderType, kCreateFolder, &fr)) { LOG(LS_ERROR) << "FSFindFolder failed"; return false; } char buffer[NAME_MAX + 1]; if (0 != FSRefMakePath(&fr, reinterpret_cast<uint8*>(buffer), ARRAY_SIZE(buffer))) { LOG(LS_ERROR) << "FSRefMakePath failed"; return false; } path->SetFolder(std::string(buffer)); path->AppendFolder("Firefox"); #else char* user_home = getenv("HOME"); if (user_home == NULL) { return false; } path->SetFolder(std::string(user_home)); path->AppendFolder(".mozilla"); path->AppendFolder("firefox"); #endif // WIN32 return true; } bool GetDefaultFirefoxProfile(Pathname* profile_path) { ASSERT(NULL != profile_path); Pathname path; if (!GetFirefoxProfilePath(&path)) { return false; } #if USE_FIREFOX_PROFILES_INI // [Profile0] // Name=default // IsRelative=1 // Path=Profiles/2de53ejb.default // Default=1 // Note: we are looking for the first entry with "Default=1", or the last // entry in the file path.SetFilename("profiles.ini"); FileStream* fs = Filesystem::OpenFile(path, "r"); if (!fs) { return false; } Pathname candidate; bool relative = true; std::string line; while (fs->ReadLine(&line) == SR_SUCCESS) { if (line.length() == 0) { continue; } if (line.at(0) == '[') { relative = true; candidate.clear(); } else if (line.find("IsRelative=") == 0 && line.length() >= 12) { // TODO: The initial Linux public launch revealed a fairly // high number of machines where IsRelative= did not have anything after // it. Perhaps that is legal profiles.ini syntax? relative = (line.at(11) != '0'); } else if (line.find("Path=") == 0 && line.length() >= 6) { if (relative) { candidate = path; } else { candidate.clear(); } candidate.AppendFolder(line.substr(5)); } else if (line.find("Default=") == 0 && line.length() >= 9) { if ((line.at(8) != '0') && !candidate.empty()) { break; } } } fs->Close(); if (candidate.empty()) { return false; } profile_path->SetPathname(candidate.pathname()); #else // !USE_FIREFOX_PROFILES_INI path.AppendFolder("Profiles"); DirectoryIterator* it = Filesystem::IterateDirectory(); it->Iterate(path); std::string extension(".default"); while (!EndsWith(it->Name(), extension)) { if (!it->Next()) { return false; } } profile_path->SetPathname(path); profile->AppendFolder("Profiles"); profile->AppendFolder(it->Name()); delete it; #endif // !USE_FIREFOX_PROFILES_INI return true; } bool ReadFirefoxPrefs(const Pathname& filename, const char * prefix, StringMap* settings) { FileStream* fs = Filesystem::OpenFile(filename, "r"); if (!fs) { LOG(LS_ERROR) << "Failed to open file: " << filename.pathname(); return false; } std::string line; while (fs->ReadLine(&line) == SR_SUCCESS) { size_t prefix_len = strlen(prefix); // Skip blank lines and too long lines. if ((line.length() == 0) || (line.length() > kMaxLineLength) || (line.at(0) == '#') || line.compare(0, 2, "/*") == 0 || line.compare(0, 2, " *") == 0) { continue; } char buffer[kMaxLineLength]; strcpyn(buffer, sizeof(buffer), line.c_str()); int nstart = 0, nend = 0, vstart = 0, vend = 0; sscanf(buffer, "user_pref(\"%n%*[^\"]%n\", %n%*[^)]%n);", &nstart, &nend, &vstart, &vend); if (vend > 0) { char* name = buffer + nstart; name[nend - nstart] = 0; if ((vend - vstart >= 2) && (buffer[vstart] == '"')) { vstart += 1; vend -= 1; } char* value = buffer + vstart; value[vend - vstart] = 0; if ((strncmp(name, prefix, prefix_len) == 0) && *value) { settings->Add(name + prefix_len, value); } } else { LOG_F(LS_WARNING) << "Unparsed pref [" << buffer << "]"; } } fs->Close(); return true; } bool GetFirefoxProxySettings(const char* url, ProxyInfo* proxy) { Url<char> purl(url); Pathname path; bool success = false; if (GetDefaultFirefoxProfile(&path)) { StringMap settings; path.SetFilename("prefs.js"); if (ReadFirefoxPrefs(path, "network.proxy.", &settings)) { success = true; proxy->bypass_list = settings.Get("no_proxies_on", "localhost, 127.0.0.1"); if (settings.Get("type") == "1") { // User has manually specified a proxy, try to figure out what // type it is. if (ProxyListMatch(purl, proxy->bypass_list.c_str(), ',')) { // Our url is in the list of url's to bypass proxy. } else if (settings.Get("share_proxy_settings") == "true") { proxy->type = PROXY_UNKNOWN; proxy->address.SetIP(settings.Get("http")); proxy->address.SetPort(atoi(settings.Get("http_port").c_str())); } else if (settings.IsSet("socks")) { proxy->type = PROXY_SOCKS5; proxy->address.SetIP(settings.Get("socks")); proxy->address.SetPort(atoi(settings.Get("socks_port").c_str())); } else if (settings.IsSet("ssl")) { proxy->type = PROXY_HTTPS; proxy->address.SetIP(settings.Get("ssl")); proxy->address.SetPort(atoi(settings.Get("ssl_port").c_str())); } else if (settings.IsSet("http")) { proxy->type = PROXY_HTTPS; proxy->address.SetIP(settings.Get("http")); proxy->address.SetPort(atoi(settings.Get("http_port").c_str())); } } else if (settings.Get("type") == "2") { // Browser is configured to get proxy settings from a given url. proxy->autoconfig_url = settings.Get("autoconfig_url").c_str(); } else if (settings.Get("type") == "4") { // Browser is configured to auto detect proxy config. proxy->autodetect = true; } else { // No proxy set. } } } return success; } #ifdef WIN32 // Windows specific implementation for reading Internet // Explorer proxy settings. void LogGetProxyFault() { LOG_GLEM(LERROR, WINHTTP) << "WinHttpGetProxyForUrl faulted!!"; } BOOL MyWinHttpGetProxyForUrl(pfnWinHttpGetProxyForUrl pWHGPFU, HINTERNET hWinHttp, LPCWSTR url, WINHTTP_AUTOPROXY_OPTIONS *options, WINHTTP_PROXY_INFO *info) { // WinHttpGetProxyForUrl() can call plugins which can crash. // In the case of McAfee scriptproxy.dll, it does crash in // older versions. Try to catch crashes here and treat as an // error. BOOL success = FALSE; #if (_HAS_EXCEPTIONS == 0) __try { success = pWHGPFU(hWinHttp, url, options, info); } __except(EXCEPTION_EXECUTE_HANDLER) { // This is a separate function to avoid // Visual C++ error 2712 when compiling with C++ EH LogGetProxyFault(); } #else success = pWHGPFU(hWinHttp, url, options, info); #endif // (_HAS_EXCEPTIONS == 0) return success; } bool IsDefaultBrowserFirefox() { HKEY key; LONG result = RegOpenKeyEx(HKEY_CLASSES_ROOT, L"http\\shell\\open\\command", 0, KEY_READ, &key); if (ERROR_SUCCESS != result) return false; wchar_t* value = NULL; DWORD size, type; result = RegQueryValueEx(key, L"", 0, &type, NULL, &size); if (REG_SZ != type) { result = ERROR_ACCESS_DENIED; // Any error is fine } else if (ERROR_SUCCESS == result) { value = new wchar_t[size+1]; BYTE* buffer = reinterpret_cast<BYTE*>(value); result = RegQueryValueEx(key, L"", 0, &type, buffer, &size); } RegCloseKey(key); bool success = false; if (ERROR_SUCCESS == result) { value[size] = L'\0'; for (size_t i = 0; i < size; ++i) { value[i] = tolowercase(value[i]); } success = (NULL != strstr(value, L"firefox.exe")); } delete [] value; return success; } bool GetWinHttpProxySettings(const char* url, ProxyInfo* proxy) { HMODULE winhttp_handle = LoadLibrary(L"winhttp.dll"); if (winhttp_handle == NULL) { LOG(LS_ERROR) << "Failed to load winhttp.dll."; return false; } WINHTTP_CURRENT_USER_IE_PROXY_CONFIG iecfg; memset(&iecfg, 0, sizeof(iecfg)); Url<char> purl(url); pfnWinHttpGetIEProxyConfig pWHGIEPC = reinterpret_cast<pfnWinHttpGetIEProxyConfig>( GetProcAddress(winhttp_handle, "WinHttpGetIEProxyConfigForCurrentUser")); bool success = false; if (pWHGIEPC && pWHGIEPC(&iecfg)) { // We were read proxy config successfully. success = true; if (iecfg.fAutoDetect) { proxy->autodetect = true; } if (iecfg.lpszAutoConfigUrl) { proxy->autoconfig_url = ToUtf8(iecfg.lpszAutoConfigUrl); GlobalFree(iecfg.lpszAutoConfigUrl); } if (iecfg.lpszProxyBypass) { proxy->bypass_list = ToUtf8(iecfg.lpszProxyBypass); GlobalFree(iecfg.lpszProxyBypass); } if (iecfg.lpszProxy) { if (!ProxyListMatch(purl, proxy->bypass_list, ';')) { ParseProxy(ToUtf8(iecfg.lpszProxy), proxy); } GlobalFree(iecfg.lpszProxy); } } FreeLibrary(winhttp_handle); return success; } // Uses the WinHTTP API to auto detect proxy for the given url. Firefox and IE // have slightly different option dialogs for proxy settings. In Firefox, // either a location of a proxy configuration file can be specified or auto // detection can be selected. In IE theese two options can be independently // selected. For the case where both options are selected (only IE) we try to // fetch the config file first, and if that fails we'll perform an auto // detection. // // Returns true if we successfully performed an auto detection not depending on // whether we found a proxy or not. Returns false on error. bool WinHttpAutoDetectProxyForUrl(const char* agent, const char* url, ProxyInfo* proxy) { Url<char> purl(url); bool success = true; HMODULE winhttp_handle = LoadLibrary(L"winhttp.dll"); if (winhttp_handle == NULL) { LOG(LS_ERROR) << "Failed to load winhttp.dll."; return false; } pfnWinHttpOpen pWHO = reinterpret_cast<pfnWinHttpOpen>(GetProcAddress(winhttp_handle, "WinHttpOpen")); pfnWinHttpCloseHandle pWHCH = reinterpret_cast<pfnWinHttpCloseHandle>( GetProcAddress(winhttp_handle, "WinHttpCloseHandle")); pfnWinHttpGetProxyForUrl pWHGPFU = reinterpret_cast<pfnWinHttpGetProxyForUrl>( GetProcAddress(winhttp_handle, "WinHttpGetProxyForUrl")); if (pWHO && pWHCH && pWHGPFU) { if (HINTERNET hWinHttp = pWHO(ToUtf16(agent).c_str(), WINHTTP_ACCESS_TYPE_NO_PROXY, WINHTTP_NO_PROXY_NAME, WINHTTP_NO_PROXY_BYPASS, 0)) { BOOL result = FALSE; WINHTTP_PROXY_INFO info; memset(&info, 0, sizeof(info)); if (proxy->autodetect) { // Use DHCP and DNS to try to find any proxy to use. WINHTTP_AUTOPROXY_OPTIONS options; memset(&options, 0, sizeof(options)); options.fAutoLogonIfChallenged = TRUE; options.dwFlags |= WINHTTP_AUTOPROXY_AUTO_DETECT; options.dwAutoDetectFlags |= WINHTTP_AUTO_DETECT_TYPE_DHCP | WINHTTP_AUTO_DETECT_TYPE_DNS_A; result = MyWinHttpGetProxyForUrl( pWHGPFU, hWinHttp, ToUtf16(url).c_str(), &options, &info); } if (!result && !proxy->autoconfig_url.empty()) { // We have the location of a proxy config file. Download it and // execute it to find proxy settings for our url. WINHTTP_AUTOPROXY_OPTIONS options; memset(&options, 0, sizeof(options)); memset(&info, 0, sizeof(info)); options.fAutoLogonIfChallenged = TRUE; std::wstring autoconfig_url16((ToUtf16)(proxy->autoconfig_url)); options.dwFlags |= WINHTTP_AUTOPROXY_CONFIG_URL; options.lpszAutoConfigUrl = autoconfig_url16.c_str(); result = MyWinHttpGetProxyForUrl( pWHGPFU, hWinHttp, ToUtf16(url).c_str(), &options, &info); } if (result) { // Either the given auto config url was valid or auto // detection found a proxy on this network. if (info.lpszProxy) { // TODO: Does this bypass list differ from the list // retreived from GetWinHttpProxySettings earlier? if (info.lpszProxyBypass) { proxy->bypass_list = ToUtf8(info.lpszProxyBypass); GlobalFree(info.lpszProxyBypass); } else { proxy->bypass_list.clear(); } if (!ProxyListMatch(purl, proxy->bypass_list, ';')) { // Found proxy for this URL. If parsing the address turns // out ok then we are successful. success = ParseProxy(ToUtf8(info.lpszProxy), proxy); } GlobalFree(info.lpszProxy); } } else { // We could not find any proxy for this url. LOG(LS_INFO) << "No proxy detected for " << url; } pWHCH(hWinHttp); } } else { LOG(LS_ERROR) << "Failed loading WinHTTP functions."; success = false; } FreeLibrary(winhttp_handle); return success; } #if 0 // Below functions currently not used. bool GetJsProxySettings(const char* url, ProxyInfo* proxy) { Url<char> purl(url); bool success = false; if (HMODULE hModJS = LoadLibrary(_T("jsproxy.dll"))) { pfnInternetGetProxyInfo pIGPI = reinterpret_cast<pfnInternetGetProxyInfo>( GetProcAddress(hModJS, "InternetGetProxyInfo")); if (pIGPI) { char proxy[256], host[256]; memset(proxy, 0, sizeof(proxy)); char * ptr = proxy; DWORD proxylen = sizeof(proxy); std::string surl = Utf8String(url); DWORD hostlen = _snprintf(host, sizeof(host), "http%s://%S", purl.secure() ? "s" : "", purl.server()); if (pIGPI(surl.data(), surl.size(), host, hostlen, &ptr, &proxylen)) { LOG(INFO) << "Proxy: " << proxy; } else { LOG_GLE(INFO) << "InternetGetProxyInfo"; } } FreeLibrary(hModJS); } return success; } bool GetWmProxySettings(const char* url, ProxyInfo* proxy) { Url<char> purl(url); bool success = false; INSNetSourceCreator * nsc = 0; HRESULT hr = CoCreateInstance(CLSID_ClientNetManager, 0, CLSCTX_ALL, IID_INSNetSourceCreator, (LPVOID *) &nsc); if (SUCCEEDED(hr)) { if (SUCCEEDED(hr = nsc->Initialize())) { VARIANT dispatch; VariantInit(&dispatch); if (SUCCEEDED(hr = nsc->GetNetSourceAdminInterface(L"http", &dispatch))) { IWMSInternalAdminNetSource * ians = 0; if (SUCCEEDED(hr = dispatch.pdispVal->QueryInterface( IID_IWMSInternalAdminNetSource, (LPVOID *) &ians))) { _bstr_t host(purl.server()); BSTR proxy = 0; BOOL bProxyEnabled = FALSE; DWORD port, context = 0; if (SUCCEEDED(hr = ians->FindProxyForURL( L"http", host, &bProxyEnabled, &proxy, &port, &context))) { success = true; if (bProxyEnabled) { _bstr_t sproxy = proxy; proxy->ptype = PT_HTTPS; proxy->host = sproxy; proxy->port = port; } } SysFreeString(proxy); if (FAILED(hr = ians->ShutdownProxyContext(context))) { LOG(LS_INFO) << "IWMSInternalAdminNetSource::ShutdownProxyContext" << "failed: " << hr; } ians->Release(); } } VariantClear(&dispatch); if (FAILED(hr = nsc->Shutdown())) { LOG(LS_INFO) << "INSNetSourceCreator::Shutdown failed: " << hr; } } nsc->Release(); } return success; } bool GetIePerConnectionProxySettings(const char* url, ProxyInfo* proxy) { Url<char> purl(url); bool success = false; INTERNET_PER_CONN_OPTION_LIST list; INTERNET_PER_CONN_OPTION options[3]; memset(&list, 0, sizeof(list)); memset(&options, 0, sizeof(options)); list.dwSize = sizeof(list); list.dwOptionCount = 3; list.pOptions = options; options[0].dwOption = INTERNET_PER_CONN_FLAGS; options[1].dwOption = INTERNET_PER_CONN_PROXY_SERVER; options[2].dwOption = INTERNET_PER_CONN_PROXY_BYPASS; DWORD dwSize = sizeof(list); if (!InternetQueryOption(0, INTERNET_OPTION_PER_CONNECTION_OPTION, &list, &dwSize)) { LOG(LS_INFO) << "InternetQueryOption failed: " << GetLastError(); } else if ((options[0].Value.dwValue & PROXY_TYPE_PROXY) != 0) { success = true; if (!ProxyListMatch(purl, nonnull(options[2].Value.pszValue), _T(';'))) { ParseProxy(nonnull(options[1].Value.pszValue), proxy); } } else if ((options[0].Value.dwValue & PROXY_TYPE_DIRECT) != 0) { success = true; } else { LOG(LS_INFO) << "unknown internet access type: " << options[0].Value.dwValue; } if (options[1].Value.pszValue) { GlobalFree(options[1].Value.pszValue); } if (options[2].Value.pszValue) { GlobalFree(options[2].Value.pszValue); } return success; } #endif // 0 // Uses the InternetQueryOption function to retrieve proxy settings // from the registry. This will only give us the 'static' settings, // ie, not any information about auto config etc. bool GetIeLanProxySettings(const char* url, ProxyInfo* proxy) { Url<char> purl(url); bool success = false; wchar_t buffer[1024]; memset(buffer, 0, sizeof(buffer)); INTERNET_PROXY_INFO * info = reinterpret_cast<INTERNET_PROXY_INFO *>(buffer); DWORD dwSize = sizeof(buffer); if (!InternetQueryOption(0, INTERNET_OPTION_PROXY, info, &dwSize)) { LOG(LS_INFO) << "InternetQueryOption failed: " << GetLastError(); } else if (info->dwAccessType == INTERNET_OPEN_TYPE_DIRECT) { success = true; } else if (info->dwAccessType == INTERNET_OPEN_TYPE_PROXY) { success = true; if (!ProxyListMatch(purl, nonnull(reinterpret_cast<const char*>( info->lpszProxyBypass)), ' ')) { ParseProxy(nonnull(reinterpret_cast<const char*>(info->lpszProxy)), proxy); } } else { LOG(LS_INFO) << "unknown internet access type: " << info->dwAccessType; } return success; } bool GetIeProxySettings(const char* agent, const char* url, ProxyInfo* proxy) { bool success = GetWinHttpProxySettings(url, proxy); if (!success) { // TODO: Should always call this if no proxy were detected by // GetWinHttpProxySettings? // WinHttp failed. Try using the InternetOptionQuery method instead. return GetIeLanProxySettings(url, proxy); } return true; } #endif // WIN32 #ifdef OSX // OSX specific implementation for reading system wide // proxy settings. bool p_getProxyInfoForTypeFromDictWithKeys(ProxyInfo* proxy, ProxyType type, const CFDictionaryRef proxyDict, const CFStringRef enabledKey, const CFStringRef hostKey, const CFStringRef portKey) { // whether or not we set up the proxy info. bool result = false; // we use this as a scratch variable for determining if operations // succeeded. bool converted = false; // the data we need to construct the SocketAddress for the proxy. std::string hostname; int port; if ((proxyDict != NULL) && (CFGetTypeID(proxyDict) == CFDictionaryGetTypeID())) { // CoreFoundation stuff that we'll have to get from // the dictionaries and interpret or convert into more usable formats. CFNumberRef enabledCFNum; CFNumberRef portCFNum; CFStringRef hostCFStr; enabledCFNum = (CFNumberRef)CFDictionaryGetValue(proxyDict, enabledKey); if (p_isCFNumberTrue(enabledCFNum)) { // let's see if we can get the address and port. hostCFStr = (CFStringRef)CFDictionaryGetValue(proxyDict, hostKey); converted = p_convertHostCFStringRefToCPPString(hostCFStr, hostname); if (converted) { portCFNum = (CFNumberRef)CFDictionaryGetValue(proxyDict, portKey); converted = p_convertCFNumberToInt(portCFNum, &port); if (converted) { // we have something enabled, with a hostname and a port. // That's sufficient to set up the proxy info. proxy->type = type; proxy->address.SetIP(hostname); proxy->address.SetPort(port); result = true; } } } } return result; } // Looks for proxy information in the given dictionary, // return true if it found sufficient information to define one, // false otherwise. This is guaranteed to not change the values in proxy // unless a full-fledged proxy description was discovered in the dictionary. // However, at the present time this does not support username or password. // Checks first for a SOCKS proxy, then for HTTPS, then HTTP. bool GetMacProxySettingsFromDictionary(ProxyInfo* proxy, const CFDictionaryRef proxyDict) { // the function result. bool gotProxy = false; // first we see if there's a SOCKS proxy in place. gotProxy = p_getProxyInfoForTypeFromDictWithKeys(proxy, PROXY_SOCKS5, proxyDict, kSCPropNetProxiesSOCKSEnable, kSCPropNetProxiesSOCKSProxy, kSCPropNetProxiesSOCKSPort); if (!gotProxy) { // okay, no SOCKS proxy, let's look for https. gotProxy = p_getProxyInfoForTypeFromDictWithKeys(proxy, PROXY_HTTPS, proxyDict, kSCPropNetProxiesHTTPSEnable, kSCPropNetProxiesHTTPSProxy, kSCPropNetProxiesHTTPSPort); if (!gotProxy) { // Finally, try HTTP proxy. Note that flute doesn't // differentiate between HTTPS and HTTP, hence we are using the // same flute type here, ie. PROXY_HTTPS. gotProxy = p_getProxyInfoForTypeFromDictWithKeys( proxy, PROXY_HTTPS, proxyDict, kSCPropNetProxiesHTTPEnable, kSCPropNetProxiesHTTPProxy, kSCPropNetProxiesHTTPPort); } } return gotProxy; } bool p_putPasswordInProxyInfo(ProxyInfo* proxy) { bool result = true; // by default we assume we're good. // for all we know there isn't any password. We'll set to false // if we find a problem. // Ask the keychain for an internet password search for the given protocol. OSStatus oss = 0; SecKeychainAttributeList attrList; attrList.count = 3; SecKeychainAttribute attributes[3]; attrList.attr = attributes; attributes[0].tag = kSecProtocolItemAttr; attributes[0].length = sizeof(SecProtocolType); SecProtocolType protocol; switch (proxy->type) { case PROXY_HTTPS : protocol = kSecProtocolTypeHTTPS; break; case PROXY_SOCKS5 : protocol = kSecProtocolTypeSOCKS; break; default : LOG(LS_ERROR) << "asked for proxy password for unknown proxy type."; result = false; break; } attributes[0].data = &protocol; UInt32 port = proxy->address.port(); attributes[1].tag = kSecPortItemAttr; attributes[1].length = sizeof(UInt32); attributes[1].data = &port; std::string ip = proxy->address.IPAsString(); attributes[2].tag = kSecServerItemAttr; attributes[2].length = ip.length(); attributes[2].data = const_cast<char*>(ip.c_str()); if (result) { LOG(LS_INFO) << "trying to get proxy username/password"; SecKeychainSearchRef sref; oss = SecKeychainSearchCreateFromAttributes(NULL, kSecInternetPasswordItemClass, &attrList, &sref); if (0 == oss) { LOG(LS_INFO) << "SecKeychainSearchCreateFromAttributes was good"; // Get the first item, if there is one. SecKeychainItemRef iref; oss = SecKeychainSearchCopyNext(sref, &iref); if (0 == oss) { LOG(LS_INFO) << "...looks like we have the username/password data"; // If there is, get the username and the password. SecKeychainAttributeInfo attribsToGet; attribsToGet.count = 1; UInt32 tag = kSecAccountItemAttr; UInt32 format = CSSM_DB_ATTRIBUTE_FORMAT_STRING; void *data; UInt32 length; SecKeychainAttributeList *localList; attribsToGet.tag = &tag; attribsToGet.format = &format; OSStatus copyres = SecKeychainItemCopyAttributesAndData(iref, &attribsToGet, NULL, &localList, &length, &data); if (0 == copyres) { LOG(LS_INFO) << "...and we can pull it out."; // now, we know from experimentation (sadly not from docs) // that the username is in the local attribute list, // and the password in the data, // both without null termination but with info on their length. // grab the password from the data. std::string password; password.append(static_cast<const char*>(data), length); // make the password into a CryptString // huh, at the time of writing, you can't. // so we'll skip that for now and come back to it later. // now put the username in the proxy. if (1 <= localList->attr->length) { proxy->username.append( static_cast<const char*>(localList->attr->data), localList->attr->length); LOG(LS_INFO) << "username is " << proxy->username; } else { LOG(LS_ERROR) << "got keychain entry with no username"; result = false; } } else { LOG(LS_ERROR) << "couldn't copy info from keychain."; result = false; } SecKeychainItemFreeAttributesAndData(localList, data); } else if (errSecItemNotFound == oss) { LOG(LS_INFO) << "...username/password info not found"; } else { // oooh, neither 0 nor itemNotFound. LOG(LS_ERROR) << "Couldn't get keychain information, error code" << oss; result = false; } } else if (errSecItemNotFound == oss) { // noop } else { // oooh, neither 0 nor itemNotFound. LOG(LS_ERROR) << "Couldn't get keychain information, error code" << oss; result = false; } } return result; } bool GetMacProxySettings(ProxyInfo* proxy) { // based on the Apple Technical Q&A QA1234 // http://developer.apple.com/qa/qa2001/qa1234.html CFDictionaryRef proxyDict = SCDynamicStoreCopyProxies(NULL); bool result = false; if (proxyDict != NULL) { // sending it off to another function makes it easier to unit test // since we can make our own dictionary to hand to that function. result = GetMacProxySettingsFromDictionary(proxy, proxyDict); if (result) { result = p_putPasswordInProxyInfo(proxy); } // We created the dictionary with something that had the // word 'copy' in it, so we have to release it, according // to the Carbon memory management standards. CFRelease(proxyDict); } else { LOG(LS_ERROR) << "SCDynamicStoreCopyProxies failed"; } return result; } #endif // OSX bool AutoDetectProxySettings(const char* agent, const char* url, ProxyInfo* proxy) { #ifdef WIN32 return WinHttpAutoDetectProxyForUrl(agent, url, proxy); #else LOG(LS_WARNING) << "Proxy auto-detection not implemented for this platform"; return false; #endif } bool GetSystemDefaultProxySettings(const char* agent, const char* url, ProxyInfo* proxy) { #ifdef WIN32 return GetIeProxySettings(agent, url, proxy); #elif OSX return GetMacProxySettings(proxy); #else // TODO: Get System settings if browser is not firefox. return GetFirefoxProxySettings(url, proxy); #endif } bool GetProxySettingsForUrl(const char* agent, const char* url, ProxyInfo& proxy, bool long_operation) { UserAgent a = GetAgent(agent); bool result; switch (a) { case UA_FIREFOX: { result = GetFirefoxProxySettings(url, &proxy); break; } #ifdef WIN32 case UA_INTERNETEXPLORER: result = GetIeProxySettings(agent, url, &proxy); break; case UA_UNKNOWN: // Agent not defined, check default browser. if (IsDefaultBrowserFirefox()) { result = GetFirefoxProxySettings(url, &proxy); } else { result = GetIeProxySettings(agent, url, &proxy); } break; #endif // WIN32 default: result = GetSystemDefaultProxySettings(agent, url, &proxy); break; } // TODO: Consider using the 'long_operation' parameter to // decide whether to do the auto detection. if (result && (proxy.autodetect || !proxy.autoconfig_url.empty())) { // Use WinHTTP to auto detect proxy for us. result = AutoDetectProxySettings(agent, url, &proxy); if (!result) { // Either auto detection is not supported or we simply didn't // find any proxy, reset type. proxy.type = talk_base::PROXY_NONE; } } return result; } } // namespace talk_base