[tor-commits] [tor/master] Add stream isolation support for HTTP CONNECT tunnels

[nickm at torproject.org]

commit 53e4272b65514782d3f9a03afb7bffa8d55769dc
Author: Nick Mathewson <nickm at torproject.org>
Date:   Sun Aug 20 12:35:26 2017 -0400

    Add stream isolation support for HTTP CONNECT tunnels
    
    I'm doing this using the Proxy-Authorization: header to support
    clients that understand it, and with a new tor-specific header that
    makes more sense for our use.
---
 src/or/connection_edge.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 98522218b..8d2b562d8 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -2412,7 +2412,20 @@ connection_ap_process_http_connect(entry_connection_t *conn)
     goto err;
   }
 
-  /* XXXX Look at headers */
+  /* Abuse the 'username' and 'password' fields here. They are already an
+  * abuse. */
+  {
+    char *authorization = http_get_header(headers, "Proxy-Authorization: ");
+    if (authorization) {
+      socks->username = authorization; // steal reference
+      socks->usernamelen = strlen(authorization);
+    }
+    char *isolation = http_get_header(headers, "X-Tor-Stream-Isolation: ");
+    if (isolation) {
+      socks->password = isolation; // steal reference
+      socks->passwordlen = strlen(isolation);
+    }
+  }
 
   socks->command = SOCKS_COMMAND_CONNECT;
   socks->listener_type = CONN_TYPE_AP_HTTP_CONNECT_LISTENER;