Revert 118950 - Allow chrome to handle 407 auth challenges to CONNECT requests

net/http/http_proxy_client_socket.cc

Index: net/http/http_proxy_client_socket.cc
===================================================================
--- net/http/http_proxy_client_socket.cc	(revision 120367)
+++ net/http/http_proxy_client_socket.cc	(working copy)
@@ -1,4 +1,4 @@
-// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -31,7 +31,8 @@
     const std::string& user_agent,
     const HostPortPair& endpoint,
     const HostPortPair& proxy_server,
-    HttpAuthController* http_auth_controller,
+    HttpAuthCache* http_auth_cache,
+    HttpAuthHandlerFactory* http_auth_handler_factory,
     bool tunnel,
     bool using_spdy,
     SSLClientSocket::NextProto protocol_negotiated,
@@ -42,7 +43,13 @@
       next_state_(STATE_NONE),
       transport_(transport_socket),
       endpoint_(endpoint),
-      auth_(http_auth_controller),
+      auth_(tunnel ?
+          new HttpAuthController(HttpAuth::AUTH_PROXY,
+                                 GURL((is_https_proxy ? "https://" : "http://")
+                                      + proxy_server.ToString()),
+                                 http_auth_cache,
+                                 http_auth_handler_factory)
+          : NULL),
       tunnel_(tunnel),
       using_spdy_(using_spdy),
       protocol_negotiated_(protocol_negotiated),
@@ -60,11 +67,6 @@
   Disconnect();
 }
 
-const
-scoped_refptr<HttpAuthController>& HttpProxyClientSocket::GetAuthController() {
-  return auth_;
-}
-
 int HttpProxyClientSocket::RestartWithAuth(const CompletionCallback& callback) {
   DCHECK_EQ(STATE_NONE, next_state_);
   DCHECK(user_callback_.is_null());
@@ -252,14 +254,14 @@
 }
 
 int HttpProxyClientSocket::DidDrainBodyForAuthRestart(bool keep_alive) {
-  int rv = OK;
   if (keep_alive && transport_->socket()->IsConnectedAndIdle()) {
     next_state_ = STATE_GENERATE_AUTH_TOKEN;
     transport_->set_is_reused(true);
   } else {
-    next_state_ = STATE_NONE;
+    // This assumes that the underlying transport socket is a TCP socket,
+    // since only TCP sockets are restartable.
+    next_state_ = STATE_TCP_RESTART;
     transport_->socket()->Disconnect();
-    rv = ERR_NO_KEEP_ALIVE_ON_AUTH_RESTART;
   }
 
   // Reset the other member variables.
@@ -269,6 +271,17 @@
   request_line_.clear();
   request_headers_.Clear();
   response_ = HttpResponseInfo();
+  return OK;
+}
+
+int HttpProxyClientSocket::HandleAuthChallenge() {
+  DCHECK(response_.headers);
+
+  int rv = auth_->HandleAuthChallenge(response_.headers, false, true, net_log_);
+  response_.auth_challenge = auth_->auth_info();
+  if (rv == OK)
+    return ERR_PROXY_AUTH_REQUESTED;
+
   return rv;
 }
 
@@ -341,6 +354,13 @@
       case STATE_DRAIN_BODY_COMPLETE:
         rv = DoDrainBodyComplete(rv);
         break;
+      case STATE_TCP_RESTART:
+        DCHECK_EQ(OK, rv);
+        rv = DoTCPRestart();
+        break;
+      case STATE_TCP_RESTART_COMPLETE:
+        rv = DoTCPRestartComplete(rv);
+        break;
       case STATE_DONE:
         break;
       default:
@@ -439,7 +459,7 @@
       // authentication code is smart enough to avoid being tricked by an
       // active network attacker.
       // The next state is intentionally not set as it should be STATE_NONE;
-      return HandleAuthChallenge(auth_, &response_, net_log_);
+      return HandleAuthChallenge();
 
     default:
       if (is_https_proxy_)
@@ -475,4 +495,18 @@
   return OK;
 }
 
+int HttpProxyClientSocket::DoTCPRestart() {
+  next_state_ = STATE_TCP_RESTART_COMPLETE;
+  return transport_->socket()->Connect(
+      base::Bind(&HttpProxyClientSocket::OnIOComplete, base::Unretained(this)));
+}
+
+int HttpProxyClientSocket::DoTCPRestartComplete(int result) {
+  if (result != OK)
+    return result;
+
+  next_state_ = STATE_GENERATE_AUTH_TOKEN;
+  return result;
+}
+
 }  // namespace net