@@ -657,18 +657,28 @@ pub const Request = struct {
657657
658658 const is_connect_proxy = self ._client .isConnectProxy ();
659659 if (is_connect_proxy ) {
660- try SyncHandler .connect (self );
661- }
662-
663- if (self ._secure ) {
664- self ._connection .? .tls = .{
665- .blocking = try tls .client (std.net.Stream { .handle = socket }, .{
666- .host = if (is_connect_proxy ) self ._request_host else self ._connect_host ,
667- .root_ca = self ._client .root_ca ,
668- .insecure_skip_verify = self ._tls_verify_host == false ,
669- // .key_log_callback = tls.config.key_log.callback,
670- }),
671- };
660+ const connect_connection = try SyncHandler .connect (self );
661+ if (self ._secure ) {
662+ self ._connection .? .tls = .{
663+ .blocking = try tls .client (connect_connection .stream , .{
664+ .host = if (is_connect_proxy ) self ._request_host else self ._connect_host ,
665+ .root_ca = self ._client .root_ca ,
666+ .insecure_skip_verify = self ._tls_verify_host == false ,
667+ // .key_log_callback = tls.config.key_log.callback,
668+ }),
669+ };
670+ }
671+ } else {
672+ if (self ._secure ) {
673+ self ._connection .? .tls = .{
674+ .blocking = try tls .client (std.net.Stream { .handle = socket }, .{
675+ .host = if (is_connect_proxy ) self ._request_host else self ._connect_host ,
676+ .root_ca = self ._client .root_ca ,
677+ .insecure_skip_verify = self ._tls_verify_host == false ,
678+ // .key_log_callback = tls.config.key_log.callback,
679+ }),
680+ };
681+ }
672682 }
673683
674684 self ._connection_from_keepalive = false ;
@@ -1804,11 +1814,18 @@ const SyncHandler = struct {
18041814
18051815 // Unfortunately, this is called from the Request doSendSync since we need
18061816 // to do this before setting up our TLS connection.
1807- fn connect (request : * Request ) ! void {
1817+ fn connect (request : * Request ) ! tls. Connection ( std . net . Stream ) {
18081818 const socket = request ._connection .? .socket ;
18091819
18101820 const header = try request .buildConnectHeader ();
1811- try Conn .writeAll (socket , header );
1821+ // try Conn.writeAll(socket, header);
1822+ var tls_client = try tls .client (std.net.Stream { .handle = socket }, .{
1823+ .host = request ._connect_host ,
1824+ .root_ca = request ._client .root_ca ,
1825+ .insecure_skip_verify = request ._tls_verify_host == false ,
1826+ .key_log_callback = tls .config .key_log .callback ,
1827+ });
1828+ try tls_client .writeAll (header );
18121829
18131830 var pos : usize = 0 ;
18141831 var reader = request .newReader ();
@@ -1819,18 +1836,24 @@ const SyncHandler = struct {
18191836 // we only send CONNECT requests on newly established connections
18201837 // and maybeRetryOrErr is only for connections that might have been
18211838 // closed while being kept-alive
1822- const n = try posix .read (socket , read_buf [pos .. ]);
1839+ // const n = try posix.read(socket, read_buf[pos..]);
1840+ // const n = switch (self.*) {
1841+ // .tls => |tls_client| try tls_client.read(buf),
1842+ // .plain => |socket| try posix.read(socket, buf),
1843+ // };
1844+ const n = try tls_client .read (read_buf [pos .. ]);
18231845 if (n == 0 ) {
18241846 return error .ConnectionResetByPeer ;
18251847 }
18261848 pos += n ;
18271849 if (try reader .connectResponse (read_buf [0.. pos ])) {
18281850 // returns true if we have a successful connect response
1829- return ;
1851+ return tls_client ;
18301852 }
18311853
18321854 // we don't have enough data yet.
18331855 }
1856+ return tls_client ;
18341857 }
18351858
18361859 fn maybeRetryOrErr (self : * SyncHandler , err : anyerror ) ! Response {
@@ -2081,6 +2104,7 @@ const Reader = struct {
20812104 if (result .done == false ) {
20822105 // CONNECT responses should not have a body. If the header is
20832106 // done, then the entire response should be done.
2107+ log .err (.http_client , "InvalidConnectResponse" , .{ .unprocessed = result .unprocessed .? });
20842108 return error .InvalidConnectResponse ;
20852109 }
20862110
0 commit comments