HTTP CONNECT proxy support.

- The HTTP analyzer now supports handling HTTP CONNECT proxies
   same as the SOCKS analyzer handles proxying.

src/analyzer/protocol/http/HTTP.cc

@@ -889,6 +889,9 @@ HTTP_Analyzer::HTTP_Analyzer(Connection* conn)
 	reply_code = 0;
 	reply_reason_phrase = 0;
 
+	connect_request = false;
+	pia = 0;
+
 	content_line_orig = new tcp::ContentLine_Analyzer(conn, true);
 	AddSupportAnalyzer(content_line_orig);
 
@@ -945,6 +948,14 @@ void HTTP_Analyzer::DeliverStream(int len, const u_char* data, bool is_orig)
 	if ( TCP() && TCP()->IsPartial() )
 		return;
 
+	if ( pia )
+		{
+		// There will be a PIA instance if this connection has been identified 
+		// as a connect proxy.
+		ForwardStream(len, data, is_orig);
+		return;
+		}
+
 	const char* line = reinterpret_cast<const char*>(data);
 	const char* end_of_line = line + len;
 
@@ -1059,6 +1070,27 @@ void HTTP_Analyzer::DeliverStream(int len, const u_char* data, bool is_orig)
 						reply_message, is_orig,
 						ExpectReplyMessageBody(),
 						len);
+
+				if ( connect_request && reply_code == 200 )
+					{
+					pia = new pia::PIA_TCP(Conn());
+					if ( AddChildAnalyzer(pia) )
+						{
+						pia->FirstPacket(true, 0);
+						pia->FirstPacket(false, 0);
+
+						// This connection has transitioned to no longer
+						// being http and the content line support analyzers
+						// need to be removed.
+						RemoveSupportAnalyzer(content_line_orig);
+						RemoveSupportAnalyzer(content_line_resp);
+						}
+					else
+						{
+						pia = 0;
+						}
+					}
+
 				}
 			else
 				{
@@ -1404,6 +1436,9 @@ void HTTP_Analyzer::HTTP_Request()
 		// DEBUG_MSG("%.6f http_request\n", network_time);
 		ConnectionEvent(http_request, vl);
 		}
+
+	if ( strcasecmp_n(request_method->AsString()->Len(), (const char*) (request_method->AsString()->Bytes()), "CONNECT") == 0 )
+		connect_request = true;
 	}
 
 void HTTP_Analyzer::HTTP_Reply()