[Openvpn-devel,v1] --http-proxy-user-pass: allow to specify in either order with --http-proxy
Commit Message
From: Frank Lichtenheld <frank@lichtenheld.com>
Previously, when using a third argument to --http-proxy other
than auto/auto-nct, order did matter between --http-proxy and
--http-proxy-user-pass. Always prefer --http-proxy-user-pass
when given.
Change-Id: I6f402db2fb73f1206fbc1139c47d2bf4378376fa
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
---
This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/499
This mail reflects revision 1 of this Change.
Acked-by according to Gerrit (reflected above):
Gert Doering <gert@greenie.muc.de>
Comments
Stared at code, stared at manpage (+changes), patch makes sense.
Haven't tested "for real" beyond "passes t_client tests", which do use
http-proxy, but which do not use an authenticated proxy (yet -> TBD!).
Your patch has been applied to the master and release/2.6 branch
("make behaviour consistent" counts as "bugfix", and it's only a small
and localized change).
commit a634cc5eccd55f1d14197da7376bb819bdf72cb6 (master)
commit 1141e7505747dd6029ac7cf19b6c2de99a685ccc (release/2.6)
Author: Frank Lichtenheld
Date: Mon Jan 22 10:21:22 2024 +0100
--http-proxy-user-pass: allow to specify in either order with --http-proxy
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20240122092122.8591-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28099.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
--
kind regards,
Gert Doering
@@ -1649,6 +1649,8 @@
SHOW_STR(port);
SHOW_STR(auth_method_string);
SHOW_STR(auth_file);
+ SHOW_STR(auth_file_up);
+ SHOW_BOOL(inline_creds);
SHOW_STR(http_version);
SHOW_STR(user_agent);
for (i = 0; i < MAX_CUSTOM_HTTP_HEADER && o->custom_headers[i].name; i++)
@@ -6824,7 +6826,7 @@
struct http_proxy_options *ho;
VERIFY_PERMISSION(OPT_P_GENERAL|OPT_P_INLINE);
ho = init_http_proxy_options_once(&options->ce.http_proxy_options, &options->gc);
- ho->auth_file = p[1];
+ ho->auth_file_up = p[1];
ho->inline_creds = is_inline;
}
else if (streq(p[0], "http-proxy-retry") || streq(p[0], "socks-proxy-retry"))
@@ -271,6 +271,11 @@
if (!static_proxy_user_pass.defined)
{
unsigned int flags = GET_USER_PASS_MANAGEMENT;
+ const char *auth_file = p->options.auth_file;
+ if (p->options.auth_file_up)
+ {
+ auth_file = p->options.auth_file_up;
+ }
if (p->queried_creds)
{
flags |= GET_USER_PASS_PREVIOUS_CREDS_FAILED;
@@ -280,7 +285,7 @@
flags |= GET_USER_PASS_INLINE_CREDS;
}
get_user_pass(&static_proxy_user_pass,
- p->options.auth_file,
+ auth_file,
UP_TYPE_PROXY,
flags);
p->queried_creds = true;
@@ -52,10 +52,11 @@
const char *auth_method_string;
const char *auth_file;
+ const char *auth_file_up; /* specified with --http-proxy-user-pass */
const char *http_version;
const char *user_agent;
struct http_custom_header custom_headers[MAX_CUSTOM_HTTP_HEADER];
- bool inline_creds;
+ bool inline_creds; /* auth_file_up is inline credentials */
};
struct http_proxy_options_simple {