diff mbox series

[Openvpn-devel,S] Change in openvpn[master]: --http-proxy-user-pass: allow to specify in either order with --http-...

Message ID 57157c23530a1bdd1e4e62d97ecf23369cd3159e-HTML@gerrit.openvpn.net
State Superseded
Headers show
Series [Openvpn-devel,S] Change in openvpn[master]: --http-proxy-user-pass: allow to specify in either order with --http-... | expand

Commit Message

flichtenheld (Code Review) Jan. 12, 2024, 2:14 p.m. UTC 
Attention is currently required from: plaisthos.

Hello plaisthos,

I'd like you to do a code review.
Please visit

    http://gerrit.openvpn.net/c/openvpn/+/499?usp=email

to review the following change.


Change subject: --http-proxy-user-pass: allow to specify in either order with --http-proxy
......................................................................

--http-proxy-user-pass: allow to specify in either order with --http-proxy

Previously, when using a third argument to --http-proxy other
than auto/auto-nct, order did matter between --http-proxy and
--http-proxy-user-pass. Always prefer --http-proxy-user-pass
when given.

Change-Id: I6f402db2fb73f1206fbc1139c47d2bf4378376fa
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
---
M src/openvpn/options.c
M src/openvpn/proxy.c
M src/openvpn/proxy.h
3 files changed, 11 insertions(+), 3 deletions(-)



  git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/99/499/1
diff mbox series

Patch

diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index f54f276..e393511 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -1649,6 +1649,8 @@ 
     SHOW_STR(port);
     SHOW_STR(auth_method_string);
     SHOW_STR(auth_file);
+    SHOW_STR(auth_file_up);
+    SHOW_BOOL(inline_creds);
     SHOW_STR(http_version);
     SHOW_STR(user_agent);
     for  (i = 0; i < MAX_CUSTOM_HTTP_HEADER && o->custom_headers[i].name; i++)
@@ -6824,7 +6826,7 @@ 
         struct http_proxy_options *ho;
         VERIFY_PERMISSION(OPT_P_GENERAL|OPT_P_INLINE);
         ho = init_http_proxy_options_once(&options->ce.http_proxy_options, &options->gc);
-        ho->auth_file = p[1];
+        ho->auth_file_up = p[1];
         ho->inline_creds = is_inline;
     }
     else if (streq(p[0], "http-proxy-retry") || streq(p[0], "socks-proxy-retry"))
diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c
index e081532..e2324f4 100644
--- a/src/openvpn/proxy.c
+++ b/src/openvpn/proxy.c
@@ -271,6 +271,11 @@ 
     if (!static_proxy_user_pass.defined)
     {
         unsigned int flags = GET_USER_PASS_MANAGEMENT;
+        const char *auth_file = p->options.auth_file;
+        if (p->options.auth_file_up)
+        {
+            auth_file = p->options.auth_file_up;
+        }
         if (p->queried_creds)
         {
             flags |= GET_USER_PASS_PREVIOUS_CREDS_FAILED;
@@ -280,7 +285,7 @@ 
             flags |= GET_USER_PASS_INLINE_CREDS;
         }
         get_user_pass(&static_proxy_user_pass,
-                      p->options.auth_file,
+                      auth_file,
                       UP_TYPE_PROXY,
                       flags);
         p->queried_creds = true;
diff --git a/src/openvpn/proxy.h b/src/openvpn/proxy.h
index 7900244..4e78772 100644
--- a/src/openvpn/proxy.h
+++ b/src/openvpn/proxy.h
@@ -52,10 +52,11 @@ 
 
     const char *auth_method_string;
     const char *auth_file;
+    const char *auth_file_up; /* specified with --http-proxy-user-pass */
     const char *http_version;
     const char *user_agent;
     struct http_custom_header custom_headers[MAX_CUSTOM_HTTP_HEADER];
-    bool inline_creds;
+    bool inline_creds; /* auth_file_up is inline credentials */
 };
 
 struct http_proxy_options_simple {