From patchwork Fri Jan 12 14:14:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "plaisthos (Code Review)" X-Patchwork-Id: 3562 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:a213:b0:100:d2e5:60d with SMTP id bs19csp2074379dyb; Fri, 12 Jan 2024 06:14:38 -0800 (PST) X-Google-Smtp-Source: AGHT+IFHkoDxhjSVdzTkupmyByyhxMtfpXwlSTTkVQKDBNdhePvucimqo5V5PEdwLFxnUjTgBbfY X-Received: by 2002:a05:6a20:8f17:b0:199:fb63:d839 with SMTP id b23-20020a056a208f1700b00199fb63d839mr2133144pzk.3.1705068878318; Fri, 12 Jan 2024 06:14:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1705068878; cv=none; d=google.com; s=arc-20160816; b=mtMp2iOvfsK9sSKgPMwl4FdlaaZFR3lPiZcR0l4AlpOyqRvGqNxVFEZ6EfdwyYajtK TBVPUcgqOoEKmZm0GZ+pZUchvkQFZ9pMXEeiVwnMSoVNGCTGLTxkXtRRSzQLD8uut2dB 2Qy49G6ktYUlA531nKqx590WBQJOSpp4yaCAT+ZseGWa1bOQRVckWHsemSGil7UuRUOx sNvwQ4O8lDme9JqqQxSOhge81dqX8sHYYIrtw6z4/PqiIpNwMuEPViVQsz3l52updQBU 2XGpp4VbKKutWEV4/7TX2NP1k8qp4slxWcWRqfgtGV4k2q+wsAgsuLj/B0VaUv+6fZfS psFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:cc:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:user-agent :mime-version:message-id:references:auto-submitted:to:date:from :dkim-signature:dkim-signature:dkim-signature; bh=kjgVyLY+DAKYf3rx7LP7NMKBR2uW+np218M/DIZohL8=; fh=GFP4qDxgyJ2WEPo/oeLZg3Mj4NqvY1j2nTvTt7psNwg=; b=c0Wh1JhG970BtOmqGXTKkE7K/4tJTWUoX4e+irMQmOddU6LDyXJ+5EwaVzzMWy469x uAFFtGv1QGIYx011dAGfbAy7E7BWE7NwW1X/evwdmmPMoneA55rUjA99jXoUu+qNPoI2 pEP3am0KmqM4x3HnZZ5bxL3h/eWXC8HALW8IbcHiu3e/FiKJ0IcIP9aGgrjqt7Cm6emj ah1oS0SviUcjjl4Zc0FBHeSH0cE6WgQVNi0UWRgnV8VRXrPiuL0vN8ywWANhv7zekbl/ uRlAHSSBM+t+rUPfbnUHygt452Y45KREp+m/fkIO+6M8FSzo7BHpDzu0GmM+ch08OJtn ydbQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=dpEOLkzD; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=VtDCia2h; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=Nt50qc5a; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id fj42-20020a056a003a2a00b006d9bf8de301si3374504pfb.293.2024.01.12.06.14.38 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 12 Jan 2024 06:14:38 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=dpEOLkzD; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=VtDCia2h; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=Nt50qc5a; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1rOIIe-0004pw-Ou; Fri, 12 Jan 2024 14:14:20 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1rOIId-0004pq-RY for openvpn-devel@lists.sourceforge.net; Fri, 12 Jan 2024 14:14:19 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:To:Date: From:Sender:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help: List-Subscribe:List-Post:List-Owner:List-Archive; bh=X7LbGOsph+xOmJALn8uNmSJkU7WImjTpOtYFYeY3s6I=; b=dpEOLkzDRkl5oA6nvhuPSPF94d Xk1t6ANnozYA2gL2xGxeNvdWX3ZVJ5Y91Jd2j0CnJymJlEPaeg50h5rjNSkvT6b1fZ1qYkuK9VErH swnnayLvOPitZxdRSCCQ+z8PflclmkXnXO33Da3ZSosWyBmCmaidSi03vEph5yUi4RqM=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To: References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:From:Sender:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post: List-Owner:List-Archive; bh=X7LbGOsph+xOmJALn8uNmSJkU7WImjTpOtYFYeY3s6I=; b=V tDCia2hEXCyUOWdTGoyXoDWIEILp4mQ2yeuYrNseYVfLFocLBupYeQbGulg9ZC8Cb8nARP9ggvbrP T6ovkRYjgAp7KlWgGC0Yp3CPHaDYvZVOToOfMWcHlLL84H2Fv2/Hu25+/uu+CH/TRTTh7c9E4wBE1 lW2zr5rLIg4Z87Ak=; Received: from mail-wm1-f47.google.com ([209.85.128.47]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1rOIIZ-00083b-7d for openvpn-devel@lists.sourceforge.net; Fri, 12 Jan 2024 14:14:19 +0000 Received: by mail-wm1-f47.google.com with SMTP id 5b1f17b1804b1-40e613b6afbso17398265e9.3 for ; Fri, 12 Jan 2024 06:14:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=openvpn.net; s=google; t=1705068849; x=1705673649; darn=lists.sourceforge.net; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from:from:to:cc :subject:date:message-id:reply-to; bh=X7LbGOsph+xOmJALn8uNmSJkU7WImjTpOtYFYeY3s6I=; b=Nt50qc5a7ewlaCSHC6tSM+MymZ1Z0i42zmG8dzU5ks4drmN4AwIkE17skgHl9BSKth hBBwgWXSgRXbG01JzVwsFnAaNkDi1ApRGc/nytN4J4aZ6qumYsQRKoosbJU0iV/2wGNw 7QG9qi/2cucRqIGD8h4LwcBgBOZReuJv863gE0obFHDqPu7THtWrr1c1rDdz2uOt9Dme zCbH/w9zU7SDP4dzRUBFoQG5MiF+xwrVYgFtI27JMuuAZ9yDhr7Su4FsERQ+UfS9jZtc Cs8wmWzByPIsFF8C5FpfRBTdg5LlcFJ3MZBoNtxoc0hXBPSryD9hF6E2EdCJ8FdNFUuY Y8Pw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705068849; x=1705673649; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=X7LbGOsph+xOmJALn8uNmSJkU7WImjTpOtYFYeY3s6I=; b=LJV5OGRwkCdcDm8E+xmouzbrDmvwqiU6+pFUFvBZHbD+PVNzXVbgrvHHvfth2noroG k9ibtSv+dAlDXWjTHbxLLuNa5h6Yy7uSXcFTtNUHtHm0+FNsY6ZjvsqnSG4IGa64FBwU yNT0ghIgll/pHUB/eBcGVtzt12jZF1B3gSpf/I2H4g3HkIvGv7M2vsQ4w3vFYWZY5u2E xCoF/JLT9ZYxPfB9O0rGM98fpPaGTJBzJ4xO5N2lU6xS9ujpEAEndJunzcT678LlZYRm /R/zF+3qp95ymJ0NtCjSpxma2pKuozZLmsVGDRE0ZUhF0CB5MP/ns8we04eK/y7saCG6 LCEQ== X-Gm-Message-State: AOJu0YzbRiCtwd6jxrflfO7ttDiBxgzsIcXCqAqOf8lRSeSXanKHtPI9 pxIwKBFCfK/7rbNal9V4l1ctNYdgymZdXkeY3EWP5/UVLHE= X-Received: by 2002:a05:600c:4930:b0:40e:61d2:b5dd with SMTP id f48-20020a05600c493000b0040e61d2b5ddmr790222wmp.171.1705068849168; Fri, 12 Jan 2024 06:14:09 -0800 (PST) Received: from gerrit.openvpn.in (ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78]) by smtp.gmail.com with ESMTPSA id l22-20020a05600c4f1600b0040d6b91efd9sm9803864wmq.44.2024.01.12.06.14.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 Jan 2024 06:14:08 -0800 (PST) From: "flichtenheld (Code Review)" X-Google-Original-From: "flichtenheld (Code Review)" X-Gerrit-PatchSet: 1 Date: Fri, 12 Jan 2024 14:14:08 +0000 To: plaisthos Auto-Submitted: auto-generated X-Gerrit-MessageType: newchange X-Gerrit-Change-Id: I6f402db2fb73f1206fbc1139c47d2bf4378376fa X-Gerrit-Change-Number: 499 X-Gerrit-Project: openvpn X-Gerrit-ChangeURL: X-Gerrit-Commit: 1b8687656ed025625235df1cae08dde851cf5c8c References: Message-ID: <57157c23530a1bdd1e4e62d97ecf23369cd3159e-HTML@gerrit.openvpn.net> MIME-Version: 1.0 User-Agent: Gerrit/3.8.2 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Attention is currently required from: plaisthos. Hello plaisthos, I'd like you to do a code review. Please visit Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.128.47 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.128.47 listed in wl.mailspike.net] 0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP 0.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1rOIIZ-00083b-7d Subject: [Openvpn-devel] [S] Change in openvpn[master]: --http-proxy-user-pass: allow to specify in either order with --http-... X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: frank@lichtenheld.com, arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net Cc: openvpn-devel Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1787894303928470242?= X-GMAIL-MSGID: =?utf-8?q?1787894303928470242?= X-getmail-filter-classifier: gerrit message type newchange Attention is currently required from: plaisthos. Hello plaisthos, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/499?usp=email to review the following change. Change subject: --http-proxy-user-pass: allow to specify in either order with --http-proxy ...................................................................... --http-proxy-user-pass: allow to specify in either order with --http-proxy Previously, when using a third argument to --http-proxy other than auto/auto-nct, order did matter between --http-proxy and --http-proxy-user-pass. Always prefer --http-proxy-user-pass when given. Change-Id: I6f402db2fb73f1206fbc1139c47d2bf4378376fa Signed-off-by: Frank Lichtenheld --- M src/openvpn/options.c M src/openvpn/proxy.c M src/openvpn/proxy.h 3 files changed, 11 insertions(+), 3 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/99/499/1 diff --git a/src/openvpn/options.c b/src/openvpn/options.c index f54f276..e393511 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -1649,6 +1649,8 @@ SHOW_STR(port); SHOW_STR(auth_method_string); SHOW_STR(auth_file); + SHOW_STR(auth_file_up); + SHOW_BOOL(inline_creds); SHOW_STR(http_version); SHOW_STR(user_agent); for (i = 0; i < MAX_CUSTOM_HTTP_HEADER && o->custom_headers[i].name; i++) @@ -6824,7 +6826,7 @@ struct http_proxy_options *ho; VERIFY_PERMISSION(OPT_P_GENERAL|OPT_P_INLINE); ho = init_http_proxy_options_once(&options->ce.http_proxy_options, &options->gc); - ho->auth_file = p[1]; + ho->auth_file_up = p[1]; ho->inline_creds = is_inline; } else if (streq(p[0], "http-proxy-retry") || streq(p[0], "socks-proxy-retry")) diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c index e081532..e2324f4 100644 --- a/src/openvpn/proxy.c +++ b/src/openvpn/proxy.c @@ -271,6 +271,11 @@ if (!static_proxy_user_pass.defined) { unsigned int flags = GET_USER_PASS_MANAGEMENT; + const char *auth_file = p->options.auth_file; + if (p->options.auth_file_up) + { + auth_file = p->options.auth_file_up; + } if (p->queried_creds) { flags |= GET_USER_PASS_PREVIOUS_CREDS_FAILED; @@ -280,7 +285,7 @@ flags |= GET_USER_PASS_INLINE_CREDS; } get_user_pass(&static_proxy_user_pass, - p->options.auth_file, + auth_file, UP_TYPE_PROXY, flags); p->queried_creds = true; diff --git a/src/openvpn/proxy.h b/src/openvpn/proxy.h index 7900244..4e78772 100644 --- a/src/openvpn/proxy.h +++ b/src/openvpn/proxy.h @@ -52,10 +52,11 @@ const char *auth_method_string; const char *auth_file; + const char *auth_file_up; /* specified with --http-proxy-user-pass */ const char *http_version; const char *user_agent; struct http_custom_header custom_headers[MAX_CUSTOM_HTTP_HEADER]; - bool inline_creds; + bool inline_creds; /* auth_file_up is inline credentials */ }; struct http_proxy_options_simple {