From bc0ed3774aa78dcd8b9cd97edaffdab7f60ffb4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= Date: Tue, 16 Mar 2021 16:21:35 +0200 Subject: [PATCH] libfetch: send Proxy-Authorization also for https connect fixes #10738 --- libfetch/http.c | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/libfetch/http.c b/libfetch/http.c index e3d8d53..bb01fdc 100644 --- a/libfetch/http.c +++ b/libfetch/http.c @@ -663,6 +663,22 @@ http_authorize(conn_t *conn, const char *hdr, const char *p) return (-1); } +/* + * Send a Proxy authorization header + */ +static void +http_proxy_authorize(conn_t *conn, struct url *purl) +{ + const char *p; + + if (!purl) return; + if (*purl->user || *purl->pwd) + http_basic_auth(conn, "Proxy-Authorization", + purl->user, purl->pwd); + else if ((p = getenv("HTTP_PROXY_AUTH")) != NULL && *p != '\0') + http_authorize(conn, "Proxy-Authorization", p); +} + /***************************************************************************** * Helper functions for connecting to a server or proxy */ @@ -718,8 +734,10 @@ http_connect(struct url *URL, struct url *purl, const char *flags, int *cached) if (is_https && purl) { http_cork(conn, 1); - http_cmd(conn, "CONNECT %s:%d HTTP/1.1\r\nHost: %s:%d\r\n\r\n", + http_cmd(conn, "CONNECT %s:%d HTTP/1.1\r\nHost: %s:%d\r\n", URL->host, URL->port, URL->host, URL->port); + http_proxy_authorize(conn, purl); + http_cmd(conn, "\r\n"); http_cork(conn, 0); if (http_get_reply(conn) != HTTP_OK) { http_seterr(conn->err); @@ -920,13 +938,7 @@ http_request(struct url *URL, const char *op, struct url_stat *us, http_cmd(conn, "Host: %s\r\n", host); /* proxy authorization */ - if (purl) { - if (*purl->user || *purl->pwd) - http_basic_auth(conn, "Proxy-Authorization", - purl->user, purl->pwd); - else if ((p = getenv("HTTP_PROXY_AUTH")) != NULL && *p != '\0') - http_authorize(conn, "Proxy-Authorization", p); - } + http_proxy_authorize(conn, purl); /* server authorization */ if (need_auth || *url->user || *url->pwd) {