[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] Add basic HttpsProxyAuthenticator support, based on patch

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] Add basic HttpsProxyAuthenticator support, based on patch
From: arma@xxxxxxxx (Roger Dingledine)
Date: Tue, 26 Apr 2005 14:33:35 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: or-cvs-outgoing@seul.org
Delivered-to: or-cvs@seul.org
Delivery-date: Tue, 26 Apr 2005 14:33:55 -0400
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

Update of /home2/or/cvsroot/tor/src/or
In directory moria.mit.edu:/home2/arma/work/onion/cvs/tor/src/or

Modified Files:
	config.c connection_or.c or.h 
Log Message:
Add basic HttpsProxyAuthenticator support, based on patch
from Adam Langley.


Index: config.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/config.c,v
retrieving revision 1.335
retrieving revision 1.336
diff -u -d -r1.335 -r1.336
--- config.c	23 Apr 2005 19:29:09 -0000	1.335
+++ config.c	26 Apr 2005 18:33:33 -0000	1.336
@@ -134,6 +134,7 @@
   VAR("HashedControlPassword",STRING,  HashedControlPassword, NULL),
   VAR("HttpProxy",           STRING,   HttpProxy,            NULL),
   VAR("HttpsProxy",          STRING,   HttpsProxy,           NULL),
+  VAR("HttpsProxyAuthenticator",STRING,HttpsProxyAuthenticator,NULL),
   VAR("HiddenServiceOptions",LINELIST_V, RendConfigLines,    NULL),
   VAR("HiddenServiceDir",    LINELIST_S, RendConfigLines,    NULL),
   VAR("HiddenServicePort",   LINELIST_S, RendConfigLines,    NULL),
@@ -343,8 +344,6 @@
     set_exit_redirects(sl);
   }
 
-  /* Start backgrounding the process, if requested. */
-
   /* Finish backgrounding the process */
   if (options->RunAsDaemon) {
     /* We may be calling this for the n'th time (on SIGHUP), but it's safe. */
@@ -1512,6 +1511,13 @@
     }
   }
 
+  if (options->HttpsProxyAuthenticator) {
+    if (strlen(options->HttpsProxyAuthenticator) >= 48) {
+      log(LOG_WARN, "HttpsProxyAuthenticator is too long (>= 48 chars).");
+      result = -1;
+    }
+  }
+
   if (options->HashedControlPassword) {
     if (decode_hashed_password(NULL, options->HashedControlPassword)<0) {
       log_fn(LOG_WARN,"Bad HashedControlPassword: wrong length or bad base64");

Index: connection_or.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/connection_or.c,v
retrieving revision 1.170
retrieving revision 1.171
diff -u -d -r1.170 -r1.171
--- connection_or.c	25 Apr 2005 17:23:52 -0000	1.170
+++ connection_or.c	26 Apr 2005 18:33:33 -0000	1.171
@@ -171,11 +171,35 @@
     char buf[1024];
     char addrbuf[INET_NTOA_BUF_LEN];
     struct in_addr in;
+    const char *authenticator = get_options()->HttpsProxyAuthenticator;
 
     in.s_addr = htonl(conn->addr);
     tor_inet_ntoa(&in, addrbuf, sizeof(addrbuf));
-    tor_snprintf(buf, sizeof(buf), "CONNECT %s:%d HTTP/1.0\r\n\r\n",
-                 addrbuf, conn->port);
+
+    if (authenticator) {
+      /* an authenticator in Basic authentication
+       * is just the string "username:password" */
+      const int authenticator_length = strlen(authenticator);
+      /* The base64_encode function needs a minimum buffer length
+       * of 66 bytes. */
+      const int base64_authenticator_length = (authenticator_length/48+1)*66;
+      char *base64_authenticator = tor_malloc(base64_authenticator_length);
+      if (base64_encode(base64_authenticator, base64_authenticator_length,
+                        authenticator, authenticator_length) < 0) {
+        log_fn(LOG_WARN, "Encoding authenticator failed");
+        base64_authenticator[0] = 0;
+      } else {
+        /* remove extra \n at end of encoding */
+        base64_authenticator[strlen(base64_authenticator) - 1] = 0;
+      }
+      tor_snprintf(buf, sizeof(buf), "CONNECT %s:%d HTTP/1.1\r\n"
+                   "Proxy-Authorization: Basic %s\r\n\r\n", addrbuf,
+                   conn->port, base64_authenticator);
+      tor_free(base64_authenticator);
+    } else {
+      tor_snprintf(buf, sizeof(buf), "CONNECT %s:%d HTTP/1.0\r\n\r\n",
+                   addrbuf, conn->port);
+    }
     connection_write_to_buf(buf, strlen(buf), conn);
     conn->state = OR_CONN_STATE_PROXY_FLUSHING;
     return 0;

Index: or.h
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/or.h,v
retrieving revision 1.594
retrieving revision 1.595
diff -u -d -r1.594 -r1.595
--- or.h	21 Apr 2005 10:40:47 -0000	1.594
+++ or.h	26 Apr 2005 18:33:33 -0000	1.595
@@ -1059,6 +1059,7 @@
   char *HttpsProxy; /**< hostname[:port] to use as https proxy, if any */
   uint32_t HttpsProxyAddr; /**< Parsed IPv4 addr for https proxy, if any */
   uint16_t HttpsProxyPort; /**< Parsed port for https proxy, if any */
+  char *HttpsProxyAuthenticator; /** username:password string, if any */
 
   struct config_line_t *DirServers; /**< List of configuration lines
                                      * for directory servers. */

Prev by Author: [or-cvs] mention in the signals section of the man page that the sig...
Next by Author: [or-cvs] clean up this TOR_FRAGILE business
Previous by thread: [or-cvs] mention in the signals section of the man page that the sig...
Next by thread: [or-cvs] clean up this TOR_FRAGILE business
Index(es):
- Author
- Thread