fix: Enable support for user:password@host in proxy connections

Ticket: MEN-7402 Changelog: Basic authentication (https://user:password@host/) is now supported for proxy URLs and connections Signed-off-by: Vratislav Podzimek <vratislav.podzimek@northern.tech>
mendersoftware · Jul 18, 2024 · 162687b · 162687b
1 parent 3fb2a64
commit 162687b
Showing 1 changed file with 27 additions and 2 deletions.
diff --git a/src/common/http/platform/beast/http.cpp b/src/common/http/platform/beast/http.cpp
@@ -439,6 +439,21 @@ error::Error Client::AsyncCall(
 	return error::NoError;
 }
 
+static inline error::Error AddProxyAuthHeader(OutgoingRequest &req, BrokenDownUrl &proxy_address) {
+	if (proxy_address.username == "") {
+		// nothing to do
+		return error::NoError;
+	}
+	auto creds = proxy_address.username + ":" + proxy_address.password;
+	auto ex_encoded_creds = crypto::EncodeBase64(common::ByteVectorFromString(creds));
+	if (!ex_encoded_creds) {
+		return ex_encoded_creds.error();
+	}
+	req.SetHeader("Proxy-Authorization", "Basic " + ex_encoded_creds.value());
+
+	return error::NoError;
+}
+
 error::Error Client::HandleProxySetup() {
 	secondary_req_.reset();
 
@@ -448,7 +463,7 @@ error::Error Client::HandleProxySetup() {
 		if (http_proxy_ != "" && !HostNameMatchesNoProxy(request_->address_.host, no_proxy_)) {
 			// Make a modified proxy request.
 			BrokenDownUrl proxy_address;
-			auto err = BreakDownUrl(http_proxy_, proxy_address);
+			auto err = BreakDownUrl(http_proxy_, proxy_address, true);
 			if (err != error::NoError) {
 				return err.WithContext("HTTP proxy URL is invalid");
 			}
@@ -464,6 +479,11 @@ error::Error Client::HandleProxySetup() {
 			request_->address_.port = proxy_address.port;
 			request_->address_.protocol = proxy_address.protocol;
 
+			err = AddProxyAuthHeader(*request_, proxy_address);
+			if (err != error::NoError) {
+				return err;
+			}
+
 			if (proxy_address.protocol == "https") {
 				socket_mode_ = SocketMode::Tls;
 			} else if (proxy_address.protocol == "http") {
@@ -484,7 +504,7 @@ error::Error Client::HandleProxySetup() {
 			request_ = make_shared<OutgoingRequest>();
 			request_->SetMethod(Method::CONNECT);
 			BrokenDownUrl proxy_address;
-			auto err = BreakDownUrl(https_proxy_, proxy_address);
+			auto err = BreakDownUrl(https_proxy_, proxy_address, true);
 			if (err != error::NoError) {
 				return err.WithContext("HTTPS proxy URL is invalid");
 			}
@@ -499,6 +519,11 @@ error::Error Client::HandleProxySetup() {
 			request_->address_.port = proxy_address.port;
 			request_->address_.protocol = proxy_address.protocol;
 
+			err = AddProxyAuthHeader(*request_, proxy_address);
+			if (err != error::NoError) {
+				return err;
+			}
+
 			if (proxy_address.protocol == "https") {
 				socket_mode_ = SocketMode::Tls;
 			} else if (proxy_address.protocol == "http") {