aboutsummaryrefslogtreecommitdiff
path: root/proxy.c
diff options
context:
space:
mode:
authorJames Yonan <james@openvpn.net>2010-05-24 22:51:16 +0000
committerJames Yonan <james@openvpn.net>2010-05-24 22:51:16 +0000
commit3cf6c9328250061600b78c8a7deb0edc850e739b (patch)
treebc6032117107a8e801e8203c40b1d9533b657597 /proxy.c
parentMinor fixes to recent HTTP proxy changes: (diff)
downloadopenvpn-3cf6c9328250061600b78c8a7deb0edc850e739b.tar.xz
Implemented http-proxy-override and http-proxy-fallback directives to make it
easier for OpenVPN client UIs to start a pre-existing client config file with proxy options, or to adaptively fall back to a proxy connection if a direct connection fails. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5652 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'proxy.c')
-rw-r--r--proxy.c15
1 files changed, 12 insertions, 3 deletions
diff --git a/proxy.c b/proxy.c
index 7fb5b59..ac3fc65 100644
--- a/proxy.c
+++ b/proxy.c
@@ -224,10 +224,14 @@ get_user_pass_http (struct http_proxy_info *p, const bool force)
{
if (!static_proxy_user_pass.defined || force)
{
+ unsigned int flags = GET_USER_PASS_MANAGEMENT;
+ if (p->queried_creds)
+ flags |= GET_USER_PASS_PREVIOUS_CREDS_FAILED;
get_user_pass (&static_proxy_user_pass,
p->options.auth_file,
UP_TYPE_PROXY,
- GET_USER_PASS_MANAGEMENT);
+ flags);
+ p->queried_creds = true;
p->up = static_proxy_user_pass;
}
}
@@ -755,12 +759,12 @@ establish_http_proxy_passthru (struct http_proxy_info *p,
realm,
password,
nonce,
- cnonce,
+ (char *)cnonce,
session_key);
DigestCalcResponse(session_key,
nonce,
nonce_count,
- cnonce,
+ (char *)cnonce,
qop,
http_method,
uri,
@@ -877,6 +881,8 @@ establish_http_proxy_passthru (struct http_proxy_info *p,
goto error;
}
+ /* SUCCESS */
+
/* receive line from proxy and discard */
if (!recv_line (sd, NULL, 0, p->options.timeout, true, NULL, signal_received))
goto error;
@@ -888,6 +894,9 @@ establish_http_proxy_passthru (struct http_proxy_info *p,
while (recv_line (sd, NULL, 0, 2, false, lookahead, signal_received))
;
+ /* reset queried_creds so that we don't think that the next creds request is due to an auth error */
+ p->queried_creds = false;
+
#if 0
if (lookahead && BLEN (lookahead))
msg (M_INFO, "HTTP PROXY: lookahead: %s", format_hex (BPTR (lookahead), BLEN (lookahead), 0));