From 1bda73a7b0f45a2502ae93e33e30b98152d893f3 Mon Sep 17 00:00:00 2001 From: james Date: Mon, 12 May 2008 20:31:43 +0000 Subject: Moved branch into official BETA21 position. git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@2959 e7ae566f-a301-0410-adde-c780ea21d3b5 --- proxy.c | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) (limited to 'proxy.c') diff --git a/proxy.c b/proxy.c index 8b208a6..620f23c 100644 --- a/proxy.c +++ b/proxy.c @@ -22,12 +22,6 @@ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -#ifdef WIN32 -#include "config-win32.h" -#else -#include "config.h" -#endif - #include "syshead.h" #include "common.h" @@ -294,19 +288,21 @@ new_http_proxy (const struct http_proxy_options *o, p->auth_method = HTTP_AUTH_BASIC; else if (!strcmp (o->auth_method_string, "ntlm")) p->auth_method = HTTP_AUTH_NTLM; + else if (!strcmp (o->auth_method_string, "ntlm2")) + p->auth_method = HTTP_AUTH_NTLM2; else - msg (M_FATAL, "ERROR: unknown HTTP authentication method: '%s' -- only the 'none', 'basic', or 'ntlm' methods are currently supported", + msg (M_FATAL, "ERROR: unknown HTTP authentication method: '%s' -- only the 'none', 'basic', 'ntlm', or 'ntlm2' methods are currently supported", o->auth_method_string); } - /* only basic and NTLM authentication supported so far */ - if (p->auth_method == HTTP_AUTH_BASIC || p->auth_method == HTTP_AUTH_NTLM) + /* only basic and NTLM/NTLMv2 authentication supported so far */ + if (p->auth_method == HTTP_AUTH_BASIC || p->auth_method == HTTP_AUTH_NTLM || p->auth_method == HTTP_AUTH_NTLM2) { get_user_pass_http (p, true); } #if !NTLM - if (p->auth_method == HTTP_AUTH_NTLM) + if (p->auth_method == HTTP_AUTH_NTLM || p->auth_method == HTTP_AUTH_NTLM2) msg (M_FATAL, "Sorry, this version of " PACKAGE_NAME " was built without NTLM Proxy support."); #endif @@ -374,6 +370,12 @@ establish_http_proxy_passthru (struct http_proxy_info *p, #if NTLM case HTTP_AUTH_NTLM: + case HTTP_AUTH_NTLM2: + /* keep-alive connection */ + openvpn_snprintf (buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); + if (!send_line_crlf (sd, buf)) + goto error; + openvpn_snprintf (buf, sizeof(buf), "Proxy-Authorization: NTLM %s", ntlm_phase_1 (p, &gc)); msg (D_PROXY, "Attempting NTLM Proxy-Authorization phase 1"); @@ -411,7 +413,7 @@ establish_http_proxy_passthru (struct http_proxy_info *p, msg (D_PROXY, "Proxy requires authentication"); /* check for NTLM */ - if (p->auth_method == HTTP_AUTH_NTLM) + if (p->auth_method == HTTP_AUTH_NTLM || p->auth_method == HTTP_AUTH_NTLM2) { #if NTLM /* look for the phase 2 response */ @@ -456,6 +458,12 @@ establish_http_proxy_passthru (struct http_proxy_info *p, if (!send_line_crlf (sd, buf)) goto error; + /* keep-alive connection */ + openvpn_snprintf (buf, sizeof(buf), "Proxy-Connection: Keep-Alive"); + if (!send_line_crlf (sd, buf)) + goto error; + + /* send HOST etc, */ openvpn_sleep (1); openvpn_snprintf (buf, sizeof(buf), "Host: %s", host); -- cgit v1.2.3