implement HTTP basic auth for upstream proxies

loosely based on @valenbg1's code from PR #38 closes #38 closes #96
author: rofl0r <retnyg@gmx.net> 2018-02-23 20:21:32 +0000
committer: rofl0r <rofl0r@users.noreply.github.com> 2018-02-25 15:13:45 +0000
commit: bf76aeeba1cf868ebe4d2f28976abb75c48031b0 (patch)
tree: 779316ce7d9bae67cbc54122d530c6f51d761289 /src/upstream.c
parent: 4d9891e59e7c7ee77137fcdb3d02798af96811ff (diff)
1 files changed, 24 insertions, 2 deletions
diff --git a/src/upstream.c b/src/upstream.c
index 91bf457..03a6b8e 100644
--- a/src/upstream.c
+++ b/src/upstream.c
@@ -27,6 +27,8 @@
 #include "upstream.h"
 #include "heap.h"
 #include "log.h"
+#include "base64.h"
+#include "basicauth.h"
 
 #ifdef UPSTREAM_SUPPORT
 const char *
@@ -44,6 +46,7 @@ proxy_type_name(proxy_type type)
  * Construct an upstream struct from input data.
  */
 static struct upstream *upstream_build (const char *host, int port, const char *domain,
+                        const char *user, const char *pass,
 			proxy_type type)
 {
         char *ptr;
@@ -57,8 +60,24 @@ static struct upstream *upstream_build (const char *host, int port, const char *
         }
 
         up->type = type;
-        up->host = up->domain = NULL;
+        up->host = up->domain = up->ua.user = up->pass = NULL;
         up->ip = up->mask = 0;
+        if (user) {
+                if (type == HTTP_TYPE) {
+                        char b[BASE64ENC_BYTES((256+2)-1) + 1];
+                        ssize_t ret;
+                        ret = basicauth_string(user, pass, b, sizeof b);
+                        if (ret == 0) {
+                                log_message (LOG_ERR,
+                                             "User / pass in upstream config too long");
+                                return NULL;
+                        }
+                        up->ua.authstr = safestrdup (b);
+                } else {
+                        up->ua.user = safestrdup (user);
+                        up->pass = safestrdup (pass);
+                }
+        }
 
         if (domain == NULL) {
                 if (!host || host[0] == '\0' || port < 1) {
@@ -121,6 +140,8 @@ static struct upstream *upstream_build (const char *host, int port, const char *
         return up;
 
 fail:
+        safefree (up->ua.user);
+        safefree (up->pass);
         safefree (up->host);
         safefree (up->domain);
         safefree (up);
@@ -132,11 +153,12 @@ fail:
  * Add an entry to the upstream list
  */
 void upstream_add (const char *host, int port, const char *domain,
+                   const char *user, const char *pass,
                    proxy_type type, struct upstream **upstream_list)
 {
         struct upstream *up;
 
-        up = upstream_build (host, port, domain, type);
+        up = upstream_build (host, port, domain, user, pass, type);
         if (up == NULL) {
                 return;
         }
author	rofl0r <retnyg@gmx.net>	2018-02-23 20:21:32 +0000
committer	rofl0r <rofl0r@users.noreply.github.com>	2018-02-25 15:13:45 +0000
commit	bf76aeeba1cf868ebe4d2f28976abb75c48031b0 (patch)
tree	779316ce7d9bae67cbc54122d530c6f51d761289 /src/upstream.c
parent	4d9891e59e7c7ee77137fcdb3d02798af96811ff (diff)