From 60efa77f00c6ce08ec2d17a55695bba51ef00a6c Mon Sep 17 00:00:00 2001 From: klzgrad Date: Mon, 1 Jul 2024 00:26:50 +0800 Subject: [PATCH] Support auth in http proxy server --- .../tools/naive/http_proxy_server_socket.cc | 19 ++++++++++++++++++- .../tools/naive/http_proxy_server_socket.h | 4 ++++ src/net/tools/naive/naive_proxy.cc | 5 +++-- 3 files changed, 25 insertions(+), 3 deletions(-) diff --git a/src/net/tools/naive/http_proxy_server_socket.cc b/src/net/tools/naive/http_proxy_server_socket.cc index f4afd1ff68..e878999356 100644 --- a/src/net/tools/naive/http_proxy_server_socket.cc +++ b/src/net/tools/naive/http_proxy_server_socket.cc @@ -10,6 +10,7 @@ #include #include +#include "base/base64.h" #include "base/functional/bind.h" #include "base/functional/callback_helpers.h" #include "base/logging.h" @@ -40,6 +41,8 @@ constexpr int kMaxPaddingSize = kMinPaddingSize + 32; HttpProxyServerSocket::HttpProxyServerSocket( std::unique_ptr transport_socket, + const std::string& user, + const std::string& pass, ClientPaddingDetectorDelegate* padding_detector_delegate, const NetworkTrafficAnnotationTag& traffic_annotation, const std::vector& supported_padding_types) @@ -53,7 +56,12 @@ HttpProxyServerSocket::HttpProxyServerSocket( header_write_size_(-1), net_log_(transport_->NetLog()), traffic_annotation_(traffic_annotation), - supported_padding_types_(supported_padding_types) {} + supported_padding_types_(supported_padding_types) { + if (!user.empty() || !pass.empty()) { + basic_auth_ = + std::string("Basic ").append(base::Base64Encode(user + ":" + pass)); + } +} HttpProxyServerSocket::~HttpProxyServerSocket() { Disconnect(); @@ -347,6 +355,15 @@ int HttpProxyServerSocket::DoHeaderReadComplete(int result) { headers.AddHeadersFromString(headers_str); } + if (!basic_auth_.empty()) { + std::string proxy_auth; + headers.GetHeader(HttpRequestHeaders::kProxyAuthorization, &proxy_auth); + if (proxy_auth != basic_auth_) { + LOG(WARNING) << "Invalid Proxy-Authorization: " << proxy_auth; + return ERR_INVALID_ARGUMENT; + } + } + if (is_http_1_0) { GURL url(uri); if (!url.is_valid()) { diff --git a/src/net/tools/naive/http_proxy_server_socket.h b/src/net/tools/naive/http_proxy_server_socket.h index 22d6ed43ac..81a735abc8 100644 --- a/src/net/tools/naive/http_proxy_server_socket.h +++ b/src/net/tools/naive/http_proxy_server_socket.h @@ -35,6 +35,8 @@ class HttpProxyServerSocket : public StreamSocket { public: HttpProxyServerSocket( std::unique_ptr transport_socket, + const std::string& user, + const std::string& pass, ClientPaddingDetectorDelegate* padding_detector_delegate, const NetworkTrafficAnnotationTag& traffic_annotation, const std::vector& supported_padding_types); @@ -117,6 +119,8 @@ class HttpProxyServerSocket : public StreamSocket { bool was_ever_used_; int header_write_size_; + std::string basic_auth_; + HostPortPair request_endpoint_; NetLogWithSource net_log_; diff --git a/src/net/tools/naive/naive_proxy.cc b/src/net/tools/naive/naive_proxy.cc index 0c50b0de2c..7e07b9f4ac 100644 --- a/src/net/tools/naive/naive_proxy.cc +++ b/src/net/tools/naive/naive_proxy.cc @@ -116,8 +116,9 @@ void NaiveProxy::DoConnect() { traffic_annotation_); } else if (protocol_ == ClientProtocol::kHttp) { socket = std::make_unique( - std::move(accepted_socket_), padding_detector_delegate.get(), - traffic_annotation_, supported_padding_types_); + std::move(accepted_socket_), listen_user_, listen_pass_, + padding_detector_delegate.get(), traffic_annotation_, + supported_padding_types_); } else if (protocol_ == ClientProtocol::kRedir) { socket = std::move(accepted_socket_); } else {