search

caddyserver / forwardproxy

Forward proxy plugin for the Caddy web server
Apache License 2.0
582 stars 218 forks source link

Putty/WinScp HTTP Proxy #111

Open ducktype opened 5 months ago

ducktype commented 5 months ago

I've tried to connect to an ssh server via forwardproxy with putty or winscp (winscp uses putty as library) and eithout auth_basic the connection is successfull but with auth_basic even without probe_resitance the client wait until timeout

wireshark shows this with probe_resitance enabled, putty in the source code seems to expect Proxy-Authenticate: to choose if credential need to be sent with basic mode or digest but for whatever reason keep waiting, seems a client problem right? 

CONNECT 127.0.0.1:22 HTTP/1.1
Host: 127.0.0.1:22

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="Caddy Secure Web Proxy"
Server: Caddy
Date: Fri, 19 Jan 2024 00:15:59 GMT
Content-Length: 0

curl seems to send immediately the credentials with auth basic so the problem does not happens with or without probe_resistance

curl -vvv -x http://user:passs@host:80 telnet://127.0.0.1:22
*   Trying xxxxxxx...
* Connected to xxxxxxxx port 80
* CONNECT tunnel: HTTP/1.1 negotiated
* allocate connect buffer
* Proxy auth using Basic with user 'xxx'
* Establish HTTP proxy tunnel to 127.0.0.1:22
> CONNECT 127.0.0.1:22 HTTP/1.1
> Host: 127.0.0.1:22
> Proxy-Authorization: Basic xxxxxxxxxxxxx
> User-Agent: curl/8.4.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 OK
< Server: Caddy
< Content-Length: 0
* Ignoring Content-Length in CONNECT 200 response
<
* CONNECT phase completed
* CONNECT tunnel established, response 200
SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.5
^C