Open dok72 opened 5 years ago
snorre-k
commented
4 years ago Hi,
I have the same problem.
When using type = http-connect; no authentication is sent to the proxy. Wireshark shows two following CONNECT request without authentication data for each GET sent by the client.
BR Norbert
snorre-k
commented
4 years ago Hi,
Just found the problem. Our proxy uses multiple authentications (NEGOTIATE, NTLM and BASIC). According to "http-auth.c" line 288: // FIXME: multi-line headers are not supported
For me I fixed this with an ugly workaround (as I am not a C programmer), which maybe not appropriate for other users. I set the authentication method to BASIC in "http-connect.c" line 228: if (true)
diff --git a/http-connect.c b/http-connect.c
index f7679ac..4b83785 100644
--- a/http-connect.c
+++ b/http-connect.c
@@ -225,7 +225,7 @@ static struct evbuffer *httpc_mkconnect(redsocks_client *client)
if (auth->last_auth_query != NULL) {
/* find previous auth challange */
- if (strncasecmp(auth->last_auth_query, "Basic", 5) == 0) {
+ if (true) {
auth_string = basic_authentication_encode(client->instance->config.login, client->instance->config.password);
auth_scheme = "Basic";
} else if (strncasecmp(auth->last_auth_query, "Digest", 6) == 0) {BR Norbert
snorre-k
commented
4 years ago Created a pull request for enabling multiline auth requests
Hi, I'm using redoscks on a 2018.4 kali linux. I need to connect to an http-proxy that require authentication. I set redsocks.conf in this way
base { log_debug = on; log_info = on; log = "stderr"; daemon = off; redirector = iptables; }
redsocks { local_ip = 127.0.0.1; local_port = 12345; ip = 10.12.yyy.xxx; port = 8080; // known types: socks4, socks5, http-connect, http-relay type = http-connect; login = "myUser"; password = "myPass"; disclose_src = false; }
But it seems that redsocks does NOT consider my credential. I sniff traffic with wireshark and compare it with a proxychains connection that works fine (with same IP,Port,user and pass parameter).
wireshark session with redsocks: CONNECT 216.58.205.100:80 HTTP/1.0
HTTP/1.0 407 authenticationrequired Via: 1.0 10.12.yyy.xxx (McAfee Web Gateway 7.7.2.7.0.24770) Date: Mon, 11 Feb 2019 09:25:22 GMT Content-Type: text/html Cache-Control: no-cache Content-Length: 4040 Proxy-Connection: Close Proxy-Authenticate: Negotiate Proxy-Authenticate: Basic realm="McAfee Web Gateway" ....
wireshark session with proxychains: CONNECT 185.63.145.1:443 HTTP/1.0 Proxy-Authorization: Basic ZjI1MjE5Y...
HTTP/1.0 200 Connection established
What's wrong on my config setup ? Thanks.