Open pariseed opened 4 years ago
pariseed
commented
4 years ago closing this issue because i solve the ntlm proxy auth with:
i made a fork of chisel where i've implemented the above lib in chisel code. if someone else will have same necessity in future, keep an eye on my fork:
mpgn
commented
4 years ago @pariseed why not a PR ? This issue is still valid and should not be closed
pariseed
commented
4 years ago @mpgn when i've opened this issue i've wait almost a month for an answer from @jpillora but while for other issue opened after that a response was provided for this issue nothing is come. So i decided to do it from myself, and i've intend the no response as an "i'm not interessed in that feature". If jpillora let me know he is interessed in that feature i will pleasure to send a PR to him, but until then if someone need ntml integration they can look at my fork.
jpillora
commented
4 years ago Hey @pariseed I'd consider a PR, though I'd want to confirm the API beforehand, and also that we don't introduce many new dependencies
pariseed
commented
4 years ago Hi @jpillora i understood, i think that if you're sure to use the API there is no sense to forward a PR. However you can see here the lines that i have added to the client in order to make ntlm work with chisel:
add new regex syntax to recognize ntlm invocation
If you change idea let me know and i will create a patch from this lines or a PR
jpillora
commented
4 years ago A few things changes that I'd request:
github.com/launchdarkly/go-ntlm-proxy-auth uses https://github.com/launchdarkly/go-ntlmssp - it would be better to depend directly on Microsoft's module https://github.com/Azure/go-ntlmssp, and maybe add a small wrapper in chisel if needed
the user interface is essentially this regex (NTLM)þ(.*):(.*):(.*)@, since there is no ntlm: protocol, we could simply just use that. so it would be better to:
ntlm:([^:]+):([^:]*):([^:]*)@: colon charactersdial context can be shortened:
//optionally CONNECT proxy
if c.httpProxyURL != nil {
if isntlm == true {
ntlmDialContext := ntlm.WrapDialContext(daler.DialContext, ntlmurl, ntlmusr, ntlmpwd, ntlmdomain)
d.NetDialContext = ntlmDialContext
d.Proxy = func(*http.Request) (*url.URL, error) {
return c.httpProxyURL, nil
}
} else {
d.Proxy = func(*http.Request) (*url.URL, error) {
return c.httpProxyURL, nil
}
}
}to
//optionally CONNECT proxy
if c.httpProxyURL != nil {
if isntlm {
d.NetDialContext = ntlm.WrapDialContext(daler.DialContext, ntlmurl, ntlmusr, ntlmpwd, ntlmdomain)
}
d.Proxy = func(*http.Request) (*url.URL, error) {
return c.httpProxyURL, nil
}
}@jpillora i've just forwarded the PR 104 to you. I've followed all your suggestions except for the inclusion of the MS library, the launchdarkly fork have very small changes compared to the MS repo, other this i've encountered some problem trying to use MS go-ntlmssp and i was not able to perform any correct login with they, in fact seems that some negotiation flag are missing, but these flag was added into launchdarkly fork PR 1 so i decided to go forward with this library. Hope you will agree with this
pariseed
commented
3 years ago Reopened this issue, because after one year and PR 204 ignored nothing is changed
jpillora
commented
3 years ago Commented on the PR 👍
On Tue, 27 Apr 2021 at 12:59 am PD @.***> wrote:
Reopened this issue, because after one year and PR 204 https://github.com/jpillora/chisel/pull/204 ignored nothing is changed
— You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub https://github.com/jpillora/chisel/issues/149#issuecomment-826904761, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAE2X43AKSFUQLBLDTUUXMTTKV5VZANCNFSM4MEUJEGA .
is in roadmap the possibility to introduce support for ntlm proxy authentication ?