Doesn't work behind network proxy with authentication

[GuittonHubert]

Hello,

I'm trying to use htpdate behind a network proxy with authentication. Proxy username/password are set (and url-encoded) in the proxy URL as follows:

sudo ./htpdate -t -d -q -P http://${PROXY_USER}:${PROXY_PASSWD}@${PROXY_HOSTNAME}:${PROXY_PORT}  jjy.nict.go.jp

jjy.nict.go.jp host or service unavailable
No server suitable for synchronization found

I also tried without success different declaration of the proxy:

• without or without http://
• with or with url-encoding the username/password.

Any idea?

PS: I'm using a freshly compiled version of htpdate: commit 7964ca0 on Linux Ubuntu 18.04.6 LTS

[twekkel]

jjy.nict.go.jp host is unknown, so it seems a DNS issueOn Jul 18, 2024 18:23, GuittonHubert @.***> wrote: Hello, I'm trying to use htpdate behind a network proxy with authentication. Proxy username/password are set (and url-encoded) in the proxy URL as follows: sudo ./htpdate -t -d -q -P http://${PROXY_USER}:${PROXY_PASSWD}@${PROXY_HOSTNAME}:${PROXY_PORT} jjy.nict.go.jp

jjy.nict.go.jp host or service unavailable No server suitable for synchronization found

I also tried without success different declaration of the proxy: without or without http://with or with url-encoding the username/password. Any idea? PS: I'm using a freshly compiled version of htpdate: commit 7964ca0 on Linux Ubuntu 18.04.6 LTS

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you are subscribed to this thread.Message ID: @.***>

[GuittonHubert]

A nslookup returns valid IP addresses:

Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
jjy.nict.go.jp  canonical name = www2-redirect-lb.nict.go.jp.
Name:   www2-redirect-lb.nict.go.jp
Address: 133.243.3.26
Name:   www2-redirect-lb.nict.go.jp
Address: 2001:df0:232:300::1a

[twekkel]

Proxy server does the name lookup (not the client), can you try with ip-adresses directly?On Jul 19, 2024 18:00, GuittonHubert @.***> wrote: A nslookup returns valid IP addresses: Server: 127.0.0.53 Address: 127.0.0.53#53

Non-authoritative answer: jjy.nict.go.jp canonical name = www2-redirect-lb.nict.go.jp. Name: www2-redirect-lb.nict.go.jp Address: 133.243.3.26 Name: www2-redirect-lb.nict.go.jp Address: 2001:df0:232:300::1a

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you commented.Message ID: @.***>

[GuittonHubert]

I did the same test using the IP address returned by the nslookup command and got the same result.

I tested with another HTTP server for which proxy authentication is not required. The results are:

using credentials (even if not needed):

sudo ./htpdate -t -d -q -P http://${PROXY_USER}:${PROXY_PASSWD}@${PROXY_HOSTNAME}:${PROXY_PORT} http://<a well-known server>
<a well-known server> host or service unavailable
No server suitable for synchronization found

without credentials:

sudo ./htpdate -t -d -q -P http://${PROXY_HOSTNAME}:${PROXY_PORT} http://<a well-known server>
<a well-known server> 80, 26 Jul 2024 15:50:11 GMT (193 ms) => -19
<a well-known server> 80, 26 Jul 2024 15:50:12 GMT (193 ms) => -20
...
when: 250000000, nap: 62500000
offset: 19.750000
Offset 19750.0 ms

[twekkel]

Ahhhh... sorry for wasting your time, but connection through an authenticating proxy was never implemented in htpdate. Parsing of hostname goes wrong when using username/password and you get the error 'host or service unavailable'... that let me to give you unrelated/incorrect answers before.

I don't plan on implementing basic/digest/NTLM authentication for htpdate... but a PR is welcome of course!