TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-08-25 12:47:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

tshttpproxy, controlclient, derphttp, logpolicy: send Negotiate auth to proxies

Browse Source 
For Windows only, and only when built with Tailscale's Go tree.

Updates tailscale/corp#583
This commit is contained in:
Brad Fitzpatrick
2020-08-26 20:02:16 -07:00
parent 756d6a72bd
commit 28f9cd06f5
5 changed files with 61 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
derp/derphttp/derphttp_client.go
View File

@@ -589,7 +589,15 @@ func (c *Client) dialNodeUsingProxy(ctx context.Context, n *tailcfg.DERPNode, pr
}()
target := net.JoinHostPort(n.HostName, "443")
if _, err := fmt.Fprintf(proxyConn, "CONNECT %s HTTP/1.1\r\nHost: %s\r\n\r\n", target, pu.Hostname()); err != nil {
var authHeader string
if v, err := tshttpproxy.GetAuthHeader(pu); err != nil {
c.logf("derphttp: error getting proxy auth header for %v: %v", proxyURL, err)
} else if v != "" {
authHeader = fmt.Sprintf("Authorization: %s\r\n", v)
}
if _, err := fmt.Fprintf(proxyConn, "CONNECT %s HTTP/1.1\r\nHost: %s\r\n%s\r\n", target, pu.Hostname(), authHeader); err != nil {
if ctx.Err() != nil {
return nil, ctx.Err()
}