[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV Getting proxies to work
From: |
Alex Lyons A32/373-Winfrith Tel2368 FAX2508 |
Subject: |
Re: LYNX-DEV Getting proxies to work |
Date: |
Mon, 9 Jun 97 15:53:28 BST |
Following on from last month's contribution, I attach a patch to
introduce an argument "-proxyauth ID:PW", which is dealy with in
exactly the same way as the existing "-auth ID:PW" argument. This has
been developed to fulfill a need I have to obtain, using "-dump", an
access-protected web page through an authentication-requiring firewall,
ie: I need to specify two sets of ID:PWs.
Note that if -proxyauth is not given, the behaviour is exactly as
before, ie: if -auth is given it will be used for either access or
proxy authentication, depending on which is required first. Hopefully
that shouldn't mess up anyone's scripts!
I have chosen the argument name "-proxyauth" to be consistent with the
mods that Iain Barker (address@hidden) posted on 23 May, in case
anyone decides that they are a less hacked solution than my original
proxy authentication enabling mods.
Note on security: I agree with the view that use of the -auth (and now
-proxyauth) arguments can be a security risk in some implementations.
I note that Lynx does blank out the ID:PW field(s), on this Unix version
at least, as soon as it processes the argument. All I can say is that
the addition of -proxyauth doesn't make security any worse than it has
been up to now. If you are particularly concerned, then dont use it!
If sysadmins installing lynx are concerned on behalf of their users,
it would be trivial to pop the argument processing code inside a
#ifdef COMMANDLINE_AUTH block and set it appropriately in userdefs.h
(I haven't bothered here).
The modified routines are LYGlobalDefs.h, LYMain.c and HTAlert.c,
all in the src subdirectory. The originals are from lynx2-7-1 + FM's
patches of 5 June 97. Listed in diff -c format.
Alex Lyons
*** LYGlobalDefs.h.org Tue Jun 3 19:53:40 1997
--- LYGlobalDefs.h Mon Jun 9 10:38:00 1997
***************
*** 232,237 ****
--- 232,238 ----
extern char *form_get_data; /* User data for get form */
extern char *http_error_file; /* Place HTTP status code in this file */
extern char *authentication_info[2]; /* Id:Password for protected forms */
+ extern char *authproxy_info[2]; /* Id:Password for proxy, added AJL */
extern BOOLEAN HEAD_request; /* Do a HEAD request */
extern BOOLEAN scan_for_buried_news_references;
extern BOOLEAN bookmark_start; /* Use bookmarks as startfile */
*** LYMain.c.org Tue Jun 3 19:54:22 1997
--- LYMain.c Mon Jun 9 11:21:13 1997
***************
*** 275,280 ****
--- 275,281 ----
PUBLIC char *http_error_file = NULL; /* Place HTTP status code in this file */
/* Id:Password for protected forms */
PUBLIC char *authentication_info[2] = {NULL, NULL};
+ PUBLIC char *authproxy_info[2] = {NULL, NULL}; /* added AJL */
PUBLIC BOOLEAN HEAD_request = FALSE;
PUBLIC BOOLEAN scan_for_buried_news_references = TRUE;
PUBLIC BOOLEAN LYRawMode;
***************
*** 412,417 ****
--- 413,420 ----
FREE(editor);
FREE(authentication_info[0]);
FREE(authentication_info[1]);
+ FREE(authproxy_info[0]);
+ FREE(authproxy_info[1]);
FREE(lynxjumpfile);
FREE(startrealm);
FREE(personal_mail_address);
***************
*** 2013,2018 ****
--- 2016,2047 ----
} else if (strncmp(argv[0], "-print", 6) == 0) {
no_print=FALSE;
+ /* added AJL */
+ } else if (strncmp(argv[0], "-proxyauth", 11) == 0) {
+ /*
+ * Proxy authentication information.
+ */
+ char *auth_info = NULL;
+
+ if (nextarg) {
+ StrAllocCopy(auth_info, cp);
+ memset(cp, ' ', strlen(cp));/* Let's not show too much */
+ }
+ if (auth_info != NULL) {
+ if ((cp = strchr(auth_info, ':')) != NULL) { /* Pw */
+ *cp++ = '\0'; /* Terminate ID */
+ if (*cp) {
+ HTUnEscape(cp);
+ StrAllocCopy(authproxy_info[1], cp);
+ }
+ }
+ if (*auth_info) { /* Id */
+ HTUnEscape(auth_info);
+ StrAllocCopy(authproxy_info[0], auth_info);
+ }
+ FREE(auth_info);
+ }
+
} else if (strncmp(argv[0], "-pseudo_inlines", 15) == 0) {
if (pseudo_inline_alts)
pseudo_inline_alts = FALSE;
***************
*** 2339,2344 ****
--- 2368,2374 ----
printf(" -post_data user data for post forms, read from
stdin,\n");
printf(" terminated by '---' on a line\n");
printf(" -print enable print functions (DEFAULT)\n");
+ printf(" -proxyauth=id:pw proxy authentication information\n");
printf(" -pseudo_inlines toggles pseudo-ALTs for inlines with no ALT
string\n");
printf(" -raw toggles default setting of 8-bit character
translations\n");
printf(" or CJK mode for the startup character
set\n");
*** HTAlert.c.org Sun Feb 9 04:37:06 1997
--- HTAlert.c Mon Jun 9 10:53:19 1997
***************
*** 159,181 ****
char **, username,
char **, password)
{
! if (authentication_info[0] && authentication_info[1]) {
/*
! ** -auth parameter gave us both the username and password
! ** to use for the first realm, so just use them without
! ** any prompting. - FM
*/
! StrAllocCopy(*username, authentication_info[0]);
! FREE(authentication_info[0]);
! StrAllocCopy(*password, authentication_info[1]);
! FREE(authentication_info[1]);
} else if (dump_output_immediately) {
! if (authentication_info[0]) {
/*
** Use the command line username. - FM
*/
! StrAllocCopy(*username, authentication_info[0]);
! FREE(authentication_info[0]);
} else {
/*
** Default to "WWWuser". - FM
--- 159,196 ----
char **, username,
char **, password)
{
! extern BOOL auth_proxy; /* proxy authorization required - AJL */
! char *authid, *authpw;
!
! /*
! * Only use authproxy_info if we're authenticating to the proxy AND
! * the user has specified -proxyauth, otherwise use authentication_info
! * regardless (back-compatibility) - AJL
! */
! if (auth_proxy && authproxy_info[0] && authproxy_info[1]) {
! authid = authproxy_info[0];
! authpw = authproxy_info[1];
! } else {
! authid = authentication_info[0];
! authpw = authentication_info[1];
! }
!
! if (authid && authpw) {
/*
! ** -auth or -pauth parameter gave us both the username and password
! ** so just use them without any prompting. - FM
*/
! StrAllocCopy(*username, authid);
! FREE(authid);
! StrAllocCopy(*password, authpw);
! FREE(authpw);
} else if (dump_output_immediately) {
! if (authid) {
/*
** Use the command line username. - FM
*/
! StrAllocCopy(*username, authid);
! FREE(authid);
} else {
/*
** Default to "WWWuser". - FM
***************
*** 182,193 ****
*/
StrAllocCopy(*username, "WWWuser");
}
! if (authentication_info[1]) {
/*
** Use the command line password. - FM
*/
! StrAllocCopy(*password, authentication_info[1]);
! FREE(authentication_info[1]);
} else {
/*
** Default to a zero-length string. - FM
--- 197,208 ----
*/
StrAllocCopy(*username, "WWWuser");
}
! if (authpw) {
/*
** Use the command line password. - FM
*/
! StrAllocCopy(*password, authpw);
! FREE(authpw);
} else {
/*
** Default to a zero-length string. - FM
***************
*** 196,208 ****
}
printf("\n%s\n", USERNAME_PASSWORD_REQUIRED);
} else {
! if (authentication_info[0]) {
/*
** Offer command line username in the prompt
** for the first realm. - FM
*/
! StrAllocCopy(*username, authentication_info[0]);
! FREE(authentication_info[0]);
}
if (Msg != NULL) {
*username = HTPrompt(Msg, *username);
--- 211,223 ----
}
printf("\n%s\n", USERNAME_PASSWORD_REQUIRED);
} else {
! if (authid) {
/*
** Offer command line username in the prompt
** for the first realm. - FM
*/
! StrAllocCopy(*username, authid);
! FREE(authid);
}
if (Msg != NULL) {
*username = HTPrompt(Msg, *username);
***************
*** 209,220 ****
} else {
*username = HTPrompt(USERNAME_PROMPT, *username);
}
! if (authentication_info[1]) {
/*
** Use the command line password for the first realm. - FM
*/
! StrAllocCopy(*password, authentication_info[1]);
! FREE(authentication_info[1]);
} else if (*username != NULL && *username[0] != '\0') {
/*
** If we have a non-zero length username,
--- 224,235 ----
} else {
*username = HTPrompt(USERNAME_PROMPT, *username);
}
! if (authpw) {
/*
** Use the command line password for the first realm. - FM
*/
! StrAllocCopy(*password, authpw);
! FREE(authpw);
} else if (*username != NULL && *username[0] != '\0') {
/*
** If we have a non-zero length username,
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;
- Re: LYNX-DEV Getting proxies to work,
Alex Lyons A32/373-Winfrith Tel2368 FAX2508 <=