net/tshttpproxy: support HTTP proxy environment credentials on Windows too

and some minor style nits.

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
pull/1364/head
Brad Fitzpatrick 4 years ago committed by Brad Fitzpatrick
parent 96a488e37e
commit 6a2c6541da

@ -71,10 +71,6 @@ func GetAuthHeader(u *url.URL) (string, error) {
if fake := os.Getenv("TS_DEBUG_FAKE_PROXY_AUTH"); fake != "" { if fake := os.Getenv("TS_DEBUG_FAKE_PROXY_AUTH"); fake != "" {
return fake, nil return fake, nil
} }
if sysAuthHeader != nil {
return sysAuthHeader(u)
}
if user := u.User.Username(); user != "" { if user := u.User.Username(); user != "" {
pass, ok := u.User.Password() pass, ok := u.User.Password()
if !ok { if !ok {
@ -85,7 +81,9 @@ func GetAuthHeader(u *url.URL) (string, error) {
req.SetBasicAuth(user, pass) req.SetBasicAuth(user, pass)
return req.Header.Get("Authorization"), nil return req.Header.Get("Authorization"), nil
} }
if sysAuthHeader != nil {
return sysAuthHeader(u)
}
return "", nil return "", nil
} }

@ -2,48 +2,52 @@
// Use of this source code is governed by a BSD-style // Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file. // license that can be found in the LICENSE file.
// +build !windows
package tshttpproxy package tshttpproxy
import ( import (
"net/url" "net/url"
"runtime"
"strings"
"testing" "testing"
) )
func TestGetAuthHeaderNoResult(t *testing.T) { func TestGetAuthHeaderNoResult(t *testing.T) {
const proxyURL = `http://127.0.0.1:38274` const proxyURL = "http://127.0.0.1:38274"
u, err := url.Parse(proxyURL) u, err := url.Parse(proxyURL)
if err != nil { if err != nil {
t.Fatalf("can't parse %q: %v", proxyURL, err) t.Fatalf("can't parse %q: %v", proxyURL, err)
} }
ahval, err := GetAuthHeader(u) got, err := GetAuthHeader(u)
if err != nil { if err != nil {
t.Fatalf("can't get auth header value: %v", err) t.Fatalf("can't get auth header value: %v", err)
} }
if ahval != "" { if runtime.GOOS == "windows" && strings.HasPrefix(got, "Negotiate") {
t.Fatalf("wanted auth header value to be empty, got: %q", ahval) t.Logf("didn't get empty result, but got acceptable Windows Negotiate header")
return
}
if got != "" {
t.Fatalf("GetAuthHeader(%q) = %q; want empty string", proxyURL, got)
} }
} }
func TestGetAuthHeaderBasicAuth(t *testing.T) { func TestGetAuthHeaderBasicAuth(t *testing.T) {
const proxyURL = `http://user:password@127.0.0.1:38274` const proxyURL = "http://user:password@127.0.0.1:38274"
const expect = `Basic dXNlcjpwYXNzd29yZA==` const want = "Basic dXNlcjpwYXNzd29yZA=="
u, err := url.Parse(proxyURL) u, err := url.Parse(proxyURL)
if err != nil { if err != nil {
t.Fatalf("can't parse %q: %v", proxyURL, err) t.Fatalf("can't parse %q: %v", proxyURL, err)
} }
ahval, err := GetAuthHeader(u) got, err := GetAuthHeader(u)
if err != nil { if err != nil {
t.Fatalf("can't get auth header value: %v", err) t.Fatalf("can't get auth header value: %v", err)
} }
if ahval != expect { if got != want {
t.Fatalf("wrong auth header value: want: %q, got: %q", expect, ahval) t.Fatalf("GetAuthHeader(%q) = %q; want %q", proxyURL, got, want)
} }
} }

Loading…
Cancel
Save