Bug 503465 - tinyproxy does not support upstream proxy authentication
tinyproxy does not support upstream proxy authentication
Status: CLOSED UPSTREAM
Product: Fedora
Classification: Fedora
Component: tinyproxy (Show other bugs)
13
All Linux
low Severity medium
: ---
: ---
Assigned To: Jeremy Hinegardner
Fedora Extras Quality Assurance
: Reopened
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-06-01 03:40 EDT by pankaj pandey
Modified: 2010-06-20 19:51 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-06-20 19:51:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch to implement upstream proxy basic auth support (6.27 KB, patch)
2009-08-06 08:28 EDT, pankaj pandey
no flags Details | Diff
Patch agains 1.6.4 to fix order of cookie headers. (5.51 KB, patch)
2009-08-12 17:19 EDT, Michael Adam
no flags Details | Diff

  None (edit)
Description pankaj pandey 2009-06-01 03:40:24 EDT
Description of problem:
Tinyproxy does not support upstream proxy authentication. I'm behind an a university authenticated squid proxy. As a result i am unable to use tinyproxy. 

Version-Release number of selected component (if applicable):
1.6.4

How reproducible:
Always

Steps to Reproduce:
1. Try to set tinyproxy upstream to an authenticated proxy
  
Actual results:
Tinyproxy cannot connect using the upstream

Expected results:
There should be upstream proxy auth support (at least basic authentication) configurable in the tinyproxy.conf file

Additional info:
Comment 1 pankaj pandey 2009-06-01 12:25:52 EDT
I have found another bug in tinyproxy. I thought i'll just add a comment here as the upstream developer has probably stopped working on it, so i'm not sure if it will be further developed. https://www.banu.com/pipermail/tinyproxy-developers-list/2009-February/000652.html

Description of problem:
Squirrelmail and various other web mails do not open properly with tinyproxy

Version-Release number of selected component (if applicable):
1.6.4

How reproducible:
Always

Steps to Reproduce:
1. Setup tinyproxy on localhost.
2. Point web browser to use tinyproxy
3. Try to open squirrelmail (my university uses it)

Actual results:
The following error message is shown on the squirrelmail web page
"ERROR
You must be logged in to access this page."
http://squirrelmail.org/wiki/LoginError
The same page can be easily logged on using direction connection or even behind a localhost squid proxy

Expected results:
Users should be able to login and use squirrelmail properly.

Additional info:
Similar kinds of error occur with IMP Horde, Ilohamail as well as Hastymail web based emails.
Comment 2 Bug Zapper 2009-06-09 12:55:03 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.

More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 3 Jeremy Hinegardner 2009-08-03 02:02:52 EDT
It appears that the first item in this bug report already exists in the upstream bugzilla:

Add proxy authentication support - https://www.banu.com/bugzilla/show_bug.cgi?id=13

The 2nd issue I have forwarded to the upstream bugzilla

https://www.banu.com/bugzilla/show_bug.cgi?id=54
Comment 4 pankaj pandey 2009-08-03 06:07:41 EDT
Thanks a lot for your effort. I cooked up my own small patch for upstream basic proxy auth support which works quite well, however the 2nd problem is more serious and is a show stopper. Anyway i'll keep a watch on upstream. Thanks
Comment 5 Michael Adam 2009-08-05 16:39:57 EDT
Hi!

I recently entered development of tinyproxy.
I want to keep this nice littel proxy project alive. :-)
I plan to add auth support to tinyproxy.

I would not consider this bug closed upstream.

There are two different thingy you can mean.
* The upstream bug 13 refers to user authentication against tinyproxy.
* The auth of this bug is tinyproxy authenticating agains an upstream proxy.
Right?

Can you attach your patch for upstream proxy auth?
It might be considered for upstream inclusion.

Regarding the 2nd issue:
I have updated upstream bug 54.
I have fixed another bug #14 upstream that this might be a duplicate of.
I would need access to a squirrelmail to check whether it really is.
I will attach the patch for bug 14 so you can also check wheter it fixes your issue.

Cheers - Michael
Comment 6 pankaj pandey 2009-08-06 08:28:15 EDT
Created attachment 356496 [details]
patch to implement upstream proxy basic auth support

This is a small patch i created for my use of tinyproxy to implement upstream proxy basic authentication scheme. A major part of the code has been taken from proxychains : http://proxychains.sourceforge.net/
I'm not a good c programmer and so it may not be a proper way to implement, but basically it worked for me.
Thanks.
Also it'd be great if the patch you mention fixing cookie issue would make squirrelmail work. What do i need to do to get it working. Then i'd be able to replace the squid proxy (ya, i use squid as a forwarding proxy) on my laptop with tinyproxy.
Thanks
Comment 7 Michael Adam 2009-08-12 17:17:22 EDT
(In reply to comment #6)
> Created an attachment (id=356496) [details]
> patch to implement upstream proxy basic auth support
> 
> This is a small patch i created for my use of tinyproxy to implement upstream
> proxy basic authentication scheme. A major part of the code has been taken from
> proxychains : http://proxychains.sourceforge.net/
> I'm not a good c programmer and so it may not be a proper way to implement, but
> basically it worked for me.
> Thanks.

I am going to have a look at it. Thanks!

> Also it'd be great if the patch you mention fixing cookie issue would make
> squirrelmail work. What do i need to do to get it working. Then i'd be able to
> replace the squid proxy (ya, i use squid as a forwarding proxy) on my laptop
> with tinyproxy.

I'll attach a patch next. You should be able to apply the patch to the 1.6.4
sources of tinyproxy. Then build as usual.
If you could test this against squirrelmail, that'd be great!
The patch has been pushed to the 1.6 version upstream repository, so it
will be in 1.6.5.

Cheers - Michael
Comment 8 Michael Adam 2009-08-12 17:19:14 EDT
Created attachment 357242 [details]
Patch agains 1.6.4 to fix order of cookie headers.

This might fix the squirrelmail issue.
Comment 9 Michael Adam 2009-08-12 17:22:00 EDT
it is actually bad that we are tracking two different bugs in this bugreport...
Comment 10 pankaj pandey 2009-08-23 06:26:13 EDT
Sorry for the long gap. Your cookie reordering patch indeed fixes my squirrelmail problems. However the patch i posted will not work probably. I just checked it now, it doesn't work properly for post and https things. Actually i wrote something which worked in Fedora 10 but lost it when i installed Fedora 11. And the squirrelmail problem demotivated me further to recall what i did in there. What i sent you is a very old patch, but hope it may motivate you to correctly implement upstream proxy auth. I'd be willing to test.
Thanks
Comment 11 Michael Adam 2009-08-28 05:26:01 EDT
thanks for the feedback on the squirrelmail issue.
I am updating the upstream bug
https://www.banu.com/bugzilla/show_bug.cgi?id=54

Thanks for providing the upstream auth patch.
I will let you know when I have s/th working.
This is the upstream bug I created:
https://www.banu.com/bugzilla/show_bug.cgi?id=56

Cheers - Michael
Comment 12 Michael Adam 2009-08-28 05:38:37 EDT
BTW: Why is the bug status CLOSED UPSTREAM?
This does not seem appropriate.. :-)
Comment 13 Jeremy Hinegardner 2009-10-11 21:26:41 EDT
the squirrelmail portion of this issue has been resolved with the new release 1.6.5.  I've created bug #528403 to close out the squirrel mail issue.

This bug may get back to the original upstream authorization issue.
Comment 14 Bug Zapper 2010-04-27 10:36:25 EDT
This message is a reminder that Fedora 11 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 11.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '11'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 11's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 11 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 15 Fedora Update System 2010-05-30 09:56:53 EDT
tinyproxy-1.8.1-1.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/tinyproxy-1.8.1-1.fc13
Comment 16 Fedora Update System 2010-05-30 09:57:13 EDT
tinyproxy-1.8.1-1.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/tinyproxy-1.8.1-1.fc12
Comment 17 Fedora Update System 2010-05-31 14:09:10 EDT
tinyproxy-1.8.1-1.fc12 has been pushed to the Fedora 12 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update tinyproxy'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/tinyproxy-1.8.1-1.fc12
Comment 18 Fedora Update System 2010-05-31 14:24:40 EDT
tinyproxy-1.8.1-1.fc13 has been pushed to the Fedora 13 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update tinyproxy'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/tinyproxy-1.8.1-1.fc13
Comment 19 Jeremy Hinegardner 2010-06-05 17:09:06 EDT
This is not fixed by the latest update, that was a mistake, this is still open, upstream has it as a feature enhancement.
Comment 20 Jeremy Hinegardner 2010-06-20 19:51:08 EDT
Upstream is tracking this feature request: https://www.banu.com/bugzilla/show_bug.cgi?id=56

Note You need to log in before you can comment on or make changes to this bug.