From aa2fe8ccbfcb117efa207d10229eeeac5d0f97c7 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Mon, 6 Feb 2023 17:11:30 +0100
Subject: Adding upstream version 1.38.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 aclk/https_client.c | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

(limited to 'aclk/https_client.c')

diff --git a/aclk/https_client.c b/aclk/https_client.c
index 1a32f833f..e2a42eef3 100644
--- a/aclk/https_client.c
+++ b/aclk/https_client.c
@@ -6,6 +6,10 @@
 
 #include "mqtt_websockets/c-rbuf/include/ringbuffer.h"
 
+#include "aclk_util.h"
+
+#include "daemon/global_statistics.h"
+
 enum http_parse_state {
     HTTP_PARSE_INITIAL = 0,
     HTTP_PARSE_HEADERS,
@@ -352,7 +356,7 @@ static int read_parse_response(https_req_ctx_t *ctx) {
 #define TX_BUFFER_SIZE 8192
 #define RX_BUFFER_SIZE (TX_BUFFER_SIZE*2)
 static int handle_http_request(https_req_ctx_t *ctx) {
-    BUFFER *hdr = buffer_create(TX_BUFFER_SIZE);
+    BUFFER *hdr = buffer_create(TX_BUFFER_SIZE, &netdata_buffers_statistics.buffers_aclk);
     int rc = 0;
 
     http_parse_ctx_clear(&ctx->parse_ctx);
@@ -392,6 +396,24 @@ static int handle_http_request(https_req_ctx_t *ctx) {
     if (ctx->request->request_type == HTTP_REQ_POST && ctx->request->payload && ctx->request->payload_size) {
         buffer_sprintf(hdr, "Content-Length: %zu\x0D\x0A", ctx->request->payload_size);
     }
+    if (ctx->request->proxy_username) {
+        size_t creds_plain_len = strlen(ctx->request->proxy_username) + strlen(ctx->request->proxy_password) + 1 /* ':' */;
+        char *creds_plain = callocz(1, creds_plain_len + 1);
+        char *ptr = creds_plain;
+        strcpy(ptr, ctx->request->proxy_username);
+        ptr += strlen(ctx->request->proxy_username);
+        *ptr++ = ':';
+        strcpy(ptr, ctx->request->proxy_password);
+
+        int creds_base64_len = (((4 * creds_plain_len / 3) + 3) & ~3);
+        // OpenSSL encoder puts newline every 64 output bytes
+        // we remove those but during encoding we need that space in the buffer
+        creds_base64_len += (1+(creds_base64_len/64)) * strlen("\n");
+        char *creds_base64 = callocz(1, creds_base64_len + 1);
+        base64_encode_helper((unsigned char*)creds_base64, &creds_base64_len, (unsigned char*)creds_plain, creds_plain_len);
+        buffer_sprintf(hdr, "Proxy-Authorization: Basic %s\x0D\x0A", creds_base64);
+        freez(creds_plain);
+    }
 
     buffer_strcat(hdr, "\x0D\x0A");
 
@@ -491,6 +513,8 @@ int https_request(https_req_t *request, https_req_response_t *response) {
         req.host = request->host;
         req.port = request->port;
         req.url = request->url;
+        req.proxy_username = request->proxy_username;
+        req.proxy_password = request->proxy_password;
         ctx->request = &req;
         if (handle_http_request(ctx)) {
             error("Failed to CONNECT with proxy");
-- 
cgit v1.2.3