From af4824cb0b2c36a0eba4bc1590eb0737302e992e Mon Sep 17 00:00:00 2001
From: Yawning Angel <yawning@schwanenlied.me>
Date: Wed, 10 Jan 2018 15:11:44 +0000
Subject: Bug 24793: Send the correct authorization HTTP header for basic auth.

Apparently I didn't test the "connect via HTTP(s)" proxy with
authentication at all when I added that functionality, so it has been
broken for years.

This should fix it now.
---
 obfs4proxy/proxy_http.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/obfs4proxy/proxy_http.go b/obfs4proxy/proxy_http.go
index 6f11790..a5c2100 100644
--- a/obfs4proxy/proxy_http.go
+++ b/obfs4proxy/proxy_http.go
@@ -29,6 +29,7 @@ package main
 
 import (
 	"bufio"
+	"encoding/base64"
 	"fmt"
 	"net"
 	"net/http"
@@ -90,7 +91,9 @@ func (s *httpProxy) Dial(network, addr string) (net.Conn, error) {
 	}
 	req.Close = false
 	if s.haveAuth {
-		req.SetBasicAuth(s.username, s.password)
+		// SetBasicAuth doesn't quite do what is appropriate, because
+		// the correct header is `Proxy-Authorization`.
+		req.Header.Set("Proxy-Authorization", base64.StdEncoding.EncodeToString([]byte(s.username + ":" + s.password)))
 	}
 	req.Header.Set("User-Agent", "")
 
-- 
cgit v1.1