Feature Request: HTTP proxy authentication

Marc-André Laverdière marc-andre at atc.tcs.com
Thu Jun 19 02:21:01 PDT 2014

I don't know the details and the sysadmin is out of the office today,
but I understand that it is basic auth.

I think it is fine to disable that option by default and enable it only
on a command-line argument.

Marc-André Laverdière-Papineau
Researcher - e-Security Team
TCS Innovation Labs

On 06/19/2014 02:47 PM, David Woodhouse wrote:
> On Thu, 2014-06-19 at 14:33 +0530, Marc-André Laverdière wrote:
>> FYI, I cloned from the git repo and built it.
>> I was able to connect to my VPN through the proxy without any
>> glitches.
> I assume that's using Basic authentication?
> I may break that, and require you to explicitly *ask* for Basic auth if
> you want it. Sending passwords in the clear is not a good thing.
> I'll probably end up implementing Digest auth too at some point.

More information about the openconnect-devel mailing list