Support NTLM authentication to proxy

[mcorniere]

Bug description

Whatever I do Signal is seen as disconnected.

Steps to reproduce

Launch signal

Actual result:
Signal is disconnected so I cannot send or receive messages

Expected result:
Connection of signal to the server

Platform info

Signal version:
Signal Desktop v1.1.0

Operating System:
Windows 7 64-bit behind proxy with auth in NTLM

Linked device version:

Link to debug log

INFO  2018-01-15T09:22:47.463Z {"name":"FetchError","message":"request to https://textsecure-service.whispersystems.org/v1/messages/+[REDACTED]322 failed, reason: getaddrinfo ENOTFOUND textsecure-service.whispersystems.org textsecure-service.whispersystems.org:443","type":"system","errno":"ENOTFOUND","code":"ENOTFOUND"}
INFO  2018-01-15T09:22:48.416Z GET https://textsecure-service.whispersystems.org/v1/devices
INFO  2018-01-15T09:22:48.421Z GET https://textsecure-service.whispersystems.org/v1/devices 0 Error
INFO  2018-01-15T09:22:48.421Z {"name":"FetchError","message":"request to https://textsecure-service.whispersystems.org/v1/devices failed, reason: getaddrinfo ENOTFOUND textsecure-service.whispersystems.org textsecure-service.whispersystems.org:443","type":"system","errno":"ENOTFOUND","code":"ENOTFOUND"}

Because in enterprise we are after a proxy there is no dns resolution on our computer directly, it is done by the proxy itself.

[scottnonnenberg]

Have you tried the https_proxy environment variable discussed here? #1632

[mcorniere]

Hello Scott,

Yes :) The good news is Signal detect it and use the proxy. The bad news is that the auth for this proxy is NTML and signal doesn't seems to know this auth so the proxy give me back an HTTP 407 which is the code when the auth is not good :(

INFO 2018-01-17T09:05:58.188Z using proxy url http://proxybkp:8080

INFO  2018-01-17T09:05:59.534Z Using OS-level spell check API with locale fr_FR
INFO  2018-01-17T09:05:59.856Z pre-main prep time: 3 ms
INFO  2018-01-17T09:05:59.899Z Build expires:  2018-02-26T23:55:00.000Z
INFO  2018-01-17T09:05:59.947Z background page reloaded
INFO  2018-01-17T09:05:59.947Z environment: production
INFO  2018-01-17T09:06:00.124Z ConversationController: starting initial fetch
INFO  2018-01-17T09:06:00.162Z ConversationController: done with initial fetch
INFO  2018-01-17T09:06:00.164Z listening for registration events
INFO  2018-01-17T09:06:00.168Z Next signed key rotation scheduled for "2018-01-17T08:58:39.150Z"
INFO  2018-01-17T09:06:00.169Z connect
INFO  2018-01-17T09:06:00.170Z getAllFromCache
INFO  2018-01-17T09:06:00.171Z opening message socket https://textsecure-service.whispersystems.org
INFO  2018-01-17T09:06:00.186Z open inbox
INFO  2018-01-17T09:06:00.337Z Rotating signed prekey...
INFO  2018-01-17T09:06:00.342Z Next signed key rotation scheduled for "2018-01-19T09:06:00.338Z"
INFO  2018-01-17T09:06:00.346Z getAllFromCache loaded 0 saved envelopes
INFO  2018-01-17T09:06:00.458Z websocket error
INFO  2018-01-17T09:06:00.458Z websocket closed 1006 connection failed calledClose: 
INFO  2018-01-17T09:06:00.465Z GET https://textsecure-service.whispersystems.org/v1/devices

INFO 2018-01-17T09:06:00.490Z GET https://textsecure-service.whispersystems.org/v1/devices 407 Error

INFO  2018-01-17T09:06:00.491Z background onError: Error
    at ajax (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/libtextsecure.js:37576:25)
    at TextSecureServer.ajax (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/libtextsecure.js:37620:20)
    at TextSecureServer.getDevices (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/libtextsecure.js:37730:25)
    at MessageReceiver.onclose (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/libtextsecure.js:38595:28)
    at W3CWebSocket._dispatchEvent [as dispatchEvent] (C:\Users\plfb8140\AppData\Local\Programs\signal-desktop\resources\app.asar\node_modules\yaeti\lib\EventTarget.js:107:17)
    at W3CWebSocket.onConnectFailed (C:\Users\plfb8140\AppData\Local\Programs\signal-desktop\resources\app.asar\node_modules\websocket\lib\W3CWebSocket.js:219:14)
    at WebSocketClient.<anonymous> (C:\Users\plfb8140\AppData\Local\Programs\signal-desktop\resources\app.asar\node_modules\websocket\lib\W3CWebSocket.js:59:25)
    at emitOne (events.js:96:13)
    at WebSocketClient.emit (events.js:191:7)
    at WebSocketClient.failHandshake (C:\Users\plfb8140\AppData\Local\Programs\signal-desktop\resources\app.asar\node_modules\websocket\lib\WebSocketClient.js:326:10)
ERROR 2018-01-17T09:06:00.492Z Top-level unhandled promise rejection: HTTPError: The server rejected our query, please file a bug report.
INFO  2018-01-17T09:06:03.772Z fetchMessages
INFO  2018-01-17T09:06:03.780Z GET https://textsecure-service.whispersystems.org/v1/profile/+[REDACTED]496
INFO  2018-01-17T09:06:03.907Z GET https://textsecure-service.whispersystems.org/v1/profile/+[REDACTED]496 407 Error
INFO  2018-01-17T09:06:03.907Z getProfile error: Error
    at ajax (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/libtextsecure.js:37576:25)
    at TextSecureServer.ajax (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/libtextsecure.js:37620:20)
    at TextSecureServer.getProfile (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/libtextsecure.js:37668:25)
    at MessageSender.getProfile (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/libtextsecure.js:40015:28)
    at getProfile (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/models/conversations.js:858:37)
    at Function._.map._.collect (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/components.js:18474:24)
    at child.getProfiles (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/models/conversations.js:854:30)
    at child.throttledGetProfiles (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/components.js:19095:23)
    at child.onOpened (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/views/conversation_view.js:464:37)
    at triggerEvents (file:///C:/Users/plfb8140/AppData/Local/Programs/signal-desktop/resources/app.asar/js/reliable_trigger.js:60:39)
INFO  2018-01-17T09:06:09.624Z Loaded this list of log files from logPath: log.log, log.log.0

[mcorniere]

As I already have this issue with other open source tools, I have installed CNTLM (http://cntlm.sourceforge.net/) which create a proxy and manage the NTML auth toward enterprise proxy.
Maybe you can include it as library ?

[scottnonnenberg]

Good to know that you were able to get it to work with that tool. I've moved this to a feature request, for supporting NTLM authentication to the proxy.

[door7302]

Hello

Any update?

Thks

[somebody-somewhere-over-the-rainbow]

any update on this? For those in need - px also works as workaround ( Windows only but still maintained - compared to cntlm)

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.