proxy tunnel fail with ntlm version above 1 #14
Description
Hi, i have the following code:
from requests_ntlm2 import HttpNtlmAuth, NtlmCompatibility, HttpNtlmAdapter
import requests
import logging
logging.basicConfig(level=logging.DEBUG)
session = requests.Session()
proxi = {"https": 'http://{}:{}'.format('10.10.11.25', 8080)}
ntlm_compatibility = NtlmCompatibility.NTLMv2_DEFAULT
session.mount(
'https://',
HttpNtlmAdapter(
"WINGATE\\usr",
"pwd",
ntlm_compatibility=ntlm_compatibility
)
)
session.auth = HttpNtlmAuth(
"WINGATE\\usr",
"pwd",
ntlm_compatibility=ntlm_compatibility
)
session.proxies = proxi
session.post("https://site.url")
when i try this code with our internal WINGATE with ntml v1 and v2 enabled with ntlm compatibility version "NtlmCompatibility.LM_AND_NTLMv1_WITH_ESS" all work very good,
but when i use ntlm compatibility "NtlmCompatibility.NTLMv2_DEFAULT" or above nothing work and i receive the following errors:
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): webhook.site:443
DEBUG:requests_ntlm2.connection:attempting to open tunnel using HTTP CONNECT
DEBUG:requests_ntlm2.connection:username: usr, domain: WINGATE
DEBUG:requests_ntlm2.connection:> 'CONNECT webhook.site:443 HTTP/1.0\r\n'
DEBUG:requests_ntlm2.connection:> 'Host: webhook.site:443\r\n'
DEBUG:requests_ntlm2.connection:> 'Proxy-Authorization: NTLM TlRMTVNTUAABAAAAMpCI4gcABwAoAAAAAAAAAC8AAAAGAbEdAAAAD1dJTkdBVEU=\r\n'
DEBUG:requests_ntlm2.connection:> 'Proxy-Connection: Keep-Alive\r\n'
DEBUG:requests_ntlm2.connection:< 'HTTP/1.1 407 Proxy authorization required\r\n'
INFO:requests_ntlm2.connection:< b'Proxy-Authenticate: NTLM\r\n'
INFO:requests_ntlm2.connection:< b'Proxy-Support: session-based-authentication\r\n'
INFO:requests_ntlm2.connection:< b'Cache-control: no-store, no-cache\r\n'
INFO:requests_ntlm2.connection:< b'Content-Type: text/html; charset=utf-8\r\n'
INFO:requests_ntlm2.connection:< b'Content-Length: 855\r\n'
INFO:requests_ntlm2.connection:< b'Date: Thu, 23 Apr 2020 08:25:53 GMT\r\n'
INFO:requests_ntlm2.connection:< b'Server: WinGate Engine\r\n'
INFO:requests_ntlm2.connection:< b'Proxy-Connection: Keep-Alive\r\n'
DEBUG:requests_ntlm2.connection:> 'CONNECT webhook.site:443 HTTP/1.0\r\n'
DEBUG:requests_ntlm2.connection:> 'Host: webhook.site:443\r\n'
DEBUG:requests_ntlm2.connection:> 'Proxy-Authorization: NTLM TlRMTVNTUAABAAAAMpCI4gcABwAoAAAAAAAAAC8AAAAGAbEdAAAAD1dJTkdBVEU=\r\n'
DEBUG:requests_ntlm2.connection:> 'Proxy-Connection: Keep-Alive\r\n'
DEBUG:requests_ntlm2.connection:< 'HTTP/1.1 407 Proxy authorization required\r\n'
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 662, in urlopen
self._prepare_proxy(conn)
File "/usr/local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 948, in _prepare_proxy
conn.connect()
File "/usr/local/lib/python3.6/site-packages/urllib3/connection.py", line 308, in connect
self._tunnel()
File "/usr/local/lib/python3.6/site-packages/requests_ntlm2/connection.py", line 172, in _tunnel
"Tunnel connection failed: %d %s" % (code, message.strip())
OSError: Tunnel connection failed: 407 Proxy authorization required
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/requests/adapters.py", line 449, in send
timeout=timeout
File "/usr/local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 720, in urlopen
method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
File "/usr/local/lib/python3.6/site-packages/urllib3/util/retry.py", line 436, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='site.url', port=443): Max retries exceeded with url: /3d235031-9605-4710-b891-95e099057008 (Caused by ProxyError('Cannot connect to proxy.', OSError('Tunnel connection failed: 407 Proxy authorization required',)))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "2.py", line 38, in <module>
session.post("https://webhook.site/3d235031-9605-4710-b891-95e099057008")
File "/usr/local/lib/python3.6/site-packages/requests/sessions.py", line 578, in post
return self.request('POST', url, data=data, json=json, **kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/sessions.py", line 530, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/sessions.py", line 643, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/adapters.py", line 510, in send
raise ProxyError(e, request=request)
requests.exceptions.ProxyError: HTTPSConnectionPool(host='site.url', port=443): Max retries exceeded with url: /3d235031-9605-4710-b891-95e099057008 (Caused by ProxyError('Cannot connect to proxy.', OSError('Tunnel connection failed: 407 Proxy authorization required',)))
could you please suggest me on what this error can depends ?