From 4cea2022780e156f16e10d0af1750e05350b952a Mon Sep 17 00:00:00 2001
From: Bartosz Wieczorek <bwi@rublon.com>
Date: Wed, 25 Jun 2025 19:00:05 +0200
Subject: [PATCH] Fix proxy for websockets

---
 PAM/ssh/include/rublon/configuration.hpp |  4 ++--
 PAM/ssh/include/rublon/websockets.hpp    | 24 +++++++++++++++---------
 2 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/PAM/ssh/include/rublon/configuration.hpp b/PAM/ssh/include/rublon/configuration.hpp
index e294adf..0c304f3 100644
--- a/PAM/ssh/include/rublon/configuration.hpp
+++ b/PAM/ssh/include/rublon/configuration.hpp
@@ -286,8 +286,8 @@ class ConfigurationReader {
 
             if(config.proxyType) {
                 std::pmr::string val{*config.proxyType, &memoryResource};
-                std::transform(val.begin(), val.end(), val.begin(), [](unsigned char c) { return static_cast< char >(std::tolower(c)); });
-                if(val == "socks") {
+                std::transform(val.begin(), val.end(), val.begin(), [](auto c) { return std::tolower(c); });
+                if(val.find("socks") != std::pmr::string::npos) {
                     return 1080;
                 }
             }
diff --git a/PAM/ssh/include/rublon/websockets.hpp b/PAM/ssh/include/rublon/websockets.hpp
index 418498a..1e6c70d 100644
--- a/PAM/ssh/include/rublon/websockets.hpp
+++ b/PAM/ssh/include/rublon/websockets.hpp
@@ -41,9 +41,17 @@ class WebSocket {
     lws_client_connect_info ccinfo{};
 
     RublonEventData * currentEvent{nullptr};
+    std::pmr::string proxyUrl{};
+    
+//     constexpr static const struct lws_protocol_vhost_options pvo = {
+//       NULL, /* "next" pvo linked-list /
+// &pvo_proxy_uri, / "child" pvo linked-list /
+// "push_protocol", / protocol name we belong to on this vhost /
+// "" / ignored */
+//     };
 
   public:
-    WebSocket(const Configuration & config) : _config{config}, urlv{_config.get().apiServer} {
+    WebSocket(const Configuration & config) : _config{config}, urlv{_config.get().apiServer}, proxyUrl{_config.get().apiServer.get_allocator()} {
         const auto & cfg = _config.get(); // only a alias to not use _config.get() all the time
 
         auto lws_log_emit = [](int level, const char * line) {
@@ -77,20 +85,18 @@ class WebSocket {
             assert(cfg.proxyType.has_value());
             assert(cfg.proxyHost.has_value());
             log(LogLevel::Debug, "WebSocket using proxy");
-
-            memory::Monotonic_8k_Resource memoryResource;
-            std::pmr::string proxyUrl{&memoryResource};
+            
+            // "username:password\@server:port"
             proxyUrl.reserve(conservative_estimate(cfg.proxyUsername, cfg.proxyPass, cfg.proxyHost, cfg.proxyPort) + 10);
-
-            proxyUrl += cfg.proxyType->data();
-            proxyUrl += "://";
-
             if(cfg.proxyAuthRequired) {
                 proxyUrl += *cfg.proxyUsername;
                 proxyUrl += ":";
                 proxyUrl += *cfg.proxyPass;
                 proxyUrl += "@";
             }
+            
+            proxyUrl += cfg.proxyType->data();
+            proxyUrl += "://";
 
             proxyUrl += *cfg.proxyHost;
             if(cfg.proxyPort.value_or(0) > 0) {
@@ -101,7 +107,7 @@ class WebSocket {
             // Set environment variable for libwebsockets to pick up
             
             log(LogLevel::Debug, "WebSocket proxy %s", proxyUrl.c_str());
-            setenv((cfg.proxyType == "https" ? "https_proxy" : "http_proxy"), proxyUrl.c_str(), 1);
+            info.http_proxy_address = proxyUrl.c_str();
         }
 
         const std::string_view prefix = "https://";