iPXE discussion forum

iPXE discussion forum > iPXE user forums > General > Build iPXE binary (undionly.kpxe) to handle http basic authentication
Full Version: Build iPXE binary (undionly.kpxe) to handle http basic authentication
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

riyane

2016-08-19, 08:55
Hi everyone


I am currently having a troubles to send an HTTP request with basic authentication from a host running an iPXE (undionly.kpxe) binary.

The request http://<login>:<psw>@<ip> sends an http request where the header does not contain any authentication.

I think that the binary that I built does not handle http basic authentication. The command that I used to build it is:
make bin/undionly.kpxe HTTP_AUTH_BASIC=enable DOWNLOAD_PROTO_HTTPS=enable EMBED=<iPxeScript>

Could anyone tell me how to properly build my ipxe binary in order to handle http basic authentication. Or if the request that I wrote on the iPXE script is wrong.

krackajak

2016-12-17, 01:25
I'm having the same issue, did you figure this out?

NiKiZe

2016-12-17, 10:57
HTTP_AUTH_BASIC is already defined by default
We can see this forum post about syntax and that it should work.

To enable features such as DOWNLOAD_PROTO_HTTPS
you will want to edit src/config/local/general.h (which is created on build if it does not exist and is empty by default)
in this case i would add
Code:
#define DOWNLOAD_PROTO_HTTPS    /* Secure Hypertext Transfer Protocol */

which is copied from src/config/general.h and the #undef is just changed to #define
The define should be in the the same src/config/local/xxx.h filename as it is already in the src/config/xxx.h path.

src/config/local is used so that it is not overriden or causes confilicts on uppstream changes, also note that only changes are defined, do not copy general.h and then enable everything - because that will sooner or later leave you with a build that won't work.

by looking on the ipxe.name.tmp.map file that is generated when building you can see which features was included in the resulting binary,
in this case we can do
Code:
grep https bin/undionly.kpxe.tmp.map
and we can see if any https related code was included or not.

krackajak

2016-12-20, 00:13
Already had that build flag enabled. The issue is that commits were made ane now iPXE will only send auth information if it first gets a 401. Unfortunately the server we are booting from is public and for security reasons, returns 404. There is a solution in this thread around php, but I'm not familiar enough to implement it.

http://lists.ipxe.org/pipermail/ipxe-dev...01733.html
iPXE discussion forum > iPXE user forums > General > Build iPXE binary (undionly.kpxe) to handle http basic authentication
Reference URL's