From 2b94fa366ed785750382edaa57a936253d0cc34f Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Wed, 3 Mar 2021 09:51:38 -0500
Subject: [PATCH] [wip] Add auth inputs for proxy settings, fix some broken
 logic

---
 salt/common/tools/sbin/so-common |  4 ++--
 setup/so-functions               | 29 +++++++++++++++++++++++++++++
 setup/so-whiptail                | 18 ++++++++++++++++++
 3 files changed, 49 insertions(+), 2 deletions(-)

diff --git a/salt/common/tools/sbin/so-common b/salt/common/tools/sbin/so-common
index cdc8b4772..438fe9329 100755
--- a/salt/common/tools/sbin/so-common
+++ b/salt/common/tools/sbin/so-common
@@ -346,7 +346,7 @@ valid_proxy() {
 
 	local has_prefix=false
 	for prefix in "${url_prefixes[@]}"; do
-		echo "$proxy" | grep "$prefix" && has_prefix=true && proxy=${proxy#"$prefix"}
+		echo "$proxy" | grep "$prefix" && has_prefix=true && proxy=${proxy#"$prefix"} && break
 	done
 	
 	local url
@@ -357,7 +357,7 @@ valid_proxy() {
 		valid_url=false
 	fi
 
-	[[ $has_prefix == true ]] && [[ $valid_url ]] && return 0 || return 1
+	[[ $has_prefix == true ]] && [[ $valid_url == true ]] && return 0 || return 1
 }
 
 valid_string() {
diff --git a/setup/so-functions b/setup/so-functions
index d457e7005..c8adbc9f5 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -537,12 +537,41 @@ collect_patch_schedule_name_import() {
 
 collect_proxy() {
 	if whiptail_proxy_ask; then
+
 		whiptail_proxy_addr
 
 		while ! valid_proxy "$proxy_addr"; do
 			whiptail_invalid_input
 			whiptail_proxy_addr
 		done
+
+		if whiptail_proxy_auth_ask; then
+			whiptail_proxy_auth_user
+
+			while ! valid_string "$proxy_user"; do
+				whiptail_invalid_input
+				whiptail_proxy_auth_user
+			done
+
+			whiptail_proxy_auth_pass
+
+			while ! valid_string "$proxy_pass"; do
+				whiptail_invalid_input
+				whiptail_proxy_auth_pass
+			done
+
+			local url_prefixes=( 'http://' 'https://' )
+			for prefix in "${url_prefixes[@]}"; do
+				if echo "$proxy_addr" | grep "$prefix"; then
+					proxy=${proxy_addr#"$prefix"}
+					proxy="${prefix}${proxy_user}:${proxy_pass}@${proxy}"
+					break
+				fi
+			done
+		else
+			proxy="$proxy_addr"
+		fi
+		export proxy
 	fi
 }
 
diff --git a/setup/so-whiptail b/setup/so-whiptail
index 6baa143ad..205bf6f98 100755
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -1231,6 +1231,24 @@ whiptail_proxy_addr() {
 	whiptail_check_exitstatus $exitstatus
 }
 
+whiptail_proxy_auth_ask() {
+	[ -n "$TESTING" ] && return
+
+	whiptail --title "Security Onion Setup" --yesno "Does your proxy require authentication?" 7 60
+}
+
+whiptail_proxy_auth_user() {
+	[ -n "$TESTING" ] && return
+	
+	proxy_user=$(whiptail --title "Security Onion Setup" --inputbox "Please input the proxy user:" 8 60 3>&1 1>&2 2>&3)
+}
+
+whiptail_proxy_auth_pass() {
+	[ -n "$TESTING" ] && return
+
+	proxy_pass=$(whiptail --title "Security Onion Setup" --inputbox "Please input the proxy password:" 8 60 3>&1 1>&2 2>&3)
+}
+
 whiptail_requirements_error() {
 
 	local requirement_needed=$1