From 7e17de5f863a96d2f4e67fd27daeade3b1b1d471 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Tue, 11 Dec 2018 19:38:21 +0000 Subject: [PATCH] fireinfo: Add authentication for upstream proxies Signed-off-by: Michael Tremer --- lfs/fireinfo | 1 + ...t-upstream-proxy-with-authentication.patch | 61 +++++++++++++++++++ 2 files changed, 62 insertions(+) create mode 100644 src/patches/fireinfo-support-upstream-proxy-with-authentication.patch diff --git a/lfs/fireinfo b/lfs/fireinfo index df736e0f31..2e6d1e94c9 100644 --- a/lfs/fireinfo +++ b/lfs/fireinfo @@ -73,6 +73,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-Don-t-crash-when-proc-cpuinfo-doesn-t-have-any-infor.patch cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-Ignore-any-systems-with-ID-Default-string.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch cd $(DIR_APP) && [ -x "configure" ] || sh ./autogen.sh cd $(DIR_APP) && ./configure --prefix=/usr diff --git a/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch b/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch new file mode 100644 index 0000000000..1e5a986556 --- /dev/null +++ b/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch @@ -0,0 +1,61 @@ +From 74c5e2adc61548900e256c3e58a0a63f5b3c2a4f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Peter=20M=C3=BCller?= +Date: Tue, 4 Dec 2018 18:13:15 +0100 +Subject: [PATCH] fireinfo: support upstream proxy with authentication +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Fireinfo could not send its profile to https://fireinfo.ipfire.org/ +if the machine is behind an upstream proxy which requires username +and password. This is fixed by tweaking urllib2's opening handler. + +To apply this on existing installations, the fireinfo package +needs to be shipped during an update. + +The third version of this patch fixes bogus indention, assembles +proxy authentication string more readable and preserves HTTP +proxy handler. + +Fixes #11905 + +Signed-off-by: Peter Müller +Cc: Michael Tremer +Signed-off-by: Michael Tremer +--- + src/sendprofile | 14 ++++++++++++-- + 1 file changed, 12 insertions(+), 2 deletions(-) + mode change 100644 => 100755 src/sendprofile + +diff --git a/src/sendprofile b/src/sendprofile +old mode 100644 +new mode 100755 +index b836567..3ce68b9 +--- a/src/sendprofile ++++ b/src/sendprofile +@@ -73,10 +73,20 @@ def send_profile(profile): + request.add_header("User-Agent", "fireinfo/%s" % fireinfo.__version__) + + # Set upstream proxy if we have one. +- # XXX this cannot handle authentication + proxy = get_upstream_proxy() ++ + if proxy["host"]: +- request.set_proxy(proxy["host"], "http") ++ # handling upstream proxies with authentication is more tricky... ++ if proxy["user"] and proxy["pass"]: ++ prx_auth_string = "http://%s:%s@%s/" % (proxy["user"], proxy["pass"], proxy["host"]) ++ ++ proxy_handler = urllib2.ProxyHandler({'http': prx_auth_string, 'https': prx_auth_string}) ++ auth = urllib2.HTTPBasicAuthHandler() ++ opener = urllib2.build_opener(proxy_handler, auth, urllib2.HTTPHandler) ++ urllib2.install_opener(opener) ++ else: ++ request.set_proxy(proxy["host"], "http") ++ request.set_proxy(proxy["host"], "https") + + try: + urllib2.urlopen(request, timeout=60) +-- +2.6.3 + -- 2.39.5