src/patches/fireinfo-support-upstream-proxy-with-authentication.patch

   1 From 74c5e2adc61548900e256c3e58a0a63f5b3c2a4f Mon Sep 17 00:00:00 2001
   2 From: =?UTF-8?q?Peter=20M=C3=BCller?= <peter.mueller@link38.eu>
   3 Date: Tue, 4 Dec 2018 18:13:15 +0100
   4 Subject: [PATCH] fireinfo: support upstream proxy with authentication
   5 MIME-Version: 1.0
   6 Content-Type: text/plain; charset=UTF-8
   7 Content-Transfer-Encoding: 8bit
   8
   9 Fireinfo could not send its profile to https://fireinfo.ipfire.org/
  10 if the machine is behind an upstream proxy which requires username
  11 and password. This is fixed by tweaking urllib2's opening handler.
  12
  13 To apply this on existing installations, the fireinfo package
  14 needs to be shipped during an update.
  15
  16 The third version of this patch fixes bogus indention, assembles
  17 proxy authentication string more readable and preserves HTTP
  18 proxy handler.
  19
  20 Fixes #11905
  21
  22 Signed-off-by: Peter Müller <peter.mueller@link38.eu>
  23 Cc: Michael Tremer <michael.tremer@ipfire.org>
  24 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
  25 ---
  26  src/sendprofile | 14 ++++++++++++--
  27  1 file changed, 12 insertions(+), 2 deletions(-)
  28  mode change 100644 => 100755 src/sendprofile
  29
  30 diff --git a/src/sendprofile b/src/sendprofile
  31 old mode 100644
  32 new mode 100755
  33 index b836567..3ce68b9
  34 --- a/src/sendprofile
  35 +++ b/src/sendprofile
  36 @@ -73,10 +73,20 @@ def send_profile(profile):
  37         request.add_header("User-Agent", "fireinfo/%s" % fireinfo.__version__)
  38
  39         # Set upstream proxy if we have one.
  40 -       # XXX this cannot handle authentication
  41         proxy = get_upstream_proxy()
  42 +
  43         if proxy["host"]:
  44 -               request.set_proxy(proxy["host"], "http")
  45 +               # handling upstream proxies with authentication is more tricky...
  46 +               if proxy["user"] and proxy["pass"]:
  47 +                       prx_auth_string = "http://%s:%s@%s/" % (proxy["user"], proxy["pass"], proxy["host"])
  48 +
  49 +                       proxy_handler = urllib2.ProxyHandler({'http': prx_auth_string, 'https': prx_auth_string})
  50 +                       auth = urllib2.HTTPBasicAuthHandler()
  51 +                       opener = urllib2.build_opener(proxy_handler, auth, urllib2.HTTPHandler)
  52 +                       urllib2.install_opener(opener)
  53 +               else:
  54 +                       request.set_proxy(proxy["host"], "http")
  55 +                       request.set_proxy(proxy["host"], "https")
  56
  57         try:
  58                 urllib2.urlopen(request, timeout=60)
  59 --
  60 2.6.3
  61