fireinfo: Add authentication for upstream proxies

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/lfs/fireinfo b/lfs/fireinfo
index df736e0f3159c738d61ebd6d4c5e68230db1d1d7..2e6d1e94c9bdb68877969a1874acfe3cee798fec 100644 (file)
--- a/lfs/fireinfo
+++ b/lfs/fireinfo
@@ -73,6 +73,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 
        cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-Don-t-crash-when-proc-cpuinfo-doesn-t-have-any-infor.patch
        cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-Ignore-any-systems-with-ID-Default-string.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch
 
        cd $(DIR_APP) && [ -x "configure" ] || sh ./autogen.sh
        cd $(DIR_APP) && ./configure --prefix=/usr

diff --git a/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch b/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch
new file mode 100644 (file)
index 0000000..1e5a986
--- /dev/null
+++ b/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch
@@ -0,0 +1,61 @@
+From 74c5e2adc61548900e256c3e58a0a63f5b3c2a4f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Peter=20M=C3=BCller?= <peter.mueller@link38.eu>
+Date: Tue, 4 Dec 2018 18:13:15 +0100
+Subject: [PATCH] fireinfo: support upstream proxy with authentication
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Fireinfo could not send its profile to https://fireinfo.ipfire.org/
+if the machine is behind an upstream proxy which requires username
+and password. This is fixed by tweaking urllib2's opening handler.
+
+To apply this on existing installations, the fireinfo package
+needs to be shipped during an update.
+
+The third version of this patch fixes bogus indention, assembles
+proxy authentication string more readable and preserves HTTP
+proxy handler.
+
+Fixes #11905
+
+Signed-off-by: Peter Müller <peter.mueller@link38.eu>
+Cc: Michael Tremer <michael.tremer@ipfire.org>
+Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
+---
+ src/sendprofile | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+ mode change 100644 => 100755 src/sendprofile
+
+diff --git a/src/sendprofile b/src/sendprofile
+old mode 100644
+new mode 100755
+index b836567..3ce68b9
+--- a/src/sendprofile
++++ b/src/sendprofile
+@@ -73,10 +73,20 @@ def send_profile(profile):
+       request.add_header("User-Agent", "fireinfo/%s" % fireinfo.__version__)
+ 
+       # Set upstream proxy if we have one.
+-      # XXX this cannot handle authentication
+       proxy = get_upstream_proxy()
++
+       if proxy["host"]:
+-              request.set_proxy(proxy["host"], "http")
++              # handling upstream proxies with authentication is more tricky...
++              if proxy["user"] and proxy["pass"]:
++                      prx_auth_string = "http://%s:%s@%s/" % (proxy["user"], proxy["pass"], proxy["host"])
++
++                      proxy_handler = urllib2.ProxyHandler({'http': prx_auth_string, 'https': prx_auth_string})
++                      auth = urllib2.HTTPBasicAuthHandler()
++                      opener = urllib2.build_opener(proxy_handler, auth, urllib2.HTTPHandler)
++                      urllib2.install_opener(opener)
++              else:
++                      request.set_proxy(proxy["host"], "http")
++                      request.set_proxy(proxy["host"], "https")
+ 
+       try:
+               urllib2.urlopen(request, timeout=60)
+-- 
+2.6.3
+