--- /dev/null
+From 74c5e2adc61548900e256c3e58a0a63f5b3c2a4f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Peter=20M=C3=BCller?= <peter.mueller@link38.eu>
+Date: Tue, 4 Dec 2018 18:13:15 +0100
+Subject: [PATCH] fireinfo: support upstream proxy with authentication
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Fireinfo could not send its profile to https://fireinfo.ipfire.org/
+if the machine is behind an upstream proxy which requires username
+and password. This is fixed by tweaking urllib2's opening handler.
+
+To apply this on existing installations, the fireinfo package
+needs to be shipped during an update.
+
+The third version of this patch fixes bogus indention, assembles
+proxy authentication string more readable and preserves HTTP
+proxy handler.
+
+Fixes #11905
+
+Signed-off-by: Peter Müller <peter.mueller@link38.eu>
+Cc: Michael Tremer <michael.tremer@ipfire.org>
+Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
+---
+ src/sendprofile | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+ mode change 100644 => 100755 src/sendprofile
+
+diff --git a/src/sendprofile b/src/sendprofile
+old mode 100644
+new mode 100755
+index b836567..3ce68b9
+--- a/src/sendprofile
++++ b/src/sendprofile
+@@ -73,10 +73,20 @@ def send_profile(profile):
+ request.add_header("User-Agent", "fireinfo/%s" % fireinfo.__version__)
+
+ # Set upstream proxy if we have one.
+- # XXX this cannot handle authentication
+ proxy = get_upstream_proxy()
++
+ if proxy["host"]:
+- request.set_proxy(proxy["host"], "http")
++ # handling upstream proxies with authentication is more tricky...
++ if proxy["user"] and proxy["pass"]:
++ prx_auth_string = "http://%s:%s@%s/" % (proxy["user"], proxy["pass"], proxy["host"])
++
++ proxy_handler = urllib2.ProxyHandler({'http': prx_auth_string, 'https': prx_auth_string})
++ auth = urllib2.HTTPBasicAuthHandler()
++ opener = urllib2.build_opener(proxy_handler, auth, urllib2.HTTPHandler)
++ urllib2.install_opener(opener)
++ else:
++ request.set_proxy(proxy["host"], "http")
++ request.set_proxy(proxy["host"], "https")
+
+ try:
+ urllib2.urlopen(request, timeout=60)
+--
+2.6.3
+