Fireinfo could not send its profile to https://fireinfo.ipfire.org/ if the machine is behind an upstream proxy which requires username and password. This is fixed by tweaking urllib2's opening handler.
To apply this on existing installations, the fireinfo package needs to be shipped during an update.
The second version of this patch fixes bogus indention, assembles proxy authentication string more readable and preserves HTTP proxy handler.
Fixes #11905
Signed-off-by: Peter Müller peter.mueller@link38.eu Cc: Michael Tremer michael.tremer@ipfire.org --- src/sendprofile | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) mode change 100644 => 100755 src/sendprofile
diff --git a/src/sendprofile b/src/sendprofile old mode 100644 new mode 100755 index b836567..1f32440 --- a/src/sendprofile +++ b/src/sendprofile @@ -73,10 +73,21 @@ def send_profile(profile): request.add_header("User-Agent", "fireinfo/%s" % fireinfo.__version__)
# Set upstream proxy if we have one. - # XXX this cannot handle authentication proxy = get_upstream_proxy() + if proxy["host"]: - request.set_proxy(proxy["host"], "http") + # handling upstream proxies with authentication is more tricky... + if proxy["user"] and proxy["pass"]: + prx_auth_string = "http://%s:%s@%s/" % (proxy["user"], proxy["pass"], proxy["host"]) + + proxy_handler = urllib2.ProxyHandler({'http': prx_auth_string}) + proxy_handler = urllib2.ProxyHandler({'https': prx_auth_string}) + auth = urllib2.HTTPBasicAuthHandler() + opener = urllib2.build_opener(proxy_handler, auth, urllib2.HTTPHandler) + urllib2.install_opener(opener) + else: + request.set_proxy(proxy["host"], "http") + request.set_proxy(proxy["host"], "https")
try: urllib2.urlopen(request, timeout=60)
Hello,
thanks for adding authentication and support for HTTPS to fireinfo.
On 29/10/2018 05:22 PM, Peter Müller wrote:
Fireinfo could not send its profile to https://fireinfo.ipfire.org/ if the machine is behind an upstream proxy which requires username and password. This is fixed by tweaking urllib2's opening handler.
To apply this on existing installations, the fireinfo package needs to be shipped during an update.
Yes, obvs :)
The second version of this patch fixes bogus indention, assembles proxy authentication string more readable and preserves HTTP proxy handler.
Fixes #11905
Signed-off-by: Peter Müller peter.mueller@link38.eu Cc: Michael Tremer michael.tremer@ipfire.org
src/sendprofile | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) mode change 100644 => 100755 src/sendprofile
diff --git a/src/sendprofile b/src/sendprofile old mode 100644 new mode 100755 index b836567..1f32440 --- a/src/sendprofile +++ b/src/sendprofile @@ -73,10 +73,21 @@ def send_profile(profile): request.add_header("User-Agent", "fireinfo/%s" % fireinfo.__version__)
# Set upstream proxy if we have one.
- # XXX this cannot handle authentication proxy = get_upstream_proxy()
- if proxy["host"]:
request.set_proxy(proxy["host"], "http")
# handling upstream proxies with authentication is more tricky...if proxy["user"] and proxy["pass"]:prx_auth_string = "http://%s:%s@%s/" % (proxy["user"],proxy["pass"], proxy["host"])
proxy_handler = urllib2.ProxyHandler({'http': prx_auth_string})proxy_handler = urllib2.ProxyHandler({'https': prx_auth_string})
You are overwriting the proxy_handler variable here and that creates this only for HTTPS which is not what we want here.
auth = urllib2.HTTPBasicAuthHandler()opener = urllib2.build_opener(proxy_handler, auth,urllib2.HTTPHandler)
urllib2.install_opener(opener)else:request.set_proxy(proxy["host"], "http")request.set_proxy(proxy["host"], "https")try: urllib2.urlopen(request, timeout=60)
Fireinfo could not send its profile to https://fireinfo.ipfire.org/ if the machine is behind an upstream proxy which requires username and password. This is fixed by tweaking urllib2's opening handler.
To apply this on existing installations, the fireinfo package needs to be shipped during an update.
The third version of this patch fixes bogus indention, assembles proxy authentication string more readable and preserves HTTP proxy handler.
Fixes #11905
Signed-off-by: Peter Müller peter.mueller@link38.eu Cc: Michael Tremer michael.tremer@ipfire.org --- src/sendprofile | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) mode change 100644 => 100755 src/sendprofile
diff --git a/src/sendprofile b/src/sendprofile old mode 100644 new mode 100755 index b836567..3ce68b9 --- a/src/sendprofile +++ b/src/sendprofile @@ -73,10 +73,20 @@ def send_profile(profile): request.add_header("User-Agent", "fireinfo/%s" % fireinfo.__version__)
# Set upstream proxy if we have one. - # XXX this cannot handle authentication proxy = get_upstream_proxy() + if proxy["host"]: - request.set_proxy(proxy["host"], "http") + # handling upstream proxies with authentication is more tricky... + if proxy["user"] and proxy["pass"]: + prx_auth_string = "http://%s:%s@%s/" % (proxy["user"], proxy["pass"], proxy["host"]) + + proxy_handler = urllib2.ProxyHandler({'http': prx_auth_string, 'https': prx_auth_string}) + auth = urllib2.HTTPBasicAuthHandler() + opener = urllib2.build_opener(proxy_handler, auth, urllib2.HTTPHandler) + urllib2.install_opener(opener) + else: + request.set_proxy(proxy["host"], "http") + request.set_proxy(proxy["host"], "https")
try: urllib2.urlopen(request, timeout=60)
Hello Michael,
is there any chance to get this into upcoming Core Update 126?
Thanks, and best regards, Peter Müller
Am 04.12.18 um 18:13 schrieb Peter Müller:
Fireinfo could not send its profile to https://fireinfo.ipfire.org/ if the machine is behind an upstream proxy which requires username and password. This is fixed by tweaking urllib2's opening handler.
To apply this on existing installations, the fireinfo package needs to be shipped during an update.
The third version of this patch fixes bogus indention, assembles proxy authentication string more readable and preserves HTTP proxy handler.
Fixes #11905
Signed-off-by: Peter Müller peter.mueller@link38.eu Cc: Michael Tremer michael.tremer@ipfire.org
src/sendprofile | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) mode change 100644 => 100755 src/sendprofile
diff --git a/src/sendprofile b/src/sendprofile old mode 100644 new mode 100755 index b836567..3ce68b9 --- a/src/sendprofile +++ b/src/sendprofile @@ -73,10 +73,20 @@ def send_profile(profile): request.add_header("User-Agent", "fireinfo/%s" % fireinfo.__version__)
# Set upstream proxy if we have one.
- # XXX this cannot handle authentication proxy = get_upstream_proxy()
- if proxy["host"]:
request.set_proxy(proxy["host"], "http")
# handling upstream proxies with authentication is more tricky...if proxy["user"] and proxy["pass"]:prx_auth_string = "http://%s:%s@%s/" % (proxy["user"], proxy["pass"], proxy["host"])proxy_handler = urllib2.ProxyHandler({'http': prx_auth_string, 'https': prx_auth_string})auth = urllib2.HTTPBasicAuthHandler()opener = urllib2.build_opener(proxy_handler, auth, urllib2.HTTPHandler)urllib2.install_opener(opener)else:request.set_proxy(proxy["host"], "http")request.set_proxy(proxy["host"], "https")try: urllib2.urlopen(request, timeout=60)
Hi,
No, the Core Update is already tagged, built and uploaded to the mirrors.
The release announcement is also ready, but Arne hasn’t released it, yet.
-Michael
On 10 Dec 2018, at 15:29, Peter Müller peter.mueller@link38.eu wrote:
Hello Michael,
is there any chance to get this into upcoming Core Update 126?
Thanks, and best regards, Peter Müller
Am 04.12.18 um 18:13 schrieb Peter Müller:
Fireinfo could not send its profile to https://fireinfo.ipfire.org/ if the machine is behind an upstream proxy which requires username and password. This is fixed by tweaking urllib2's opening handler.
To apply this on existing installations, the fireinfo package needs to be shipped during an update.
The third version of this patch fixes bogus indention, assembles proxy authentication string more readable and preserves HTTP proxy handler.
Fixes #11905
Signed-off-by: Peter Müller peter.mueller@link38.eu Cc: Michael Tremer michael.tremer@ipfire.org
src/sendprofile | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) mode change 100644 => 100755 src/sendprofile
diff --git a/src/sendprofile b/src/sendprofile old mode 100644 new mode 100755 index b836567..3ce68b9 --- a/src/sendprofile +++ b/src/sendprofile @@ -73,10 +73,20 @@ def send_profile(profile): request.add_header("User-Agent", "fireinfo/%s" % fireinfo.__version__)
# Set upstream proxy if we have one.
- # XXX this cannot handle authentication proxy = get_upstream_proxy()
- if proxy["host"]:
request.set_proxy(proxy["host"], "http")
# handling upstream proxies with authentication is more tricky...if proxy["user"] and proxy["pass"]:prx_auth_string = "http://%s:%s@%s/" % (proxy["user"], proxy["pass"], proxy["host"])proxy_handler = urllib2.ProxyHandler({'http': prx_auth_string, 'https': prx_auth_string})auth = urllib2.HTTPBasicAuthHandler()opener = urllib2.build_opener(proxy_handler, auth, urllib2.HTTPHandler)urllib2.install_opener(opener)else:request.set_proxy(proxy["host"], "http")request.set_proxy(proxy["host"], "https")try: urllib2.urlopen(request, timeout=60)
-- Microsoft DNS service terminates abnormally when it recieves a response to a DNS query that was never made. Fix Information: Run your DNS service on a different platform. -- bugtraq
Merged and scheduled for Core Update 127!
On 10 Dec 2018, at 19:09, Michael Tremer michael.tremer@ipfire.org wrote:
Hi,
No, the Core Update is already tagged, built and uploaded to the mirrors.
The release announcement is also ready, but Arne hasn’t released it, yet.
-Michael
On 10 Dec 2018, at 15:29, Peter Müller peter.mueller@link38.eu wrote:
Hello Michael,
is there any chance to get this into upcoming Core Update 126?
Thanks, and best regards, Peter Müller
Am 04.12.18 um 18:13 schrieb Peter Müller:
Fireinfo could not send its profile to https://fireinfo.ipfire.org/ if the machine is behind an upstream proxy which requires username and password. This is fixed by tweaking urllib2's opening handler.
To apply this on existing installations, the fireinfo package needs to be shipped during an update.
The third version of this patch fixes bogus indention, assembles proxy authentication string more readable and preserves HTTP proxy handler.
Fixes #11905
Signed-off-by: Peter Müller peter.mueller@link38.eu Cc: Michael Tremer michael.tremer@ipfire.org
src/sendprofile | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) mode change 100644 => 100755 src/sendprofile
diff --git a/src/sendprofile b/src/sendprofile old mode 100644 new mode 100755 index b836567..3ce68b9 --- a/src/sendprofile +++ b/src/sendprofile @@ -73,10 +73,20 @@ def send_profile(profile): request.add_header("User-Agent", "fireinfo/%s" % fireinfo.__version__)
# Set upstream proxy if we have one.
- # XXX this cannot handle authentication proxy = get_upstream_proxy()
- if proxy["host"]:
request.set_proxy(proxy["host"], "http")
# handling upstream proxies with authentication is more tricky...if proxy["user"] and proxy["pass"]:prx_auth_string = "http://%s:%s@%s/" % (proxy["user"], proxy["pass"], proxy["host"])proxy_handler = urllib2.ProxyHandler({'http': prx_auth_string, 'https': prx_auth_string})auth = urllib2.HTTPBasicAuthHandler()opener = urllib2.build_opener(proxy_handler, auth, urllib2.HTTPHandler)urllib2.install_opener(opener)else:request.set_proxy(proxy["host"], "http")request.set_proxy(proxy["host"], "https")try: urllib2.urlopen(request, timeout=60)
-- Microsoft DNS service terminates abnormally when it recieves a response to a DNS query that was never made. Fix Information: Run your DNS service on a different platform. -- bugtraq
-
Michael Tremer -
Peter Müller