corretly use proxy CONNECT

There is a bug in LWP:UserAgent - it does not use CONNECT for https proxy calls. So such calls fails with SQUID.

corretly use proxy CONNECT
There is a bug in LWP:UserAgent - it does not use CONNECT for https proxy calls. So such calls fails with SQUID.
12f6913e · Dietmar Maurer · bf90f2bd · 12f6913e · 12f6913e · 12f6913e
Commit 12f6913e authored Sep 09, 2013 by Dietmar Maurer
Hide whitespace changes
Inline Side-by-side

Showing with 36 additions and 2 deletions

APT.pm PVE/API2/APT.pm +8 -1

Subscription.pm PVE/API2/Subscription.pm +8 -1

API2Tools.pm PVE/API2Tools.pm +20 -0

No files found.
--- a/PVE/API2/APT.pm
+++ b/PVE/API2/APT.pm
@@ -18,6 +18,7 @@ use PVE::INotify;
 use PVE::Exception;
 use PVE::RESTHandler;
 use PVE::RPCEnvironment;
+use PVE::API2Tools;

 use JSON;
 use PVE::JSONSchema qw(get_standard_option);
@@ -455,8 +456,14 @@ __PACKAGE__->register_method({
 	$ua->max_size(1024*1024);
 	$ua->ssl_opts(verify_hostname => 0); # don't care for changelogs

+	# HACK: LWP does not use proxy 'CONNECT' for https
+	local $ENV{PERL_NET_HTTPS_SSL_SOCKET_CLASS} = "Net::SSL";
+	local ($ENV{HTTPS_PROXY}, $ENV{HTTPS_PROXY_USERNAME}, $ENV{HTTPS_PROXY_PASSWORD});
+
 	if ($proxy) {
-	    $ua->proxy(['http', 'https'], $proxy);
+	    ($ENV{HTTPS_PROXY}, $ENV{HTTPS_PROXY_USERNAME}, $ENV{HTTPS_PROXY_PASSWORD}) =
+		PVE::API2Tools::parse_http_proxy($proxy);
+	    $ua->proxy(['http'], $proxy);
 	} else {
 	    $ua->env_proxy;
 	}

--- a/PVE/API2/Subscription.pm
+++ b/PVE/API2/Subscription.pm
@@ -224,9 +224,16 @@ sub check_subscription {
    $req->content($content);

    my $ua = LWP::UserAgent->new(protocols_allowed => ['https'], timeout => 30);
+    $ua->ssl_opts(verify_hostname => 0); # don't care
+
+    # HACK: LWP does not use proxy 'CONNECT' for https
+    local $ENV{PERL_NET_HTTPS_SSL_SOCKET_CLASS} = "Net::SSL";
+    local ($ENV{HTTPS_PROXY}, $ENV{HTTPS_PROXY_USERNAME}, $ENV{HTTPS_PROXY_PASSWORD});

    if ($proxy) {
-	$ua->proxy(['http', 'https'], $proxy);
+	($ENV{HTTPS_PROXY}, $ENV{HTTPS_PROXY_USERNAME}, $ENV{HTTPS_PROXY_PASSWORD}) =
+	    PVE::API2Tools::parse_http_proxy($proxy);
+	$ua->proxy(['http'], $proxy);
    } else {
 	$ua->env_proxy;
    }

--- a/PVE/API2Tools.pm
+++ b/PVE/API2Tools.pm
@@ -4,6 +4,8 @@ use strict;
 use warnings;
 use PVE::Tools;
 use Digest::MD5 qw(md5_hex);
+use URI;
+use URI::Escape;

 my $hwaddress;

@@ -113,4 +115,22 @@ sub extract_storage_stats {
    return $entry;
 };

+sub parse_http_proxy {
+    my ($proxyenv) = @_;
+
+    my $uri = URI->new($proxyenv);
+
+    my $scheme = $uri->scheme;
+    my $host = $uri->host;
+    my $port = $uri->port || 3128;
+
+    my ($username, $password);
+
+    if (defined(my $p_auth = $uri->userinfo())) {
+	($username, $password) = map URI::Escape::uri_unescape($_), split(":", $p_auth, 2);
+    }
+
+    return ("$host:$port", $username, $password);
+}
+
 1;