Commit 12f6913e authored by Dietmar Maurer's avatar Dietmar Maurer

corretly use proxy CONNECT

There is a bug in LWP:UserAgent - it does not use CONNECT for https
proxy calls. So such calls fails with SQUID.
parent bf90f2bd
...@@ -18,6 +18,7 @@ use PVE::INotify; ...@@ -18,6 +18,7 @@ use PVE::INotify;
use PVE::Exception; use PVE::Exception;
use PVE::RESTHandler; use PVE::RESTHandler;
use PVE::RPCEnvironment; use PVE::RPCEnvironment;
use PVE::API2Tools;
use JSON; use JSON;
use PVE::JSONSchema qw(get_standard_option); use PVE::JSONSchema qw(get_standard_option);
...@@ -455,8 +456,14 @@ __PACKAGE__->register_method({ ...@@ -455,8 +456,14 @@ __PACKAGE__->register_method({
$ua->max_size(1024*1024); $ua->max_size(1024*1024);
$ua->ssl_opts(verify_hostname => 0); # don't care for changelogs $ua->ssl_opts(verify_hostname => 0); # don't care for changelogs
# HACK: LWP does not use proxy 'CONNECT' for https
local $ENV{PERL_NET_HTTPS_SSL_SOCKET_CLASS} = "Net::SSL";
local ($ENV{HTTPS_PROXY}, $ENV{HTTPS_PROXY_USERNAME}, $ENV{HTTPS_PROXY_PASSWORD});
if ($proxy) { if ($proxy) {
$ua->proxy(['http', 'https'], $proxy); ($ENV{HTTPS_PROXY}, $ENV{HTTPS_PROXY_USERNAME}, $ENV{HTTPS_PROXY_PASSWORD}) =
PVE::API2Tools::parse_http_proxy($proxy);
$ua->proxy(['http'], $proxy);
} else { } else {
$ua->env_proxy; $ua->env_proxy;
} }
......
...@@ -224,9 +224,16 @@ sub check_subscription { ...@@ -224,9 +224,16 @@ sub check_subscription {
$req->content($content); $req->content($content);
my $ua = LWP::UserAgent->new(protocols_allowed => ['https'], timeout => 30); my $ua = LWP::UserAgent->new(protocols_allowed => ['https'], timeout => 30);
$ua->ssl_opts(verify_hostname => 0); # don't care
# HACK: LWP does not use proxy 'CONNECT' for https
local $ENV{PERL_NET_HTTPS_SSL_SOCKET_CLASS} = "Net::SSL";
local ($ENV{HTTPS_PROXY}, $ENV{HTTPS_PROXY_USERNAME}, $ENV{HTTPS_PROXY_PASSWORD});
if ($proxy) { if ($proxy) {
$ua->proxy(['http', 'https'], $proxy); ($ENV{HTTPS_PROXY}, $ENV{HTTPS_PROXY_USERNAME}, $ENV{HTTPS_PROXY_PASSWORD}) =
PVE::API2Tools::parse_http_proxy($proxy);
$ua->proxy(['http'], $proxy);
} else { } else {
$ua->env_proxy; $ua->env_proxy;
} }
......
...@@ -4,6 +4,8 @@ use strict; ...@@ -4,6 +4,8 @@ use strict;
use warnings; use warnings;
use PVE::Tools; use PVE::Tools;
use Digest::MD5 qw(md5_hex); use Digest::MD5 qw(md5_hex);
use URI;
use URI::Escape;
my $hwaddress; my $hwaddress;
...@@ -113,4 +115,22 @@ sub extract_storage_stats { ...@@ -113,4 +115,22 @@ sub extract_storage_stats {
return $entry; return $entry;
}; };
sub parse_http_proxy {
my ($proxyenv) = @_;
my $uri = URI->new($proxyenv);
my $scheme = $uri->scheme;
my $host = $uri->host;
my $port = $uri->port || 3128;
my ($username, $password);
if (defined(my $p_auth = $uri->userinfo())) {
($username, $password) = map URI::Escape::uri_unescape($_), split(":", $p_auth, 2);
}
return ("$host:$port", $username, $password);
}
1; 1;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment