[pve-devel] [PATCH 1/3] set up proxy for UserAgent

Wolfgang Link w.link at proxmox.com
Thu Feb 25 14:47:45 CET 2016 

Http, https proxy are supported on http and https sites.
Now the server will also be verified.
---
 PVE/API2/Subscription.pm | 21 ++++++++-------------
 PVE/APLInfo.pm           | 15 +++++++--------
 2 files changed, 15 insertions(+), 21 deletions(-)

diff --git a/PVE/API2/Subscription.pm b/PVE/API2/Subscription.pm
index 47cd408..c615153 100644
--- a/PVE/API2/Subscription.pm
+++ b/PVE/API2/Subscription.pm
@@ -4,7 +4,6 @@ use strict;
 use warnings;
 use Digest::MD5 qw(md5_hex md5_base64);
 use MIME::Base64;
-use Net::SSL;
 use HTTP::Request;
 use LWP::UserAgent;
 use JSON; 
@@ -224,19 +223,15 @@ sub check_subscription {
     $req->header('Content-Length' => length($content));
     $req->content($content);
 
-    my $ua = LWP::UserAgent->new(protocols_allowed => ['https'], timeout => 30);
-    $ua->ssl_opts(verify_hostname => 0); # don't care
-
-    # HACK: LWP does not use proxy 'CONNECT' for https
-    local $ENV{PERL_NET_HTTPS_SSL_SOCKET_CLASS} = "Net::SSL";
-    local ($ENV{HTTPS_PROXY}, $ENV{HTTPS_PROXY_USERNAME}, $ENV{HTTPS_PROXY_PASSWORD});
+    my $ua = LWP::UserAgent->new( timeout => 30 );
 
     if ($proxy) {
-	# some proxies reject connection if UserAgent header is not set
-	Net::SSL::send_useragent_to_proxy(1);
-	($ENV{HTTPS_PROXY}, $ENV{HTTPS_PROXY_USERNAME}, $ENV{HTTPS_PROXY_PASSWORD}) =
-	    PVE::API2Tools::parse_http_proxy($proxy);
-	$ua->proxy(['http'], $proxy);
+	my ($host, $user, $passwd) =  PVE::API2Tools::parse_http_proxy($proxy);
+
+	$host = "$user:$passwd\@$host" if ($user && $passwd);
+
+	$ua->proxy('https', 'http://'.$host);
+
     } else {
 	$ua->env_proxy;
     }
@@ -344,7 +339,7 @@ __PACKAGE__->register_method ({
 	    my $age = time() -  $info->{checktime};
 	    return undef if $age < $localkeydays*60*60*24;
 	}
-	
+
 	my $key = $info->{key};
 
 	$info = check_subscription($key);
diff --git a/PVE/APLInfo.pm b/PVE/APLInfo.pm
index 16e60a5..a18cc1f 100644
--- a/PVE/APLInfo.pm
+++ b/PVE/APLInfo.pm
@@ -263,21 +263,20 @@ sub update {
 
     import_gpg_keys();
 
-    # ensure that always use the same socket class
-    local $ENV{PERL_NET_HTTPS_SSL_SOCKET_CLASS} = "IO::Socket::SSL";
-
-    # this code works for ftp and http
-    # always use passive ftp
-    local $ENV{FTP_PASSIVE} = 1;
     my $ua = LWP::UserAgent->new;
     $ua->agent("PVE/1.0");
 
+
     if ($proxy) {
-	$ua->proxy(['http', 'https'], $proxy);
+	my ($host, $user, $passwd) =  PVE::API2Tools::parse_http_proxy($proxy);
+
+	$host = "$user:$passwd\@$host" if ($user && $passwd);
+
+	$ua->proxy('https', 'http://'.$host);
+
     } else {
 	$ua->env_proxy;
     }
-
     my $urls = get_apl_sources();
 
     mkdir $aplinfodir;
-- 
2.1.4

More information about the pve-devel mailing list