From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id DF24670AE0 for ; Fri, 14 May 2021 15:46:08 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 519E717CB3 for ; Fri, 14 May 2021 15:45:17 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 95FAD17CA8 for ; Fri, 14 May 2021 15:45:16 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 6C53646568 for ; Fri, 14 May 2021 15:45:16 +0200 (CEST) From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= To: pbs-devel@lists.proxmox.com Date: Fri, 14 May 2021 15:44:54 +0200 Message-Id: <20210514134457.1447930-19-f.gruenbichler@proxmox.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210514134457.1447930-1-f.gruenbichler@proxmox.com> References: <20210514134457.1447930-1-f.gruenbichler@proxmox.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.012 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [mod.rs, http.rs, node.rs, apt.rs] Subject: [pbs-devel] [PATCH proxmox-backup 5/8] move ProxyConfig to proxmox_http X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 May 2021 13:46:08 -0000 Signed-off-by: Fabian Grünbichler --- Notes: requires proxmox patch #7 & #8 src/api2/node/apt.rs | 4 +- src/api2/types/mod.rs | 2 +- src/config/node.rs | 3 +- src/tools/http.rs | 82 +-------------------------------- src/tools/simple_http_client.rs | 4 +- 5 files changed, 10 insertions(+), 85 deletions(-) diff --git a/src/api2/node/apt.rs b/src/api2/node/apt.rs index c149a14b..120d5339 100644 --- a/src/api2/node/apt.rs +++ b/src/api2/node/apt.rs @@ -7,9 +7,11 @@ use proxmox::api::{api, RpcEnvironment, RpcEnvironmentType, Permission}; use proxmox::api::router::{Router, SubdirMap}; use proxmox::tools::fs::{replace_file, CreateOptions}; +use proxmox_http::http::ProxyConfig; + use crate::config::node; use crate::server::WorkerTask; -use crate::tools::{apt, SimpleHttp, http::ProxyConfig, subscription}; +use crate::tools::{apt, SimpleHttp, subscription}; use crate::config::acl::{PRIV_SYS_AUDIT, PRIV_SYS_MODIFY}; use crate::api2::types::{Authid, APTUpdateInfo, NODE_SCHEMA, UPID_SCHEMA}; diff --git a/src/api2/types/mod.rs b/src/api2/types/mod.rs index e42083f0..26b99790 100644 --- a/src/api2/types/mod.rs +++ b/src/api2/types/mod.rs @@ -1660,7 +1660,7 @@ pub struct NodeStatus { pub const HTTP_PROXY_SCHEMA: Schema = StringSchema::new( "HTTP proxy configuration [http://][:port]") .format(&ApiStringFormat::VerifyFn(|s| { - crate::tools::http::ProxyConfig::parse_proxy_url(s)?; + proxmox_http::http::ProxyConfig::parse_proxy_url(s)?; Ok(()) })) .min_length(1) diff --git a/src/config/node.rs b/src/config/node.rs index e818e47e..b003ae01 100644 --- a/src/config/node.rs +++ b/src/config/node.rs @@ -10,11 +10,12 @@ use proxmox::api::api; use proxmox::api::schema::{ApiStringFormat, Updater}; use proxmox::tools::fs::{replace_file, CreateOptions}; +use proxmox_http::http::ProxyConfig; + use crate::acme::AcmeClient; use crate::api2::types::{ AcmeAccountName, AcmeDomain, ACME_DOMAIN_PROPERTY_SCHEMA, HTTP_PROXY_SCHEMA, }; -use crate::tools::http::ProxyConfig; const CONF_FILE: &str = configdir!("/node.cfg"); const LOCK_FILE: &str = configdir!("/.node.lck"); diff --git a/src/tools/http.rs b/src/tools/http.rs index a6b92aad..b99d26a1 100644 --- a/src/tools/http.rs +++ b/src/tools/http.rs @@ -19,7 +19,7 @@ use tokio::{ use tokio_openssl::SslStream; use proxmox::sys::linux::socket::set_tcp_keepalive; -use proxmox_http::http::MaybeTlsStream; +use proxmox_http::http::{MaybeTlsStream, ProxyConfig}; // Build a http::uri::Authority ("host:port"), use '[..]' around IPv6 addresses pub(crate) fn build_authority(host: &str, port: u16) -> Result { @@ -33,86 +33,6 @@ pub(crate) fn build_authority(host: &str, port: u16) -> Result Ok(authority) } -/// HTTP Proxy Configuration -#[derive(Clone)] -pub struct ProxyConfig { - pub host: String, - pub port: u16, - pub authorization: Option, // user:pass - pub force_connect: bool, -} - -impl ProxyConfig { - - /// Parse proxy config from ALL_PROXY environment var - pub fn from_proxy_env() -> Result, Error> { - - // We only support/use ALL_PROXY environment - - match std::env::var_os("ALL_PROXY") { - None => return Ok(None), - Some(all_proxy) => { - let all_proxy = match all_proxy.to_str() { - Some(s) => String::from(s), - None => bail!("non UTF-8 content in env ALL_PROXY"), - }; - if all_proxy.is_empty() { - return Ok(None); - } - let config = Self::parse_proxy_url(&all_proxy)?; - Ok(Some(config)) - } - } - } - - /// Parse proxy configuration string [http://][:port] - /// - /// Default port is 1080 (like curl) - pub fn parse_proxy_url(http_proxy: &str) -> Result { - proxmox::try_block!({ - let proxy_uri: Uri = http_proxy.parse()?; - let proxy_authority = match proxy_uri.authority() { - Some(authority) => authority, - None => bail!("missing proxy authority"), - }; - let host = proxy_authority.host().to_owned(); - let port = match proxy_uri.port() { - Some(port) => port.as_u16(), - None => 1080, // CURL default port - }; - - match proxy_uri.scheme_str() { - Some("http") => { /* Ok */ } - Some(scheme) => bail!("unsupported proxy scheme '{}'", scheme), - None => { /* assume HTTP */ } - } - - let authority_vec: Vec<&str> = proxy_authority.as_str().rsplitn(2, '@').collect(); - let authorization = if authority_vec.len() == 2 { - Some(authority_vec[1].to_string()) - } else { - None - }; - - Ok(ProxyConfig { - host, - port, - authorization, - force_connect: false, - }) - }).map_err(|err| format_err!("parse_proxy_url failed: {}", err)) - } - - /// Assemble canonical proxy string (including scheme and port) - pub fn to_proxy_string(&self) -> Result { - let authority = build_authority(&self.host, self.port)?; - Ok(match self.authorization { - None => format!("http://{}", authority), - Some(ref authorization) => format!("http://{}@{}", authorization, authority) - }) - } -} - #[derive(Clone)] pub struct HttpsConnector { connector: HttpConnector, diff --git a/src/tools/simple_http_client.rs b/src/tools/simple_http_client.rs index 1e399267..729711c8 100644 --- a/src/tools/simple_http_client.rs +++ b/src/tools/simple_http_client.rs @@ -7,8 +7,10 @@ use http::{Request, Response, HeaderValue}; use openssl::ssl::{SslConnector, SslMethod}; use futures::*; +use proxmox_http::http::ProxyConfig; + use crate::tools::PROXMOX_BACKUP_TCP_KEEPALIVE_TIME; -use crate::tools::http::{HttpsConnector, ProxyConfig}; +use crate::tools::http::HttpsConnector; /// Asyncrounous HTTP client implementation pub struct SimpleHttp { -- 2.20.1