From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id C345470A23 for ; Fri, 14 May 2021 15:45:38 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id A37BA17AED for ; Fri, 14 May 2021 15:45:08 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 3938317A71 for ; Fri, 14 May 2021 15:45:07 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 12BFE46570 for ; Fri, 14 May 2021 15:45:07 +0200 (CEST) From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= To: pbs-devel@lists.proxmox.com Date: Fri, 14 May 2021 15:44:44 +0200 Message-Id: <20210514134457.1447930-9-f.gruenbichler@proxmox.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210514134457.1447930-1-f.gruenbichler@proxmox.com> References: <20210514134457.1447930-1-f.gruenbichler@proxmox.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.015 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [mod.rs] Subject: [pbs-devel] [PATCH proxmox 08/13] http: takeover ProxyConfig from proxmox_backup X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 May 2021 13:45:38 -0000 adapted to use moved build_authority helper. Signed-off-by: Fabian Grünbichler --- proxmox-http/Cargo.toml | 2 +- proxmox-http/src/http/mod.rs | 4 +- proxmox-http/src/http/proxy_config.rs | 84 +++++++++++++++++++++++++++ 3 files changed, 88 insertions(+), 2 deletions(-) create mode 100644 proxmox-http/src/http/proxy_config.rs diff --git a/proxmox-http/Cargo.toml b/proxmox-http/Cargo.toml index 6b2d8db..9c6fc35 100644 --- a/proxmox-http/Cargo.toml +++ b/proxmox-http/Cargo.toml @@ -27,5 +27,5 @@ proxmox = { path = "../proxmox", optional = true, version = "0.11.3", default-fe default = [] client = [ "http-helpers" ] -http-helpers = [ "http", "hyper", "tokio/io-util", "tokio-openssl" ] +http-helpers = [ "base64", "http", "hyper", "tokio/io-util", "tokio-openssl", "proxmox" ] websocket = [ "base64", "futures", "hyper", "openssl", "proxmox/tokio", "tokio/io-util", "tokio/sync" ] diff --git a/proxmox-http/src/http/mod.rs b/proxmox-http/src/http/mod.rs index 4960246..055648e 100644 --- a/proxmox-http/src/http/mod.rs +++ b/proxmox-http/src/http/mod.rs @@ -1,5 +1,7 @@ mod wrapper; - pub use wrapper::MaybeTlsStream; pub mod helpers; + +mod proxy_config; +pub use proxy_config::ProxyConfig; diff --git a/proxmox-http/src/http/proxy_config.rs b/proxmox-http/src/http/proxy_config.rs new file mode 100644 index 0000000..7e93a47 --- /dev/null +++ b/proxmox-http/src/http/proxy_config.rs @@ -0,0 +1,84 @@ +use anyhow::{Error, format_err, bail}; + +use http::Uri; + +use crate::http::helpers; + +/// HTTP Proxy Configuration +#[derive(Clone)] +pub struct ProxyConfig { + pub host: String, + pub port: u16, + pub authorization: Option, // user:pass + pub force_connect: bool, +} + +impl ProxyConfig { + /// Parse proxy config from ALL_PROXY environment var + pub fn from_proxy_env() -> Result, Error> { + + // We only support/use ALL_PROXY environment + + match std::env::var_os("ALL_PROXY") { + None => return Ok(None), + Some(all_proxy) => { + let all_proxy = match all_proxy.to_str() { + Some(s) => String::from(s), + None => bail!("non UTF-8 content in env ALL_PROXY"), + }; + if all_proxy.is_empty() { + return Ok(None); + } + let config = Self::parse_proxy_url(&all_proxy)?; + Ok(Some(config)) + } + } + } + + /// Parse proxy configuration string [http://][:port] + /// + /// Default port is 1080 (like curl) + pub fn parse_proxy_url(http_proxy: &str) -> Result { + proxmox::try_block!({ + let proxy_uri: Uri = http_proxy.parse()?; + let proxy_authority = match proxy_uri.authority() { + Some(authority) => authority, + None => bail!("missing proxy authority"), + }; + let host = proxy_authority.host().to_owned(); + let port = match proxy_uri.port() { + Some(port) => port.as_u16(), + None => 1080, // CURL default port + }; + + match proxy_uri.scheme_str() { + Some("http") => { /* Ok */ } + Some(scheme) => bail!("unsupported proxy scheme '{}'", scheme), + None => { /* assume HTTP */ } + } + + let authority_vec: Vec<&str> = proxy_authority.as_str().rsplitn(2, '@').collect(); + let authorization = if authority_vec.len() == 2 { + Some(authority_vec[1].to_string()) + } else { + None + }; + + Ok(ProxyConfig { + host, + port, + authorization, + force_connect: false, + }) + }).map_err(|err| format_err!("parse_proxy_url failed: {}", err)) + } + + /// Assemble canonical proxy string (including scheme and port) + pub fn to_proxy_string(&self) -> Result { + let authority = helpers::build_authority(&self.host, self.port)?; + Ok(match self.authorization { + None => format!("http://{}", authority), + Some(ref authorization) => format!("http://{}@{}", authorization, authority) + }) + } +} -- 2.20.1