[pve-devel] [PATCH debcargo-conf] ureq: add https-proxy-support patch
Mira Limbeck
m.limbeck at proxmox.com
Fri Apr 15 14:27:23 CEST 2022
Signed-off-by: Mira Limbeck <m.limbeck at proxmox.com>
---
upstream pull request:
https://github.com/algesten/ureq/pull/495
.../patches/add-https-proxy-support.patch | 231 ++++++++++++++++++
src/ureq/debian/patches/series | 1 +
2 files changed, 232 insertions(+)
create mode 100644 src/ureq/debian/patches/add-https-proxy-support.patch
create mode 100644 src/ureq/debian/patches/series
diff --git a/src/ureq/debian/patches/add-https-proxy-support.patch b/src/ureq/debian/patches/add-https-proxy-support.patch
new file mode 100644
index 00000000..84f00116
--- /dev/null
+++ b/src/ureq/debian/patches/add-https-proxy-support.patch
@@ -0,0 +1,231 @@
+diff --git a/src/lib.rs b/src/lib.rs
+index 731845c..1afb2e4 100644
+--- a/src/lib.rs
++++ b/src/lib.rs
+@@ -356,8 +356,7 @@ pub(crate) fn default_tls_config() -> std::sync::Arc<dyn TlsConnector> {
+ // calls at the top of the crate (`ureq::get` etc).
+ #[cfg(not(feature = "tls"))]
+ pub(crate) fn default_tls_config() -> std::sync::Arc<dyn TlsConnector> {
+- use crate::stream::HttpsStream;
+- use std::net::TcpStream;
++ use crate::stream::{HttpsStream, Stream};
+ use std::sync::Arc;
+
+ struct NoTlsConfig;
+@@ -366,7 +365,7 @@ pub(crate) fn default_tls_config() -> std::sync::Arc<dyn TlsConnector> {
+ fn connect(
+ &self,
+ _dns_name: &str,
+- _tcp_stream: TcpStream,
++ _tcp_stream: Stream,
+ ) -> Result<Box<dyn HttpsStream>, crate::error::Error> {
+ Err(ErrorKind::UnknownScheme
+ .msg("cannot make HTTPS request because no TLS backend is configured"))
+diff --git a/src/ntls.rs b/src/ntls.rs
+index 1dceffe..6742c36 100644
+--- a/src/ntls.rs
++++ b/src/ntls.rs
+@@ -1,6 +1,6 @@
+ use crate::error::Error;
+ use crate::error::ErrorKind;
+-use crate::stream::{HttpsStream, TlsConnector};
++use crate::stream::{HttpsStream, Stream, TlsConnector};
+
+ use std::net::TcpStream;
+ use std::sync::Arc;
+@@ -11,11 +11,7 @@ pub(crate) fn default_tls_config() -> std::sync::Arc<dyn TlsConnector> {
+ }
+
+ impl TlsConnector for native_tls::TlsConnector {
+- fn connect(
+- &self,
+- dns_name: &str,
+- tcp_stream: TcpStream,
+- ) -> Result<Box<dyn HttpsStream>, Error> {
++ fn connect(&self, dns_name: &str, tcp_stream: Stream) -> Result<Box<dyn HttpsStream>, Error> {
+ let stream =
+ native_tls::TlsConnector::connect(self, dns_name, tcp_stream).map_err(|e| {
+ ErrorKind::ConnectionFailed
+@@ -28,8 +24,8 @@ impl TlsConnector for native_tls::TlsConnector {
+ }
+
+ #[cfg(feature = "native-tls")]
+-impl HttpsStream for native_tls::TlsStream<TcpStream> {
++impl HttpsStream for native_tls::TlsStream<Stream> {
+ fn socket(&self) -> Option<&TcpStream> {
+- Some(self.get_ref())
++ self.get_ref().socket()
+ }
+ }
+diff --git a/src/proxy.rs b/src/proxy.rs
+index 3631055..547667c 100644
+--- a/src/proxy.rs
++++ b/src/proxy.rs
+@@ -4,6 +4,7 @@ use crate::error::{Error, ErrorKind};
+ #[derive(Clone, Copy, Debug, Eq, Hash, PartialEq)]
+ pub enum Proto {
+ HTTPConnect,
++ HTTPSConnect,
+ SOCKS4,
+ SOCKS4A,
+ SOCKS5,
+@@ -90,6 +91,7 @@ impl Proxy {
+ let proto = if proxy_parts.len() == 2 {
+ match proxy_parts.next() {
+ Some("http") => Proto::HTTPConnect,
++ Some("https") => Proto::HTTPSConnect,
+ Some("socks4") => Proto::SOCKS4,
+ Some("socks4a") => Proto::SOCKS4A,
+ Some("socks") => Proto::SOCKS5,
+diff --git a/src/rtls.rs b/src/rtls.rs
+index 3d1e8dd..ba7b900 100644
+--- a/src/rtls.rs
++++ b/src/rtls.rs
+@@ -7,7 +7,7 @@ use once_cell::sync::Lazy;
+
+ use crate::ErrorKind;
+ use crate::{
+- stream::{HttpsStream, TlsConnector},
++ stream::{HttpsStream, Stream, TlsConnector},
+ Error,
+ };
+
+@@ -26,11 +26,11 @@ fn is_close_notify(e: &std::io::Error) -> bool {
+ false
+ }
+
+-struct RustlsStream(rustls::StreamOwned<rustls::ClientConnection, TcpStream>);
++struct RustlsStream(rustls::StreamOwned<rustls::ClientConnection, Stream>);
+
+ impl HttpsStream for RustlsStream {
+ fn socket(&self) -> Option<&TcpStream> {
+- Some(self.0.get_ref())
++ self.0.get_ref().socket()
+ }
+ }
+
+@@ -93,7 +93,7 @@ impl TlsConnector for Arc<rustls::ClientConfig> {
+ fn connect(
+ &self,
+ dns_name: &str,
+- mut tcp_stream: TcpStream,
++ mut tcp_stream: Stream,
+ ) -> Result<Box<dyn HttpsStream>, Error> {
+ let sni = rustls::ServerName::try_from(dns_name)
+ .map_err(|e| ErrorKind::Dns.msg(format!("parsing '{}'", dns_name)).src(e))?;
+diff --git a/src/stream.rs b/src/stream.rs
+index a786ba5..ee09167 100644
+--- a/src/stream.rs
++++ b/src/stream.rs
+@@ -11,6 +11,8 @@ use chunked_transfer::Decoder as ChunkDecoder;
+ #[cfg(feature = "socks-proxy")]
+ use socks::{TargetAddr, ToTargetAddr};
+
++#[cfg(not(feature = "native-tls"))]
++use crate::default_tls_config;
+ use crate::proxy::Proxy;
+ use crate::{error::Error, proxy::Proto};
+
+@@ -25,11 +27,11 @@ pub trait TlsConnector: Send + Sync {
+ fn connect(
+ &self,
+ dns_name: &str,
+- tcp_stream: TcpStream,
++ tcp_stream: Stream,
+ ) -> Result<Box<dyn HttpsStream>, crate::error::Error>;
+ }
+
+-pub(crate) struct Stream {
++pub struct Stream {
+ inner: BufReader<Box<dyn Inner + Send + Sync + 'static>>,
+ }
+
+@@ -323,7 +325,7 @@ pub(crate) fn connect_http(unit: &Unit, hostname: &str) -> Result<Stream, Error>
+ //
+ let port = unit.url.port().unwrap_or(80);
+
+- connect_host(unit, hostname, port).map(Stream::from_tcp_stream)
++ connect_host(unit, hostname, port)
+ }
+
+ pub(crate) fn connect_https(unit: &Unit, hostname: &str) -> Result<Stream, Error> {
+@@ -336,7 +338,7 @@ pub(crate) fn connect_https(unit: &Unit, hostname: &str) -> Result<Stream, Error
+ Ok(Stream::new(https_stream))
+ }
+
+-pub(crate) fn connect_host(unit: &Unit, hostname: &str, port: u16) -> Result<TcpStream, Error> {
++pub(crate) fn connect_host(unit: &Unit, hostname: &str, port: u16) -> Result<Stream, Error> {
+ let connect_deadline: Option<Instant> =
+ if let Some(timeout_connect) = unit.agent.config.timeout_connect {
+ Instant::now().checked_add(timeout_connect)
+@@ -375,7 +377,10 @@ pub(crate) fn connect_host(unit: &Unit, hostname: &str, port: u16) -> Result<Tcp
+ debug!("connecting to {} at {}", netloc, &sock_addr);
+
+ // connect with a configured timeout.
+- let stream = if None != proto && Some(Proto::HTTPConnect) != proto {
++ let stream = if None != proto
++ && Some(Proto::HTTPConnect) != proto
++ && Some(Proto::HTTPSConnect) != proto
++ {
+ connect_socks(
+ unit,
+ proxy.clone().unwrap(),
+@@ -399,7 +404,7 @@ pub(crate) fn connect_host(unit: &Unit, hostname: &str, port: u16) -> Result<Tcp
+ }
+ }
+
+- let mut stream = if let Some(stream) = any_stream {
++ let stream = if let Some(stream) = any_stream {
+ stream
+ } else if let Some(e) = any_err {
+ return Err(ErrorKind::ConnectionFailed.msg("Connect error").src(e));
+@@ -419,8 +424,33 @@ pub(crate) fn connect_host(unit: &Unit, hostname: &str, port: u16) -> Result<Tcp
+ stream.set_write_timeout(unit.agent.config.timeout_write)?;
+ }
+
+- if proto == Some(Proto::HTTPConnect) {
+- if let Some(ref proxy) = proxy {
++ if proto == Some(Proto::HTTPSConnect) || proto == Some(Proto::HTTPConnect) {
++ if let Some((mut stream, proxy)) = match (proto, proxy) {
++ (Some(Proto::HTTPSConnect), Some(ref proxy)) => {
++ let tls_conf;
++ #[cfg(feature = "native-tls")]
++ {
++ tls_conf = native_tls::TlsConnector::new().unwrap();
++ }
++ #[cfg(not(feature = "native-tls"))]
++ {
++ tls_conf = default_tls_config();
++ }
++ let proxy_conn = tls_conf
++ .connect(&proxy.server, Stream::from_tcp_stream(stream))
++ .unwrap();
++ Some((Stream::new(proxy_conn), proxy))
++ }
++ (Some(Proto::HTTPConnect), Some(ref proxy)) => {
++ Some((Stream::from_tcp_stream(stream), proxy))
++ }
++ _ => {
++ return Err(Error::new(
++ ErrorKind::ProxyConnect,
++ Some("No proxy defined, but proto set".into()),
++ ));
++ }
++ } {
+ write!(stream, "{}", proxy.connect(hostname, port)).unwrap();
+ stream.flush()?;
+
+@@ -436,10 +466,12 @@ pub(crate) fn connect_host(unit: &Unit, hostname: &str, port: u16) -> Result<Tcp
+ }
+
+ Proxy::verify_response(&proxy_response)?;
++ return Ok(stream);
+ }
++ panic!("should not reach here");
+ }
+
+- Ok(stream)
++ Ok(Stream::from_tcp_stream(stream))
+ }
+
+ #[cfg(feature = "socks-proxy")]
diff --git a/src/ureq/debian/patches/series b/src/ureq/debian/patches/series
new file mode 100644
index 00000000..8364d5c3
--- /dev/null
+++ b/src/ureq/debian/patches/series
@@ -0,0 +1 @@
+add-https-proxy-support.patch
--
2.30.2
More information about the pve-devel
mailing list