Re: [dev] Libcloud behind ISA Proxy

Tue, 08 Jul 2014 00:58:19 -0700 

Hi Cedric,

I ran into the same issue and patched libcloud.httplib_ssl.  I’ve included the 
code snippets below.  The proxy I use doesn’t require authentication but 
hopefully you can adapt to make it do what you need.  I tested with Python 2.7 
- may need tweaking for Python 3.

Cheers,
Phil


I modified the LibcloudHTTPSConnection.__init__ to pick up the proxy settings 
from the environment:


class LibcloudHTTPSConnection(httplib.HTTPSConnection):
    """
    LibcloudHTTPSConnection

    Subclass of HTTPSConnection which verifies certificate names
    if and only if CA certificates are available.
    """
    verify = True         # verify by default
    ca_cert = None        # no default CA Certificate

    def __init__(self, *args, **kwargs):
        """
        Constructor
        """
        self._setup_verify()
        httplib.HTTPSConnection.__init__(self, *args, **kwargs)
        
        # Support for HTTPS Proxy
        if 'https_proxy' in os.environ:
            from urlparse import urlparse

            self.set_tunnel(self.host, port=self.port)

            proxy_host = urlparse(os.environ['https_proxy']).netloc
            self._set_hostport(proxy_host, None)

.
.
.

And then modified the connect call to use the tunnel:


    def connect(self):
        """
        Connect

        Checks if verification is toggled; if not, just call
        httplib.HTTPSConnection's connect
        """
        if not self.verify:
            return httplib.HTTPSConnection.connect(self)

        # otherwise, create a connection and verify the hostname
        # use socket.create_connection (in 2.6+) if possible
        if getattr(socket, 'create_connection', None):
            sock = socket.create_connection((self.host, self.port),
                                            self.timeout)
        else:
            sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            sock.connect((self.host, self.port))
            
        # Support for HTTPS Proxy
        if self._tunnel_host:
            self.sock = sock
            self._tunnel()

        self.sock = ssl.wrap_socket(sock,
                                    self.key_file,
                                    self.cert_file,
                                    cert_reqs=ssl.CERT_REQUIRED,
                                    ca_certs=self.ca_cert,
                                    ssl_version=ssl.PROTOCOL_TLSv1)
        cert = self.sock.getpeercert()
        if not self._verify_hostname(self.host, cert):
            raise ssl.SSLError('Failed to verify hostname')


On 8 Jul 2014, at 07:23, Cedric Lebrun <[email protected]> wrote:

> Hi All,
> 
> I try to use Libcloud to connect to EC2.
> My environments (CentOS 6.5 and Ubuntu 14.04) are behind a proxy server that 
> requires authentication (MS ISA Proxy Server).
> I tried with defining environment variables HTTP_PROXY and HTTPS_PROXY, but 
> still doesn't work.
> Is there a way to set a proxy and proxy credentials directly using Libcloud ? 
> Or should I have to patch the http_lib to implement UrlLib2 ProxyHandler ?
> 
> Thanks for your help,
> CL

--
Scanned by iCritical.

Reply via email to