From 5fd06e28756b69b7fda96658c0eec7902cef4bed Mon Sep 17 00:00:00 2001 From: Bartosz Wieczorek Date: Wed, 18 Jun 2025 09:40:06 +0200 Subject: [PATCH] change proxy configuration parameters names --- PAM/ssh/include/rublon/check_application.hpp | 4 +- PAM/ssh/include/rublon/configuration.hpp | 41 +++++++++++++------- PAM/ssh/include/rublon/curl.hpp | 6 +-- PAM/ssh/include/rublon/websockets.hpp | 6 +-- 4 files changed, 35 insertions(+), 22 deletions(-) diff --git a/PAM/ssh/include/rublon/check_application.hpp b/PAM/ssh/include/rublon/check_application.hpp index 3ec04ef..31f8b7f 100644 --- a/PAM/ssh/include/rublon/check_application.hpp +++ b/PAM/ssh/include/rublon/check_application.hpp @@ -201,9 +201,9 @@ class Status { updateRublonConfigParameter("nonInteractiveMode", config.nonInteractiveMode); updateRublonConfigParameter("proxyType", config.proxyType); - updateRublonConfigParameter("proxyServer", config.proxyServer); + updateRublonConfigParameter("proxyHost", config.proxyHost); updateRublonConfigParameter("proxyUsername", config.proxyUsername); - updateRublonConfigParameter("proxyPass", config.proxyPass); + updateRublonConfigParameter("proxyPassword", config.proxyPass); updateRublonConfigParameter("proxyPort", config.proxyPort); updateRublonConfigParameter("proxyAuthRequired", config.proxyAuthRequired); diff --git a/PAM/ssh/include/rublon/configuration.hpp b/PAM/ssh/include/rublon/configuration.hpp index 240a8e3..e294adf 100644 --- a/PAM/ssh/include/rublon/configuration.hpp +++ b/PAM/ssh/include/rublon/configuration.hpp @@ -33,7 +33,7 @@ class Configuration { bool nonInteractiveMode{}; std::optional< std::pmr::string > proxyType{memoryResource}; - std::optional< std::pmr::string > proxyServer{memoryResource}; + std::optional< std::pmr::string > proxyHost{memoryResource}; std::optional< std::pmr::string > proxyUsername{memoryResource}; std::optional< std::pmr::string > proxyPass{memoryResource}; std::optional< int > proxyPort{}; @@ -108,7 +108,7 @@ class ConfigurationReader { }; auto getBool = [&](const string & key) -> std::optional< bool > { - memory::MonotonicStackResource< 64 > memoryResource; + memory::MonotonicStackResource< 32 > memoryResource; auto it = keyValues.find(key); if(it == keyValues.end()) return std::nullopt; @@ -142,10 +142,8 @@ class ConfigurationReader { return std::nullopt; }; - auto parseProxyURL = [&](const char * envValue) -> bool { + auto parseProxyURL = [&](std::string_view url) -> bool { // Very simple parser: scheme://[user[:pass]@]host[:port] - std::string_view url = envValue; - std::string_view scheme{}; std::string_view auth{}; std::string_view hostport{}; @@ -176,7 +174,7 @@ class ConfigurationReader { config.proxyEnabled = true; config.proxyType = scheme; - config.proxyServer = host; + config.proxyHost = host; if(!port_str.empty()) { config.proxyPort = conv::to_uint32opt(port_str); @@ -241,17 +239,16 @@ class ConfigurationReader { // reading proxy configuration config.proxyEnabled = getBool("proxyEnabled").value_or(false); config.proxyType = getStringOpt("proxyType"); - config.proxyServer = getStringOpt("proxyServer"); + config.proxyHost = getStringOpt("proxyHost"); // Apply fallback if no config is set - if(config.proxyEnabled && (!config.proxyType || config.proxyType->empty()) && - (!config.proxyServer || config.proxyServer->empty())) { + if(config.proxyEnabled && (!config.proxyType || config.proxyType->empty()) && (!config.proxyHost || config.proxyHost->empty())) { log(LogLevel::Info, "Proxy is enabled but no configuration for it is provided, trying to read from env"); - if(const char * https_proxy = std::getenv("https_proxy"); https_proxy && *https_proxy) { + if(auto https_proxy = std::getenv("https_proxy"); https_proxy && *https_proxy) { if(parseProxyURL(https_proxy)) { log(LogLevel::Info, "Loaded proxy config from HTTPS_PROXY"); } - } else if(const char * http_proxy = std::getenv("http_proxy"); http_proxy && *http_proxy) { + } else if(auto http_proxy = std::getenv("http_proxy"); http_proxy && *http_proxy) { if(parseProxyURL(http_proxy)) { log(LogLevel::Info, "Loaded proxy config from HTTP_PROXY"); } @@ -263,14 +260,14 @@ class ConfigurationReader { log(LogLevel::Error, "Proxy is enabled but proxy type is not present or empty"); return tl::unexpected{ConfigurationError::ErrorClass::BadConfiguration}; } - if(not config.proxyServer or config.proxyServer->empty()) { + if(not config.proxyHost or config.proxyHost->empty()) { log(LogLevel::Error, "Proxy is enabled but proxy server is not present or empty"); return tl::unexpected{ConfigurationError::ErrorClass::BadConfiguration}; } } config.proxyAuthRequired = getBool("proxyAuthRequired").value_or(false); config.proxyUsername = getStringOpt("proxyUsername"); - config.proxyPass = getStringOpt("proxyPass"); + config.proxyPass = getStringOpt("proxyPassword"); if(config.proxyAuthRequired) { if(not config.proxyUsername or config.proxyUsername->empty()) { log(LogLevel::Error, "Proxy auth is required but proxy proxy username is not present or empty"); @@ -284,7 +281,23 @@ class ConfigurationReader { } } - config.proxyPort = getInt("proxyPort").value_or(8080); + auto defaultProxyPort = [&]() -> int { + memory::MonotonicStackResource< 32 > memoryResource; + + if(config.proxyType) { + std::pmr::string val{*config.proxyType, &memoryResource}; + std::transform(val.begin(), val.end(), val.begin(), [](unsigned char c) { return static_cast< char >(std::tolower(c)); }); + if(val == "socks") { + return 1080; + } + } + return 8080; + }; + + if(config.proxyEnabled and not config.proxyPort) { + config.proxyPort = getInt("proxyPort").value_or(defaultProxyPort()); + } + return true; } diff --git a/PAM/ssh/include/rublon/curl.hpp b/PAM/ssh/include/rublon/curl.hpp index 09cc2c7..4e7b7fc 100644 --- a/PAM/ssh/include/rublon/curl.hpp +++ b/PAM/ssh/include/rublon/curl.hpp @@ -86,16 +86,16 @@ class CURL { if(conf().proxyEnabled) { // configuration reader check if proxy has needed fields assert(conf().proxyType.has_value()); - assert(conf().proxyServer.has_value()); + assert(conf().proxyHost.has_value()); log(LogLevel::Debug, "CURL using proxy"); std::pmr::string proxyUrl{&memoryResource}; - proxyUrl.reserve(conservative_estimate(conf().proxyType, conf().proxyServer, conf().proxyPort) + 10); + proxyUrl.reserve(conservative_estimate(conf().proxyType, conf().proxyHost, conf().proxyPort) + 10); if(conf().proxyType == "http" || conf().proxyType == "https" || conf().proxyType == "socks4" || conf().proxyType == "socks5") { proxyUrl = *conf().proxyType; proxyUrl += "://"; - proxyUrl += *conf().proxyServer; + proxyUrl += *conf().proxyHost; if(conf().proxyPort.value_or(0) > 0) { proxyUrl += ":"; proxyUrl += std::to_string(*conf().proxyPort); diff --git a/PAM/ssh/include/rublon/websockets.hpp b/PAM/ssh/include/rublon/websockets.hpp index bead9a8..418498a 100644 --- a/PAM/ssh/include/rublon/websockets.hpp +++ b/PAM/ssh/include/rublon/websockets.hpp @@ -75,12 +75,12 @@ class WebSocket { if(cfg.proxyEnabled && (cfg.proxyType == "http" || cfg.proxyType == "https")) { assert(cfg.proxyType.has_value()); - assert(cfg.proxyServer.has_value()); + assert(cfg.proxyHost.has_value()); log(LogLevel::Debug, "WebSocket using proxy"); memory::Monotonic_8k_Resource memoryResource; std::pmr::string proxyUrl{&memoryResource}; - proxyUrl.reserve(conservative_estimate(cfg.proxyUsername, cfg.proxyPass, cfg.proxyServer, cfg.proxyPort) + 10); + proxyUrl.reserve(conservative_estimate(cfg.proxyUsername, cfg.proxyPass, cfg.proxyHost, cfg.proxyPort) + 10); proxyUrl += cfg.proxyType->data(); proxyUrl += "://"; @@ -92,7 +92,7 @@ class WebSocket { proxyUrl += "@"; } - proxyUrl += *cfg.proxyServer; + proxyUrl += *cfg.proxyHost; if(cfg.proxyPort.value_or(0) > 0) { proxyUrl += ":"; proxyUrl += std::to_string(*cfg.proxyPort);