summaryrefslogtreecommitdiffstats
path: root/scripts/oe-git-proxy
diff options
context:
space:
mode:
authorDarren Hart <dvhart@linux.intel.com>2013-02-08 22:27:22 (GMT)
committerRichard Purdie <richard.purdie@linuxfoundation.org>2013-02-11 22:54:04 (GMT)
commit0c988bfbb295c3f1e21ad30fab56c9d9fd7513c1 (patch)
treeea1bb492050a864f38097b273adb827d751c40af /scripts/oe-git-proxy
parentc7c9f6c1fc6306bd7a97dc699c8535b1762dff18 (diff)
downloadpoky-0c988bfbb295c3f1e21ad30fab56c9d9fd7513c1.tar.gz
oe-git-proxy: Add a new comprehensive git proxy script
oe-git-proxy.sh is a simple tool to be used via GIT_PROXY_COMMAND. It uses BSD netcat to make SOCKS5 or HTTPS proxy connections. It uses ALL_PROXY to determine the proxy server, protocol, and port. It uses NO_PROXY to skip using the proxy for a comma delimited list of hosts, host globs (*.example.com), IPs, or CIDR masks (192.168.1.0/24). It is known to work with both bash and dash shells. V2: Implement recommendations by Enrico Scholz: o Use exec for the nc calls o Use "$@" instead of $* to avoid quoting issues inherent with $* o Use bash explicitly and simplify some of the string manipulations Also: o Drop the .sh in the name per Otavio Salvador o Remove a stray debug statement V3: Implement recommendations by Otavio Salvador o GPL license blurb o Fix minor typo in comment block (From OE-Core rev: 62867f56da0e0904f0108f113324c2432659fbac) Signed-off-by: Darren Hart <dvhart@linux.intel.com> Cc: Enrico Scholz <enrico.scholz@sigma-chemnitz.de> Cc: Otavio Salvador <otavio@ossystems.com.br> git-proxy cleanup Signed-off-by: Darren Hart <dvhart@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'scripts/oe-git-proxy')
-rwxr-xr-xscripts/oe-git-proxy138
1 files changed, 138 insertions, 0 deletions
diff --git a/scripts/oe-git-proxy b/scripts/oe-git-proxy
new file mode 100755
index 0000000..4c2f179
--- /dev/null
+++ b/scripts/oe-git-proxy
@@ -0,0 +1,138 @@
1#!/bin/bash
2
3# oe-git-proxy is a simple tool to be via GIT_PROXY_COMMAND. It uses BSD netcat
4# to make SOCKS5 or HTTPS proxy connections. It uses ALL_PROXY to determine the
5# proxy server, protocol, and port. It uses NO_PROXY to skip using the proxy for
6# a comma delimited list of hosts, host globs (*.example.com), IPs, or CIDR
7# masks (192.168.1.0/24). It is known to work with both bash and dash shells.
8#
9# BSD netcat is provided by netcat-openbsd on Ubuntu and nc on Fedora.
10#
11# Example ALL_PROXY values:
12# ALL_PROXY=socks://socks.example.com:1080
13# ALL_PROXY=https://proxy.example.com:8080
14#
15# Copyright (c) 2013, Intel Corporation.
16# All rights reserved.
17#
18# This program is free software; you can redistribute it and/or modify
19# it under the terms of the GNU General Public License as published by
20# the Free Software Foundation; either version 2 of the License, or
21# (at your option) any later version.
22#
23# This program is distributed in the hope that it will be useful,
24# but WITHOUT ANY WARRANTY; without even the implied warranty of
25# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26# GNU General Public License for more details.
27#
28# You should have received a copy of the GNU General Public License
29# along with this program; if not, write to the Free Software
30# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
31#
32# AUTHORS
33# Darren Hart <dvhart@linux.intel.com>
34
35# Locate the netcat binary
36NC=$(which nc 2>/dev/null)
37if [ $? -ne 0 ]; then
38 echo "ERROR: nc binary not in PATH"
39 exit 1
40fi
41METHOD=""
42
43# Test for a valid IPV4 quad with optional bitmask
44valid_ipv4() {
45 echo $1 | egrep -q "^([1-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])(\.([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}(/(3[0-2]|[1-2]?[0-9]))?$"
46 return $?
47}
48
49# Convert an IPV4 address into a 32bit integer
50ipv4_val() {
51 IP="$1"
52 SHIFT=24
53 VAL=0
54 for B in ${IP//./ }; do
55 VAL=$(($VAL+$(($B<<$SHIFT))))
56 SHIFT=$(($SHIFT-8))
57 done
58 echo "$VAL"
59}
60
61# Determine if two IPs are equivalent, or if the CIDR contains the IP
62match_ipv4() {
63 CIDR=$1
64 IP=$2
65
66 if [ -z "${IP%%$CIDR}" ]; then
67 return 0
68 fi
69
70 # Determine the mask bitlength
71 BITS=${CIDR##*/}
72 if [ -z "$BITS" ]; then
73 return 1
74 fi
75
76 IPVAL=$(ipv4_val $IP)
77 IP2VAL=$(ipv4_val ${CIDR%%/*})
78
79 # OR in the unmasked bits
80 for i in $(seq 0 $((32-$BITS))); do
81 IP2VAL=$(($IP2VAL|$((1<<$i))))
82 IPVAL=$(($IPVAL|$((1<<$i))))
83 done
84
85 if [ $IPVAL -eq $IP2VAL ]; then
86 return 0
87 fi
88 return 1
89}
90
91# Test to see if GLOB matches HOST
92match_host() {
93 HOST=$1
94 GLOB=$2
95
96 if [ -z "${HOST%%$GLOB}" ]; then
97 return 0
98 fi
99
100 # Match by netmask
101 if valid_ipv4 $GLOB; then
102 HOST_IP=$(gethostip -d $HOST)
103 if valid_ipv4 $HOST_IP; then
104 match_ipv4 $GLOB $HOST_IP
105 if [ $? -eq 0 ]; then
106 return 0
107 fi
108 fi
109 fi
110
111 return 1
112}
113
114# If no proxy is set, just connect directly
115if [ -z "$ALL_PROXY" ]; then
116 exec $NC -X connect "$@"
117fi
118
119# Connect directly to hosts in NO_PROXY
120for H in ${NO_PROXY//,/ }; do
121 if match_host $1 $H; then
122 METHOD="-X connect"
123 break
124 fi
125done
126
127if [ -z "$METHOD" ]; then
128 # strip the protocol and the trailing slash
129 PROTO=$(echo $ALL_PROXY | sed -e 's/\([^:]*\):\/\/.*/\1/')
130 PROXY=$(echo $ALL_PROXY | sed -e 's/.*:\/\/\([^:]*:[0-9]*\).*/\1/')
131 if [ "$PROTO" = "socks" ]; then
132 METHOD="-X 5 -x $PROXY"
133 elif [ "$PROTO" = "https" ]; then
134 METHOD="-X connect -x $PROXY"
135 fi
136fi
137
138exec $NC $METHOD "$@"