134 lines
2.8 KiB
Plaintext
134 lines
2.8 KiB
Plaintext
|
#!/bin/bash
|
||
|
|
|
||
|
|
# oe-git-proxy is a simple tool to be via GIT_PROXY_COMMAND. It uses socat
|
||
|
|
# to make SOCKS5 or HTTPS proxy connections. It uses ALL_PROXY to determine the
|
||
|
|
# proxy server, protocol, and port. It uses NO_PROXY to skip using the proxy for
|
||
|
|
# a comma delimited list of hosts, host globs (*.example.com), IPs, or CIDR
|
||
|
|
# masks (192.168.1.0/24). It is known to work with both bash and dash shells.
|
||
|
|
#
|
||
|
|
# Example ALL_PROXY values:
|
||
|
|
# ALL_PROXY=socks://socks.example.com:1080
|
||
|
|
# ALL_PROXY=https://proxy.example.com:8080
|
||
|
|
#
|
||
|
|
# Copyright (c) 2013, Intel Corporation.
|
||
|
|
# All rights reserved.
|
||
|
|
#
|
||
|
|
# AUTHORS
|
||
|
|
# Darren Hart <dvhart@linux.intel.com>
|
||
|
|
|
||
|
|
# Locate the netcat binary
|
||
|
|
SOCAT=$(which socat 2>/dev/null)
|
||
|
|
if [ $? -ne 0 ]; then
|
||
|
|
echo "ERROR: socat binary not in PATH"
|
||
|
|
exit 1
|
||
|
|
fi
|
||
|
|
METHOD=""
|
||
|
|
|
||
|
|
# Test for a valid IPV4 quad with optional bitmask
|
||
|
|
valid_ipv4() {
|
||
|
|
echo $1 | egrep -q "^([1-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])(\.([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}(/(3[0-2]|[1-2]?[0-9]))?$"
|
||
|
|
return $?
|
||
|
|
}
|
||
|
|
|
||
|
|
# Convert an IPV4 address into a 32bit integer
|
||
|
|
ipv4_val() {
|
||
|
|
IP="$1"
|
||
|
|
SHIFT=24
|
||
|
|
VAL=0
|
||
|
|
for B in ${IP//./ }; do
|
||
|
|
VAL=$(($VAL+$(($B<<$SHIFT))))
|
||
|
|
SHIFT=$(($SHIFT-8))
|
||
|
|
done
|
||
|
|
echo "$VAL"
|
||
|
|
}
|
||
|
|
|
||
|
|
# Determine if two IPs are equivalent, or if the CIDR contains the IP
|
||
|
|
match_ipv4() {
|
||
|
|
CIDR=$1
|
||
|
|
IP=$2
|
||
|
|
|
||
|
|
if [ -z "${IP%%$CIDR}" ]; then
|
||
|
|
return 0
|
||
|
|
fi
|
||
|
|
|
||
|
|
# Determine the mask bitlength
|
||
|
|
BITS=${CIDR##*/}
|
||
|
|
if [ -z "$BITS" ]; then
|
||
|
|
return 1
|
||
|
|
fi
|
||
|
|
|
||
|
|
IPVAL=$(ipv4_val $IP)
|
||
|
|
IP2VAL=$(ipv4_val ${CIDR%%/*})
|
||
|
|
|
||
|
|
# OR in the unmasked bits
|
||
|
|
for i in $(seq 0 $((32-$BITS))); do
|
||
|
|
IP2VAL=$(($IP2VAL|$((1<<$i))))
|
||
|
|
IPVAL=$(($IPVAL|$((1<<$i))))
|
||
|
|
done
|
||
|
|
|
||
|
|
if [ $IPVAL -eq $IP2VAL ]; then
|
||
|
|
return 0
|
||
|
|
fi
|
||
|
|
return 1
|
||
|
|
}
|
||
|
|
|
||
|
|
# Test to see if GLOB matches HOST
|
||
|
|
match_host() {
|
||
|
|
HOST=$1
|
||
|
|
GLOB=$2
|
||
|
|
|
||
|
|
if [ -z "${HOST%%$GLOB}" ]; then
|
||
|
|
return 0
|
||
|
|
fi
|
||
|
|
|
||
|
|
# Match by netmask
|
||
|
|
if valid_ipv4 $GLOB; then
|
||
|
|
HOST_IP=$(gethostip -d $HOST)
|
||
|
|
if valid_ipv4 $HOST_IP; then
|
||
|
|
match_ipv4 $GLOB $HOST_IP
|
||
|
|
if [ $? -eq 0 ]; then
|
||
|
|
return 0
|
||
|
|
fi
|
||
|
|
fi
|
||
|
|
fi
|
||
|
|
|
||
|
|
return 1
|
||
|
|
}
|
||
|
|
|
||
|
|
# If no proxy is set or needed, just connect directly
|
||
|
|
METHOD="TCP:$1:$2"
|
||
|
|
|
||
|
|
if [ -z "$ALL_PROXY" ]; then
|
||
|
|
exec $SOCAT STDIO $METHOD
|
||
|
|
fi
|
||
|
|
|
||
|
|
# Connect directly to hosts in NO_PROXY
|
||
|
|
for H in ${NO_PROXY//,/ }; do
|
||
|
|
if match_host $1 $H; then
|
||
|
|
exec $SOCAT STDIO $METHOD
|
||
|
|
fi
|
||
|
|
done
|
||
|
|
|
||
|
|
# Proxy is necessary, determine protocol, server, and port
|
||
|
|
PROTO=$(echo $ALL_PROXY | sed -e 's/\([^:]*\):\/\/.*/\1/')
|
||
|
|
PROXY=$(echo $ALL_PROXY | sed -e 's/.*:\/\/\([^:]*\).*/\1/')
|
||
|
|
PORT=$(echo $ALL_PROXY | sed -e 's/.*:\([0-9]*\)\/?$/\1/')
|
||
|
|
if [ "$PORT" = "$ALL_PROXY" ]; then
|
||
|
|
PORT=""
|
||
|
|
fi
|
||
|
|
|
||
|
|
if [ "$PROTO" = "socks" ]; then
|
||
|
|
if [ -z "$PORT" ]; then
|
||
|
|
PORT="1080"
|
||
|
|
fi
|
||
|
|
METHOD="SOCKS4A:$PROXY:$1:$2,socksport=$PORT"
|
||
|
|
else
|
||
|
|
# Assume PROXY (http, https, etc)
|
||
|
|
if [ -z "$PORT" ]; then
|
||
|
|
PORT="8080"
|
||
|
|
fi
|
||
|
|
METHOD="PROXY:$PROXY:$1:$2,proxyport=$PORT"
|
||
|
|
fi
|
||
|
|
|
||
|
|
exec $SOCAT STDIO $METHOD
|