Mailinglist Archive: opensuse-buildservice (193 mails)

< Previous Next >
Re: [opensuse-buildservice] Using osc behind a ssh tunnel
  • From: David Cournapeau <david@xxxxxxxxxxxxxxxxxxxxxx>
  • Date: Mon, 02 Apr 2007 16:52:42 +0900
  • Message-id: <4610B64A.6080802@xxxxxxxxxxxxxxxxxxxxxx>
Adrian Schröter wrote:
On Monday 02 April 2007 06:16:09 wrote David Cournapeau:
Hi there,

    Is there a way to use osc through a ssh tunnel ? The problem is that
my university's proxy configuration is causing all kind of problems (osc
connections hang up), and one way to avoid the proxy is to use a ssh
tunnel to one of the university's machine with direct access to the
internet.
    Basically, I would need to tell osc to connect to localhost at a
certain port, which would be redirected to api.opensuse.org:443 through
the ssh tunnel. In the $HOME/.oscrc, there is a comment about changing
api.opensuse.org to a different server, but without enough details to
make it work ?

Well, the api uses an https interface, but no ssh protocol.
The network configuration in my lab is a bit unusual: there is no DNS server, all connections are done through a proxy server. This is sometimes a pain, but has the nice side effect to trigger hidden bugs :) I already had some similar problems with bzr.

Normally, what I do is to create a ssh tunnel to the machine which has direct (eg no proxy) access to the internet. For example, with subversion, I do something like

ssh -NL 8888:svn.sourceforge.org:80 ssh_server

and after that, I do things like svn ls http://localhost:8888. If I could do that with osc, this would avoid the proxy problem.

However, when you have no stable https connections to the outside the problem is a bit bigger imho. I would debug why this is and if either you can fix your network or we need to add something to handle some obscur secure network setups better ...
I looked a bit to see if I could solve the problem by myself: it looks like connections in osc are done with the urllib2 package, and there are some problems when using https proxy:

http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/456195

I know next to nothing about http/https protocols, so I am pretty stuck there.

The basic problem is: I have in my environment the https_proxy set to my https proxy, and if I try for example

osc co home:<login>

Then, it got stuck, doing nothing. If I cancel it with Ctrl+C, I get the following backtrace:

Traceback (most recent call last):
 File "../osc/osc-wrapper.py", line 7, in ?
   commandline.main()
File "/usr/media/src/src/opensuse-bld/osc/osc/commandline.py", line 1080, in main
   cmd(args)
File "/usr/media/src/src/opensuse-bld/osc/osc/commandline.py", line 354, in checkout
   for package in meta_get_packagelist(project):
File "/usr/media/src/src/opensuse-bld/osc/osc/core.py", line 721, in meta_get_packagelist
   f = urlopen(u)
File "/usr/media/src/src/opensuse-bld/osc/osc/core.py", line 657, in urlopen
   fd = urllib2.urlopen(url, data=data)
 File "/usr/lib/python2.4/urllib2.py", line 130, in urlopen
   return _opener.open(url, data)
 File "/usr/lib/python2.4/urllib2.py", line 364, in open
   response = meth(req, response)
 File "/usr/lib/python2.4/urllib2.py", line 471, in http_response
   response = self.parent.error(
 File "/usr/lib/python2.4/urllib2.py", line 396, in error
   result = self._call_chain(*args)
 File "/usr/lib/python2.4/urllib2.py", line 337, in _call_chain
   result = func(*args)
 File "/usr/lib/python2.4/urllib2.py", line 554, in http_error_302
   return self.parent.open(new)
 File "/usr/lib/python2.4/urllib2.py", line 358, in open
   response = self._open(req, data)
 File "/usr/lib/python2.4/urllib2.py", line 376, in _open
   '_open', req)
 File "/usr/lib/python2.4/urllib2.py", line 337, in _call_chain
   result = func(*args)
 File "/usr/lib/python2.4/urllib2.py", line 1029, in https_open
   return self.do_open(httplib.HTTPSConnection, req)
 File "/usr/lib/python2.4/urllib2.py", line 993, in do_open
   h.request(req.get_method(), req.get_selector(), req.data, headers)
 File "/usr/lib/python2.4/httplib.py", line 804, in request
   self._send_request(method, url, body, headers)
 File "/usr/lib/python2.4/httplib.py", line 827, in _send_request
   self.endheaders()
 File "/usr/lib/python2.4/httplib.py", line 798, in endheaders
   self._send_output()
 File "/usr/lib/python2.4/httplib.py", line 679, in _send_output
   self.send(msg)
 File "/usr/lib/python2.4/httplib.py", line 646, in send
   self.connect()
 File "/usr/lib/python2.4/httplib.py", line 1073, in connect
   ssl = socket.ssl(sock, self.key_file, self.cert_file)
 File "/usr/lib/python2.4/socket.py", line 74, in ssl
   return _realssl(sock, keyfile, certfile)
KeyboardInterrupt

If anyone is willing to work on this bug, I can help testing it (I am already working with SVN version of osc),

cheers,

David
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups