search

MarisElsins / getMOSPatch

getMOSPatch V2 - Tool that helps downloading patches from My Oracle Support
58 stars 17 forks source link

proxy works partially #29

Closed prophess closed 3 years ago

prophess commented 3 years ago

Hi,

i tried to use this tool over proxy but getmos.pl is trying to reach ipadresses besides the proxy. Is that correct? For me the configuration behind a proxy is not possible because you have to allow directy other ip's in the firewall. This is not allowed in our company.

java -Djavax.net.ssl.trustStore=/etc/pki/ca-trust/extracted/java/cacerts -Dhttps.proxyHost= -Dhttps.proxyPort= -jar getMOSPatch.jar patch="6880880" regexp="1120." platform="226p" download="all" MOSUser="" MOSPass="" silent="no" debug="yes"

Trying with socks configuration we analyzed and hit the failure/Bug with SOCKS: Message

java -DsocksProxyHost= -DsocksProxyPort= -jar getMOSPatch.jar patch="6880880" regexp="1120." platform="226p" download="all" MOSUser="" MOSPass="" silent="no" debug="yes"

Error Message:

Exception in thread "main" java.net.SocketException: SOCKS : No acceptable methods at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:471) at java.net.Socket.connect(Socket.java:589) at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:666) at sun.security.ssl.BaseSSLSocketImpl.connect(BaseSSLSocketImpl.java:173) at sun.net.NetworkClient.doConnect(NetworkClient.java:180) at sun.net.www.http.HttpClient.openServer(HttpClient.java:463) at sun.net.www.http.HttpClient.openServer(HttpClient.java:558) at sun.net.www.protocol.https.HttpsClient.(HttpsClient.java:264) at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:367) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:200) at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1175) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1050) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177) at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263) at java.net.URL.openStream(URL.java:1045) at getMOSPatch.downloadFile(getMOSPatch.java:158) at getMOSPatch.downloadString(getMOSPatch.java:227) at getMOSPatch.downloadString(getMOSPatch.java:223) at getMOSPatch.main(getMOSPatch.java:495)

Is the execution correct or do you plan to fix this? Maybe i do it wrong but anyway its a great helper tool (if not being behind a proxy.

best regards, Simon

MarisElsins commented 3 years ago

Hi Simon,

thanks for using the getMosPatch!

I tried the https proxy configuration with one of the public proxies from https://www.freeproxylists.net and it worked fine.

$  strace -s200 -o/tmp/str.log -f ./java -Dhttps.proxyHost=165.225.21.188 -Dhttps.proxyPort=80 -jar /u01/install/getMOSPatch.jar patch="6880880" platform="226P" 
Enter your MOS username: ***
Enter your MOS password: 
-
We're going to download patches for the following Platforms/Languages:
 226P - Platform 226P

Processing patch 6880880 for Platform 226P and applying regexp .* to the filenames:
 1 - p6880880_210000_Linux-x86-64.zip
 2 - p6880880_190000_Linux-x86-64.zip
 3 - p6880880_200000_Linux-x86-64.zip
 4 - p6880880_180000_Linux-x86-64.zip
 5 - p6880880_122010_Linux-x86-64.zip
 6 - p6880880_121010_Linux-x86-64.zip
 7 - p6880880_112000_Linux-x86-64.zip
 8 - p6880880_101000_Linux-x86-64.zip
 9 - p6880880_139000_Generic.zip
 10 - p6880880_132000_Generic.zip
 11 - p6880880_111000_Linux-x86-64.zip
 12 - p6880880_131000_Generic.zip
 13 - p6880880_102000_Linux-x86-64.zip
 Enter Comma separated files to download ("all" or "none" can be used too): none

There's nothing to download!

Also it appears all the connections are made to the proxy IP, and nothing else tries to bypass it (I replaced my IPs with 100.100.100.100 in the output below)

9208  ioctl(17, SIOCGIFCONF, {ifc_len=2 * sizeof(struct ifreq), ifc_buf=[{ifr_name="lo", ifr_addr={sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("127.0.0.1")}}, {ifr_name="eth0", ifr_addr={sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("100.100.100.100")}}]}) = 0
9208  ioctl(17, SIOCGIFNETMASK, {ifr_name="lo", ifr_netmask={sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("255.0.0.0")}}) = 0
9208  ioctl(17, SIOCGIFBRDADDR, {ifr_name="eth0", ifr_broadaddr={sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("100.100.100.255")}}) = 0
9208  ioctl(17, SIOCGIFNETMASK, {ifr_name="eth0", ifr_netmask={sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("255.255.255.0")}}) = 0
9208  connect(17, {sa_family=AF_INET6, sin6_port=htons(80), inet_pton(AF_INET6, "::ffff:165.225.21.188", &sin6_addr), sin6_flowinfo=htonl(0), sin6_scope_id=0}, 28 <unfinished ...>
9208  getsockname(17, {sa_family=AF_INET6, sin6_port=htons(15128), inet_pton(AF_INET6, "::ffff:100.100.100.100", &sin6_addr), sin6_flowinfo=htonl(0), sin6_scope_id=0}, [28]) = 0
9208  connect(19, {sa_family=AF_INET6, sin6_port=htons(80), inet_pton(AF_INET6, "::ffff:165.225.21.188", &sin6_addr), sin6_flowinfo=htonl(0), sin6_scope_id=0}, 28 <unfinished ...>
9208  getsockname(19, {sa_family=AF_INET6, sin6_port=htons(15130), inet_pton(AF_INET6, "::ffff:100.100.100.100", &sin6_addr), sin6_flowinfo=htonl(0), sin6_scope_id=0}, [28]) = 0
9208  connect(20, {sa_family=AF_INET6, sin6_port=htons(80), inet_pton(AF_INET6, "::ffff:165.225.21.188", &sin6_addr), sin6_flowinfo=htonl(0), sin6_scope_id=0}, 28 <unfinished ...>
9208  getsockname(20, {sa_family=AF_INET6, sin6_port=htons(15132), inet_pton(AF_INET6, "::ffff:100.100.100.100", &sin6_addr), sin6_flowinfo=htonl(0), sin6_scope_id=0}, [28]) = 0
9208  connect(21, {sa_family=AF_INET6, sin6_port=htons(80), inet_pton(AF_INET6, "::ffff:165.225.21.188", &sin6_addr), sin6_flowinfo=htonl(0), sin6_scope_id=0}, 28 <unfinished ...>
9208  getsockname(21, {sa_family=AF_INET6, sin6_port=htons(15134), inet_pton(AF_INET6, "::ffff:100.100.100.100", &sin6_addr), sin6_flowinfo=htonl(0), sin6_scope_id=0}, [28]) = 0
9208  connect(22, {sa_family=AF_INET6, sin6_port=htons(80), inet_pton(AF_INET6, "::ffff:165.225.21.188", &sin6_addr), sin6_flowinfo=htonl(0), sin6_scope_id=0}, 28 <unfinished ...>
9208  getsockname(22, {sa_family=AF_INET6, sin6_port=htons(15136), inet_pton(AF_INET6, "::ffff:100.100.100.100", &sin6_addr), sin6_flowinfo=htonl(0), sin6_scope_id=0}, [28]) = 0
9208  connect(23, {sa_family=AF_INET6, sin6_port=htons(80), inet_pton(AF_INET6, "::ffff:165.225.21.188", &sin6_addr), sin6_flowinfo=htonl(0), sin6_scope_id=0}, 28 <unfinished ...>
9208  getsockname(23, {sa_family=AF_INET6, sin6_port=htons(15138), inet_pton(AF_INET6, "::ffff:100.100.100.100", &sin6_addr), sin6_flowinfo=htonl(0), sin6_scope_id=0}, [28]) = 0

Are you sure your local cacerts file is up to date? You could debug the ssl connections with -Djavax.net.debug=ssl, maybe it reveals something, but at the moment I don't think there's anything wrong with the tool itself.

Maris