search

ibmresilient / resilient-community-apps

Source code for IBM SOAR Apps that are available on our App Exchange
https://ibm.biz/soar-apps-docs
MIT License
88 stars 96 forks source link

BUG: fn_hibp not respecting proxy. #86

Closed tbennett6421 closed 1 year ago

tbennett6421 commented 1 year ago

Description

fn_hibp does not use the proxy settings I have a fix for this but I'm unable to test it, so providing this issue that hopeful someone can fix

Describe How to Reproduce

  1. set the following in the app.config
hibp_proxy_http=http://proxy.internal.com:8080
hibp_proxy_https=http://proxy.internal.com:8080
  1. Run the selftest function

Expected outcome: successful connection What happened instead: network is unreachable

Running selftest for: 'fn-hibp' ------------------------
fn-hibp: selftest: HTTPSConnectionPool(host='haveibeenpwned.com', port=443): Max retries exceeded with url: /api/v3/breachedaccount/test&commat;example.com (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f3ee8674580>: Failed to establish a new connection: [Errno 101] Network is unreachable'))
selftest output: {'state': "HTTPSConnectionPool(host='haveibeenpwned.com', port=443): Max retries exceeded with url: /api/v3/breachedaccount/test&commat;example.com (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f3ee8674580>: Failed to establish a new connection: [Errno 101] Network is unreachable'))", 'reason': "HTTPSConnectionPool(host='haveibeenpwned.com', port=443): Max retries exceeded with url: /api/v3/breachedaccount/test&commat;example.com (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f3ee8674580>: Failed to establish a new connection: [Errno 101] Network is unreachable'))"}
Elapsed time: 254.543000 seconds
ERROR: running selftest for App. Error Code: 1

This can be fixed by adding return proxies in resilient-community-apps/fn_hibp/fn_hibp/lib/common.py::get_proxies()

The function would look like this

    def get_proxies(self):
        """
        build the proxy list
        :param opts:
        :return: dict of proxies
        """
        proxies = {}
        # Get proxies
        proxy_http = self.get_config_option("hibp_proxy_http", True)
        proxy_https = self.get_config_option("hibp_proxy_https", True)

        if proxy_http is not None:
            proxies["http"] = proxy_http

        if proxy_https is not None:
            proxies["https"] = proxy_https

        return proxies

I would open a PR, but I do not have a way of testing this, as resilient appears to ignore my package and use the quay.io image instead

amnorcross commented 1 year ago

Thanks for reporting this issue. A fix is already in progress and the app should be published very shortly.

annmarien commented 1 year ago

I am closing this issue as the fix will be published very shortly.