Added no_proxy support

[xtonousou]

Added the ability to define no_proxy variable to exclude addresses if http_proxy is defined. This is useful for clustered iRedMail components on air gapped environments.

The PR fixes an "internal server error" observed in iRedAdmin web ui or API while fetching user information if the HTTP_PROXY variable is defined. Below you can see that the API request from iRedAdmin to mlmmjadmin is being proxied.

The code is tested with iRedAdmin-PRO OpenLDAP v.5.4.1

[iredmail]

Hi @xtonousou,

Thank you very much for the contribution.

• Could you please also add IPv6 loopback in default value (libs/default_settings.py)?
• I suppose no getattr() required in this case?

[xtonousou]

OK, I've updated the PR.

I should also mention another caveat of using http_proxy. HTTP_PROXY will be ignored if a variable REQUEST_METHOD is set; see the documentation on getproxies().

Also, there is this CVE-2016-1000110 which affects old compatible Linux distros with Python <= 3.5.2. I suggest that the reverse proxy should remove the Proxy header completely (useful when iRedAdmin-PRO is exposed as self-service portal for users).

[iredmail]

Dear @xtonousou:

This has been merged and fixed in https://github.com/iredmail/iRedAdmin/commit/70a44252bb21d1ec2aef006b9e4b1cfbdad56dca. Thanks for the contribution. :)

[iredmail]

New version v2.4 has been tagged.

[xtonousou]

Will this be ported to pro version too?

[iredmail]

Will this be ported to pro version too?

Sure. Already ported and will be available in next iRedAdmin-Pro release.