VannTen
(Max Gautier)
October 1, 2024, 12:56pm
1
I would like to add support for CIDR notation in the NO_PROXY environment to Python (=urllib)
I happen to maintain a large playbook in Ansible, which rely on python, and usually can’t use anything else than stdlib for its module, so can’t support CIDR in no_proxy.
(Ansible issue in question)
opened 06:28AM - 21 Feb 19 UTC
closed 06:25PM - 22 Feb 19 UTC
module
net_tools
support:core
bug
affects_2.7
##### SUMMARY
URI module ignores no_proxy configuration with a CIDR notation. W… e have to specify individual IP addresses or domain for it to work.
##### ISSUE TYPE
- Bug Report
##### COMPONENT NAME
URI module
##### ANSIBLE VERSION
```
ansible 2.7.5
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/var/lib/awx/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /bin/ansible
python version = 2.7.5 (default, Sep 12 2018, 05:31:16) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
```
##### CONFIGURATION
```
DEFAULT_ROLES_PATH(/etc/ansible/ansible.cfg) = [u'/etc/ansible/roles', u'/usr/share/ansible/roles']
```
##### OS / ENVIRONMENT
```
Red Hat Enterprise Linux Server release 7.5 (Maipo)
```
##### STEPS TO REPRODUCE
```
- name: Test uri with cidr
hosts: localhost
connection: local
tasks:
- name: Simple curl
environment:
http_proxy: '<proxy_server>:<port>'
https_proxy: ' '<proxy_server>:<port>
HTTP_PROXY: '<proxy_server>:<port>
HTTPS_PROXY: '<proxy_server>:<port>
# NO_PROXY: '<webserver IP>'
# no_proxy: '<webserver IP>'
NO_PROXY: '<CIDR which contains webserver IP eg 192.168.1.0/24>'
no_proxy: '<CIDR which contains webserver IP eg 192.168.1.0/24>'
uri:
url: https://<webserver IP>
validate_certs: no
register: resultvar
- debug:
var: resultvar
```
##### EXPECTED RESULTS
No_proxy with CIDR configuration is honored and connections are directly made to hosts.
##### ACTUAL RESULTS
no_proxy is ignored and connections goes through proxy server.
I expect the benefits would be larger than just the ansible ecosystem, though. This would basically be the Python part of this Gitlab blog
I started the implementation if anyone wants a look.
I noticed there is another issue open in cpython/python which I would tackle at the same time regarding supporting ‘’ in domains (aka = ' .my.domain.com’ == ‘.mydomain.com’ in NO_PROXY):
opened 08:13PM - 24 May 17 UTC
type-feature
stdlib
3.10
BPO | [30462](https://bugs.python.org/issue30462)
--- | :---
Nosy | @zhangyangyu… , @csabella, @jirihnidek
PRs | <li>python/cpython#1795</li>
<sup>*Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.*</sup>
<details><summary>Show more details</summary><p>
GitHub fields:
```python
assignee = None
closed_at = None
created_at = <Date 2017-05-24.20:13:11.639>
labels = ['type-feature', 'library', '3.10']
title = 'urllib does not support NO_PROXY environment variable containing domain with asterisk'
updated_at = <Date 2020-05-27.11:55:12.022>
user = 'https://github.com/jirihnidek'
```
bugs.python.org fields:
```python
activity = <Date 2020-05-27.11:55:12.022>
actor = 'cheryl.sabella'
assignee = 'none'
closed = False
closed_date = None
closer = None
components = ['Library (Lib)']
creation = <Date 2017-05-24.20:13:11.639>
creator = 'Jiri Hnidek'
dependencies = []
files = []
hgrepos = []
issue_num = 30462
keywords = []
message_count = 7.0
messages = ['294388', '294955', '295213', '296692', '297159', '320020', '370065']
nosy_count = 3.0
nosy_names = ['xiang.zhang', 'cheryl.sabella', 'Jiri Hnidek']
pr_nums = ['1795']
priority = 'normal'
resolution = None
stage = None
status = 'open'
superseder = None
type = 'enhancement'
url = 'https://bugs.python.org/issue30462'
versions = ['Python 3.10']
```
</p></details>
Wdyt ?