mirror of
https://github.com/GAM-team/GAM.git
synced 2026-07-03 20:31:35 +00:00
Merge branch 'main' of https://github.com/GAM-team/GAM
This commit is contained in:
@@ -120,6 +120,7 @@ import google.oauth2.service_account
|
|||||||
import google_auth_oauthlib.flow
|
import google_auth_oauthlib.flow
|
||||||
import google_auth_httplib2
|
import google_auth_httplib2
|
||||||
import httplib2
|
import httplib2
|
||||||
|
import urllib3.exceptions
|
||||||
|
|
||||||
httplib2.RETRIES = 5
|
httplib2.RETRIES = 5
|
||||||
|
|
||||||
@@ -8921,11 +8922,17 @@ def getOSPlatform():
|
|||||||
|
|
||||||
# gam checkconnection
|
# gam checkconnection
|
||||||
def doCheckConnection():
|
def doCheckConnection():
|
||||||
hosts = ['api.github.com', 'raw.githubusercontent.com',
|
hosts = ['api.github.com',
|
||||||
'accounts.google.com', 'oauth2.googleapis.com', 'www.googleapis.com']
|
'raw.githubusercontent.com',
|
||||||
|
'accounts.google.com',
|
||||||
|
'oauth2.googleapis.com',
|
||||||
|
'www.googleapis.com']
|
||||||
fix_hosts = {'calendar-json.googleapis.com': 'www.googleapis.com',
|
fix_hosts = {'calendar-json.googleapis.com': 'www.googleapis.com',
|
||||||
'storage-api.googleapis.com': 'storage.googleapis.com'}
|
'storage-api.googleapis.com': 'storage.googleapis.com'}
|
||||||
api_hosts = ['apps-apis.google.com', 'sites.google.com', 'versionhistory.googleapis.com', 'www.google.com']
|
api_hosts = ['apps-apis.google.com',
|
||||||
|
'sites.google.com',
|
||||||
|
'versionhistory.googleapis.com',
|
||||||
|
'www.google.com']
|
||||||
for host in API.PROJECT_APIS:
|
for host in API.PROJECT_APIS:
|
||||||
host = fix_hosts.get(host, host)
|
host = fix_hosts.get(host, host)
|
||||||
if host not in api_hosts and host not in hosts:
|
if host not in api_hosts and host not in hosts:
|
||||||
@@ -8941,13 +8948,27 @@ def doCheckConnection():
|
|||||||
success_count = 0
|
success_count = 0
|
||||||
for host in hosts:
|
for host in hosts:
|
||||||
try_count += 1
|
try_count += 1
|
||||||
|
dns_err = None
|
||||||
|
ip = 'unknown'
|
||||||
|
try:
|
||||||
ip = socket.getaddrinfo(host, None)[0][-1][0] # works with ipv6
|
ip = socket.getaddrinfo(host, None)[0][-1][0] # works with ipv6
|
||||||
|
except socket.gaierror as err:
|
||||||
|
dns_err = f'{not_okay}\n DNS failure: {err}\n'
|
||||||
|
except Exception as e:
|
||||||
|
dns_err = f'{not_okay}\n Unknown DNS failure: {err}\n'
|
||||||
check_line = f'Checking {host} ({ip}) ({try_count}/{host_count})...'
|
check_line = f'Checking {host} ({ip}) ({try_count}/{host_count})...'
|
||||||
writeStdout(f'{check_line:<100}')
|
writeStdout(f'{check_line:<100}')
|
||||||
flushStdout()
|
flushStdout()
|
||||||
|
if dns_err:
|
||||||
|
writeStdout(dns_err)
|
||||||
|
continue
|
||||||
gen_firewall = 'You probably have security software or a firewall on your machine or network that is preventing GAM from making Internet connections. Check your network configuration or try running GAM on a hotspot or home network to see if the problem exists only on your organization\'s network.'
|
gen_firewall = 'You probably have security software or a firewall on your machine or network that is preventing GAM from making Internet connections. Check your network configuration or try running GAM on a hotspot or home network to see if the problem exists only on your organization\'s network.'
|
||||||
try:
|
try:
|
||||||
httpObj.request(f'https://{host}/', 'HEAD', headers=headers)
|
if host.startswith('http'):
|
||||||
|
url = host
|
||||||
|
else:
|
||||||
|
url = f'https://{host}:443/'
|
||||||
|
httpObj.request(url, 'HEAD', headers=headers)
|
||||||
success_count += 1
|
success_count += 1
|
||||||
writeStdout(f'{okay}\n')
|
writeStdout(f'{okay}\n')
|
||||||
except ConnectionRefusedError:
|
except ConnectionRefusedError:
|
||||||
@@ -8961,7 +8982,7 @@ def doCheckConnection():
|
|||||||
writeStdout(f'{not_okay}\n GAM expects to connect with TLS 1.3 or newer and that failed. If your firewall / proxy server is not compatible with TLS 1.3 then you can tell GAM to allow TLS 1.2 by setting tls_min_version = TLSv1.2 in gam.cfg.\n')
|
writeStdout(f'{not_okay}\n GAM expects to connect with TLS 1.3 or newer and that failed. If your firewall / proxy server is not compatible with TLS 1.3 then you can tell GAM to allow TLS 1.2 by setting tls_min_version = TLSv1.2 in gam.cfg.\n')
|
||||||
elif e.reason == 'CERTIFICATE_VERIFY_FAILED':
|
elif e.reason == 'CERTIFICATE_VERIFY_FAILED':
|
||||||
writeStdout(f'{not_okay}\n Certificate verification failed. If you are behind a firewall / proxy server that does TLS / SSL inspection you may need to point GAM at your certificate authority file by setting cacerts_pem = /path/to/your/certauth.pem in gam.cfg.\n')
|
writeStdout(f'{not_okay}\n Certificate verification failed. If you are behind a firewall / proxy server that does TLS / SSL inspection you may need to point GAM at your certificate authority file by setting cacerts_pem = /path/to/your/certauth.pem in gam.cfg.\n')
|
||||||
elif e.strerror.startswith('TLS/SSL connection has been closed\n'):
|
elif e.strerror and e.strerror.startswith('TLS/SSL connection has been closed\n'):
|
||||||
writeStdout(f'{not_okay}\n TLS connection was closed. {gen_firewall}\n')
|
writeStdout(f'{not_okay}\n TLS connection was closed. {gen_firewall}\n')
|
||||||
else:
|
else:
|
||||||
writeStdout(f'{not_okay}\n {str(e)}\n')
|
writeStdout(f'{not_okay}\n {str(e)}\n')
|
||||||
|
|||||||
@@ -29,5 +29,6 @@ GAM_VER_LIBS = ['cryptography',
|
|||||||
'httplib2',
|
'httplib2',
|
||||||
'passlib',
|
'passlib',
|
||||||
'python-dateutil',
|
'python-dateutil',
|
||||||
|
'urllib3',
|
||||||
'yubikey-manager',
|
'yubikey-manager',
|
||||||
]
|
]
|
||||||
|
|||||||
Reference in New Issue
Block a user