Bug #44892 MEM heartbeat goes to external site when proxy defined on the agent server
Submitted: 15 May 7:47 Modified: 3 Sep 11:03
Reporter: Jonathon Coombes
Status: Documenting
Category:Monitoring: Agent Severity:S3 (Non-critical)
Version:2.0.5 OS:Any
Assigned to: Jan Kneschke Target Version:
Tags: proxy, Agent, mem, libcurl

[15 May 7:47] Jonathon Coombes 
Description:
The MEM agent when installed on a server with proxy set (e.g. http_proxy) will cause
problems with heartbeat connecting to site www.agent.com. Even if the no_proxy option is
used, it still fails unless totally bypassing the proxy.

How to repeat:
Set the proxy on the agent server:

$ export http_proxy="192.168.1.100"
$ export http_proxy="192.168.1.5"   (this is the heartbeat ip address)

Logs show www.agent.com errors when heartbeat attempts to connect.

Suggested fix:
No fix, as the problem is in the libcurl library and how the RFC-complient url's are
handled. MEM agent is parsing https://agent:agent_password@192.168.1.5 as the url
https://agent which then loads www.agent.com as the destination.

Libcurl library is updated and will be fixed in the next release.
[15 May 16:55] Mark Matthews 
We've wanted to split the user/pass out in the configuration file for other reasons, maybe
this is the impetus? We've had other customers that *need* to use a proxy, but the URL as
passed by curl to the proxy fails (even though it's RFC-compliant).
[26 May 3:19] Jonathon Coombes 
Details from the curl developers and the patch they supply is available at:

http://curl.haxx.se/mail/lib-2009-05/0184.html
[24 Jun 21:30] Enterprise Tools JIRA Robot 
Mark Matthews writes: 
We'd prefer to see this fixed by adding service manager user and password configuration
options, as it solves other bugs related to password encoding (as Kay states), and starts
to open the door configuration and code-wise for things like using SSL certificates for
authentication.
[4 Aug 22:53] Enterprise Tools JIRA Robot 
Gary Whizin writes: 
gets fixed with curl update (which is in progress)
[4 Aug 22:53] Enterprise Tools JIRA Robot 
Jan Kneschke writes: 
build 9097 should contain the updated libcurl 7.19.5 which contains the fix itself:

   http://curl.haxx.se/changes.html
[11 Aug 16:21] Enterprise Tools JIRA Robot 
Keith Russell writes: 
Patch installed in versions => 2.1.0.1092.
[3 Sep 11:03] Enterprise Tools JIRA Robot 
Carsten Segieth writes: 
--> tested successfull with build 2.1.0.1093 that "no_proxy=..." is now honoured
(compared to 2.1.0.1079, where it was not)

For the documentation:
----------------------
The setting of "no_proxy=..." needs to be identical to what is used in the
"agent-mgmt-hostname=..." setting in the .ini file, libcurl seem to check for identical
match only without any name resolution. So either both needs to be hostnames like
"test.mysql.com" or IP addresses ("dotted quad") like "10.100.22.33". When using
'non-equal' values the agent does not connect, even the IP address on the one side
represents the hostname used on the other side.