From f30a9e56f3df9a51e0f6ee211239d1da3f9cbcab Mon Sep 17 00:00:00 2001
From: Evan Cordell <cordell.evan@gmail.com>
Date: Wed, 27 Apr 2016 12:48:15 -0500
Subject: [PATCH] Be really sure about proxy protocol

---
 binary_dependencies/jwtproxy | Bin 11556128 -> 11556128 bytes
 config.py                    |   2 +-
 util/secscan/api.py          |   6 +++---
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/binary_dependencies/jwtproxy b/binary_dependencies/jwtproxy
index 17132a35cc7cb6d41cff4d1bb56809e9436cafad..8d479b09eb6bd7f75d888bc1020f8b872f08a97e 100755
GIT binary patch
delta 635
zcmWm8$4}E?0LS6HwRKNixWSEkqoTO?1}7?r<5k>y)Irq`)`465b5N-$s8#V|(nJ$u
zg9i^rN$kOEK@l+N#ecxBhv)u;!ck91d>C9b!HtKeG^05!Xh|zt(}uRRqdgr+q9dK?
zOc%P6OgFmIgP!!FH+@JUmA>?&KLZ%ZAO@4h5QZ|0;f!D;qZrK?#xjoaOdy?!Oky$_
zOkpaSOk+ATn8_?=Gl#j%V?GO5$RZZAgrzKFIV;E_o0Y6$HEUSQI&xUg1~!sQ9-GK#
zGh5iowzsxEZnB()xJ@^CPHK%Ub@_}Ft+BaIO06w3pPZ^%``&zY3V+(~ChTPYvLDQ6
zC#lXxO`{X5v)^3BZm0aW{b(v3TW|lGFOi%En`T@APo${PW*GA$68&Q{U8XvauqEc5
zKbWwxU3N%;?37)yTlUCa*(dwufE<)Va#)VYQ8^~Z<%D?Uq@0q|az+ZpCuikcB$zl~
z6*mQu{A!Zjrrht1Aw_aQ{Blt)$z{1B#d1}y$#uCQH|3VxmOFA+0^-O$xi1gop_E8a
l9!aT$<gt{=6L~8C9~JUUp34gf%S(ABucb2LjlHSx{R1<HL+1bh

delta 634
zcmWN==~K*c0LSt9Zkzkel{2|>pM}VM-*Og9<m<lgb+mYAogwsdw6&xpIfiET0b{J5
zW5)giTcnuTG2@v>KChWquqqrMR38Qxakz=68O>=yOIp#IHngQ3?dd>A66i!{y3mzw
zB+{K8^rRQP=|d8INv0qD8NfgWF_<BwFqB~oX9Ob|#c0MbmT`<{0;!}ikx5J@oheKu
zgK11>1~Zw(Z00bRdCX@43t7Zsmavp%EN2BP$z&C)S;Jb^v7Ril*}z6TY+^GxY+)<8
zY^$-2QIqO4MQxh#ILURk)Z{v!>a52}s<&mP(y6Vt@5~z~@4NkG3Y^Rz_JgT*5*lpS
ze0CxY_KWLJoKybOel&%SZM1*Q>rhscO);*2?oj?On{LeeQ24jaaG9E-m@PIX{y@y?
zcHN;nb(ikeJ-S!->3%(+2lbF1)+2gUkLhtep(oX=r}VU*(X*PTK0T-BLxI?Z+NjA6
z<$NX4ZQlC55j0;fs$VbZWxb+T^_pJS0==O(^_CXuZM~y+wMZSkr}y=NKGb3jXo;3;
hP#@`IEz>7jt`+)JEA^RH>2s~t7y2^fjl8Px{RapYLt6j<

diff --git a/config.py b/config.py
index 6d19d1541..abd1d70bd 100644
--- a/config.py
+++ b/config.py
@@ -289,7 +289,7 @@ class DefaultConfig(object):
     'API_TIMEOUT_SECONDS': 10,
     'API_TIMEOUT_POST_SECONDS': 480,
   }
-  JWTPROXY_SIGNER = 'https://localhost:8080'
+  JWTPROXY_SIGNER = 'localhost:8080'
 
   # Torrent management flags
   FEATURE_BITTORRENT = False
diff --git a/util/secscan/api.py b/util/secscan/api.py
index 5a49ec8ef..d6ae31502 100644
--- a/util/secscan/api.py
+++ b/util/secscan/api.py
@@ -253,7 +253,7 @@ class SecurityScannerAPI(object):
 
     api_url = urljoin(endpoint, '/' + security_config['API_VERSION']) + '/'
     url = urljoin(api_url, relative_url)
-    signer_proxy_url = self.config.get('JWTPROXY_SIGNER', 'https://localhost:8080')
+    signer_proxy_url = self.config.get('JWTPROXY_SIGNER', 'localhost:8080')
 
 
     with CloseForLongOperation(self.config):
@@ -261,6 +261,6 @@ class SecurityScannerAPI(object):
       return client.request(method, url, json=body, params=params, timeout=timeout,
                             cert=self._keys, verify='/conf/mitm.cert', headers=headers,
                             proxies={
-                              'https': signer_proxy_url,
-                              'http': signer_proxy_url
+                              'https': 'https://' + signer_proxy_url,
+                              'http': 'http://' + signer_proxy_url
                             })