From 92c6a524965308d0b66c0abd52a9baccbf4a1706 Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Tue, 26 May 2020 14:49:22 -0400
Subject: [PATCH 1/5] [feat][WIP] Add functionality to run setup through a
 proxy

---
 setup/so-functions | 56 +++++++++++++++++++++++++++++++---------------
 1 file changed, 38 insertions(+), 18 deletions(-)

diff --git a/setup/so-functions b/setup/so-functions
index 4e01c935c..fed162596 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -550,6 +550,9 @@ detect_os() {
 disable_onion_user() {
 	# Disable the default account cause security.
 	usermod -L onion
+
+	# Remove the automated setup script from crontab, if it exists
+	crontab -u onion -r
 }
 
 disable_misc_network_features() {
@@ -955,29 +958,47 @@ parse_options() {
 			if [[ $is_master || $is_helix ]]; then
 				local proxy
 				proxy=$(echo "$1" | tr -d '"' | awk -F'--turbo=' '{print $2}')
-				proxy_addr="http://$proxy"
-				use_proxy "$proxy_addr"
-				TURBO="$proxy_addr"
+				proxy_url="http://$proxy"
+				TURBO="$proxy_url"
+				use_turbo_proxy "$TURBO"
 			else
 				echo "turbo is not supported on this install type" >> $setup_log 2>&1
 			fi
 			;;
 		--proxy=*)
-			echo "Unimplimented"
-			return
+			local proxy
+			proxy=$(echo "$1" | tr -d '"' | awk -F'--proxy=' '{print $2}')
 
-			if [[ $2 != --proxy-user=* ]] || [[ $3 != --proxy-pass=* ]]; then
-				echo "Invalid options passed for proxy. Order is --proxy-user=<user> --proxy-pass=<password>"
-			else
-				local proxy
+			local proxy_protocol
+			proxy_protocol=$(echo "$proxy" |tr -d '"' | awk 'match($0, /http|https/) { print substr($0, RSTART, RLENGTH) }')
+
+			if [[ ! $proxy_protocol =~ ^(http|https) ]]; then
+				echo "Invalid proxy protocol"
+				echo "Ignoring proxy"
+				return
+			fi
+
+			if [[ $2 == --proxy-user=* && $3 == --proxy-pass=* ]]; then
 				local proxy_user
 				local proxy_password
-				proxy=$(echo "$1" | tr -d '"' | awk -F'--proxy=' '{print $2}')
 				proxy_user=$(echo "$2" | tr -d '"' | awk -F'--proxy-user=' '{print $2}')
 				proxy_password=$(echo "$3" | tr -d '"' | awk -F'--proxy-pass=' '{print $2}')
-				
-				use_proxy "$proxy" "$proxy_user" "$proxy_password"
+
+				local proxy_addr
+				proxy_addr=$(echo "$proxy" | tr -d '"' | awk -F'http\:\/\/|https\:\/\/' '{print $2}')
+
+				export http_proxy="${proxy_protocol}://${proxy_user}:${proxy_password}@${proxy_addr}"
+
+			elif [[ (-z $2 || -z $3) && (-n $2 || -n $3) || ($2 != --proxy-user=* || $3 != --proxy-pass=*) ]]; then
+				echo "Invalid options passed for proxy. Order is --proxy-user=<user> --proxy-pass=<password>"
+				echo "Ignoring proxy"
+				return
+
+			else
+				export http_proxy="$proxy"
 			fi
+
+			export {https,ftp,rsync,all}_proxy="$http_proxy"
 			;;
 		*)
 			echo "Invalid option"
@@ -1479,18 +1500,17 @@ update_packages() {
 	fi
 }
 
-use_proxy() {
-	local proxy_addr=$1
+use_turbo_proxy() {
+	local proxy_url=$1
 	#TODO: add options for username + pass
 
 	if [[ $OS == 'centos' ]]; then
-		printf '%s\n'\
-			"proxy=${proxy_addr}:3142" >> /etc/yum.conf
+		printf '%s\n' "proxy=${proxy_url}:3142" >> /etc/yum.conf
 	else
 		printf '%s\n'\
 			"Acquire {"\
-			"HTTP::proxy \"${proxy_addr}:3142\";"\
-			"HTTPS::proxy \"${proxy_addr}:3142\";"\
+			"  HTTP::proxy \"${proxy_url}:3142\";"\
+			"  HTTPS::proxy \"${proxy_url}:3142\";"\
 			"}" > /etc/apt/apt.conf.d/proxy.conf
 	fi
 }

From 84e3ce508e72ab106c7b7b69f846ae5eabb86947 Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Tue, 26 May 2020 15:19:37 -0400
Subject: [PATCH 2/5] [fix] Only check for proxy-user & proxy-pass when needed

---
 setup/so-functions | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/setup/so-functions b/setup/so-functions
index fed162596..4b47d65d9 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -989,7 +989,7 @@ parse_options() {
 
 				export http_proxy="${proxy_protocol}://${proxy_user}:${proxy_password}@${proxy_addr}"
 
-			elif [[ (-z $2 || -z $3) && (-n $2 || -n $3) || ($2 != --proxy-user=* || $3 != --proxy-pass=*) ]]; then
+			elif [[ (-z $2 || -z $3) && (-n $2 || -n $3) || ( -n $2 && -n $3 && ($2 != --proxy-user=* || $3 != --proxy-pass=*) ) ]]; then
 				echo "Invalid options passed for proxy. Order is --proxy-user=<user> --proxy-pass=<password>"
 				echo "Ignoring proxy"
 				return

From 9e1ed6983f6d0dd0000fd2ea3efa4e2a1cdb8df6 Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Tue, 26 May 2020 15:25:30 -0400
Subject: [PATCH 3/5] [fix] Parse options at beginning of setup

---
 setup/so-functions | 10 +++-------
 setup/so-setup     | 11 ++++++++---
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/setup/so-functions b/setup/so-functions
index 4b47d65d9..ae99d190e 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -960,7 +960,6 @@ parse_options() {
 				proxy=$(echo "$1" | tr -d '"' | awk -F'--turbo=' '{print $2}')
 				proxy_url="http://$proxy"
 				TURBO="$proxy_url"
-				use_turbo_proxy "$TURBO"
 			else
 				echo "turbo is not supported on this install type" >> $setup_log 2>&1
 			fi
@@ -1501,16 +1500,13 @@ update_packages() {
 }
 
 use_turbo_proxy() {
-	local proxy_url=$1
-	#TODO: add options for username + pass
-
 	if [[ $OS == 'centos' ]]; then
-		printf '%s\n' "proxy=${proxy_url}:3142" >> /etc/yum.conf
+		printf '%s\n' "proxy=${TURBO}:3142" >> /etc/yum.conf
 	else
 		printf '%s\n'\
 			"Acquire {"\
-			"  HTTP::proxy \"${proxy_url}:3142\";"\
-			"  HTTPS::proxy \"${proxy_url}:3142\";"\
+			"  HTTP::proxy \"${TURBO}:3142\";"\
+			"  HTTPS::proxy \"${TURBO}:3142\";"\
 			"}" > /etc/apt/apt.conf.d/proxy.conf
 	fi
 }
diff --git a/setup/so-setup b/setup/so-setup
index 4b0a4d6f6..6ce0a64ca 100755
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -40,6 +40,12 @@ export PATH=$PATH:../salt/common/tools/sbin
 date -u > $setup_log 2>&1
 
 got_root
+
+if [[ $# -gt 1 ]]; then
+	set -- "${@:2}"
+	parse_options "$@" >> $setup_log 2>&1
+fi
+
 detect_os
 
 if [ "$OS" == ubuntu ]; then
@@ -241,9 +247,8 @@ fi
 
 whiptail_make_changes
 
-if [[ $# -gt 1 ]]; then
-	set -- "${@:2}"
-	parse_options "$@" >> $setup_log 2>&1
+if [[ -n "$TURBO" ]]; then
+	use_turbo_proxy
 fi
 
 if [[ "$setup_type" == 'iso' ]]; then

From 001f7c6694946c478b5ab6fffc82ab2ad9709a15 Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Tue, 26 May 2020 16:01:44 -0400
Subject: [PATCH 4/5] [fix] export TURBO var so it can be used from so-setup

---
 setup/so-functions | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/setup/so-functions b/setup/so-functions
index ae99d190e..bf3f4d856 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -959,7 +959,7 @@ parse_options() {
 				local proxy
 				proxy=$(echo "$1" | tr -d '"' | awk -F'--turbo=' '{print $2}')
 				proxy_url="http://$proxy"
-				TURBO="$proxy_url"
+				export TURBO="$proxy_url"
 			else
 				echo "turbo is not supported on this install type" >> $setup_log 2>&1
 			fi

From ec0ec79470fe0bc822ad3e189aba63c79ae492ec Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Tue, 26 May 2020 16:23:06 -0400
Subject: [PATCH 5/5] [fix] Test install type after it has been set

---
 setup/so-functions | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/setup/so-functions b/setup/so-functions
index bf3f4d856..1f5df9678 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -955,14 +955,10 @@ node_pillar() {
 parse_options() {
 	case "$1" in
 		--turbo=*)
-			if [[ $is_master || $is_helix ]]; then
-				local proxy
-				proxy=$(echo "$1" | tr -d '"' | awk -F'--turbo=' '{print $2}')
-				proxy_url="http://$proxy"
-				export TURBO="$proxy_url"
-			else
-				echo "turbo is not supported on this install type" >> $setup_log 2>&1
-			fi
+			local proxy
+			proxy=$(echo "$1" | tr -d '"' | awk -F'--turbo=' '{print $2}')
+			proxy_url="http://$proxy"
+			TURBO="$proxy_url"
 			;;
 		--proxy=*)
 			local proxy
@@ -971,7 +967,7 @@ parse_options() {
 			local proxy_protocol
 			proxy_protocol=$(echo "$proxy" |tr -d '"' | awk 'match($0, /http|https/) { print substr($0, RSTART, RLENGTH) }')
 
-			if [[ ! $proxy_protocol =~ ^(http|https) ]]; then
+			if [[ ! $proxy_protocol =~ ^(http|https)$ ]]; then
 				echo "Invalid proxy protocol"
 				echo "Ignoring proxy"
 				return
@@ -1500,6 +1496,11 @@ update_packages() {
 }
 
 use_turbo_proxy() {
+	if [[ ! $install_type =~ ^(MASTER|EVAL|HELIXSENSOR|MASTERSEARCH|STANDALONE)$ ]]; then
+		echo "turbo is not supported on this install type" >> $setup_log 2>&1
+		return
+	fi
+
 	if [[ $OS == 'centos' ]]; then
 		printf '%s\n' "proxy=${TURBO}:3142" >> /etc/yum.conf
 	else