From 5732f3c9a4e0c5846175e1a64784bc611499410d Mon Sep 17 00:00:00 2001
From: Julien Sobczak <julien.sobczak@gmail.com>
Date: Mon, 25 Mar 2024 17:45:59 +0100
Subject: [PATCH] Add support for SOCKS5 proxy

---
 Dockerfile  |  2 +-
 README.md   | 21 +++++++++++++++++++++
 startapp.sh | 18 +++++++++++++-----
 3 files changed, 35 insertions(+), 6 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 2f79a2b..81e7457 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,7 +11,7 @@ RUN APP_ICON_URL=https://raw.githubusercontent.com/DomiStyle/docker-idrac6/maste
     install_app_icon.sh "$APP_ICON_URL"
 
 RUN apt-get update && \
-    apt-get install -y wget software-properties-common libx11-dev gcc xdotool && \
+    apt-get install -y wget curl software-properties-common libx11-dev gcc xdotool && \
     wget -nc https://cdn.azul.com/zulu/bin/zulu8.68.0.21-ca-jdk8.0.362-linux_amd64.deb && \
     apt-get install -y ./zulu8.68.0.21-ca-jdk8.0.362-linux_amd64.deb && \
     gcc -o /keycode-hack.so /keycode-hack.c -shared -s -ldl -fPIC && \
diff --git a/README.md b/README.md
index 8be2e73..55e2f11 100644
--- a/README.md
+++ b/README.md
@@ -28,6 +28,25 @@ docker run -d \
 ```
 The web interface will be available on port 5800 while the VNC server can be accessed on 5900. Startup might take a few seconds while the Java libraries are downloaded. You can add a volume on /app if you would like to cache them.
 
+## Usage (with SOCKS)
+
+```
+# Start a local port forwarding using SOCKS
+ssh -fND 4443 <remote-hostname>
+docker run -d \
+  -p 5800:5800 \
+  -p 5900:5900 \
+  -e IDRAC_HOST=idrac1.example.org \
+  -e IDRAC_USER=root \
+  -e IDRAC_PASSWORD=1234 \
+  -e SOCKS_PROXY_HOST=host.docker.internal \
+  -e SOCKS_PROXY_PORT=4443 \
+  domistyle/idrac6
+```
+
+NB: `host.docker.internal` only works on Windows and MacOS since Docker 18.03+.
+
+
 ## Configuration
 
 | Variable       | Description                                  | Required |
@@ -38,6 +57,8 @@ The web interface will be available on port 5800 while the VNC server can be acc
 |`IDRAC_PORT`| The optional port for the web interface. (443 by default) | No |
 |`IDRAC_KEYCODE_HACK`| If you have issues with keyboard input, try setting this to ``true``. See [here](https://github.com/anchor/idrac-kvm-keyboard-fix) for more infos. | No |
 |`VIRTUAL_MEDIA`| Filename of iso located within /vmedia to automount | No |
+|`SOCKS_PROXY_HOST`| The optional host for the SOCKS5 proxy. (disabled by default) | No |
+|`SOCKS_PROXY_PORT`| The optional port for the SOCKS5 proxy. (disabled by default) | No |
 
 **For advanced configuration options please take a look [here](https://github.com/jlesage/docker-baseimage-gui#environment-variables).**
 
diff --git a/startapp.sh b/startapp.sh
index c3c4879..b74fdbf 100644
--- a/startapp.sh
+++ b/startapp.sh
@@ -26,6 +26,13 @@ if [ -f "/run/secrets/idrac_password" ]; then
     IDRAC_PASSWORD="$(cat /run/secrets/idrac_password)"
 fi
 
+CURL_OPTS=""
+JAVA_OPTS=""
+if [ -n "${SOCKS_PROXY_HOST}" ]; then
+    CURL_OPTS="$CURL_OPTS -x socks5://$SOCKS_PROXY_HOST:$SOCKS_PROXY_PORT"
+    JAVA_OPTS="-DsocksProxyHost=$SOCKS_PROXY_HOST -DsocksProxyPort=$SOCKS_PROXY_PORT"
+fi
+
 if [ -z "${IDRAC_HOST}" ]; then
     echo "${RED}Please set a proper idrac host with IDRAC_HOST${NC}"
     sleep 2
@@ -62,7 +69,7 @@ fi
 if [ ! -f avctKVM.jar ]; then
     echo "Downloading avctKVM"
 
-    wget https://${IDRAC_HOST}:${IDRAC_PORT}/software/avctKVM.jar --no-check-certificate
+    curl $CURL_OPTS -o avctKVM.jar https://${IDRAC_HOST}:${IDRAC_PORT}/software/avctKVM.jar -k --ciphers 'DEFAULT:!DH'
 
     if [ ! $? -eq 0 ]; then
         echo "${RED}Failed to download avctKVM.jar, please check your settings${NC}"
@@ -74,7 +81,7 @@ fi
 if [ ! -f lib/avctKVMIOLinux64.jar ]; then
     echo "Downloading avctKVMIOLinux64"
 
-    wget -O lib/avctKVMIOLinux64.jar https://${IDRAC_HOST}:${IDRAC_PORT}/software/avctKVMIOLinux64.jar --no-check-certificate
+    curl $CURL_OPTS -o lib/avctKVMIOLinux64.jar https://${IDRAC_HOST}:${IDRAC_PORT}/software/avctKVMIOLinux64.jar -k --ciphers 'DEFAULT:!DH'
 
     if [ ! $? -eq 0 ]; then
         echo "${RED}Failed to download avctKVMIOLinux64.jar, please check your settings${NC}"
@@ -86,7 +93,7 @@ fi
 if [ ! -f lib/avctVMLinux64.jar ]; then
     echo "Downloading avctVMLinux64"
 
-    wget -O lib/avctVMLinux64.jar https://${IDRAC_HOST}:${IDRAC_PORT}/software/avctVMLinux64.jar --no-check-certificate
+    curl $CURL_OPTS -o lib/avctVMLinux64.jar https://${IDRAC_HOST}:${IDRAC_PORT}/software/avctVMLinux64.jar -k --ciphers 'DEFAULT:!DH'
 
     if [ ! $? -eq 0 ]; then
         echo "${RED}Failed to download avctVMLinux64.jar, please check your settings${NC}"
@@ -118,8 +125,9 @@ if [ -n "$IDRAC_KEYCODE_HACK" ]; then
 
     export LD_PRELOAD=/keycode-hack.so
 fi
-exec java -cp avctKVM.jar -Djava.library.path="./lib" com.avocent.idrac.kvm.Main ip=${IDRAC_HOST} kmport=5900 vport=5900 user=${IDRAC_USER} passwd=${IDRAC_PASSWORD} apcp=1 version=2 vmprivilege=true "helpurl=https://${IDRAC_HOST}:443/help/contents.html" &
+exec java $JAVA_OPTS -cp avctKVM.jar -Djava.library.path="./lib" com.avocent.idrac.kvm.Main ip=${IDRAC_HOST} kmport=5900 vport=5900 user=${IDRAC_USER} passwd=${IDRAC_PASSWORD} apcp=1 version=2 vmprivilege=true "helpurl=https://${IDRAC_HOST}:443/help/contents.html" &
 
 # If an iso exists at the specified location, mount it
 [ -f "/vmedia/$VIRTUAL_ISO" ] && /mountiso.sh
-wait
\ No newline at end of file
+wait
+