Bug#557085: apt-transport-https: uses http config rather than https
Adrian Bridgett
Version: 0.7.24
Using apt-cacher-ng I'd like to use a proxy for all repositories
except for https (which apt-cacher-ng does not support):
Acquire::http::Proxy "http://192.168.100.4:3142";
Acquire::https::Proxy "DIRECT";
Acquire::https::Proxy::example.com "DIRECT";
However this doesn't work - seems to bypass the proxy, but then try
proxying direct:
~$ sudo apt-get update
0% [Working]* About to connect() to proxy 192.168.100.4 port 3142 (#0)
* Trying 192.168.100.4... * connected
* Connected to 192.168.100.4 (192.168.100.4) port 3142 (#0)
* Establish HTTP proxy tunnel to example.com:443
* Server auth using Basic with user 'testuser'
> CONNECT example.com:443 HTTP/1.1
Host: example.com:443
User-Agent: Debian APT-CURL/1.0 (0.7.24)
Proxy-Connection: Keep-Alive
Cache-Control: max-age=0
* Proxy CONNECT aborted
* Closing connection #0
* About to connect() to proxy 192.168.100.4 port 3142 (#0)
Ign https://example.com hardy Release.gpg
2% [Waiting for headers] [Waiting for headers] [Waiting for headers]
[Waiting f* connected
* Connected to 192.168.100.4 (192.168.100.4) port 3142 (#0)
* Establish HTTP proxy tunnel to example.com:443
* Server auth using Basic with user 'testuser'
> CONNECT example.com:443 HTTP/1.1
Host: example.com:443
User-Agent: Debian APT-CURL/1.0 (0.7.24)
Proxy-Connection: Keep-Alive
Cache-Control: max-age=0
* Proxy CONNECT aborted
Unsetting the Acquire::http::Proxy line or adding
Acquire::http:Proxy::example.com DIRECT works, however this then turns
proxying for http too :-(
Adrian
--
bitcube.co.uk - Linux infrastructure consultancy
Puppet, Debian, Red Hat, Ubuntu, CentOS, ...
--
To UNSUBSCRIBE, email to debian-bugs-...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
David Kalnischkies
First of all: Thanks for your report!
2009/11/19 Adrian Bridgett <adr...@smop.co.uk>:
> Unsetting the Acquire::http::Proxy line or adding
> Acquire::http:Proxy::example.com DIRECT works, however this then turns
> proxying for http too :-(
Your problem is a misunderstanding: APT currently uses the
settings from http for https and has no special https-proxy-settings.
( apt.conf is misunderstandable here, but it is correctly said in
/usr/share/doc/apt/examples/configure-index.gz )
But yes, this is bogus and should be fixed. :)
I will write a little patch which should add https options which defaults
to the http ones if not set. I guess this is more what a user expects
and it is the only way to override these settings in a sane way for https
as your usecase shows that someone doesn't want to use the same
settings for http and https all the time.
If not really strange things happen it should be pushed in a few hours/days
to my branch [0] and should therefore be included in the next apt upload.
(I will not send the patch to the bugreport as it will depends on another
change in my branch)
Best regards / Mit freundlichen Grüßen,
David "DonKult" Kalnischkies
[0] https://code.launchpad.net/~donkult/apt/sid
Adrian Bridgett
> Hi Adrian Bridgett,
>
> First of all: Thanks for your report!
My pleasure :-) Thanks for the speedy response!
> Your problem is a misunderstanding: APT currently uses the
> settings from http for https and has no special https-proxy-settings.
Ah, I read (man apt-conf):
https
HTTPS URIs. Cache-control and proxy options are the same as for
http method. Pipeline-Depth option is not supported yet.
and interpreted it as "exactly the same" not "reused".
> I will write a little patch which should add https options which defaults
> to the http ones if not set. I guess this is more what a user expects
> and it is the only way to override these settings in a sane way for https
> as your usecase shows that someone doesn't want to use the same
> settings for http and https all the time.
Fabulous! I _love_ open source :-)
Many thanks!
Adrian
--
bitcube.co.uk - Linux infrastructure consultancy
Puppet, Debian, Red Hat, Ubuntu, CentOS, ...
--