Re: [fossil-users] Fossil, proxies and SSL, revisited
On Mon, Jun 17, 2013 at 10:48 AM, Brandon Invergo bran...@invergo.netwrote: However, when I attempt to sync my Fossil repositories, I receive the following error: $ fossil sync https://user:p...@repos.invergo.net/reponame via proxy: http://proxy.company.com:8080 fossil: server says: 503 Service Unavailable: 0 I don't know that much about proxies, since I never personally need to deal with them. But maybe they should be disabled for HTTPS? What happens if you recompile with this patch: Index: src/url.c == --- src/url.c +++ src/url.c @@ -326,11 +326,11 @@ if( zProxy==0 || zProxy[0]==0 || is_truth(zProxy) ){ zProxy = fossil_getenv(http_proxy); } } if( zProxy zProxy[0] !is_false(zProxy) - !g.urlIsSsh !g.urlIsFile ){ + !g.urlIsSsh !g.urlIsFile !g.urlIsHttps ){ char *zOriginalUrl = g.urlCanonical; char *zOriginalHost = g.urlHostname; char *zOriginalUser = g.urlUser; char *zOriginalPasswd = g.urlPasswd; unsigned uOriginalFlags = g.urlFlags; -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Fossil, proxies and SSL, revisited
On Mon, Jun 17, 2013 at 10:56:03AM -0400, Richard Hipp wrote: On Mon, Jun 17, 2013 at 10:48 AM, Brandon Invergo bran...@invergo.netwrote: However, when I attempt to sync my Fossil repositories, I receive the following error: $ fossil sync https://user:p...@repos.invergo.net/reponame via proxy: http://proxy.company.com:8080 fossil: server says: 503 Service Unavailable: 0 I don't know that much about proxies, since I never personally need to deal with them. But maybe they should be disabled for HTTPS? To use https over an http proxy, fossil should use a CONNECT http proxy command. After success on that, it's like a normal direct connection to the remote https server, and all TLS happens without the proxy understanding a word. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Fossil, proxies and SSL, revisited
On Mon, Jun 17, 2013 at 10:59 AM, Lluís Batlle i Rossell vi...@viric.namewrote: On Mon, Jun 17, 2013 at 10:56:03AM -0400, Richard Hipp wrote: On Mon, Jun 17, 2013 at 10:48 AM, Brandon Invergo bran...@invergo.net wrote: However, when I attempt to sync my Fossil repositories, I receive the following error: $ fossil sync https://user:p...@repos.invergo.net/reponame via proxy: http://proxy.company.com:8080 fossil: server says: 503 Service Unavailable: 0 I don't know that much about proxies, since I never personally need to deal with them. But maybe they should be disabled for HTTPS? To use https over an http proxy, fossil should use a CONNECT http proxy command. After success on that, it's like a normal direct connection to the remote https server, and all TLS happens without the proxy understanding a word. I don't have access to a proxy for testing purposes. Can somebody (who has signed a CLA) suggest a patch to implement this? (CLA available here: http://www.fossil-scm.org/fossil/doc/trunk/www/copyright-release.pdf) -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users