Re: [fossil-users] Fossil, proxies and SSL, revisited
On Mon, Jun 17, 2013 at 10:48 AM, Brandon Invergo bran...@invergo.netwrote:
However, when I attempt to sync my Fossil repositories, I receive the
following error:
$ fossil sync https://user:p...@repos.invergo.net/reponame
via proxy: http://proxy.company.com:8080
fossil: server says: 503 Service Unavailable: 0
I don't know that much about proxies, since I never personally need to deal
with them. But maybe they should be disabled for HTTPS? What happens if
you recompile with this patch:
Index: src/url.c
==
--- src/url.c
+++ src/url.c
@@ -326,11 +326,11 @@
if( zProxy==0 || zProxy[0]==0 || is_truth(zProxy) ){
zProxy = fossil_getenv(http_proxy);
}
}
if( zProxy zProxy[0] !is_false(zProxy)
- !g.urlIsSsh !g.urlIsFile ){
+ !g.urlIsSsh !g.urlIsFile !g.urlIsHttps ){
char *zOriginalUrl = g.urlCanonical;
char *zOriginalHost = g.urlHostname;
char *zOriginalUser = g.urlUser;
char *zOriginalPasswd = g.urlPasswd;
unsigned uOriginalFlags = g.urlFlags;
--
D. Richard Hipp
d...@sqlite.org
___
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Fossil, proxies and SSL, revisited
On Mon, Jun 17, 2013 at 10:56:03AM -0400, Richard Hipp wrote: On Mon, Jun 17, 2013 at 10:48 AM, Brandon Invergo bran...@invergo.netwrote: However, when I attempt to sync my Fossil repositories, I receive the following error: $ fossil sync https://user:p...@repos.invergo.net/reponame via proxy: http://proxy.company.com:8080 fossil: server says: 503 Service Unavailable: 0 I don't know that much about proxies, since I never personally need to deal with them. But maybe they should be disabled for HTTPS? To use https over an http proxy, fossil should use a CONNECT http proxy command. After success on that, it's like a normal direct connection to the remote https server, and all TLS happens without the proxy understanding a word. ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Fossil, proxies and SSL, revisited
On Mon, Jun 17, 2013 at 10:59 AM, Lluís Batlle i Rossell vi...@viric.namewrote: On Mon, Jun 17, 2013 at 10:56:03AM -0400, Richard Hipp wrote: On Mon, Jun 17, 2013 at 10:48 AM, Brandon Invergo bran...@invergo.net wrote: However, when I attempt to sync my Fossil repositories, I receive the following error: $ fossil sync https://user:p...@repos.invergo.net/reponame via proxy: http://proxy.company.com:8080 fossil: server says: 503 Service Unavailable: 0 I don't know that much about proxies, since I never personally need to deal with them. But maybe they should be disabled for HTTPS? To use https over an http proxy, fossil should use a CONNECT http proxy command. After success on that, it's like a normal direct connection to the remote https server, and all TLS happens without the proxy understanding a word. I don't have access to a proxy for testing purposes. Can somebody (who has signed a CLA) suggest a patch to implement this? (CLA available here: http://www.fossil-scm.org/fossil/doc/trunk/www/copyright-release.pdf) -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
