From mboxrd@z Thu Jan  1 00:00:00 1970
From: iyzsong@member.fsf.org (=?utf-8?B?5a6L5paH5q2m?=)
Subject: [PATCH] download: Support 'https_proxy'.
Date: Fri, 10 May 2019 22:19:00 +0800
Message-ID: <874l62s88b.fsf@member.fsf.org>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([209.51.188.92]:43825)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <iyzsong@member.fsf.org>) id 1hP6Mh-0004Y1-E2
	for guix-devel@gnu.org; Fri, 10 May 2019 10:19:12 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <iyzsong@member.fsf.org>) id 1hP6Mg-0006Ep-98
	for guix-devel@gnu.org; Fri, 10 May 2019 10:19:11 -0400
Received: from rezeros.cc ([2001:19f0:7001:2f3e:5400:ff:fe84:e55d]:51868)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <iyzsong@member.fsf.org>)
	id 1hP6Mf-0006DX-Oh
	for guix-devel@gnu.org; Fri, 10 May 2019 10:19:10 -0400
Received: from localhost (2409:8a62:37c:f410:9545:ded4:2d83:d4ce
	[IPv6:2409:8a62:37c:f410:9545:ded4:2d83:d4ce])
	by rezeros.cc (OpenSMTPD) with ESMTPSA id 6a5f8f8f
	(TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO)
	for <guix-devel@gnu.org>; Fri, 10 May 2019 14:19:04 +0000 (UTC)
Received: from gift (localhost [127.0.0.1])
	by localhost (OpenSMTPD) with ESMTP id a429ac9e
	for <guix-devel@gnu.org>; Fri, 10 May 2019 14:19:00 +0000 (UTC)
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: guix-devel@gnu.org

--=-=-=
Content-Type: text/plain

Hello, this patch add 'https_proxy' to 'guix download' (and guix-daemon
if we update guix?):


--=-=-=
Content-Type: text/x-patch
Content-Disposition: inline;
 filename=0001-download-Support-https_proxy.patch

>From 424da6e43ba9c928403e3fd9b42e75d0fe90fc23 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=AE=8B=E6=96=87=E6=AD=A6?= <iyzsong@member.fsf.org>
Date: Fri, 10 May 2019 21:27:40 +0800
Subject: [PATCH] download: Support 'https_proxy'.

* guix/build/download.scm (setup-http-tunnel): New procedure.
(open-connection-for-uri): Honor the 'https_proxy' environment variable.
---
 guix/build/download.scm | 28 ++++++++++++++++++++++------
 1 file changed, 22 insertions(+), 6 deletions(-)

diff --git a/guix/build/download.scm b/guix/build/download.scm
index a64e0f0bd3..92cef76dff 100644
--- a/guix/build/download.scm
+++ b/guix/build/download.scm
@@ -380,6 +380,20 @@ ETIMEDOUT error is raised."
               (apply throw args)
               (loop (cdr addresses))))))))
 
+(define (setup-http-tunnel port uri)
+  "Establish a tunnel to the destination server of URI."
+  (define target
+    (string-append (uri-host uri) ":"
+                   (number->string
+                    (or (uri-port uri)
+                        (match (uri-scheme uri)
+                          ('http 80)
+                          ('https 443))))))
+  (format port "CONNECT ~a HTTP/1.1\r\n" target)
+  (format port "Host: ~a\r\n\r\n" target)
+  (force-output port)
+  (read-response port))
+
 (define* (open-connection-for-uri uri
                                   #:key
                                   timeout
@@ -393,21 +407,20 @@ VERIFY-CERTIFICATE? is true, verify HTTPS server certificates."
   (define https?
     (eq? 'https (uri-scheme uri)))
 
+  (define https-proxy (let ((proxy (getenv "https_proxy")))
+                        (and (not (equal? proxy ""))
+                             proxy)))
+
   (let-syntax ((with-https-proxy
                 (syntax-rules ()
                   ((_ exp)
                    ;; For HTTPS URIs, honor 'https_proxy', not 'http_proxy'.
-                   ;; FIXME: Proxying is not supported for https.
                    (let ((thunk (lambda () exp)))
                      (if (and https?
                               (module-variable
                                (resolve-interface '(web client))
                                'current-http-proxy))
-                         (parameterize ((current-http-proxy #f))
-                           (when (and=> (getenv "https_proxy")
-                                        (negate string-null?))
-                             (format (current-error-port)
-                                     "warning: 'https_proxy' is ignored~%"))
+                         (parameterize ((current-http-proxy https-proxy))
                            (thunk))
                          (thunk)))))))
     (with-https-proxy
@@ -415,6 +428,9 @@ VERIFY-CERTIFICATE? is true, verify HTTPS server certificates."
        ;; Buffer input and output on this port.
        (setvbuf s 'block %http-receive-buffer-size)
 
+       (when https-proxy
+         (setup-http-tunnel s uri))
+
        (if https?
            (tls-wrap s (uri-host uri)
                      #:verify-certificate? verify-certificate?)
-- 
2.19.2


--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable



Some problems and questions:

- It assumes =E2=80=98https_proxy=E2=80=99 is =E2=80=98http://PROXY-SERVER:=
PORT=E2=80=99, if the scheme
  part is missing, it fail.

- It fails some servers (eg: www.google.com) for me while curl works...

- I think this should go into guile=E2=80=99s =E2=80=98(web client)=E2=80=
=99 module?


--=-=-=--