daemon_config: Detect proxy env var and use it if found #1348
Conversation
townsend2010
force-pushed
the
detect-and-use-proxy
branch
from
4681126 to
ad06387
Compare
This comment has been minimized.
This comment has been minimized.
Codecov Report
@@ Coverage Diff @@
## master #1348 +/- ##
==========================================
+ Coverage 73.16% 73.21% +0.05%
==========================================
Files 208 208
Lines 7531 7550 +19
==========================================
+ Hits 5510 5528 +18
- Misses 2021 2022 +1
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Thank you @townsend2010, proxy support will be crucial for a lot of people, so this is very useful. I have some questions and concerns though. Some of them inline, general ones here:
- Shouldn't multipass look at other variables affecting this, like
https_proxy,no_proxy, orall_proxy? - How do instances get to go through the proxy? Does that somehow happen transparently? Would the user have to set the proxy manually inside the instances, or should multipass be responsible for "forwarding" that configuration? I am not say multipass should do it, just raising the question.
- There is also
ftp_proxy, but that could only be needed by the instances, so that is ok if we don't forward anything.
- There is also
- do we have any local connections that could be inadvertently affected by application-level proxy?
src/network/url_downloader.cpp
Outdated
| { | ||
| if (!http_proxy.startsWith("http://")) | ||
| { | ||
| http_proxy.prepend("http://"); |
There was a problem hiding this comment.
SOCKS support can come later. If a system level SOCKS proxy is set, Qt will automatically pick it up anyways.
There was a problem hiding this comment.
My point is that passing http://socks://blah to Qt doesn't seem right, even if we don't have specific support for SOCKS. Perhaps this could be checked for a "://" sub-string instead. Otherwise, maybe it is preferable to require the protocol to be part of the env var.
There was a problem hiding this comment.
An env var defined as http_proxy=socks://blah is not a valid proxy and would break things regardless of how we are parsing this. This is for doing something like the following:
http_proxy=192.168.1.3:3128 and then adding http:// to the beginning of the IP address (or host name if it's given) so we can then pass a valid URL to QUrl.
There was a problem hiding this comment.
I am not sure I follow, http_proxy=socks5://something is normally correct, does Qt not like that?
There was a problem hiding this comment.
Ah, ok, I see what you mean. Sure, I should just check to make sure like you mentioned previously.
src/network/url_downloader.cpp
Outdated
| return reply->readAll(); | ||
| } | ||
|
|
||
| std::unique_ptr<QNetworkProxy> discover_http_proxy() |
There was a problem hiding this comment.
Wouldn't this unit deserve tests?
There was a problem hiding this comment.
I gave this quite a bit of thought and we would basically have to get into the business of mocking a proxy somehow. And that I don't think is worth the effort for something like this.
There was a problem hiding this comment.
I was thinking something much more superficial, like just checking whether or not the application had a QNetworkProxy proxy registered with the right url and data, depending on whether/how http_proxy was defined. No proxy mocking should be required for that (?)
There was a problem hiding this comment.
Ok, I added a unit test. Even after implementing the test, it still seems it's mainly testing QNetworkProxy, but it was easy enough to add, so it should be good.
|
Hey @ricab,
No, it's not necessary for Qt when setting a proxy. You're basically telling Qt the address, port, username, and password of a proxy, the protocol is not important for that.
This is not intended for instances at all. It's only for allowing
This is only for Qt network access. We don't use Qt for local connections. |
|
I will also add, this PR is very focused on addressing basically two things. First, this is the only way (besides popping up a window to ask for credentials) for Qt to add proxy authorization. Qt will not pick up credentials automatically via a system proxy, so the The second thing it addresses is when a user sets a local |
Based on review feedback, it makes more sense to put the proxy discovery into the DaemonConfig code.
This comment has been minimized.
This comment has been minimized.
|
Hi @townsend2010, thank you for the explanations.
Sure, it is not needed, but a user that sees multipass understanding one of those may expect it to react to the others too. For instance, if
OK, I was wondering if our proxy support would feel coherent without that. But yeah, I understand it is workable without that and any such addition can be separate.
Ack. |
Based on review feedback
This comment has been minimized.
This comment has been minimized.
townsend2010
changed the title
|
Snap build available: |
1348: daemon_config: Detect proxy env var and use it if found r=ricab a=townsend2010 Fixes #885 Co-authored-by: Chris Townsend <[email protected]>
Build failed |
|
Ugh bors r=ricab |
1348: daemon_config: Detect proxy env var and use it if found r=ricab a=townsend2010 Fixes #885 Co-authored-by: Chris Townsend <[email protected]>
Build succeeded |
Fixes #885
This was tricky to test. I had to create an Ubuntu VM using Hyper-V and then in the VM, install
squidand set it up. Then I would set thehttp_proxyenvironment variable before runningmultipassd.Also, after trying this and manually testing various failure scenarios, I have found the
URLDownloaderclass,CommonVMImageHostand its derived classes, and the daemon need some pretty major refactoring to better handle long running network operations like when a host is unreachable and to also better getting these issues back to the user.That said, this PR is only for getting the proxy values, but does nothing for failure scenarios. That will come with a follow up PR.