GNU bug report logs - #11788
url-http does not properly handle https over proxy

Previous Next

Package: emacs;

Reported by: Andreas Schwab <schwab <at> linux-m68k.org>

Date: Tue, 26 Jun 2012 10:25:02 UTC

Owned by: Magnus Henoch <mange <at> freemail.hu>

Severity: wishlist

Tags: fixed, patch

Merged with 10, 12636

Found in version 24.2.50

Fixed in version 26.1

Done: Lars Magne Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log


View this message in rfc822 format

From: Lars Magne Ingebrigtsen <larsi <at> gnus.org>
To: Tao Fang <fangtao0901 <at> gmail.com>
Cc: David Engster <deng <at> randomsample.de>, Eli Zaretskii <eliz <at> gnu.org>, schwab <at> linux-m68k.org, ivan <at> siamics.net, 11788 <at> debbugs.gnu.org
Subject: bug#11788: [babc40c4] still fails to implement HTTPS over HTTP proxy properly
Date: Sun, 20 Mar 2016 12:21:09 +0100
Tao Fang <fangtao0901 <at> gmail.com> writes:

> I've received notice email of the assignment/disclaimer process with the
> FSF yesterday, and currently it's complete, please check the file to see
> if it's all okay?

Your assignment is now on file...

> And I've re-format the previous attached patch file and maybe somebody
> could helping review, modify and apply it to the repo?

Looks basically good, but a few notes:

> -	    (let ((proc (url-open-stream host buf host port gateway-method)))
> +	    (let ((proc (url-open-stream host buf
> +                                         (if url-using-proxy (url-host url-using-proxy) host)
> +                                         (if url-using-proxy (url-port url-using-proxy) port)
> +                                         gateway-method)))

Throughout the code, the lines seem to be too long.  They should
preferably not be more than 80 characters long (unless there's an
absolute need).

[...]

> +                (let ((tls-connection (gnutls-negotiate
> +                                       :process proc
> +                                       :hostname (url-host url-current-object)
> +                                       :verify-error nil)))

After negotiation, you should probably call `nsm-verify-connection'.

Uhm...  and that's it.  Oh, and a NEWS entry saying that url now
supports HTTPS proxies would be nice, and a ChangeLog style commit
message.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no




This bug report was last modified 8 years and 228 days ago.

Previous Next


GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.