New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

curl under MinGW seems to not respect wildcard DNS names in "no_proxy" environment variable #2773

Closed
62mkv opened this Issue Jul 21, 2018 · 3 comments

Comments

Projects
None yet
2 participants
@62mkv

62mkv commented Jul 21, 2018

I did this

I've a set of environment variables HTTP_PROXY, HTTPS_PROXY and NO_PROXY set up on my machine. We have a corporate proxy/firewall that blocks direct access to Internet hosts.

Now, with this setup my Git Extensions stopped fetching from remotes from our own network, because proxy is configured to respond with 502 on attempts to connect to them

I've updated Git for Windows to version 2.18 and curl is now 7.60, so I can do this:

$ curl -vvv https://user.lastname@git.corporate.name/scm/swif/swift_wms_components.git
* Uses proxy env variable no_proxy == '*.corporate.name,127.0.0.1,localhost,appserver.vagrant,192.168.*.*,192.168.99.100'
* Uses proxy env variable https_proxy == 'http://zscaler.proxy.corporate.name:80'
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 185.46.212.97...
* TCP_NODELAY set
* Connected to zscaler.proxy.corporate.name (------obfuscated-------) port 80 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to git.corporate.name:443
* Server auth using Basic with user 'user.lastname'
> CONNECT git.corporate.name:443 HTTP/1.1
> Host: git.corporate.name:443
> User-Agent: curl/7.60.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.0 502 Bad Gateway
< Server: Zscaler/5.6
< Content-Type: text/html
< Connection: close
<
* Received HTTP code 502 from proxy after CONNECT
* CONNECT phase completed!
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
* Closing connection 0
curl: (56) Received HTTP code 502 from proxy after CONNECT

I expected the following

I expected curl to respect *.corporate.name string in NO_PROXY environment variable.

Workaround

with export NO_PROXY=git.corporate.name curl does the right thing.

curl/libcurl version

curl 7.60.0 (x86_64-w64-mingw32) libcurl/7.60.0 OpenSSL/1.0.2o (WinSSL) zlib/1.2.11 libidn2/2.0.5 nghttp2/1.32.0
Release-Date: 2018-05-16
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile SSPI Kerberos SPNEGO NTLM SSL libz TLS-SRP HTTP2 HTTPS-proxy MultiSSL Metalink

operating system

Windows 10 x64

@62mkv

This comment has been minimized.

Show comment
Hide comment
@62mkv

62mkv Jul 21, 2018

some say, that this is by design. May I suggest then to add at least some documentation for *_PROXY related variables available via curl --help ?

62mkv commented Jul 21, 2018

some say, that this is by design. May I suggest then to add at least some documentation for *_PROXY related variables available via curl --help ?

@62mkv

This comment has been minimized.

Show comment
Hide comment
@62mkv

62mkv Jul 21, 2018

seems that adding .corporate.name (not *.corporate.name) does the trick (thx @ForNeVeR)

it's also documented in great details in #1208. which is closed but it feels like there's still room for improvement at least on the visibility side

62mkv commented Jul 21, 2018

seems that adding .corporate.name (not *.corporate.name) does the trick (thx @ForNeVeR)

it's also documented in great details in #1208. which is closed but it feels like there's still room for improvement at least on the visibility side

@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder Jul 21, 2018

Member

Yeah, we should clearly make this easier to find. The NO_PROXY functionality seems to be best documented in this libcurl man page: https://curl.haxx.se/libcurl/c/CURLOPT_NOPROXY.html

Member

bagder commented Jul 21, 2018

Yeah, we should clearly make this easier to find. The NO_PROXY functionality seems to be best documented in this libcurl man page: https://curl.haxx.se/libcurl/c/CURLOPT_NOPROXY.html

@bagder bagder added the help wanted label Jul 24, 2018

bagder added a commit that referenced this issue Aug 24, 2018

docs: clarify NO_PROXY env variable functionality
Reported-by: Kirill Marchuk
Fixes #2773

@bagder bagder closed this in a7ba60b Aug 24, 2018

falconindy added a commit to falconindy/curl that referenced this issue Sep 10, 2018

docs: clarify NO_PROXY env variable functionality
Reported-by: Kirill Marchuk
Fixes #2773
Closes #2911
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment