Add manual proxy settings manager in network settings

[mpdmanash]

Add GUI based proxy manager in the Network section of 'My Settings' to
enable management of manual proxy servers.

The proxy settings are stored in /etc/profile.d/proxy.sh as exports to
environment variables and requires re-login to let the changes take effect.

/extensions/cpsection/network/set_proxy.py file writes the proxy settings,
while two polkit policy files org.sugar.proxy.policy and org.sugar.logout.policy
located at /usr/share/polkit-1/actions provide root permissions required
for file handling and logout command. These two polkit files are placed at
data/ directory of this repository.

[samdroid-apps]

Hi @ManashRaja, thanks for working on this, it looks like a very useful feature for schools that require proxies!! I am yet to review this in depth, but just a few quick comments:

1. This feature might require discussion with the community, including non-technical stakeholders. Does this have a feature page attached to it to help foster that discussion? Or just some screenshots?
2. What setup did you use to test this? I don't normally use a proxy to connect to the internet, is there an easy way I can set this up?
3. Polkit scripts should allow for 1 use and 1 use only. Some of the policies that you wrote seem a little vauge, and I could exploit them to gain root as an attacker. Eg, with the "org.sugar.proxy.policy", I can run "python evilscript.py" and run anything as root. Please look at how to lock these down, eg. making a helper script that only allows for good code to be run.
4. Please run flake8 against your code

Anyway, looks great. Hopefully we an work this up to inclusion in the next release!

[mpdmanash]

Hello @samdroid-apps,

1. I found a feature page for this https://wiki.sugarlabs.org/go/Features/Proxy_Settings which targeted release version 0.99. But, since this feature is unavailable in the latest releases of sugar, hence I wonder whether shall I port the 0.99 version to the present versions or go on with the modification of my implementation that I presented in this pr.
2. My college Internet goes though a proxy server and hence I tested it with the required settings. A very quick method to test if it works is to set any random proxy for http and https, and check if the settings are taken by echoing http_proxy and https_proxy environment variables, or by trying to access any webpage though the browser, which is expected to give "webpage not found" error.
3. I will look into the policykit implementation and modify it.
4. And will get back to you with flake8 verified code.

[mpdmanash]

Hello @samdroid-apps,
As mentioned, I have come up with a more secure implementation of polkit permission and have improved my code using flake8.

Thanks

[quozl]

Please also review godiard@ebfd1ed.

[quozl]

• gsettings called many times during startup is inefficient, consider src/jarabe/main.py,
• you are using your master branch, be careful,
• please collapse the commits and force push,
• add screenshots to pull request and/or Wiki.

[mpdmanash]

• There is no direct way to export environment variables through python and hence it seems like moving to src/jarabe/main.py will introduce redundant and extra script files. We can use the present /usr/bin/sugar and reduce the number of times gsettings is called by keeping the values at variables in cases where they are needed multiple times.
• Once the above implementation is decided, I will collapse the commits into one with a new message and screenshots.

[quozl]

• src/jarabe/main.py does already export environment variables.

[mpdmanash]

@quozl : Thanks for the suggestions to use /jarabe/main.py .

• I have collapsed the multiple commits into one.
• Used /jarabe/main.py to export the proxy settings to environment variables.
• The following is a screenshot of the modified Network Control Panel.
  

Can you help me figuring out why is the sugar.in included in this commit even if it is same with the sugarlabs/sugar repository?

[quozl]

Can you help me figuring out why is the sugar.in included in this commit even if it is same with the sugarlabs/sugar repository?

You changed tabs to spaces. You have an editor which does not show this properly. You might do this to fix;

git checkout origin/master bin/sugar.in

Then amend your commit and force push.

Medium term, before commit make sure you understand the "git diff" output fully, and revert any changes you don't want. I use Magit in Emacs, which shows me tiny changes that I can revert by keyboard shortcut.

Long term, use an editor that shows the difference between tabs and spaces. My preference is emacs with some custom Lisp code. The Emacs Wiki has an article on visible tabs. https://www.emacswiki.org/emacs/ShowWhiteSpace Also stackoverflow.com has several questions on the same issue. Do some research.

[quozl]

Here you erase the environment variables if the setting is set to none. I'm surprised. What if the system administrator has set a default proxy in /etc/profile.d or other scripts? The configuration would be lost.

[mpdmanash]

The final setting in the environment variable will be set by the script that runs last. I just tested setting the proxy at both /etc/environment file and a custom /etc/profile.d/proxy.sh file and I found that the file at /etc/profile.d is getting called after the execution of /jarabe/main.py. In fact the sequence seems to be /etc/environment => jarabe/main.py => profile.d/prosh.sh

Hence, it system administrator may set the proxy settings at /etc/profile.d

[quozl]

I disagree. I think you tested with Terminal activity, which is a new shell process, which therefore executes /etc/profile.d again. Test instead with an activity such as Browse, which is not a shell interpreter.

Besides what you say; /etc/environment may be the file a system administrator sets proxy, and if so your proposed code persists in losing the configuration.

Why do you want to lose the system-wide configuration?

[mpdmanash]

I tested with browser and found as you indicated that the proxy settings are as per the /jarabe/main.py. What do you suggest how a system administrator should be able to set default proxy?

[mpdmanash]

@quozl How do you expect the proxy settings be set in case of a system administrator settings default proxy settings?

[quozl]

@ManashRaja, in the systems I've administered for the past 30 years, there has been no clear standard for where and when to set environment variables. Some systems use shell initialisation files, all of which depend on which shell the user has selected using chsh. Some systems use graphical shell initialisation files, like .xsession or xinitrc. Some set the environment variable in the process that starts the shell, e.g. sshd, lightdm, getty; although this has tended to become unsupported so that environments are pristine and not inherited.

You will see in Firefox, Preferences, Advanced, Network; use system proxy settings. So perhaps you should have that as an option in the UI?

[mpdmanash]

Ya, so as you mentioned that a system administrator need to set up default proxy settings sometimes. Also that there haven't been a clear standard for the settings. I wonder after this feature is implemented, why would a system admin not set the proxy through the "Network" control panel itself rather than using any of his own script?

[quozl]

[07:03:03] <ManashRaja> Ya, so as you mentioned that a system
administrator need to set up default proxy settings sometimes. Also
that there haven't been a clear standard for the settings. I wonder
after this feature is implemented, why would a system admin not set
the proxy through the "Network" control panel itself rather than using
any of his own script?

[07:03:05] <Quozl`_> Your options seem to be either (a) remove the
erase of environment variables (elif == 'none'), or (b) add a new
option "use system settings", which is not reacted to by the
src/jarabe/main.py fragment

[07:03:28] <Quozl`_> Because in a shared system the system
administrator must not make decisions for all users unilaterally.

[07:03:52] <Quozl`_> While it is true that most computers are
personal, there still exist and will continue to exist many computers
with more than one user.

[07:04:18] <Quozl`_> And the decisions that users make include (a)
desktop choice, (b) proxy.

[07:04:54] <ManashRaja> Okay so there is something else reffered to as
"system settings" I have always used personal computer so the option
at firefox that says "system settings" meant the settings I set
through Network section itself

[07:05:12] <Quozl`_> Common scenario is LTSP thin client classrooms,
with big server.  Each desktop mounts a large NFS share for root
filesystem.

[07:05:22] <Quozl`_> Yes, good observation.

[07:05:40] <Quozl`_> ManashRaja: I guess you are familiar with only
one desktop environment and firefox?

[07:06:09] <ManashRaja> Quozl`_: ya, that's why I was confused about
this implementation

[07:06:33] <ManashRaja> Quozl`_: so I will add another section there
to set "system settings"

[07:07:08] <Quozl`_> ManashRaja: okay, great.  That will make Sugar
compatible with other packages that might be installed on a large
computer.

[07:09:02] <ManashRaja> Quozl`_: But then I want to know, where would
the system admin set the proxy settings? In files like
/etc/environment or /etc/profile.d . I guess than the jarabe/main.py
file doesn't need to export anything while "system settings" is
selected. The shared desktop will take the settings from where the sys
admin have stored and jarabe/main.py will not overwrite it

[07:11:38] <Quozl`_> ManashRaja: as I said, there are too many places
where a system administrator (or custom package) may set these
environment variables, so it is pointless to try to list them all;
what benefit would be achieved by such a list?  Yes, when "system
settings" is selected, Firefox does nothing to the values; or restores
it to the value it had at program start.

[07:12:55] <ManashRaja> Oh cool. fine then. So I would update the pr
keeping only one commit but with a new commit message to include this
option.

[07:14:06] <Quozl`_> Have fun!

[mpdmanash]

[03:25] <ManashRaja> Ya, so I am adding a new option "Use system proxy". To implement it, I was thinking of writing a custom schema. Because this option can't be accomodated in "org.gnome.system.proxy mode" as it only accepts "none", "manual", and "auto".
[03:47] <Quozl`_> ManashRaja: my guess is that "none" means not to set the environment variables.
[03:47] <Quozl`_> ... or "auto".  Have you found code that uses org.gnome.system.proxy to be able to check?
[03:50] <ManashRaja> "manual" and "auto' are types of settings. Then I think "none" is for no proxy settings at all and direct connection, where I beleive the proxy settings should be cleared and hence for adding the feature of letting user set system proxy, we may have another option "use system proxy"
[03:51] <Quozl`_> ManashRaja: have you found the GNOME equivalent code for using the setting?
[03:53] <ManashRaja> Quozl`_: I do have the one that uses the standard shema "org.gnome.system.proxy" as I implemented in my PR so far. But to add another option, I am thinking of creating a new custom schema "org.sugarlabs.systemproxy"
[03:54] <Quozl`_> ManashRaja: you mean "GNOME schema", not "standard".  GNOME isn't a standard, it's a desktop environment.
[03:54] <ManashRaja> for that I found /sugar/data/org.sugarlabs.gschema.xml where we can add custom schemas
[03:54] <Quozl`_> (and there are other desktop environments).
[03:57] <ManashRaja> Quozl`_: Oh, sorry for that. I used the gnome based schemas as they were used in https://github.com/godiard/sugar/commit/ebfd1ed0f941dca982b90d0d08efda7c2ae75a84 you sent to me to review
[03:58] <Quozl`_> ManashRaja: I've no idea why those were used, I was not part of the development.
[03:58] <ManashRaja> We might instead use sugarlabs based schemas instead "org.sugarlabs.system.proxy" which I guess will be more apt and good for customization as well as logical in terms of sugar as a desktop environment having its own schemas
[03:59] <Quozl`_> Yes, we can alsop make the options mean what we mean instead of being unable to explain what they mean.
[04:00] <ManashRaja> Quozl`_: Yes, customizability will be an advantage. So, I will create new schemas then by modifying /sugar/data/org.sugarlabs.gschema.xml file
[04:00] <Quozl`_> Ok.
[04:01] <ManashRaja> and sugar/data/sugar-schemas.convert file also.
[04:01] <ManashRaja> Cool

[mpdmanash]

@quozl The option has been included with custom schemas :)

[samdroid-apps]

Wouldn't it make sense to also have the authentication with https proxies?

Disclaimer: never used a proxy in my life.

[mpdmanash]

I wrote the settings on the basis of how it has been shown in archlinux [1]

export http_proxy="http://$pre$server:$port/" #$pre = "$username:$password@" used only for http
export https_proxy=$http_proxy
export ftp_proxy=$http_proxy
export rsync_proxy=$http_proxy
export HTTP_PROXY=$http_proxy
export HTTPS_PROXY=$http_proxy
export FTP_PROXY=$http_proxy
export RSYNC_PROXY=$http_proxy

And proxy setting implementation in Gnome [2]. The following are the settings available in Gnome that are related to proxy server.
org.gnome.system.proxy autoconfig-url ''
org.gnome.system.proxy ignore-hosts ['localhost', '127.0.0.0/8']
org.gnome.system.proxy mode 'none'
org.gnome.system.proxy use-same-proxy true
org.gnome.system.proxy.ftp host ''
org.gnome.system.proxy.ftp port 0
org.gnome.system.proxy.http authentication-password ''
org.gnome.system.proxy.http authentication-user ''
org.gnome.system.proxy.http enabled false
org.gnome.system.proxy.http host ''
org.gnome.system.proxy.http port 8080
org.gnome.system.proxy.http use-authentication false
org.gnome.system.proxy.https host ''
org.gnome.system.proxy.https port 0
org.gnome.system.proxy.socks host ''
org.gnome.system.proxy.socks port 0

So, I seems that authentication is required for only http_proxy.
Note: I do use proxy server which is http but does not require authentication.

[1] https://wiki.archlinux.org/index.php/proxy_settings
[2] https://developer.gnome.org/ProxyConfiguration/

[samdroid-apps]

You don't seem to do anything with the auto proxy settings in main.py, even though you do something with the manual proxy settings in main.py.

Have you tested auto proxy settings? What procedure can I use to test it too?

[samdroid-apps]

Also, how do I test? I did:

1. Select manual proxy
2. Put "not.sam.today" (bogus subdomain) in the HTTP proxy setting
3. Tick "use-authentication"
   2 Put a bogus username and password in
4. Apply and restarted as prompted

Expected: Browse could not go to http sites

Actual: Browse loaded http://example.com just fine

[mpdmanash]

@samdroid-apps ,
Thanks for the review.

• data/org.sugarlabs.gschema.xml wrong indentation: Fixed in latest commit
• src/jarabe/main.py: copy paste material converted to loop. Fixed in latest commit
• Auto proxy: The auto proxy setting is to store the location of a *.pac file. This file tells an application, what proxy configuration to use in order to access a particular url. Hence, I understand that the main.py file does not have to do anything as there seems to be no standard environment variable defined for it unlike "manual" proxy settings as seen at Archlinux [1]. By letting the user set auto proxy in the Network Settings is to allow the location of *.pac file to be stored in "org.sugarlabs.system.proxy autoconfig-url" schema as it is stored in "org.gnome.system.proxy autoconfig-url" in gnome. So that any application trying to access internet, (like browser) can query the schema and get the location of the file. Though to increase its accessibility, we can also store the location at "org.gnome.system.proxy autoconfig-url" for application trying to query gnome schemas.
  I believe for such type of proxy setting, an application has its own interface where you can set the url for the file. (Like "Automatic proxy configuration url:" in firefox). We just store the url at schemas if any application might want to use it. Please correct me if I am wrong because this is what I understand. For reference [2]
• Proxy test: I wonder why you were not getting the desired behavior out of the proxy settings. Have you opted for a restart after the settings were applied? Also if you have set http proxy alone, then the rules will be applied to only http sites not https. So try something like http://manashpratim.in/ instead of https://www.google.com/ . I followed the same procedure you did except that I need valid settings for my proxy server to get internet access.

[1] https://wiki.archlinux.org/index.php/proxy_settings
[2] http://ubuntuforums.org/showthread.php?t=1541428

[mpdmanash]

Shall I add ignore-hosts option? I almost forgot it as the option was not there in Ubuntu proxy setting page.

[mpdmanash]

@samdroid-apps I have added ignore hosts option so that user can define hosts for which proxy settings are not required. I added this option to 'manual' type proxy alone as in case of gnome Network Manager.
I tested the feature by adding www.google.com to the comma separated values in the Ignore hosts: field and get the desired behavior (Did not load as I need proxy for internet connection).

Here is the screen-shot of how it looks now:

So, with this, I guess all the work have been done and the feature is fully functional as it is in gnome desktop environment.
Please review it.

[mpdmanash]

Squashed multiple commits to one.

[quozl]

What is the risk of misconfiguration?

Many years ago, one of the reasons put for why this feature should not be merged is that it would be too easy for a very early learner to enter bad data into the fields and stop all internet work, and it would take a long time for a teacher or peer to identify the problem. What happens when garbage text or incorrect data is entered into the new control panel widgets?

[mpdmanash]

If garbage text or incorrect data is entered in the settings, then the internet connection will suffer. But, I don't think this feature will bring on serious risks as:

• While troubleshooting for any network error even though internet connection is present, then it is assumed that one would look for the settings in the "Network" section of the control panel to solve it out.
• The feature as is implemented by "jarabe.main" which is run last on boot, overrides all other proxy settings if present on other configuration files that might be hidden. Hence enabling or disabling the proxy at this menu will ensure the correct settings to be taken. In contrast "use system proxy" option can be opted if you don't want to override the settings. So, the menu will prove to be an easy and ultimate way to handle proxy settings and this exclusivity will make it on the top location to search for in case of troubleshooting.

Hence, my point is that, even though it might be easy for someone to mess with the settings as is the case with all settings, but still it would be very easy for a teacher or peer to identify the problem as they have to look at only one place which is the ultimate place that dictates proxy settings. :)

[samdroid-apps]

Can you ping the proxy before you set it? Eg, make the flow like:

1. User enters "hglbugrhgwtaiu" as http proxy
2. User clicks apply
3. Progress bar shows loading
4. Alert says, "the proxy is not accessable, setting the settings will break your internet connection" with the buttons [Reset] as default and [Break my internet] hidden somewhere in small text

[mpdmanash]

@quozl Browse does not report that the proxy is invalid. It shows the following error in any case when it is not able to access the internet. It does not even mention about troubleshooting the proxy settings.

[mpdmanash]

@samdroid-apps
Here is the draft implementation demo for the proxy verification:

Suggest edits please.
This feature can be more enhanced by:

• using inline alerts that displays which particular setting is invalid
• utilizing the top alert that shows restart option instead of a new alert in the proxy section. As far as I understand, it would involve editing the "jarabe/controlpanel/gui.py" file, hence I included an extra alert.

[davelab6]

When the dialog with the 'break my internet' button is shown, is it still possible to click the "restart now" or "later" buttons at the top?

[mpdmanash]

@davelab6 Yes, it is possible to click the buttons on the top as I am not able to figure out a way to hide them or disable the buttons.

The top alert bar is created by "jarabe/controlpanel/gui.py". I am not able to understand the inheritance and how the different classes (ControlPanel, SectionView, Newtork) are being set up and hence am not able to call the methods present in the above file from the "cpsections/network/view.py" file. What I find is that at present there isn't a framework to modify the flow of how alerts are displayed and methods are called to suit our needs other than the existing restart alert which we can only enable by calling "self.needs_restart = True" and can't disable afterwards.

At present we can only modify the alert title and msg.
But it would be great if we can also modify the buttons, their text and callback response to support custom extended features like presenting "break my internet" type options in the main alert itself.

[quozl]

@ManashRaja, thanks for the Browse screenshot; confirms that Browse does not explain the problem, and supports our need for checking the proxy settings in another way.

Yes, jarabe/controlpanel/gui.py is quite complex, but with a careful review you should be able to work out what is needed. Follow the control flow to see how a cpsection module is imported. It is unconventional, because we have the flexibility to add cpsection modules from outside Sugar. Examine other cpsection modules; I seem to recall there may be one that calls back into the gui.py class.

The double alert looks like it might be confusing. Other sections use a triangle icon to identify problems.

The + and - buttons on the port numbers are really not required; there's almost never a situation where a user will need to use them, and so they could be the cause of accidental misconfiguration.

[mpdmanash]

@quozl
I found the following is the flow of how a ControlPanel section is created.
buddymenu.py ==imports==> gui.py ===getattr==> network/view.py
and while fetching and calling view.py, it passes the following arguments:
self._section_view = view_class(model, self._options[option]['alerts'])
the model is a wrapper for network/model.py while self._options[option]['alerts'] are lists of additional alert names which do not include the main restart alert in question.(top one). Other cpsection modules use self._options[option]['alerts'] as a holder for custom inline-alert (small triangle alerts next to each setting feild) names and do not interact with the main restart alert.

Hence I can't find a way to actually modify the alert created by gui.py from view.py due to encapsulation without actually passing the instance of gui.py to view.py through the view_class call shown above. But this would require editing the gui.py file and all the view.py files in cpsection folder. Shall I edit them as I guess it might provide even more flexibility in future?

[quozl]

Thanks, nice summary.

Yes, include gui.py in your edits and let us see what you suggest.

See if you can make your changes to gui.py in a cautious and re-usable way that provides an API to section instance, rather than only expose data.

[mpdmanash]

@quozl , Thanks
So here are a few modifications:

• The + and - buttons from port gtk.spinbuttons have been removed by replacing it with gtk.entry
• Inline Alerts have been added to identify error in individual level of host setting
• As mentioned, I edited the gui.py with as much less modification as it seems possible to allow for the management of the restart top alert and now it can be hidden when not required. (demo below).
  But it requires to pass an extra argument for the instance to the Network class being called. Hence this will break modules other than Network (as I edited it) as those modules won't be expecting that extra argument.
  So please check the modifications at 1061ffe#diff-31e5dd3b4b74524fa7f048df8fbb99b2 . If we can continue then I will modify the other modules accordingly in a different PR.

[quozl]

You wrote:

it requires to pass an extra argument for the instance

You could make that an optional named argument? That way you will not need to change any of the other modules. Reference found in a hasty search; http://www.diveintopython.net/power_of_introspection/optional_arguments.html

[mpdmanash]

@quozl , no Sir,
optional arguments allow calling a function (say: myFunc(arg1, arg2)) by passing less arguments (2 in this case), while it can accept more arguments which are optional ( def myFunc(arg1, arg2, opt_arg1=1, opt_arg2=2): ).

But the function I am dealing with accepts lesser arguments than I am passing it.
For example say: myFunc(arg1, arg2, extra_arg1) while the function is defined as def myFunc(arg1, arg2):
So I just need to edit just one line in view.py files of all the module to make it accept one more argument.
Replace def __init__(self, model, alerts): with def __init__(self, model, alerts, caller_instance):

[quozl]

Well, I'm surprised, but you're right, I had things the wrong way around.

So you are proposing to add an argument to each class.

The reason this is bad is that we have external and third-party control panel sections, not just at OLPC, but also at deployments. You can't edit them. Breaking the API like this must be avoided, if we can. I'm looking for an alternative way to implement.

How about a new signal request-alert sent by the section view (self.emit), and a connect in ControlPanel.show_section_view to redirect to a callback method?

(Others will also reject this patch because you are using private variables in the ControlPanel class from outside the class. Private variables have an underscore (_) prefix.)

[quozl]

Please take over the feature page; https://wiki.sugarlabs.org/go/Features/Proxy_Settings ... it hasn't changed from 2013. Delete any old information.

[mpdmanash]

Oh cool. 👍 I will try the signal and callback method and report back.
And will edit the feature page. What should go in the current status section? also I guess there is no target version as of now right?

[quozl]

Sorry, I don't know the process for inclusion in next release, but it looks like you just add a link to the feature page in one of the next release subpages; https://wiki.sugarlabs.org/go/0.110/Feature_List

[mpdmanash]

Thanks. I am learning new things everyday and is so exciting. :)
So, instance and extra argument related matter is completely removed. GObject signals have been used to achieve the same as in the previous gif.

• request-restart-alert : displays the alert
• set-toolbar-display : which accepts a GObject.TYPE_BOOLEAN sets the sensitivity of the toolbar buttons

[quozl]

Quick review:

• signal callbacks in gui.py should always end in _cb,
• request-restart-alert might be add-alert,
• set-toolbar-display might be set-toolbar-sensitive,

More review later.

[mpdmanash]

Edits done. Will squash all commits to one after final review and edit.

[mpdmanash]

Updated feature page. https://wiki.sugarlabs.org/go/Features/Proxy_Settings
Please check.

[samdroid-apps]

can we remove it if it is not used?

[jvonau]

use-same-proxy is a short way of saying use the same proxy for all other
protocals like https ftp and should auto populate the remaining proxy boxes
for those services.

On Sun, May 8, 2016 at 5:37 AM, Sam notifications@github.com wrote:

In data/org.sugarlabs.gschema.xml
#665 (comment):

•    <key name="ignore-hosts" type="as">
  

•        <default>[ 'localhost', '127.0.0.0/8', '::1' ]</default>
  

•        <summary>
  

  Non-proxy hosts

•        <description>
  

•        This key contains a list of hosts which are connected to directly,
  

•        rather than via the proxy (if it is active). The values can be
  

•        hostnames, domains (using an initial wildcard like *.foo.com), IP host
  

•        addresses (both IPv4 and IPv6) and network addresses with a netmask
  

•        (something like 192.168.0.0/24).
  

•        </description>
  

•    </key>
  

•    <key name="use-same-proxy" type="b">
  

•        <default>true</default>
  

•        <summary>
  

  Unused; ignore

•        <description>
  

•        This key is not used, and should not be read or modified.
  

can we remove it if it is not used?

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub
https://github.com/sugarlabs/sugar/pull/665/files/4bbac9afae7e02b854e02be492f163200a3f16b1#r62429966

[mpdmanash]

The "use-same-proxy" and "enabled" keys are not used now. But I left them, if it might be required in the future. Should I remove them?

[samdroid-apps]

We can always add new settings later. Please remove them now; they are a little confusing having unused settings.

[samdroid-apps]

This is amazing. I love how it warns me when I try to set invalid settings.

It's so close to me merging it. I just posted 2 small comments about the code.

Also, when I set the proxy to be empty, I feel like it should have no effect. Eg. I set the FTP proxy to "", I don't get warned about it being an invalid server and it doesn't export the FTP_proxy environment variable. Is that that is the behaviour that other systems use? (note, I know nothing about proxy settings, CC @quozl)

But once you fix those little things I will merge. It's magic and beautiful.

[mpdmanash]

Thanks @samdroid-apps ,

• I removed the unused gsetting keys
• Refactored the list part of 'main.py' to make it compact.
• Modified the behavior of alert so that if a user set blank "" host name to some type of proxy in manual settings, then it does not give you the alert. It might happen sometime that proxy settings are required for only some type like "http, https" instead of all. But error is shown when user leaves all the hostnames blank.

[samdroid-apps]

Looks great. I merged it.

It probably has some bugs. But we are so far away from a realease, that we can fix them between now and then (hopefully). I can make a testing release if anybody is interested? (CC Fedora people)