https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c1 Christos Gourdoupis changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P4 - Low CC| |xgpub@tellas.gr --- Comment #1 from Christos Gourdoupis 2011-05-31 08:38:17 UTC --- Have you tried the 10.20.0.0/16 notation? I have also found out that zypper fails when I have a local repository at host.domain and set the environment: no_proxy="domain" and in the repo file: baseurl=ftp://host/openSUSE_11.4/update This shows some weakness in how zypper/aria parses and resolves addresses. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c3 Christos Gourdoupis changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P4 - Low |P3 - Medium --- Comment #3 from Christos Gourdoupis 2011-08-04 13:15:05 UTC --- I just discovered the following things: 1. zypper seems to read the settings from /etc/sysconfig/proxy *directly* ! 2. In the above file NO_PROXY must *not* contain spaces. Just the comma-separated hosts/networks !!! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c5 --- Comment #5 from Christian Ehrlicher 2011-08-08 07:09:39 UTC --- Created an attachment (id=444624) --> (http://bugzilla.novell.com/attachment.cgi?id=444624) Testcase for libproxy -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c7 Christian Ehrlicher changed: What |Removed |Added ---------------------------------------------------------------------------- Platform|x86-64 |All OS/Version|SuSE Other |openSUSE 11.4 --- Comment #7 from Christian Ehrlicher 2011-08-08 07:22:01 UTC --- Ok, I managed to get a google mail account :) --> http://code.google.com/p/libproxy/issues/detail?id=166 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c9 Christian Ehrlicher changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|kleinrob@mpip-mainz.mpg.de | --- Comment #9 from Christian Ehrlicher 2011-08-09 05:45:10 UTC --- It works fine for me. Maybe someone else can test it as well so there's a second estimation... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c11 --- Comment #11 from Dominique Leuenberger 2011-08-11 13:15:33 UTC --- (In reply to comment #10)

I can verify too, that the issue with spaces has been fixed.

Thanks for checking

However there are still problems with specifying entire networks. e.g. 192.168.0.0/16 does not work. This is supposed to work. What does 'proxy' (from the package libproxy-tools) give as result? (start it with _PX_DEBUG=1 _MM_DEBUG=1 proxy http://192.168.15.1/ )

Domains only work when there is an initial dot, like: .example.com This is correct. There is no other way in identifying otherwise if a host or a domain is meant. (The example in yast, regarding the settings for the proxy fields, has the leading dot as well)

I would like to know if firefox uses libproxy to, when it is configured to "Use system proxy settings". Yes, it does (at least the openSUSE packaged version. The upstream downloaded one does not)

Also Yast creates a file /root/.curlrc with a single entry like this: Wrong behavior IMHO. curl should use libproxy.

# Changed by YaST2 module proxy 04/08/2011 --proxy "http://localhost:8080"

How does that affect zypper? Does it override the env variables? Why not a --noproxy parameter? That depends on the backend used by zypper to download packages I'm afraid (curl/aria). Up to the zypp-devels to clarify on that one.

-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c13 Christian Dengler changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW CC| |cdengler@novell.com InfoProvider|maintenance@opensuse.org | --- Comment #13 from Christian Dengler 2011-08-11 16:14:03 UTC --- running SwampID: 42563 Feel free to fix it together with the other bug. No special things needed for it. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c15 --- Comment #15 from Dominique Leuenberger 2011-08-12 11:25:50 UTC --- (In reply to comment #14)

# no_proxy='192.168.0.0/16' proxy 192.168.1.100 direct:// Correct

# no_proxy='192.168.0.0-192.168.255.255' proxy 192.168.1.100 direct:// This form of proxy ignore is currently not supported by libproxy, so I would rate the result as rather 'random'

http://code.google.com/p/libproxy/wiki/IgnorePatterns

# no_proxy='192.168.1.100' zypper ref -r update Repository 'update' is up to date. Specified repositories have been refreshed.

# no_proxy='192.168.0.0/16' zypper ref -r update Download (curl) error for 'ftp://192.168.1.100/openSUSE_11.4/update/repodata/repomd.xml': Error code: Unrecognized error Error message: Empty reply from server

that is actually not libproxy's fault then!

# no_proxy='192.168.0.0/16' curl -v ftp://192.168.1.100/openSUSE_11.4/update/repodata/repomd.xml * About to connect() to proxy localhost port 8080 (#0) * Trying ::1... Connection refused * Trying 127.0.0.1... connected * Connected to localhost (127.0.0.1) port 8080 (#0)

...

GET ftp://192.168.1.100/openSUSE_11.4/update/repodata/repomd.xml HTTP/1.1 User-Agent: curl/7.21.2 (x86_64-unknown-linux-gnu) libcurl/7.21.2 OpenSSL/1.0.0c zlib/1.2.5 libidn/1.15 libssh2/1.2.7 Host: 192.168.1.100:21 Accept: */* Proxy-Connection: Keep-Alive

... Then the proxy fails to complete the request. The same happens with no_proxy='192.168.0.0-192.168.255.255' It seems that curl does not understand networks in $no_proxy. I hope I am not getting annoying, but the update may not fix the reporter's problem.

Curl does not use libproxy to my knowledge (at least curl is no linked against libproxy) so apparently somewhen we were lead off track of the initial issue. ==> Seems zypp maintainer need to pick it up from here again then. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c17 Kenneth Ingham changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ingham@i-pi.com --- Comment #17 from Kenneth Ingham 2012-01-31 02:39:11 UTC --- I am coming from bug 684201, which has some overlap in the discussion to this bug. (I don't see how to link to it from this comment box) I can confirm this bug. openSUSE 12.1, 64-bit architecture and packages With the http_proxy environment variable defined, curl works for http://download.opensuse.org/repositories/KDE:/UpdatedApps/openSUSE_12.1/rep... zypper does not: # zypper refresh Download (curl) error for 'http://download.opensuse.org/repositories/KDE:/UpdatedApps/openSUSE_12.1/rep...': Error code: Connection failed Error message: Failed to connect to 2001:67c:2178:8::13: Network is unreachable Abort, retry, ignore? [a/r/i/?] (a): a # nslookup -query=aaaa download.opensuse.org Server: 198.152.7.12 Address: 198.152.7.12#53 Non-authoritative answer: download.opensuse.org has AAAA address 2001:67c:2178:8::13 I have IPv6 disabled completely (no IPv6 addr on any network interface). I'm working at a different site right now (no proxy), so reproducing the problem to answer other questions will have to wait until Thursday. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c19 Robert Thomas changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ByteEnable@gmail.com --- Comment #19 from Robert Thomas 2012-02-10 22:16:14 UTC --- I have the same error from behind a corporate firewall. It all of sudden happened after an update in December. su - # _PX_DEBUG=1 proxy If 'proxy' is not a typo you can use command-not-found to lookup the package that contains it, like this: cnf proxy #zypper update Download (curl) error for 'http://download.opensuse.org/distribution/12.1/repo/non-oss/media.1/media': Error code: Connection failed Error message: Failed to connect to 2001:67c:2178:8::13: Network is unreachable Abort, retry, ignore? [a/r/i/?] (a): If I do it manually: #curl http://download.opensuse.org/distribution/12.1/repo/non-oss/media.1/media openSUSE 20111105115454 1 # It works just fine. All other apps have no issue with proxy, only zypper. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c21 Michael Andres changed: What |Removed |Added ---------------------------------------------------------------------------- InfoProvider|kleinrob@mpip-mainz.mpg.de |ByteEnable@gmail.com --- Comment #21 from Michael Andres 2012-02-14 15:05:34 CET --- (In reply to comment #19)

# _PX_DEBUG=1 proxy If 'proxy' is not a typo you can use command-not-found to lookup the package

It's in package libproxy-tools Trying to sum it up:

It works just fine. All other apps have no issue with proxy, only zypper.

- zypper needs to be started as root from a login shell (su -, or a text console). If any environment variable like $DESKTOP_SESSION $KDE_FULL_SESSION $GNOME_DESKTOP_SESSION_ID is set, libproxy may pick the wrong config module and not /etc/sysconfig/proxy. - Libproxy will NOT read the environment if zypper is running as root and /etc/sysconfig/proxy is present. So it is important, that /etc/sysconfig/proxy contains the correct settings. - libzypp version should be at least 10.3.3 (if proxy + authentication 10.3.6). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c23 Michael Andres changed: What |Removed |Added ---------------------------------------------------------------------------- InfoProvider|ByteEnable@gmail.com |maintenance@opensuse.org --- Comment #23 from Michael Andres 2012-03-13 13:03:03 CET --- We changed the way zypp uses libproxy. /etc/sysconfig/proxy should now be used if it exists, no matter if the shell is a login shell or not. Problems with evaluation of NO_PROXY setting were fixed in libproxy directly. NOTE: It is possible to specify proxy credentials directly in the URL in /etc/sysconfig/proxy instead of ~/.curlrc. But remember that special chars in /etc/sysconfig/proxy URLs need to be %-escaped (ans not by '\') -- Fixed in libzypp-8.13.4 for openSUSE-11.4 libzypp-9.11.10 for SLE11-SP2 libzypp-10.3.9 for openSUSE-12.1 Packages are submitted to obs. @maintenance: We may need SWAMPs for the libzypp update. For SLES11-SP2 we need to make sure the libproxy fixes we released (see Comment 16) are available on SLE as well. Bug #751533 indicates the we may have similar problems there. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c26 --- Comment #26 from Swamp Workflow Management 2012-06-05 16:08:38 UTC --- openSUSE-RU-2012:0696-1: An update that has 6 recommended fixes can now be installed. Category: recommended (moderate) Bug References: 679322,710269,716972,719690,740764,749418 CVE References: Sources used: openSUSE 11.4 (src): libqdialogsolver1-1.3.0-11.2, libsatsolver-0.16.3-28.1, libzypp-8.13.5-15.1, libzypp-bindings-0.5.9-9.1, libzypp-testsuite-tools-4.2.11-9.1, zypper-1.5.9-12.1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c28 Swamp Workflow Management changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:released:11.4:42607 |maint:released:11.4:42607 |maint:running:46449:low |maint:running:46449:low | |maint:released:sle11-sp2:47 | |764 --- Comment #28 from Swamp Workflow Management 2012-07-04 01:00:16 UTC --- Update released for: libzypp, libzypp-debuginfo, libzypp-debugsource, libzypp-devel, zypper, zypper-debuginfo, zypper-debugsource, zypper-log Products: SLE-DEBUGINFO 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11-SP2 (i386, x86_64) SLE-SDK 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLE-SERVER 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP2 (i386, x86_64) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.