[Bug 679322] New: zypper doesn't respect some proxy settings, misunderstands others
https://bugzilla.novell.com/show_bug.cgi?id=679322 https://bugzilla.novell.com/show_bug.cgi?id=679322#c0 Summary: zypper doesn't respect some proxy settings, misunderstands others Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: x86-64 OS/Version: SuSE Other Status: NEW Severity: Normal Priority: P5 - None Component: libzypp AssignedTo: zypp-maintainers@forge.provo.novell.com ReportedBy: kleinrob@mpip-mainz.mpg.de QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Opera/9.80 (Windows NT 6.1; U; en) Presto/2.7.62 Version/11.01 When I add a repository: zypper ar -t rpm-md -n mpip ftp://10.20.70.16/repos/11.4/mpip mpip it gets added 'successfully', but I can't use the repository: zypper se xyzzy File '/content' not found on medium 'ftp://10.20.70.16/repos/11.4/oss' Abort, retry, ignore? [a/r/i/?] (a): i Error retrieving metadata for 'oss': File '/content' not found on medium 'ftp://10.20.70.16/repos/11.4/oss' Warning: Disabling repository 'oss' because of the above error. File '/repodata/repomd.xml' not found on medium 'ftp://10.20.70.16/repos/11.4/mpip' Abort, retry, ignore? [a/r/i/?] (a): Error building the cache: Can't provide /repodata/repomd.xml Warning: Disabling repository 'mpip' because of the above error. Loading repository data... Reading installed packages... No packages found. The warning message is also issued for repositories used during installation. I can use the repositories 'refreshed' during installation (suppressing the error messages by using the --no-refresh messages), but not the newly added repo (probably because it got never refreshed). This is not only a issue of my local repositories, but also occurs if I add, e.g. the nvidia repository (ftp://download.nvidia.com/opensuse/11.4/) I can access the repositories using both curl and wget. It seems to be a problem with the proxy settings, though the same settings work under openSUSE 11.2. - Proxy settings on openSUSE 11.4 #+begin_example :node pckr93 :os "openSUSE 11.4 (x86_64)" NO_PROXY=localhost, 127.0.0.1, .mpip-mainz.mpg.de, 10.20.0.0-10.20.255.255 http_proxy=http://theproxy.mpip-mainz.mpg.de:8080 https_proxy=http://theproxy.mpip-mainz.mpg.de:8080 no_proxy=localhost, 127.0.0.1, .mpip-mainz.mpg.de, 10.20.0.0-10.20.255.255 #+end_example - Proxy settings on openSUSE 11.2 #+begin_example :node pckr122 :os "openSUSE 11.2 (x86_64)" http_proxy=http://theproxy.mpip-mainz.mpg.de:8080 https_proxy=http://theproxy.mpip-mainz.mpg.de:8080 no_proxy=localhost, 127.0.0.1, .mpip-mainz.mpg.de, 10.20.0.0-10.20.255.255 #+end_example Setting the upper case NO_PROXY on 11.2 doesn't make any difference: on 11.2 everything works Ok. When I set no_proxy='10.20.70.16' on openSUSE 11.4, I can work with my local repositories on ftp. (So, this is a working solution for me, as I do only use repositories local to our site.) However, outside repositories still don't work: I have to unset http_proxy from the original 11.4 settings above to be able to use e.g. the nvidia repository via ftp. My temporary solution is to not set the proxies anymore on 11.4. Here are some log excerpts from 11.4 and 11.2: - excerpt from /var/log/zypper.log on openSUSE 11.4 #+begin_example :file /var/log/zypper.log :node pckr93 :os "openSUSE 11.4 (x86_64)" 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaSetAccess.cc(rewriteUrl):392 Rewriting url ftp://10.20.70.16/repos/11.4/mpip 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] MediaAccess.cc(open):118 Trying scheme 'ftp' 2011-03-11 19:06:40 <2> pckr93(13204) [zypp] MediaAccess.cc(open):161 unknown mediahandler set: 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] MediaCurl.cc(MediaCurl):423 MediaCurl::MediaCurl(ftp://10.20.70.16/repos/11.4/mpip, ) 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] MediaMultiCurl.cc(MediaMultiCurl):1150 MediaMultiCurl::MediaMultiCurl(ftp://10.20.70.16/repos/11.4/mpip, ) 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] MediaAccess.cc(open):234 Opened: ftp(ftp://10.20.70.16/repos/11.4/mpip not attached; localRoot "") 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaManager.cc(open):279 Opened new media access using id 9 to ftp://10.20.70.16/repos/11.4/mpip 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaSetAccess.cc(provide):203 Going to try to provide optional file /repodata/repomd.xml.asc from media number 1 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaManager.cc(attach):415 attach(id=9) 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaHandler.cc(createAttachPoint):393 Trying to create attach point in /var/adm/mount 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] PathInfo.cc(mkdir):315 mkdir /var/adm/mount/AP_0x00000001 00755 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] MediaHandler.cc(createAttachPoint):370 Created default attach point /var/adm/mount/AP_0x00000001 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaCurl.cc(setupEasy):562 Proxy: http://theproxy.mpip-mainz.mpg.de:8080 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaCurl.cc(setupEasy):608 Enabling HTTP authentication methods: digest,basic (CURLOPT_HTTPAUTH=3) 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] CurlConfig.cc(parseConfig):44 Going to parse /root/.curlrc 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] CurlConfig.cc(parseConfig):106 GOT: proxy 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] CurlConfig.cc(setParameter):178 Ignoring option proxy 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaCurl.cc(setupEasy):633 ~/.curlrc does not contain the proxy-user option 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] MediaCurl.cc(setupEasy):682 HEADER X-ZYpp-AnonymousId: 5b08d862-70ca-45f6-9056-0723041f5954 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] MediaCurl.cc(setupEasy):682 HEADER X-ZYpp-DistributionFlavor: ftp 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] MediaCurl.cc(setupEasy):682 HEADER Pragma: 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] MediaHandler.cc(attach):647 Attached: ftp://10.20.70.16/repos/11.4/mpip attached; localRoot "/var/adm/mount/AP_0x00000001" 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaManager.cc(checkDesired):109 checkDesired(9): desired (report by zypp::media::NoVerifier) 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaManager.cc(checkDesired):112 checkDesired(9): desired (cached) 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaManager.cc(checkDesired):112 checkDesired(9): desired (cached) 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] PathInfo.cc(assert_dir):357 mkdir /var/adm/mount/AP_0x00000001/repodata 00755 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaMultiCurl.cc(doGetFileCopy):1230 dest: /var/adm/mount/AP_0x00000001/repodata/repomd.xml.asc 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaMultiCurl.cc(doGetFileCopy):1231 temp: /var/adm/mount/AP_0x00000001/repodata/repomd.xml.asc.new.zypp.Ov8lLg 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaCurl.cc(doGetFileCopyFile):1309 /repodata/repomd.xml.asc 2011-03-11 19:06:40 <1> pckr93(13204) [zypp++] MediaCurl.cc(doGetFileCopyFile):1319 URL: ftp://10.20.70.16/repos/11.4/mpip/repodata/repomd.xml.asc 2011-03-11 19:06:40 <3> pckr93(13204) [zypp] MediaCurl.cc(doGetFileCopyFile):1362 curl error: 22: The requested URL returned error: 404, temp file size 0 bytes. 2011-03-11 19:06:40 <5> pckr93(13204) [zypp] Exception.cc(log):137 MediaCurl.cc(evaluateCurlCode):934 THROW: File '/repodata/repomd.xml.asc' not found on medium 'ftp://10.20.70.16/repos/11.4/mpip' 2011-03-11 19:06:40 <5> pckr93(13204) [zypp] Exception.cc(log):137 2011-03-11 19:06:40 <5> pckr93(13204) [zypp] Exception.cc(log):137 MediaCurl.cc(evaluateCurlCode):991 RETHROW: File '/repodata/repomd.xml.asc' not found on medium 'ftp://10.20.70.16/repos/11.4/mpip' 2011-03-11 19:06:40 <5> pckr93(13204) [zypp] Exception.cc(log):137 2011-03-11 19:06:40 <5> pckr93(13204) [zypp] Exception.cc(log):137 MediaCurl.cc(doGetFileCopyFile):1374 RETHROW: File '/repodata/repomd.xml.asc' not found on medium 'ftp://10.20.70.16/repos/11.4/mpip' 2011-03-11 19:06:40 <5> pckr93(13204) [zypp] Exception.cc(log):137 2011-03-11 19:06:40 <1> pckr93(13204) [zypp] PathInfo.cc(unlink):670 unlink /var/adm/mount/AP_0x00000001/repodata/repomd.xml.asc.new.zypp.Ov8lLg 2011-03-11 19:06:40 <5> pckr93(13204) [zypp] Exception.cc(log):137 MediaMultiCurl.cc(doGetFileCopy):1257 RETHROW: File '/repodata/repomd.xml.asc' not found on medium 'ftp://10.20.70.16/repos/11.4/mpip' #+end_example - excerpt from /var/log/zypper.log on openSUSE 11.2 #+begin_example :file /var/log/zypper.log :node pckr122 :os "openSUSE 11.2 (x86_64)" 2011-03-11 19:01:53 <1> pckr122(25770) [zypp] CurlConfig.cc(parseConfig):44 Going to parse /root/.curlrc 2011-03-11 19:01:53 <1> pckr122(25770) [zypp++] CurlConfig.cc(parseConfig):106 GOT: proxy 2011-03-11 19:01:53 <1> pckr122(25770) [zypp++] CurlConfig.cc(setParameter):178 Ignoring option proxy 2011-03-11 19:01:53 <1> pckr122(25770) [zypp++] MediaHandler.cc(createAttachPoint):393 Trying to create attach point in /var/adm/mount 2011-03-11 19:01:53 <1> pckr122(25770) [zypp] PathInfo.cc(mkdir):315 mkdir /var/adm/mount/AP_0x00000001 00755 2011-03-11 19:01:53 <1> pckr122(25770) [zypp] MediaHandler.cc(createAttachPoint):370 Created default attach point /var/adm/mount/AP_0x00000001 2011-03-11 19:01:53 <1> pckr122(25770) [zypp++] Sysconfig.cc(read):31 Load '/etc/sysconfig/proxy' 2011-03-11 19:01:53 <1> pckr122(25770) [zypp] Sysconfig.cc(read):71 done reading '/etc/sysconfig/proxy' 2011-03-11 19:01:53 <1> pckr122(25770) [zypp++] MediaCurl.cc(attachTo):523 Proxy: -none- 2011-03-11 19:01:53 <1> pckr122(25770) [zypp] MediaHandler.cc(attach):647 Attached: ftp://10.20.70.16/repos/11.2/update-20100610 attached; localRoot "/var/adm/mount/AP_0x00000001" #+end_example Reproducible: Always Steps to Reproduce: 1. Set http_proxy 2. Set no_proxy to something more than the repository host (e.g. netmask). 3. issue zypper refresh Actual Results: zyper can't connect to the repositories due to misinterpretation of the proxy settings. Expected Results: work. connect to the repository and successfully refresh them. I can use ftp both through the proxy or without it, that is, I can retrieve a file through the proxy when I set ftp_proxy and at the same time, when ftp_proxy is not set. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c1
Christos Gourdoupis
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c2
Christian Ehrlicher
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c3
Christos Gourdoupis
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c4
--- Comment #4 from Christian Ehrlicher
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c5
--- Comment #5 from Christian Ehrlicher
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c6
--- Comment #6 from Christian Ehrlicher
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c7
Christian Ehrlicher
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c8
Dominique Leuenberger
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c9
Christian Ehrlicher
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c10
--- Comment #10 from Christos Gourdoupis
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c11
--- Comment #11 from Dominique Leuenberger
I can verify too, that the issue with spaces has been fixed.
Thanks for checking
However there are still problems with specifying entire networks. e.g. 192.168.0.0/16 does not work. This is supposed to work. What does 'proxy' (from the package libproxy-tools) give as result? (start it with _PX_DEBUG=1 _MM_DEBUG=1 proxy http://192.168.15.1/ )
Domains only work when there is an initial dot, like: .example.com This is correct. There is no other way in identifying otherwise if a host or a domain is meant. (The example in yast, regarding the settings for the proxy fields, has the leading dot as well)
I would like to know if firefox uses libproxy to, when it is configured to "Use system proxy settings". Yes, it does (at least the openSUSE packaged version. The upstream downloaded one does not)
Also Yast creates a file /root/.curlrc with a single entry like this: Wrong behavior IMHO. curl should use libproxy.
# Changed by YaST2 module proxy 04/08/2011 --proxy "http://localhost:8080"
How does that affect zypper? Does it override the env variables? Why not a --noproxy parameter? That depends on the backend used by zypper to download packages I'm afraid (curl/aria). Up to the zypp-devels to clarify on that one.
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c12
Dominique Leuenberger
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c13
Christian Dengler
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c14
--- Comment #14 from Christos Gourdoupis
GET ftp://192.168.1.100/openSUSE_11.4/update/repodata/repomd.xml HTTP/1.1 User-Agent: curl/7.21.2 (x86_64-unknown-linux-gnu) libcurl/7.21.2 OpenSSL/1.0.0c zlib/1.2.5 libidn/1.15 libssh2/1.2.7 Host: 192.168.1.100:21 Accept: */* Proxy-Connection: Keep-Alive
.. Then the proxy fails to complete the request. The same happens with no_proxy='192.168.0.0-192.168.255.255' It seems that curl does not understand networks in $no_proxy. I hope I am not getting annoying, but the update may not fix the reporter's problem. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c15
--- Comment #15 from Dominique Leuenberger
# no_proxy='192.168.0.0/16' proxy 192.168.1.100 direct:// Correct
# no_proxy='192.168.0.0-192.168.255.255' proxy 192.168.1.100 direct:// This form of proxy ignore is currently not supported by libproxy, so I would rate the result as rather 'random'
http://code.google.com/p/libproxy/wiki/IgnorePatterns
# no_proxy='192.168.1.100' zypper ref -r update Repository 'update' is up to date. Specified repositories have been refreshed.
# no_proxy='192.168.0.0/16' zypper ref -r update Download (curl) error for 'ftp://192.168.1.100/openSUSE_11.4/update/repodata/repomd.xml': Error code: Unrecognized error Error message: Empty reply from server
that is actually not libproxy's fault then!
# no_proxy='192.168.0.0/16' curl -v ftp://192.168.1.100/openSUSE_11.4/update/repodata/repomd.xml * About to connect() to proxy localhost port 8080 (#0) * Trying ::1... Connection refused * Trying 127.0.0.1... connected * Connected to localhost (127.0.0.1) port 8080 (#0)
GET ftp://192.168.1.100/openSUSE_11.4/update/repodata/repomd.xml HTTP/1.1 User-Agent: curl/7.21.2 (x86_64-unknown-linux-gnu) libcurl/7.21.2 OpenSSL/1.0.0c zlib/1.2.5 libidn/1.15 libssh2/1.2.7 Host: 192.168.1.100:21 Accept: */* Proxy-Connection: Keep-Alive
... Then the proxy fails to complete the request. The same happens with no_proxy='192.168.0.0-192.168.255.255' It seems that curl does not understand networks in $no_proxy. I hope I am not getting annoying, but the update may not fix the reporter's problem.
Curl does not use libproxy to my knowledge (at least curl is no linked against libproxy) so apparently somewhen we were lead off track of the initial issue. ==> Seems zypp maintainer need to pick it up from here again then. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c16
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c17
Kenneth Ingham
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c18
Duncan Mac-Vicar
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c19
Robert Thomas
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c20
--- Comment #20 from Robert Thomas
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c21
Michael Andres
# _PX_DEBUG=1 proxy If 'proxy' is not a typo you can use command-not-found to lookup the package
It's in package libproxy-tools Trying to sum it up:
It works just fine. All other apps have no issue with proxy, only zypper.
- zypper needs to be started as root from a login shell (su -, or a text console). If any environment variable like $DESKTOP_SESSION $KDE_FULL_SESSION $GNOME_DESKTOP_SESSION_ID is set, libproxy may pick the wrong config module and not /etc/sysconfig/proxy. - Libproxy will NOT read the environment if zypper is running as root and /etc/sysconfig/proxy is present. So it is important, that /etc/sysconfig/proxy contains the correct settings. - libzypp version should be at least 10.3.3 (if proxy + authentication 10.3.6). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c22
Michael Andres
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c23
Michael Andres
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c25
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c26
--- Comment #26 from Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c27
--- Comment #27 from Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c28
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=679322
https://bugzilla.novell.com/show_bug.cgi?id=679322#c
Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com