Mailinglist Archive: opensuse-buildservice (193 mails)

< Previous Next >
Re: [opensuse-buildservice] Using osc behind a ssh tunnel
  • From: David Cournapeau <david@xxxxxxxxxxxxxxxxxxxxxx>
  • Date: Mon, 02 Apr 2007 16:52:42 +0900
  • Message-id: <4610B64A.6080802@xxxxxxxxxxxxxxxxxxxxxx>
Adrian Schröter wrote:
On Monday 02 April 2007 06:16:09 wrote David Cournapeau:
Hi there,

    Is there a way to use osc through a ssh tunnel ? The problem is that
my university's proxy configuration is causing all kind of problems (osc
connections hang up), and one way to avoid the proxy is to use a ssh
tunnel to one of the university's machine with direct access to the
    Basically, I would need to tell osc to connect to localhost at a
certain port, which would be redirected to through
the ssh tunnel. In the $HOME/.oscrc, there is a comment about changing to a different server, but without enough details to
make it work ?

Well, the api uses an https interface, but no ssh protocol.
The network configuration in my lab is a bit unusual: there is no DNS server, all connections are done through a proxy server. This is sometimes a pain, but has the nice side effect to trigger hidden bugs :) I already had some similar problems with bzr.

Normally, what I do is to create a ssh tunnel to the machine which has direct (eg no proxy) access to the internet. For example, with subversion, I do something like

ssh -NL ssh_server

and after that, I do things like svn ls http://localhost:8888. If I could do that with osc, this would avoid the proxy problem.

However, when you have no stable https connections to the outside the problem is a bit bigger imho. I would debug why this is and if either you can fix your network or we need to add something to handle some obscur secure network setups better ...
I looked a bit to see if I could solve the problem by myself: it looks like connections in osc are done with the urllib2 package, and there are some problems when using https proxy:

I know next to nothing about http/https protocols, so I am pretty stuck there.

The basic problem is: I have in my environment the https_proxy set to my https proxy, and if I try for example

osc co home:<login>

Then, it got stuck, doing nothing. If I cancel it with Ctrl+C, I get the following backtrace:

Traceback (most recent call last):
 File "../osc/", line 7, in ?
File "/usr/media/src/src/opensuse-bld/osc/osc/", line 1080, in main
File "/usr/media/src/src/opensuse-bld/osc/osc/", line 354, in checkout
   for package in meta_get_packagelist(project):
File "/usr/media/src/src/opensuse-bld/osc/osc/", line 721, in meta_get_packagelist
   f = urlopen(u)
File "/usr/media/src/src/opensuse-bld/osc/osc/", line 657, in urlopen
   fd = urllib2.urlopen(url, data=data)
 File "/usr/lib/python2.4/", line 130, in urlopen
   return, data)
 File "/usr/lib/python2.4/", line 364, in open
   response = meth(req, response)
 File "/usr/lib/python2.4/", line 471, in http_response
   response = self.parent.error(
 File "/usr/lib/python2.4/", line 396, in error
   result = self._call_chain(*args)
 File "/usr/lib/python2.4/", line 337, in _call_chain
   result = func(*args)
 File "/usr/lib/python2.4/", line 554, in http_error_302
 File "/usr/lib/python2.4/", line 358, in open
   response = self._open(req, data)
 File "/usr/lib/python2.4/", line 376, in _open
   '_open', req)
 File "/usr/lib/python2.4/", line 337, in _call_chain
   result = func(*args)
 File "/usr/lib/python2.4/", line 1029, in https_open
   return self.do_open(httplib.HTTPSConnection, req)
 File "/usr/lib/python2.4/", line 993, in do_open
   h.request(req.get_method(), req.get_selector(),, headers)
 File "/usr/lib/python2.4/", line 804, in request
   self._send_request(method, url, body, headers)
 File "/usr/lib/python2.4/", line 827, in _send_request
 File "/usr/lib/python2.4/", line 798, in endheaders
 File "/usr/lib/python2.4/", line 679, in _send_output
 File "/usr/lib/python2.4/", line 646, in send
 File "/usr/lib/python2.4/", line 1073, in connect
   ssl = socket.ssl(sock, self.key_file, self.cert_file)
 File "/usr/lib/python2.4/", line 74, in ssl
   return _realssl(sock, keyfile, certfile)

If anyone is willing to work on this bug, I can help testing it (I am already working with SVN version of osc),


To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups