From patchwork Sun Nov 20 23:43:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brian Geffon X-Patchwork-Id: 2092 Return-Path: Delivered-To: patchwork@archlinux.org Received: from mail.archlinux.org [2a01:4f9:c010:3052::1] by patchwork.archlinux.org with IMAP (fetchmail-6.4.34) for (single-drop); Sun, 20 Nov 2022 23:43:40 +0000 (UTC) Received: from mail.archlinux.org by mail.archlinux.org with LMTP id WHmoEqy7emPgrAUAK+/4rw (envelope-from ) for ; Sun, 20 Nov 2022 23:43:40 +0000 Received: from lists.archlinux.org (lists.archlinux.org [95.217.236.249]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail.archlinux.org (Postfix) with ESMTPS id B26AF16E01A9; Sun, 20 Nov 2022 23:43:38 +0000 (UTC) Authentication-Results: mail.archlinux.org; dkim=none; dmarc=none; spf=pass (mail.archlinux.org: domain of pacman-dev-bounces@lists.archlinux.org designates 95.217.236.249 as permitted sender) smtp.mailfrom=pacman-dev-bounces@lists.archlinux.org Received: from lists.archlinux.org (localhost [IPv6:::1]) by lists.archlinux.org (Postfix) with ESMTP id 9FB3166A9AA; Sun, 20 Nov 2022 23:43:35 +0000 (UTC) Received: from mail-qk1-f178.google.com (mail-qk1-f178.google.com [209.85.222.178]) by lists.archlinux.org (Postfix) with ESMTPS id DC52366A99E for ; Sun, 20 Nov 2022 23:43:30 +0000 (UTC) Received: by mail-qk1-f178.google.com with SMTP id x21so7103884qkj.0 for ; Sun, 20 Nov 2022 15:43:30 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+BlzTO7/Xz0oQs9CJ0diraoRgaqANxyz4CdP70SzFms=; b=cWgJKJjjSWi3uOPulHxaHfDZnF9sRY7WzUZSctQI45qjGDgGD9AQs1+ISGa/zLEc8s 8ISNYLN0SE4b+mCGHH7ZYs9IhUjZPJvLAepDoGVEIgaZ6wG6hOaikt6RfVjSnuzpfgyh iJZ94rabZa0TplR3XpKfPMW7zpF95zTC17VHPjM7NA2vIU8CrjmznotkHCzh5EdZY3d3 X5MRam6LXs9JotmeQaHJBTN0T4DuevOQD3xDyGPoh8/JxkLZzg/uc3a5iLUeX/dRBGr+ I7Eno5G+2BvRYBr3ZDdPGYB9GIz1pL4VsG8r0w66nZ7Tmy4byu4Cm1B+aaUiliXPdLb4 4JwQ== X-Gm-Message-State: ANoB5plkMHnUgBy3mwfp6rgTu6N3Z798p76TdMR+WDkLvNbGzlsnhHGx /9ldUVm3QZK2tb5Leu22jqlU1wXbc4Q= X-Google-Smtp-Source: AA0mqf7OrK3+ZFOOXvB7zKHQ+dk/bqvx9X8HrXrWnJtn3cu9WSKNjb/xd6h678q0TKigRo518Obe5w== X-Received: by 2002:ae9:ed82:0:b0:6fa:1745:46b2 with SMTP id c124-20020ae9ed82000000b006fa174546b2mr14865710qkg.503.1668987809180; Sun, 20 Nov 2022 15:43:29 -0800 (PST) Received: from localhost.localdomain (pool-98-113-243-209.nycmny.fios.verizon.net. [98.113.243.209]) by smtp.gmail.com with ESMTPSA id w11-20020a05620a444b00b006fb72dbbaa4sm7164106qkp.27.2022.11.20.15.43.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 20 Nov 2022 15:43:28 -0800 (PST) From: Brian Geffon To: pacman-dev@lists.archlinux.org Subject: [PATCH] Add support for a Proxy directive Date: Sun, 20 Nov 2022 18:43:16 -0500 Message-Id: <20221120234316.13316-1-briang@apache.org> X-Mailer: git-send-email 2.38.0 MIME-Version: 1.0 Message-ID-Hash: PXZ3MSRTVUFAT6HJG3IORE4EOTMZEZ73 X-Message-ID-Hash: PXZ3MSRTVUFAT6HJG3IORE4EOTMZEZ73 X-MailFrom: briangeffon@gmail.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Brian Geffon X-Mailman-Version: 3.3.7 Precedence: list List-Id: Discussion list for pacman development Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: X-Rspamd-Server: mail.archlinux.org X-Rspamd-Queue-Id: B26AF16E01A9 X-Spamd-Result: default: False [0.79 / 15.00]; MID_CONTAINS_FROM(1.00)[]; R_MISSING_CHARSET(0.50)[]; R_SPF_ALLOW(-0.20)[+ip4:95.217.236.249:c]; RCVD_IN_DNSWL_MED(-0.20)[95.217.236.249:from]; MAILLIST(-0.20)[mailman]; MIME_GOOD(-0.10)[text/plain]; HAS_LIST_UNSUB(-0.01)[]; FROM_HAS_DN(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; RCVD_VIA_SMTP_AUTH(0.00)[]; DMARC_NA(0.00)[apache.org]; ARC_NA(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[pacman-dev@lists.archlinux.org]; FROM_NEQ_ENVFROM(0.00)[briang@apache.org,pacman-dev-bounces@lists.archlinux.org]; ASN(0.00)[asn:24940, ipnet:95.217.0.0/16, country:DE]; RCVD_IN_DNSWL_NONE(0.00)[209.85.222.178:received]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_SPAM(0.00)[0.510]; TO_DN_SOME(0.00)[]; MIME_TRACE(0.00)[0:+]; FORGED_RECIPIENTS_MAILLIST(0.00)[]; RCVD_TLS_LAST(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[98.113.243.209:received]; R_DKIM_NA(0.00)[]; FORGED_SENDER_MAILLIST(0.00)[] X-Rspamd-Action: no action Currently the only way to use a proxy is via XferCommand; however, when doing so there is no support for parallel downloads. This change introduces a new directive Proxy which supports whatever proxy protocols are supported by libcurl. Signed-off-by: Brian Geffon --- doc/pacman.conf.5.asciidoc | 7 +++++++ etc/pacman.conf.in | 5 +++++ lib/libalpm/alpm.h | 24 ++++++++++++++++++++++++ lib/libalpm/dload.c | 3 +++ lib/libalpm/handle.c | 22 ++++++++++++++++++++++ lib/libalpm/handle.h | 1 + scripts/completion/zsh_completion.in | 1 + src/pacman/conf.c | 10 ++++++++++ src/pacman/conf.h | 2 ++ src/pacman/pacman-conf.c | 4 +++- 10 files changed, 78 insertions(+), 1 deletion(-) diff --git a/doc/pacman.conf.5.asciidoc b/doc/pacman.conf.5.asciidoc index 41f3ea03..657264e1 100644 --- a/doc/pacman.conf.5.asciidoc +++ b/doc/pacman.conf.5.asciidoc @@ -132,6 +132,13 @@ Options HTTP/FTP support, or need the more advanced proxy support that comes with utilities like wget. +*Proxy =* https://host:port:: + If set, use this endpoint as the proxy for downloads. The currently + supported set of protocols are http, https, socks4, socks4a, socks5, + and socks5h. If no port is specified it defaults to 1080. This option + only applies when using the built in downloader. When using XferCommand + any proxy settings must be passed as command line arguments to the command. + *NoUpgrade =* file ...:: All files listed with a `NoUpgrade` directive will never be touched during a package install/upgrade, and the new files will be installed with a diff --git a/etc/pacman.conf.in b/etc/pacman.conf.in index 1799efc7..6b2ef8b9 100644 --- a/etc/pacman.conf.in +++ b/etc/pacman.conf.in @@ -21,6 +21,11 @@ HoldPkg = pacman glibc #CleanMethod = KeepInstalled Architecture = auto +# The Proxy directive only applies when not using an XferCommand. When using +# an XferCommand any proxy strings must be passed as arguments to the command. +#Proxy = socks5h://127.0.0.1:1080 +#Proxy = https://127.0.0.1:8080 + # Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup #IgnorePkg = #IgnoreGroup = diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index 07e16b9f..37dd414f 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -2166,6 +2166,30 @@ int alpm_option_set_dbext(alpm_handle_t *handle, const char *dbext); /* End of dbext accessors */ /** @} */ +/** @name Accessors for proxy server configuration + * + * This controls the proxy server that will be used for downloads. + * This may be necessary for computers that only have internet access + * via HTTP or Socks proxies. + * + * @{ + */ + +/** Gets the configured proxy. + * @param handle the context handle + * @return the configured proxy + */ +const char *alpm_option_get_proxy(alpm_handle_t *handle); + +/** Sets the proxy server. + * @param handle the context handle + * @param proxy the full proxy string to use. + * @return 0 on success, -1 on error (pm_errno is set accordingly) + */ +int alpm_option_set_proxy(alpm_handle_t *handle, const char *proxy); + +/* End of proxy accessors */ +/** @} */ /** @name Accessors for the signature levels * @{ diff --git a/lib/libalpm/dload.c b/lib/libalpm/dload.c index 4fa17b35..171a802c 100644 --- a/lib/libalpm/dload.c +++ b/lib/libalpm/dload.c @@ -340,6 +340,9 @@ static void curl_set_handle_opts(CURL *curl, struct dload_payload *payload) curl_easy_setopt(curl, CURLOPT_TCP_KEEPINTVL, 60L); curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY); curl_easy_setopt(curl, CURLOPT_PRIVATE, (void *)payload); + if (handle->proxy) { + curl_easy_setopt(curl, CURLOPT_PROXY, handle->proxy); + } _alpm_log(handle, ALPM_LOG_DEBUG, "%s: url is %s\n", payload->remote_name, payload->fileurl); diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index d1eafeda..e72627ea 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -73,6 +73,7 @@ void _alpm_handle_free(alpm_handle_t *handle) FREE(handle->root); FREE(handle->dbpath); FREE(handle->dbext); + FREE(handle->proxy); FREELIST(handle->cachedirs); FREELIST(handle->hookdirs); FREE(handle->logfile); @@ -330,6 +331,12 @@ const char SYMEXPORT *alpm_option_get_dbext(alpm_handle_t *handle) return handle->dbext; } +const char SYMEXPORT *alpm_option_get_proxy(alpm_handle_t *handle) +{ + CHECK_HANDLE(handle, return NULL); + return handle->proxy; +} + int SYMEXPORT alpm_option_get_parallel_downloads(alpm_handle_t *handle) { CHECK_HANDLE(handle, return -1); @@ -822,6 +829,21 @@ int SYMEXPORT alpm_option_set_dbext(alpm_handle_t *handle, const char *dbext) return 0; } +int SYMEXPORT alpm_option_set_proxy(alpm_handle_t *handle, const char *proxy) +{ + CHECK_HANDLE(handle, return -1); + ASSERT(proxy, RET_ERR(handle, ALPM_ERR_WRONG_ARGS, -1)); + + if(handle->proxy) { + FREE(handle->proxy); + } + + STRDUP(handle->proxy, proxy, RET_ERR(handle, ALPM_ERR_MEMORY, -1)); + + _alpm_log(handle, ALPM_LOG_DEBUG, "option 'proxy' = %s\n", handle->proxy); + return 0; +} + int SYMEXPORT alpm_option_set_default_siglevel(alpm_handle_t *handle, int level) { diff --git a/lib/libalpm/handle.h b/lib/libalpm/handle.h index 3a464689..32063ef9 100644 --- a/lib/libalpm/handle.h +++ b/lib/libalpm/handle.h @@ -107,6 +107,7 @@ struct _alpm_handle_t { int usesyslog; /* Use syslog instead of logfile? */ /* TODO move to frontend */ int checkspace; /* Check disk space before installing */ char *dbext; /* Sync DB extension */ + char *proxy; /* Proxy server to use */ int siglevel; /* Default signature verification level */ int localfilesiglevel; /* Signature verification level for local file upgrade operations */ diff --git a/scripts/completion/zsh_completion.in b/scripts/completion/zsh_completion.in index f65edeb2..69b19a18 100644 --- a/scripts/completion/zsh_completion.in +++ b/scripts/completion/zsh_completion.in @@ -516,6 +516,7 @@ _pacman_conf_general_directives=( 'DisableDownloadTimeout' 'NoProgressBar' 'ParallelDownloads' + 'Proxy' 'CleanMethod' 'SigLevel' 'LocalFileSigLevel' diff --git a/src/pacman/conf.c b/src/pacman/conf.c index f9edf75b..37691519 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -154,6 +154,7 @@ int config_free(config_t *oldconfig) free(oldconfig->rootdir); free(oldconfig->dbpath); free(oldconfig->logfile); + free(oldconfig->proxy); free(oldconfig->gpgdir); FREELIST(oldconfig->hookdirs); FREELIST(oldconfig->cachedirs); @@ -668,6 +669,11 @@ static int _parse_options(const char *key, char *value, config->logfile = strdup(value); pm_printf(ALPM_LOG_DEBUG, "config: logfile: %s\n", value); } + } else if(strcmp(key, "Proxy") == 0) { + if(!config->proxy) { + config->proxy = strdup(value); + pm_printf(ALPM_LOG_DEBUG, "config: proxy: %s\n", value); + } } else if(strcmp(key, "XferCommand") == 0) { char **c; if((config->xfercommand_argv = wordsplit(value)) == NULL) { @@ -901,6 +907,10 @@ static int setup_libalpm(void) pm_printf(ALPM_LOG_WARNING, _("no '%s' configured\n"), "XferCommand"); } + if (config->proxy) { + alpm_option_set_proxy(handle, config->proxy); + } + alpm_option_set_architectures(handle, config->architectures); alpm_option_set_checkspace(handle, config->checkspace); alpm_option_set_usesyslog(handle, config->usesyslog); diff --git a/src/pacman/conf.h b/src/pacman/conf.h index f7916ca9..c441cd80 100644 --- a/src/pacman/conf.h +++ b/src/pacman/conf.h @@ -115,6 +115,8 @@ typedef struct __config_t { unsigned short verbosepkglists; /* number of parallel download streams */ unsigned int parallel_downloads; + /* the proxy server to use */ + char *proxy; /* select -Sc behavior */ unsigned short cleanmethod; alpm_list_t *holdpkg; diff --git a/src/pacman/pacman-conf.c b/src/pacman/pacman-conf.c index a9d1f52b..baf3cebd 100644 --- a/src/pacman/pacman-conf.c +++ b/src/pacman/pacman-conf.c @@ -269,6 +269,7 @@ static void dump_config(void) show_bool("ILoveCandy", config->chomp); show_bool("NoProgressBar", config->noprogressbar); + show_str("Proxy", config->proxy); show_int("ParallelDownloads", config->parallel_downloads); show_cleanmethod("CleanMethod", config->cleanmethod); @@ -384,7 +385,8 @@ static int list_directives(void) } else if(strcasecmp(i->data, "ParallelDownloads") == 0) { show_int("ParallelDownloads", config->parallel_downloads); - + } else if(strcasecmp(i->data, "Proxy") == 0) { + show_str("Proxy", config->proxy); } else if(strcasecmp(i->data, "CleanMethod") == 0) { show_cleanmethod("CleanMethod", config->cleanmethod);