Skip to content

owut: add proxy support via env vars#63

Open
luizluca wants to merge 1 commit intoefahl:mainfrom
luizluca:proxy-env
Open

owut: add proxy support via env vars#63
luizluca wants to merge 1 commit intoefahl:mainfrom
luizluca:proxy-env

Conversation

@luizluca
Copy link

@luizluca luizluca commented Mar 10, 2026

Fixes #54

@efahl
Copy link
Owner

efahl commented Mar 13, 2026

From the conversation on the issue, seems like you've got the bases covered here, so let's clean it up a bit. So, grab that info about the proxy -> server variants and make a table in the commit message, something like (I want sufficient info so that I can write the documentation section in the wiki, without having to dig around).

The proxy and server URLs can use different protocols, here's
what's expected to work.

  http_proxy -> http server - should work with all proxy servers
  https_proxy -> https server ...

Also, if you have precedent references for this implementation, like links to how curl or wget handle this, include those in the commit message, too.

@luizluca
owut: add proxy support via env vars
0dec814 
Support HTTP and HTTPS proxies by reading http_proxy and https_proxy
environment variables. Although owut uses HTTPS URLs by default (making
https_proxy the only used variable), the implementation supports both.

The implementation uses uclient's set_proxy_url() to handle tunneling,
allowing fetching firmware and lists through an HTTP proxy.

The following scenarios are covered:
- HTTP/HTTPS requests via an HTTP proxy.
- HTTP/HTTPS requests via an HTTPS proxy (requires a valid certificate
  for the proxy server).

Current limitations:
- Proxy authentication is not supported yet.
- The no_proxy environment variable is not supported.
- Cannot yet skip HTTPS proxy certificate validation nor define a custom
  one for the proxy connection itself.

Fixes efahl#54

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
@luizluca
Copy link
Author

luizluca commented Mar 13, 2026

From the conversation on the issue, seems like you've got the bases covered here, so let's clean it up a bit. So, grab that info about the proxy -> server variants and make a table in the commit message, something like (I want sufficient info so that I can write the documentation section in the wiki, without having to dig around).

There is no need for a table: all scenarios are fine. owut only uses https (but I forced it to test http as well) and both PROXY HTTP or HTTPS (I just tested it) should work, although PROXY HTTPS requires a valid certificate (or editing the code to not verify certs like I did in my tests). In the future, we could expose owut options to skip or set custom ca files, but it might not be forth it until we have support for basic authentication. I also added a note about it and I thing uclient ucode is also not ready for proxy auth yet.

Also, if you have precedent references for this implementation, like links to how curl or wget handle this, include those in the commit message, too.

We are limited by what uclient offers. I added a note that noproxy is not considered (just like uclient) but it is already over that uclient handles.

I dropped the use of HTTPS?_PROXY env vars as it is only used in legacy situations and we does not need to add it in something new.

I also renamed "proxy_url" to just "proxy" as it set_proxy_url might confuse someone reading the code. I'm not sure set_proxy_url() is very intuitive for what it does. "proxy_url" for uclient is "the URL I'll ask the proxy to access" and not "The URL to access the proxy".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Cannot use an https_proxy

2 participants

@luizluca @efahl