Use https config on https proxies for http servers

The settings used for unwrapping TLS connections depend on the access and hostname we connect to more than what we eventually unwrap. The bugreport mentions CaInfo, but all other https-settings should also apply (regardless of generic or hostname specific) to an https proxy, even if the connection we proxy through it is http-only. Closes: #990555
author: David Kalnischkies <david@kalnischkies.de> 2021-09-13 00:54:38 +0200
committer: David Kalnischkies <david@kalnischkies.de> 2021-09-13 16:09:19 +0200
commit: 4e04cbafe7db326b52ee650a4f4ccc3444da6890 (patch)
tree: 8dd2e43cfa4f8a44ff8480b9ab456ced0dee3e81 /methods/http.cc
parent: 2b0369a5d1673d9e40f2af4db7677b040a26ee58 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/methods/http.cc b/methods/http.cc
index b6d754037..2a5ab2cd2 100644
--- a/methods/http.cc
+++ b/methods/http.cc
@@ -518,7 +518,9 @@ ResultState HttpServerState::Open()
 	 return result;
       if (Host == Proxy.Host && Proxy.Access == "https")
       {
-	 result = UnwrapTLS(Proxy.Host, ServerFd, TimeOut, Owner);
+	 aptConfigWrapperForMethods ProxyConf{std::vector<std::string>{"http", "https"}};
+	 ProxyConf.setPostfixForMethodNames(Proxy.Host.c_str());
+	 result = UnwrapTLS(Proxy.Host, ServerFd, TimeOut, Owner, &ProxyConf);
 	 if (result != ResultState::SUCCESSFUL)
 	    return result;
       }
@@ -531,7 +533,7 @@ ResultState HttpServerState::Open()
    }
 
    if (tls)
-      return UnwrapTLS(ServerName.Host, ServerFd, TimeOut, Owner);
+      return UnwrapTLS(ServerName.Host, ServerFd, TimeOut, Owner, Owner);
 
    return ResultState::SUCCESSFUL;
 }
author	David Kalnischkies <david@kalnischkies.de>	2021-09-13 00:54:38 +0200
committer	David Kalnischkies <david@kalnischkies.de>	2021-09-13 16:09:19 +0200
commit	4e04cbafe7db326b52ee650a4f4ccc3444da6890 (patch)
tree	8dd2e43cfa4f8a44ff8480b9ab456ced0dee3e81 /methods/http.cc
parent	2b0369a5d1673d9e40f2af4db7677b040a26ee58 (diff)