From 1a76517470ebc2dd3f96e39ebe6f3706d6dd78da Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <jak@debian.org>
Date: Sat, 21 Oct 2017 15:44:43 +0200
Subject: Run Proxy-Auto-Detect script from main process

This avoids running the Proxy-Auto-Detect script inside the
untrusted (well, less trusted for now) sandbox. This will allow
us to restrict the http method from fork()ing or exec()ing via
seccomp.
---
 methods/basehttp.cc | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'methods/basehttp.cc')

diff --git a/methods/basehttp.cc b/methods/basehttp.cc
index 0eb617f89..59399c8bc 100644
--- a/methods/basehttp.cc
+++ b/methods/basehttp.cc
@@ -573,6 +573,13 @@ int BaseHttpMethod::Loop()
       // Connect to the server
       if (Server == 0 || Server->Comp(Queue->Uri) == false)
       {
+	 if (!Queue->Proxy().empty())
+	 {
+	    URI uri = Queue->Uri;
+	    std::cerr << "Setting "
+		      << "Acquire::" + uri.Access + "::proxy::" + uri.Host << " to " << Queue->Proxy() << std::endl;
+	    _config->Set("Acquire::" + uri.Access + "::proxy::" + uri.Host, Queue->Proxy());
+	 }
 	 Server = CreateServerState(Queue->Uri);
 	 setPostfixForMethodNames(::URI(Queue->Uri).Host.c_str());
 	 AllowRedirect = ConfigFindB("AllowRedirect", true);
-- 
cgit v1.2.3-70-g09d2