From 4e04cbafe7db326b52ee650a4f4ccc3444da6890 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Mon, 13 Sep 2021 00:54:38 +0200 Subject: Use https config on https proxies for http servers The settings used for unwrapping TLS connections depend on the access and hostname we connect to more than what we eventually unwrap. The bugreport mentions CaInfo, but all other https-settings should also apply (regardless of generic or hostname specific) to an https proxy, even if the connection we proxy through it is http-only. Closes: #990555 --- .../test-bug-990555-https-proxy-for-http | 37 ++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100755 test/integration/test-bug-990555-https-proxy-for-http (limited to 'test/integration/test-bug-990555-https-proxy-for-http') diff --git a/test/integration/test-bug-990555-https-proxy-for-http b/test/integration/test-bug-990555-https-proxy-for-http new file mode 100755 index 000000000..f43abfd92 --- /dev/null +++ b/test/integration/test-bug-990555-https-proxy-for-http @@ -0,0 +1,37 @@ +#!/bin/sh +set -e + +TESTDIR="$(readlink -f "$(dirname "$0")")" +. "$TESTDIR/framework" +setupenvironment +configarchitecture 'amd64' + +buildsimplenativepackage 'unrelated' 'all' '1' 'unstable' + +setupaptarchive --no-update +changetowebserver --request-absolute='uri' +changetohttpswebserver --no-rewrite + +msgtest 'Check that non-absolute paths are' 'not accepted' +testfailure --nomsg aptget update --allow-insecure-repositories + +echo "Acquire::http::Proxy \"https://localhost:${APTHTTPSPORT}\";" > rootdir/etc/apt/apt.conf.d/99proxy + +msgtest 'Check that requests to https proxies' 'work from http' +testsuccess --nomsg aptget update + +testsuccessequal 'Reading package lists... +Building dependency tree... +The following NEW packages will be installed: + unrelated +0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. +Inst unrelated (1 unstable [all]) +Conf unrelated (1 unstable [all])' apt install unrelated -s + +testsuccess apt download unrelated --print-uris +testfailure grep 'https:' rootdir/tmp/testsuccess.output + +cd downloaded +testsuccess apt download unrelated +testsuccess test -s 'unrelated_1_all.deb' +cd .. -- cgit v1.2.3-70-g09d2