Home_greyopenFATE - openSUSE feature tracking > #305914
Dashboard | Search | Sign up | Login

Please login or register to be able to edit or vote this feature.

PAC support for 'system wide proxy configuration'

Feature state

openSUSE Distribution
Unconfirmed
openSUSE-11.2
Rejected Information
openSUSE-11.4
Unconfirmed

Description

The distribution now contains libproxy and we should try to make as much use of it as possible.

A big advantage is the ability to parse PAC (Proxy AutoConfiguration) without the need for this to be implemented in every application. Simply linking against libproxy with it's very simple API (3 API calls, 2 without parameters) is enough to have the advantage of no longer needing to 'guess' what proxy to use.

Current situation:

  • You can set in yast / proxy a general proxy to be used (http://foo.proxy.com:1234 ). This is bascially put into http_proxy envvar.
In gnome you can set user proxy configuration as:
  • Use System Proxy (as configured in yast)
  • Use proxy configuration (static, same options as in yast)
  • Use automatic proxy configuration script
Yast lacks the option to specify a PAC script on system wide level. This is only possible in the user sessions configuration.
This made sense as most applications don't know how to handle pac files anyway. But with libroxy, this hurdle can be taken away from every single application and can thus be offered.
I'm glad to elaborate on questions; I'm sure there are some :-)

Discussion


icons/user_comment.png J. S. wrote: (8 years ago)

Dominique, I don't really understand what's needed on the YaST side (probably mostly because of the lack of my knowledge), could you, please, provide more informaiton on what you want to achieve (from the YaST point of view)? Is it just writing proxy information to another configuraiton file for libproxy?

icons/user_comment.png D. L. wrote: (8 years ago)

That might be one case, but not even needed, as libproxy reads the configurations from gnome/kde settings for example (current running env).

yast wouuld need the enhancement to allow to also set proxy autoconfiguration as source for proxy (at this time, you can only 'hard code' some proxy, http, https, ftp and socks. It's not possible to define wpad and pac.

Besides that, the 'underlying' tools, like wget, aria and the like, spawned by yast and that connect to the net, will need libproxy support. (for aria2c there is a enhancement request open already).

icons/user_comment.png J. S. wrote: (8 years ago)

OK, I understand what is needed for the underlying tools, but still don't get YaST. YaST Proxy module only sets the settings into sysconfig (just another storage for proxy information), it is task for the applications to either get proxy info from these variables or via libproxy, no matter how it gets it.

icons/user_comment.png D. L. wrote: (8 years ago)

so far correct, but let's have a look at the mask Yast2 / Proxy:

The settings available are:

> [ ] Enable Proxy

> HTTP Proxy URL

> HTTPS Proxy URL

> FTP Proxy URL

> [ ] Use the Same Proxy for All Protocols

> No Proxy Domains

> Proxy Authentication Username / Password

It is not possible in the current mask to define a PAC URL for the Proxy settings.(or WPAD:// for what it matters)

I hope this helps. Otherwise we can maybe discuss the matter on IRC?

icons/user_comment.png J. S. wrote: (8 years ago)

I understand, the question is: What shall YaST do with this information? Write it to sysconfig where almost nobody reads it?

icons/user_comment.png D. L. wrote: (8 years ago)

It should be written to sysconfig and with the same logic appear in envvar as normal.

The envvar for PAC scripts is formatted in this way:

http_proxy="pac+http://my.webserver.com/proxy.pac "

Optionally, it might not be wrong to also write it to the libproxy configuration file. But this is optional and might be to much 'enforced' as opposed to the envvar.

icons/user_comment.png C. T. wrote: (8 years ago)

Novell currently doesn't have the resources to implement something like this for openSUSE 11.2.

icons/user_comment.png M. R. wrote: (8 years ago)

Oh, this is really important, a lot of entrerprises use that proxy authentication mode, i have the same problem in my work, this feature is really important to adopt openSUSE in enterprises. Suse Enterprise Desktop have this option??

icons/user_comment.png D. L. wrote: (8 years ago)

Nothing like this to my knowledge yet. The best choice you have at the moment is setting the proxy properly in GNOME to use the pac script. But having gnome on 'system proxy' and having system proxy set appropriately would be cleaner solution.

FWIW: wget should get libproxy support soon.

icons/user_comment.png R. G. wrote: (2 years ago)

Well, it's been a while since the last post of this thread, but I think is really important for Yast to support PAC/WPAD authentication, it has been enforced yesterday here in my office (big corporation) and now I'm prevented to install/update packages using Yast

I've seen the options in KDE5 (I'm using openSUSE Leap 42.1), but it doesn't seem to work for Yast

icons/user_comment.png R. G. wrote: (2 years ago)

Actually, I volunteer for adding this functionality, given someone experienced can guide me through it. I'm a skilled Python programmer, and I think this is a great opportunity to learn Ruby!

Cheers!

Last change: 2 years ago
Voting
Score: 4
  • Negative: 0
  • Neutral: 0
  • Positive: 4
Tags
Feature Export
Application-xmlXML   Text-x-logPlaintext   PrinterPrint