Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

http proxy environment variables not used #596

Open
ncsc-ie-devs opened this issue Nov 24, 2024 · 0 comments
Open

http proxy environment variables not used #596

ncsc-ie-devs opened this issue Nov 24, 2024 · 0 comments

Comments

@ncsc-ie-devs
Copy link

Description

The current implementation of csaf_downloader does not use proxy environment variables (HTTP_PROXY, HTTPS_PROXY, NO_PROXY) due to missing configuration in the HTTP client's Transport. This leads to issues when running the tool in environments that require proxy settings for network requests.

Steps to Reproduce

  1. Set up a network environment that requires proxy usage: 
    export HTTP_PROXY=http://proxy.example.com:8080
export HTTPS_PROXY=http://proxy.example.com:8080
  2. Run csaf_downloader to download from a URL that requires proxy access.
  3. Observe that the requests bypass the proxy and fail to connect.

Expected Behavior

The tool should use the proxy settings defined in the environment variables and route all HTTP and HTTPS traffic through the configured proxy.

Actual Behavior

The tool bypasses the proxy, causing connection failures in proxied environments.

Root Cause

The http.Client instances in the codebase are created with a custom http.Transport but do not include the Proxy field set to http.ProxyFromEnvironment. As a result, the proxy configuration from environment variables is ignored.

For example:

hClient.Transport = &http.Transport{
    TLSClientConfig: &tlsConfig,
}

The Proxy field is missing here, so no proxy is used for outgoing requests.

Proposed Solution

Update all instances of &http.Transport{...} in the codebase to include Proxy: http.ProxyFromEnvironment. This ensures that the proxy settings from the environment are respected.

Example updated code:

hClient.Transport = &http.Transport{
    TLSClientConfig: &tlsConfig,
    Proxy: http.ProxyFromEnvironment,
}

Impact

This issue affects users in corporate or secured environments that require proxy configurations to access external resources. Fixing it improves compatibility and ensures expected behavior.

Steps to Verify

  1. Apply the proposed fix.
  2. Run the tool with proxy environment variables set.
  3. Verify that traffic routes through the proxy.
  4. Set the NO_PROXY variable for specific domains and confirm they bypass the proxy.

Additional Context
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ncsc-ie-devs