diff --git a/lib/libfetch/fetch.3 b/lib/libfetch/fetch.3 index cb37c08593d6..91cb2a224b3b 100644 --- a/lib/libfetch/fetch.3 +++ b/lib/libfetch/fetch.3 @@ -624,9 +624,12 @@ The document part is ignored. Only HTTP proxies are supported for HTTP requests. If no port number is specified, the default is 3128. .Pp -Note that this proxy will also be used for FTP documents, unless the +Note that this proxy will also be used for FTP and HTTPS documents, +unless the .Ev FTP_PROXY -variable is set. +and +.Ev HTTPS_PROXY +variables are set respectively. .It Ev http_proxy Same as .Ev HTTP_PROXY , @@ -650,6 +653,20 @@ Specifies the User-Agent string to use for HTTP requests. This can be useful when working with HTTP origin or proxy servers that differentiate between user agents. If defined but empty, no User-Agent header is sent. +.It Ev HTTPS_PROXY +URL of the proxy to use for HTTPS requests. +The document part is ignored. +Only HTTP proxies are supported for HTTPS requests. +If no port number is specified, the default is 3128. +.Pp +If this variable is set to an empty string, no proxy will be used for +HTTPS requests, even if the +.Ev HTTP_PROXY +variable is set. +.It Ev https_proxy +Same as +.Ev HTTPS_PROXY , +for compatibility. .It Ev NETRC Specifies a file to use instead of .Pa ~/.netrc @@ -847,6 +864,7 @@ examples of this are and FTP proxy support. .Pp There is no way to select a proxy at run-time other than setting the +.Ev HTTPS_PROXY , .Ev HTTP_PROXY or .Ev FTP_PROXY diff --git a/lib/libfetch/http.c b/lib/libfetch/http.c index 7f37b7d67197..6454766dfed6 100644 --- a/lib/libfetch/http.c +++ b/lib/libfetch/http.c @@ -1467,15 +1467,29 @@ http_get_proxy(struct url * url, const char *flags) return (NULL); if (fetch_no_proxy_match(url->host)) return (NULL); - if (((p = getenv("HTTP_PROXY")) || (p = getenv("http_proxy"))) && - *p && (purl = fetchParseURL(p))) { - if (!*purl->scheme) - strcpy(purl->scheme, SCHEME_HTTP); - if (!purl->port) - purl->port = fetch_default_proxy_port(purl->scheme); - if (strcmp(purl->scheme, SCHEME_HTTP) == 0) - return (purl); - fetchFreeURL(purl); + if (strcmp(url->scheme, SCHEME_HTTPS) == 0) { + if (((p = getenv("HTTPS_PROXY")) || (p = getenv("https_proxy")) || + (p = getenv("HTTP_PROXY")) || (p = getenv("http_proxy"))) && + *p && (purl = fetchParseURL(p))) { + if (!*purl->scheme) + strcpy(purl->scheme, SCHEME_HTTP); + if (!purl->port) + purl->port = fetch_default_proxy_port(purl->scheme); + if (strcmp(purl->scheme, SCHEME_HTTP) == 0) + return (purl); + fetchFreeURL(purl); + } + } else { + if (((p = getenv("HTTP_PROXY")) || (p = getenv("http_proxy"))) && + *p && (purl = fetchParseURL(p))) { + if (!*purl->scheme) + strcpy(purl->scheme, SCHEME_HTTP); + if (!purl->port) + purl->port = fetch_default_proxy_port(purl->scheme); + if (strcmp(purl->scheme, SCHEME_HTTP) == 0) + return (purl); + fetchFreeURL(purl); + } } return (NULL); }