Bug#1042378: apt ignores proxy configured in apt-conf if proxy is part of no_proxy env

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1042378: apt ignores proxy configured in apt-conf if proxy is part of no_proxy env
From: entver@nurfuerspam.de
Date: Thu, 27 Jul 2023 10:36:06 +0200
Message-id: <[🔎] trinity-4c046608-13c1-48be-81fb-abffb1bd2b60-1690446966504@3c-app-gmx-bap49>
Reply-to: entver@nurfuerspam.de, 1042378@bugs.debian.org

Package: apt
Version: 2.2.4
Severity: normal

Dear Maintainer,

   * What led up to the situation?

We have a special configuration in a separeted network. There are two
proxies, the "internal proxy" needed zu access the "internal repos" and an
"external proxy" to access "external repos".
The apt config looks like this:

Acquire::http::Proxy::repo.intern.domain.de "http://proxy.intern.domain.de:3142";;
Acquire::https:Proxy::repo.intern.domain.de "http://proxy.intern.domain.de:3142";;
Acquire::http::Proxy "http://IP-OF-PROXY-EXTERN:8080";;
Acquire::https::Proxy "http://IP-OF-PROXY-EXTERN:8080";;

To reach other external and internal services we have to provide
environment variables like this:

http_proxy="http://IP-OF-PROXY-EXTERN:8080";
https_proxy="http://IP-OF-PROXY-EXTERN:8080";
no_proxy="localhost,domain.de"

Now apt ignores the two first lines in its own configuration because the
internal repo is part of domain.de which is part of no_proxy. The internal repo
is not reachable anymore.

   * What exactly did you do (or not do) that was effective (or
     ineffective)?

Removing domain.de from no_proxy solves the problem for apt, which  can
now acces internal and external repos over the defined proxies. But other
services now fail because they try to reach their internal counterparts over the
external proxy.

   * What outcome did you expect instead?

I would expect that the apt own configuration gets priority over the
environment variable no_proxy.

Regards,
Matthias


-- System Information:
Debian Release: 11.7
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'), (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-23-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages apt depends on:
ii  adduser                 3.118
ii  debian-archive-keyring  2021.1.1+deb11u1
ii  gpgv                    2.2.27-2+deb11u2
ii  libapt-pkg6.0           2.2.4
ii  libc6                   2.31-13+deb11u6
ii  libgcc-s1               10.2.1-6
ii  libgnutls30             3.7.1-5+deb11u3
ii  libseccomp2             2.5.1-1+deb11u1
ii  libstdc++6              10.2.1-6
ii  libsystemd0             247.3-7+deb11u2

Versions of packages apt recommends:
ii  ca-certificates  20210119

Versions of packages apt suggests:
pn  apt-doc         <none>
ii  aptitude        0.8.13-3
pn  dpkg-dev        <none>
ii  gnupg           2.2.27-2+deb11u2
pn  powermgmt-base  <none>

-- no debconf information

Reply to:

Follow-Ups:
- Bug#1042378: marked as done (apt ignores proxy configured in apt-conf if proxy is part of no_proxy env)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Bug#1014517:
Next by Date: Bug#1042378: marked as done (apt ignores proxy configured in apt-conf if proxy is part of no_proxy env)
Previous by thread: Processed: Bug#1033909 marked as pending in apt
Next by thread: Bug#1042378: marked as done (apt ignores proxy configured in apt-conf if proxy is part of no_proxy env)
Index(es):
- Date
- Thread