todo: update with proxy handling thoughts
This commit is contained in:
Dan Williams
55
TODO
55
TODO
@@ -248,3 +248,58 @@ association using WPS, since quite a few routers out there are broken, or
|
|||||||
because the user has no physical access to the router itself, but has been given
|
because the user has no physical access to the router itself, but has been given
|
||||||
as passphrase/PSK instead.
|
as passphrase/PSK instead.
|
||||||
|
|
||||||
|
|
||||||
|
* Proxies
|
||||||
|
|
||||||
|
HTTP and other proxies are per-connection configuration. It's highly unlikely
|
||||||
|
that the same proxy you need to use at work is used at home or in a coffee shop.
|
||||||
|
Thus, it makes sense that which proxy settings to use should be updated when
|
||||||
|
network connections change. NetworkManager is a perfect place to do this since
|
||||||
|
it tracks which network connections are active, and it already queries the
|
||||||
|
network for automatic proxy configuration via DHCP and WPAD.
|
||||||
|
|
||||||
|
We should add a new NMSetting subclass called NMSettingProxy that holds
|
||||||
|
necessary proxy configuration. The properties of this setting should be a
|
||||||
|
superset of what is provided in the Firefox proxy configuration screen and the
|
||||||
|
various desktop environment proxy configuration tools like the GNOME Network
|
||||||
|
Proxy control panel; this should include at a minimum:
|
||||||
|
|
||||||
|
method: "auto", "manual", "none"
|
||||||
|
default-proxy: string
|
||||||
|
default-proxy-port: uint
|
||||||
|
default-always: boolean (use default proxy for all protocols)
|
||||||
|
ssl-proxy: string
|
||||||
|
ssl-proxy-port: uint
|
||||||
|
ftp-proxy: string
|
||||||
|
ftp-proxy-port: uint
|
||||||
|
socks-proxy: string
|
||||||
|
socks-proxy-port: uint
|
||||||
|
socks-version: uint, either 4 or 5
|
||||||
|
no-proxy-for: array of strings (things not to use the proxy for, ie ".foobar.com",
|
||||||
|
"192.168.0.1/24", an IPv6 address, etc)
|
||||||
|
pac-url: string (URL of PAC file, overrides DHCP-provided WPAD value)
|
||||||
|
(FIXME: proxy authentication? do we need separate user/pass properties for
|
||||||
|
each protocol type? should NM handle proxy auth or should it be punted
|
||||||
|
to each application?)
|
||||||
|
|
||||||
|
After completing IP configuration but still during the NM_DEVICE_STATE_IP_CONFIG
|
||||||
|
activation stage, NetworkManager would merge the automatically supplied proxy
|
||||||
|
configuration (from DHCP's WPAD option) with user-provided overrides from the
|
||||||
|
NMSettingProxy and send the results to the system. The 'default' connection's
|
||||||
|
proxy configuration would be preferred, so we'd have to update proxy
|
||||||
|
configuration from nm-policy.c the same time we update DNS information and the
|
||||||
|
default route.
|
||||||
|
|
||||||
|
The merged proxy configuration would then be sent to the system. There is no
|
||||||
|
canonical proxy daemon in-use, so we should have plugins (if not separate
|
||||||
|
shared libraries, then certainly encapsulated source files that implement a
|
||||||
|
common glib GInterface or are subclasses of eg a parent NMProxyHandler class)
|
||||||
|
that handle different system proxy handlers. Some of the proxy handlers are:
|
||||||
|
|
||||||
|
libproxy: need to figure out how it gets proxy info and have NM write merged
|
||||||
|
proxy config out to that location
|
||||||
|
pacrunner: a D-Bus enabled daemon, NM would call D-Bus methods of the
|
||||||
|
pacrunner service with the proxy information
|
||||||
|
GNOME/KDE: how do these desktop environments retrieve proxy configuration?
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user