curl under MinGW seems to not respect wildcard DNS names in "no_proxy" environment variable

Created on 21 Jul 2018  路  3Comments  路  Source: curl/curl

I did this

I've a set of environment variables HTTP_PROXY, HTTPS_PROXY and NO_PROXY set up on my machine. We have a corporate proxy/firewall that blocks direct access to Internet hosts.

Now, with this setup my Git Extensions stopped fetching from remotes from our own network, because proxy is configured to respond with 502 on attempts to connect to them

I've updated Git for Windows to version 2.18 and curl is now 7.60, so I can do this: 

$ curl -vvv https://[email protected]/scm/swif/swift_wms_components.git
* Uses proxy env variable no_proxy == '*.corporate.name,127.0.0.1,localhost,appserver.vagrant,192.168.*.*,192.168.99.100'
* Uses proxy env variable https_proxy == 'http://zscaler.proxy.corporate.name:80'
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 185.46.212.97...
* TCP_NODELAY set
* Connected to zscaler.proxy.corporate.name (------obfuscated-------) port 80 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to git.corporate.name:443
* Server auth using Basic with user 'user.lastname'
> CONNECT git.corporate.name:443 HTTP/1.1
> Host: git.corporate.name:443
> User-Agent: curl/7.60.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.0 502 Bad Gateway
< Server: Zscaler/5.6
< Content-Type: text/html
< Connection: close
<
* Received HTTP code 502 from proxy after CONNECT
* CONNECT phase completed!
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
* Closing connection 0
curl: (56) Received HTTP code 502 from proxy after CONNECT

I expected the following

I expected curl to respect *.corporate.name string in NO_PROXY environment variable.

Workaround

with export NO_PROXY=git.corporate.name curl does the right thing.

curl/libcurl version

curl 7.60.0 (x86_64-w64-mingw32) libcurl/7.60.0 OpenSSL/1.0.2o (WinSSL) zlib/1.2.11 libidn2/2.0.5 nghttp2/1.32.0
Release-Date: 2018-05-16
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile SSPI Kerberos SPNEGO NTLM SSL libz TLS-SRP HTTP2 HTTPS-proxy MultiSSL Metalink

operating system

Windows 10 x64

cmdline tool documentation help wanted
Source
picture 62mkv

All 3 comments

some say, that this is by design. May I suggest then to add at least some documentation for *_PROXY related variables available via curl --help ?

62mkv picture 62mkv on 21 Jul 2018

seems that adding .corporate.name (not *.corporate.name) does the trick (thx @ForNeVeR)

it's also documented in great details in #1208. which is closed but it feels like there's still room for improvement at least on the visibility side

62mkv picture 62mkv on 21 Jul 2018
👍1

Yeah, we should clearly make this easier to find. The NO_PROXY functionality seems to be best documented in this libcurl man page: https://curl.haxx.se/libcurl/c/CURLOPT_NOPROXY.html

bagder picture bagder on 21 Jul 2018
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Antony74 picture Antony74  路  6Comments
jidanni picture jidanni  路  3Comments
xquery picture xquery  路  5Comments
MarcelRaad picture MarcelRaad  路  5Comments
stephentoub picture stephentoub  路  6Comments