APT, Proxy-Auto-Detect et proxy.pac ou wpad.dat

The option Acquire::http::Proxy-Auto-Detect already exists for some time. It was intended to be used with the package squid-deb-proxy-client which is a helper for the APT http method to discover proxies that publish their service as _apt_proxy._tcp. It was justed upgraded (version 1.0.8) and now add the URL as a paramater. It is now possible to discover a common proxy through a proxy.pac script.

My proposed solution uses the package libproxy-tools and is a shell script wrapper.

Packages to install

The following packages are needed:

  • libproxy-tools brings the proxy command.
  • libproxy1-plugin-mozjs or libproxy1-plugin-webkit to evaluate wpad.dat or proxy.pac files.
  • Optionally libproxy1-plugin-networkmanager, libproxy1-plugin-gsettings or libproxy1-plugin-kconfig to read proxy configuration from Network Manager, Gnome or KDE.

Configuring APT

Create a new file in /etc/apt/apt.conf.d/ (for example /etc/apt/apt.conf.d/02proxy):

Acquire::http::Proxy-Auto-Detect "/usr/local/bin/apt-autoproxy.sh";

It say to APT to launch the given script for earch domain during downloads.

Shell script wrapper

/usr/local/bin/apt-autoproxy.sh

1
2
3
4
     #!/bin/sh

     export http_proxy=wpad://
     echo "$*" | proxy | awk '{ print $1 }'
  • Line 2 is optional, it allows to force search of an automatic proxy for the root user when it does not have KDE or Gnome proxy setting (or plugins networkmanager, gsettings or kconfig are not installed).
  • Filtering with awk allows to provide one proxy to APT (indeed, several proxies may be returned by the proxy command (and proxy.pac files).
  • The wrapper can be tested with the following commands:
/usr/local/bin/apt-autoproxy.sh http://ftp.debian.org
sudo /usr/local/bin/apt-autoproxy.sh http://ftp.debian.org

These commands must return a string with no spaces like: http://proxy.example.com:3128 in the presence of a proxy or direct:// if none is usable for this URL.

Comments

Comments powered by Disqus