Description of problem: Trying to tell GNOME to use a proxy (via the network settings in the control centre) doesn't seem to have any effect. Version-Release number of selected component (if applicable): NetworkManager-0.8.997-4.git20110325.fc15.x86_64 How reproducible: This seems to be always reproducible when trying to set a SOCKS proxy to use. Setting other proxy types doesn't seem to work either, although I haven't tried those thoroughly. Steps to Reproduce (generic): 1. Click on the NetworkManager icon and click 'Network Settings'. 2. Go to the 'Network proxy' settings. 3. Set the proxy method to 'Manual'. 4. Type the hostname and port of your proxy in the appropriate field. 5. Start Pidgin (or Firefox/Thunderbird, set to 'Use system proxy settings' under advanced network preferences). Steps to Reproduce (more specific, assuming an SSH connection is available): 1. Start an SSH tunnel with 'ssh HOSTNAME -D 8080'. 2. Start Firefox. 3. Under Edit > Preferences > Advanced > Network, open the connection settings dialogue and select 'Manual proxy configuration'. 4. Set the 'SOCKS Host' to 'localhost', on port 8080. 5. Verify the connection through the SSH tunnel is working. 6. Set Firefox back to 'Use system proxy settings'. 7. Click on the NetworkManager icon and click 'Network Settings'. 8. Go to the 'Network proxy' settings. 9. Set the proxy method to 'Manual'. 10. Set the 'SOCKS Host' to 'localhost', on port 8080. 11. Start Pidgin (or Firefox/Thunderbird, set to 'Use system proxy settings' under advanced network preferences). Actual results: Applications try to connect without using a proxy. Expected results: Applications connect through the proxy specified in the network settings. Additional info: I'm filing this under NetworkManager, since as I understand it the network settings applet is part of NM 0.9, but I'm not really sure where the bug lies. Poking around the schema org.gnome.system.proxy with gsettings seems to indicate that the gsettings keys are being set correctly. Before NM 0.9 arrived on F15 I tried setting these keys manually with gsettings, with similar results - the keys were set but applications didn't seem to use them. It should also be noted that this worked fine with the GNOME Proxy preferences on F14 (which seem to have been removed since).
-> control center
Firefox is still looking in gconf for system proxy settings, but gnome 3 stores them in dconf nowadays. Moving this to firefox.
This is actually a XULRunner issue. Jan, you looked at the other gsettings patch, so can you take a look at this too? Would like to get it in for F15, if possible. The relevant XR file is toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp and the gsettings exist in "org.gnome.system.proxy" and below.
Should I file separate bugs against Pidgin and Thunderbird as well?
(In reply to comment #4) > Should I file separate bugs against Pidgin and Thunderbird as well? Yes, please. Let me know the number of new bugs please.
I've filed two bugs against Pidgin (bug 694819) and Thunderbird (bug 694821). I'm not sure if any of the other applications I use are affected, but I'll file more bugs if I run into any issues.
I confirm Firefox is affected in Fedora 15 beta release.
*** Bug 700370 has been marked as a duplicate of this bug. ***
I confirm Empathy, Firefox, PidGin, Gnome-Terminal are affected in Fedora 15 beta release.
This is still a problem in F15 final, it seems. A major problem for the affected.
Shouldn't this be considered a security vulnerability? As it stands, if you set a SOCKS proxy in gnome 3's network settings, applications such as Firefox will silently fail to use it. You may think that you're going through your secure tunnel while you're surfing completely unencrypted.
And where is the input box for "no proxy for hosts:" ?
I had configured the Network Manager Proxy to use the yum and not worked. I verified the configuration and I repaired that terminal receives this configuration: declare -x all_proxy="socks://proxylx.acs.com.br:8080/" declare -x ftp_proxy="http://proxylx.acs.com.br:8080/" declare -x https_proxy="http://proxylx.acs.com.br:8080/" declare -x no_proxy="localhost,127.0.0.0/8" When I configured the terminal with configuration traditional setting HTTP_PROXY and FTP_PROXY, it's ok. When I set the parameter in the file yum.conf proxy = @ http://user:password proxy.com.br:8080, operates normally.
(In reply to comment #11) > Shouldn't this be considered a security vulnerability? As it stands, if you set > a SOCKS proxy in gnome 3's network settings, applications such as Firefox will > silently fail to use it. You may think that you're going through your secure > tunnel while you're surfing completely unencrypted. I was thinking the same. I had to work in a country with limited freedom of speech some days ago, and I wanted to use tor + polipo for avoiding being traced while posting some political statements that could have been regarded as against the government. Fortunately I checked in Firefox before doing that, and it said that tor was not enabled; I changed the options by hand in Firefox. However, I am not sure something cannot be traced back to me if there were other applications not aware of the global proxy settings. That is bad, believe me. It might or might not be a security vulnerability, but it can have dire consequences nevertheless.
Firefox and some other applications fall back to using environment variables for proxy configuration. Running firefox like this in gnome-terminal works: $ http_proxy="http://host:port" https_proxy="https://host:port" firefox One possible solution would be to patch gnome-shell to start new applications with these environment variables set to current proxy settings. See also bug 699190.
I have the same issue in F16 Alpha, with any browser. I CAN set a https proxy, but not a http proxy.
In F16 Beta this is still not fixed. There is a similar issue with Google Chrome. I tried logging the traffic with Wireshark - the browsers generate NO requests and no traffic down the line, there is no TCP/IP connection established. Most probably the value received by the Firefox browser is not valid at all. I tried meddling with gconf-editor. I will log my settings.
[ashopov@ashopov-dev ~]$ gconftool-2 --dump /system/proxy ============================================================= <gconfentryfile> <entrylist base="/system/proxy"> <entry> <key>autoconfig_url</key> <schema_key>/schemas/system/proxy/autoconfig_url</schema_key> <value> <string></string> </value> </entry> <entry> <key>ftp_host</key> <schema_key>/schemas/system/proxy/ftp_host</schema_key> <value> <string>PROXYSERVER.COM</string> </value> </entry> <entry> <key>ftp_port</key> <schema_key>/schemas/system/proxy/ftp_port</schema_key> <value> <int>80</int> </value> </entry> <entry> <key>mode</key> <schema_key>/schemas/system/proxy/mode</schema_key> <value> <string>manual</string> </value> </entry> <entry> <key>secure_host</key> <schema_key>/schemas/system/proxy/secure_host</schema_key> <value> <string>PROXYSERVER.COM</string> </value> </entry> <entry> <key>secure_port</key> <schema_key>/schemas/system/proxy/secure_port</schema_key> <value> <int>80</int> </value> </entry> <entry> <key>socks_host</key> <schema_key>/schemas/system/proxy/socks_host</schema_key> <value> <string>PROXYSERVER.COM</string> </value> </entry> <entry> <key>socks_port</key> <schema_key>/schemas/system/proxy/socks_port</schema_key> <value> <int>80</int> </value> </entry> </entrylist> </gconfentryfile> [ashopov@ashopov-dev ~]$ gconftool-2 --dump /system/http_proxy ============================================================== <gconfentryfile> <entrylist base="/system/http_proxy"> <entry> <key>authentication_password</key> <schema_key>/schemas/system/http_proxy/authentication_password</schema_key> <value> <string></string> </value> </entry> <entry> <key>authentication_user</key> <schema_key>/schemas/system/http_proxy/authentication_user</schema_key> <value> <string></string> </value> </entry> <entry> <key>host</key> <schema_key>/schemas/system/http_proxy/host</schema_key> <value> <string>PROXYSERVER.COM</string> </value> </entry> <entry> <key>ignore_hosts</key> <schema_key>/schemas/system/http_proxy/ignore_hosts</schema_key> <value> <list type="string"> <value> <string>localhost</string> </value> <value> <string>127.0.0.0/8</string> </value> </list> </value> </entry> <entry> <key>port</key> <schema_key>/schemas/system/http_proxy/port</schema_key> <value> <int>80</int> </value> </entry> <entry> <key>use_authentication</key> <schema_key>/schemas/system/http_proxy/use_authentication</schema_key> <value> <bool>false</bool> </value> </entry> <entry> <key>use_http_proxy</key> <schema_key>/schemas/system/http_proxy/use_http_proxy</schema_key> <value> <bool>false</bool> </value> </entry> </entrylist> </gconfentryfile>
This bugs is still present in F16 RC2.
Fixed in trunk: https://bugzilla.mozilla.org/show_bug.cgi?id=682832
This seems to be fixed in whatever version of firefox is in F16-updates. It's respecting the proxy settings I've set in dconf. I think it can be closed as CURRENTRELEASE.
Working for Fedora 16.
Can anyone confirm that this works for setting a SOCKS proxy? I'm still having trouble.
For me the one use case where I use SOCKS is via Thunderbird for retrieving IMAP mail. The latest changes do not work in this case. I have to still manually set the SOCKS sever in Thunderbird.
(In reply to comment #24) > For me the one use case where I use SOCKS is via Thunderbird for retrieving > IMAP mail. The latest changes do not work in this case. I have to still > manually set the SOCKS sever in Thunderbird. This was fixed in thunderbird-11.0-5.fc16.x86_64. Please retest and let us know if problem reoccurs.
*** Bug 694821 has been marked as a duplicate of this bug. ***