1. Introduction 1.1. Project/Component Working Name: libproxy 1.2. Name of Document Author/Supplier: Author: Ke Wang Sponser: John Fischer 1.3. Date of This Document: 02/04/2009 1.4. Name of Major Document Customer(s)/Consumer(s): 1.4.1. The PAC or CPT you expect to review your project: Solaris PAC 1.4.2. The ARC(s) you expect to review your project: LSARC 1.4.3. The Director/VP who is "Sponsoring" this project: Robert O'Dea 1.4.4. The name of your business unit: Software - OPG 1.5. Email Aliases: 1.5.1. Responsible Manager: harry.lu@sun.com 1.5.2. Responsible Engineer: ke.wang@sun.com 1.5.3. Marketing Manager: glynn.foster@sun.com 1.5.4. Interest List: jeff.cai@sun.com 2. Project Summary 2.1. Project Description: libproxy is a library that provides automatic proxy configuration management. 3. Technical Description: 3.1. Details: Proxy configuration is problematic for a number of reasons: 1. There are a variety of places to get configuration information 2. There are a variety of proxy types 3. Proxy auto-configuration (PAC) requires Javascript (which most applications don't have) 4. Automatically determining PAC location requires an implementation of the WPAD protocol Libproxy provides interfaces to get proxy that should be used to access a network resource. It use various plugins to get proxy configuration from different places e.g. environment variables, GConf, PAC. Libproxy offers the following features: * extremely small core footprint * no external dependencies within libproxy core (libproxy plugins may have dependencies) * only 3 functions in the stable external API * dynamic adjustment to changing network topology * a standard way of dealing with proxy settings across all scenarios Libproxy includes a core library and several plugins. The core library checks each plugin for an available proxy. Plugins list follows: PLUGIN | DEPS | COMMENT envar | None | Used to get proxy configured by environment variable "http_proxy" file | None | Used to get proxy configured in file $SYSCONFDIR/proxy.conf or $HOME/.proxy.conf gnome | x11, xmu, gconf | Used to get proxy configured by GConf mozjs | mozjs | Get proxy by PAC Every configuration plugin has a type. There are three configuration types: 1. SYSTEM - Defines configuration on a system-wide basis 2. USER - Defines configuration on a user-wide basis 3. SESSION - Defines configuration for this current login session only A plugin can also choose to have no configuration type. By default, plugins are attempted in the following order: SESSION, USER, SYSTEM, and finally plugins without a type. The order within the categories is undefined and could be random. If a plugin responds that it can't find the configuration, the next plugin is tried. So for instance, the KDE plugin will not be used unless you are actually logged into KDE. The same applies for GNOME. The plugin order can be manually specified through an environmental variable. For instance, the following will set libproxy to use the envvar plugin first, then USER, then SYSTEM, then SESSION (capitalization is important): export PX_CONFIG_ORDER=envvar,USER,SYSTEM,SESSION Libsoup 2.25.5 and above depends on libproxy. 3.2. Interfaces: Exported Interfaces Interface Classification Comments --------------- -------------- ----------------------- SUNWlibproxy Uncommitted Package name of base library SUNWlibproxy-devel Uncommitted Package name of library for development /usr/lib/libproxy.so.0 Volatile C library /usr/lib/amd64/libproxy.so.0 Volatile 64-bit library /usr/lib/python2.4/vendor-packages/libproxy.py Volatile Python binding /usr/lib/pkgconfig/libproxy-1.0.pc Uncommitted libproxy pc file /usr/lib/amd64/pkgconfig/libproxy-1.0.pc Uncommitted 64-bit pc file /usr/include/libproxy/proxy.h Volatile libproxy header file /usr/demo/jds/bin/proxy Volatile binary file used for testing /usr/demo/jds/bin/amd64/proxy Volatile 64-bit binary file for testing /usr/share/man/man3/libproxy.3 Volatile libproxy man page /usr/lib/libproxy/0.2.3/plugins/envvar.so Volatile plugins for environment variables /usr/lib/libproxy/0.2.3/plugins/file.so Volatile plugins for configration files /usr/lib/libproxy/0.2.3/plugins/gnome.so Volatile plugins for GConf /usr/lib/libproxy/0.2.3/plugins/mozjs.so Volatile plugins for PAC /usr/lib/amd64/libproxy/* Volatile 64-bit plugins PX_CONFIG_ORDER environment variable Volatile environment variable to define plugins order Imported Interfaces Interface Classification Comments --------------- -------------- ----------------------- SUNWgnome-config Committed LSARC/2002/146 SUNWxwplt Stable X Window System platform software(PSARC/1998/299) http_proxy, no_proxy environment variable Stable PSARC/2001/540 [10] GConf keys: /system/proxy/mode, /system/proxy/autoconfig_url, /system/ http_proxy/host, /system/http_proxy/port, Volatile Gconf configuration keys /system/proxy/socks_host, /system/proxy/ socks_port, /system/http_proxy/ignore_hosts $SYSCONFDIR/proxy.conf, $HOME/.proxy.conf Volatile System proxy configuration files libmozjs.so Consolidation Shared with Firefox Private 3.3. Packaging & Delivery: SUNWlibproxy(base package) - base package SUNWlibproxy-devel (development package) - develoment package for header 3.4. Dependencies: Plugin of libproxy for GNOME depends on libX11 ,libXmu ,libgconf and libmozjs. 3.5. Security Impact: Libproxy supports the feature of WPAD, which exposes a security risk discussed in the following link: http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol#Security We shall apply a patch to disable WPAD by default so there is no other security impact. Administrators can enable WPAD by passing --with-wpad-fallback while configuring. 4. Resources and Schedule: 4.1. Product Approval Committee requested information: 4.1.1. Consolidation Name: Desktop Cteam/GNOME 4.1.2. Contributing OpCo/BU/Division Name: Desktop 4.1.3. Type of PAC Review and Approval expected: FastTrack 5. References Project website: http://code.google.com/p/libproxy/ Applications that should use libproxy: http://code.google.com/p/libproxy/wiki/Applications