| Message ID | 20211020010624.675562-3-sandals@crustytoothpaste.net (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | Additional FAQ entries | expand |
Hi brian, On Wed, 20 Oct 2021, brian m. carlson wrote: > Many corporate environments and local systems have proxies in use. Note > the situations in which proxies can be used and how to configure them. > At the same time, note what standards a proxy must follow to work with > Git. Explicitly call out certain classes that are known to routinely > have problems reported various places online, including in the Git for > Windows issue tracker and on Stack Overflow, and recommend against the > use of such software. I fully agree with this patch, therefore: ACK! Ciao, Dscho
"brian m. carlson" <sandals@crustytoothpaste.net> writes: > Many corporate environments and local systems have proxies in use. Note > the situations in which proxies can be used and how to configure them. > At the same time, note what standards a proxy must follow to work with > Git. Explicitly call out certain classes that are known to routinely > have problems reported various places online, including in the Git for > Windows issue tracker and on Stack Overflow, and recommend against the > use of such software. The new section only talks about http(s), but I recall Peff recently helped folks with broken invocation of socat, a relay that does not handle severing connection only in one direction very well. I wonder if it fits in this section. > Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net> > --- > Documentation/gitfaq.txt | 18 ++++++++++++++++++ > 1 file changed, 18 insertions(+) > > diff --git a/Documentation/gitfaq.txt b/Documentation/gitfaq.txt > index 946691c153..abc0f62e6c 100644 > --- a/Documentation/gitfaq.txt > +++ b/Documentation/gitfaq.txt > @@ -241,6 +241,24 @@ How do I know if I want to do a fetch or a pull?:: > ignore the upstream changes. A pull consists of a fetch followed > immediately by either a merge or rebase. See linkgit:git-pull[1]. > > +[[proxy]] > +Can I use a proxy with Git?:: > + Yes, Git supports the use of proxies. Git honors the standard `http_proxy`, > + `https_proxy`, and `no_proxy` environment variables commonly used on Unix, and > + it also can be configured with `http.proxy` and similar options for HTTPS (see > + linkgit:git-config[1]). The `http.proxy` and related options can be > + customized on a per-URL pattern basis. In addition, Git can in theory > + function normally with transparent proxies that exist on the network. > ++ > +However, note that for Git to work properly, the proxy must be completely > +transparent. The proxy cannot modify, tamper with, change, or buffer the > +connection in any way, or Git will almost certainly fail to work. Note that > +many proxies, including many TLS middleboxes, Windows antivirus and firewall > +programs other than Windows Defender and Windows Firewall, and filtering proxies > +fail to meet this standard, and as a result end up breaking Git. Because of the > +many reports of problems, we recommend against the use of these classes of > +software and devices. > + > Design > ------ >
On 2021-10-20 at 11:57:42, Johannes Schindelin wrote: > Hi brian, > > On Wed, 20 Oct 2021, brian m. carlson wrote: > > > Many corporate environments and local systems have proxies in use. Note > > the situations in which proxies can be used and how to configure them. > > At the same time, note what standards a proxy must follow to work with > > Git. Explicitly call out certain classes that are known to routinely > > have problems reported various places online, including in the Git for > > Windows issue tracker and on Stack Overflow, and recommend against the > > use of such software. > > I fully agree with this patch, therefore: ACK! I CC'd you specifically because of this patch, and I'm glad to hear you agree, even if I'm sorry you have to deal with these reports.
On 2021-10-20 at 14:48:04, Junio C Hamano wrote: > "brian m. carlson" <sandals@crustytoothpaste.net> writes: > > > Many corporate environments and local systems have proxies in use. Note > > the situations in which proxies can be used and how to configure them. > > At the same time, note what standards a proxy must follow to work with > > Git. Explicitly call out certain classes that are known to routinely > > have problems reported various places online, including in the Git for > > Windows issue tracker and on Stack Overflow, and recommend against the > > use of such software. > > The new section only talks about http(s), but I recall Peff recently > helped folks with broken invocation of socat, a relay that does not > handle severing connection only in one direction very well. > > I wonder if it fits in this section. I think it does, and I'll add it in a reroll.
diff --git a/Documentation/gitfaq.txt b/Documentation/gitfaq.txt index 946691c153..abc0f62e6c 100644 --- a/Documentation/gitfaq.txt +++ b/Documentation/gitfaq.txt @@ -241,6 +241,24 @@ How do I know if I want to do a fetch or a pull?:: ignore the upstream changes. A pull consists of a fetch followed immediately by either a merge or rebase. See linkgit:git-pull[1]. +[[proxy]] +Can I use a proxy with Git?:: + Yes, Git supports the use of proxies. Git honors the standard `http_proxy`, + `https_proxy`, and `no_proxy` environment variables commonly used on Unix, and + it also can be configured with `http.proxy` and similar options for HTTPS (see + linkgit:git-config[1]). The `http.proxy` and related options can be + customized on a per-URL pattern basis. In addition, Git can in theory + function normally with transparent proxies that exist on the network. ++ +However, note that for Git to work properly, the proxy must be completely +transparent. The proxy cannot modify, tamper with, change, or buffer the +connection in any way, or Git will almost certainly fail to work. Note that +many proxies, including many TLS middleboxes, Windows antivirus and firewall +programs other than Windows Defender and Windows Firewall, and filtering proxies +fail to meet this standard, and as a result end up breaking Git. Because of the +many reports of problems, we recommend against the use of these classes of +software and devices. + Design ------
Many corporate environments and local systems have proxies in use. Note the situations in which proxies can be used and how to configure them. At the same time, note what standards a proxy must follow to work with Git. Explicitly call out certain classes that are known to routinely have problems reported various places online, including in the Git for Windows issue tracker and on Stack Overflow, and recommend against the use of such software. Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net> --- Documentation/gitfaq.txt | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)