On 7/21/25 16:48, Mira Limbeck wrote: > With the upgrade to ureq 3 the TLS connectors (native-tls, rustls) now > require a transport (tcp) in the chain before it, otherwise they panic. > > For HTTP Connect proxy support another ConnectProxy connector is > required. > The new chain, based on the DefaultConnector [0] chain in ureq, needs to > have the connectors in the order of: > ConnectProxy -> Tcp -> Tls > > [0] > https://github.com/algesten/ureq/blob/3.0.11/src/unversioned/transport/mod.rs#L346 > > Signed-off-by: Mira Limbeck <[email protected]> > --- > proxmox-openid/src/http_client.rs | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > mode change 100644 => 100755 proxmox-openid/src/http_client.rs > > diff --git a/proxmox-openid/src/http_client.rs > b/proxmox-openid/src/http_client.rs > old mode 100644 > new mode 100755 > index e4628170..7d383d5d > --- a/proxmox-openid/src/http_client.rs > +++ b/proxmox-openid/src/http_client.rs > @@ -4,6 +4,7 @@ use std::io::Read; > use http::method::Method; > > use openidconnect::{HttpRequest, HttpResponse}; > +use ureq::unversioned::transport::Connector; > > // Copied from OAuth2 create, because we want to use ureq with > // native-tls. But current OAuth2 crate pulls in rustls, so we cannot > @@ -43,7 +44,9 @@ fn ureq_agent() -> Result<ureq::Agent, Error> { > } > let agent = ureq::Agent::with_parts( > config.build(), > - ureq::unversioned::transport::NativeTlsConnector::default(), > + ureq::unversioned::transport::ConnectProxyConnector::default() > + .chain(ureq::unversioned::transport::TcpConnector::default()) > + > .chain(ureq::unversioned::transport::NativeTlsConnector::default()), > ureq::unversioned::resolver::DefaultResolver::default(), > ); > Sorry, the `openid` in the subject is a bit redundant. This should have been `http_client` or maybe omitted entirely.
_______________________________________________ pve-devel mailing list [email protected] https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
