fix(machine): throw connect: connection refused after set proxy

When the `machine start` command is executed, Podman automatically retrieves the current host's `*_PROXY` environment variable and assigns it directly to the virtual machine in QEMU. However, most `*_PROXY` variables are set with `127.0.0.1` or `localhost`, such as `127.0.0.1:8888`. This causes failures in network-related operations within the virtual machine due to incorrect proxy settings. Fixes: #14087 Signed-off-by: Black-Hole1 <bh@bugs.cc>
2025-06-22 18:08:11 +08:00 · 2023-06-20 13:40:45 +08:00
parent 772f82ee67
commit 81e63227e6
2 changed files with 80 additions and 5 deletions
--- a/pkg/machine/ignition.go
+++ b/pkg/machine/ignition.go
@ -10,6 +10,7 @@ import (
 	"net/url"
 	"os"
 	"path/filepath"
+	"strings"

 	"github.com/containers/common/pkg/config"
 	"github.com/sirupsen/logrus"
@ -613,7 +614,14 @@ func GetProxyVariables() map[string]string {
 	proxyOpts := make(map[string]string)
 	for _, variable := range config.ProxyEnv {
 		if value, ok := os.LookupEnv(variable); ok {
-			proxyOpts[variable] = value
+			if value == "" {
+				continue
+			}
+
+			// TODO: use constants for host.containers.internal
+			v := strings.ReplaceAll(value, "127.0.0.1", "host.containers.internal")
+			v = strings.ReplaceAll(v, "localhost", "host.containers.internal")
+			proxyOpts[variable] = v
 		}
 	}
 	return proxyOpts
--- a/pkg/machine/qemu/machine_test.go
+++ b/pkg/machine/qemu/machine_test.go
@ -25,9 +25,55 @@ func TestEditCmd(t *testing.T) {
 }

 func TestPropagateHostEnv(t *testing.T) {
-	t.Setenv("SSL_CERT_FILE", "/some/foo.cert")
-	t.Setenv("SSL_CERT_DIR", "/some/my/certs")
-	t.Setenv("HTTP_PROXY", "proxy")
+	tests := map[string]struct {
+		value  string
+		expect string
+	}{
+		"HTTP_PROXY": {
+			"proxy",
+			"equal",
+		},
+		"ftp_proxy": {
+			"domain.com:8888",
+			"equal",
+		},
+		"FTP_PROXY": {
+			"proxy",
+			"equal",
+		},
+		"NO_PROXY": {
+			"localaddress",
+			"equal",
+		},
+		"HTTPS_PROXY": {
+			"",
+			"unset",
+		},
+		"no_proxy": {
+			"",
+			"unset",
+		},
+		"http_proxy": {
+			"127.0.0.1:8888",
+			"host.containers.internal:8888",
+		},
+		"https_proxy": {
+			"localhost:8888",
+			"host.containers.internal:8888",
+		},
+		"SSL_CERT_FILE": {
+			"/some/f=oo.cert",
+			fmt.Sprintf("%s/f=oo.cert", machine.UserCertsTargetPath),
+		},
+		"SSL_CERT_DIR": {
+			"/some/my/certs",
+			machine.UserCertsTargetPath,
+		},
+	}
+
+	for key, item := range tests {
+		t.Setenv(key, item.value)
+	}

 	cmdLine := propagateHostEnv(make([]string, 0))

@ -36,5 +82,26 @@ func TestPropagateHostEnv(t *testing.T) {
 	tokens := strings.Split(cmdLine[1], ",string=")
 	decodeString, err := base64.StdEncoding.DecodeString(tokens[1])
 	assert.NoError(t, err)
-	assert.Equal(t, fmt.Sprintf("HTTP_PROXY=\"proxy\"|SSL_CERT_FILE=\"%s/foo.cert\"|SSL_CERT_DIR=%q", machine.UserCertsTargetPath, machine.UserCertsTargetPath), string(decodeString))
+
+	// envsRawArr looks like: ["BAR=\"bar\"", "FOO=\"foo\""]
+	envsRawArr := strings.Split(string(decodeString), "|")
+	// envs looks like: {"BAR": "bar", "FOO": "foo"}
+	envs := make(map[string]string)
+	for _, env := range envsRawArr {
+		item := strings.SplitN(env, "=", 2)
+		envs[item[0]] = strings.Trim(item[1], "\"")
+	}
+
+	for key, test := range tests {
+		switch test.expect {
+		case "equal":
+			assert.Equal(t, envs[key], test.value)
+		case "unset":
+			if _, ok := envs[key]; ok {
+				t.Errorf("env %s should not be set", key)
+			}
+		default:
+			assert.Equal(t, envs[key], test.expect)
+		}
+	}
 }