url: fall back to http/https proxy env-variable if ws/wss not set

Reported-by: Craig Andrews
Fixes #12031
Closes #12058

docs/libcurl/libcurl-env.3

@@ -30,16 +30,20 @@ controls and changes behaviors. This is the full list of variables to set and
 description of what they do. Also note that curl, the command line tool,
 supports a set of additional environment variables independently of this.
 .IP "[scheme]_proxy"
-When libcurl is given a URL to use in a transfer, it first extracts the
-"scheme" part from the URL and checks if there is a given proxy set for that
-in its corresponding environment variable. A URL like "https://example.com"
-makes libcurl use the "http_proxy" variable, while a URL like
-"ftp://example.com" uses the "ftp_proxy" variable.
+When libcurl is given a URL to use in a transfer, it first extracts the scheme
+part from the URL and checks if there is a given proxy set for that in its
+corresponding environment variable. A URL like https://example.com makes
+libcurl use the \fBhttp_proxy\fP variable, while a URL like ftp://example.com
+uses the \fBftp_proxy\fP variable.
 
 These proxy variables are also checked for in their uppercase versions, except
-the "http_proxy" one which is only used lowercase. Note also that some systems
-actually have a case insensitive handling of environment variables and then of
-course "HTTP_PROXY" still works.
+the \fBhttp_proxy\fP one which is only used lowercase. Note also that some
+systems actually have a case insensitive handling of environment variables and
+then of course \fBHTTP_PROXY\fP still works.
+
+An exception exists for the WebSocket \fBws\fP and \fBwss\fP URL schemes,
+where libcurl first checks \fBws_proxy\fP or \fBwss_proxy\fP but if they are
+not set, it will fall back and try the http and https versions instead if set.
 .IP ALL_PROXY
 This is a setting to set proxy for all URLs, independently of what scheme is
 being used. Note that the scheme specific variables overrides this one if set.

lib/url.c

@@ -2076,7 +2076,6 @@ static char *detect_proxy(struct Curl_easy *data,
   char proxy_env[128];
   const char *protop = conn->handler->scheme;
   char *envp = proxy_env;
-  char *prox;
 #ifdef CURL_DISABLE_VERBOSE_STRINGS
   (void)data;
 #endif
@@ -2089,7 +2088,7 @@ static char *detect_proxy(struct Curl_easy *data,
   strcpy(envp, "_proxy");
 
   /* read the protocol proxy: */
-  prox = curl_getenv(proxy_env);
+  proxy = curl_getenv(proxy_env);
 
   /*
    * We don't try the uppercase version of HTTP_PROXY because of
@@ -2103,23 +2102,35 @@ static char *detect_proxy(struct Curl_easy *data,
    * This can cause 'internal' http/ftp requests to be
    * arbitrarily redirected by any external attacker.
    */
-  if(!prox && !strcasecompare("http_proxy", proxy_env)) {
+  if(!proxy && !strcasecompare("http_proxy", proxy_env)) {
     /* There was no lowercase variable, try the uppercase version: */
     Curl_strntoupper(proxy_env, proxy_env, sizeof(proxy_env));
-    prox = curl_getenv(proxy_env);
+    proxy = curl_getenv(proxy_env);
   }
 
   envp = proxy_env;
-  if(prox) {
-    proxy = prox; /* use this */
-  }
-  else {
-    envp = (char *)"all_proxy";
-    proxy = curl_getenv(envp); /* default proxy to use */
-    if(!proxy) {
-      envp = (char *)"ALL_PROXY";
-      proxy = curl_getenv(envp);
+  if(!proxy) {
+#ifdef USE_WEBSOCKETS
+    /* websocket proxy fallbacks */
+    if(strcasecompare("ws_proxy", proxy_env)) {
+      proxy = curl_getenv("http_proxy");
     }
+    else if(strcasecompare("wss_proxy", proxy_env)) {
+      proxy = curl_getenv("https_proxy");
+      if(!proxy)
+        proxy = curl_getenv("HTTPS_PROXY");
+    }
+    if(!proxy) {
+#endif
+      envp = (char *)"all_proxy";
+      proxy = curl_getenv(envp); /* default proxy to use */
+      if(!proxy) {
+        envp = (char *)"ALL_PROXY";
+        proxy = curl_getenv(envp);
+      }
+#ifdef USE_WEBSOCKETS
+    }
+#endif
   }
   if(proxy)
     infof(data, "Uses proxy env variable %s == '%s'", envp, proxy);