Support proxying SSL connections

S3/ConnMan.py

@@ -4,6 +4,7 @@
 ## License: GPL Version 2
 ## Copyright: TGRMN Software and contributors
 
+import sys
 import httplib
 from urlparse import urlparse
 from threading import Semaphore
@@ -20,12 +21,18 @@ def __init__(self, id, hostname, ssl, cfg):
         self.ssl = ssl
         self.id = id
         self.counter = 0
-        if cfg.proxy_host != "":
-            self.c = httplib.HTTPConnection(cfg.proxy_host, cfg.proxy_port)
-        elif not ssl:
-            self.c = httplib.HTTPConnection(hostname)
+
+        if not ssl:
+            if cfg.proxy_host != "":
+                self.c = httplib.HTTPConnection(cfg.proxy_host, cfg.proxy_port)
+            else:
+                self.c = httplib.HTTPConnection(hostname)
         else:
-            self.c = httplib.HTTPSConnection(hostname)
+            if cfg.proxy_host != "":
+                self.c = httplib.HTTPSConnection(cfg.proxy_host, cfg.proxy_port)
+                self.c.set_tunnel(hostname)
+            else:
+                self.c = httplib.HTTPSConnection(hostname)
 
 class ConnMan(object):
     conn_pool_sem = Semaphore()
@@ -39,8 +46,8 @@ def get(hostname, ssl = None):
             ssl = cfg.use_https
         conn = None
         if cfg.proxy_host != "":
-            if ssl:
-                raise ParameterError("use_https=True can't be used with proxy")
+            if ssl and sys.hexversion < 0x02070000:
+                raise ParameterError("use_https=True can't be used with proxy on Python <2.7")
             conn_id = "proxy://%s:%s" % (cfg.proxy_host, cfg.proxy_port)
         else:
             conn_id = "http%s://%s" % (ssl and "s" or "", hostname)

s3cmd

@@ -1779,7 +1779,7 @@ def run_configure(config_file, args):
         ("secret_key", "Secret Key"),
         ("gpg_passphrase", "Encryption password", "Encryption password is used to protect your files from reading\nby unauthorized persons while in transfer to S3"),
         ("gpg_command", "Path to GPG program"),
-        ("use_https", "Use HTTPS protocol", "When using secure HTTPS protocol all communication with Amazon S3\nservers is protected from 3rd party eavesdropping. This method is\nslower than plain HTTP and can't be used if you're behind a proxy"),
+        ("use_https", "Use HTTPS protocol", "When using secure HTTPS protocol all communication with Amazon S3\nservers is protected from 3rd party eavesdropping. This method is\nslower than plain HTTP, and can only be proxied with Python 2.7 or newer"),
         ("proxy_host", "HTTP Proxy server name", "On some networks all internet access must go through a HTTP proxy.\nTry setting it here if you can't connect to S3 directly"),
         ("proxy_port", "HTTP Proxy server port"),
         ]
@@ -1800,7 +1800,7 @@ def run_configure(config_file, args):
             for option in options:
                 prompt = option[1]
                 ## Option-specific handling
-                if option[0] == 'proxy_host' and getattr(cfg, 'use_https') == True:
+                if option[0] == 'proxy_host' and getattr(cfg, 'use_https') == True and sys.hexversion < 0x02070000:
                     setattr(cfg, option[0], "")
                     continue
                 if option[0] == 'proxy_port' and getattr(cfg, 'proxy_host') == "":