deltachat/net/
proxy.rs

1//! # Proxy support.
2//!
3//! Delta Chat supports HTTP(S) CONNECT, SOCKS5 and Shadowsocks protocols.
4
5use std::fmt;
6use std::pin::Pin;
7
8use anyhow::{bail, format_err, Context as _, Result};
9use base64::Engine;
10use bytes::{BufMut, BytesMut};
11use fast_socks5::client::Socks5Stream;
12use fast_socks5::util::target_addr::ToTargetAddr;
13use fast_socks5::AuthenticationMethod;
14use fast_socks5::Socks5Command;
15use percent_encoding::{percent_encode, utf8_percent_encode, NON_ALPHANUMERIC};
16use tokio::io::{AsyncReadExt, AsyncWriteExt};
17use tokio::net::TcpStream;
18use tokio_io_timeout::TimeoutStream;
19use url::Url;
20
21use crate::config::Config;
22use crate::constants::NON_ALPHANUMERIC_WITHOUT_DOT;
23use crate::context::Context;
24use crate::net::connect_tcp;
25use crate::net::session::SessionStream;
26use crate::net::tls::wrap_rustls;
27use crate::sql::Sql;
28
29/// Default SOCKS5 port according to [RFC 1928](https://tools.ietf.org/html/rfc1928).
30pub const DEFAULT_SOCKS_PORT: u16 = 1080;
31
32#[derive(Debug, Clone)]
33pub struct ShadowsocksConfig {
34    pub server_config: shadowsocks::config::ServerConfig,
35}
36
37impl PartialEq for ShadowsocksConfig {
38    fn eq(&self, other: &Self) -> bool {
39        self.server_config.to_url() == other.server_config.to_url()
40    }
41}
42
43impl Eq for ShadowsocksConfig {}
44
45impl ShadowsocksConfig {
46    fn to_url(&self) -> String {
47        self.server_config.to_url()
48    }
49}
50
51#[derive(Debug, Clone, PartialEq, Eq)]
52pub struct HttpConfig {
53    /// HTTP proxy host.
54    pub host: String,
55
56    /// HTTP proxy port.
57    pub port: u16,
58
59    /// Username and password for basic authentication.
60    ///
61    /// If set, `Proxy-Authorization` header is sent.
62    pub user_password: Option<(String, String)>,
63}
64
65impl HttpConfig {
66    fn from_url(url: Url) -> Result<Self> {
67        let host = url
68            .host_str()
69            .context("HTTP proxy URL has no host")?
70            .to_string();
71        let port = url
72            .port_or_known_default()
73            .context("HTTP(S) URLs are guaranteed to return Some port")?;
74        let user_password = if let Some(password) = url.password() {
75            let username = percent_encoding::percent_decode_str(url.username())
76                .decode_utf8()
77                .context("HTTP(S) proxy username is not a valid UTF-8")?
78                .to_string();
79            let password = percent_encoding::percent_decode_str(password)
80                .decode_utf8()
81                .context("HTTP(S) proxy password is not a valid UTF-8")?
82                .to_string();
83            Some((username, password))
84        } else {
85            None
86        };
87        let http_config = HttpConfig {
88            host,
89            port,
90            user_password,
91        };
92        Ok(http_config)
93    }
94
95    fn to_url(&self, scheme: &str) -> String {
96        let host = utf8_percent_encode(&self.host, NON_ALPHANUMERIC_WITHOUT_DOT);
97        if let Some((user, password)) = &self.user_password {
98            let user = utf8_percent_encode(user, NON_ALPHANUMERIC);
99            let password = utf8_percent_encode(password, NON_ALPHANUMERIC);
100            format!("{scheme}://{user}:{password}@{host}:{}", self.port)
101        } else {
102            format!("{scheme}://{host}:{}", self.port)
103        }
104    }
105}
106
107#[derive(Debug, Clone, PartialEq, Eq)]
108pub struct Socks5Config {
109    pub host: String,
110    pub port: u16,
111    pub user_password: Option<(String, String)>,
112}
113
114impl Socks5Config {
115    async fn connect(
116        &self,
117        context: &Context,
118        target_host: &str,
119        target_port: u16,
120        load_dns_cache: bool,
121    ) -> Result<Socks5Stream<Pin<Box<TimeoutStream<TcpStream>>>>> {
122        let tcp_stream = connect_tcp(context, &self.host, self.port, load_dns_cache)
123            .await
124            .context("Failed to connect to SOCKS5 proxy")?;
125
126        let authentication_method = if let Some((username, password)) = self.user_password.as_ref()
127        {
128            Some(AuthenticationMethod::Password {
129                username: username.into(),
130                password: password.into(),
131            })
132        } else {
133            None
134        };
135        let mut socks_stream =
136            Socks5Stream::use_stream(tcp_stream, authentication_method, Default::default()).await?;
137        let target_addr = (target_host, target_port).to_target_addr()?;
138        socks_stream
139            .request(Socks5Command::TCPConnect, target_addr)
140            .await?;
141
142        Ok(socks_stream)
143    }
144
145    fn to_url(&self) -> String {
146        let host = utf8_percent_encode(&self.host, NON_ALPHANUMERIC_WITHOUT_DOT);
147        if let Some((user, password)) = &self.user_password {
148            let user = utf8_percent_encode(user, NON_ALPHANUMERIC);
149            let password = utf8_percent_encode(password, NON_ALPHANUMERIC);
150            format!("socks5://{user}:{password}@{host}:{}", self.port)
151        } else {
152            format!("socks5://{host}:{}", self.port)
153        }
154    }
155}
156
157/// Configuration for the proxy through which all traffic
158/// (except for iroh p2p connections)
159/// will be sent.
160#[derive(Debug, Clone, PartialEq, Eq)]
161#[expect(clippy::large_enum_variant)]
162pub enum ProxyConfig {
163    /// HTTP proxy.
164    Http(HttpConfig),
165
166    /// HTTPS proxy.
167    Https(HttpConfig),
168
169    /// SOCKS5 proxy.
170    Socks5(Socks5Config),
171
172    /// Shadowsocks proxy.
173    Shadowsocks(ShadowsocksConfig),
174}
175
176/// Constructs HTTP/1.1 `CONNECT` request for HTTP(S) proxy.
177fn http_connect_request(host: &str, port: u16, auth: Option<(&str, &str)>) -> String {
178    // According to <https://datatracker.ietf.org/doc/html/rfc7230#section-5.4>
179    // clients MUST send `Host:` header in HTTP/1.1 requests,
180    // so repeat the host there.
181    let mut res = format!("CONNECT {host}:{port} HTTP/1.1\r\nHost: {host}:{port}\r\n");
182    if let Some((username, password)) = auth {
183        res += "Proxy-Authorization: Basic ";
184        res += &base64::engine::general_purpose::STANDARD.encode(format!("{username}:{password}"));
185        res += "\r\n";
186    }
187    res += "\r\n";
188    res
189}
190
191/// Sends HTTP/1.1 `CONNECT` request over given connection
192/// to establish an HTTP tunnel.
193///
194/// Returns the same connection back so actual data can be tunneled over it.
195async fn http_tunnel<T>(mut conn: T, host: &str, port: u16, auth: Option<(&str, &str)>) -> Result<T>
196where
197    T: AsyncReadExt + AsyncWriteExt + Unpin,
198{
199    // Send HTTP/1.1 CONNECT request.
200    let request = http_connect_request(host, port, auth);
201    conn.write_all(request.as_bytes()).await?;
202
203    let mut buffer = BytesMut::with_capacity(4096);
204
205    let res = loop {
206        if !buffer.has_remaining_mut() {
207            bail!("CONNECT response exceeded buffer size");
208        }
209        let n = conn.read_buf(&mut buffer).await?;
210        if n == 0 {
211            bail!("Unexpected end of CONNECT response");
212        }
213
214        let res = &buffer[..];
215        if res.ends_with(b"\r\n\r\n") {
216            // End of response is not reached, read more.
217            break res;
218        }
219    };
220
221    // Normally response looks like
222    // `HTTP/1.1 200 Connection established\r\n\r\n`.
223    if !res.starts_with(b"HTTP/") {
224        bail!("Unexpected HTTP CONNECT response: {res:?}");
225    }
226
227    // HTTP-version followed by space has fixed length
228    // according to RFC 7230:
229    // <https://datatracker.ietf.org/doc/html/rfc7230#section-3.1.2>
230    //
231    // Normally status line starts with `HTTP/1.1 `.
232    // We only care about 3-digit status code.
233    let status_code = res
234        .get(9..12)
235        .context("HTTP status line does not contain a status code")?;
236
237    // Interpret status code according to
238    // <https://datatracker.ietf.org/doc/html/rfc7231#section-6>.
239    if status_code == b"407" {
240        Err(format_err!("Proxy Authentication Required"))
241    } else if status_code.starts_with(b"2") {
242        // Success.
243        Ok(conn)
244    } else {
245        Err(format_err!(
246            "Failed to establish HTTP CONNECT tunnel: {res:?}"
247        ))
248    }
249}
250
251impl ProxyConfig {
252    /// Creates a new proxy configuration by parsing given proxy URL.
253    pub fn from_url(url: &str) -> Result<Self> {
254        let url = Url::parse(url).context("Cannot parse proxy URL")?;
255        match url.scheme() {
256            "http" => {
257                let http_config = HttpConfig::from_url(url)?;
258                Ok(Self::Http(http_config))
259            }
260            "https" => {
261                let https_config = HttpConfig::from_url(url)?;
262                Ok(Self::Https(https_config))
263            }
264            "ss" => {
265                let server_config = shadowsocks::config::ServerConfig::from_url(url.as_str())?;
266                let shadowsocks_config = ShadowsocksConfig { server_config };
267                Ok(Self::Shadowsocks(shadowsocks_config))
268            }
269
270            // Because of `curl` convention,
271            // `socks5` URL scheme may be expected to resolve domain names locally
272            // with `socks5h` URL scheme meaning that hostnames are passed to the proxy.
273            // Resolving hostnames locally is not supported
274            // in Delta Chat when using a proxy
275            // to prevent DNS leaks.
276            // Because of this we do not distinguish
277            // between `socks5` and `socks5h`.
278            "socks5" => {
279                let host = url
280                    .host_str()
281                    .context("socks5 URL has no host")?
282                    .to_string();
283                let port = url.port().unwrap_or(DEFAULT_SOCKS_PORT);
284                let user_password = if let Some(password) = url.password() {
285                    let username = percent_encoding::percent_decode_str(url.username())
286                        .decode_utf8()
287                        .context("SOCKS5 username is not a valid UTF-8")?
288                        .to_string();
289                    let password = percent_encoding::percent_decode_str(password)
290                        .decode_utf8()
291                        .context("SOCKS5 password is not a valid UTF-8")?
292                        .to_string();
293                    Some((username, password))
294                } else {
295                    None
296                };
297                let socks5_config = Socks5Config {
298                    host,
299                    port,
300                    user_password,
301                };
302                Ok(Self::Socks5(socks5_config))
303            }
304            scheme => Err(format_err!("Unknown URL scheme {scheme:?}")),
305        }
306    }
307
308    /// Serializes proxy config into an URL.
309    ///
310    /// This function can be used to normalize proxy URL
311    /// by parsing it and serializing back.
312    pub fn to_url(&self) -> String {
313        match self {
314            Self::Http(http_config) => http_config.to_url("http"),
315            Self::Https(http_config) => http_config.to_url("https"),
316            Self::Socks5(socks5_config) => socks5_config.to_url(),
317            Self::Shadowsocks(shadowsocks_config) => shadowsocks_config.to_url(),
318        }
319    }
320
321    /// Migrates legacy `socks5_host`, `socks5_port`, `socks5_user` and `socks5_password`
322    /// config into `proxy_url` if `proxy_url` is unset or empty.
323    ///
324    /// Unsets `socks5_host`, `socks5_port`, `socks5_user` and `socks5_password` in any case.
325    async fn migrate_socks_config(sql: &Sql) -> Result<()> {
326        if sql.get_raw_config("proxy_url").await?.is_none() {
327            // Load legacy SOCKS5 settings.
328            if let Some(host) = sql
329                .get_raw_config("socks5_host")
330                .await?
331                .filter(|s| !s.is_empty())
332            {
333                let port: u16 = sql
334                    .get_raw_config_int("socks5_port")
335                    .await?
336                    .unwrap_or(DEFAULT_SOCKS_PORT.into()) as u16;
337                let user = sql.get_raw_config("socks5_user").await?.unwrap_or_default();
338                let pass = sql
339                    .get_raw_config("socks5_password")
340                    .await?
341                    .unwrap_or_default();
342
343                let mut proxy_url = "socks5://".to_string();
344                if !pass.is_empty() {
345                    proxy_url += &percent_encode(user.as_bytes(), NON_ALPHANUMERIC).to_string();
346                    proxy_url += ":";
347                    proxy_url += &percent_encode(pass.as_bytes(), NON_ALPHANUMERIC).to_string();
348                    proxy_url += "@";
349                };
350                proxy_url += &host;
351                proxy_url += ":";
352                proxy_url += &port.to_string();
353
354                sql.set_raw_config("proxy_url", Some(&proxy_url)).await?;
355            } else {
356                sql.set_raw_config("proxy_url", Some("")).await?;
357            }
358
359            let socks5_enabled = sql.get_raw_config("socks5_enabled").await?;
360            sql.set_raw_config("proxy_enabled", socks5_enabled.as_deref())
361                .await?;
362        }
363
364        sql.set_raw_config("socks5_enabled", None).await?;
365        sql.set_raw_config("socks5_host", None).await?;
366        sql.set_raw_config("socks5_port", None).await?;
367        sql.set_raw_config("socks5_user", None).await?;
368        sql.set_raw_config("socks5_password", None).await?;
369        Ok(())
370    }
371
372    /// Reads proxy configuration from the database.
373    pub async fn load(context: &Context) -> Result<Option<Self>> {
374        Self::migrate_socks_config(&context.sql)
375            .await
376            .context("Failed to migrate legacy SOCKS config")?;
377
378        let enabled = context.get_config_bool(Config::ProxyEnabled).await?;
379        if !enabled {
380            return Ok(None);
381        }
382
383        let proxy_url = context
384            .get_config(Config::ProxyUrl)
385            .await?
386            .unwrap_or_default();
387        let proxy_url = proxy_url
388            .split_once('\n')
389            .map_or(proxy_url.clone(), |(first_url, _rest)| {
390                first_url.to_string()
391            });
392        let proxy_config = Self::from_url(&proxy_url).context("Failed to parse proxy URL")?;
393        Ok(Some(proxy_config))
394    }
395
396    /// If `load_dns_cache` is true, loads cached DNS resolution results.
397    /// Use this only if the connection is going to be protected with TLS checks.
398    pub(crate) async fn connect(
399        &self,
400        context: &Context,
401        target_host: &str,
402        target_port: u16,
403        load_dns_cache: bool,
404    ) -> Result<Box<dyn SessionStream>> {
405        match self {
406            ProxyConfig::Http(http_config) => {
407                let load_cache = false;
408                let tcp_stream = crate::net::connect_tcp(
409                    context,
410                    &http_config.host,
411                    http_config.port,
412                    load_cache,
413                )
414                .await?;
415                let auth = if let Some((username, password)) = &http_config.user_password {
416                    Some((username.as_str(), password.as_str()))
417                } else {
418                    None
419                };
420                let tunnel_stream = http_tunnel(tcp_stream, target_host, target_port, auth).await?;
421                Ok(Box::new(tunnel_stream))
422            }
423            ProxyConfig::Https(https_config) => {
424                let load_cache = true;
425                let tcp_stream = crate::net::connect_tcp(
426                    context,
427                    &https_config.host,
428                    https_config.port,
429                    load_cache,
430                )
431                .await?;
432                let tls_stream = wrap_rustls(&https_config.host, &[], tcp_stream).await?;
433                let auth = if let Some((username, password)) = &https_config.user_password {
434                    Some((username.as_str(), password.as_str()))
435                } else {
436                    None
437                };
438                let tunnel_stream = http_tunnel(tls_stream, target_host, target_port, auth).await?;
439                Ok(Box::new(tunnel_stream))
440            }
441            ProxyConfig::Socks5(socks5_config) => {
442                let socks5_stream = socks5_config
443                    .connect(context, target_host, target_port, load_dns_cache)
444                    .await?;
445                Ok(Box::new(socks5_stream))
446            }
447            ProxyConfig::Shadowsocks(ShadowsocksConfig { server_config }) => {
448                let shadowsocks_context = shadowsocks::context::Context::new_shared(
449                    shadowsocks::config::ServerType::Local,
450                );
451
452                let tcp_stream = {
453                    let server_addr = server_config.addr();
454                    let host = server_addr.host();
455                    let port = server_addr.port();
456                    connect_tcp(context, &host, port, load_dns_cache)
457                        .await
458                        .context("Failed to connect to Shadowsocks proxy")?
459                };
460
461                let shadowsocks_stream = shadowsocks::ProxyClientStream::from_stream(
462                    shadowsocks_context,
463                    tcp_stream,
464                    server_config,
465                    (target_host.to_string(), target_port),
466                );
467
468                Ok(Box::new(shadowsocks_stream))
469            }
470        }
471    }
472}
473
474impl fmt::Display for Socks5Config {
475    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
476        write!(
477            f,
478            "host:{},port:{},user_password:{}",
479            self.host,
480            self.port,
481            if let Some(user_password) = self.user_password.clone() {
482                format!("user: {}, password: ***", user_password.0)
483            } else {
484                "user: None".to_string()
485            }
486        )
487    }
488}
489
490#[cfg(test)]
491mod tests {
492    use super::*;
493    use crate::config::Config;
494    use crate::test_utils::TestContext;
495
496    #[test]
497    fn test_socks5_url() {
498        let proxy_config = ProxyConfig::from_url("socks5://127.0.0.1:9050").unwrap();
499        assert_eq!(
500            proxy_config,
501            ProxyConfig::Socks5(Socks5Config {
502                host: "127.0.0.1".to_string(),
503                port: 9050,
504                user_password: None
505            })
506        );
507
508        let proxy_config = ProxyConfig::from_url("socks5://foo:bar@127.0.0.1:9150").unwrap();
509        assert_eq!(
510            proxy_config,
511            ProxyConfig::Socks5(Socks5Config {
512                host: "127.0.0.1".to_string(),
513                port: 9150,
514                user_password: Some(("foo".to_string(), "bar".to_string()))
515            })
516        );
517
518        let proxy_config = ProxyConfig::from_url("socks5://%66oo:b%61r@127.0.0.1:9150").unwrap();
519        assert_eq!(
520            proxy_config,
521            ProxyConfig::Socks5(Socks5Config {
522                host: "127.0.0.1".to_string(),
523                port: 9150,
524                user_password: Some(("foo".to_string(), "bar".to_string()))
525            })
526        );
527
528        let proxy_config = ProxyConfig::from_url("socks5://127.0.0.1:80").unwrap();
529        assert_eq!(
530            proxy_config,
531            ProxyConfig::Socks5(Socks5Config {
532                host: "127.0.0.1".to_string(),
533                port: 80,
534                user_password: None
535            })
536        );
537
538        let proxy_config = ProxyConfig::from_url("socks5://127.0.0.1").unwrap();
539        assert_eq!(
540            proxy_config,
541            ProxyConfig::Socks5(Socks5Config {
542                host: "127.0.0.1".to_string(),
543                port: 1080,
544                user_password: None
545            })
546        );
547
548        let proxy_config = ProxyConfig::from_url("socks5://127.0.0.1:1080").unwrap();
549        assert_eq!(
550            proxy_config,
551            ProxyConfig::Socks5(Socks5Config {
552                host: "127.0.0.1".to_string(),
553                port: 1080,
554                user_password: None
555            })
556        );
557    }
558
559    #[test]
560    fn test_http_url() {
561        let proxy_config = ProxyConfig::from_url("http://127.0.0.1").unwrap();
562        assert_eq!(
563            proxy_config,
564            ProxyConfig::Http(HttpConfig {
565                host: "127.0.0.1".to_string(),
566                port: 80,
567                user_password: None
568            })
569        );
570
571        let proxy_config = ProxyConfig::from_url("http://127.0.0.1:80").unwrap();
572        assert_eq!(
573            proxy_config,
574            ProxyConfig::Http(HttpConfig {
575                host: "127.0.0.1".to_string(),
576                port: 80,
577                user_password: None
578            })
579        );
580
581        let proxy_config = ProxyConfig::from_url("http://127.0.0.1:443").unwrap();
582        assert_eq!(
583            proxy_config,
584            ProxyConfig::Http(HttpConfig {
585                host: "127.0.0.1".to_string(),
586                port: 443,
587                user_password: None
588            })
589        );
590    }
591
592    #[test]
593    fn test_https_url() {
594        let proxy_config = ProxyConfig::from_url("https://127.0.0.1").unwrap();
595        assert_eq!(
596            proxy_config,
597            ProxyConfig::Https(HttpConfig {
598                host: "127.0.0.1".to_string(),
599                port: 443,
600                user_password: None
601            })
602        );
603
604        let proxy_config = ProxyConfig::from_url("https://127.0.0.1:80").unwrap();
605        assert_eq!(
606            proxy_config,
607            ProxyConfig::Https(HttpConfig {
608                host: "127.0.0.1".to_string(),
609                port: 80,
610                user_password: None
611            })
612        );
613
614        let proxy_config = ProxyConfig::from_url("https://127.0.0.1:443").unwrap();
615        assert_eq!(
616            proxy_config,
617            ProxyConfig::Https(HttpConfig {
618                host: "127.0.0.1".to_string(),
619                port: 443,
620                user_password: None
621            })
622        );
623    }
624
625    #[test]
626    fn test_http_connect_request() {
627        assert_eq!(http_connect_request("example.org", 143, Some(("aladdin", "opensesame"))), "CONNECT example.org:143 HTTP/1.1\r\nHost: example.org:143\r\nProxy-Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l\r\n\r\n");
628        assert_eq!(
629            http_connect_request("example.net", 587, None),
630            "CONNECT example.net:587 HTTP/1.1\r\nHost: example.net:587\r\n\r\n"
631        );
632    }
633
634    #[test]
635    fn test_shadowsocks_url() {
636        // Example URL from <https://shadowsocks.org/doc/sip002.html>.
637        let proxy_config =
638            ProxyConfig::from_url("ss://YWVzLTEyOC1nY206dGVzdA@192.168.100.1:8888#Example1")
639                .unwrap();
640        assert!(matches!(proxy_config, ProxyConfig::Shadowsocks(_)));
641    }
642
643    #[test]
644    fn test_invalid_proxy_url() {
645        assert!(ProxyConfig::from_url("foobar://127.0.0.1:9050").is_err());
646        assert!(ProxyConfig::from_url("abc").is_err());
647
648        // This caused panic before shadowsocks 1.22.0.
649        assert!(ProxyConfig::from_url("ss://foo:bar@127.0.0.1:9999").is_err());
650    }
651
652    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
653    async fn test_socks5_migration() -> Result<()> {
654        let t = TestContext::new().await;
655
656        // Test that config is migrated on attempt to load even if disabled.
657        t.set_config(Config::Socks5Host, Some("127.0.0.1")).await?;
658        t.set_config(Config::Socks5Port, Some("9050")).await?;
659
660        let proxy_config = ProxyConfig::load(&t).await?;
661        // Even though proxy is not enabled, config should be migrated.
662        assert_eq!(proxy_config, None);
663
664        assert_eq!(
665            t.get_config(Config::ProxyUrl).await?.unwrap(),
666            "socks5://127.0.0.1:9050"
667        );
668        Ok(())
669    }
670
671    // Test SOCKS5 setting migration if proxy was never configured.
672    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
673    async fn test_socks5_migration_unconfigured() -> Result<()> {
674        let t = TestContext::new().await;
675
676        // Try to load config to trigger migration.
677        assert_eq!(ProxyConfig::load(&t).await?, None);
678
679        assert_eq!(t.get_config(Config::ProxyEnabled).await?, None);
680        assert_eq!(
681            t.get_config(Config::ProxyUrl).await?.unwrap(),
682            String::new()
683        );
684        Ok(())
685    }
686
687    // Test SOCKS5 setting migration if SOCKS5 host is empty.
688    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
689    async fn test_socks5_migration_empty() -> Result<()> {
690        let t = TestContext::new().await;
691
692        t.set_config(Config::Socks5Host, Some("")).await?;
693
694        // Try to load config to trigger migration.
695        assert_eq!(ProxyConfig::load(&t).await?, None);
696
697        assert_eq!(t.get_config(Config::ProxyEnabled).await?, None);
698        assert_eq!(
699            t.get_config(Config::ProxyUrl).await?.unwrap(),
700            String::new()
701        );
702        Ok(())
703    }
704}