prevent using local http proxies per annex.security.allowed-http-addresses

A local http proxy would bypass the security configuration. So,
the security configuration has to be applied when choosing whether to
use the proxy.

While http rebinding attacks against the dns lookup of the proxy IP
address seem very unlikely, this implementation does prevent them, since
it resolves the IP address once, checks it, and then reconfigures
http-client's proxy using the resolved address.

This commit was sponsored by Ole-Morten Duesund on Patreon.

Annex/Url.hs

@@ -81,8 +81,13 @@ getUrlOptions = Annex.getState Annex.urloptions >>= \case
 						then Nothing
 						else Just (addrConnectionRestricted addr)
 				}
-			manager <- liftIO $ U.newManager $
+			(settings, pr) <- liftIO $ 
 				restrictManagerSettings r U.managerSettings
+			case pr of
+				Nothing -> return ()
+				Just ProxyRestricted -> toplevelWarning True
+					"http proxy settings not used due to annex.security.allowed-http-addresses configuration"
+			manager <- liftIO $ U.newManager settings
 			return (U.DownloadWithConduit, manager)
 
 httpAddressesUnlimited :: Annex Bool