I looked over the underlying urllib2/httplib code a bit, and I did find one bit that appears to be missing (and necessary) to support https proxying. Try adding this:
if hasattr(self, '_tunnel') and getattr(self, '_tunnel_host', None):
self.sock = sock
Right before the 'self.sock = ssl.wrap_socket(...)' line in the connect() method of the VerifyingHTTPSHandler in setuptools.ssl_support. I'm pretty sure this needs to be there for proxying to work, but I don't know if there's anything else needed *besides* that. I also don't have any easy way to test this myself.
You might also want to report this issue to the tracker for setuptools 0.7, which is at https://bitbucket.org/pypa/setuptools/. This tracker is only for setuptools 0.6, and will be phased out when 0.6 reaches end-of-life. There are more people at the other tracker and thus a greater likelihood that somebody there knows more about all this.
Still, if this patch does fix your problem (or doesn't), please let me know so I can add the code to 0.6 (or not). ;-)
From an image building script from diskimage-builder (part of OpenStack):
+ echo 'http_proxy: http://10.0.88.68:3128/'
+ echo 'https_proxy: http://10.0.88.68:3128/'
root@stonker:/# easy_install os-apply-config
Searching for os-apply-config
Download error on https://pypi.python.org/simple/os-apply-config/: [Errno 1] _ssl.c:504: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol -- Some packages may not be found!
Couldn't find index page for 'os-apply-config' (maybe misspelled?)
Scanning index of all packages (this may take a while)
Download error on https://pypi.python.org/simple/: [Errno 1] _ssl.c:504: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol -- Some packages may not be found!
No local packages or download links found for os-apply-config
error: Could not find suitable distribution for Requirement.parse('os-apply-config')
(the proxy URL is a very close to stock squid3 configuration on another machine on my LAN, which is used elsewhere in the building script to download OS images, etc, so is not believed to be the issue).
Reading through the setuptools code, I wondered if this is because the VerifyingHTTPSHandler inserted into the urllib2 opener chain, is trying to do direct socket connections. At the point it does that, I inserted a call to has_proxy() on the Request object and it returned False, which confused me as I would expect ProxyHandler to still be in the opener chain.