Project

General

Profile

Actions

Bug #6949

closed

username/password not used by proxy support

Added by Giuanin Piemunteis over 7 years ago. Updated almost 6 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Operating System
Target version:
Start date:
11/21/2016
Due date:
% Done:

50%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4
Affected Architecture:
All

Description

hello,
it seems that username and password is not used for the proxy connection. it works only with IP and port but authentication is not performed.
when i try to perform an update check pfsense continuously tries to connect to the proxy without to pass username/passw to the proxy.

Actions #1

Updated by Jim Pingle over 7 years ago

  • Category changed from Upgrade to Operating System
  • % Done changed from 0 to 50

I pushed some changes to populate the HTTP_PROXY_AUTH variable and it works for HTTP, but HTTPS does not work using the same mechanism. This happens even with fetch and not just pkg, so it may be a limitation of libfetch and beyond our control at the moment.

I also tried with the user/pass in the HTTP_PROXY variable in multiple styles ("user:pass@x.x.x.x:3128", "http://user:pass@x.x.x.x:3128/"), none of which worked with fetch or pkg.

Actions #2

Updated by Kill Bill over 7 years ago

Jim Pingle: Perhaps this is relevant to HTTPS not working?

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194483

Actions #3

Updated by Jim Pingle over 7 years ago

It's possible but doesn't sound quite the same. Here's a capture of the initial exchange I grabbed yesterday where the client is trying to setup the connection and fails -- it never sends the subsequent attempt with credentials as it does with HTTP:

Client:

CONNECT www.example.com:443 HTTP/1.1
Host: www.example.com:443

Server:

HTTP/1.1 407 Proxy Authentication Required
Server: squid
Mime-Version: 1.0
Date: Wed, 07 Dec 2016 18:30:33 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3380
X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
Proxy-Authenticate: Basic realm="Please enter your credentials to access the proxy" 
X-Cache: MISS from localhost
X-Cache-Lookup: NONE from localhost:3128
Connection: keep-alive

There is only one line in the actual HTTP 407 error, so that last update on the ticket doesn't quite match but it might be worth trying that patch on a FreeBSD box to see if it helps.

Actions #4

Updated by Jim Thompson about 7 years ago

  • Assignee set to Jim Pingle
Actions #5

Updated by Jim Pingle about 7 years ago

  • Assignee changed from Jim Pingle to Renato Botelho

Looks like the patch on the FreeBSD bug entry was committed. We should be able to pull it in from there.

Actions #6

Updated by Renato Botelho about 7 years ago

  • Status changed from New to Feedback
  • Assignee changed from Renato Botelho to Jim Pingle

Done. Last commit was cherry-picked

Actions #7

Updated by Jim Pingle about 7 years ago

  • Status changed from Feedback to Resolved

Works on the latest snap including the patch.

Actions #8

Updated by Julio Acosta almost 6 years ago

Hello Jim Pingle , I am new using pfsense 2.4.2, I have the same problem of User authentication and password in my proxy, I have read this forum, but I need help to apply and install this https://bugs.freebsd.org/bugzilla/show_bug.cgi ? id = 194483 in the pfsense from the console??, thanks for your help.

Actions #9

Updated by Y N almost 6 years ago

i have same problem.

on System/Advanced/Miscellaneous i've added proxy info with username and password, and pfsense can't search, update or install packages.

on cli:

[2.4.3-RELEASE][root@pfSense.local]/root: pkg search mc
pkg: Repository pfSense-core load error: access repo file(/root/var/db/pkg/repo-pfSense-core.sqlite) failed: No such file or directory
pkg: https://pkg.pfsense.org/pfSense_v2_4_3_amd64-core/meta.txz: Proxy Authentication Required
pkg: https://pkg.pfsense.org/pfSense_v2_4_3_amd64-core/packagesite.txz: Proxy Authentication Required
pkg: Repository pfSense load error: access repo file(/root/var/db/pkg/repo-pfSense.sqlite) failed: No such file or directory
pkg: https://pkg.pfsense.org/pfSense_v2_4_3_amd64-pfSense_v2_4_3/meta.txz: Proxy Authentication Required
pkg: https://pkg.pfsense.org/pfSense_v2_4_3_amd64-pfSense_v2_4_3/packagesite.txz: Proxy Authentication Required

Actions #10

Updated by Y N almost 6 years ago

[2.4.3-RELEASE][root@pfSense.local]/root: env | grep PROX
HTTP_PROXY=185.34.52.z:3128
HTTP_PROXY_AUTH=basic:*:user:pass
Actions

Also available in: Atom PDF