Project

General

Profile

Actions

Bug #11383

closed

pfSense Proxy Authentication not working

Added by Viktor Gurov 8 months ago. Updated 6 months ago.

Status:
Closed
Priority:
High
Category:
Upgrade
Target version:
Start date:
02/08/2021
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
2.4.5
Affected Architecture:

Description

Proxy Username/Password on the system_advanced_misc.php is being ignored

You can see them in `env`:

# env | grep PROXY
HTTP_PROXY=192.168.88.41:3128
HTTP_PROXY_AUTH=basic:*:test1:111

but not in packet capture.

System / Update sample capture:

Hypertext Transfer Protocol
    CONNECT files00.netgate.com:443 HTTP/1.1\r\n
        [Expert Info (Chat/Sequence): CONNECT files00.netgate.com:443 HTTP/1.1\r\n]
        Request Method: CONNECT
        Request URI: files00.netgate.com:443
        Request Version: HTTP/1.1
    Host: files00.netgate.com:443\r\n
    \r\n
    [Full request URI: files00.netgate.com:443]
    [HTTP request 1/1]
    [Response in frame: 10]

pfBlockerNG-devel (uses php curl functions) update capture:

Hypertext Transfer Protocol
    CONNECT mirror1.malwaredomains.com:443 HTTP/1.1\r\n
    Host: mirror1.malwaredomains.com:443\r\n
    User-Agent: pfSense/pfBlockerNG cURL download agent\r\n
    Proxy-Connection: Keep-Alive\r\n
    \r\n
    [Full request URI: mirror1.malwaredomains.com:443]
    [HTTP request 1/1]
    [Response in frame: 8]

Successful Firefox browser authentication:

Hypertext Transfer Protocol
    CONNECT mail.ru:443 HTTP/1.1\r\n
    User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0\r\n
    Proxy-Connection: keep-alive\r\n
    Connection: keep-alive\r\n
    Host: mail.ru:443\r\n
    Proxy-Authorization: Basic cGY1MjoxMjM=\r\n
        Credentials: pf52:123
    \r\n
    [Full request URI: mail.ru:443]
    [HTTP request 1/1]
    [Response in frame: 66]

tested on 2.4.5-p1 and 2.5.0.a.20210204.2250

see also #9478 #11128

Actions

Also available in: Atom PDF