username/password not used by proxy support
it seems that username and password is not used for the proxy connection. it works only with IP and port but authentication is not performed.
when i try to perform an update check pfsense continuously tries to connect to the proxy without to pass username/passw to the proxy.
#1 Updated by Jim Pingle 5 months ago
- Category changed from Upgrade to Operating System
- % Done changed from 0 to 50
I pushed some changes to populate the HTTP_PROXY_AUTH variable and it works for HTTP, but HTTPS does not work using the same mechanism. This happens even with fetch and not just pkg, so it may be a limitation of libfetch and beyond our control at the moment.
@jimp: Perhaps this is relevant to HTTPS not working?
#3 Updated by Jim Pingle 5 months ago
It's possible but doesn't sound quite the same. Here's a capture of the initial exchange I grabbed yesterday where the client is trying to setup the connection and fails -- it never sends the subsequent attempt with credentials as it does with HTTP:
CONNECT www.example.com:443 HTTP/1.1 Host: www.example.com:443
HTTP/1.1 407 Proxy Authentication Required Server: squid Mime-Version: 1.0 Date: Wed, 07 Dec 2016 18:30:33 GMT Content-Type: text/html;charset=utf-8 Content-Length: 3380 X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0 Vary: Accept-Language Content-Language: en Proxy-Authenticate: Basic realm="Please enter your credentials to access the proxy" X-Cache: MISS from localhost X-Cache-Lookup: NONE from localhost:3128 Connection: keep-alive
There is only one line in the actual HTTP 407 error, so that last update on the ticket doesn't quite match but it might be worth trying that patch on a FreeBSD box to see if it helps.