Bug #6949

username/password not used by proxy support

Added by Giuanin Piemunteis over 1 year ago. Updated 19 days ago.

Operating System
Target version:
Start date:
Due date:
% Done:


Affected Version:
Affected Architecture:


it seems that username and password is not used for the proxy connection. it works only with IP and port but authentication is not performed.
when i try to perform an update check pfsense continuously tries to connect to the proxy without to pass username/passw to the proxy.

Associated revisions

Revision 1060378f
Added by Jim Pingle over 1 year ago

Populate the HTTP_PROXY_AUTH env var. Ticket #6949


#1 Updated by Jim Pingle over 1 year ago

  • Category changed from Upgrade to Operating System
  • % Done changed from 0 to 50

I pushed some changes to populate the HTTP_PROXY_AUTH variable and it works for HTTP, but HTTPS does not work using the same mechanism. This happens even with fetch and not just pkg, so it may be a limitation of libfetch and beyond our control at the moment.

I also tried with the user/pass in the HTTP_PROXY variable in multiple styles ("user::3128", "http://user::3128/"), none of which worked with fetch or pkg.

#2 Updated by Kill Bill over 1 year ago

@jimp: Perhaps this is relevant to HTTPS not working?

#3 Updated by Jim Pingle over 1 year ago

It's possible but doesn't sound quite the same. Here's a capture of the initial exchange I grabbed yesterday where the client is trying to setup the connection and fails -- it never sends the subsequent attempt with credentials as it does with HTTP:




HTTP/1.1 407 Proxy Authentication Required
Server: squid
Mime-Version: 1.0
Date: Wed, 07 Dec 2016 18:30:33 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3380
Vary: Accept-Language
Content-Language: en
Proxy-Authenticate: Basic realm="Please enter your credentials to access the proxy" 
X-Cache: MISS from localhost
X-Cache-Lookup: NONE from localhost:3128
Connection: keep-alive

There is only one line in the actual HTTP 407 error, so that last update on the ticket doesn't quite match but it might be worth trying that patch on a FreeBSD box to see if it helps.

#4 Updated by Jim Thompson over 1 year ago

  • Assignee set to Jim Pingle

#5 Updated by Jim Pingle over 1 year ago

  • Assignee changed from Jim Pingle to Renato Botelho

Looks like the patch on the FreeBSD bug entry was committed. We should be able to pull it in from there.

#6 Updated by Renato Botelho over 1 year ago

  • Status changed from New to Feedback
  • Assignee changed from Renato Botelho to Jim Pingle

Done. Last commit was cherry-picked

#7 Updated by Jim Pingle over 1 year ago

  • Status changed from Feedback to Resolved

Works on the latest snap including the patch.

#8 Updated by Julio Acosta 19 days ago

Hello Jim Pingle , I am new using pfsense 2.4.2, I have the same problem of User authentication and password in my proxy, I have read this forum, but I need help to apply and install this ? id = 194483 in the pfsense from the console??, thanks for your help.

Also available in: Atom PDF