Bug #6949
closed
username/password not used by proxy support
Added by Giuanin Piemunteis about 8 years ago.
Updated over 6 years ago.
Category:
Operating System
Affected Architecture:
All
Description
hello,
it seems that username and password is not used for the proxy connection. it works only with IP and port but authentication is not performed.
when i try to perform an update check pfsense continuously tries to connect to the proxy without to pass username/passw to the proxy.
- Category changed from Upgrade to Operating System
- % Done changed from 0 to 50
I pushed some changes to populate the HTTP_PROXY_AUTH variable and it works for HTTP, but HTTPS does not work using the same mechanism. This happens even with fetch and not just pkg, so it may be a limitation of libfetch and beyond our control at the moment.
I also tried with the user/pass in the HTTP_PROXY variable in multiple styles ("user:pass@x.x.x.x:3128", "http://user:pass@x.x.x.x:3128/"), none of which worked with fetch or pkg.
It's possible but doesn't sound quite the same. Here's a capture of the initial exchange I grabbed yesterday where the client is trying to setup the connection and fails -- it never sends the subsequent attempt with credentials as it does with HTTP:
Client:
CONNECT www.example.com:443 HTTP/1.1
Host: www.example.com:443
Server:
HTTP/1.1 407 Proxy Authentication Required
Server: squid
Mime-Version: 1.0
Date: Wed, 07 Dec 2016 18:30:33 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3380
X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
Proxy-Authenticate: Basic realm="Please enter your credentials to access the proxy"
X-Cache: MISS from localhost
X-Cache-Lookup: NONE from localhost:3128
Connection: keep-alive
There is only one line in the actual HTTP 407 error, so that last update on the ticket doesn't quite match but it might be worth trying that patch on a FreeBSD box to see if it helps.
- Assignee set to Jim Pingle
- Assignee changed from Jim Pingle to Renato Botelho
Looks like the patch on the FreeBSD bug entry was committed. We should be able to pull it in from there.
- Status changed from New to Feedback
- Assignee changed from Renato Botelho to Jim Pingle
Done. Last commit was cherry-picked
- Status changed from Feedback to Resolved
Works on the latest snap including the patch.
Hello Jim Pingle , I am new using pfsense 2.4.2, I have the same problem of User authentication and password in my proxy, I have read this forum, but I need help to apply and install this https://bugs.freebsd.org/bugzilla/show_bug.cgi ? id = 194483 in the pfsense from the console??, thanks for your help.
i have same problem.
on System/Advanced/Miscellaneous i've added proxy info with username and password, and pfsense can't search, update or install packages.
on cli:
[2.4.3-RELEASE][root@pfSense.local]/root: pkg search mc
pkg: Repository pfSense-core load error: access repo file(/root/var/db/pkg/repo-pfSense-core.sqlite) failed: No such file or directory
pkg: https://pkg.pfsense.org/pfSense_v2_4_3_amd64-core/meta.txz: Proxy Authentication Required
pkg: https://pkg.pfsense.org/pfSense_v2_4_3_amd64-core/packagesite.txz: Proxy Authentication Required
pkg: Repository pfSense load error: access repo file(/root/var/db/pkg/repo-pfSense.sqlite) failed: No such file or directory
pkg: https://pkg.pfsense.org/pfSense_v2_4_3_amd64-pfSense_v2_4_3/meta.txz: Proxy Authentication Required
pkg: https://pkg.pfsense.org/pfSense_v2_4_3_amd64-pfSense_v2_4_3/packagesite.txz: Proxy Authentication Required
[2.4.3-RELEASE][root@pfSense.local]/root: env | grep PROX
HTTP_PROXY=185.34.52.z:3128
HTTP_PROXY_AUTH=basic:*:user:pass
Also available in: Atom
PDF
Updated by 
Updated by Kill Bill 
Updated by 
Updated by 
Updated by 
Updated by