Bug #14609
Updated by Jim Pingle 10 months ago
When checking for updates from **System > Update**, the function call to @update_repos()@ and @pfSense-repoc@ does not honor the configured proxy settings (**System > Advanced**, **Misc** tab). settings. I see the initial request to @ews.netgate.com@ going directly out the WAN and not through the proxy. When checking from the dashboard or from a shell prompt, all requests go through the proxy. The following diff makes it work, but is just a proof of concept: <pre><code class="diff"> diff --git a/src/etc/inc/pkg-utils.inc b/src/etc/inc/pkg-utils.inc index a31dd38748..8decf26f3c 100644 --- a/src/etc/inc/pkg-utils.inc +++ b/src/etc/inc/pkg-utils.inc @@ -1507,7 +1507,23 @@ function update_repos() { $out = NULL; $product_name = g_get('product_name'); - $res = exec("/usr/local/sbin/{$product_name}-repoc", $out, $rc); + $envstring = ""; + $http_proxy = config_get_path('system/proxyurl'); + $http_proxyport = config_get_path('system/proxyport'); + if (!empty($http_proxy)) { + if (!empty($http_proxyport)) { + $http_proxy .= ':' . $http_proxyport; + } + $envstring .= 'HTTP_PROXY=' . escapeshellarg($http_proxy); + + $proxyuser = config_get_path('system/proxyuser'); + $proxypass = config_get_path('system/proxypass'); + if (!empty($proxyuser) && !empty($proxypass)) { + $envstring .= ' HTTP_PROXY_AUTH=' . escapeshellarg("basic:*:" . $proxyuser . ":" . $proxypass); + } + } + + $res = exec("{$envstring} /usr/local/sbin/{$product_name}-repoc", $out, $rc); </code></pre> Might be best to rewrite that to use @pkg_env()@ and @process_open()@ like we do for @pkg_call()@ and @pkg_exec()@. Anyone who hits this can work around it by running the update check and the actual update from a real shell prompt (SSH or local console, not the GUI)